diff options
| author | xue <> | 2006-01-14 00:19:18 +0000 |
|---|---|---|
| committer | xue <> | 2006-01-14 00:19:18 +0000 |
| commit | f16aa6762984e4d555a1cf93692db0a69fa2ab38 (patch) | |
| tree | 5a460a73acb869cc58ecb1277118b2e039e0fd1b | |
| parent | f0737c5b52373f262a4c8cfd25d4e1bb6ff33aee (diff) | |
Added TBaseDataList control. Updated class tree. Modified TTextBox about SafeHtml support. Modified TTextBox demo accordingly.
| -rw-r--r-- | demos/quickstart/protected/pages/Controls/Samples/TTextBox/Home.page | 12 | ||||
| -rw-r--r-- | demos/quickstart/protected/pages/Controls/Samples/TTextBox/Home.php | 6 | ||||
| -rw-r--r-- | demos/quickstart/protected/pages/Fundamentals/classtree.gif | bin | 14164 -> 19840 bytes | |||
| -rw-r--r-- | demos/quickstart/protected/pages/Fundamentals/classtree.vsd | bin | 63488 -> 72192 bytes | |||
| -rw-r--r-- | framework/Exceptions/messages.txt | 1 | ||||
| -rw-r--r-- | framework/TApplication.php | 7 | ||||
| -rw-r--r-- | framework/Web/UI/WebControls/TDataBoundControl.php | 17 | ||||
| -rw-r--r-- | framework/Web/UI/WebControls/TListControl.php | 37 | ||||
| -rw-r--r-- | framework/Web/UI/WebControls/TRepeater.php | 25 | ||||
| -rw-r--r-- | framework/Web/UI/WebControls/TTable.php | 2 | ||||
| -rw-r--r-- | framework/Web/UI/WebControls/TTextBox.php | 56 |
11 files changed, 98 insertions, 65 deletions
diff --git a/demos/quickstart/protected/pages/Controls/Samples/TTextBox/Home.page b/demos/quickstart/protected/pages/Controls/Samples/TTextBox/Home.page index 4a9b58a3..c8315e42 100644 --- a/demos/quickstart/protected/pages/Controls/Samples/TTextBox/Home.page +++ b/demos/quickstart/protected/pages/Controls/Samples/TTextBox/Home.page @@ -60,6 +60,18 @@ Text box's behavior upon postback: <com:TButton Text="Submit" Click="submitText" />
</td></tr>
+<tr><td class="samplenote">
+Safety feature (cross-site scripting prevention):
+</td><td class="sampleaction">
+<com:TTextBox
+ ID="TextBox2"
+ AutoPostBack="true"
+ Text="<a href=javascript:xxx>test</a>"
+ Width="200px"/>
+<b>SafeText:</b>
+<com:TLabel BackColor="silver" ID="Output" Text=<%#$this->Page->TextBox2->SafeText%> />
+</td></tr>
+
</table>
<h2>Password Text Boxes</h2>
diff --git a/demos/quickstart/protected/pages/Controls/Samples/TTextBox/Home.php b/demos/quickstart/protected/pages/Controls/Samples/TTextBox/Home.php index e3160ead..30add74c 100644 --- a/demos/quickstart/protected/pages/Controls/Samples/TTextBox/Home.php +++ b/demos/quickstart/protected/pages/Controls/Samples/TTextBox/Home.php @@ -2,6 +2,12 @@ class Home extends TPage
{
+ protected function onLoad($param)
+ {
+ parent::onLoad($param);
+ $this->Output->dataBind();
+ }
+
public function textChanged($sender,$param)
{
$sender->Text="text changed";
diff --git a/demos/quickstart/protected/pages/Fundamentals/classtree.gif b/demos/quickstart/protected/pages/Fundamentals/classtree.gif Binary files differindex 318ed278..63e0194c 100644 --- a/demos/quickstart/protected/pages/Fundamentals/classtree.gif +++ b/demos/quickstart/protected/pages/Fundamentals/classtree.gif diff --git a/demos/quickstart/protected/pages/Fundamentals/classtree.vsd b/demos/quickstart/protected/pages/Fundamentals/classtree.vsd Binary files differindex fefab3f3..f2fa4391 100644 --- a/demos/quickstart/protected/pages/Fundamentals/classtree.vsd +++ b/demos/quickstart/protected/pages/Fundamentals/classtree.vsd diff --git a/framework/Exceptions/messages.txt b/framework/Exceptions/messages.txt index 9626e261..1f599c34 100644 --- a/framework/Exceptions/messages.txt +++ b/framework/Exceptions/messages.txt @@ -28,6 +28,7 @@ application_runtimepath_invalid = Application runtime path '%s' does not exist application_service_invalid = Service '%s' must implement IService interface.
application_service_unknown = Requested service '%s' is not defined.
application_service_unavailable = Service Unavailable.
+application_moduleid_duplicated = Application module ID '%s' is not unique.
appconfig_aliaspath_invalid = Application configuration <alias id="%s"> uses an invalid file path "%s".
appconfig_alias_invalid = Application configuration <alias> element must have an "id" attribute and a "path" attribute.
diff --git a/framework/TApplication.php b/framework/TApplication.php index d8214f09..d0c9a6d9 100644 --- a/framework/TApplication.php +++ b/framework/TApplication.php @@ -478,7 +478,10 @@ class TApplication extends TComponent */ public function setModule($id,IModule $module) { - $this->_modules[$id]=$module; + if(isset($this->_modules[$id])) + throw new TConfigurationException('application_moduleid_duplicated',$id); + else + $this->_modules[$id]=$module; } /** @@ -762,7 +765,7 @@ class TApplication extends TComponent Prado::trace("Loading module $id ({$moduleConfig[0]})",'System.TApplication'); $module=Prado::createComponent($moduleConfig[0]); - $this->_modules[$id]=$module; + $this->setModule($id,$module); foreach($moduleConfig[1] as $name=>$value) $module->setSubProperty($name,$value); $module->init($moduleConfig[2]); diff --git a/framework/Web/UI/WebControls/TDataBoundControl.php b/framework/Web/UI/WebControls/TDataBoundControl.php index ea2a0602..1108e0f6 100644 --- a/framework/Web/UI/WebControls/TDataBoundControl.php +++ b/framework/Web/UI/WebControls/TDataBoundControl.php @@ -192,15 +192,14 @@ abstract class TDataBoundControl extends TWebControl */
public function dataBind()
{
- // TODO: databinding should only be raised after data is ready
- // what about property bindings? should they be after data is ready?
$this->setRequiresDataBinding(false);
$this->dataBindProperties();
- if(($view=$this->getDataSourceView())!==null)
- $data=$view->select($this->getSelectParameters());
$this->onDataBinding(null);
- if($view!==null)
+ $data=$this->getData();
+ if($data instanceof Traversable)
$this->performDataBinding($data);
+ else if($data!==null)
+ throw new TInvalidDataTypeException('databoundcontrol_data_nontraversable');
$this->setIsDataBound(true);
$this->onDataBound(null);
}
@@ -211,6 +210,14 @@ abstract class TDataBoundControl extends TWebControl $this->setRequiresDataBinding(true);
}
+ protected function getData()
+ {
+ if(($view=$this->getDataSourceView())!==null)
+ return $view->select($this->getSelectParameters());
+ else
+ return null;
+ }
+
protected function getDataSourceView()
{
if(!$this->_currentViewValid)
diff --git a/framework/Web/UI/WebControls/TListControl.php b/framework/Web/UI/WebControls/TListControl.php index 7057e119..cb740124 100644 --- a/framework/Web/UI/WebControls/TListControl.php +++ b/framework/Web/UI/WebControls/TListControl.php @@ -156,27 +156,24 @@ abstract class TListControl extends TDataBoundControl $items=$this->getItems();
if(!$this->getAppendDataBoundItems())
$items->clear();
- if($data instanceof Traversable)
