use of net.jforum.util.SafeHtml in project jforum2 by rafaelsteil.
the class AjaxAction method previewPost.
public void previewPost() {
Post post = new Post();
post.setText(this.request.getParameter("text"));
post.setSubject(this.request.getParameter("subject"));
post.setHtmlEnabled("true".equals(this.request.getParameter("html")));
post.setBbCodeEnabled("true".equals(this.request.getParameter("bbcode")));
post.setSmiliesEnabled("true".equals(this.request.getParameter("smilies")));
if (post.isHtmlEnabled()) {
post.setText(new SafeHtml().makeSafe(post.getText()));
}
post = PostCommon.preparePostForDisplay(post);
post.setSubject(StringEscapeUtils.escapeJavaScript(post.getSubject()));
post.setText(StringEscapeUtils.escapeJavaScript(post.getText()));
this.setTemplateName(TemplateKeys.AJAX_PREVIEW_POST);
this.context.put("post", post);
}
use of net.jforum.util.SafeHtml in project jforum2 by rafaelsteil.
the class BookmarkAction method insertSave.
public void insertSave() {
SafeHtml safeHtml = new SafeHtml();
Bookmark b = new Bookmark();
b.setDescription(safeHtml.makeSafe(this.request.getParameter("description")));
b.setTitle(safeHtml.makeSafe(this.request.getParameter("title")));
String publicVisible = this.request.getParameter("visible");
b.setPublicVisible(publicVisible != null && publicVisible.length() > 0);
b.setRelationId(this.request.getIntParameter("relation_id"));
b.setRelationType(this.request.getIntParameter("relation_type"));
b.setUserId(SessionFacade.getUserSession().getUserId());
DataAccessDriver.getInstance().newBookmarkDAO().add(b);
this.setTemplateName(TemplateKeys.BOOKMARKS_INSERT_SAVE);
}
use of net.jforum.util.SafeHtml in project jforum2 by rafaelsteil.
the class PostCommon method fillPostFromRequest.
public static Post fillPostFromRequest(Post p, boolean isEdit) {
RequestContext request = JForumExecutionContext.getRequest();
p.setSubject(request.getParameter("subject"));
p.setBbCodeEnabled(request.getParameter("disable_bbcode") == null);
p.setSmiliesEnabled(request.getParameter("disable_smilies") == null);
p.setSignatureEnabled(request.getParameter("attach_sig") != null);
if (!isEdit) {
p.setUserIp(request.getRemoteAddr());
p.setUserId(SessionFacade.getUserSession().getUserId());
}
boolean htmlEnabled = SecurityRepository.canAccess(SecurityConstants.PERM_HTML_DISABLED, request.getParameter("forum_id"));
p.setHtmlEnabled(htmlEnabled && request.getParameter("disable_html") == null);
if (p.isHtmlEnabled()) {
p.setText(new SafeHtml().makeSafe(request.getParameter("message")));
} else {
p.setText(request.getParameter("message"));
}
return p;
}
use of net.jforum.util.SafeHtml in project jforum2 by rafaelsteil.
the class UserCommon method saveUser.
/**
* Updates the user information
*
* @param userId int The user id we are saving
* @return List
*/
public static List saveUser(int userId) {
List errors = new ArrayList();
UserDAO um = DataAccessDriver.getInstance().newUserDAO();
User u = um.selectById(userId);
RequestContext request = JForumExecutionContext.getRequest();
boolean isAdmin = SessionFacade.getUserSession().isAdmin();
if (isAdmin) {
String username = request.getParameter("username");
if (username != null) {
u.setUsername(username.trim());
}
if (request.getParameter("rank_special") != null) {
u.setRankId(request.getIntParameter("rank_special"));
}
}
SafeHtml safeHtml = new SafeHtml();
u.setId(userId);
u.setIcq(safeHtml.makeSafe(request.getParameter("icq")));
u.setAim(safeHtml.makeSafe(request.getParameter("aim")));
u.setMsnm(safeHtml.makeSafe(request.getParameter("msn")));
u.setYim(safeHtml.makeSafe(request.getParameter("yim")));
u.setFrom(safeHtml.makeSafe(request.getParameter("location")));
u.setOccupation(safeHtml.makeSafe(request.getParameter("occupation")));
u.setInterests(safeHtml.makeSafe(request.getParameter("interests")));
u.setBiography(safeHtml.makeSafe(request.getParameter("biography")));
u.setSignature(safeHtml.makeSafe(request.getParameter("signature")));
u.setViewEmailEnabled(request.getParameter("viewemail").equals("1"));
u.setViewOnlineEnabled(request.getParameter("hideonline").equals("0"));
u.setNotifyPrivateMessagesEnabled(request.getParameter("notifypm").equals("1"));
u.setNotifyOnMessagesEnabled(request.getParameter("notifyreply").equals("1"));
u.setAttachSignatureEnabled(request.getParameter("attachsig").equals("1"));
u.setHtmlEnabled(request.getParameter("allowhtml").equals("1"));
u.setLang(request.getParameter("language"));
u.setBbCodeEnabled("1".equals(request.getParameter("allowbbcode")));
u.setSmiliesEnabled("1".equals(request.getParameter("allowsmilies")));
u.setNotifyAlways("1".equals(request.getParameter("notify_always")));
u.setNotifyText("1".equals(request.getParameter("notify_text")));
String website = safeHtml.makeSafe(request.getParameter("website"));
if (!StringUtils.isEmpty(website) && !website.toLowerCase().startsWith("http://")) {
website = "http://" + website;
}
u.setWebSite(website);
String currentPassword = request.getParameter("current_password");
boolean isCurrentPasswordEmpty = currentPassword == null || "".equals(currentPassword.trim());
if (isAdmin || !isCurrentPasswordEmpty) {
if (!isCurrentPasswordEmpty) {
currentPassword = MD5.crypt(currentPassword);
}
if (isAdmin || u.getPassword().equals(currentPassword)) {
u.setEmail(safeHtml.makeSafe(request.getParameter("email")));
String newPassword = request.getParameter("new_password");
if (newPassword != null && newPassword.length() > 0) {
u.setPassword(MD5.crypt(newPassword));
}
} else {
errors.add(I18n.getMessage("User.currentPasswordInvalid"));
}
}
if (request.getParameter("avatardel") != null) {
File avatarFile = new File(u.getAvatar());
File fileToDelete = new File(SystemGlobals.getApplicationPath() + "/images/avatar/" + avatarFile.getName());
if (fileToDelete.exists()) {
fileToDelete.delete();
}
u.setAvatar(null);
}
if (request.getObjectParameter("avatar") != null) {
try {
UserCommon.handleAvatar(u);
} catch (Exception e) {
UserCommon.logger.warn("Problems while uploading the avatar: " + e);
errors.add(I18n.getMessage("User.avatarUploadError"));
}
} else if (SystemGlobals.getBoolValue(ConfigKeys.AVATAR_ALLOW_EXTERNAL_URL)) {
String avatarUrl = request.getParameter("avatarUrl");
if (!StringUtils.isEmpty(avatarUrl)) {
if (avatarUrl.toLowerCase().startsWith("http://")) {
try {
Image image = ImageIO.read(new URL(avatarUrl));
if (image != null) {
if (image.getWidth(null) > SystemGlobals.getIntValue(ConfigKeys.AVATAR_MAX_WIDTH) || image.getHeight(null) > SystemGlobals.getIntValue(ConfigKeys.AVATAR_MAX_HEIGHT)) {
errors.add(I18n.getMessage("User.avatarTooBig"));
} else {
u.setAvatar(avatarUrl);
}
}
} catch (Exception e) {
errors.add(I18n.getMessage("User.avatarUploadError"));
}
} else {
errors.add(I18n.getMessage("User.avatarUrlShouldHaveHttp"));
}
}
}
if (errors.size() == 0) {
um.update(u);
if (SessionFacade.getUserSession().getUserId() == userId) {
SessionFacade.getUserSession().setLang(u.getLang());
}
}
return errors;
}
use of net.jforum.util.SafeHtml in project jforum2 by rafaelsteil.
the class PostCommon method preparePostForDisplay.
public static Post preparePostForDisplay(Post post) {
if (post.getText() == null) {
return post;
}
StringBuffer text = new StringBuffer(post.getText());
if (!post.isHtmlEnabled()) {
ViewCommon.replaceAll(text, "<", "<");
ViewCommon.replaceAll(text, ">", ">");
}
// Do not remove the trailing blank space, as it would
// cause some regular expressions to fail
ViewCommon.replaceAll(text, "\n", "<br /> ");
SafeHtml safeHtml = new SafeHtml();
post.setText(text.toString());
post.setText(safeHtml.makeSafe(post.getText()));
processText(post);
post.setText(safeHtml.ensureAllAttributesAreSafe(post.getText()));
return post;
}
Aggregations