tomasz.sowa
/
winix
1
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

fixed: static files loaded to /var such as /var/ckeditor_winix.js were not properly returned 

(html filter was used but they are mostly javascript files)
added: new Item::ContentType: ct_other
       if an item has ct_other then the html filter is not used for the content





git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1040 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
Tomasz Sowa 2016-07-13 13:13:56 +00:00
parent 240bf4dc5d
commit e57840faed
20 changed files with 144 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
winixd/core/app.cpp
View File

@ -1244,6 +1244,7 @@ void App::FilterContent()
// !! IMPROVE ME may some kind of html_filtered.reserve() here? (optimization)
TemplatesFunctions::html_filter.Filter(req.out_main_stream.Str(), html_filtered);
req.out_main_stream.Str(std::move(html_filtered)); // !! IMPROVE ME we do not have Str(&&) method
log << log3 << "App: html in the main stream has been filtered" << logend;
}
if( filter_json )
@ -1255,6 +1256,8 @@ void App::FilterContent()
TemplatesFunctions::html_filter.Filter(stream.Str(), html_filtered);
stream.Str(std::move(html_filtered));
}
log << log3 << "App: html in json out streams have been filtered" << logend;
}
}

14
winixd/core/item.cpp
View File

@ -110,6 +110,20 @@ void Item::Clear()
}
/*
* we're using the HtmlFilter only for those contents
*
*/
bool Item::CanContentBeHtmlFiltered(Item::ContentType ct)
{
return ct == ct_text || ct == ct_formatted_text || ct == ct_html || ct == ct_bbcode;
}
bool Item::CanContentBeHtmlFiltered()
{
return CanContentBeHtmlFiltered(content_type);
}
} // namespace Winix

5
winixd/core/item.h
View File

@ -82,6 +82,7 @@ struct Item
ct_formatted_text,
ct_html,
ct_bbcode,
ct_other, // no auto-formatting is applied
};
ContentType content_type;
@ -134,6 +135,10 @@ struct Item
void Clear();
static bool CanContentBeHtmlFiltered(Item::ContentType ct);
bool CanContentBeHtmlFiltered();
private:
// used by the database
long content_id; // content id in 'content' table

7
winixd/core/system.cpp
View File

@ -753,6 +753,12 @@ bool System::CanUseBBCode(long user_id)
}
// !! IMPROVE ME change to a better name
bool System::CanUseOther(long user_id)
{
return IsSuperUser(user_id) || IsMemberOfGroup(user_id, L"allow_other");
}
bool System::IsSuperUser(long user_id)
@ -1399,6 +1405,7 @@ bool System::AddCommonFileToVar(const wchar_t * file_path, const wchar_t * url,
file_content_item.type = Item::file;
file_content_item.html_template = config->templates_index_raw;
file_content_item.content = file_content;
file_content_item.content_type = Item::ct_other;
return AddFile(file_content_item, false) == WINIX_ERR_OK;
}

1
winixd/core/system.h
View File

@ -158,6 +158,7 @@ public:
bool CanUseHtml(long user_id);
bool CanUseBBCode(long user_id);
bool CanUseOther(long user_id);
bool IsSuperUser(long user_id);
bool IsMemberOfGroup(long user_id, const wchar_t * group_name);

3
winixd/functions/cat.cpp
View File

@ -5,7 +5,7 @@
*/
/*
* Copyright (c) 2008-2014, Tomasz Sowa
* Copyright (c) 2008-2016, Tomasz Sowa
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -56,7 +56,6 @@ void Cat::MakeGet()
cur->request->status = WINIX_ERR_NO_ITEM;
return;
}
if( !system->HasReadAccess(cur->request->item) )
{

12
winixd/functions/functions.cpp
View File

@ -444,9 +444,14 @@ void Functions::MakeFunction()
if( cur->request->method == Request::head )
{
// do nothing
// !! IMPROVE ME
// we should make a page similar like in a GET request but the content should not be returned only
}
else
{
log << log1 << "Functions: unknown request method (skipping)" << logend;
}
}
@ -578,7 +583,6 @@ void Functions::ReadItemContentWithType(Item & item)
long user_id = cur->session->puser->id;
if( temp == L"2" )
{
if( system->CanUseHtml(user_id) )
@ -590,6 +594,12 @@ void Functions::ReadItemContentWithType(Item & item)
if( system->CanUseBBCode(user_id) )
item.content_type = Item::ct_bbcode;
}
else
if( temp == L"4" )
{
if( system->CanUseOther(user_id) )
item.content_type = Item::ct_other;
}
}

1
winixd/functions/run.cpp
View File

@ -1,3 +1,4 @@
/*
* This file is a part of Winix
* and is distributed under the 2-Clause BSD licence.

