[pLog-svn] r5418 - in plog/branches/lifetype-1.2: class/action/admin install locale/admin templates/admin

oscar at devel.lifetype.net oscar at devel.lifetype.net
Fri May 18 04:25:42 EDT 2007 

Author: oscar
Date: 2007-05-18 04:25:41 -0400 (Fri, 18 May 2007)
New Revision: 5418

Modified:
   plog/branches/lifetype-1.2/class/action/admin/adminpostmanagementcommonaction.class.php
   plog/branches/lifetype-1.2/install/defaultconfig.properties.php
   plog/branches/lifetype-1.2/locale/admin/locale_ca_ES.php
   plog/branches/lifetype-1.2/locale/admin/locale_de_DE.php
   plog/branches/lifetype-1.2/locale/admin/locale_en_UK.php
   plog/branches/lifetype-1.2/locale/admin/locale_es_ES.php
   plog/branches/lifetype-1.2/locale/admin/locale_fr_FR.php
   plog/branches/lifetype-1.2/locale/admin/locale_gl_ES.php
   plog/branches/lifetype-1.2/locale/admin/locale_it_IT.php
   plog/branches/lifetype-1.2/locale/admin/locale_nl_NL.php
   plog/branches/lifetype-1.2/locale/admin/locale_zh_CN.php
   plog/branches/lifetype-1.2/locale/admin/locale_zh_TW.php
   plog/branches/lifetype-1.2/templates/admin/globalsettings_security.template
Log:
Implemented feature request http://bugs.lifetype.net/view.php?id=1303 -- allow blocks of Javascript tags in posts (disabled by default)


Modified: plog/branches/lifetype-1.2/class/action/admin/adminpostmanagementcommonaction.class.php
===================================================================
--- plog/branches/lifetype-1.2/class/action/admin/adminpostmanagementcommonaction.class.php	2007-05-18 07:58:26 UTC (rev 5417)
+++ plog/branches/lifetype-1.2/class/action/admin/adminpostmanagementcommonaction.class.php	2007-05-18 08:25:41 UTC (rev 5418)
@@ -127,8 +127,13 @@
 				$this->_postText = stripslashes($this->_request->getValue( "postText" ));
 			else
 				$this->_postText = $this->_request->getValue( "postText" );
-				
-        	$this->_postText     = trim(Textfilter::xhtmlize(Textfilter::filterJavaScript($this->_postText)));
+			
+			// check if javascript code is allowed in posts
+			$config =& Config::getConfig();
+			if( !$config->getValue( "allow_javascript_blocks_in_posts", false )) {
+				$this->_postText = Textfilter::filterJavaScript( $this->_postText );
+			}	
+        	$this->_postText = trim(Textfilter::xhtmlize( $this->_postText ));
             $this->_postTopic    = trim(Textfilter::xhtmlize(Textfilter::filterAllHTML($this->_request->getValue( "postTopic" ))));
 			$this->_posterId = $this->_request->getValue( "posterId" );
             $this->_postCategories = $this->_request->getValue( "postCategories" );

Modified: plog/branches/lifetype-1.2/install/defaultconfig.properties.php
===================================================================
--- plog/branches/lifetype-1.2/install/defaultconfig.properties.php	2007-05-18 07:58:26 UTC (rev 5417)
+++ plog/branches/lifetype-1.2/install/defaultconfig.properties.php	2007-05-18 08:25:41 UTC (rev 5418)
@@ -126,5 +126,6 @@
 $Inserts['hard_show_comments_max']                          = "INSERT INTO {dbprefix}config (config_key, config_value, value_type) VALUES ('hard_show_comments_max','50',1);";
 $Inserts['upload_allowed_files']                            = "INSERT INTO {dbprefix}config (config_key, config_value, value_type) VALUES ('upload_allowed_files','', 3);";
 $Inserts['template_load_order']                             = "INSERT INTO {dbprefix}config (config_key, config_value, value_type) VALUES ('template_load_order','2', 1);"; 
-$Inserts['summary_service_name']                             = "INSERT INTO {dbprefix}config (config_key, config_value, value_type) VALUES ('summary_service_name','Your Service Name', 3);"; 
+$Inserts['summary_service_name']                            = "INSERT INTO {dbprefix}config (config_key, config_value, value_type) VALUES ('summary_service_name','Your Service Name', 3);"; 
+$Inserts['allow_javascript_blocks_in_posts']                = "INSERT INTO {dbprefix}config (config_key, config_value, value_type) VALUES ('allow_javascript_blocks_in_posts','0', 1);"; 
 ?>
\ No newline at end of file

Modified: plog/branches/lifetype-1.2/locale/admin/locale_ca_ES.php
===================================================================
--- plog/branches/lifetype-1.2/locale/admin/locale_ca_ES.php	2007-05-18 07:58:26 UTC (rev 5417)
+++ plog/branches/lifetype-1.2/locale/admin/locale_ca_ES.php	2007-05-18 08:25:41 UTC (rev 5418)
@@ -1189,4 +1189,7 @@
 /// new strings in LT 1.2.2 ///
 $messages['posted_by_help'] = 'Esculli autor';
 $messages['insert_player'] = 'Afegir reproductor';
+
+/// new strings in LT 1.2.3 ///
+$messages['help_allow_javascript_blocks_in_posts'] = 'Permet l\'us de codi Javascript en els articles mitjançant blocs <script> [ Valor per defecte = No ]';
 ?>
\ No newline at end of file

