[pLog-svn] r4823 - plugins/branches/lifetype-1.2/templateeditor/class/action
oscar at devel.lifetype.net
oscar at devel.lifetype.net
Thu Feb 22 15:17:12 EST 2007
Author: oscar
Date: 2007-02-22 15:17:12 -0500 (Thu, 22 Feb 2007)
New Revision: 4823
Modified:
plugins/branches/lifetype-1.2/templateeditor/class/action/pluginblogtemplateslistaction.class.php
plugins/branches/lifetype-1.2/templateeditor/class/action/pluginsitetemplateslistaction.class.php
Log:
Like I said, on fire.
Modified: plugins/branches/lifetype-1.2/templateeditor/class/action/pluginblogtemplateslistaction.class.php
===================================================================
--- plugins/branches/lifetype-1.2/templateeditor/class/action/pluginblogtemplateslistaction.class.php 2007-02-22 19:46:37 UTC (rev 4822)
+++ plugins/branches/lifetype-1.2/templateeditor/class/action/pluginblogtemplateslistaction.class.php 2007-02-22 20:17:12 UTC (rev 4823)
@@ -1,8 +1,11 @@
<?php
include_once( PLOG_CLASS_PATH."class/action/admin/adminaction.class.php" );
+ include_once( PLOG_CLASS_PATH."class/data/validator/stringvalidator.class.php" );
+ include_once( PLOG_CLASS_PATH."class/data/validator/rules/regexprule.class.php" );
include_once( PLOG_CLASS_PATH."plugins/templateeditor/class/view/pluginblogtemplateslistview.class.php" );
include_once( PLOG_CLASS_PATH."plugins/templateeditor/class/view/pluginblogtemplatesubfolderlistview.class.php" );
+ include_once( PLOG_CLASS_PATH."plugins/templateeditor/class/view/pluginblogtemplatesetslistview.class.php" );
/**
* shows a form with the current configuration
@@ -15,13 +18,24 @@
function PluginBlogTemplatesListAction( $actionInfo, $request )
{
$this->AdminAction( $actionInfo, $request );
+
+ $val = new StringValidator();
+ $val->addRule( new RegExpRule( "[a-zA-Z0-9]+" ));
+ $this->registerFieldValidator( "templateId", $val );
+ $view = new PluginBlogTemplateSetsListView( $this->_blogInfo );
+ $view->setErrorMessage( "error_loading_template_file" );
+ $this->setValidationErrorView( $view );
$this->requirePermission( "edit_blog_templates" );
}
function perform()
{
+ // fetch and sanitize parameters
$this->_templateId = $this->_request->getValue( "templateId" );
+ $this->_templateId = str_replace( "/", "", $this->_templateId );
+ $this->_templateId = str_replace( "..", "", $this->_templateId );
+
$this->_subFolderId = $this->_request->getValue( "subFolderId" );
if ( empty($this->_subFolderId) ) {
Modified: plugins/branches/lifetype-1.2/templateeditor/class/action/pluginsitetemplateslistaction.class.php
===================================================================
--- plugins/branches/lifetype-1.2/templateeditor/class/action/pluginsitetemplateslistaction.class.php 2007-02-22 19:46:37 UTC (rev 4822)
+++ plugins/branches/lifetype-1.2/templateeditor/class/action/pluginsitetemplateslistaction.class.php 2007-02-22 20:17:12 UTC (rev 4823)
@@ -1,8 +1,11 @@
<?php
include_once( PLOG_CLASS_PATH."class/action/admin/adminaction.class.php" );
+ include_once( PLOG_CLASS_PATH."class/data/validator/stringvalidator.class.php" );
+ include_once( PLOG_CLASS_PATH."class/data/validator/rules/regexprule.class.php" );
include_once( PLOG_CLASS_PATH."plugins/templateeditor/class/view/pluginsitetemplateslistview.class.php" );
include_once( PLOG_CLASS_PATH."plugins/templateeditor/class/view/pluginsitetemplatesubfolderlistview.class.php" );
+ include_once( PLOG_CLASS_PATH."plugins/templateeditor/class/view/pluginsitetemplatesetslistview.class.php" );
/**
* shows a form with the current configuration
@@ -16,12 +19,23 @@
{
$this->AdminAction( $actionInfo, $request );
+ $val = new StringValidator();
+ $val->addRule( new RegExpRule( "[a-zA-Z0-9]+" ));
+ $this->registerFieldValidator( "templateId", $val );
+ $view = new PluginSiteTemplateSetsListView( $this->_blogInfo );
+ $view->setErrorMessage( "error_loading_template_file" );
+ $this->setValidationErrorView( $view );
+
$this->requireAdminPermission( "edit_global_templates" );
}
function perform()
{
+ // fetch and sanitize parameters
$this->_templateId = $this->_request->getValue( "templateId" );
+ $this->_templateId = str_replace( "/", "", $this->_templateId );
+ $this->_templateId = str_replace( "..", "", $this->_templateId );
+
$this->_subFolderId = $this->_request->getValue( "subFolderId" );
if ( empty($this->_subFolderId) ) {
More information about the pLog-svn
mailing list