Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki
This commit is contained in:
commit
072e2e1e92
|
@ -12,10 +12,9 @@ class WikiFile < ActiveRecord::Base
|
||||||
first(:conditions => ['file_name = ?', file_name])
|
first(:conditions => ['file_name = ?', file_name])
|
||||||
end
|
end
|
||||||
|
|
||||||
SANE_FILE_NAME = /^[a-zA-Z0-9\-_\. ]*$/
|
|
||||||
def validate
|
def validate
|
||||||
if file_name
|
if file_name
|
||||||
if file_name !~ SANE_FILE_NAME
|
if ! is_valid?(file_name)
|
||||||
errors.add("file_name", "is invalid. Only latin characters, digits, dots, underscores, " +
|
errors.add("file_name", "is invalid. Only latin characters, digits, dots, underscores, " +
|
||||||
"dashes and spaces are accepted")
|
"dashes and spaces are accepted")
|
||||||
elsif file_name == '.' or file_name == '..'
|
elsif file_name == '.' or file_name == '..'
|
||||||
|
@ -59,6 +58,9 @@ class WikiFile < ActiveRecord::Base
|
||||||
FileUtils.rm_f(content_path) if File.exists?(content_path)
|
FileUtils.rm_f(content_path) if File.exists?(content_path)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
SANE_FILE_NAME = /^[a-zA-Z0-9\-_\. ]*$/
|
||||||
|
def self.is_valid?(name)
|
||||||
|
name =~ SANE_FILE_NAME
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -64,6 +64,7 @@ class UrlGenerator < AbstractUrlGenerator
|
||||||
private
|
private
|
||||||
|
|
||||||
def file_link(mode, name, text, web_address, known_file, description)
|
def file_link(mode, name, text, web_address, known_file, description)
|
||||||
|
return bad_filename(name) unless WikiFile.is_valid?(name)
|
||||||
case mode
|
case mode
|
||||||
when :export
|
when :export
|
||||||
if known_file
|
if known_file
|
||||||
|
@ -116,6 +117,7 @@ class UrlGenerator < AbstractUrlGenerator
|
||||||
end
|
end
|
||||||
|
|
||||||
def pic_link(mode, name, text, web_address, known_pic)
|
def pic_link(mode, name, text, web_address, known_pic)
|
||||||
|
return bad_filename(name) unless WikiFile.is_valid?(name)
|
||||||
href = @controller.url_for :controller => 'file', :web => web_address, :action => 'file',
|
href = @controller.url_for :controller => 'file', :web => web_address, :action => 'file',
|
||||||
:id => name, :only_path => true
|
:id => name, :only_path => true
|
||||||
case mode
|
case mode
|
||||||
|
@ -141,6 +143,7 @@ class UrlGenerator < AbstractUrlGenerator
|
||||||
end
|
end
|
||||||
|
|
||||||
def media_link(mode, name, text, web_address, known_media, media_type)
|
def media_link(mode, name, text, web_address, known_media, media_type)
|
||||||
|
return bad_filename(name) unless WikiFile.is_valid?(name)
|
||||||
href = @controller.url_for :controller => 'file', :web => web_address, :action => 'file',
|
href = @controller.url_for :controller => 'file', :web => web_address, :action => 'file',
|
||||||
:id => name, :only_path => true
|
:id => name, :only_path => true
|
||||||
case mode
|
case mode
|
||||||
|
@ -177,6 +180,10 @@ class UrlGenerator < AbstractUrlGenerator
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
|
def bad_filename(name)
|
||||||
|
"<span class='badWikiWord'>[[invalid filename: #{name}]]</span>"
|
||||||
|
end
|
||||||
|
|
||||||
def wikilink_for(mode, name, text, web_address)
|
def wikilink_for(mode, name, text, web_address)
|
||||||
web = Web.find_by_address(web_address)
|
web = Web.find_by_address(web_address)
|
||||||
action = web.published? && (web != @web || [:publish, :s5].include?(mode) ) ? 'published' : 'show'
|
action = web.published? && (web != @web || [:publish, :s5].include?(mode) ) ? 'published' : 'show'
|
||||||
|
|
|
@ -100,6 +100,12 @@ border: 3px solid blue;
|
||||||
padding: 2px;
|
padding: 2px;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.badWikiWord {
|
||||||
|
background-color:#FCC;
|
||||||
|
border: 1px solid blue;
|
||||||
|
padding: 1px;
|
||||||
|
}
|
||||||
|
|
||||||
.deleteWikiWord:hover, .deleteWikiWord a:hover {
|
.deleteWikiWord:hover, .deleteWikiWord a:hover {
|
||||||
background-color:#F88;
|
background-color:#F88;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue