diff options
author | wei <> | 2006-01-13 12:57:54 +0000 |
---|---|---|
committer | wei <> | 2006-01-13 12:57:54 +0000 |
commit | 52ae5aef521fa7d800e09206342eb9ac17043cd8 (patch) | |
tree | 51c3791769ad032232f6f2d3937404b0864f5012 | |
parent | 8e16e1f6e9b2b79696d03375e2a60fbae6761a64 (diff) |
7 files changed, 46 insertions, 78 deletions
diff --git a/framework/3rdParty/readme.html b/framework/3rdParty/readme.html index e48eba45..b84425f2 100644 --- a/framework/3rdParty/readme.html +++ b/framework/3rdParty/readme.html @@ -19,8 +19,8 @@ projects. </tr>
<tr>
- <td>geshi</td>
- <td><a href="http://qbnz.com/highlighter/">GeSHi</a> - Generic Syntax Highlighter</a> (v1.0.7.5)</td>
+ <td><a href="geshi">geshi</a></td>
+ <td><a href="http://qbnz.com/highlighter/">GeSHi - Generic Syntax Highlighter</a> (v1.0.7.5)</td>
<td><a href="http://qbnz.com/highlighter/license.php">GNU</a></td>
<td>System.Web.UI.WebControls.TTextHighlighter</td>
<td>Many syntax files are stripped off to reduce the size of PRADO release.
@@ -28,6 +28,13 @@ projects. recognize PHP5-specific keywords. Modified geshi.php so that it conforms to
strict PHP5 syntax.</td>
</tr>
+<tr>
+ <td><a href="SafeHtml">SafeHtml</a></td>
+ <td><a href="http://pixel-apes.com/safehtml/">SafeHTML</a> (v1.3.7)</td>
+ <td><a href="SafeHtml/license.txt">BSD License (3 Clause)</a></td>
+ <td>System.Web.UI.WebControls.TSafeHtml</td>
+ <td>TSafeHtml removes malicious javascript code from its rendered output.</td>
+</tr>
</table>
</p>
</body>
diff --git a/framework/Web/UI/WebControls/TTextBox.php b/framework/Web/UI/WebControls/TTextBox.php index e37b98b8..dae0ccf8 100644 --- a/framework/Web/UI/WebControls/TTextBox.php +++ b/framework/Web/UI/WebControls/TTextBox.php @@ -10,6 +10,8 @@ * @package System.Web.UI.WebControls
*/
+Prado::using('System.3rdParty.SafeHtml.TSafeHtmlParser');
+
/**
* TTextBox class
*
@@ -55,6 +57,8 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable */
private static $_autoCompleteTypes=array('BusinessCity','BusinessCountryRegion','BusinessFax','BusinessPhone','BusinessState','BusinessStreetAddress','BusinessUrl','BusinessZipCode','Cellular','Company','Department','Disabled','DisplayName','Email','FirstName','Gender','HomeCity','HomeCountryRegion','HomeFax','Homepage','HomePhone','HomeState','HomeStreetAddress','HomeZipCode','JobTitle','LastName','MiddleName','None','Notes','Office','Pager','Search');
+ protected $_safeContent;
+
/**
* @return string tag name of the textbox
*/
@@ -90,7 +94,7 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable if($textMode==='SingleLine')
{
$writer->addAttribute('type','text');
- if(($text=$this->getText())!=='')
+ if(($text=$this->getRawText())!=='')
$writer->addAttribute('value',$text);
if(($act=$this->getAutoCompleteType())!=='None')
{
@@ -169,7 +173,7 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable public function loadPostData($key,$values)
{
$value=$values[$key];
- if(!$this->getReadOnly() && $this->getText()!==$value)
+ if(!$this->getReadOnly() && $this->getRawText()!==$value)
{
$this->setText($value);
return true;
@@ -226,7 +230,7 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable protected function renderContents($writer)
{
if($this->getTextMode()==='MultiLine')
- $writer->write(THttpUtility::htmlEncode($this->getText()));
+ $writer->write(THttpUtility::htmlEncode($this->getRawText()));
}
/**
@@ -358,20 +362,35 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable }
/**
- * @return string the text content of the TTextBox control.
+ * @return string the unmodified text content of the TTextBox control.
*/
- public function getText()
+ public function getRawText()
{
return $this->getViewState('Text','');
}
/**
+ * @return string safe text content.
+ */
+ public function getText()
+ {
+ $text = $this->getRawText();
+ if(is_null($this->_safeContent))
+ {
+ $renderer = new TSafeHtmlParser();
+ $this->_safeContent = $renderer->parse($text);
+ }
+ return $this->_safeContent;
+ }
+
+ /**
* Sets the text content of the TTextBox control.
