From 8a7a2cdd11122b6a8307a2f5317903bb5b65f0ab Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Mon, 31 May 2010 11:29:04 +0200 Subject: [PATCH 1/4] Commenting not supported tags --- main/inc/lib/formvalidator/Rule/allowed_tags.inc.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/main/inc/lib/formvalidator/Rule/allowed_tags.inc.php b/main/inc/lib/formvalidator/Rule/allowed_tags.inc.php index 732345aeac..8245b628f7 100755 --- a/main/inc/lib/formvalidator/Rule/allowed_tags.inc.php +++ b/main/inc/lib/formvalidator/Rule/allowed_tags.inc.php @@ -33,17 +33,22 @@ $attribute_anonymous=array(); // ADDRESS $allowed_tags_student['address'] = array(); // APPLET +/* $allowed_tags_student['applet'] = array(); $allowed_tags_student['applet']['codebase'] = array(); $allowed_tags_student['applet']['code'] = array(); $allowed_tags_student['applet']['name'] = array(); $allowed_tags_student['applet']['alt'] = array(); +*/ + // AREA +/* $allowed_tags_student['area'] = array(); $allowed_tags_student['area']['shape'] = array(); $allowed_tags_student['area']['coords'] = array(); $allowed_tags_student['area']['href'] = array(); $allowed_tags_student['area']['alt'] = array(); +*/ // A $allowed_tags_student['a'] = array(); $allowed_tags_student['a']['class'] = array(); From 29711e2fbc9e1468e06306a94cd453df09049902 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Mon, 31 May 2010 12:00:51 +0200 Subject: [PATCH 2/4] Minor - Fixing indentation --- .../lib/htmlpurifier/library/HTMLPurifier.php | 46 +++++++++---------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/main/inc/lib/htmlpurifier/library/HTMLPurifier.php b/main/inc/lib/htmlpurifier/library/HTMLPurifier.php index a0fb4e0741..25bdc42259 100644 --- a/main/inc/lib/htmlpurifier/library/HTMLPurifier.php +++ b/main/inc/lib/htmlpurifier/library/HTMLPurifier.php @@ -99,29 +99,29 @@ class HTMLPurifier //non initialize object htmlpurifier $this->my_user_status=COURSEMANAGERLOWSECURITY; } else { - $config = HTMLPurifier_Config::createDefault(); - $config->set('Core.Encoding',$charset); - $config->set('HTML.Doctype', 'XHTML 1.0 Transitional'); - - if ($user_status==STUDENT) { - global $tag_student,$attribute_student;//$tag_student - $config->set('HTML.SafeEmbed',true); - $config->set('HTML.SafeObject',true); - $config->set('Filter.YouTube', true); - $config->set('HTML.AllowedElements',$tag_student); - $config->set('HTML.AllowedAttributes',$attribute_student); - } elseif ($user_status==COURSEMANAGER) { - //activate in configuration setting - global $tag_teacher,$attribute_teacher; - $config->set('HTML.SafeEmbed',true); - $config->set('Filter.YouTube', true); - $config->set('HTML.AllowedElements',$tag_teacher); - $config->set('HTML.AllowedAttributes', $attribute_teacher); - } else { - global $tag_anonymous,$attribute_anonymous; - $config->set('HTML.AllowedElements', $tag_anonymous); - $config->set('HTML.AllowedAttributes',$attribute_anonymous); - } + $config = HTMLPurifier_Config::createDefault(); + $config->set('Core.Encoding',$charset); + $config->set('HTML.Doctype', 'XHTML 1.0 Transitional'); + + if ($user_status==STUDENT) { + global $tag_student,$attribute_student;//$tag_student + $config->set('HTML.SafeEmbed',true); + $config->set('HTML.SafeObject',true); + $config->set('Filter.YouTube', true); + $config->set('HTML.AllowedElements',$tag_student); + $config->set('HTML.AllowedAttributes',$attribute_student); + } elseif ($user_status==COURSEMANAGER) { + //activate in configuration setting + global $tag_teacher,$attribute_teacher; + $config->set('HTML.SafeEmbed',true); + $config->set('Filter.YouTube', true); + $config->set('HTML.AllowedElements',$tag_teacher); + $config->set('HTML.AllowedAttributes', $attribute_teacher); + } else { + global $tag_anonymous,$attribute_anonymous; + $config->set('HTML.AllowedElements', $tag_anonymous); + $config->set('HTML.AllowedAttributes',$attribute_anonymous); + } $config->set('HTML.TidyLevel', 'light'); $this->config = HTMLPurifier_Config::create($config); $this->strategy = new HTMLPurifier_Strategy_Core(); From c54e3127aa7d2620778f5e09fa41a44a9f6b65c9 