 |
|
You are here: Foswiki>Tasks Web>Item8032Manifest (05 Jan 2009, MartinCleaver)Edit Attach
twiki/override/TWiki/Form/FieldDefinition.pm
<verbatim>
diff -r1.1 /var/lib/twiki/override/TWiki/Form/FieldDefinition.pm
315c315
<
---
>
320a321,331
> mrjclog("before", $value);
>
> # use URI::Escape;
> # uri_unescape($value);
> $value =~ s/\r//g;
>
> mrjclog("escaped", $value);
>
> ## http://foswiki.com/Tasks/Item5489
> ## "The solution may be to explicitly run the formfield value through TWiki rendering before protecting it"
> $value = $this->{session}->renderer->getRenderedVersion($value);
323a335,336
> mrjclog("after", $value);
>
335a349,358
> sub mrjclog {
> my (@log) = @_;
> open( FH, '>>/tmp/fielddefinition.log') || die "can't open $!";
> print FH join(",_",@log)."\n\n";
> return "mrjclog just ran";
> }
>
>
>
</verbatim>
$ diff WysiwygPlugin.pm twiki/lib/TWiki/Plugins/WysiwygPlugin.pm
57c57
< $VERSION = '$Rev: 16836 $';
---
> $VERSION = '$Rev: 17359 (11 Aug 2008) $';
59c59
< $RELEASE = 'TWiki-4.2';
---
> $RELEASE = '03 Aug 2008';
181c181,187
< $text = handleUTF8( $text );
---
> if ($TWiki::cfg{Site}{CharSet}
> && $TWiki::cfg{Site}{CharSet}
---
> my ($response, $status, $text) = @_;
631,632c641,644
< $text = Encode::decode(
< $TWiki::cfg{Site}{CharSet}, $text, Encode::FB_PERLQQ);
---
> if ($TWiki::cfg{Site}{CharSet}) {
> $text = Encode::decode(
> $TWiki::cfg{Site}{CharSet}, $text, Encode::FB_PERLQQ);
> }
638,642c650,674
< print "Content-Type: text/plain;charset=UTF-8\r\n";
< my $len; { use bytes; $len = length($text); };
< print "Content-length: ",$len,"\r\n";
< print "\r\n";
< print $text;
---
> # TWiki5 introduces the TWiki::Response object, which handles all
> # responses.
> if (UNIVERSAL::isa( $response, 'TWiki::Response')) {
> $response->header(
> -status => $status,
> -type => 'text/plain',
> -charset => 'UTF-8');
> $response->body($text);
> } else { # Pre-TWiki-5.
> # Turn off AUTOFLUSH
> # See http://perl.apache.org/docs/2.0/user/coding/coding.html
> local $| = 0;
> my $query = TWiki::Func::getCgiQuery();
> if (defined($query)) {
> my $len;
> { use bytes; $len = length($text); };
> print $query->header(
> -status => $status,
> -type => 'text/plain',
> -charset => 'UTF-8',
> -Content_length => $len);
> print $text;
> }
> }
> print STDERR $text if ($status > 400);
660c692
< my ($session) = @_;
---
> my ($session, $plugin, $verb, $response) = @_;
679c711
< returnRESTResult($html);
---
> returnRESTResult($response, 200, $html);
686c718
< my ($session) = @_;
---
> my ($session, $plugin, $verb, $response) = @_;
707,708c739
< returnRESTResult($tml);
<
---
> returnRESTResult($response, 200, $tml);
713c744
< my ($session) = @_;
---
> my ($session, $plugin, $verb, $response) = @_;
738,742c769,770
< my $error = "Access denied";
< print CGI::header(-status => 401);
< print $error;
< print STDERR $error;
< return;
---
> returnRESTResult($response, 401, "Access denied");
> return undef; # to prevent further processing
763,767c791,792
< my $error = "Zero-sized file upload";
< print CGI::header(-status => 500);
< print $error;
< print STDERR $error;
< return undef;
---
> returnRESTResult($response, 500, "Zero-sized file upload");
> return undef; # to prevent further processing
775,779c800,801
< my $error = "OVERSIZED UPLOAD";
< print CGI::header(-status => 500);
< print $error;
< print STDERR $error;
< return undef;
---
> returnRESTResult($response, 500, "OVERSIZED UPLOAD");
> return undef; # to prevent further processing
802,805c824,825
