From 3192eb5cafef46ed5203a8cb2f7ae885e5693a47 Mon Sep 17 00:00:00 2001
From: xue <>
Date: Mon, 27 Mar 2006 03:40:01 +0000
Subject: Added demos for TExpression, TStatements, TSafeHtml and
 TTextHighlighter.

---
 .../protected/pages/Controls/Expression.page       |  2 ++
 .../protected/pages/Controls/SafeHtml.page         | 19 ++++++++++++++
 .../pages/Controls/Samples/TExpression/Home.page   | 21 ++++++++++++++++
 .../pages/Controls/Samples/TSafeHtml/Home.page     | 25 +++++++++++++++++++
 .../pages/Controls/Samples/TStatements/Home.page   | 29 ++++++++++++++++++++++
 .../Controls/Samples/TTextHighlighter/Home.page    | 29 ++++++++++++++++++++++
 .../protected/pages/Controls/Standard.page         |  2 +-
 .../protected/pages/Controls/Statements.page       |  2 ++
 .../protected/pages/Controls/TextHighlighter.page  | 12 +--------
 9 files changed, 129 insertions(+), 12 deletions(-)
 create mode 100644 demos/quickstart/protected/pages/Controls/Samples/TExpression/Home.page
 create mode 100644 demos/quickstart/protected/pages/Controls/Samples/TSafeHtml/Home.page
 create mode 100644 demos/quickstart/protected/pages/Controls/Samples/TStatements/Home.page
 create mode 100644 demos/quickstart/protected/pages/Controls/Samples/TTextHighlighter/Home.page

(limited to 'demos/quickstart/protected/pages/Controls')
diff --git a/demos/quickstart/protected/pages/Controls/Expression.page b/demos/quickstart/protected/pages/Controls/Expression.page
index efa1ab7a..c87f0ba4 100644
--- a/demos/quickstart/protected/pages/Controls/Expression.page
+++ b/demos/quickstart/protected/pages/Controls/Expression.page
@@ -27,4 +27,6 @@ The context of the expression in a <tt>TExpression</tt> control is the control i
 Be aware, since <tt>TExpression</tt> allows execution of arbitrary PHP code, in general you should not use it to evaluate expressions submitted by your application users.
 </p>
 
+<com:RunBar PagePath="Controls.Samples.TExpression.Home" />
+
 </com:TContent>
\ No newline at end of file
diff --git a/demos/quickstart/protected/pages/Controls/SafeHtml.page b/demos/quickstart/protected/pages/Controls/SafeHtml.page
index 16561672..565c8251 100644
--- a/demos/quickstart/protected/pages/Controls/SafeHtml.page
+++ b/demos/quickstart/protected/pages/Controls/SafeHtml.page
@@ -3,4 +3,23 @@
 <h1>TSafeHtml</h1>
 <com:DocLink ClassPath="System.Web.UI.WebControls.TSafeHtml" />
 
+<p>
+<tt>TSafeHtml</tt> is a control that strips down all potentially dangerous HTML content. It is mainly a wrapper of the <a href="http://pixel-apes.com/safehtml/">SafeHTML</a> project. According to the SafeHTML project, it tries to safeguard the following situations when the string is to be displayed to end-users:
+</p>
+<ul>
+  <li>Opening tag without its closing tag</li>
+  <li>closing tag without its opening tag
+  <li>any of these tags: base, basefont, head, html, body, applet, object, iframe, frame, frameset, script, layer, ilayer, embed, bgsound, link, meta, style, title, blink, xml, etc.</li>
+  <li>any of these attributes: on*, data*, dynsrc</li>
+  <li>javascript:/vbscript:/about: etc. protocols</li>
+  <li>expression/behavior etc. in styles</li>
+  <li>any other active content.</li>
+</ul>
+
+<p>
+To use <tt>TSafeHtml</tt>, simply enclose the content to be secured within the <tt>TSafeHtml</tt> component tag in a template. The content may consist of both static text and PRADO controls. If the latter, the rendering result of the controls will be secured.
+</p>
+
+<com:RunBar PagePath="Controls.Samples.TSafeHtml.Home" />
+
 </com:TContent>
\ No newline at end of file
diff --git a/demos/quickstart/protected/pages/Controls/Samples/TExpression/Home.page b/demos/quickstart/protected/pages/Controls/Samples/TExpression/Home.page
new file mode 100644
index 00000000..2273f3c1
--- /dev/null
+++ b/demos/quickstart/protected/pages/Controls/Samples/TExpression/Home.page
@@ -0,0 +1,21 @@
+<com:TContent ID="body">
+
+<h1>TExpression Sample</h1>
+
+<table class="sampletable">
+
+<tr><td class="samplenote">
+Using expression component tag:
+</td><td class="sampleaction">
+<com:TExpression Expression="$this->Page->Head->Title" />
+</td></tr>
+
+<tr><td class="samplenote">
+Using shortcut expression tag:
+</td><td class="sampleaction">
+<%= $this->Page->PagePath %>
+</td></tr>
+
+</table>
+
+</com:TContent>
\ No newline at end of file
diff --git a/demos/quickstart/protected/pages/Controls/Samples/TSafeHtml/Home.page b/demos/quickstart/protected/pages/Controls/Samples/TSafeHtml/Home.page
new file mode 100644
index 00000000..88f8e162
--- /dev/null
+++ b/demos/quickstart/protected/pages/Controls/Samples/TSafeHtml/Home.page
@@ -0,0 +1,25 @@
+<com:TContent ID="body">
+
+<h1>TSafeHtml Samples</h1>
+
+<table class="sampletable">
+
+<tr><td class="samplenote">
+Safeguard a static string:
+</td><td class="sampleaction">
+<com:TSafeHtml>
+  <a href="javascript:alert();">javascript link stripped</a>
+</com:TSafeHtml>
+</td></tr>
+
+<tr><td class="samplenote">
+Safeguard the control rendering results:
+</td><td class="sampleaction">
+<com:TSafeHtml>
+  <com:TLiteral Text="<a>a nonclosing tag" />
+</com:TSafeHtml>
+</td></tr>
+
+</table>
+
+</com:TContent>
\ No newline at end of file
diff --git a/demos/quickstart/protected/pages/Controls/Samples/TStatements/Home.page b/demos/quickstart/protected/pages/Controls/Samples/TStatements/Home.page
new file mode 100644
index 00000000..66734ce0
--- /dev/null
+++ b/demos/quickstart/protected/pages/Controls/Samples/TStatements/Home.page
@@ -0,0 +1,29 @@
+<com:TContent ID="body">
+
+<h1>TStatements Sample</h1>
+
+<table class="sampletable">
+
+<tr><td class="samplenote">
+Using TStatements component tag:
+</td><td class="sampleaction">
+<com:TStatements>
+  <prop:Statements>
+  $uid=$this->UniqueID;
+  echo "UniqueID is '$uid'.";
+  </prop:Statements>
+</com:TStatements>
+</td></tr>
+
+<tr><td class="samplenote">
+Using shortcut statements tag:
+</td><td class="sampleaction">
+<%%
+  $uid=$this->UniqueID;
+  echo "UniqueID is '$uid'.";
+%>
+</td></tr>
+
+</table>
+
+</com:TContent>
\ No newline at end of file
diff --git a/demos/quickstart/protected/pages/Controls/Samples/TTextHighlighter/Home.page b/demos/quickstart/protected/pages/Controls/Samples/TTextHighlighter/Home.page
new file mode 100644
index 00000000..f220ce84
--- /dev/null
+++ b/demos/quickstart/protected/pages/Controls/Samples/TTextHighlighter/Home.page
@@ -0,0 +1,29 @@
+<com:TContent ID="body">
+
+<h1>TTextHighlighter Samples</h1>
+
+<table class="sampletable">
+
+<tr><td class="samplenote">
+Highlighting PHP statements:
+</td><td class="sampleaction">
+<com:TTextHighlighter ShowLineNumbers="true" EnableCopyCode="true">
+<?php
+$str = 'one|two|three|four';
+// will output an array
+print_r(explode('|', $str, 2));
+?>
+</com:TTextHighlighter>
+</td></tr>
+
+<tr><td class="samplenote">
+Highlighting control rendering results:
+</td><td class="sampleaction">
+<com:TTextHighlighter EnableCopyCode="false">
+<com:TLabel Text="this is a label" />
+</com:TTextHighlighter>
+</td></tr>
+
+</table>
+
+</com:TContent>
\ No newline at end of file
diff --git a/demos/quickstart/protected/pages/Controls/Standard.page b/demos/quickstart/protected/pages/Controls/Standard.page
index 11c8eaec..d6070986 100644
--- a/demos/quickstart/protected/pages/Controls/Standard.page
+++ b/demos/quickstart/protected/pages/Controls/Standard.page
@@ -91,7 +91,7 @@
   <a href="?page=Controls.RadioButton">TRadioButton</a> represents a radiobutton on a Web page. It is mainly used in a group from which users make a choice.
   </li>
 
