From 52ae5aef521fa7d800e09206342eb9ac17043cd8 Mon Sep 17 00:00:00 2001
From: wei <>
Date: Fri, 13 Jan 2006 12:57:54 +0000
Subject:

---
 framework/3rdParty/readme.html                     | 11 +++++--
 framework/Web/UI/WebControls/TTextBox.php          | 29 ++++++++++++++---
 tests/FunctionalTests/protected/application.xml    |  1 -
 tests/FunctionalTests/protected/pages/Home.page    | 35 ++-------------------
 .../protected/pages/I18N/BasicI18N.page            | 36 ++--------------------
 .../pages/Validation/RequiredFieldValidator.page   |  7 +++--
 .../pages/Validation/RequiredFieldValidator.php    |  5 +--
 7 files changed, 46 insertions(+), 78 deletions(-)

diff --git a/framework/3rdParty/readme.html b/framework/3rdParty/readme.html
index e48eba45..b84425f2 100644
--- a/framework/3rdParty/readme.html
+++ b/framework/3rdParty/readme.html
@@ -19,8 +19,8 @@ projects.
 </tr>
 
 <tr>
-  <td>geshi</td>
-  <td><a href="http://qbnz.com/highlighter/">GeSHi</a> - Generic Syntax Highlighter</a> (v1.0.7.5)</td>
+  <td><a href="geshi">geshi</a></td>
+  <td><a href="http://qbnz.com/highlighter/">GeSHi - Generic Syntax Highlighter</a> (v1.0.7.5)</td>
   <td><a href="http://qbnz.com/highlighter/license.php">GNU</a></td>
   <td>System.Web.UI.WebControls.TTextHighlighter</td>
   <td>Many syntax files are stripped off to reduce the size of PRADO release.
@@ -28,6 +28,13 @@ projects.
   recognize PHP5-specific keywords. Modified geshi.php so that it conforms to
   strict PHP5 syntax.</td>
 </tr>
+<tr>
+  <td><a href="SafeHtml">SafeHtml</a></td>
+  <td><a href="http://pixel-apes.com/safehtml/">SafeHTML</a> (v1.3.7)</td>
+  <td><a href="SafeHtml/license.txt">BSD License (3 Clause)</a></td>
+  <td>System.Web.UI.WebControls.TSafeHtml</td>
+  <td>TSafeHtml removes malicious javascript code from its rendered output.</td>
+</tr>
 </table>
 </p>
 </body>
diff --git a/framework/Web/UI/WebControls/TTextBox.php b/framework/Web/UI/WebControls/TTextBox.php
index e37b98b8..dae0ccf8 100644
--- a/framework/Web/UI/WebControls/TTextBox.php
+++ b/framework/Web/UI/WebControls/TTextBox.php
@@ -10,6 +10,8 @@
  * @package System.Web.UI.WebControls
  */
 
+Prado::using('System.3rdParty.SafeHtml.TSafeHtmlParser');
+
 /**
  * TTextBox class
  *
@@ -55,6 +57,8 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable
 	 */
 	private static $_autoCompleteTypes=array('BusinessCity','BusinessCountryRegion','BusinessFax','BusinessPhone','BusinessState','BusinessStreetAddress','BusinessUrl','BusinessZipCode','Cellular','Company','Department','Disabled','DisplayName','Email','FirstName','Gender','HomeCity','HomeCountryRegion','HomeFax','Homepage','HomePhone','HomeState','HomeStreetAddress','HomeZipCode','JobTitle','LastName','MiddleName','None','Notes','Office','Pager','Search');
 
+	protected $_safeContent;
+
 	/**
 	 * @return string tag name of the textbox
 	 */
@@ -90,7 +94,7 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable
 			if($textMode==='SingleLine')
 			{
 				$writer->addAttribute('type','text');
-				if(($text=$this->getText())!=='')
+				if(($text=$this->getRawText())!=='')
 					$writer->addAttribute('value',$text);
 				if(($act=$this->getAutoCompleteType())!=='None')
 				{
@@ -169,7 +173,7 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable
 	public function loadPostData($key,$values)
 	{
 		$value=$values[$key];
-		if(!$this->getReadOnly() && $this->getText()!==$value)
+		if(!$this->getReadOnly() && $this->getRawText()!==$value)
 		{
 			$this->setText($value);
 			return true;
@@ -226,7 +230,7 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable
 	protected function renderContents($writer)
 	{
 		if($this->getTextMode()==='MultiLine')
-			$writer->write(THttpUtility::htmlEncode($this->getText()));
+			$writer->write(THttpUtility::htmlEncode($this->getRawText()));
 	}
 
 	/**
@@ -358,13 +362,27 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable
 	}
 
 	/**
-	 * @return string the text content of the TTextBox control.
+	 * @return string the unmodified text content of the TTextBox control.
 	 */
-	public function getText()
+	public function getRawText()
 	{
 		return $this->getViewState('Text','');
 	}
 
+	/**
+	 * @return string safe text content.
+	 */
+	public function getText()
+	{
+		$text = $this->getRawText();
+		if(is_null($this->_safeContent))
+		{
+			$renderer = new TSafeHtmlParser();
+			$this->_safeContent = $renderer->parse($text);
+		}
+		return $this->_safeContent;
+	}
+
 	/**
 	 * Sets the text content of the TTextBox control.
 	 * @param string the text content
@@ -372,6 +390,7 @@ class TTextBox extends TWebControl implements IPostBackDataHandler, IValidatable
 	public function setText($value)
 	{
 		$this->setViewState('Text',$value,'');
+		$this->_safeContent = null;
 	}
 
