[interchange-cvs] interchange - heins modified 11 files
interchange-core@interchange.redhat.com
interchange-core@interchange.redhat.com
Fri Feb 8 18:09:00 2002
User: heins
Date: 2002-02-08 23:08:21 GMT
Modified: code/UI_Tag display.coretag e.coretag row_edit.coretag
Modified: table_editor.coretag
Modified: code/UserTag xml_generator.tag
Modified: dist/lib/UI/pages/include table_populator
Modified: lib/Vend Form.pm Interpolate.pm Page.pm Util.pm
Added: dist/lib/UI/pages/admin test_code.html
Log:
* Fired what I think is a major blow in the ongoing escaping problems.
Set up an ESCAPE_CHARS::std variable which encodes everything
HTML::Entities normally does plus [. This should be used almost
exclusively for encoding.
* Fix encoding in most places it is done.
* Fix a couple of default/override bugs in Vend/Form.pm at the
same time.
* Add a "admin/test_code.html" page for testing short snippets
of ITL without having to create a test page.
* Make the table populator JavaScript honor the db tables the
particular admin user is supposed to see.
Revision Changes Path
1.4 +6 -5 interchange/code/UI_Tag/display.coretag
rev 1.4, prev_rev 1.3
Index: display.coretag
===================================================================
RCS file: /anon_cvs/repository/interchange/code/UI_Tag/display.coretag,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- display.coretag 5 Feb 2002 01:33:11 -0000 1.3
+++ display.coretag 8 Feb 2002 23:08:20 -0000 1.4
@@ -27,9 +27,11 @@
my $mtab;
my $record;
+ my $no_meta = $CGI::values{ui_no_meta_display};
+#::logDebug("no_meta=$no_meta");
METALOOK: {
## No meta display wanted
- last METALOOK if $CGI::values{no_meta_display};
+ last METALOOK if $no_meta;
## No meta display possible
$table and $column or $opt->{meta}
or last METALOOK;
@@ -84,10 +86,10 @@
}
}
-#::logDebug("metarecord=$record");
my $w;
METAMAKE: {
+ last METAMAKE if $no_meta;
if( ! $record ) {
$record = { %$opt };
}
@@ -211,6 +213,7 @@
while( my ($k, $v) = each %things) {
next if length $record->{$k};
+ next unless defined $v;
$record->{$k} = $v;
}
@@ -227,14 +230,12 @@
if(! defined $w) {
my $text = $opt->{value};
my $iname = $opt->{name} || $column;
- my $DECODE_CHARS = qq{[<"\000-\037\177-\377};
# Count lines for textarea
my $count;
$count = $text =~ s/(\r\n|\r|\n)/$1/g;
- HTML::Entities::encode($text, '&');
- HTML::Entities::encode($text, $DECODE_CHARS);
+ encode($text, $ESCAPE_CHARS::std);
my $size;
if ($count) {
$count++;
1.2 +1 -1 interchange/code/UI_Tag/e.coretag
rev 1.2, prev_rev 1.1
Index: e.coretag
===================================================================
RCS file: /anon_cvs/repository/interchange/code/UI_Tag/e.coretag,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- e.coretag 29 Jan 2002 05:52:40 -0000 1.1
+++ e.coretag 8 Feb 2002 23:08:20 -0000 1.2
@@ -2,7 +2,7 @@
UserTag e Routine <<EOR
sub {
my $text = shift;
- HTML::Entities::encode($text);
+ HTML::Entities::encode($text, $ESCAPE_CHARS::std);
}
EOR
1.2 +1 -2 interchange/code/UI_Tag/row_edit.coretag
rev 1.2, prev_rev 1.1
Index: row_edit.coretag
===================================================================
RCS file: /anon_cvs/repository/interchange/code/UI_Tag/row_edit.coretag,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- row_edit.coretag 29 Jan 2002 05:52:40 -0000 1.1