Modified: plog/branches/lifetype-1.2/locale/admin/locale_de_DE.php
===================================================================
--- plog/branches/lifetype-1.2/locale/admin/locale_de_DE.php	2007-05-18 07:58:26 UTC (rev 5417)
+++ plog/branches/lifetype-1.2/locale/admin/locale_de_DE.php	2007-05-18 08:25:41 UTC (rev 5418)
@@ -1176,4 +1176,7 @@
 /// new strings in LT 1.2.2 ///
 $messages['posted_by_help'] = 'Wählen Sie den Autor';
 $messages['insert_player'] = 'MP3-Player einfügen';
-?>
+
+/// new strings in LT 1.2.3 ///
+$messages['help_allow_javascript_blocks_in_posts'] = 'Allow blocks of Javascript code in posts via <script> tags. Please be aware that it may pose a security risk to your blog(s) [ Default = No ]';
+?>
\ No newline at end of file

Modified: plog/branches/lifetype-1.2/locale/admin/locale_en_UK.php
===================================================================
--- plog/branches/lifetype-1.2/locale/admin/locale_en_UK.php	2007-05-18 07:58:26 UTC (rev 5417)
+++ plog/branches/lifetype-1.2/locale/admin/locale_en_UK.php	2007-05-18 08:25:41 UTC (rev 5418)
@@ -1171,4 +1171,7 @@
 /// new strings in LT 1.2.2 ///
 $messages['posted_by_help'] = 'Select article owner';
 $messages['insert_player'] = 'Insert Player';
+
+/// new strings in LT 1.2.3 ///
+$messages['help_allow_javascript_blocks_in_posts'] = 'Allow blocks of Javascript code in posts via <script> tags. Please be aware that it may pose a security risk to your blog(s) [ Default = No ]';
 ?>
\ No newline at end of file

Modified: plog/branches/lifetype-1.2/locale/admin/locale_es_ES.php
===================================================================
--- plog/branches/lifetype-1.2/locale/admin/locale_es_ES.php	2007-05-18 07:58:26 UTC (rev 5417)
+++ plog/branches/lifetype-1.2/locale/admin/locale_es_ES.php	2007-05-18 08:25:41 UTC (rev 5418)
@@ -1183,4 +1183,7 @@
 /// new strings in LT 1.2.2 ///
 $messages['posted_by_help'] = 'Elija autor';
 $messages['insert_player'] = 'Añadir Reproductor';
-?>
+
+/// new strings in LT 1.2.3 ///
+$messages['help_allow_javascript_blocks_in_posts'] = 'Permite el uso de código Javascript en los artículos mediante bloques <script> [ Valor por defecto = No ]';
+?>
\ No newline at end of file

Modified: plog/branches/lifetype-1.2/locale/admin/locale_fr_FR.php
===================================================================
--- plog/branches/lifetype-1.2/locale/admin/locale_fr_FR.php	2007-05-18 07:58:26 UTC (rev 5417)
+++ plog/branches/lifetype-1.2/locale/admin/locale_fr_FR.php	2007-05-18 08:25:41 UTC (rev 5418)
@@ -1352,4 +1352,7 @@
 /// new strings in LT 1.2.2 ///
 $messages['posted_by_help'] = 'Select article owner';
 $messages['insert_player'] = 'Insert Player';
+
+/// new strings in LT 1.2.3 ///
+$messages['help_allow_javascript_blocks_in_posts'] = 'Allow blocks of Javascript code in posts via <script> tags. Please be aware that it may pose a security risk to your blog(s) [ Default = No ]';
 ?>
\ No newline at end of file

Modified: plog/branches/lifetype-1.2/locale/admin/locale_gl_ES.php
===================================================================
--- plog/branches/lifetype-1.2/locale/admin/locale_gl_ES.php	2007-05-18 07:58:26 UTC (rev 5417)
+++ plog/branches/lifetype-1.2/locale/admin/locale_gl_ES.php	2007-05-18 08:25:41 UTC (rev 5418)
@@ -1189,7 +1189,11 @@
 $messages['full_blog_permission'] = 'Permite ó usuaio acceder ó blog como se fóra o propietario';
 
 $messages['error_template_exist'] = 'Houbo un erro engadindo a nova plantilla, xa hai unha plantilla chamada "%s".';
+
 //LT 1.2.2
 $messages['posted_by_help'] = 'Escolla autor'; 
 $messages['insert_player'] = 'Engadir Reproductor';
+
+/// new strings in LT 1.2.3 ///
+$messages['help_allow_javascript_blocks_in_posts'] = 'Allow blocks of Javascript code in posts via <script> tags. Please be aware that it may pose a security risk to your blog(s) [ Default = No ]';
 ?>
\ No newline at end of file