 	/**
diff --git a/tests/FunctionalTests/protected/application.xml b/tests/FunctionalTests/protected/application.xml
index ca946653..53e73457 100644
--- a/tests/FunctionalTests/protected/application.xml
+++ b/tests/FunctionalTests/protected/application.xml
@@ -13,7 +13,6 @@
 		</module>
 		<module id="logger" class="System.Log.TLogRouter">
 			<route class="TFileLogRoute" />
-			<route class="TBrowserLogRoute" Categories="System.Web.UI.TPage,Uncategorized" />
 		</module>
 	</modules>
 </application>
\ No newline at end of file
diff --git a/tests/FunctionalTests/protected/pages/Home.page b/tests/FunctionalTests/protected/pages/Home.page
index 606a17ac..9a49e3a2 100644
--- a/tests/FunctionalTests/protected/pages/Home.page
+++ b/tests/FunctionalTests/protected/pages/Home.page
@@ -1,34 +1,3 @@
-<!DOCTYPE HTML PUBLIC 
-	"-//W3C//DTD XHTML 1.0 Strict//EN" 
-	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-	
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-<head>
-	<meta http-equiv="Content-type" content="text/html; charset=UTF-8" />
-	<title>Prado Functional Tests</title>
-	<style type="text/css">
-	/*<![CDATA[*/
-	body
-	{
-		font-family: Georgia, "Times New Roman", Times, serif;
-	}
-	.w3c
-	{
-		margin-top: 2em;
-		display: block;
-	}
-	/*]]>*/
-	</style>
-</head>
-
-<body>
-
+<com:TContent ID="Content">
 <h1>Prado Functional Tests</h1>
-
-<div class="w3c">
-<a href="http://validator.w3.org/check?uri=referer">
-		Validate XHTML 1.0
-</a>
-</div>
-</body>
-</html>
\ No newline at end of file
+</com:TContent>
\ No newline at end of file
diff --git a/tests/FunctionalTests/protected/pages/I18N/BasicI18N.page b/tests/FunctionalTests/protected/pages/I18N/BasicI18N.page
index e09c2161..f4ef35d2 100644
--- a/tests/FunctionalTests/protected/pages/I18N/BasicI18N.page
+++ b/tests/FunctionalTests/protected/pages/I18N/BasicI18N.page
@@ -1,28 +1,5 @@
-<%@ Application.Globalization.Culture="zh_CN" %>
-<!DOCTYPE HTML PUBLIC 
-	"-//W3C//DTD XHTML 1.0 Strict//EN" 
-	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-	
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-<head>
-	<meta http-equiv="Content-type" content="text/html; charset=UTF-8" />
-	<title>Basic I18N Test</title>
-	<style type="text/css">
-	/*<![CDATA[*/
-	body
-	{
-		font-family: Georgia, "Times New Roman", Times, serif;
-	}
-	.w3c
-	{
-		margin-top: 2em;
-		display: block;
-	}
-	/*]]>*/
-	</style>
-</head>
-
-<body>
+<%@ Title="Basic I18N Test" %>
+<com:TContent ID="Content">
 <h1>Basic I18N Test</h1>
 <com:TTranslate>
 	Hello {name}
@@ -51,11 +28,4 @@
 	[0] None |[1] One thing. |[2,Inf) Many things.
 </com:TChoiceFormat>
 </div>
-
-<div class="w3c">
-<a href="http://validator.w3.org/check?uri=referer">
-		Validate XHTML 1.0
-</a>
-</div>
-</body>
-</html>
\ No newline at end of file
+</com:TContent>
\ No newline at end of file
diff --git a/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.page b/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.page
index 56ef07bd..e6b67c8d 100644
--- a/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.page
+++ b/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.page
@@ -1,13 +1,16 @@
+<%@ Title="Basic TRequiredFieldValidator" %>
+<com:TContent ID="Content">
 <com:TForm>
 <h1>Basic TRequiredFieldValidator Test1</h1>
 	<com:TTextBox ID="text1" />
 	<com:TRequiredFieldValidator 
 		ID="validator1" 
 		FocusOnError="true" 
-		FocusElementID="text2"
+		FocusElementID="<%# $this->Page->text2->ClientID %>"
 		ControlToValidate="text1" 
 		ErrorMessage="*" />
 	<com:TButton ID="button1" Text="Click" />
 	<com:TTextBox ID="text2" />
 	<com:TJavascriptLogger />
-</com:TForm>
\ No newline at end of file
+</com:TForm>
+</com:TContent>
\ No newline at end of file
diff --git a/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.php b/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.php
index 995b3df0..ff24b93a 100644
--- a/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.php
+++ b/tests/FunctionalTests/protected/pages/Validation/RequiredFieldValidator.php
@@ -2,9 +2,10 @@
 
 class RequiredFieldValidator extends TPage
 {
-	function onLoad($param)
+	protected function onLoad($param)
 	{
-		Prado::log("Hello", TLogger::WARNING);
+		if(!$this->IsPostBack)
+			$this->dataBind();
 	}
 }
 
-- 
cgit v1.2.3