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Mon, 31 May 2010 12:01:19 +0200 Subject: [PATCH 3/4] Commenting tags that are not supported by HTMPurifier to avoid warning messages --- .../formvalidator/Rule/allowed_tags.inc.php | 105 ++++++++++-------- 1 file changed, 60 insertions(+), 45 deletions(-) diff --git a/main/inc/lib/formvalidator/Rule/allowed_tags.inc.php b/main/inc/lib/formvalidator/Rule/allowed_tags.inc.php index 8245b628f7..85fc72d19d 100755 --- a/main/inc/lib/formvalidator/Rule/allowed_tags.inc.php +++ b/main/inc/lib/formvalidator/Rule/allowed_tags.inc.php @@ -2,7 +2,7 @@ /* For licensing terms, see /license.txt */ /** * This page defines all HTML-tages and their attributes that are allowed in - * Dokeos. 2 arrays are defined, one contains the allowed HTML for students and + * Chamilo. 2 arrays are defined, one contains the allowed HTML for students and * the other the allowed HTML for teachers. * * Modifying this page: @@ -69,8 +69,9 @@ $allowed_tags_student['b'] = array(); $allowed_tags_student['b']['class'] = array(); $allowed_tags_student['b']['id'] = array(); // BASE +/* $allowed_tags_student['base'] = array(); -$allowed_tags_student['base']['href'] = array(); +$allowed_tags_student['base']['href'] = array();*/ // BASEFONT $allowed_tags_student['basefont'] = array(); $allowed_tags_student['basefont']['size'] = array(); @@ -93,11 +94,12 @@ $allowed_tags_student_full_page['body']['vlink'] = array(); // BR $allowed_tags_student['br'] = array(); // BUTTON +/* $allowed_tags_student['button'] = array(); $allowed_tags_student['button']['disabled'] = array(); $allowed_tags_student['button']['name'] = array(); $allowed_tags_student['button']['type'] = array(); -$allowed_tags_student['button']['value'] = array(); +$allowed_tags_student['button']['value'] = array(); */ // CAPTION $allowed_tags_student['caption'] = array(); $allowed_tags_student['caption']['align'] = array(); @@ -106,13 +108,13 @@ $allowed_tags_student['code'] = array(); // COL $allowed_tags_student['col'] = array(); $allowed_tags_student['col']['align'] = array(); -$allowed_tags_student['col']['char'] = array(); +//$allowed_tags_student['col']['char'] = array(); $allowed_tags_student['col']['charoff'] = array(); $allowed_tags_student['col']['valign'] = array(); $allowed_tags_student['col']['width'] = array(); // DEL $allowed_tags_student['del'] = array(); -$allowed_tags_student['del']['datetime'] = array(); +//$allowed_tags_student['del']['datetime'] = array(); // DD $allowed_tags_student['dd'] = array(); // DIV @@ -132,17 +134,18 @@ $allowed_tags_student['embed'] = array(); $allowed_tags_student['embed']['height'] = array(); $allowed_tags_student['embed']['width'] = array(); $allowed_tags_student['embed']['type'] = array(); -$allowed_tags_student['embed']['quality'] = array(); +//$allowed_tags_student['embed']['quality'] = array(); $allowed_tags_student['embed']['src'] = array(); $allowed_tags_student['embed']['flashvars'] = array(); $allowed_tags_student['embed']['allowscriptaccess'] = array(); -$allowed_tags_student['embed']['allowfullscreen'] = array(); -$allowed_tags_student['embed']['bgcolor'] = array(); -$allowed_tags_student['embed']['pluginspage'] = array(); +//$allowed_tags_student['embed']['allowfullscreen'] = array(); +//$allowed_tags_student['embed']['bgcolor'] = array(); +//$allowed_tags_student['embed']['pluginspage'] = array(); // FIELDSET -$allowed_tags_student['fieldset'] = array(); +/* +$allowed_tags_student['fieldset'] = array(); */ // FONT $allowed_tags_student['font'] = array(); $allowed_tags_student['font']['color'] = array(); @@ -150,6 +153,7 @@ $allowed_tags_student['font']['face'] = array(); $allowed_tags_student['font']['size'] = array(); //$allowed_tags_student['font']['style'] = array(); //filtered out for security (see kses security report) // FORM +/* $allowed_tags_student['form'] = array(); $allowed_tags_student['form']['action'] = array(); $allowed_tags_student['form']['accept'] = array(); @@ -157,7 +161,7 @@ $allowed_tags_student['form']['accept-charset'] = array(); $allowed_tags_student['form']['enctype'] = array(); $allowed_tags_student['form']['method'] = array(); $allowed_tags_student['form']['name'] = array(); -$allowed_tags_student['form']['target'] = array(); +$allowed_tags_student['form']['target'] = array();*/ // FRAME $allowed_tags_student_full_page['frame'] = array(); $allowed_tags_student_full_page['frame']['frameborder'] = array(); @@ -219,6 +223,7 @@ $allowed_tags_student_full_page['html']['xmlns'] = array(); // I $allowed_tags_student['i'] = array(); // IFRAME +/* $allowed_tags_student['iframe'] = array(); $allowed_tags_student['iframe']['align'] = array(); $allowed_tags_student['iframe']['frameborder'] = array(); @@ -229,7 +234,7 @@ $allowed_tags_student['iframe']['marginwidth'] = array(); $allowed_tags_student['iframe']['name'] = array(); $allowed_tags_student['iframe']['scrolling'] = array(); $allowed_tags_student['iframe']['src'] = array(); -$allowed_tags_student['iframe']['width'] = array(); +$allowed_tags_student['iframe']['width'] = array();*/ // IMG $allowed_tags_student['img'] = array(); $allowed_tags_student['img']['alt'] = array(); @@ -237,13 +242,14 @@ $allowed_tags_student['img']['align'] = array(); $allowed_tags_student['img']['border'] = array(); $allowed_tags_student['img']['height'] = array(); $allowed_tags_student['img']['hspace'] = array(); -$allowed_tags_student['img']['ismap'] = array(); +//$allowed_tags_student['img']['ismap'] = array(); $allowed_tags_student['img']['longdesc'] = array(); $allowed_tags_student['img']['src'] = array(); -$allowed_tags_student['img']['usemap'] = array(); +//$allowed_tags_student['img']['usemap'] = array(); $allowed_tags_student['img']['vspace'] = array(); $allowed_tags_student['img']['width'] = array(); // INPUT +/* $allowed_tags_student['input'] = array(); $allowed_tags_student['input']['accept'] = array(); $allowed_tags_student['input']['align'] = array(); @@ -257,18 +263,22 @@ $allowed_tags_student['input']['size'] = array(); $allowed_tags_student['input']['src'] = array(); $allowed_tags_student['input']['type'] = array(); $allowed_tags_student['input']['value'] = array(); +*/ // INS $allowed_tags_student['ins'] = array(); -$allowed_tags_student['ins']['datetime'] = array(); +//$allowed_tags_student['ins']['datetime'] = array(); $allowed_tags_student['ins']['cite'] = array(); // KBD $allowed_tags_student['kbd'] = array(); // LABEL +/* $allowed_tags_student['label'] = array(); $allowed_tags_student['label']['for'] = array(); +*/ // LEGEND +/* $allowed_tags_student['legend'] = array(); -$allowed_tags_student['legend']['align'] = array(); +$allowed_tags_student['legend']['align'] = array();*/ // LI $allowed_tags_student['li'] = array(); // LINK @@ -282,9 +292,10 @@ $allowed_tags_student_full_page['link']['rev'] = array(); $allowed_tags_student_full_page['link']['target'] = array(); $allowed_tags_student_full_page['link']['type'] = array(); // MAP +/* $allowed_tags_student['map'] = array(); $allowed_tags_student['map']['id'] = array(); -$allowed_tags_student['map']['name'] = array(); +$allowed_tags_student['map']['name'] = array();*/ // MENU $allowed_tags_student['menu'] = array(); // META @@ -297,21 +308,21 @@ $allowed_tags_student_full_page['meta']['scheme'] = array(); $allowed_tags_student_full_page['noframes'] = array(); // OBJECT $allowed_tags_student['object'] = array(); -$allowed_tags_student['object']['align'] = array(); -$allowed_tags_student['object']['archive'] = array(); -$allowed_tags_student['object']['border'] = array(); +//$allowed_tags_student['object']['align'] = array(); +//$allowed_tags_student['object']['archive'] = array(); +//$allowed_tags_student['object']['border'] = array(); $allowed_tags_student['object']['classid'] = array(); $allowed_tags_student['object']['codebase'] = array(); -$allowed_tags_student['object']['codetype'] = array(); +//$allowed_tags_student['object']['codetype'] = array(); $allowed_tags_student['object']['data'] = array(); -$allowed_tags_student['object']['declare'] = array(); +//$allowed_tags_student['object']['declare'] = array(); $allowed_tags_student['object']['height'] = array(