deac/instiki
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Gentler

Browse source 
Be a little gentler in recovering from Instiki::ValidationErrors, when saving a page.
Previously, we threw away all the user's changes upon the redirect. Now we attempt
to salvage what he wrote.
This commit is contained in:
Jacques Distler 2008-12-17 00:07:21 -06:00
parent a769ef7a84
commit a503e2b8ac
10 changed files with 23 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
app/controllers/wiki_controller.rb
View file

@ -242,7 +242,14 @@ class WikiController < ApplicationController
begin begin
the_content = params['content'] the_content = params['content']
filter_spam(the_content) filter_spam(the_content)
raise Instiki::ValidationError.new('Your content was not valid utf-8.') unless the_content.is_utf8? unless the_content.is_utf8?
if @page
the_content = @page.content
else
the_content = ''
end
raise Instiki::ValidationError.new('Your content was not valid utf-8.')
end
if @page if @page
wiki.revise_page(@web_name, @page_name, the_content, Time.now, wiki.revise_page(@web_name, @page_name, the_content, Time.now,
Author.new(author_name, remote_ip), PageRenderer.new) Author.new(author_name, remote_ip), PageRenderer.new)
@ -257,9 +264,9 @@ class WikiController < ApplicationController
logger.error e logger.error e
if @page if @page
@page.unlock @page.unlock
redirect_to :action => 'edit', :web => @web_name, :id => @page_name redirect_to :action => 'edit', :web => @web_name, :id => @page_name, :content => the_content
else else
redirect_to :action => 'new', :web => @web_name, :id => @page_name redirect_to :action => 'new', :web => @web_name, :id => @page_name, :content => the_content
end end
end end
end end

2
app/views/wiki/authors.rhtml
View file

@ -3,7 +3,7 @@
<ul id="authorList"> <ul id="authorList">
<%- for author in @authors -%> <%- for author in @authors -%>
<li> <li>
<%= link_to_page author.delete("\x01-\x08\x0B\x0C\x0E-\x1F") %> <%= link_to_page author.purify %>
co- or authored: co- or authored:
<%= @page_names_by_author[author].collect { |page_name| link_to_page(page_name) }.sort.join ', ' %> <%= @page_names_by_author[author].collect { |page_name| link_to_page(page_name) }.sort.join ', ' %>
</li> </li>

4
app/views/wiki/edit.rhtml
View file

@ -13,10 +13,10 @@
{ 'id' => 'editForm', 'method' => 'post', 'onsubmit' => 'cleanAuthorName()', { 'id' => 'editForm', 'method' => 'post', 'onsubmit' => 'cleanAuthorName()',
'accept-charset' => 'utf-8' }) do %> 'accept-charset' => 'utf-8' }) do %>
<div> <div>
<textarea name="content" id="content" rows="24" cols="60"><%= h(flash[:content] || @page.content.delete("\x01-\x08\x0B\x0C\x0E-\x1F")) %></textarea> <textarea name="content" id="content" rows="24" cols="60"><%= h(flash[:content] || (params['content'] || @page.content).purify) %></textarea>
<div id="editFormButtons"> <div id="editFormButtons">
<input type="submit" value="Submit" accesskey="s"/> as <input type="submit" value="Submit" accesskey="s"/> as
<%= text_field_tag :author, h(@author.delete("\x01-\x08\x0B\x0C\x0E-\x1F")), <%= text_field_tag :author, h(@author.purify),
:onfocus => "this.value == 'AnonymousCoward' ? this.value = '' : true;", :onfocus => "this.value == 'AnonymousCoward' ? this.value = '' : true;",
:onblur => "this.value == '' ? this.value = 'AnonymousCoward' : true" %> :onblur => "this.value == '' ? this.value = 'AnonymousCoward' : true" %>
| |

2
app/views/wiki/locked.rhtml
View file

@ -1,7 +1,7 @@
<%- @title = "#{@page.plain_name} is locked" -%> <%- @title = "#{@page.plain_name} is locked" -%>
<p> <p>
<%= link_to_page(h(@page.locked_by.delete("\x01-\x08\x0B\x0C\x0E-\x1F"))) %> <%= link_to_page(h(@page.locked_by.purify)) %>
<%- if @page.lock_duration(Time.now) == 0 -%> <%- if @page.lock_duration(Time.now) == 0 -%>
just started editing this page. just started editing this page.
<%- else -%> <%- else -%>