< print CGI::header(-status => 500);
< print $error;
< print STDERR $error;
< return undef;
---
> returnRESTResult($response, 500, $error);
> return undef; # to prevent further processing
826c846
< my ($session) = @_;
---
> my ($session, $plugin, $verb, $response) = @_;
831,837c851,853
< 'VIEW', TWiki::Func::getWikiName(),
< $text, $topic, $web, $meta)) {
< my $error = "Access denied";
< print CGI::header(-status => 401);
< print $error;
< print STDERR $error;
< return;
---
> 'VIEW', TWiki::Func::getWikiName(), $text, $topic, $web, $meta)) {
> returnRESTResult($response, 401, "Access denied");
> return undef; # to prevent further processing
852,869d867
< # If the site charset is UTF8 then we may get CGI parameters with encoded
< # UTF8 in them. We need to decode this, to avoid tools such as the
< # HTML::Parser falling over, and also make sure the output streams are
< # not going to barf when printing UTF8 characters. This ought
< # to be handled by the TWiki core, but isn't.
< sub _handleUTF8 {
< my $text = shift;
< if( defined $TWiki::cfg{Site}{CharSet}
< && $TWiki::cfg{Site}{CharSet} =~ /^utf-?8$/i) {
< require Encode;
< $text = Encode::decode_utf8( $text );
<
< binmode(STDOUT, ":utf8");
< binmode(STDERR, ":utf8");
< }
< return $text;
< }
<
</verbatim>
45a46
> use URI::Escape;
160c161,162
< return unless $query;
---
>
> return unless $query;#
162c164,170
< return unless defined( $query->param( 'wysiwyg_edit' ));
---
> # if we also want to convert form fields, we have to convert $text anyway
> # because the afterEditHandler has only converted the main content, not meta fields
> # we put this check into tra
>
> if ( defined( $query->param( 'wysiwyg_edit' )) || $_[0] =~ /<!--$SECRET_ID-->/) {
> }
> my $text = $_[0];
164c172,179
< $_[0] = TranslateHTML2TML( $_[0], $_[1], $_[2] );
---
> # extracting meta
> my $meta = '';
> if ($text =~ s/^(%META:[A-Z]+{.*?}%\r?\n)//s) {
> $meta = $meta.$1;
> }
> $text =~ s/^(%META:[A-Z]+{.*?}%\r?\n)/$meta = "$1$meta";''/gem;
> # text is now without meta information
> $_[0] = TranslateHTML2TML( $text, $_[1], $_[2], $meta);
180d194
<
182,184c196,198
<
< return unless defined( $query->param( 'wysiwyg_edit' )) ||
< $text =~ s/<!--$SECRET_ID-->//go;
---
>
> # notice: iam not deleting $SECRET_ID out of $text, because TranslateHTML2TML will check for it
> return unless ( defined( $query->param( 'wysiwyg_edit' )) || $text =~ /<!--$SECRET_ID-->/);
189c203
<
---
> # convert main content, no meta fields, as we dont have them
195,196c209,210
< my( $text, $topic, $web ) = @_;
<
---
> my( $text, $topic, $web , $meta) = @_;
>
199d212
<
204a218,220
> # TODO the extraction of meta to top and bottom should not be needed anymore, as its done externally
> # afterEditHandler anyway only passes main content without meta information, and afterSaveHandler NOW filters meta
> # himself and passes it as $meta. So this lines should be deleted
210,211c226,227
< $text =~ s/^(%META:[A-Z]+{.*?}%\r?\n)/$bottom = "$1$bottom";''/gem;
<
---
> $text =~ s/^(%META:[A-Z]+{.*?}%\r?\n)/$bottom = "$1$bottom";''/gem;
>
220,221c236,263
< $text = $html2tml->convert( $text, $opts );
<
---
> #convert main content if secret id is present, so we have HTML code
> if ( $text =~ s/<!--$SECRET_ID-->//go) {
> $text = $html2tml->convert( $text, $opts );
> }
>
> # notice wen need to url_decode the form field value before converting, as it is url_decoded ( what differs to the main content )
> # and therefore the converter expect someting url_decoded