-  <li>*
+  <li>
   <a href="?page=Controls.SafeHtml">TSafeHtml</a> displays its body content with assurance that the content contain no harmful code (such as <a href="?page=Security.XSS">XSS</a>).
   </li>
 
diff --git a/demos/quickstart/protected/pages/Controls/Statements.page b/demos/quickstart/protected/pages/Controls/Statements.page
index f37f1dc4..c6807738 100644
--- a/demos/quickstart/protected/pages/Controls/Statements.page
+++ b/demos/quickstart/protected/pages/Controls/Statements.page
@@ -38,4 +38,6 @@ The context of the statements in a <tt>TStatements</tt> control is the control i
 Be aware, since <tt>TStatements</tt> allows execution of arbitrary PHP code, in general you should not use it to evaluate PHP code submitted by your application users.
 </p>
 
+<com:RunBar PagePath="Controls.Samples.TStatements.Home" />
+
 </com:TContent>
\ No newline at end of file
diff --git a/demos/quickstart/protected/pages/Controls/TextHighlighter.page b/demos/quickstart/protected/pages/Controls/TextHighlighter.page
index 23c33b75..40806b02 100644
--- a/demos/quickstart/protected/pages/Controls/TextHighlighter.page
+++ b/demos/quickstart/protected/pages/Controls/TextHighlighter.page
@@ -21,16 +21,6 @@ print_r(explode('|', $str, 2)); // will output an array
 &lt;/com:TTextHighlighter&gt;
 </com:TTextHighlighter>
 
-<p>
-The output will look as follows,
-</p>
-<div style="border:1px solid silver">
-<com:TTextHighlighter ShowLineNumbers="true">
-<?php
-$str = 'one|two|three|four';
-print_r(explode('|', $str, 2)); // will output an array
-?>
-</com:TTextHighlighter>
-</div>
+<com:RunBar PagePath="Controls.Samples.TTextHighlighter.Home" />
 
 </com:TContent>
\ No newline at end of file
-- 
cgit v1.2.3


+Using expression component tag: +	+ +
+Using shortcut expression tag: +	+<%= $this->Page->PagePath %> +
+Safeguard a static string: +	+ + javascript link stripped + +
+Safeguard the control rendering results: +	+ + + +
+Using TStatements component tag: +	+ + + $uid=$this->UniqueID; + echo "UniqueID is '$uid'."; + + +
+Using shortcut statements tag: +	+<%% + $uid=$this->UniqueID; + echo "UniqueID is '$uid'."; +%> +
+Highlighting PHP statements: +	+ + + +
+Highlighting control rendering results: +	+ + + +