diff --git a/winixd/core/app.cpp b/winixd/core/app.cpp
index 107918f..6459e0b 100644
--- a/winixd/core/app.cpp
+++ b/winixd/core/app.cpp
@@ -1244,6 +1244,7 @@ void App::FilterContent()
// !! IMPROVE ME may some kind of html_filtered.reserve() here? (optimization)
TemplatesFunctions::html_filter.Filter(req.out_main_stream.Str(), html_filtered);
req.out_main_stream.Str(std::move(html_filtered)); // !! IMPROVE ME we do not have Str(&&) method
+ log << log3 << "App: html in the main stream has been filtered" << logend;
}
if( filter_json )
@@ -1255,6 +1256,8 @@ void App::FilterContent()
TemplatesFunctions::html_filter.Filter(stream.Str(), html_filtered);
stream.Str(std::move(html_filtered));
}
+
+ log << log3 << "App: html in json out streams have been filtered" << logend;
}
}
diff --git a/winixd/core/item.cpp b/winixd/core/item.cpp
index 408c768..b829191 100644
--- a/winixd/core/item.cpp
+++ b/winixd/core/item.cpp
@@ -110,6 +110,20 @@ void Item::Clear()
}
+/*
+ * we're using the HtmlFilter only for those contents
+ *
+ */
+bool Item::CanContentBeHtmlFiltered(Item::ContentType ct)
+{
+ return ct == ct_text || ct == ct_formatted_text || ct == ct_html || ct == ct_bbcode;
+}
+
+bool Item::CanContentBeHtmlFiltered()
+{
+ return CanContentBeHtmlFiltered(content_type);
+}
+
} // namespace Winix
diff --git a/winixd/core/item.h b/winixd/core/item.h
index d3a12e2..9be1670 100644
--- a/winixd/core/item.h
+++ b/winixd/core/item.h
@@ -82,6 +82,7 @@ struct Item
ct_formatted_text,
ct_html,
ct_bbcode,
+ ct_other, // no auto-formatting is applied
};
ContentType content_type;
@@ -134,6 +135,10 @@ struct Item
void Clear();
+ static bool CanContentBeHtmlFiltered(Item::ContentType ct);
+ bool CanContentBeHtmlFiltered();
+
+
private:
// used by the database
long content_id; // content id in 'content' table
diff --git a/winixd/core/system.cpp b/winixd/core/system.cpp
index d4cb56a..9e40bce 100644
--- a/winixd/core/system.cpp
+++ b/winixd/core/system.cpp
@@ -753,6 +753,12 @@ bool System::CanUseBBCode(long user_id)
}
+// !! IMPROVE ME change to a better name
+bool System::CanUseOther(long user_id)
+{
+ return IsSuperUser(user_id) || IsMemberOfGroup(user_id, L"allow_other");
+}
+
bool System::IsSuperUser(long user_id)
@@ -1399,6 +1405,7 @@ bool System::AddCommonFileToVar(const wchar_t * file_path, const wchar_t * url,
file_content_item.type = Item::file;
file_content_item.html_template = config->templates_index_raw;
file_content_item.content = file_content;
+ file_content_item.content_type = Item::ct_other;
return AddFile(file_content_item, false) == WINIX_ERR_OK;
}
diff --git a/winixd/core/system.h b/winixd/core/system.h
index 6b89725..7cecf75 100644
--- a/winixd/core/system.h
+++ b/winixd/core/system.h
@@ -158,6 +158,7 @@ public:
bool CanUseHtml(long user_id);
bool CanUseBBCode(long user_id);
+ bool CanUseOther(long user_id);
bool IsSuperUser(long user_id);
bool IsMemberOfGroup(long user_id, const wchar_t * group_name);
diff --git a/winixd/functions/cat.cpp b/winixd/functions/cat.cpp
index 9cfe5c3..4b168d9 100644
--- a/winixd/functions/cat.cpp
+++ b/winixd/functions/cat.cpp
@@ -5,7 +5,7 @@
*/
/*
- * Copyright (c) 2008-2014, Tomasz Sowa
+ * Copyright (c) 2008-2016, Tomasz Sowa
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -56,7 +56,6 @@ void Cat::MakeGet()
cur->request->status = WINIX_ERR_NO_ITEM;
return;
}
-
if( !system->HasReadAccess(cur->request->item) )
{
diff --git a/winixd/functions/functions.cpp b/winixd/functions/functions.cpp
index 29478fd..1d68ace 100644
--- a/winixd/functions/functions.cpp
+++ b/winixd/functions/functions.cpp
@@ -444,9 +444,14 @@ void Functions::MakeFunction()
if( cur->request->method == Request::head )
{
// do nothing
+
+ // !! IMPROVE ME
+ // we should make a page similar like in a GET request but the content should not be returned only
}
else
+ {
log << log1 << "Functions: unknown request method (skipping)" << logend;
+ }
}
@@ -578,7 +583,6 @@ void Functions::ReadItemContentWithType(Item & item)
long user_id = cur->session->puser->id;
-
if( temp == L"2" )
{
if( system->CanUseHtml(user_id) )
@@ -590,6 +594,12 @@ void Functions::ReadItemContentWithType(Item & item)
if( system->CanUseBBCode(user_id) )
item.content_type = Item::ct_bbcode;
}
+ else
+ if( temp == L"4" )
+ {
+ if( system->CanUseOther(user_id) )
+ item.content_type = Item::ct_other;
+ }
}
diff --git a/winixd/functions/run.cpp b/winixd/functions/run.cpp
index efd0293..b04d21a 100644
--- a/winixd/functions/run.cpp
+++ b/winixd/functions/run.cpp
@@ -1,3 +1,4 @@
+
/*
* This file is a part of Winix
* and is distributed under the 2-Clause BSD licence.
