zydronium/screwturn-4
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed #368 and #373: URL-encode/decode now done properly. Also fixed issues with single quotes in names/titles.

Browse source
This commit is contained in:
Dario Solera 2009-10-11 10:02:25 +00:00
parent c94d37d7c7
commit 980272f553
4 changed files with 57 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

4
AssemblyVersion.cs
View file

@ -16,5 +16,5 @@ using System.Reflection;
//
// You can specify all the values or you can default the Revision and Build Numbers
// by using the '*' as shown below:
[assembly: AssemblyVersion("3.0.0.343")]
[assembly: AssemblyFileVersion("3.0.0.343")]
[assembly: AssemblyVersion("3.0.0.344")]
[assembly: AssemblyFileVersion("3.0.0.344")]

50
Core/ReverseFormatter.cs
View file

@ -232,7 +232,7 @@ namespace ScrewTurn.Wiki {
buffer.Remove(match.Index, match.Length);
string insertion = "[";
if(match.Groups[2].Value == @"target=""_blank"" ") insertion += "^";
string decoded = Tools.UrlDecode(match.Groups[3].Value);
string decoded = UrlDecode(match.Groups[3].Value);
insertion += decoded;
if(match.Groups[6].Value != decoded) insertion += "|" + match.Groups[6].Value;
insertion += "]";
@ -248,7 +248,7 @@ namespace ScrewTurn.Wiki {
if(match.Groups[3].Value == " target=_blank") insertion += "^";
string page = match.Groups[2].Value.Substring(match.Groups[2].Value.LastIndexOf("/") + 1);
page = page.Substring(0, page.Length - 5); // Remove .ashx
page = Tools.UrlDecode(page);
page = UrlDecode(page);
insertion += page;
if(match.Groups[4].Value != page) insertion += "|" + match.Groups[4].Value;
insertion += "]";
@ -262,7 +262,7 @@ namespace ScrewTurn.Wiki {
buffer.Remove(match.Index, match.Length);
string insertion = "[";
if(match.Groups[2].Value == @"target=""_blank"" ") insertion += "^";
string decoded = Tools.UrlDecode(match.Groups[3].Value);
string decoded = UrlDecode(match.Groups[3].Value);
insertion += decoded;
if(match.Groups[6].Value != decoded) insertion += "|" + match.Groups[6].Value;
insertion += "]";
@ -278,7 +278,7 @@ namespace ScrewTurn.Wiki {
if(match.Groups[3].Value == " target=_blank") insertion += "^";
string page = match.Groups[2].Value.Substring(match.Groups[2].Value.LastIndexOf("/") + 1);
page = page.Substring(0, page.Length - 5); // Remove .ashx
page = Tools.UrlDecode(page);
page = UrlDecode(page);
insertion += page;
if(match.Groups[4].Value != page) insertion += "|" + match.Groups[4].Value;
insertion += "]";
@ -292,8 +292,8 @@ namespace ScrewTurn.Wiki {
buffer.Remove(match.Index, match.Length);
string insertion = "[";
if(match.Groups[2].Value == @"target=""_blank"" ") insertion += "^";
if(match.Groups[3].Value != "") insertion += "{UP:" + match.Groups[4].Value + "}" + match.Groups[6].Value;
else insertion += "{UP}" + match.Groups[6].Value;
if(match.Groups[3].Value != "") insertion += "{UP:" + match.Groups[4].Value + "}" + UrlDecode(match.Groups[6].Value);
else insertion += "{UP}" + UrlDecode(match.Groups[6].Value);