> # in the end we need to url_encode the value, as it has to be save url_endocded
> # traslate form fields which have been edited with WYSIWYG and are therefore html code
> # SMELL: maybe better regexp
>
> mrjclog("---------$web.$topic META before-----");
> mrjclog("$meta");
>
> if ( $meta =~ s/<!--$SECRET_ID-->//go) {
> #if($meta =~ s/(^%META:FIELD{[^{]*.?value=")(<!--$SECRET_ID-->)(.*?)("})/$1.uri_escape($html2tml->convert( uri_unescape($3), $opts )).$4/gme) {
> # SMELL: iam not sure this is needed. It seems like secret_id should be alway in front. twiki_tiny_js is settings it to the front,
> # also the TML2HTML handler
> #$meta =~ s/(^%META:FIELD{[^{]*.?value=")(.*?)(<!--$SECRET_ID-->)("})/$1.uri_escape($html2tml->convert( uri_unescape($2), $opts )).$4/gme;
> $meta =~ s/(^%META:FIELD{[^{]*.?value=")(.*?)("})/$1.uri_escape($html2tml->convert( uri_unescape($2), $opts )).$3/gme;
> mrjclog( "\n\r---------1-----");
> mrjclog( "$1");
> mrjclog( "---------2 converted----");
> mrjclog( $html2tml->convert( uri_unescape($2), $opts ));
> mrjclog( "---------META after-----");
> mrjclog( "$meta");
> #}
> }
223,224c265,268
<
< return $top.$text.$bottom;
---
>
> # Attention: $SECRET_ID is NEVER saved, as we never save HTML code. After the translation, we remove it.
> # It just indicates, wheather the current content is HTML or not
> return $text.$meta;
264a309,316
> sub mrjclog {
> my (@log) = @_;
> open( FH, '>>/tmp/wysiwyg.log') || die "can't open $!";
> print FH join(",_",@log)."\n\n";
> return "mrjclog just ran";
> }
>
>
275a328,337
> mrjclog("Hmm. Meta?");
> if( $meta ) {
> foreach my $k ( keys %$meta ) {
> if( $k eq 'FIELD' ) {
> mrjclog("Opportunity to TML2HTML meta $web.$topic.$k ");
> # $meta =~ s/(^%META:FIELD{[^{]*.?value=")(.*?)(<!--$SECRET_ID-->)("})/$1.uri_escape($html2tml->convert( uri_unescape($2), $opts )).$4/gme;
> }
> }
> }
>
534a597,598
>
> mrjclog("TranslateTML2HTML $web.$topic on $text");
662d725
<
664,665c727
<
< # if the secret ID is present, don't convert again. We are probably
---
> # if the secret ID is present, don't convert again. We are probably
670a733
> mrjclog("_restTML2HTML on $tml"); </verbatim>
315c315
<
---
>
320a321,331
> mrjclog("before", $value);
>
> # use URI::Escape;
> # uri_unescape($value);
> $value =~ s/\r//g;
>
> mrjclog("escaped", $value);
>
> ## http://foswiki.com/Tasks/Item5489
> ## "The solution may be to explicitly run the formfield value through TWiki rendering before protecting it"
> $value = $this->{session}->renderer->getRenderedVersion($value);
323a335,336
> mrjclog("after", $value);
>
335a349,358
> sub mrjclog {
> my (@log) = @_;
> open( FH, '>>/tmp/fielddefinition.log') || die "can't open $!";
> print FH join(",_",@log)."\n\n";
> return "mrjclog just ran";
> }
>
>
>
</verbatim>
twiki/override/TWiki/Plugins/WysiwygPlugin.pm
First, because we built on Eugen's 16836, we need to know how 17359 (the version installed at my client's) differs from his version: <verbatim>$ diff WysiwygPlugin.pm twiki/lib/TWiki/Plugins/WysiwygPlugin.pm
57c57
< $VERSION = '$Rev: 16836 $';
---
> $VERSION = '$Rev: 17359 (11 Aug 2008) $';
59c59
< $RELEASE = 'TWiki-4.2';
---
> $RELEASE = '03 Aug 2008';
181c181,187
< $text = handleUTF8( $text );
---
> if ($TWiki::cfg{Site}{CharSet}
> && $TWiki::cfg{Site}{CharSet}
~ /^utf-?8$/i) {
> # If the site charset is utf-8, then form POSTs (such as the one
> # that got us here) are utf-8 encoded. we have to decode to prevent
> # the HTML parser from going tits up when it sees utf-8 in the data.
