diff --git a/AssemblyVersion.cs b/AssemblyVersion.cs
index 3da90aa..52d73c8 100644
--- a/AssemblyVersion.cs
+++ b/AssemblyVersion.cs
@@ -16,5 +16,5 @@ using System.Reflection;
//
// You can specify all the values or you can default the Revision and Build Numbers
// by using the '*' as shown below:
-[assembly: AssemblyVersion("3.0.0.343")]
-[assembly: AssemblyFileVersion("3.0.0.343")]
+[assembly: AssemblyVersion("3.0.0.344")]
+[assembly: AssemblyFileVersion("3.0.0.344")]
diff --git a/Core/ReverseFormatter.cs b/Core/ReverseFormatter.cs
index 23d9ce2..774396c 100644
--- a/Core/ReverseFormatter.cs
+++ b/Core/ReverseFormatter.cs
@@ -232,7 +232,7 @@ namespace ScrewTurn.Wiki {
buffer.Remove(match.Index, match.Length);
string insertion = "[";
if(match.Groups[2].Value == @"target=""_blank"" ") insertion += "^";
- string decoded = Tools.UrlDecode(match.Groups[3].Value);
+ string decoded = UrlDecode(match.Groups[3].Value);
insertion += decoded;
if(match.Groups[6].Value != decoded) insertion += "|" + match.Groups[6].Value;
insertion += "]";
@@ -248,7 +248,7 @@ namespace ScrewTurn.Wiki {
if(match.Groups[3].Value == " target=_blank") insertion += "^";
string page = match.Groups[2].Value.Substring(match.Groups[2].Value.LastIndexOf("/") + 1);
page = page.Substring(0, page.Length - 5); // Remove .ashx
- page = Tools.UrlDecode(page);
+ page = UrlDecode(page);
insertion += page;
if(match.Groups[4].Value != page) insertion += "|" + match.Groups[4].Value;
insertion += "]";
@@ -262,7 +262,7 @@ namespace ScrewTurn.Wiki {
buffer.Remove(match.Index, match.Length);
string insertion = "[";
if(match.Groups[2].Value == @"target=""_blank"" ") insertion += "^";
- string decoded = Tools.UrlDecode(match.Groups[3].Value);
+ string decoded = UrlDecode(match.Groups[3].Value);
insertion += decoded;
if(match.Groups[6].Value != decoded) insertion += "|" + match.Groups[6].Value;
insertion += "]";
@@ -278,7 +278,7 @@ namespace ScrewTurn.Wiki {
if(match.Groups[3].Value == " target=_blank") insertion += "^";
string page = match.Groups[2].Value.Substring(match.Groups[2].Value.LastIndexOf("/") + 1);
page = page.Substring(0, page.Length - 5); // Remove .ashx
- page = Tools.UrlDecode(page);
+ page = UrlDecode(page);
insertion += page;
if(match.Groups[4].Value != page) insertion += "|" + match.Groups[4].Value;
insertion += "]";
@@ -292,8 +292,8 @@ namespace ScrewTurn.Wiki {
buffer.Remove(match.Index, match.Length);
string insertion = "[";
if(match.Groups[2].Value == @"target=""_blank"" ") insertion += "^";
- if(match.Groups[3].Value != "") insertion += "{UP:" + match.Groups[4].Value + "}" + match.Groups[6].Value;
- else insertion += "{UP}" + match.Groups[6].Value;
+ if(match.Groups[3].Value != "") insertion += "{UP:" + match.Groups[4].Value + "}" + UrlDecode(match.Groups[6].Value);
+ else insertion += "{UP}" + UrlDecode(match.Groups[6].Value);
if(!match.Groups[10].Value.StartsWith("GetFile.aspx") && !match.Groups[10].Value.StartsWith("{UP")) insertion += "|" + match.Groups[10];
insertion += "]";
buffer.Insert(match.Index, insertion);
@@ -308,9 +308,9 @@ namespace ScrewTurn.Wiki {
if(match.Groups[8].Value == " target=_blank") insertion += "^";
if(match.Groups[3].Value != "") insertion += "{UP:" + match.Groups[4].Value;
else insertion += "{UP";
- if(match.Groups[6].Value != "") insertion += "(" + match.Groups[6].Value + ")";
+ if(match.Groups[6].Value != "") insertion += "(" + UrlDecode(match.Groups[6].Value) + ")";
insertion += "}";
- insertion += match.Groups[7].Value;
+ insertion += UrlDecode(match.Groups[7].Value);
if(!match.Groups[9].Value.StartsWith("GetFile.aspx") && !match.Groups[9].Value.StartsWith("{UP")) insertion += "|" + match.Groups[9].Value;
insertion += "]";
buffer.Insert(match.Index, insertion);
@@ -325,7 +325,7 @@ namespace ScrewTurn.Wiki {
if(match.Groups[2].Value == @"target=""_blank"" ") insertion += "^";
// if the provider is not present "{UP" is added without ":providername"
insertion += match.Groups[4].Value == "" ? "{UP" : "{UP:" + match.Groups[4].Value;
- insertion += "(" + Tools.UrlDecode(match.Groups[6].Value) + ")}" + Tools.UrlDecode(match.Groups[8].Value);
+ insertion += "(" + UrlDecode(match.Groups[6].Value) + ")}" + UrlDecode(match.Groups[8].Value);
if(!match.Groups[12].Value.StartsWith("GetFile.aspx") && !match.Groups[12].Value.StartsWith("{UP")) insertion += "|" + match.Groups[12];
insertion += "]";
buffer.Insert(match.Index, insertion);
@@ -370,7 +370,8 @@ namespace ScrewTurn.Wiki {
string url = match.Groups[2].Value;
if(url.StartsWith(Settings.MainUrl)) url = url.Substring(Settings.MainUrl.Length);
insertion += url;
- if(match.Groups[2].Value != match.Groups[6].Value) insertion += "|" + match.Groups[6].Value;
+ string decoded = UrlDecode(match.Groups[6].Value);
+ if(match.Groups[2].Value != decoded) insertion += "|" + decoded;
insertion += "]";
buffer.Insert(match.Index, insertion);
match = InternalLinkRegex.Match(buffer.ToString(), match.Index + 1);
@@ -385,7 +386,8 @@ namespace ScrewTurn.Wiki {
string url = match.Groups[2].Value;
if(url.StartsWith(Settings.MainUrl)) url = url.Substring(Settings.MainUrl.Length);
insertion += url;
- if(match.Groups[4].Value != match.Groups[2].Value) insertion += "|" + match.Groups[4].Value;
+ string decoded = UrlDecode(match.Groups[4].Value);
+ if(decoded != match.Groups[2].Value) insertion += "|" + decoded;
insertion += "]";
buffer.Insert(match.Index, insertion);
match = InternalLinkRegexIE.Match(buffer.ToString(), match.Index + 1);
@@ -413,7 +415,8 @@ namespace ScrewTurn.Wiki {
string insertion = "[";
if(match.Groups[1].Value == @"target=""_blank""") insertion += "^";
insertion += match.Groups[2].Value;
- if(match.Groups[2].Value != match.Groups[6].Value) insertion += "|" + match.Groups[6].Value;
+ string decoded = UrlDecode(match.Groups[6].Value);