if(!match.Groups[10].Value.StartsWith("GetFile.aspx") && !match.Groups[10].Value.StartsWith("{UP")) insertion += "|" + match.Groups[10];
insertion += "]";
buffer.Insert(match.Index, insertion);
@ -308,9 +308,9 @@ namespace ScrewTurn.Wiki {
if(match.Groups[8].Value == " target=_blank") insertion += "^";
if(match.Groups[3].Value != "") insertion += "{UP:" + match.Groups[4].Value;
else insertion += "{UP";
if(match.Groups[6].Value != "") insertion += "(" + match.Groups[6].Value + ")";
if(match.Groups[6].Value != "") insertion += "(" + UrlDecode(match.Groups[6].Value) + ")";
insertion += "}";
insertion += match.Groups[7].Value;
insertion += UrlDecode(match.Groups[7].Value);
if(!match.Groups[9].Value.StartsWith("GetFile.aspx") && !match.Groups[9].Value.StartsWith("{UP")) insertion += "|" + match.Groups[9].Value;
insertion += "]";
buffer.Insert(match.Index, insertion);
@ -325,7 +325,7 @@ namespace ScrewTurn.Wiki {
if(match.Groups[2].Value == @"target=""_blank"" ") insertion += "^";
// if the provider is not present "{UP" is added without ":providername"
insertion += match.Groups[4].Value == "" ? "{UP" : "{UP:" + match.Groups[4].Value;
insertion += "(" + Tools.UrlDecode(match.Groups[6].Value) + ")}" + Tools.UrlDecode(match.Groups[8].Value);
insertion += "(" + UrlDecode(match.Groups[6].Value) + ")}" + UrlDecode(match.Groups[8].Value);
if(!match.Groups[12].Value.StartsWith("GetFile.aspx") && !match.Groups[12].Value.StartsWith("{UP")) insertion += "|" + match.Groups[12];
insertion += "]";
buffer.Insert(match.Index, insertion);
@ -370,7 +370,8 @@ namespace ScrewTurn.Wiki {
string url = match.Groups[2].Value;
if(url.StartsWith(Settings.MainUrl)) url = url.Substring(Settings.MainUrl.Length);
insertion += url;
if(match.Groups[2].Value != match.Groups[6].Value) insertion += "|" + match.Groups[6].Value;
string decoded = UrlDecode(match.Groups[6].Value);
if(match.Groups[2].Value != decoded) insertion += "|" + decoded;
insertion += "]";
buffer.Insert(match.Index, insertion);
match = InternalLinkRegex.Match(buffer.ToString(), match.Index + 1);
@ -385,7 +386,8 @@ namespace ScrewTurn.Wiki {
string url = match.Groups[2].Value;
if(url.StartsWith(Settings.MainUrl)) url = url.Substring(Settings.MainUrl.Length);
insertion += url;
if(match.Groups[4].Value != match.Groups[2].Value) insertion += "|" + match.Groups[4].Value;
string decoded = UrlDecode(match.Groups[4].Value);
if(decoded != match.Groups[2].Value) insertion += "|" + decoded;
insertion += "]";
buffer.Insert(match.Index, insertion);
match = InternalLinkRegexIE.Match(buffer.ToString(), match.Index + 1);
@ -413,7 +415,8 @@ namespace ScrewTurn.Wiki {
string insertion = "[";
if(match.Groups[1].Value == @"target=""_blank""") insertion += "^";
insertion += match.Groups[2].Value;
if(match.Groups[2].Value != match.Groups[6].Value) insertion += "|" + match.Groups[6].Value;
string decoded = UrlDecode(match.Groups[6].Value);
if(match.Groups[2].Value != decoded) insertion += "|" + decoded;
insertion += "]";
buffer.Insert(match.Index, insertion);
