Skip to content
Snippets Groups Projects
Commit a574a5c1 authored by Elmar Ludwig's avatar Elmar Ludwig
Browse files

disable and deprecate transformBeforeSave(), fixes #1601

Closes #1601

Merge request studip/studip!1159
parent f1b2dce1
No related branches found
No related tags found
No related merge requests found
...@@ -341,14 +341,9 @@ class Course_Forum_IndexController extends ForumController ...@@ -341,14 +341,9 @@ class Course_Forum_IndexController extends ForumController
*/ */
function preview_action() { function preview_action() {
if (Request::isXhr()) { if (Request::isXhr()) {
$this->set_content_type('text/html; charset=UTF-8'); $this->render_text(formatReady(Request::get('posting')));
$this->render_text(formatReady(transformBeforeSave(Request::get('posting'))));
} else { } else {
$this->render_text( $this->render_text(ForumEntry::getContentAsHtml(Request::get('posting')));
ForumEntry::getContentAsHtml(
transformBeforeSave(Request::get('posting'))
)
);
} }
} }
......
...@@ -948,7 +948,7 @@ class ForumEntry implements PrivacyObject ...@@ -948,7 +948,7 @@ class ForumEntry implements PrivacyObject
chdate, author, author_host, lft, rgt, depth, anonymous) chdate, author, author_host, lft, rgt, depth, anonymous)
VALUES (? ,?, ?, ?, ?, UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), ?, ?, ?, ?, ?, ?)"); VALUES (? ,?, ?, ?, ?, UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), ?, ?, ?, ?, ?, ?)");
$stmt->execute([$data['topic_id'], $data['seminar_id'], $data['user_id'], $stmt->execute([$data['topic_id'], $data['seminar_id'], $data['user_id'],
$data['name'], transformBeforeSave($data['content']), $data['author'], $data['author_host'], $data['name'], $data['content'], $data['author'], $data['author_host'],
$constraint['rgt'], $constraint['rgt'] + 1, $constraint['depth'] + 1, $data['anonymous'] ?? 0]); $constraint['rgt'], $constraint['rgt'] + 1, $constraint['depth'] + 1, $data['anonymous'] ?? 0]);
// update "latest_chdate" for easier sorting of actual threads // update "latest_chdate" for easier sorting of actual threads
...@@ -979,7 +979,7 @@ class ForumEntry implements PrivacyObject ...@@ -979,7 +979,7 @@ class ForumEntry implements PrivacyObject
$stmt = DBManager::get()->prepare("UPDATE forum_entries $stmt = DBManager::get()->prepare("UPDATE forum_entries
SET name = ?, content = ?, chdate = UNIX_TIMESTAMP(), latest_chdate = UNIX_TIMESTAMP() SET name = ?, content = ?, chdate = UNIX_TIMESTAMP(), latest_chdate = UNIX_TIMESTAMP()
WHERE topic_id = ?"); WHERE topic_id = ?");
$stmt->execute([$name, transformBeforeSave($content), $topic_id]); $stmt->execute([$name, $content, $topic_id]);
// update "latest_chdate" for easier sorting of actual threads // update "latest_chdate" for easier sorting of actual threads
$parent_id = ForumEntry::getParentTopicId($topic_id); $parent_id = ForumEntry::getParentTopicId($topic_id);
......
...@@ -24,9 +24,7 @@ abstract class AbstractEntriesCreate extends JsonApiController ...@@ -24,9 +24,7 @@ abstract class AbstractEntriesCreate extends JsonApiController
//Check whether the parent is category or entry of first or seccond depth //Check whether the parent is category or entry of first or seccond depth
$title = self::arrayGet($json, 'data.attributes.title'); $title = self::arrayGet($json, 'data.attributes.title');
$content = self::arrayGet($json, 'data.attributes.content'); $content = self::arrayGet($json, 'data.attributes.content');
if (method_exists(\Studip\Markup::class, 'purifyHtml')) { $content = \Studip\Markup::purifyHtml($content);
$content = transformBeforeSave(\Studip\Markup::purifyHtml($content));
}
$parent = $this->getParentObject($parentId); $parent = $this->getParentObject($parentId);
return $this->createEntry($title, $content, $parent, $user); return $this->createEntry($title, $content, $parent, $user);
......
...@@ -50,9 +50,7 @@ class ForumEntriesUpdate extends JsonApiController ...@@ -50,9 +50,7 @@ class ForumEntriesUpdate extends JsonApiController
$entry->name = $title; $entry->name = $title;
} }
if (!empty($content)) { if (!empty($content)) {
if (method_exists(\Studip\Markup::class, 'purifyHtml')) { $content = \Studip\Markup::purifyHtml($content);
$content = transformBeforeSave(\Studip\Markup::purifyHtml($content));
}
$entry->content = $content; $entry->content = $content;
} }
if ($entry->isDirty()) { if ($entry->isDirty()) {
......