Modified: plog/branches/lifetype-1.2/locale/admin/locale_it_IT.php
===================================================================
--- plog/branches/lifetype-1.2/locale/admin/locale_it_IT.php	2007-05-18 07:58:26 UTC (rev 5417)
+++ plog/branches/lifetype-1.2/locale/admin/locale_it_IT.php	2007-05-18 08:25:41 UTC (rev 5418)
@@ -1171,4 +1171,7 @@
 /// new strings in LT 1.2.2 ///
 $messages['posted_by_help'] = 'Seleziona il proprietario dell\'articolo';
 $messages['insert_player'] = 'Inserisci il Player';
+
+/// new strings in LT 1.2.3 ///
+$messages['help_allow_javascript_blocks_in_posts'] = 'Allow blocks of Javascript code in posts via <script> tags. Please be aware that it may pose a security risk to your blog(s) [ Default = No ]';
 ?>
\ No newline at end of file

Modified: plog/branches/lifetype-1.2/locale/admin/locale_nl_NL.php
===================================================================
--- plog/branches/lifetype-1.2/locale/admin/locale_nl_NL.php	2007-05-18 07:58:26 UTC (rev 5417)
+++ plog/branches/lifetype-1.2/locale/admin/locale_nl_NL.php	2007-05-18 08:25:41 UTC (rev 5418)
@@ -1250,4 +1250,7 @@
 /// new strings in LT 1.2.2 ///
 $messages['posted_by_help'] = 'Selecteer het artikel van de eigenaar';
 $messages['insert_player'] = 'Voeg Speler Toe';
+
+/// new strings in LT 1.2.3 ///
+$messages['help_allow_javascript_blocks_in_posts'] = 'Allow blocks of Javascript code in posts via <script> tags. Please be aware that it may pose a security risk to your blog(s) [ Default = No ]';
 ?>
\ No newline at end of file

Modified: plog/branches/lifetype-1.2/locale/admin/locale_zh_CN.php
===================================================================
--- plog/branches/lifetype-1.2/locale/admin/locale_zh_CN.php	2007-05-18 07:58:26 UTC (rev 5417)
+++ plog/branches/lifetype-1.2/locale/admin/locale_zh_CN.php	2007-05-18 08:25:41 UTC (rev 5418)
@@ -1172,4 +1172,7 @@
 /// new strings in LT 1.2.2 ///
 $messages['posted_by_help'] = '选择文章作者';
 $messages['insert_player'] = '插入播放器';
+
+/// new strings in LT 1.2.3 ///
+$messages['help_allow_javascript_blocks_in_posts'] = 'Allow blocks of Javascript code in posts via <script> tags. Please be aware that it may pose a security risk to your blog(s) [ Default = No ]';
 ?>
\ No newline at end of file

Modified: plog/branches/lifetype-1.2/locale/admin/locale_zh_TW.php
===================================================================
--- plog/branches/lifetype-1.2/locale/admin/locale_zh_TW.php	2007-05-18 07:58:26 UTC (rev 5417)
+++ plog/branches/lifetype-1.2/locale/admin/locale_zh_TW.php	2007-05-18 08:25:41 UTC (rev 5418)
@@ -1172,4 +1172,7 @@
 /// new strings in LT 1.2.2 ///
 $messages['posted_by_help'] = '選擇文章作者';
 $messages['insert_player'] = '插入播放器';
+
+/// new strings in LT 1.2.3 ///
+$messages['help_allow_javascript_blocks_in_posts'] = 'Allow blocks of Javascript code in posts via <script> tags. Please be aware that it may pose a security risk to your blog(s) [ Default = No ]';
 ?>
\ No newline at end of file

Modified: plog/branches/lifetype-1.2/templates/admin/globalsettings_security.template
===================================================================
--- plog/branches/lifetype-1.2/templates/admin/globalsettings_security.template	2007-05-18 07:58:26 UTC (rev 5417)
+++ plog/branches/lifetype-1.2/templates/admin/globalsettings_security.template	2007-05-18 08:25:41 UTC (rev 5418)
@@ -12,4 +12,11 @@
     <div class="formHelp">{$locale->tr("help_maximum_comment_size")}</div>	
     <input style="width:100%" type="text" id="config[maximum_comment_size]" name="config[maximum_comment_size]" value="{$maximum_comment_size}"/>
    </div>
+   <!-- allow javascript blocks in posts -->
+   <div class="field">
+    <label for="config[allow_javascript_blocks_in_posts]">allow_javascript_blocks_in_posts</label>
+    <div class="formHelp">{$locale->tr("help_allow_javascript_blocks_in_posts")}</div>	
+    <input class="radio" type="radio" id="config[allow_javascript_blocks_in_posts]" name="config[allow_javascript_blocks_in_posts]" value="1" {if $allow_javascript_blocks_in_posts == 1 } checked="checked" {/if} />{$locale->tr("yes")}
+    <input class="radio" type="radio" id="config[allow_javascript_blocks_in_posts]" name="config[allow_javascript_blocks_in_posts]" value="0" {if $allow_javascript_blocks_in_posts == 0 } checked="checked" {/if} />{$locale->tr("no")}
+   </div>
 </div>
\ No newline at end of file

More information about the pLog-svn mailing list