match = SystemLinkRegex.Match(buffer.ToString(), match.Index + 1);
@ -427,7 +430,8 @@ namespace ScrewTurn.Wiki {
if(match.Groups[3].Value == " target=_blank") insertion += "^";
string url = match.Groups[2].Value.Substring(match.Groups[2].Value.LastIndexOf("/") + 1);
insertion += url;
if(match.Groups[4].Value != url) insertion += "|" + match.Groups[4].Value;
string decoded = UrlDecode(match.Groups[4].Value);
if(decoded != url) insertion += "|" + decoded;
insertion += "]";
buffer.Insert(match.Index, insertion);
match = SystemLinkRegexIE.Match(buffer.ToString(), match.Index + 1);
@ -440,7 +444,8 @@ namespace ScrewTurn.Wiki {
string insertion = "[";
if(match.Groups[2].Value == @"target=""_blank"" ") insertion += "^";
insertion += match.Groups[3].Value;
if(match.Groups[6].Value != match.Groups[3].Value) insertion += "|" + match.Groups[6].Value;
string decoded = UrlDecode(match.Groups[6].Value);
if(decoded != match.Groups[3].Value) insertion += "|" + decoded;
insertion += "]";
buffer.Insert(match.Index, insertion);
match = EmailLinkRegex.Match(buffer.ToString(), match.Index + 1);
@ -452,7 +457,8 @@ namespace ScrewTurn.Wiki {
buffer.Remove(match.Index, match.Length);
string insertion = "[";
insertion += match.Groups[2].Value.Substring(7); // Remove mailto:
if(match.Groups[4].Value != match.Groups[2].Value.Substring(7)) insertion += "|" + match.Groups[4].Value;
string decoded = UrlDecode(match.Groups[4].Value);
if(decoded != match.Groups[2].Value.Substring(7)) insertion += "|" + decoded;
insertion += "]";
buffer.Insert(match.Index, insertion);
match = EmailLinkRegexIE.Match(buffer.ToString(), match.Index + 1);
@ -943,6 +949,7 @@ namespace ScrewTurn.Wiki {
/// <param name="rawUrl">The raw URL, as generated by the formatter.</param>
/// <returns>The prepared link URL, suitable for formatting.</returns>
private static string PrepareLink(string rawUrl) {
rawUrl = UrlDecode(rawUrl);
string mainUrl = GetCurrentRequestMainUrl().ToLowerInvariant();
if(rawUrl.ToLowerInvariant().StartsWith(mainUrl)) rawUrl = rawUrl.Substring(mainUrl.Length);
@ -977,6 +984,7 @@ namespace ScrewTurn.Wiki {
/// <param name="rawUrl">The raw URL, as generated by the formatter.</param>
/// <returns>The prepared image URL, suitable for formatting.</returns>
private static string PrepareImageUrl(string rawUrl) {
rawUrl = UrlDecode(rawUrl);
string mainUrl = GetCurrentRequestMainUrl().ToLowerInvariant();
if(rawUrl.ToLowerInvariant().StartsWith(mainUrl)) rawUrl = rawUrl.Substring(mainUrl.Length);
@ -1034,6 +1042,18 @@ namespace ScrewTurn.Wiki {
}
}
/// <summary>
/// Decodes a URL-encoded string, even if it was encoded multiple times.
/// </summary>
/// <param name="input">The input encoded string.</param>
/// <returns>The decoded string.</returns>
/// <remarks>It seems that in some cases URL encoding occurs multiple times,
/// one on the server and one on the client.</remarks>
private static string UrlDecode(string input) {
return Tools.UrlDecode(input);
//return Tools.UrlDecode(Tools.UrlDecode(input));
}
}
/// <summary>