53
winixd/html/fun_cat.html
View File

@ -1,37 +1,38 @@
[if mount_page_arg_is "subject"][if mount_page_arg_is "info"]<h1 class="withinfo">[else]<h1>[end][item_subject]</h1>[end]
[if mount_page_arg_is "info"][include "item_info.html"][end]
[if item_content_type_is "other"][item_print_content][else]
[if one item_filetype_is_image]
[if mount_page_arg_is "subject"][if mount_page_arg_is "info"]<h1 class="withinfo">[else]<h1>[end][item_subject]</h1>[end]
[if mount_page_arg_is "info"][include "item_info.html"][end]
<a href="[item_link]"><img class="catimage" [if not item_has_thumb]height="100"[end] src="[item_link]/download[if item_has_thumb]/thumb[end]" alt="[item_subject]"></a>
[if one item_filetype_is_image]
<a href="[item_link]"><img class="catimage" [if not item_has_thumb]height="100"[end] src="[item_link]/download[if item_has_thumb]/thumb[end]" alt="[item_subject]"></a>
[# we use pre.nowinixbreak to tell the html_filter not to put a blank space into those urles]
[# we use pre.nowinixbreak to tell the html_filter not to put a blank space into those urles]
<div>
<pre class="nowinixbreak">
{cat_image_url}: [item_link]<br>
{cat_image_thumb_url}: [item_link]/-/thumb
</pre>
</div>
[item_print_content]
[else]
[if not item_filetype_is_none]
{download}: <a href="[item_link]/download" title="[item_subject]">[item_subject]</a>
<div>
<pre class="nowinixbreak">
{cat_file_url}: [item_link]<br>
{cat_image_url}: [item_link]<br>
{cat_image_thumb_url}: [item_link]/-/thumb
</pre>
</div>
[item_print_content]
[else]
[item_print_content]
[if not item_filetype_is_none]
{download}: <a href="[item_link]/download" title="[item_subject]">[item_subject]</a>
<div>
<pre class="nowinixbreak">
{cat_file_url}: [item_link]<br>
</pre>
</div>
[item_print_content]
[else]
[item_print_content]
[end]
[end]
[end]

2
winixd/html/fun_createticket.html
View File

@ -103,7 +103,7 @@
<option[if item_content_type_is "formatted text"] selected[end] value="1">{form_emacs_content_type_formatted_text}</option>
[if user_can_use_html]<option[if item_content_type_is "html"] selected[end] value="2">{form_emacs_content_type_html}</option>[end]
[if user_can_use_bbcode]<option[if item_content_type_is "bbcode"] selected[end] value="3">{form_emacs_content_type_bbcode}</option>[end]
[if user_can_use_raw]<option[if item_content_type_is "raw"] selected[end] value="4">{form_emacs_content_type_raw}</option>[end]
[if user_can_use_other]<option[if item_content_type_is "other"] selected[end] value="4">{form_emacs_content_type_other}</option>[end]
</select>
</div>

2
winixd/html/fun_emacs_post.html
View File

@ -20,7 +20,7 @@
<option[if item_content_type_is "formatted text"] selected[end] value="1">{form_emacs_content_type_formatted_text}</option>
[if user_can_use_html]<option[if item_content_type_is "html"] selected[end] value="2">{form_emacs_content_type_html}</option>[end]
[if user_can_use_bbcode]<option[if item_content_type_is "bbcode"] selected[end] value="3">{form_emacs_content_type_bbcode}</option>[end]
[if user_can_use_raw]<option[if item_content_type_is "raw"] selected[end] value="4">{form_emacs_content_type_raw}</option>[end]
[if user_can_use_other]<option[if item_content_type_is "other"] selected[end] value="4">{form_emacs_content_type_other}</option>[end]
</select>
</div>

2
winixd/html/fun_reply.html
View File

@ -31,7 +31,7 @@
<option selected value="1">{form_emacs_content_type_formatted_text}</option>
[if user_can_use_html]<option value="2">{form_emacs_content_type_html}</option>[end]
[if user_can_use_bbcode]<option value="3">{form_emacs_content_type_bbcode}</option>[end]
[if user_can_use_raw]<option value="4">{form_emacs_content_type_raw}</option>[end]
[if user_can_use_other]<option value="4">{form_emacs_content_type_other}</option>[end]
</select>
</div>

39
winixd/html/fun_run.html
View File

@ -1,22 +1,25 @@
<div>
[if mount_page_arg_is "subject"]
[if mount_page_arg_is "info"]
<h1 class="withinfo">
[else]
<h1>
[if item_content_type_is "other"][item_run][else]
<div>
[if mount_page_arg_is "subject"]
[if mount_page_arg_is "info"]
<h1 class="withinfo">
[else]
<h1>
[end]
[item_subject]
</h1>
[end]
[item_subject]
</h1>
[if mount_page_arg_is "info"]
[include "item_info.html"]
[end]
[end]
[item_run]
</div>
[if mount_page_arg_is "info"]
[include "item_info.html"]
[end]
[item_run]
</div>
[end]

2
winixd/locale/en
View File

@ -146,7 +146,7 @@ form_emacs_content_type_text = text
form_emacs_content_type_formatted_text = formatted text
form_emacs_content_type_html = html
form_emacs_content_type_bbcode = bbcode
form_emacs_content_type_raw = raw
form_emacs_content_type_other = other \(no formatting\)
last_header = Last logged users

2
winixd/locale/pl
View File

@ -150,7 +150,7 @@ form_emacs_content_type_text = text
form_emacs_content_type_formatted_text = sformatowany text
form_emacs_content_type_html = html
form_emacs_content_type_bbcode = bbcode
form_emacs_content_type_raw = surowa postać
form_emacs_content_type_other = inny \(brak formatowania\)
last_header = Ostatnio logowani użytkownicy

4
winixd/templates/config.cpp
View File

@ -94,6 +94,10 @@ void config_base_url_common(Info & i)
}
void config_is_html_filter_allowed(Info & i)
{
i.res = config->html_filter;
}
} // namespace TemplatesFunctions

24
winixd/templates/item.cpp
View File

@ -114,6 +114,9 @@ void item_content_type_is(Item & item, Info & i)
else
if( item.content_type == Item::ct_bbcode && i.par == L"bbcode" )
i.res = true;
else
if( item.content_type == Item::ct_other && i.par == L"other" )
i.res = true;
}
@ -125,6 +128,9 @@ void item_content_type_is(Info & i)
void item_print_content(HtmlTextStream & out, const std::wstring & content, Item::ContentType content_type)
{
if( config->html_filter && !Item::CanContentBeHtmlFiltered(content_type) )
out << R("<nofilter>");
if( content_type == Item::ct_text )
{
out << content;
@ -135,11 +141,6 @@ void item_print_content(HtmlTextStream & out, const std::wstring & content, Item
HtmlEscapeFormTxt(out, content);
}
else
if( content_type == Item::ct_html )
{
out << R(content);
}
else
if( content_type == Item::ct_bbcode )
{
static std::wstring out_temp;
@ -149,6 +150,14 @@ void item_print_content(HtmlTextStream & out, const std::wstring & content, Item
bbcode_parser.Filter(content.c_str(), out_temp);
out << R(out_temp);
}
else
{
// ct_html, ct_other
out << R(content);
}
if( config->html_filter && !Item::CanContentBeHtmlFiltered(content_type) )
out << R("</nofilter>");
}
@ -476,7 +485,10 @@ void item_admin_meta_tab_has_next(Info & i)
}
void item_can_content_be_html_filtered(Info & i)
{
i.res = cur->request->item.CanContentBeHtmlFiltered();
}