...@@ -54,10 +54,7 @@ class WikiCreate extends JsonApiController ...@@ -54,10 +54,7 @@ class WikiCreate extends JsonApiController
{ {
$keyword = self::arrayGet($json, 'data.attributes.keyword'); $keyword = self::arrayGet($json, 'data.attributes.keyword');
$content = self::arrayGet($json, 'data.attributes.content'); $content = self::arrayGet($json, 'data.attributes.content');
$content = \Studip\Markup::purifyHtml($content);
if (method_exists(\Studip\Markup::class, 'purifyHtml')) {
$content = transformBeforeSave(\Studip\Markup::purifyHtml($content));
}
$wiki = new \WikiPage(); $wiki = new \WikiPage();
$wiki->keyword = $keyword; $wiki->keyword = $keyword;
......
...@@ -40,10 +40,7 @@ class WikiUpdate extends JsonApiController ...@@ -40,10 +40,7 @@ class WikiUpdate extends JsonApiController
protected function updateWikiFromJSON(\User $user, \WikiPage $wikiPage, $json) protected function updateWikiFromJSON(\User $user, \WikiPage $wikiPage, $json)
{ {
$content = self::arrayGet($json, 'data.attributes.content'); $content = self::arrayGet($json, 'data.attributes.content');
$content = \Studip\Markup::purifyHtml($content);
if (method_exists(\Studip\Markup::class, 'purifyHtml')) {
$content = transformBeforeSave(\Studip\Markup::purifyHtml($content));
}
if ($wikiPage->body === $content) { if ($wikiPage->body === $content) {
return $wikiPage; return $wikiPage;
......
...@@ -12,6 +12,7 @@ ...@@ -12,6 +12,7 @@
/** /**
* Format class to transform text before it is saved into the database. * Format class to transform text before it is saved into the database.
* @deprecated since Stud.IP 5.3
*/ */
class StudipTransformFormat extends TextFormat class StudipTransformFormat extends TextFormat
{ {
......
...@@ -117,21 +117,8 @@ class BlubberComment extends SimpleORMap implements PrivacyObject ...@@ -117,21 +117,8 @@ class BlubberComment extends SimpleORMap implements PrivacyObject
public function transformMentions() public function transformMentions()
{ {
BlubberThread::$mention_thread_id = $this->thread_id; $callback = [$this->thread, 'mention'];
StudipTransformFormat::addStudipMarkup( $this['content'] = preg_replace_callback('/\B@("[^\n"]+"|\S+)/', $callback, $this['content']);
'mention1',
'(?:^|\W)(@\"[^\n\"]*\")',
'',
'BlubberThread::mention'
);
StudipTransformFormat::addStudipMarkup(
'mention2',
'(?:^|\W)(@[^\s]*[\d\w_]+)',
'',
'BlubberThread::mention'
);
$this['content'] = \Studip\Markup::purifyHtml($this['content']);
$this['content'] = transformBeforeSave($this['content']);
} }
/** /**
......
...@@ -47,22 +47,18 @@ class BlubberThread extends SimpleORMap implements PrivacyObject ...@@ -47,22 +47,18 @@ class BlubberThread extends SimpleORMap implements PrivacyObject
parent::configure($config); parent::configure($config);
} }
public static $mention_thread_id = null;
protected $last_visit = null; protected $last_visit = null;
/** /**
* Pre-Markup rule. Recognizes mentions in blubber as @username or @"Firstname lastname" * Recognizes mentions in blubber as @username or @"Firstname lastname"
* and turns them into usual studip-links. The mentioned person is notified by * and turns them into usual studip-links. The mentioned person is notified by
* sending a message to him/her as a side-effect. * sending a message to him/her as a side-effect.