24
WebApplication/PopupWYSIWYG.aspx
View file

@ -59,8 +59,8 @@
if (hasProvider) name = name.replace("{UP:", "GetFile.aspx?Provider=");
else name = name.replace("{UP", "GetFile.aspx?");
name = name.replace("(" + page + ")", "");
if (hasProvider) name = name.replace("}", "&Page=" + escape(page) + "&File=");
else name = name.replace("}", "Page=" + escape(page) + "&File=");
if (hasProvider) name = name.replace("}", "&Page=" + page + "&File=");
else name = name.replace("}", "Page=" + page + "&File=");
}
else {
if (hasProvider) {
@ -84,6 +84,10 @@
var title = GetValue("txtFileTitle");
if(title == "") title = GetValue("txtFilePath");
title = title.replace('\'', '&#39;');
title = title.replace('\'', '&#39;');
title = title.replace('\'', '&#39;');
title = title.replace('\'', '&#39;');
// Sample string: <a class="internallink" [target="_blank" ]href="GetFile.aspx?Provider=PROVIDER&amp;File=FILE" title="TITLE">TITLE</a>
// Sample string: <a class="internallink" [target="_blank" ]href="GetFile.aspx?Provider=PROVIDER&amp;IsPageAttachment=1&amp;Page=PAGE&amp;File=FILE" title="TITLE">TITLE</a>
@ -100,7 +104,7 @@
}
function SelectFile(prov, value) {
SetValue("txtFilePath", "{UP" + prov + "}" + escape(value));
SetValue("txtFilePath", "{UP" + prov + "}" + value);
}
function ProcessExternalLink() {
@ -109,6 +113,10 @@
var title = GetValue("txtLinkTitle");
if(title == "") title = url;
title = title.replace('\'', '');
title = title.replace('\'', '');
title = title.replace('\'', '');
title = title.replace('\'', '');
// Sample string: <a class="externallink" href="URL" title="TITLE" target="_blank">TITLE</a>
@ -132,6 +140,10 @@
var link = GetValue("txtImageLink");
if(link != "" && link.indexOf("{UP") == 0) link = ConvertWikiMarkupFileUrl(link);
var descr = GetValue("txtImageDescr");
descr = descr.replace('\'', '&#39;');
descr = descr.replace('\'', '&#39;');
descr = descr.replace('\'', '&#39;');
descr = descr.replace('\'', '&#39;');
var imageType = GetImageType();
if(imageType == "imageleft" || imageType == "imageright") {
@ -192,13 +204,13 @@
function SelectImage(prov, value, page) {
document.getElementById("PreviewImg").src = "Thumb.aspx?Provider=" + GetValue("lstProviderImages") +
"&File=" + escape(value) + "&Size=Big&Info=1&Page=" + page;
"&File=" + value + "&Size=Big&Info=1&Page=" + page;
if(IsChecked("rdoImageLink")) {
SetValue("txtImageLink", "{UP" + prov + "}" + escape(value));
SetValue("txtImageLink", "{UP" + prov + "}" + value);
ImageLinkFromBrowser = 1;
}
else {
SetValue("txtImagePath", "{UP" + prov + "}" + escape(value));
SetValue("txtImagePath", "{UP" + prov + "}" + value);
}
return false;
}

4
WebApplication/PopupWYSIWYG.aspx.cs
View file

@ -218,7 +218,7 @@ namespace ScrewTurn.Wiki {
long size = chkFilesAttachments.Checked ? provider.GetPageAttachmentDetails(currentPage, f).Size : provider.GetFileDetails(f).Size;
TreeElement item = new TreeElement(f, f.Substring(f.LastIndexOf("/") + 1) + " (" + Tools.BytesToString(size) + ")",
"javascript:return SelectFile('" +
(chkFilesAttachments.Checked ? "(" + currentPage.FullName + ")" : "") + "', '" + f.Replace("'", "\\'") + "');");
(chkFilesAttachments.Checked ? "(" + Tools.UrlEncode(currentPage.FullName) + ")" : "") + "', '" + f.Replace("'", "\\\\\\'") + "');");
result.Add(item);
}
@ -277,7 +277,7 @@ namespace ScrewTurn.Wiki {
@"&amp;Page=" + (chkImageAttachments.Checked ? Tools.UrlEncode(currentPage.FullName) : "") +
@""" alt=""" + name + @""" /><span class=""imageinfo"">" + f.Substring(f.LastIndexOf("/") + 1) + "</span>",
"javascript:return SelectImage('" +
(chkImageAttachments.Checked ? "(" + currentPage.FullName + ")" : "") + "', '" + f + "', '" +
(chkImageAttachments.Checked ? "(" + Tools.UrlEncode(currentPage.FullName) + ")" : "") + "', '" + f.Replace("'", "\\\\\\'") + "', '" +
(chkImageAttachments.Checked ? currentPage.FullName : "") + "');");
result.Add(item);
}