[pLog-svn] r6479 - plog/branches/lifetype-1.2/class/action
Jon Daley
plogworld at jon.limedaley.com
Mon Jun 2 09:05:24 EDT 2008
What validation should be performed on this string? We have to do
some validation. Only strip out html?
On Mon, 2 Jun 2008, Mark Wu wrote:
> The username in comment is not the the username in $user ...
>
> I think we should not use the usernamevalidator here.
>
> Mark
>
> ______________________________________________________________________________________________________________________________
> From: plog-svn-bounces at devel.lifetype.net [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of Paul
> Westbrook
> Sent: Monday, June 02, 2008 3:21 PM
> To: LifeType Developer List
> Subject: Re: [pLog-svn] r6479 - plog/branches/lifetype-1.2/class/action
>
> Hello,
> There is a problem with this change. Some templates use the "userName" field for the commentor's name. So if
> I enter my first and last name (with a space in between) the comment will not be committed.
>
> --Paul
>
> On Sat, May 24, 2008 at 12:19 PM, <jondaley at devel.lifetype.net> wrote:
> Author: jondaley
> Date: 2008-05-24 15:19:11 -0400 (Sat, 24 May 2008)
> New Revision: 6479
>
> Modified:
> plog/branches/lifetype-1.2/class/action/addcommentaction.class.php
> Log:
> removed old variable. use username validator for usernames. allow html in comment text. The
> xhtmlize filter will remove bad stuff for us? Need to verify
>
> Modified: plog/branches/lifetype-1.2/class/action/addcommentaction.class.php
> ===================================================================
> --- plog/branches/lifetype-1.2/class/action/addcommentaction.class.php 2008-05-24 19:18:22 UTC (rev
> 6478)
> +++ plog/branches/lifetype-1.2/class/action/addcommentaction.class.php 2008-05-24 19:19:11 UTC (rev
> 6479)
> @@ -30,7 +30,6 @@
>
> var $_articleId;
> var $_blogId;
> - var $_opId;
> var $_userName;
> var $_userEmail;
> var $_userUrl;
> @@ -70,9 +69,9 @@
> $this->_form->setFieldErrorMessage( "parentId",
> $this->_locale->tr("error_incorrect_article_id" ));
> $this->registerFieldValidator( "userEmail", new EmailValidator(), true );
> $this->_form->setFieldErrorMessage( "userEmail",
> $this->_locale->tr("error_incorrect_email_address" ));
> - $this->registerFieldValidator( "userName", new StringValidator());
> + $this->registerFieldValidator( "userName", new UsernameValidator());
> $this->_form->setFieldErrorMessage( "userName",
> $this->_locale->tr("error_comment_without_name" ));
> - $this->registerFieldValidator( "commentText", new StringValidator());
> + $this->registerFieldValidator( "commentText", new StringValidator( true ));
> $this->_form->setFieldErrorMessage( "commentText",
> $this->_locale->tr("error_comment_without_text"));
> $this->registerFieldValidator( "userUrl", new HttpUrlValidator(), true );
> $this->_form->setFieldErrorMessage( "userUrl",
> $this->_locale->tr("invalid_url" ));
> @@ -91,7 +90,6 @@
>
> $this->_articleId = $this->_request->getValue( "articleId" );
> $this->_blogId = $this->_request->getValue( "blogId" );
> - $this->_opId = $this->_request->getValue( "op" );
> $this->_parentId = $this->_request->getValue( "parentId" );
> if( $this->_parentId == null || $this->_parentId == "" )
> $this->_parentId = 0;
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>
>
>
>
--
Jon Daley
http://jon.limedaley.com/
In /dev/null,
no one can hear your stream.
More information about the pLog-svn
mailing list