+ if(match.Groups[2].Value != decoded) insertion += "|" + decoded;
insertion += "]";
buffer.Insert(match.Index, insertion);
match = SystemLinkRegex.Match(buffer.ToString(), match.Index + 1);
@@ -427,7 +430,8 @@ namespace ScrewTurn.Wiki {
if(match.Groups[3].Value == " target=_blank") insertion += "^";
string url = match.Groups[2].Value.Substring(match.Groups[2].Value.LastIndexOf("/") + 1);
insertion += url;
- if(match.Groups[4].Value != url) insertion += "|" + match.Groups[4].Value;
+ string decoded = UrlDecode(match.Groups[4].Value);
+ if(decoded != url) insertion += "|" + decoded;
insertion += "]";
buffer.Insert(match.Index, insertion);
match = SystemLinkRegexIE.Match(buffer.ToString(), match.Index + 1);
@@ -440,7 +444,8 @@ namespace ScrewTurn.Wiki {
string insertion = "[";
if(match.Groups[2].Value == @"target=""_blank"" ") insertion += "^";
insertion += match.Groups[3].Value;
- if(match.Groups[6].Value != match.Groups[3].Value) insertion += "|" + match.Groups[6].Value;
+ string decoded = UrlDecode(match.Groups[6].Value);
+ if(decoded != match.Groups[3].Value) insertion += "|" + decoded;
insertion += "]";
buffer.Insert(match.Index, insertion);
match = EmailLinkRegex.Match(buffer.ToString(), match.Index + 1);
@@ -452,7 +457,8 @@ namespace ScrewTurn.Wiki {
buffer.Remove(match.Index, match.Length);
string insertion = "[";
insertion += match.Groups[2].Value.Substring(7); // Remove mailto:
- if(match.Groups[4].Value != match.Groups[2].Value.Substring(7)) insertion += "|" + match.Groups[4].Value;
+ string decoded = UrlDecode(match.Groups[4].Value);
+ if(decoded != match.Groups[2].Value.Substring(7)) insertion += "|" + decoded;
insertion += "]";
buffer.Insert(match.Index, insertion);
match = EmailLinkRegexIE.Match(buffer.ToString(), match.Index + 1);
@@ -943,6 +949,7 @@ namespace ScrewTurn.Wiki {
/// The raw URL, as generated by the formatter.
/// The prepared link URL, suitable for formatting.
private static string PrepareLink(string rawUrl) {
+ rawUrl = UrlDecode(rawUrl);
string mainUrl = GetCurrentRequestMainUrl().ToLowerInvariant();
if(rawUrl.ToLowerInvariant().StartsWith(mainUrl)) rawUrl = rawUrl.Substring(mainUrl.Length);
@@ -977,6 +984,7 @@ namespace ScrewTurn.Wiki {
/// The raw URL, as generated by the formatter.
/// The prepared image URL, suitable for formatting.
private static string PrepareImageUrl(string rawUrl) {
+ rawUrl = UrlDecode(rawUrl);
string mainUrl = GetCurrentRequestMainUrl().ToLowerInvariant();
if(rawUrl.ToLowerInvariant().StartsWith(mainUrl)) rawUrl = rawUrl.Substring(mainUrl.Length);
@@ -1034,6 +1042,18 @@ namespace ScrewTurn.Wiki {
}
}
+ ///
+ /// Decodes a URL-encoded string, even if it was encoded multiple times.
+ ///
+ /// The input encoded string.
+ /// The decoded string.
+ /// It seems that in some cases URL encoding occurs multiple times,
+ /// one on the server and one on the client.