+ $textField=$this->getDataTextField();
+ if($textField==='')
+ $textField=0;
+ $valueField=$this->getDataValueField();
+ if($valueField==='')
+ $valueField=1;
+ $textFormat=$this->getDataTextFormatString();
+ foreach($data as $object)
{
- $textField=$this->getDataTextField();
- if($textField==='')
- $textField=0;
- $valueField=$this->getDataValueField();
- if($valueField==='')
- $valueField=1;
- $textFormat=$this->getDataTextFormatString();
- foreach($data as $object)
- {
- $item=new TListItem;
- if(isset($object[$textField]))
- $text=$object[$textField];
- else
- $text=TPropertyValue::ensureString($object);
- $item->setText($textFormat===''?$text:sprintf($textFormat,$text));
- if(isset($object[$valueField]))
- $item->setValue($object[$valueField]);
- $items->add($item);
- }
+ $item=new TListItem;
+ if(isset($object[$textField]))
+ $text=$object[$textField];
+ else
+ $text=TPropertyValue::ensureString($object);
+ $item->setText($textFormat===''?$text:sprintf($textFormat,$text));
+ if(isset($object[$valueField]))
+ $item->setValue($object[$valueField]);
+ $items->add($item);
}
}
diff --git a/framework/Web/UI/WebControls/TRepeater.php b/framework/Web/UI/WebControls/TRepeater.php index c9ecd255..d0d513b0 100644 --- a/framework/Web/UI/WebControls/TRepeater.php +++ b/framework/Web/UI/WebControls/TRepeater.php @@ -370,22 +370,19 @@ class TRepeater extends TDataBoundControl implements INamingContainer $items=$this->getItems();
$items->clear();
$itemIndex=0;
- if($data!==null)
+ $hasSeparator=$this->_separatorTemplate!=='';
+ foreach($data as $dataItem)
{
- $hasSeparator=$this->_separatorTemplate!=='';
- foreach($data as $dataItem)
- {
- if($itemIndex===0 && $this->_headerTemplate!=='')
- $this->_header=$this->createItemInternal(-1,'Header',true,null);
- if($hasSeparator && $itemIndex>0)
- $this->createItemInternal($itemIndex-1,'Separator',true,null);
- $itemType=$itemIndex%2==0?'Item':'AlternatingItem';
- $items->add($this->createItemInternal($itemIndex,$itemType,true,$dataItem));
- $itemIndex++;
- }
- if($itemIndex>0 && $this->_footerTemplate!=='')
- $this->_footer=$this->createItemInternal(-1,'Footer',true,null);
+ if($itemIndex===0 && $this->_headerTemplate!=='')
+ $this->_header=$this->createItemInternal(-1,'Header',true,null);
+ if($hasSeparator && $itemIndex>0)
+ $this->createItemInternal($itemIndex-1,'Separator',true,null);
+ $itemType=$itemIndex%2==0?'Item':'AlternatingItem';
+ $items->add($this->createItemInternal($itemIndex,$itemType,true,$dataItem));
+ $itemIndex++;
}
+ if($itemIndex>0 && $this->_footerTemplate!=='')
+ $this->_footer=$this->createItemInternal(-1,'Footer',true,null);
$this->setViewState('ItemCount',$itemIndex,0);
}
diff --git a/framework/Web/UI/WebControls/TTable.php b/framework/Web/UI/WebControls/TTable.php index 66485399..13cbd0b1 100644 --- a/framework/Web/UI/WebControls/TTable.php +++ b/framework/Web/UI/WebControls/TTable.php @@ -90,7 +90,7 @@ class TTable extends TWebControl /**
* Creates a style object for the control.