> $text = Encode::decode_utf8( $text );
> }
190c196,198
< $_[0] = TranslateHTML2TML( $text, $_[1], $_[2] );
---
> $text = TranslateHTML2TML( $text, $_[1], $_[2] );
>
> $_[0] = $text;
617,618c625,628
< $text = Encode::encode(
< $TWiki::cfg{Site}{CharSet}, $text, Encode::FB_PERLQQ);
---
> if ($TWiki::cfg{Site}{CharSet}) {
> $text = Encode::encode(
> $TWiki::cfg{Site}{CharSet}, $text, Encode::FB_PERLQQ);
> }
629c639
< my ($text) = @;---
> my ($response, $status, $text) = @_;
631,632c641,644
< $text = Encode::decode(
< $TWiki::cfg{Site}{CharSet}, $text, Encode::FB_PERLQQ);
---
> if ($TWiki::cfg{Site}{CharSet}) {
> $text = Encode::decode(
> $TWiki::cfg{Site}{CharSet}, $text, Encode::FB_PERLQQ);
> }
638,642c650,674
< print "Content-Type: text/plain;charset=UTF-8\r\n";
< my $len; { use bytes; $len = length($text); };
< print "Content-length: ",$len,"\r\n";
< print "\r\n";
< print $text;
---
> # TWiki5 introduces the TWiki::Response object, which handles all
> # responses.
> if (UNIVERSAL::isa( $response, 'TWiki::Response')) {
> $response->header(
> -status => $status,
> -type => 'text/plain',
> -charset => 'UTF-8');
> $response->body($text);
> } else { # Pre-TWiki-5.
> # Turn off AUTOFLUSH
> # See http://perl.apache.org/docs/2.0/user/coding/coding.html
> local $| = 0;
> my $query = TWiki::Func::getCgiQuery();
> if (defined($query)) {
> my $len;
> { use bytes; $len = length($text); };
> print $query->header(
> -status => $status,
> -type => 'text/plain',
> -charset => 'UTF-8',
> -Content_length => $len);
> print $text;
> }
> }
> print STDERR $text if ($status > 400);
660c692
< my ($session) = @_;
---
> my ($session, $plugin, $verb, $response) = @_;
679c711
< returnRESTResult($html);
---
> returnRESTResult($response, 200, $html);
686c718
< my ($session) = @_;
---
> my ($session, $plugin, $verb, $response) = @_;
707,708c739
< returnRESTResult($tml);
<
---
> returnRESTResult($response, 200, $tml);
713c744
< my ($session) = @_;
---
> my ($session, $plugin, $verb, $response) = @_;
738,742c769,770
< my $error = "Access denied";
< print CGI::header(-status => 401);
< print $error;
< print STDERR $error;
< return;
---
> returnRESTResult($response, 401, "Access denied");
> return undef; # to prevent further processing
763,767c791,792
< my $error = "Zero-sized file upload";
< print CGI::header(-status => 500);
< print $error;
< print STDERR $error;
< return undef;
---
> returnRESTResult($response, 500, "Zero-sized file upload");
> return undef; # to prevent further processing
775,779c800,801
< my $error = "OVERSIZED UPLOAD";
< print CGI::header(-status => 500);
< print $error;
< print STDERR $error;
< return undef;
---
> returnRESTResult($response, 500, "OVERSIZED UPLOAD");
> return undef; # to prevent further processing
802,805c824,825
< print CGI::header(-status => 500);
< print $error;
< print STDERR $error;
< return undef;
---
> returnRESTResult($response, 500, $error);