+ private static string UrlDecode(string input) {
+ return Tools.UrlDecode(input);
+ //return Tools.UrlDecode(Tools.UrlDecode(input));
+ }
+
}
///
diff --git a/WebApplication/PopupWYSIWYG.aspx b/WebApplication/PopupWYSIWYG.aspx
index 03604c2..ec049dc 100644
--- a/WebApplication/PopupWYSIWYG.aspx
+++ b/WebApplication/PopupWYSIWYG.aspx
@@ -59,8 +59,8 @@
if (hasProvider) name = name.replace("{UP:", "GetFile.aspx?Provider=");
else name = name.replace("{UP", "GetFile.aspx?");
name = name.replace("(" + page + ")", "");
- if (hasProvider) name = name.replace("}", "&Page=" + escape(page) + "&File=");
- else name = name.replace("}", "Page=" + escape(page) + "&File=");
+ if (hasProvider) name = name.replace("}", "&Page=" + page + "&File=");
+ else name = name.replace("}", "Page=" + page + "&File=");
}
else {
if (hasProvider) {
@@ -84,6 +84,10 @@
var title = GetValue("txtFileTitle");
if(title == "") title = GetValue("txtFilePath");
+ title = title.replace('\'', ''');
+ title = title.replace('\'', ''');
+ title = title.replace('\'', ''');
+ title = title.replace('\'', ''');
// Sample string: TITLE
// Sample string: TITLE
@@ -100,7 +104,7 @@
}
function SelectFile(prov, value) {
- SetValue("txtFilePath", "{UP" + prov + "}" + escape(value));
+ SetValue("txtFilePath", "{UP" + prov + "}" + value);
}
function ProcessExternalLink() {
@@ -109,6 +113,10 @@
var title = GetValue("txtLinkTitle");
if(title == "") title = url;
+ title = title.replace('\'', '');
+ title = title.replace('\'', '');
+ title = title.replace('\'', '');
+ title = title.replace('\'', '');
// Sample string: TITLE
@@ -132,6 +140,10 @@
var link = GetValue("txtImageLink");
if(link != "" && link.indexOf("{UP") == 0) link = ConvertWikiMarkupFileUrl(link);
var descr = GetValue("txtImageDescr");
+ descr = descr.replace('\'', ''');
+ descr = descr.replace('\'', ''');
+ descr = descr.replace('\'', ''');
+ descr = descr.replace('\'', ''');
var imageType = GetImageType();
if(imageType == "imageleft" || imageType == "imageright") {
@@ -192,13 +204,13 @@
function SelectImage(prov, value, page) {
document.getElementById("PreviewImg").src = "Thumb.aspx?Provider=" + GetValue("lstProviderImages") +
- "&File=" + escape(value) + "&Size=Big&Info=1&Page=" + page;
+ "&File=" + value + "&Size=Big&Info=1&Page=" + page;
if(IsChecked("rdoImageLink")) {
- SetValue("txtImageLink", "{UP" + prov + "}" + escape(value));
+ SetValue("txtImageLink", "{UP" + prov + "}" + value);
ImageLinkFromBrowser = 1;
}
else {
- SetValue("txtImagePath", "{UP" + prov + "}" + escape(value));
+ SetValue("txtImagePath", "{UP" + prov + "}" + value);
}
return false;
}
diff --git a/WebApplication/PopupWYSIWYG.aspx.cs b/WebApplication/PopupWYSIWYG.aspx.cs
index c48911a..4b7aa4f 100644
--- a/WebApplication/PopupWYSIWYG.aspx.cs
+++ b/WebApplication/PopupWYSIWYG.aspx.cs
@@ -218,7 +218,7 @@ namespace ScrewTurn.Wiki {
long size = chkFilesAttachments.Checked ? provider.GetPageAttachmentDetails(currentPage, f).Size : provider.GetFileDetails(f).Size;
TreeElement item = new TreeElement(f, f.Substring(f.LastIndexOf("/") + 1) + " (" + Tools.BytesToString(size) + ")",
"javascript:return SelectFile('" +
- (chkFilesAttachments.Checked ? "(" + currentPage.FullName + ")" : "") + "', '" + f.Replace("'", "\\'") + "');");
+ (chkFilesAttachments.Checked ? "(" + Tools.UrlEncode(currentPage.FullName) + ")" : "") + "', '" + f.Replace("'", "\\\\\\'") + "');");
result.Add(item);
}
@@ -277,7 +277,7 @@ namespace ScrewTurn.Wiki {
@"&Page=" + (chkImageAttachments.Checked ? Tools.UrlEncode(currentPage.FullName) : "") +
@""" alt=""" + name + @""" />" + f.Substring(f.LastIndexOf("/") + 1) + "",
"javascript:return SelectImage('" +
- (chkImageAttachments.Checked ? "(" + currentPage.FullName + ")" : "") + "', '" + f + "', '" +
+ (chkImageAttachments.Checked ? "(" + Tools.UrlEncode(currentPage.FullName) + ")" : "") + "', '" + f.Replace("'", "\\\\\\'") + "', '" +
(chkImageAttachments.Checked ? currentPage.FullName : "") + "');");
result.Add(item);
}