* This method creates a {@link TTableStyle} to be used by the table.
- * @return TStyle control style to be used
+ * @return TTableStyle control style to be used
*/
protected function createStyle()
{
diff --git a/framework/Web/UI/WebControls/TTextBox.php b/framework/Web/UI/WebControls/TTextBox.php index dae0ccf8..4eb42313 100644 --- a/framework/Web/UI/WebControls/TTextBox.php +++ b/framework/Web/UI/WebControls/TTextBox.php @@ -10,8 +10,6 @@ * @package System.Web.UI.WebControls
*/
-Prado::using('System.3rdParty.SafeHtml.TSafeHtmlParser');
-
/**
* TTextBox class
*
@@ -56,8 +54,14 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable * @var array list of auto complete types
*/
private static $_autoCompleteTypes=array('BusinessCity','BusinessCountryRegion','BusinessFax','BusinessPhone','BusinessState','BusinessStreetAddress','BusinessUrl','BusinessZipCode','Cellular','Company','Department','Disabled','DisplayName','Email','FirstName','Gender','HomeCity','HomeCountryRegion','HomeFax','Homepage','HomePhone','HomeState','HomeStreetAddress','HomeZipCode','JobTitle','LastName','MiddleName','None','Notes','Office','Pager','Search');
-
- protected $_safeContent;
+ /**
+ * @var mixed safe text parser
+ */
+ private static $_safeTextParser=null;
+ /**
+ * @var string safe textbox content with javascript stripped off
+ */
+ private $_safeText;
/**
* @return string tag name of the textbox
@@ -94,7 +98,7 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable if($textMode==='SingleLine')
{
$writer->addAttribute('type','text');
- if(($text=$this->getRawText())!=='')
+ if(($text=$this->getText())!=='')
$writer->addAttribute('value',$text);
if(($act=$this->getAutoCompleteType())!=='None')
{
@@ -173,7 +177,7 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable public function loadPostData($key,$values)
{
$value=$values[$key];
- if(!$this->getReadOnly() && $this->getRawText()!==$value)
+ if(!$this->getReadOnly() && $this->getText()!==$value)
{
$this->setText($value);
return true;
@@ -230,7 +234,7 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable protected function renderContents($writer)
{
if($this->getTextMode()==='MultiLine')
- $writer->write(THttpUtility::htmlEncode($this->getRawText()));
+ $writer->write(THttpUtility::htmlEncode($this->getText()));
}
/**
@@ -362,35 +366,41 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable }
/**
- * @return string the unmodified text content of the TTextBox control.
+ * @return string the text content of the TTextBox control.
*/
- public function getRawText()
+ public function getText()
{
return $this->getViewState('Text','');
}
/**
- * @return string safe text content.
+ * Sets the text content of the TTextBox control.
+ * @param string the text content
*/
- public function getText()
+ public function setText($value)
{
- $text = $this->getRawText();
- if(is_null($this->_safeContent))
- {
- $renderer = new TSafeHtmlParser();
- $this->_safeContent = $renderer->parse($text);
- }
- return $this->_safeContent;
+ $this->setViewState('Text',$value,'');
+ $this->_safeText = null;
}
/**
- * Sets the text content of the TTextBox control.
- * @param string the text content
+ * @return string safe text content with javascript stripped off
*/
- public function setText($value)
+ public function getSafeText()
{
- $this->setViewState('Text',$value,'');
- $this->_safeContent = null;
+ if($this->_safeText===null)
+ $this->_safeText=$this->getSafeTextParser()->parse($this->getText());
+ return $this->_safeText;
+ }
+
+ /**
+ * @return mixed safe text parser
+ */
+ protected function getSafeTextParser()
+ {
+ if(!self::$_safeTextParser)
+ self::$_safeTextParser=Prado::createComponent('System.3rdParty.SafeHtml.TSafeHtmlParser');
+ return self::$_safeTextParser;
}
/**
|