+++ row_edit.coretag 8 Feb 2002 23:08:20 -0000 1.2
@@ -93,8 +93,7 @@
if($ta{$_} || $text =~ /\n/) {
my $rows = $opt->{height} || 4;
- $text =~ s/</</g;
- $text =~ s/\[/[/g;
+ HTML::Entities::encode($text, $ESCAPE_CHARS::std);
$out .= <<EOF;
<TD><TEXTAREA NAME="$_" COLS="$size" ROWS="$rows">$text</TEXTAREA>$msg</TD>
EOF
1.2 +81 -56 interchange/code/UI_Tag/table_editor.coretag
rev 1.2, prev_rev 1.1
Index: table_editor.coretag
===================================================================
RCS file: /anon_cvs/repository/interchange/code/UI_Tag/table_editor.coretag,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- table_editor.coretag 29 Jan 2002 05:52:40 -0000 1.1
+++ table_editor.coretag 8 Feb 2002 23:08:20 -0000 1.2
@@ -174,9 +174,14 @@
}
my $rowcount = 0;
+ my $action = $opt->{action} || 'set';
+ my $wizard_next = $opt->{wizard_next} || 'return';
+ my $wizard_cancel = $opt->{wizard_cancel} || 'back';
my $rowdiv = $opt->{across} || 1;
my $span = $rowdiv * 2;
my $oddspan = $span - 1;
+ my $def = $opt->{default_ref} || $::Values;
+#::logDebug("view=$opt->{ui_meta_view}, default_ref: " . uneval($def));
$opt->{table_width} = '60%' if ! $opt->{table_width};
$opt->{left_width} = '30%' if ! $opt->{left_width};
if (! $opt->{inner_table_width}) {
@@ -244,14 +249,14 @@
else {
if($opt->{action_click}) {
$ntext = <<EOF;
-mv_todo=return
+mv_todo=$wizard_next
ui_wizard_action=Next
mv_click=$opt->{action_click}
EOF
}
else {
$ntext = <<EOF;
-mv_todo=return
+mv_todo=$wizard_next
ui_wizard_action=Next
mv_click=ui_override_next
EOF
@@ -264,14 +269,14 @@
mv_form_profile=
ui_wizard_action=Cancel
mv_nextpage=$hidgo
-mv_todo=back
+mv_todo=$wizard_cancel
EOF
if($opt->{mv_prevpage}) {
$btext = $Scratch->{$opt->{back_text}} = <<EOF;
mv_form_profile=
ui_wizard_action=Back
mv_nextpage=$opt->{mv_prevpage}
-mv_todo=return
+mv_todo=$wizard_next
EOF
}
else {
@@ -287,8 +292,8 @@
$Scratch->{$opt->{cancel_text}} = $ctext if $ctext;
$Scratch->{$opt->{back_text}} = $btext if $btext;
- $opt->{next_text} = HTML::Entities::encode($opt->{next_text});
- $opt->{back_text} = HTML::Entities::encode($opt->{back_text});
+ $opt->{next_text} = HTML::Entities::encode($opt->{next_text}, $ESCAPE_CHARS::std);
+ $opt->{back_text} = HTML::Entities::encode($opt->{back_text}, $ESCAPE_CHARS::std);
$opt->{cancel_text} = HTML::Entities::encode($opt->{cancel_text});
$Scratch->{$opt->{next_text}} = $ntext if $ntext;
@@ -466,7 +471,7 @@
&fatal=1
$success
mv_form_profile=mandatory
-&set=mv_todo set
+&set=mv_todo $action
EOP
[/perl]
EOF
@@ -521,6 +526,7 @@
$opt->{ui_data_fields} =~ s/\r\n/\n/g;
$opt->{ui_data_fields} =~ s/\r/\n/g;
+#::logDebug("ui_data_fields=$opt->{ui_data_fields}");
if($opt->{ui_data_fields} =~ /\n\n/) {
#::logDebug("Found break fields");
@@ -798,10 +804,12 @@
}
$opt->{enctype} = $opt->{file_upload} ? ' ENCTYPE="multipart/form-data"' : '';
- my $out = <<EOF;
-[restrict]
+ my $wo = $opt->{widgets_only};
+ my @out;
+ push @out, '[restrict]' if $opt->{reparse};
+ push @out, <<EOF unless $wo;
<FORM METHOD=$opt->{method} ACTION="$opt->{href}"$opt->{form_name}$opt->{enctype}>
-$sidstr<INPUT TYPE=hidden NAME=mv_todo VALUE="set">
+$sidstr<INPUT TYPE=hidden NAME=mv_todo VALUE="$action">