* @param StudipTransformFormat $markup
* @param array $matches * @param array $matches
* @return string * @return string
*/ */
public static function mention($markup, $matches) public function mention($matches)
{ {
$mention = $matches[1]; $username = stripslashes(mb_substr($matches[0], 1));
$thread = self::find(self::$mention_thread_id);
$username = stripslashes(mb_substr($mention, 1));
if ($username[0] !== '"') { if ($username[0] !== '"') {
$user = User::findByUsername($username); $user = User::findByUsername($username);
} else { } else {
...@@ -70,21 +66,21 @@ class BlubberThread extends SimpleORMap implements PrivacyObject ...@@ -70,21 +66,21 @@ class BlubberThread extends SimpleORMap implements PrivacyObject
$user = User::findOneBySQL("CONCAT(Vorname, ' ', Nachname) = ?", [$name]); $user = User::findOneBySQL("CONCAT(Vorname, ' ', Nachname) = ?", [$name]);
} }
if ($user if ($user
&& !$thread->isNew() && !$this->isNew()
&& $user->getId() && $user->getId()
&& $user->getId() !== $GLOBALS['user']->id && $user->getId() !== $GLOBALS['user']->id
) { ) {
if ($thread['context_type'] === 'private') { if ($this['context_type'] === 'private') {
$mention = new BlubberMention(); $mention = new BlubberMention();
$mention['thread_id'] = $thread->getId(); $mention['thread_id'] = $this->getId();
$mention['user_id'] = $user->getId(); $mention['user_id'] = $user->getId();
$mention->store(); $mention->store();
} elseif ($thread['context_type'] === 'public') { } elseif ($this['context_type'] === 'public') {
PersonalNotifications::add( PersonalNotifications::add(
$user->getId(), $user->getId(),
$thread->getURL(), $this->getURL(),
sprintf(_('%s hat Sie in einem Blubber erwähnt.'), get_fullname()), sprintf(_('%s hat Sie in einem Blubber erwähnt.'), get_fullname()),
'blubberthread_' . $thread->getId(), 'blubberthread_' . $this->getId(),
Icon::create('blubber'), Icon::create('blubber'),
true true
); );
...@@ -93,14 +89,10 @@ class BlubberThread extends SimpleORMap implements PrivacyObject ...@@ -93,14 +89,10 @@ class BlubberThread extends SimpleORMap implements PrivacyObject
$url = URLHelper::getLink('dispatch.php/profile', ['username' => $user->username]); $url = URLHelper::getLink('dispatch.php/profile', ['username' => $user->username]);
URLHelper::setBaseURL($oldbase); URLHelper::setBaseURL($oldbase);
return str_replace( return '[' . $user->getFullName() . ']' . $url . ' ';
$matches[1],
'[' . $user->getFullName() . ']' . $url . ' ',
$matches[0]
);
} }
return $markup->quote($matches[0]); return $matches[0];
} }
public static function findBySQL($sql, $params = []) public static function findBySQL($sql, $params = [])
......
...@@ -173,14 +173,14 @@ function blubberReady($text, $trim=TRUE) { ...@@ -173,14 +173,14 @@ function blubberReady($text, $trim=TRUE) {
} }
/** /**
* Apply StudipTransformFormat rules to marked-up text. * Obsolete function for compatibility, returns text unchanged.
* *
* @param string $text Marked-up text. * @param string $text Marked-up text.
* @return string HTML code computed by applying markup-rules. * @return string Marked-up text.
* @deprecated since Stud.IP 5.3
*/ */
function transformBeforeSave($text){ function transformBeforeSave($text){
$markup = new StudipTransformFormat(); return $text;
return $markup->format($text);
} }
//////////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////////////
......
...@@ -69,8 +69,7 @@ function submitWikiPage($keyword, $version, $body, $user_id, $range_id, $ancesto ...@@ -69,8 +69,7 @@ function submitWikiPage($keyword, $version, $body, $user_id, $range_id, $ancesto
$wp = WikiPage::find([$range_id, $keyword, $version]); $wp = WikiPage::find([$range_id, $keyword, $version]);
if ($wp) { if ($wp) {
if ($wp->isEditableBy($GLOBALS['user'])) { if ($wp->isEditableBy($GLOBALS['user'])) {
// apply replace-before-save transformations $wp->body = $body;
$wp->body = transformBeforeSave($body);
if ($wp->isValidAncestor($ancestor)) { if ($wp->isValidAncestor($ancestor)) {
$wp->setAncestorForAllVersions($ancestor); $wp->setAncestorForAllVersions($ancestor);
} else { } else {
...@@ -88,8 +87,6 @@ function submitWikiPage($keyword, $version, $body, $user_id, $range_id, $ancesto ...@@ -88,8 +87,6 @@ function submitWikiPage($keyword, $version, $body, $user_id, $range_id, $ancesto
$version = $latestVersion['version'] + 1; $version = $latestVersion['version'] + 1;
} }
// apply replace-before-save transformations
$body = transformBeforeSave($body);
WikiPage::create(compact('range_id', 'user_id', 'keyword', 'body', 'ancestor', 'version')); WikiPage::create(compact('range_id', 'user_id', 'keyword', 'body', 'ancestor', 'version'));
} }
StudipTransformFormat::removeStudipMarkup('wiki-comments'); StudipTransformFormat::removeStudipMarkup('wiki-comments');
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment