From: john Date: Sun, 30 Sep 2001 16:54:36 +0000 (+0000) Subject: added calls to StringUtil.removeHTMLTags for comments and postings. approveHTMLTags... X-Git-Tag: prexmlproducerconfig~386 X-Git-Url: http://erislabs.org.uk/gitweb/?a=commitdiff_plain;h=e207c139bb003d10b6ade084cfd1e9a652e1ad8b;p=mir.git added calls to StringUtil.removeHTMLTags for comments and postings. approveHTMLTags is in place, but commented out until problems are fixed --- diff --git a/source/mircoders/servlet/ServletModuleOpenIndy.java b/source/mircoders/servlet/ServletModuleOpenIndy.java index abb7523e..176908a1 100755 --- a/source/mircoders/servlet/ServletModuleOpenIndy.java +++ b/source/mircoders/servlet/ServletModuleOpenIndy.java @@ -97,7 +97,16 @@ public class ServletModuleOpenIndy extends ServletModule { // ok, collecting data from form try { - HashMap withValues = getIntersectingValues(req, DatabaseComment.getInstance()); + HashMap withValues = getIntersectingValues(req, DatabaseComment.getInstance()); + + //no html in comments(for now) + for (Iterator i=withValues.keySet().iterator(); i.hasNext(); ){ + String k=(String)i.next(); + String v=(String)withValues.get(k); + + withValues.put(k,StringUtil.removeHTMLTags(v)); + } + withValues.put("is_published","1"); // Dupe detection @@ -178,6 +187,24 @@ public class ServletModuleOpenIndy extends ServletModule WebdbMultipartRequest mp = new WebdbMultipartRequest(req); HashMap withValues = mp.getParameters(); + + // call the routines that escape html + + for (Iterator i=withValues.keySet().iterator(); i.hasNext(); ){ + String k=(String)i.next(); + String v=(String)withValues.get(k); + + if (k.equals("content_data")){ + //this doesn't quite work yet, so for now, all html goes + // withValues.put(k,StringUtil.approveHTMLTags(v)); + withValues.put(k,StringUtil.removeHTMLTags(v)); + } + else{ + withValues.put(k,StringUtil.removeHTMLTags(v)); + } + + } + withValues.put("date", StringUtil.date2webdbDate(new GregorianCalendar())); withValues.put("publish_path", StringUtil.webdbDate2path((String)withValues.get("date"))); withValues.put("is_produced", "0");