<INPUT TYPE=hidden NAME=mv_click VALUE="process_filter">
<INPUT TYPE=hidden NAME=mv_nextpage VALUE="$opt->{mv_nextpage}">
<INPUT TYPE=hidden NAME=mv_data_table VALUE="$table">
@@ -832,14 +840,14 @@
next unless length $opt->{$_};
my $val = $opt->{$_};
$val =~ s/"/"/g;
- $out .= qq{<INPUT TYPE=hidden NAME=$_ VALUE="$val">\n};
+ push @out, qq{<INPUT TYPE=hidden NAME=$_ VALUE="$val">\n} unless $wo;
}
for (@cgi_set) {
next unless length $CGI->{$_};
my $val = $CGI->{$_};
$val =~ s/"/"/g;
- $out .= qq{<INPUT TYPE=hidden NAME=$_ VALUE="$val">\n};
+ push @out, qq{<INPUT TYPE=hidden NAME=$_ VALUE="$val">\n} unless $wo;
}
if($opt->{mailto}) {
@@ -861,25 +869,25 @@
elsif ($CGI::values{ui_return_to}) {
@$r_ary = ( $CGI::values{ui_return_to} );
}
- $out .= $Tag->return_to();
+ push @out, $Tag->return_to() unless $wo;
#::logDebug("return-to stack = " . ::uneval($r_ary));
}
if(ref $opt->{hidden}) {
my ($hk, $hv);
while ( ($hk, $hv) = each %{$opt->{hidden}} ) {
- $out .= qq{<INPUT TYPE=hidden NAME="$hk" VALUE="$hv">\n};
+ push @out, qq{<INPUT TYPE=hidden NAME="$hk" VALUE="$hv">\n} unless $wo;
}
}
- $out .= <<EOF;
+ push @out, <<EOF unless $wo;
<table class=touter border="" cellspacing="0" cellpadding="0" width="$opt->{table_width}">
<tr>
<td>
<table class=tinner width="$opt->{inner_table_width}" cellspacing=0 cellmargin=0 width="100%" cellpadding="2" align="center" border="0">
EOF
- $out .= <<EOF unless $opt->{no_top};
+ push @out, <<EOF unless $opt->{no_top} or $wo;
<tr class=rtitle>
<td align=right colspan=$span><img src="$opt->{clear_image}" width=1 height=3 alt=x></td>
</tr>
@@ -892,16 +900,16 @@
|| $mlabel;
if ($extra_ok and ! $opt->{no_top} and ! $opt->{nosave}) {
if($opt->{back_text}) {
- $out .= <<EOF;
+ push @out, <<EOF unless $wo;
<TR class=rnorm>
<td> </td>
<td align=left colspan=$oddspan class=cdata>
EOF
- $out .= <<EOF if ! $opt->{bottom_buttons};
+ push @out, <<EOF if not $wo || $opt->{bottom_buttons};
<INPUT TYPE=submit NAME=mv_click VALUE="$opt->{back_text}"> <INPUT TYPE=submit NAME=mv_click VALUE="$opt->{cancel_text}"> <B><INPUT TYPE=submit NAME=mv_click VALUE="$opt->{next_text}"></B>
<BR>
EOF
- $out .= <<EOF;
+ push @out, <<EOF unless $wo;
$mlabel
</TD>
</TR>
@@ -912,16 +920,16 @@
EOF
}
elsif ($opt->{wizard}) {
- $out .= <<EOF;
+ push @out, <<EOF unless $wo;
<TR class=rnorm>
<td> </td>
<td align=left colspan=$oddspan class=cdata>
EOF
- $out .= <<EOF if ! $opt->{bottom_buttons};
+ push @out, <<EOF if (! $wo and ! $opt->{bottom_buttons});
<INPUT TYPE=submit NAME=mv_click VALUE="$opt->{cancel_text}"> <B><INPUT TYPE=submit NAME=mv_click VALUE="$opt->{next_text}"></B>
<BR>
EOF
- $out .= <<EOF;
+ push @out, <<EOF unless $wo;
$mlabel
</TD>
</TR>
@@ -932,7 +940,7 @@
EOF
}
else {
- $out .= <<EOF;
+ push @out, <<EOF unless $wo;
<TR class=rnorm>
<td> </td>
<td align=left colspan=$oddspan class=cdata>
@@ -950,7 +958,7 @@
}
}
- $out .= $blob_widget;
+ push @out, $blob_widget unless $wo;
#### Extra buttons
@@ -1046,7 +1054,7 @@
my $tabs = join " ", @tables;
$set =~ s/_TABLES_/$tabs/g;
$Scratch->{clone_tables} = $set;
- $out .= <<EOF;
+ push @out, <<EOF unless $wo;
<tr class=rtitle>
<td colspan=$span>
$tabform<INPUT TYPE=hidden NAME=mv_check VALUE="clone_tables">
@@ -1059,6 +1067,7 @@
my %break;
my %break_label;
if($opt->{ui_break_before}) {
