mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-09-30 05:09:06 +02:00
Merged revisions 48164 via svnmerge from
svn://svn.silverstripe.com/silverstripe/modules/sapphire/branches/2.2.0-mesq ........ r48164 | ischommer | 2008-01-17 17:05:49 +1300 (Thu, 17 Jan 2008) | 2 lines Deprecated use of DBField 'Text' for saving HTML-Content (added check in HTMLEditorField->saveInto()) Added ViewableData->escapeFlagForField() to determine if the record-field needs escaping (currently only 'xml' supported) ........ git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@48162 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
parent
f7b484658f
commit
0b5ab1fc7b
@ -270,6 +270,19 @@ class ViewableData extends Object implements Iterator {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the string-format type for the given field.
|
||||||
|
*
|
||||||
|
* @param string $fieldName
|
||||||
|
* @return string 'xml'|'raw'
|
||||||
|
*/
|
||||||
|
function escapeFlagForField($fieldName) {
|
||||||
|
$helperPair = $this->castingHelperPair($fieldName);
|
||||||
|
$castedClass = $helperPair['className'];
|
||||||
|
if(!$castedClass || $castedClass == 'HTMLText' || $castedClass == 'HTMLVarchar') return "xml";
|
||||||
|
else return "raw";
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the object version of the given field/method.
|
* Return the object version of the given field/method.
|
||||||
* @param string $fieldName The name of the field/method.
|
* @param string $fieldName The name of the field/method.
|
||||||
@ -403,18 +416,8 @@ class ViewableData extends Object implements Iterator {
|
|||||||
Profiler::mark('casting cost');
|
Profiler::mark('casting cost');
|
||||||
}
|
}
|
||||||
|
|
||||||
$helperPair = $this->castingHelperPair($fieldName);
|
// Case 2: Check if the value is raw and must be made XML-safe
|
||||||
$castedClass = $helperPair['className'];
|
if($this->escapeFlagForField($fieldName) != 'xml') $val = Convert::raw2xml($val);
|
||||||
|
|
||||||
// Note: these probably shouldn't be hard-coded. But right now it's not a problem, and I don't
|
|
||||||
// want to over-engineer
|
|
||||||
if(!$castedClass || $castedClass == 'HTMLText' || $castedClass == 'HTMLVarchar' || $castedClass == 'Text') {
|
|
||||||
// Case 2: the value is already XML-safe, just return it
|
|
||||||
|
|
||||||
} else {
|
|
||||||
// Case 3: the value is raw and must be made XML-safe
|
|
||||||
$val = Convert::raw2xml($val);
|
|
||||||
}
|
|
||||||
|
|
||||||
if(isset($_GET['debug_profile'])) {
|
if(isset($_GET['debug_profile'])) {
|
||||||
Profiler::unmark('casting cost');
|
Profiler::unmark('casting cost');
|
||||||
|
@ -90,6 +90,15 @@ class HtmlEditorField extends TextareaField {
|
|||||||
}
|
}
|
||||||
|
|
||||||
function saveInto($record) {
|
function saveInto($record) {
|
||||||
|
if(!$record->escapeFlagForField($this->name) != 'xml') {
|
||||||
|
user_error("HTMLEditorField should save into an HTMLText or HTMLVarchar field.
|
||||||
|
If you don't, your template won't display properly.
|
||||||
|
This changed in version 2.2.2, so please update
|
||||||
|
your database field '$this->name'",
|
||||||
|
E_USER_WARNING
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
$content = $this->value;
|
$content = $this->value;
|
||||||
|
|
||||||
$content = preg_replace('/mce_real_src="[^"]+"/i', "", $content);
|
$content = preg_replace('/mce_real_src="[^"]+"/i', "", $content);
|
||||||
|
Loading…
Reference in New Issue
Block a user