* @param string the text content
*/
public function setText($value)
{
$this->setViewState('Text',$value,'');
+ $this->_safeContent = null;
}
/**
diff --git a/tests/FunctionalTests/protected/application.xml b/tests/FunctionalTests/protected/application.xml index ca946653..53e73457 100644 --- a/tests/FunctionalTests/protected/application.xml +++ b/tests/FunctionalTests/protected/application.xml @@ -13,7 +13,6 @@ </module>
<module id="logger" class="System.Log.TLogRouter">
<route class="TFileLogRoute" />
- <route class="TBrowserLogRoute" Categories="System.Web.UI.TPage,Uncategorized" />
</module>
</modules>
</application>
\ No newline at end of file diff --git a/tests/FunctionalTests/protected/pages/Home.page b/tests/FunctionalTests/protected/pages/Home.page index 606a17ac..9a49e3a2 100644 --- a/tests/FunctionalTests/protected/pages/Home.page +++ b/tests/FunctionalTests/protected/pages/Home.page @@ -1,34 +1,3 @@ -<!DOCTYPE HTML PUBLIC
- "-//W3C//DTD XHTML 1.0 Strict//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-<head>
- <meta http-equiv="Content-type" content="text/html; charset=UTF-8" />
- <title>Prado Functional Tests</title>
- <style type="text/css">
- /*<![CDATA[*/
- body
- {
- font-family: Georgia, "Times New Roman", Times, serif;
- }
- .w3c
- {
- margin-top: 2em;
- display: block;
- }
- /*]]>*/
- </style>
-</head>
-
-<body>
-
+<com:TContent ID="Content">
<h1>Prado Functional Tests</h1>
-
-<div class="w3c">
-<a href="http://validator.w3.org/check?uri=referer">
- Validate XHTML 1.0
-</a>
-</div>
-</body>
-</html>
\ No newline at end of file +</com:TContent>
\ No newline at end of file diff --git a/tests/FunctionalTests/protected/pages/I18N/BasicI18N.page b/tests/FunctionalTests/protected/pages/I18N/BasicI18N.page index e09c2161..f4ef35d2 100644 --- a/tests/FunctionalTests/protected/pages/I18N/BasicI18N.page +++ b/tests/FunctionalTests/protected/pages/I18N/BasicI18N.page @@ -1,28 +1,5 @@ -<%@ Application.Globalization.Culture="zh_CN" %>
-<!DOCTYPE HTML PUBLIC
- "-//W3C//DTD XHTML 1.0 Strict//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-<head>
- <meta http-equiv="Content-type" content="text/html; charset=UTF-8" />
- <title>Basic I18N Test</title>
- <style type="text/css">
- /*<![CDATA[*/
- body
- {
- font-family: Georgia, "Times New Roman", Times, serif;
- }
- .w3c
- {
- margin-top: 2em;
- display: block;
- }
- /*]]>*/
- </style>
-</head>
-
-<body>
+<%@ Title="Basic I18N Test" %>
+<com:TContent ID="Content">
<h1>Basic I18N Test</h1>
<com:TTranslate>
Hello {name}
@@ -51,11 +28,4 @@ [0] None |[1] One thing. |[2,Inf) Many things.
</com:TChoiceFormat>
</div>
-
-<div class="w3c">
-<a href="http://validator.w3.org/check?uri=referer">
- Validate XHTML 1.0
-</a>
-</div>
-</body>
-</html>
\ No newline at end of file +</com:TContent>
\ No newline at end of file diff --git a/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.page b/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.page index 56ef07bd..e6b67c8d 100644 --- a/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.page +++ b/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.page @@ -1,13 +1,16 @@ +<%@ Title="Basic TRequiredFieldValidator" %>
+<com:TContent ID="Content">
<com:TForm>
<h1>Basic TRequiredFieldValidator Test1</h1>
<com:TTextBox ID="text1" />
<com:TRequiredFieldValidator
ID="validator1"
FocusOnError="true"
- FocusElementID="text2"
+ FocusElementID="<%# $this->Page->text2->ClientID %>"
ControlToValidate="text1"
ErrorMessage="*" />
<com:TButton ID="button1" Text="Click" />
<com:TTextBox ID="text2" />
<com:TJavascriptLogger />
-</com:TForm>
\ No newline at end of file +</com:TForm>
+</com:TContent>
\ No newline at end of file diff --git a/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.php b/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.php index 995b3df0..ff24b93a 100644 --- a/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.php +++ b/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.php @@ -2,9 +2,10 @@ class RequiredFieldValidator extends TPage
{
- function onLoad($param)
+ protected function onLoad($param)
{
- Prado::log("Hello", TLogger::WARNING);
+ if(!$this->IsPostBack)
+ $this->dataBind();
}
}
|