+#::logDebug("Have a break_before");
my @tmp = grep /\S/, split /[\s,\0]+/, $opt->{ui_break_before};
@break{@tmp} = @tmp;
if($opt->{ui_break_before_label}) {
@@ -1123,13 +1132,16 @@
if($opt->{defaults}) {
for(@cols) {
- if($opt->{wizard}) {
- $default->{$_} = $::Values->{$_} if defined $::Values->{$_};
+ if($opt->{force_defaults}) {
+ $default->{$_} = $override->{$_} = $def->{$_};
+ }
+ elsif($opt->{wizard}) {
+ $default->{$_} = $def->{$_} if defined $def->{$_};
}
else {
next if defined $default->{$_};
- next unless defined $::Values->{$_};
- $default->{$_} = $::Values->{$_};
+ next unless defined $def->{$_};
+ $default->{$_} = $def->{$_};
}
}
}
@@ -1162,6 +1174,8 @@
my %serialize;
my %serial_data;
+ my @controls;
+
foreach my $col (@cols) {
my $t;
my $c;
@@ -1170,7 +1184,7 @@
if($col eq $keycol) {
if($opt->{ui_hide_key}) {
my $kval = $key || $override->{$col} || $default->{$col};
- $out .= <<EOF;
+ push @controls, <<EOF;
<INPUT TYPE=hidden NAME="$col" VALUE="$kval">
EOF
next;
@@ -1180,6 +1194,7 @@
}
}
+ my $w = '';
my $do = $display_only{$col};
my $currval;
@@ -1258,7 +1273,7 @@
$sd = tag_data($tt, $tc, $k);
}
else {
- $sd = $data->{$col} || $::Values->{$col};
+ $sd = $data->{$col} || $def->{$col};
}
#Debug("serial_data=$sd");
$serial_data{$col} = $sd;
@@ -1330,7 +1345,7 @@
width => $width->{$c},
template => $template,
});
- if($super and ! $opt->{no_meta} and ($Variable->{UI_META_LINK} || $::Values->{ui_meta_force}) ) {
+ if($super and ! $opt->{no_meta} and ($Variable->{UI_META_LINK} || $def->{ui_meta_force}) ) {
$meta .= '<BR><FONT SIZE=1>';
# Get global variables
my $base = $Tag->var('UI_BASE', 1);
@@ -1369,26 +1384,29 @@
$display =~ s/\~META\~/$meta/g;
$display =~ s/\~ERROR\~/$Tag->error({ name => $c, keep => 1 })/eg;
- if ($break{$namecol}) {
+ if (! $wo and $break{$namecol}) {
while($rowcount % $rowdiv) {
- $out .= '<TD> </td><TD> </td>';
+ $w .= '<TD> </td><TD> </td>';
$rowcount++;
}
- $out .= "</TR>\n";
- $out .= <<EOF if $break{$namecol};
+ $w .= "</TR>\n";
+ $w .= <<EOF if $break{$namecol};
<TR class=rbreak>
<TD COLSPAN=$span class=cbreak>$break_label{$namecol}<IMG SRC="$opt->{clear_image}" WIDTH=1 HEIGHT=1 alt=x></TD>
</TR>
EOF
$rowcount = 0;
}
- $out .= "<tr class=rnorm>" unless $rowcount++ % $rowdiv;
- $out .= $display;
- $out .= "</TR>\n" unless $rowcount % $rowdiv;
+ $w .= "<tr class=rnorm>" unless $rowcount++ % $rowdiv;
+ $w .= $display;
+ $w .= "</TR>\n" unless $rowcount % $rowdiv;
+ push @controls, $w;
}
+ my @firstout = splice @out, 0;
+
while($rowcount % $rowdiv) {
- $out .= '<TD> </td><TD> </td>';
+ push @out, '<TD> </td><TD> </td>' unless $wo;
$rowcount++;
}
@@ -1409,20 +1427,21 @@
if is_hash($serial_data{$_});
$serial_data{$_} =~ s/\&/&/g;
$serial_data{$_} =~ s/"/"/g;
- $out .= qq{<INPUT TYPE=hidden NAME="$_" VALUE="$serial_data{$_}">};
+ push @out, qq{<INPUT TYPE=hidden NAME="$_" VALUE="$serial_data{$_}">}
+ unless $wo;
push @serial_fields, @{$serialize{$_}};
}
- if(@serial_fields) {
- $out .= qq{<INPUT TYPE=hidden NAME="ui_serial_fields" VALUE="};
- $out .= join " ", @serial_fields;
- $out .= qq{">};
+ if(! $wo and @serial_fields) {
+ push @out, qq{<INPUT TYPE=hidden NAME="ui_serial_fields" VALUE="};
+ push @out, join " ", @serial_fields;
+ push @out, qq{">};