23
winixd/templates/templates.cpp
View File

@ -211,14 +211,15 @@ void Templates::CreateFunctions()
/*
config
*/
ezc_functions.Insert("config_use_ssl", config_use_ssl);
ezc_functions.Insert("config_use_ssl_static", config_use_ssl_static);
ezc_functions.Insert("config_use_ssl_common", config_use_ssl_common);
ezc_functions.Insert("config_url_proto", config_url_proto);
ezc_functions.Insert("config_url_ssl_proto", config_url_ssl_proto);
ezc_functions.Insert("config_base_url", config_base_url);
ezc_functions.Insert("config_base_url_static", config_base_url_static);
ezc_functions.Insert("config_base_url_common", config_base_url_common);
ezc_functions.Insert("config_use_ssl", config_use_ssl);
ezc_functions.Insert("config_use_ssl_static", config_use_ssl_static);
ezc_functions.Insert("config_use_ssl_common", config_use_ssl_common);
ezc_functions.Insert("config_url_proto", config_url_proto);
ezc_functions.Insert("config_url_ssl_proto", config_url_ssl_proto);
ezc_functions.Insert("config_base_url", config_base_url);
ezc_functions.Insert("config_base_url_static", config_base_url_static);
ezc_functions.Insert("config_base_url_common", config_base_url_common);
ezc_functions.Insert("config_is_html_filter_allowed", config_is_html_filter_allowed);
/*
@ -465,7 +466,8 @@ void Templates::CreateFunctions()
ezc_functions.Insert("item_admin_meta", item_admin_meta);
ezc_functions.Insert("item_admin_meta_tab", item_admin_meta_tab);
ezc_functions.Insert("item_admin_meta_tab_value", item_admin_meta_tab_value);
ezc_functions.Insert("item_admin_meta_tab_has_next", item_admin_meta_tab_has_next);
ezc_functions.Insert("item_admin_meta_tab_has_next", item_admin_meta_tab_has_next);
ezc_functions.Insert("item_can_content_be_html_filtered", item_can_content_be_html_filtered);
ezc_functions.Insert("item_tab", item_tab);
ezc_functions.Insert("item_tab_index", item_tab_index);
@ -678,6 +680,7 @@ void Templates::CreateFunctions()
ezc_functions.Insert("user_is_in_all_groups", user_is_in_all_groups);
ezc_functions.Insert("user_can_use_html", user_can_use_html);
ezc_functions.Insert("user_can_use_bbcode", user_can_use_bbcode);
ezc_functions.Insert("user_can_use_other", user_can_use_other);
ezc_functions.Insert("user_has_correct_time_zone",user_has_correct_time_zone);
ezc_functions.Insert("user_time_zone_name", user_time_zone_name);
ezc_functions.Insert("user_time_zone_id", user_time_zone_id);
@ -1042,7 +1045,7 @@ using namespace TemplatesFunctions;
Ezc::Pattern * index = 0;
if( !cur->request->last_item->html_template.empty() )
if( (cur->request->function == &functions->fun_cat || cur->request->function == &functions->fun_run) && !cur->request->last_item->html_template.empty() )
{
index = SelectIndexPattern(cur->request->last_item->html_template);
}

3
winixd/templates/templates.h
View File

@ -111,6 +111,7 @@ namespace TemplatesFunctions
void config_base_url(Info & i);
void config_base_url_static(Info & i);
void config_base_url_common(Info & i);
void config_is_html_filter_allowed(Info & i);
/*
@ -359,6 +360,7 @@ namespace TemplatesFunctions
void item_admin_meta_tab(Info & i);
void item_admin_meta_tab_value(Info & i);
void item_admin_meta_tab_has_next(Info & i);
void item_can_content_be_html_filtered(Info & i);
void item_tab(Info & i);
void item_tab_index(Info & i);
@ -573,6 +575,7 @@ namespace TemplatesFunctions
void user_is_in_all_groups(Info & i);
void user_can_use_html(Info & i);
void user_can_use_bbcode(Info & i);
void user_can_use_other(Info & i);
void user_has_correct_time_zone(Info & i);
void user_time_zone_name(Info & i);
void user_time_zone_id(Info & i);

10
winixd/templates/user.cpp
View File

@ -128,6 +128,16 @@ void user_can_use_bbcode(Info & i)
}
void user_can_use_other(Info & i)
{
if( !cur->session->puser )
i.res = false;
else
i.res = system->CanUseOther(cur->session->puser->id);
}
void user_has_correct_time_zone(Info & i)
{
if( cur->session->puser )