> return undef; # to prevent further processing
826c846
< my ($session) = @_;
---
> my ($session, $plugin, $verb, $response) = @_;
831,837c851,853
< 'VIEW', TWiki::Func::getWikiName(),
< $text, $topic, $web, $meta)) {
< my $error = "Access denied";
< print CGI::header(-status => 401);
< print $error;
< print STDERR $error;
< return;
---
> 'VIEW', TWiki::Func::getWikiName(), $text, $topic, $web, $meta)) {
> returnRESTResult($response, 401, "Access denied");
> return undef; # to prevent further processing
852,869d867
< # If the site charset is UTF8 then we may get CGI parameters with encoded
< # UTF8 in them. We need to decode this, to avoid tools such as the
< # HTML::Parser falling over, and also make sure the output streams are
< # not going to barf when printing UTF8 characters. This ought
< # to be handled by the TWiki core, but isn't.
< sub _handleUTF8 {
< my $text = shift;
< if( defined $TWiki::cfg{Site}{CharSet}
< && $TWiki::cfg{Site}{CharSet} =~ /^utf-?8$/i) {
< require Encode;
< $text = Encode::decode_utf8( $text );
<
< binmode(STDOUT, ":utf8");
< binmode(STDERR, ":utf8");
< }
< return $text;
< }
<
</verbatim>
<verbatim> diff WysiwygPlugin.pm twiki/override/TWiki/Plugins/WysiwygPlugin.pm
45a46
> use URI::Escape;
160c161,162
< return unless $query;
---
>
> return unless $query;#
162c164,170
< return unless defined( $query->param( 'wysiwyg_edit' ));
---
> # if we also want to convert form fields, we have to convert $text anyway
> # because the afterEditHandler has only converted the main content, not meta fields
> # we put this check into tra
>
> if ( defined( $query->param( 'wysiwyg_edit' )) || $_[0] =~ /<!--$SECRET_ID-->/) {
> }
> my $text = $_[0];
164c172,179
< $_[0] = TranslateHTML2TML( $_[0], $_[1], $_[2] );
---
> # extracting meta
> my $meta = '';
> if ($text =~ s/^(%META:[A-Z]+{.*?}%\r?\n)//s) {
> $meta = $meta.$1;
> }
> $text =~ s/^(%META:[A-Z]+{.*?}%\r?\n)/$meta = "$1$meta";''/gem;
> # text is now without meta information
> $_[0] = TranslateHTML2TML( $text, $_[1], $_[2], $meta);
180d194
<
182,184c196,198
<
< return unless defined( $query->param( 'wysiwyg_edit' )) ||
< $text =~ s/<!--$SECRET_ID-->//go;
---
>
> # notice: iam not deleting $SECRET_ID out of $text, because TranslateHTML2TML will check for it
> return unless ( defined( $query->param( 'wysiwyg_edit' )) || $text =~ /<!--$SECRET_ID-->/);
189c203
<
---
> # convert main content, no meta fields, as we dont have them
195,196c209,210
< my( $text, $topic, $web ) = @_;
<
---
> my( $text, $topic, $web , $meta) = @_;
>
199d212
<
204a218,220
> # TODO the extraction of meta to top and bottom should not be needed anymore, as its done externally
> # afterEditHandler anyway only passes main content without meta information, and afterSaveHandler NOW filters meta
> # himself and passes it as $meta. So this lines should be deleted
210,211c226,227
< $text =~ s/^(%META:[A-Z]+{.*?}%\r?\n)/$bottom = "$1$bottom";''/gem;
<
---