diff --git a/winixd/html/fun_cat.html b/winixd/html/fun_cat.html
index 12c8265..725a879 100644
--- a/winixd/html/fun_cat.html
+++ b/winixd/html/fun_cat.html
@@ -1,37 +1,38 @@
-[if mount_page_arg_is "subject"][if mount_page_arg_is "info"]
[else][end][item_subject] [end]
-[if mount_page_arg_is "info"][include "item_info.html"][end]
+[if item_content_type_is "other"][item_print_content][else]
-[if one item_filetype_is_image]
+ [if mount_page_arg_is "subject"][if mount_page_arg_is "info"][else][end][item_subject] [end]
+ [if mount_page_arg_is "info"][include "item_info.html"][end]
-
+ [if one item_filetype_is_image]
+
+
+
+ [# we use pre.nowinixbreak to tell the html_filter not to put a blank space into those urles]
- [# we use pre.nowinixbreak to tell the html_filter not to put a blank space into those urles]
-
-
-
- {cat_image_url}: [item_link]
- {cat_image_thumb_url}: [item_link]/-/thumb
-
-
-
- [item_print_content]
-
-[else]
-
- [if not item_filetype_is_none]
- {download}: [item_subject]
- {cat_file_url}: [item_link]
+ {cat_image_url}: [item_link]
+ {cat_image_thumb_url}: [item_link]/-/thumb
+
[item_print_content]
+
[else]
- [item_print_content]
+
+ [if not item_filetype_is_none]
+ {download}: [item_subject]
+
+
+ {cat_file_url}: [item_link]
+
+
+
+ [item_print_content]
+
+ [else]
+ [item_print_content]
+ [end]
+
[end]
-
[end]
-
-
-
-
diff --git a/winixd/html/fun_createticket.html b/winixd/html/fun_createticket.html
index 9620b78..2db0e57 100644
--- a/winixd/html/fun_createticket.html
+++ b/winixd/html/fun_createticket.html
@@ -103,7 +103,7 @@
{form_emacs_content_type_formatted_text}
[if user_can_use_html]{form_emacs_content_type_html} [end]
[if user_can_use_bbcode]{form_emacs_content_type_bbcode} [end]
- [if user_can_use_raw]{form_emacs_content_type_raw} [end]
+ [if user_can_use_other]{form_emacs_content_type_other} [end]
diff --git a/winixd/html/fun_emacs_post.html b/winixd/html/fun_emacs_post.html
index 7f896cd..34a85d8 100644
--- a/winixd/html/fun_emacs_post.html
+++ b/winixd/html/fun_emacs_post.html
@@ -20,7 +20,7 @@
{form_emacs_content_type_formatted_text}
[if user_can_use_html]{form_emacs_content_type_html} [end]
[if user_can_use_bbcode]{form_emacs_content_type_bbcode} [end]
- [if user_can_use_raw]{form_emacs_content_type_raw} [end]
+ [if user_can_use_other]{form_emacs_content_type_other} [end]
diff --git a/winixd/html/fun_reply.html b/winixd/html/fun_reply.html
index 6e21c4c..d27cc55 100644
--- a/winixd/html/fun_reply.html
+++ b/winixd/html/fun_reply.html
@@ -31,7 +31,7 @@
{form_emacs_content_type_formatted_text}
[if user_can_use_html]{form_emacs_content_type_html} [end]
[if user_can_use_bbcode]{form_emacs_content_type_bbcode} [end]
- [if user_can_use_raw]{form_emacs_content_type_raw} [end]
+ [if user_can_use_other]{form_emacs_content_type_other} [end]
diff --git a/winixd/html/fun_run.html b/winixd/html/fun_run.html
index 0377beb..077372f 100644
--- a/winixd/html/fun_run.html
+++ b/winixd/html/fun_run.html
@@ -1,22 +1,25 @@
-
- [if mount_page_arg_is "subject"]
- [if mount_page_arg_is "info"]
-
- [else]
-
+[if item_content_type_is "other"][item_run][else]
+
+
+
+ [if mount_page_arg_is "subject"]
+ [if mount_page_arg_is "info"]
+
+ [else]
+
+ [end]
+
+ [item_subject]
+
+
[end]
- [item_subject]
-
+ [if mount_page_arg_is "info"]
+ [include "item_info.html"]
+ [end]
- [end]
+ [item_run]
+
+
- [if mount_page_arg_is "info"]
- [include "item_info.html"]
- [end]
-
- [item_run]
-
-
-
-
+[end]
diff --git a/winixd/locale/en b/winixd/locale/en
index b4f2639..caebf29 100644
--- a/winixd/locale/en
+++ b/winixd/locale/en
@@ -146,7 +146,7 @@ form_emacs_content_type_text = text
form_emacs_content_type_formatted_text = formatted text
form_emacs_content_type_html = html
form_emacs_content_type_bbcode = bbcode
-form_emacs_content_type_raw = raw
+form_emacs_content_type_other = other \(no formatting\)
last_header = Last logged users
diff --git a/winixd/locale/pl b/winixd/locale/pl
index b69c928..51abd3c 100644
--- a/winixd/locale/pl
+++ b/winixd/locale/pl
@@ -150,7 +150,7 @@ form_emacs_content_type_text = text
form_emacs_content_type_formatted_text = sformatowany text
form_emacs_content_type_html = html
form_emacs_content_type_bbcode = bbcode
-form_emacs_content_type_raw = surowa postać
+form_emacs_content_type_other = inny \(brak formatowania\)
last_header = Ostatnio logowani użytkownicy
diff --git a/winixd/templates/config.cpp b/winixd/templates/config.cpp
index 2e67f06..5d95a42 100644
--- a/winixd/templates/config.cpp
+++ b/winixd/templates/config.cpp
@@ -94,6 +94,10 @@ void config_base_url_common(Info & i)
}
+void config_is_html_filter_allowed(Info & i)
+{
+ i.res = config->html_filter;
+}
} // namespace TemplatesFunctions
diff --git a/winixd/templates/item.cpp b/winixd/templates/item.cpp
index 0eb2917..221905d 100644
--- a/winixd/templates/item.cpp
+++ b/winixd/templates/item.cpp
@@ -114,6 +114,9 @@ void item_content_type_is(Item & item, Info & i)
else
if( item.content_type == Item::ct_bbcode && i.par == L"bbcode" )
i.res = true;
+ else
+ if( item.content_type == Item::ct_other && i.par == L"other" )
+ i.res = true;
}
@@ -125,6 +128,9 @@ void item_content_type_is(Info & i)
void item_print_content(HtmlTextStream & out, const std::wstring & content, Item::ContentType content_type)
{
+ if( config->html_filter && !Item::CanContentBeHtmlFiltered(content_type) )
+ out << R("");
+
if( content_type == Item::ct_text )
{
out << content;
@@ -135,11 +141,6 @@ void item_print_content(HtmlTextStream & out, const std::wstring & content, Item
HtmlEscapeFormTxt(out, content);
}
else
- if( content_type == Item::ct_html )
- {
- out << R(content);
- }
- else
if( content_type == Item::ct_bbcode )
{
static std::wstring out_temp;
@@ -149,6 +150,14 @@ void item_print_content(HtmlTextStream & out, const std::wstring & content, Item
bbcode_parser.Filter(content.c_str(), out_temp);
out << R(out_temp);
}
+ else
+ {
+ // ct_html, ct_other
+ out << R(content);
+ }
+
+ if( config->html_filter && !Item::CanContentBeHtmlFiltered(content_type) )
+ out << R(" ");
}
@@ -476,7 +485,10 @@ void item_admin_meta_tab_has_next(Info & i)
}
-
+void item_can_content_be_html_filtered(Info & i)
+{
+ i.res = cur->request->item.CanContentBeHtmlFiltered();
+}
diff --git a/winixd/templates/templates.cpp b/winixd/templates/templates.cpp
index 7499bdb..bd857a7 100644
--- a/winixd/templates/templates.cpp
+++ b/winixd/templates/templates.cpp
@@ -211,14 +211,15 @@ void Templates::CreateFunctions()
/*
config
*/
- ezc_functions.Insert("config_use_ssl", config_use_ssl);
- ezc_functions.Insert("config_use_ssl_static", config_use_ssl_static);
- ezc_functions.Insert("config_use_ssl_common", config_use_ssl_common);
- ezc_functions.Insert("config_url_proto", config_url_proto);
- ezc_functions.Insert("config_url_ssl_proto", config_url_ssl_proto);
- ezc_functions.Insert("config_base_url", config_base_url);
- ezc_functions.Insert("config_base_url_static", config_base_url_static);
- ezc_functions.Insert("config_base_url_common", config_base_url_common);
+ ezc_functions.Insert("config_use_ssl", config_use_ssl);
+ ezc_functions.Insert("config_use_ssl_static", config_use_ssl_static);
+ ezc_functions.Insert("config_use_ssl_common", config_use_ssl_common);
+ ezc_functions.Insert("config_url_proto", config_url_proto);
+ ezc_functions.Insert("config_url_ssl_proto", config_url_ssl_proto);
+ ezc_functions.Insert("config_base_url", config_base_url);
+ ezc_functions.Insert("config_base_url_static", config_base_url_static);
+ ezc_functions.Insert("config_base_url_common", config_base_url_common);
+ ezc_functions.Insert("config_is_html_filter_allowed", config_is_html_filter_allowed);
/*
@@ -465,7 +466,8 @@ void Templates::CreateFunctions()
ezc_functions.Insert("item_admin_meta", item_admin_meta);
ezc_functions.Insert("item_admin_meta_tab", item_admin_meta_tab);
ezc_functions.Insert("item_admin_meta_tab_value", item_admin_meta_tab_value);
- ezc_functions.Insert("item_admin_meta_tab_has_next", item_admin_meta_tab_has_next);
+ ezc_functions.Insert("item_admin_meta_tab_has_next", item_admin_meta_tab_has_next);
+ ezc_functions.Insert("item_can_content_be_html_filtered", item_can_content_be_html_filtered);
ezc_functions.Insert("item_tab", item_tab);
ezc_functions.Insert("item_tab_index", item_tab_index);
@@ -678,6 +680,7 @@ void Templates::CreateFunctions()
ezc_functions.Insert("user_is_in_all_groups", user_is_in_all_groups);
ezc_functions.Insert("user_can_use_html", user_can_use_html);
ezc_functions.Insert("user_can_use_bbcode", user_can_use_bbcode);
+ ezc_functions.Insert("user_can_use_other", user_can_use_other);
ezc_functions.Insert("user_has_correct_time_zone",user_has_correct_time_zone);
ezc_functions.Insert("user_time_zone_name", user_time_zone_name);
ezc_functions.Insert("user_time_zone_id", user_time_zone_id);
@@ -1042,7 +1045,7 @@ using namespace TemplatesFunctions;
Ezc::Pattern * index = 0;
- if( !cur->request->last_item->html_template.empty() )
+ if( (cur->request->function == &functions->fun_cat || cur->request->function == &functions->fun_run) && !cur->request->last_item->html_template.empty() )
{
index = SelectIndexPattern(cur->request->last_item->html_template);
}
diff --git a/winixd/templates/templates.h b/winixd/templates/templates.h
index 6c1a969..a7d96d5 100644
--- a/winixd/templates/templates.h
+++ b/winixd/templates/templates.h
@@ -111,6 +111,7 @@ namespace TemplatesFunctions
void config_base_url(Info & i);
void config_base_url_static(Info & i);
void config_base_url_common(Info & i);
+ void config_is_html_filter_allowed(Info & i);
/*
@@ -359,6 +360,7 @@ namespace TemplatesFunctions
void item_admin_meta_tab(Info & i);
void item_admin_meta_tab_value(Info & i);
void item_admin_meta_tab_has_next(Info & i);
+ void item_can_content_be_html_filtered(Info & i);
void item_tab(Info & i);
void item_tab_index(Info & i);
@@ -573,6 +575,7 @@ namespace TemplatesFunctions
void user_is_in_all_groups(Info & i);
void user_can_use_html(Info & i);
void user_can_use_bbcode(Info & i);
+ void user_can_use_other(Info & i);
void user_has_correct_time_zone(Info & i);
void user_time_zone_name(Info & i);
void user_time_zone_id(Info & i);
diff --git a/winixd/templates/user.cpp b/winixd/templates/user.cpp
index 3e5115b..00f79d1 100644
--- a/winixd/templates/user.cpp
+++ b/winixd/templates/user.cpp
@@ -128,6 +128,16 @@ void user_can_use_bbcode(Info & i)
}
+void user_can_use_other(Info & i)
+{
+ if( !cur->session->puser )
+ i.res = false;
+ else
+ i.res = system->CanUseOther(cur->session->puser->id);
+}
+
+
+
void user_has_correct_time_zone(Info & i)
{
if( cur->session->puser )