extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-07 16:44:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

- implemented htmlpurifier also for sitemgr (only non site-admins) and

Browse Source 
knowledgebase
- html::fckEditor() has optional parameter to NOT use htmlpurifier
This commit is contained in:
Ralf Becker 2009-05-19 19:23:38 +00:00
parent 8f797be836
commit 7049fe4bc0
2 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
etemplate/inc/class.etemplate.inc.php
View File

@ -1157,8 +1157,6 @@ class etemplate extends boetemplate
{
$value = nl2br(html::htmlspecialchars($value));
}
$value = html::purify($value);
if (!$readonly)
{
$mode = $mode ? $mode : 'simple';
@ -1167,6 +1165,7 @@ class etemplate extends boetemplate
$fckoptions = array(
'toolbar_expanded' => $toolbar,
);
// html::fckEditor runs everything through html::purify
$html .= html::fckEditor($form_name,$value,$mode,$fckoptions,$height,$width,$baseref);
self::$request->set_to_process($form_name,$cell['type'],array(
@ -1175,7 +1174,7 @@ class etemplate extends boetemplate
}
else
{
$html .= html::div(html::activate_links($value),'style="overflow: auto; width='. $width. '; height='. $height. '"');
$html .= html::div(html::purify(html::activate_links($value)),'style="overflow: auto; width='. $width. '; height='. $height. '"');
}
break;
case 'checkbox':

17
phpgwapi/inc/class.html.inc.php
View File

@ -460,15 +460,20 @@ class html
* @param array $_options (toolbar_expanded true/false)
* @param string $_height='400px'
* @param string $_width='100%'
* @param string $base_href='' if passed activates the browser for image at absolute path passed
* @param string $_base_href='' if passed activates the browser for image at absolute path passed
* @param boolean $_purify=true run $_content through htmlpurifier before handing it to fckEditor
* @return string the necessary html for the textarea
*/
static function fckEditor($_name, $_content, $_mode, $_options=array('toolbar_expanded' =>'true'), $_height='400px', $_width='100%',$_base_href='')
static function fckEditor($_name, $_content, $_mode, $_options=array('toolbar_expanded' =>'true'),
$_height='400px', $_width='100%',$_base_href='',$_purify=true)
{
if (!self::htmlarea_availible() || $_mode == 'ascii')
{
return self::textarea($_name,$_content,'style="width: '.$_width.'; height: '.$_height.';"');
}
// run content through htmlpurifier
if ($_purify && !empty($_content)) $_content = self::purify($_content);
include_once(EGW_INCLUDE_ROOT."/phpgwapi/js/fckeditor/fckeditor.php");
$oFCKeditor = new FCKeditor($_name) ;
@ -969,7 +974,7 @@ class html
{
$url = "/index.php?menuaction=$url";
}
if ($url{0} == '/') // link relative to eGW
if ($url[0] == '/') // link relative to eGW
{
$url = self::link($url,$vars);
}
@ -1185,7 +1190,7 @@ class html
}
}
// evtl. remove leading delimiter
if ($_selected{0} == $delimiter) $_selected = substr($_selected,1);
if ($_selected[0] == $delimiter) $_selected = substr($_selected,1);
foreach($_folders as $path => $data)
{
if (!is_array($data))
@ -1198,7 +1203,7 @@ class html
$image1 = $image2 = $image3 = "'".$data['image']."'";
}
// evtl. remove leading delimiter
if ($path{0} == $delimiter) $path = substr($path,1);
if ($path[0] == $delimiter) $path = substr($path,1);
$folderParts = explode($delimiter,$path);
//get rightmost folderpart
@ -1255,6 +1260,8 @@ class html
{
static $purifier;
if (empty($html)) return $html; // no need to process further
if (is_null($purifier) || !is_null($config))
{
// add htmlpurifiers library to include_path