> $text =~ s/^(%META:[A-Z]+{.*?}%\r?\n)/$bottom = "$1$bottom";''/gem;
>
220,221c236,263
< $text = $html2tml->convert( $text, $opts );
<
---
> #convert main content if secret id is present, so we have HTML code
> if ( $text =~ s/<!--$SECRET_ID-->//go) {
> $text = $html2tml->convert( $text, $opts );
> }
>
> # notice wen need to url_decode the form field value before converting, as it is url_decoded ( what differs to the main content )
> # and therefore the converter expect someting url_decoded
> # in the end we need to url_encode the value, as it has to be save url_endocded
> # traslate form fields which have been edited with WYSIWYG and are therefore html code
> # SMELL: maybe better regexp
>
> mrjclog("---------$web.$topic META before-----");
> mrjclog("$meta");
>
> if ( $meta =~ s/<!--$SECRET_ID-->//go) {
> #if($meta =~ s/(^%META:FIELD{[^{]*.?value=")(<!--$SECRET_ID-->)(.*?)("})/$1.uri_escape($html2tml->convert( uri_unescape($3), $opts )).$4/gme) {
> # SMELL: iam not sure this is needed. It seems like secret_id should be alway in front. twiki_tiny_js is settings it to the front,
> # also the TML2HTML handler
> #$meta =~ s/(^%META:FIELD{[^{]*.?value=")(.*?)(<!--$SECRET_ID-->)("})/$1.uri_escape($html2tml->convert( uri_unescape($2), $opts )).$4/gme;
> $meta =~ s/(^%META:FIELD{[^{]*.?value=")(.*?)("})/$1.uri_escape($html2tml->convert( uri_unescape($2), $opts )).$3/gme;
> mrjclog( "\n\r---------1-----");
> mrjclog( "$1");
> mrjclog( "---------2 converted----");
> mrjclog( $html2tml->convert( uri_unescape($2), $opts ));
> mrjclog( "---------META after-----");
> mrjclog( "$meta");
> #}
> }
223,224c265,268
<
< return $top.$text.$bottom;
---
>
> # Attention: $SECRET_ID is NEVER saved, as we never save HTML code. After the translation, we remove it.
> # It just indicates, wheather the current content is HTML or not
> return $text.$meta;
264a309,316
> sub mrjclog {
> my (@log) = @_;
> open( FH, '>>/tmp/wysiwyg.log') || die "can't open $!";
> print FH join(",_",@log)."\n\n";
> return "mrjclog just ran";
> }
>
>
275a328,337
> mrjclog("Hmm. Meta?");
> if( $meta ) {
> foreach my $k ( keys %$meta ) {
> if( $k eq 'FIELD' ) {
> mrjclog("Opportunity to TML2HTML meta $web.$topic.$k ");
> # $meta =~ s/(^%META:FIELD{[^{]*.?value=")(.*?)(<!--$SECRET_ID-->)("})/$1.uri_escape($html2tml->convert( uri_unescape($2), $opts )).$4/gme;
> }
> }
> }
>
534a597,598
>
> mrjclog("TranslateTML2HTML $web.$topic on $text");
662d725
<
664,665c727
<
< # if the secret ID is present, don't convert again. We are probably
---
> # if the secret ID is present, don't convert again. We are probably
670a733
> mrjclog("_restTML2HTML on $tml"); </verbatim>
twiki/pub/TWiki/TinyMCEPlugin/twiki_tiny_src.js
Edit | Attach | Print version | History: r1 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r1 - 05 Jan 2009, MartinCleaver
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. 
Legal Imprint Privacy Policy
Legal Imprint Privacy Policy