twiki/override/TWiki/Form/FieldDefinition.pm
<verbatim>
diff -r1.1 /var/lib/twiki/override/TWiki/Form/FieldDefinition.pm
315c315
<
---
>
320a321,331
> mrjclog("before", $value);
>
> # use URI::Escape;
> # uri_unescape($value);
> $value =~ s/\r//g;
>
> mrjclog("escaped", $value);
>
> ##
http://foswiki.com/Tasks/Item5489> ## "The solution may be to explicitly run the formfield value through TWiki rendering before protecting it"
> $value = $this->{session}->renderer->getRenderedVersion($value);
323a335,336
> mrjclog("after", $value);
>
335a349,358
> sub mrjclog {
> my (@log) = @_;
> open( FH, '>>/tmp/fielddefinition.log') || die "can't open $!";
> print FH join(",_",@log)."\n\n";
> return "mrjclog just ran";
> }
>
>
>
</verbatim>
twiki/override/TWiki/Plugins/WysiwygPlugin.pm
First, because we built on Eugen's 16836, we need to know how 17359 (the version installed at my client's) differs from his version:
<verbatim>
$ diff
WysiwygPlugin.pm twiki/lib/TWiki/Plugins/WysiwygPlugin.pm
57c57
< $VERSION = '$Rev: 16836 $';
---
> $VERSION = '$Rev: 17359 (11 Aug 2008) $';
59c59
< $RELEASE = 'TWiki-4.2';
---
> $RELEASE = '03 Aug 2008';
181c181,187
< $text =
handleUTF8( $text );
---
> if ($TWiki::cfg{Site}{CharSet}
> && $TWiki::cfg{Site}{CharSet} ~ /^utf-?8$/i) {
> # If the site charset is utf-8, then form POSTs (such as the one
> # that got us here) are utf-8 encoded. we have to decode to prevent
> # the HTML parser from going tits up when it sees utf-8 in the data.
> $text = Encode::decode_utf8( $text );
> }
190c196,198
< $_[0] = TranslateHTML2TML( $text, $_[1], $_[2] );
---
> $text = TranslateHTML2TML( $text, $_[1], $_[2] );
>
> $_[0] = $text;
617,618c625,628
< $text = Encode::encode(
< $TWiki::cfg{Site}{CharSet}, $text, Encode::FB_PERLQQ);
---
> if ($TWiki::cfg{Site}{CharSet}) {
> $text = Encode::encode(
> $TWiki::cfg{Site}{CharSet}, $text, Encode::FB_PERLQQ);
> }
629c639
< my ($text) = @
;
---
> my ($response, $status, $text) = @_;
631,632c641,644
< $text = Encode::decode(
< $TWiki::cfg{Site}{CharSet}, $text, Encode::FB_PERLQQ);
---
> if ($TWiki::cfg{Site}{CharSet}) {
> $text = Encode::decode(
> $TWiki::cfg{Site}{CharSet}, $text, Encode::FB_PERLQQ);
> }
638,642c650,674
< print "Content-Type: text/plain;charset=UTF-8\r\n";
< my $len; { use bytes; $len = length($text); };
< print "Content-length: ",$len,"\r\n";
< print "\r\n";
< print $text;
---
> # TWiki5 introduces the TWiki::Response object, which handles all
> # responses.
> if (UNIVERSAL::isa( $response, 'TWiki::Response')) {
> $response->header(
> -status => $status,
> -type => 'text/plain',
> -charset => 'UTF-8');
> $response->body($text);
> } else { # Pre-TWiki-5.
> # Turn off AUTOFLUSH
> # See
http://perl.apache.org/docs/2.0/user/coding/coding.html> local $| = 0;
> my $query = TWiki::Func::getCgiQuery();
> if (defined($query)) {
> my $len;
> { use bytes; $len = length($text); };
> print $query->header(
> -status => $status,
> -type => 'text/plain',
> -charset => 'UTF-8',
> -Content_length => $len);
> print $text;
> }
> }
> print STDERR $text if ($status > 400);
660c692
< my ($session) = @_;
---
> my ($session, $plugin, $verb, $response) = @_;
679c711
< returnRESTResult($html);
---
> returnRESTResult($response, 200, $html);
686c718
< my ($session) = @_;
---
> my ($session, $plugin, $verb, $response) = @_;
707,708c739
< returnRESTResult($tml);
<
---
> returnRESTResult($response, 200, $tml);
713c744
< my ($session) = @_;
---
> my ($session, $plugin, $verb, $response) = @_;
738,742c769,770
< my $error = "Access denied";
< print CGI::header(-status => 401);
< print $error;
< print STDERR $error;
< return;
---
> returnRESTResult($response, 401, "Access denied");
> return undef; # to prevent further processing
763,767c791,792
< my $error = "Zero-sized file upload";
< print CGI::header(-status => 500);
< print $error;
< print STDERR $error;
< return undef;
---
> returnRESTResult($response, 500, "Zero-sized file upload");
> return undef; # to prevent further processing
775,779c800,801
< my $error = "OVERSIZED UPLOAD";
< print CGI::header(-status => 500);
< print $error;
< print STDERR $error;
< return undef;
---
> returnRESTResult($response, 500, "OVERSIZED UPLOAD");
> return undef; # to prevent further processing
802,805c824,825
< print CGI::header(-status => 500);
< print $error;
< print STDERR $error;
< return undef;
---
> returnRESTResult($response, 500, $error);
> return undef; # to prevent further processing
826c846
< my ($session) = @_;
---
> my ($session, $plugin, $verb, $response) = @_;
831,837c851,853
< 'VIEW', TWiki::Func::getWikiName(),
< $text, $topic, $web, $meta)) {
< my $error = "Access denied";
< print CGI::header(-status => 401);
< print $error;
< print STDERR $error;
< return;
---
> 'VIEW', TWiki::Func::getWikiName(), $text, $topic, $web, $meta)) {
> returnRESTResult($response, 401, "Access denied");
> return undef; # to prevent further processing
852,869d867
< # If the site charset is UTF8 then we may get CGI parameters with encoded
< # UTF8 in them. We need to decode this, to avoid tools such as the
< # HTML::Parser falling over, and also make sure the output streams are
< # not going to barf when printing UTF8 characters. This ought
< # to be handled by the TWiki core, but isn't.
< sub _handleUTF8 {
< my $text = shift;
< if( defined $TWiki::cfg{Site}{CharSet}
< && $TWiki::cfg{Site}{CharSet} =~ /^utf-?8$/i) {
< require Encode;
< $text = Encode::decode_utf8( $text );
<
< binmode(STDOUT, ":utf8");
< binmode(STDERR, ":utf8");
< }
< return $text;
< }
<
</verbatim>
<verbatim>
diff
WysiwygPlugin.pm twiki/override/TWiki/Plugins/WysiwygPlugin.pm
45a46
> use URI::Escape;
160c161,162
< return unless $query;
---
>
> return unless $query;#
162c164,170
< return unless defined( $query->param( 'wysiwyg_edit' ));
---
> # if we also want to convert form fields, we have to convert $text anyway
> # because the afterEditHandler has only converted the main content, not meta fields
> # we put this check into tra
>
> if ( defined( $query->param( 'wysiwyg_edit' )) || $_[0] =~ /<!--$SECRET_ID-->/) {
> }
> my $text = $_[0];
164c172,179
< $_[0] =
TranslateHTML2TML( $_[0], $_[1], $_[2] );
---
> # extracting meta
> my $meta = '';
> if ($text =~ s/^(%META:[A-Z]+{.*?}%\r?\n)//s) {
> $meta = $meta.$1;
> }
> $text =~ s/^(%META:[A-Z]+{.*?}%\r?\n)/$meta = "$1$meta";''/gem;
> # text is now without meta information
> $_[0] =
TranslateHTML2TML( $text, $_[1], $_[2], $meta);
180d194
<
182,184c196,198
<
< return unless defined( $query->param( 'wysiwyg_edit' )) ||
< $text =~ s/<!--$SECRET_ID-->//go;
---
>
> # notice: iam not deleting $SECRET_ID out of $text, because
TranslateHTML2TML will check for it
> return unless ( defined( $query->param( 'wysiwyg_edit' )) || $text =~ /<!--$SECRET_ID-->/);
189c203
<
---
> # convert main content, no meta fields, as we dont have them
195,196c209,210
< my( $text, $topic, $web ) = @_;
<
---
> my( $text, $topic, $web , $meta) = @_;
>
199d212
<
204a218,220
> # TODO the extraction of meta to top and bottom should not be needed anymore, as its done externally
> # afterEditHandler anyway only passes main content without meta information, and afterSaveHandler NOW filters meta
> # himself and passes it as $meta. So this lines should be deleted
210,211c226,227
< $text =~ s/^(%META:[A-Z]+{.*?}%\r?\n)/$bottom = "$1$bottom";''/gem;
<
---
> $text =~ s/^(%META:[A-Z]+{.*?}%\r?\n)/$bottom = "$1$bottom";''/gem;
>
220,221c236,263
< $text = $html2tml->convert( $text, $opts );
<
---
> #convert main content if secret id is present, so we have HTML code
> if ( $text =~ s/<!--$SECRET_ID-->//go) {
> $text = $html2tml->convert( $text, $opts );
> }
>
> # notice wen need to url_decode the form field value before converting, as it is url_decoded ( what differs to the main content )
> # and therefore the converter expect someting url_decoded
> # in the end we need to url_encode the value, as it has to be save url_endocded
> # traslate form fields which have been edited with WYSIWYG and are therefore html code
> # SMELL: maybe better regexp
>
> mrjclog("---------$web.$topic META before-----");
> mrjclog("$meta");
>
> if ( $meta =~ s/<!--$SECRET_ID-->//go) {
> #if($meta =~ s/(^%META:FIELD{[^{]*.?value=")(<!--$SECRET_ID-->)(.*?)("})/$1.uri_escape($html2tml->convert( uri_unescape($3), $opts )).$4/gme) {
> # SMELL: iam not sure this is needed. It seems like secret_id should be alway in front. twiki_tiny_js is settings it to the front,
> # also the
TML2HTML handler
> #$meta =~ s/(^%META:FIELD{[^{]*.?value=")(.*?)(<!--$SECRET_ID-->)("})/$1.uri_escape($html2tml->convert( uri_unescape($2), $opts )).$4/gme;
> $meta =~ s/(^%META:FIELD{[^{]*.?value=")(.*?)("})/$1.uri_escape($html2tml->convert( uri_unescape($2), $opts )).$3/gme;
> mrjclog( "\n\r---------1-----");
> mrjclog( "$1");
> mrjclog( "---------2 converted----");
> mrjclog( $html2tml->convert( uri_unescape($2), $opts ));
> mrjclog( "---------META after-----");
> mrjclog( "$meta");
> #}
> }
223,224c265,268
<
< return $top.$text.$bottom;
---
>
> # Attention: $SECRET_ID is NEVER saved, as we never save HTML code. After the translation, we remove it.
> # It just indicates, wheather the current content is HTML or not
> return $text.$meta;
264a309,316
> sub mrjclog {
> my (@log) = @_;
> open( FH, '>>/tmp/wysiwyg.log') || die "can't open $!";
> print FH join(",_",@log)."\n\n";
> return "mrjclog just ran";
> }
>
>
275a328,337
> mrjclog("Hmm. Meta?");
> if( $meta ) {
> foreach my $k ( keys %$meta ) {
> if( $k eq 'FIELD' ) {
> mrjclog("Opportunity to
TML2HTML meta $web.$topic.$k ");
> # $meta =~ s/(^%META:FIELD{[^{]*.?value=")(.*?)(<!--$SECRET_ID-->)("})/$1.uri_escape($html2tml->convert( uri_unescape($2), $opts )).$4/gme;
> }
> }
> }
>
534a597,598
>
> mrjclog("TranslateTML2HTML $web.$topic on $text");
662d725
<
664,665c727
<
< # if the secret ID is present, don't convert again. We are probably
---
> # if the secret ID is present, don't convert again. We are probably
670a733
> mrjclog("_restTML2HTML on $tml");
</verbatim>
twiki/pub/TWiki/TinyMCEPlugin/twiki_tiny_src.js