2
app/views/wiki/new.rhtml
View file

@ -13,7 +13,7 @@
<% form_tag({ :action => 'save', :web => @web.address, :id => @page_name }, <% form_tag({ :action => 'save', :web => @web.address, :id => @page_name },
{ 'id' => 'editForm', 'method' => 'post', 'onsubmit' => 'cleanAuthorName();', 'accept-charset' => 'utf-8' }) do %> { 'id' => 'editForm', 'method' => 'post', 'onsubmit' => 'cleanAuthorName();', 'accept-charset' => 'utf-8' }) do %>
<textarea name="content" id="content" rows="24" cols="60"><%= h(flash[:content] || '') %></textarea> <textarea name="content" id="content" rows="24" cols="60"><%= h(flash[:content] || (params['content'] || '').purify ) %></textarea>
<div id="editFormButtons"> <div id="editFormButtons">
<input type="submit" value="Submit" accesskey="s"/> as <input type="submit" value="Submit" accesskey="s"/> as
<%= text_field_tag :author, @author, <%= text_field_tag :author, @author,

2
app/views/wiki/page.rhtml
View file

@ -18,7 +18,7 @@
<div class="byline"> <div class="byline">
<%= @page.revisions? ? "Revised" : "Created" %> on <%= format_date(@page.revised_at) %> <%= @page.revisions? ? "Revised" : "Created" %> on <%= format_date(@page.revised_at) %>
by <%= author_link(@page).delete("\x01-\x08\x0B\x0C\x0E-\x1F") %> by <%= author_link(@page).purify %>
<%= "(#{@page.author.ip})" if @page.author.respond_to?(:ip) %> <%= "(#{@page.author.ip})" if @page.author.respond_to?(:ip) %>
<% if @web.count_pages? %> <% if @web.count_pages? %>
<% total_chars = @page.content.length %> <% total_chars = @page.content.length %>

2
app/views/wiki/revision.rhtml
View file

@ -17,7 +17,7 @@
<div class="byline"> <div class="byline">
<%= "Revision from #{format_date(@revision.revised_at)} by" %> <%= "Revision from #{format_date(@revision.revised_at)} by" %>
<%= link_to_page @revision.author.delete("\x01-\x08\x0B\x0C\x0E-\x1F") %> <%= link_to_page @revision.author.purify %>
</div> </div>
<div class="navigation navfoot"> <div class="navigation navfoot">

4
app/views/wiki/rollback.rhtml
View file

@ -15,10 +15,10 @@
{ :id => 'editForm', :method => 'post', :onsubmit => 'cleanAuthorName();', { :id => 'editForm', :method => 'post', :onsubmit => 'cleanAuthorName();',
'accept-charset' => 'utf-8' }) do %> 'accept-charset' => 'utf-8' }) do %>
<div> <div>
<textarea name="content" id="content" rows="24" cols="60"><%= h(@revision.content.delete("\x01-\x08\x0B\x0C\x0E-\x1F")) %></textarea> <textarea name="content" id="content" rows="24" cols="60"><%= h(@revision.content.purify) %></textarea>
<div id="editFormButtons"> <div id="editFormButtons">
<input type="submit" value="Update" accesskey="u" /> as <input type="submit" value="Update" accesskey="u" /> as
<input type="text" name="author" id="authorName" value="<%= h(@author.delete("\x01-\x08\x0B\x0C\x0E-\x1F")) %>" <input type="text" name="author" id="authorName" value="<%= h(@author.purify) %>"
onclick="this.value == 'AnonymousCoward' ? this.value = '' : true" /> onclick="this.value == 'AnonymousCoward' ? this.value = '' : true" />
| |
<span> <span>

2
app/views/wiki/web_list.rhtml
View file

@ -19,7 +19,7 @@
- Last Update: <%= web.last_page.nil? ? format_date(web.created_at) : format_date(web.last_page.revised_at) %><br/> - Last Update: <%= web.last_page.nil? ? format_date(web.created_at) : format_date(web.last_page.revised_at) %><br/>
<%- if ! web.last_page.nil? -%> <%- if ! web.last_page.nil? -%>
Last Document: <%= link_to_page(web.last_page.name,web) %> Last Document: <%= link_to_page(web.last_page.name,web) %>
<%= web.last_page.revisions? ? "Revised" : "Created" %> by <%= author_link(web.last_page).delete("\x01-\x08\x0B\x0C\x0E-\x1F") %> (<%= web.last_page.current_revision.ip %>) <%= web.last_page.revisions? ? "Revised" : "Created" %> by <%= author_link(web.last_page).purify %> (<%= web.last_page.current_revision.ip %>)
<%- end -%> <%- end -%>
</div> </div>
</div> </div>

3
lib/stringsupport.rb
View file

@ -37,6 +37,9 @@ class String
end end
#++ #++
def purify
delete("\x01-\x08\x0B\x0C\x0E-\x1F", "\ufffe\uffff")
end
#:stopdoc: #:stopdoc:
MATHML_ENTITIES = { MATHML_ENTITIES = {
'Alpha' => '&#x0391;', 'Alpha' => '&#x0391;',