}
###
### Here the user can include some extra stuff in the form....
###
- $out .= <<EOF if $opt->{include_form};
+ push @out, <<EOF if ! $wo and $opt->{include_form};
<tr class=rnorm>
<td colspan=$span>$opt->{include_form}</td>
</tr>
@@ -1434,7 +1453,7 @@
}
$passed_fields = join " ", @cols;
- $out .= <<EOF;
+ push @out, <<EOF unless $wo;
<INPUT TYPE=hidden NAME=mv_data_fields VALUE="$passed_fields">
<tr class=rspacer>
<td colspan=$span ><img src="$opt->{clear_image}" height=3 alt=x></td>
@@ -1444,7 +1463,7 @@
SAVEWIDGETS: {
last SAVEWIDGETS if $opt->{nosave};
if($opt->{back_text}) {
- $out .= <<EOF;
+ push @out, <<EOF unless $wo;
<TR class=rnorm>
<td> </td>
<td align=left colspan=$oddspan class=cdata>
@@ -1452,7 +1471,7 @@
EOF
}
elsif($opt->{wizard}) {
- $out .= <<EOF;
+ push @out, <<EOF unless $wo;
<TR class=rnorm>
<td> </td>
<td align=left colspan=$oddspan class=cdata>
@@ -1460,7 +1479,7 @@
EOF
}
else {
- $out .= <<EOF;
+ push @out, <<EOF unless $wo;
<TR class=rnorm>
<td> </td>
<td align=left colspan=$oddspan class=cdata>
@@ -1483,7 +1502,7 @@
$checked = ''
if defined $opt->{mv_auto_export} and ! $opt->{mv_auto_export};
my $autoexpstr = errmsg('Auto-export');
- $out .= <<EOF unless $opt->{noexport} or $opt->{nosave};
+ push @out, <<EOF unless $wo or $opt->{noexport} or $opt->{nosave};
<small>
@@ -1510,13 +1529,13 @@
$extra
!,
});
- $out .= <<EOF if ! $opt->{nosave};
+ push @out, <<EOF if !($wo || $opt->{nosave});
<BR><BR><A
onClick="return confirm('Are you sure you want to delete $key?')"
HREF="$url"><IMG SRC="delete.gif" ALT="Delete $key" BORDER=0></A> Delete
EOF
}
- $out .= <<EOF;
+ push @out, <<EOF unless $wo;
</small>
</td>
</tr>
@@ -1551,18 +1570,24 @@
}
$Tag->error( { all => 1 } );
- $out .= <<EOF unless $opt->{no_bottom} and ! $message;
+ push @out, <<EOF unless $wo or ($opt->{no_bottom} and ! $message);
<tr class=rtitle>
<td colspan=$span><!-- $Scratch->{$opt->{next_text}} -->$message<img src="$opt->{clear_image}" height=3 alt=x></td>
</tr>
EOF
- $out .= <<EOF;
+ push @out, <<EOF unless $wo;
</table>
</td></tr></table>
</form>
-[/restrict]
EOF
+ push @out, '[/restrict]' if $opt->{reparse};
+ if($wo) {
+ return @controls if wantarray;
+ return join "", @controls;
+ }
+show_times("end table editor call item_id=$key") if $Global::ShowTimes;
+ return join "", @firstout, @controls, @out;
}
EOR
1.2 +1 -1 interchange/code/UserTag/xml_generator.tag
rev 1.2, prev_rev 1.1
Index: xml_generator.tag
===================================================================
RCS file: /anon_cvs/repository/interchange/code/UserTag/xml_generator.tag,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- xml_generator.tag 29 Jan 2002 05:52:42 -0000 1.1
+++ xml_generator.tag 8 Feb 2002 23:08:21 -0000 1.2
@@ -184,7 +184,7 @@
$out .= qq{\t<$rtag key="$key">\n};
for (my $i = 0; $i < $cnt; $i++) {
next if $opt->{skip_empty} && length($f[$i]) == 0;
- HTML::Entities::encode_entities($f[$i]);
+ HTML::Entities::encode($f[$i]);
$out .= qq{\t\t<$ftag name="$fields[$i]">$f[$i]</$ftag>\n};
}
$out .= qq{\t</$rtag>\n};
1.1 interchange/dist/lib/UI/pages/admin/test_code.html
rev 1.1, prev_rev 1.0
Index: test_code.html
===================================================================
[set page_title]Test ITL code snippet[/set]
[set ui_class]Admin[/set]
[set page_banner]Test ITL code snippet[/set]
[set page_perm]super[/set]
[set help_name][/set]
[set icon_name]icon_config.gif[/set]
[seti ui_body_extra][/seti]
@_UI_STD_HEAD_@
<!-- ----- BEGIN REAL STUFF ----- -->
<FORM ACTION="[area @@MV_PAGE@@]">
<table>
[if cgi itl_code]
<tr>
<td style="font-size: larger">
<u style="font-size: larger; font-weight: bold">Results</u><br>
[if cgi xmp]<xmp>[/if][calc] $Scratch->{itl_code} = $CGI->{itl_code}; [/calc][if cgi xmp]</xmp>[/if]
</td>
</tr>
[/if]
<tr>
<td>
<textarea name=itl_code rows=20 cols=80>[filter op=entities][scratchd itl_code][/filter]</textarea>
<br>
<input type=submit value="[L]Run[/L]"> <input type=button value="[L]Clear[/L]" onClick="this.form.itl_code.value=''"> [display type=select name=xmp cgi-default=1 options="1=Source, 0=HTML"]
</td>
</tr>
</table>
</form>
<!-- ----- END REAL STUFF ----- -->
@_UI_STD_FOOTER_@
<!-- page: @@MV_PAGE@@ -->
2.1 +2 -1 interchange/dist/lib/UI/pages/include/table_populator
rev 2.1, prev_rev 2.0
Index: table_populator
===================================================================
RCS file: /anon_cvs/repository/interchange/dist/lib/UI/pages/include/table_populator,v
retrieving revision 2.0
retrieving revision 2.1
diff -u -r2.0 -r2.1
--- table_populator 18 Jul 2001 02:22:11 -0000 2.0
+++ table_populator 8 Feb 2002 23:08:21 -0000 2.1
@@ -4,7 +4,8 @@
my @tables = split /\s+/, $Scratch->{tables};
my $out;
for(@tables) {
- $tables{$_} = [ $Db{$_}->columns() ];
+ my $string = $Tag->db_columns($_);
+ $tables{$_} = [ grep /\S/, split /\s+/, $string ];
}
$out = "<SCRIPT LANGUAGE=JAVASCRIPT>\n<!-- \n";
2.13 +17 -14 interchange/lib/Vend/Form.pm
rev 2.13, prev_rev 2.12
Index: Form.pm
===================================================================
RCS file: /anon_cvs/repository/interchange/lib/Vend/Form.pm,v
retrieving revision 2.12
retrieving revision 2.13
diff -u -r2.12 -r2.13
--- Form.pm 7 Feb 2002 21:33:21 -0000 2.12
+++ Form.pm 8 Feb 2002 23:08:21 -0000 2.13
@@ -1,6 +1,6 @@
# Vend::Form - Generate Form widgets
#
-# $Id: Form.pm,v 2.12 2002/02/07 21:33:21 mheins Exp $
+# $Id: Form.pm,v 2.13 2002/02/08 23:08:21 mheins Exp $
#
# Copyright (C) 1996-2001 Red Hat, Inc. <interchange@redhat.com>
#
@@ -25,6 +25,7 @@
package Vend::Form;
require HTML::Entities;
+*encode = \&HTML::Entities::encode_entities;
use Vend::Interpolate;
use Vend::Util;
use Vend::Tags;
@@ -36,7 +37,7 @@
require Exporter;
@ISA = qw(Exporter);
-$VERSION = substr(q$Revision: 2.12 $, 10);
+$VERSION = substr(q$Revision: 2.13 $, 10);
@EXPORT = qw (
display
@@ -130,7 +131,7 @@
.
qq({EXTRA?} {EXTRA}{/EXTRA?})
.
- qq(>{VALUE}{APPEND})
+ qq(>{ENCODED}{APPEND})
,
boxstd =>
qq(<input type="{VARIANT}" name="{NAME}" value="{TVALUE}")
@@ -272,7 +273,7 @@
s/\*$// and $attr->{selected} = 1;
($attr->{value},$attr->{label}) = @$_;
-
+ encode($attr->{label}, $ESCAPE_CHARS::std);
if($attr->{value} =~ /^\s*\~\~(.*)\~\~\s*$/) {
my $lab = $1;
$lab =~ s/"/"/g;
@@ -603,9 +604,9 @@
for(@$opts) {
my ($value, $label) = @$_;
+ encode($label, $ESCAPE_CHARS::std);
if($value =~ /^\s*\~\~(.*)\~\~\s*$/) {
my $label = $1;
- $label =~ s/"/"/g;
if($optgroup_one++) {
$run .= "</optgroup>";
}
@@ -633,7 +634,7 @@
}
my $vvalue = $value;
- $vvalue =~ s/"/"/;
+ encode($vvalue, $ESCAPE_CHARS::std);
$run .= qq| value="$vvalue"|;
if (length($default)) {
$regex = qr/$re_b\Q$value\E$re_e/;
@@ -753,6 +754,7 @@
for(@$opts) {
my($value,$label) = @$_;
+ encode($label, $ESCAPE_CHARS::std);
if($value =~ /^\s*\~\~(.*)\~\~\s*$/) {
my $lab = $1;
$lab =~ s/"/"/g;
@@ -790,7 +792,7 @@
$default =~ $regex and $opt->{selected} = 1;
}
- $opt->{tvalue} = HTML::Entities::encode($value);
+ $opt->{tvalue} = encode($value, $ESCAPE_CHARS::std);
$label =~ s/ / /g if $xlt;
$opt->{tlabel} = $label;
@@ -890,6 +892,12 @@
return join "", @out;
}
+ if($opt->{override}) {
+ $opt->{value} = $opt->{default};
+ }
+
+ $opt->{default} = $opt->{value} if defined $opt->{value};
+
if($opt->{pre_filter} and defined $opt->{value}) {
$opt->{value} = Vend::Interpolate::filter_value(
$opt->{pre_filter},
@@ -897,12 +905,6 @@
);
}
- if($opt->{override}) {
- $opt->{value} = $opt->{default};
- }
-
- $opt->{default} = $opt->{value} if defined $opt->{value};
-
my $ishash;
if(ref ($item) eq 'HASH') {
#::logDebug("item=$item");
@@ -1064,7 +1066,7 @@
}
$opt->{value} = $opt->{default} if ! defined $opt->{value};
- $opt->{encoded} = HTML::Entities::encode($opt->{value});
+ $opt->{encoded} = encode($opt->{value}, $ESCAPE_CHARS::std);
# Action taken for various types
my %daction = (
@@ -1083,6 +1085,7 @@
select => \&dropdown,
show => \&show_data,
value => sub { my $opt = shift; return $opt->{encoded} },
+ realvalue => sub { my $opt = shift; return $opt->{value} },
yesno => \&yesno,
);
2.58 +3 -6 interchange/lib/Vend/Interpolate.pm
rev 2.58, prev_rev 2.57
Index: Interpolate.pm
===================================================================
RCS file: /anon_cvs/repository/interchange/lib/Vend/Interpolate.pm,v
retrieving revision 2.57
retrieving revision 2.58
diff -u -r2.57 -r2.58
--- Interpolate.pm 6 Feb 2002 22:34:09 -0000 2.57
+++ Interpolate.pm 8 Feb 2002 23:08:21 -0000 2.58
@@ -1,6 +1,6 @@
# Vend::Interpolate - Interpret Interchange tags
#
-# $Id: Interpolate.pm,v 2.57 2002/02/06 22:34:09 mheins Exp $
+# $Id: Interpolate.pm,v 2.58 2002/02/08 23:08:21 mheins Exp $
#
# Copyright (C) 1996-2001 Red Hat, Inc. <interchange@redhat.com>
#
@@ -27,7 +27,7 @@
require Exporter;
@ISA = qw(Exporter);
-$VERSION = substr(q$Revision: 2.57 $, 10);
+$VERSION = substr(q$Revision: 2.58 $, 10);
@EXPORT = qw (
@@ -260,9 +260,6 @@
my $Evar = qr{\@_([A-Za-z0-9]\w+[A-Za-z0-9])_\@};
my $Cvar = qr{__([A-Za-z0-9]\w*?[A-Za-z0-9])__};
-my %Comment_out = ( '<' => '<', '[' => '[', '_' => '_', );
-
-
my @th = (qw!
@@ -1088,7 +1085,7 @@
return scalar localtime(shift);
},
'encode_entities' => sub {
- return HTML::Entities::encode(shift);
+ return HTML::Entities::encode(shift, $ESCAPE_CHARS::std);
},
'decode_entities' => sub {
return HTML::Entities::decode(shift);
2.4 +3 -5 interchange/lib/Vend/Page.pm
rev 2.4, prev_rev 2.3
Index: Page.pm
===================================================================
RCS file: /anon_cvs/repository/interchange/lib/Vend/Page.pm,v
retrieving revision 2.3
retrieving revision 2.4
diff -u -r2.3 -r2.4
--- Page.pm 13 Oct 2001 20:35:21 -0000 2.3
+++ Page.pm 8 Feb 2002 23:08:21 -0000 2.4
@@ -1,6 +1,6 @@
# Vend::Page - Handle Interchange page routing
#
-# $Id: Page.pm,v 2.3 2001/10/13 20:35:21 mheins Exp $
+# $Id: Page.pm,v 2.4 2002/02/08 23:08:21 mheins Exp $
#
# Copyright (C) 1996-2001 Red Hat, Inc. <interchange@redhat.com>
#
@@ -45,7 +45,7 @@
use vars qw/$VERSION/;
-$VERSION = substr(q$Revision: 2.3 $, 10);
+$VERSION = substr(q$Revision: 2.4 $, 10);
my $wantref = 1;
@@ -119,9 +119,7 @@
return 1;
}
else {
- $name =~ s/\&/&/g;
- $name =~ s/\[/[/g;
- $name =~ s/\</</g;
+ HTML::Entities::encode($name, $ESCAPE_CHARS::std);
display_special_page(find_special_page('missing'), $name);
return 0;
}
2.20 +12 -2 interchange/lib/Vend/Util.pm
rev 2.20, prev_rev 2.19
Index: Util.pm
===================================================================
RCS file: /anon_cvs/repository/interchange/lib/Vend/Util.pm,v
retrieving revision 2.19
retrieving revision 2.20
diff -u -r2.19 -r2.20
--- Util.pm 1 Feb 2002 21:08:27 -0000 2.19
+++ Util.pm 8 Feb 2002 23:08:21 -0000 2.20
@@ -1,6 +1,6 @@
# Vend::Util - Interchange utility functions
#
-# $Id: Util.pm,v 2.19 2002/02/01 21:08:27 racke Exp $
+# $Id: Util.pm,v 2.20 2002/02/08 23:08:21 mheins Exp $
#
# Copyright (C) 1996-2001 Red Hat, Inc. <interchange@redhat.com>
#
@@ -78,10 +78,11 @@
use Fcntl;
use Errno;
use Text::ParseWords;
+require HTML::Entities;
use Safe;
use subs qw(logError logGlobal);
use vars qw($VERSION @EXPORT @EXPORT_OK);
-$VERSION = substr(q$Revision: 2.19 $, 10);
+$VERSION = substr(q$Revision: 2.20 $, 10);
BEGIN {
eval {
@@ -112,6 +113,15 @@
'0123456789' .
'-_./~='
;
+
+## This is a character class for HTML::Entities
+$ESCAPE_CHARS::std = "^\n\t !\#\$%\'-;=?-Z\\\]-~";
+
+## HTML::Entities caches this, let's get it cached right away so
+## each child doesn't have to re-eval
+{
+ my $junk = HTML::Entities::encode(">>>123<<<", $ESCAPE_CHARS::std);
+}
my $need_escape;