); -$allowed_tags_student['object']['hspace'] = array(); -$allowed_tags_student['object']['name'] = array(); -$allowed_tags_student['object']['standby'] = array(); +//$allowed_tags_student['object']['hspace'] = array(); +//$allowed_tags_student['object']['name'] = array(); +//$allowed_tags_student['object']['standby'] = array(); $allowed_tags_student['object']['type'] = array(); -$allowed_tags_student['object']['usemap'] = array(); -$allowed_tags_student['object']['vspace'] = array(); +//$allowed_tags_student['object']['usemap'] = array(); +//$allowed_tags_student['object']['vspace'] = array(); $allowed_tags_student['object']['width'] = array(); // OL $allowed_tags_student['ol'] = array(); @@ -319,24 +330,26 @@ $allowed_tags_student['ol']['compact'] = array(); $allowed_tags_student['ol']['start'] = array(); $allowed_tags_student['ol']['type'] = array(); // OPTGROUP +/* $allowed_tags_student['optgroup'] = array(); $allowed_tags_student['optgroup']['label'] = array(); -$allowed_tags_student['optgroup']['disabled'] = array(); +$allowed_tags_student['optgroup']['disabled'] = array();*/ // OPTION +/* $allowed_tags_student['option'] = array(); $allowed_tags_student['option']['disabled'] = array(); $allowed_tags_student['option']['label'] = array(); $allowed_tags_student['option']['selected'] = array(); -$allowed_tags_student['option']['value'] = array(); +$allowed_tags_student['option']['value'] = array();*/ // P $allowed_tags_student['p'] = array(); $allowed_tags_student['p']['align'] = array(); // PARAM $allowed_tags_student['param'] = array(); $allowed_tags_student['param']['name'] = array(); -$allowed_tags_student['param']['type'] = array(); +//$allowed_tags_student['param']['type'] = array(); $allowed_tags_student['param']['value'] = array(); -$allowed_tags_student['param']['valuetype'] = array(); +//$allowed_tags_student['param']['valuetype'] = array(); // PRE $allowed_tags_student['pre'] = array(); $allowed_tags_student['pre']['width'] = array(); @@ -378,67 +391,69 @@ $allowed_tags_student['table']['width'] = array(); // TBODY $allowed_tags_student['tbody'] = array(); $allowed_tags_student['tbody']['align'] = array(); -$allowed_tags_student['tbody']['char'] = array(); +//$allowed_tags_student['tbody']['char'] = array(); $allowed_tags_student['tbody']['charoff'] = array(); $allowed_tags_student['tbody']['valign'] = array(); // TD $allowed_tags_student['td'] = array(); $allowed_tags_student['td']['abbr'] = array(); $allowed_tags_student['td']['align'] = array(); -$allowed_tags_student['td']['axis'] = array(); +//$allowed_tags_student['td']['axis'] = array(); $allowed_tags_student['td']['bgcolor'] = array(); -$allowed_tags_student['td']['char'] = array(); +//$allowed_tags_student['td']['char'] = array(); $allowed_tags_student['td']['charoff'] = array(); $allowed_tags_student['td']['colspan'] = array(); -$allowed_tags_student['td']['headers'] = array(); +//$allowed_tags_student['td']['headers'] = array(); $allowed_tags_student['td']['height'] = array(); $allowed_tags_student['td']['nowrap'] = array(); $allowed_tags_student['td']['rowspan'] = array(); -$allowed_tags_student['td']['scope'] = array(); +//$allowed_tags_student['td']['scope'] = array(); $allowed_tags_student['td']['valign'] = array(); $allowed_tags_student['td']['width'] = array(); // TEXTAREA +/* $allowed_tags_student['textarea'] = array(); $allowed_tags_student['textarea']['cols'] = array(); $allowed_tags_student['textarea']['rows'] = array(); $allowed_tags_student['textarea']['disabled'] = array(); $allowed_tags_student['textarea']['name'] = array(); -$allowed_tags_student['textarea']['readonly'] = array(); +$allowed_tags_student['textarea']['readonly'] = array();*/ // TFOOT $allowed_tags_student['tfoot'] = array(); $allowed_tags_student['tfoot']['align'] = array(); -$allowed_tags_student['tfoot']['char'] = array(); +//$allowed_tags_student['tfoot']['char'] = array(); $allowed_tags_student['tfoot']['charoff'] = array(); $allowed_tags_student['tfoot']['valign'] = array(); // TH $allowed_tags_student['th'] = array(); $allowed_tags_student['th']['abbr'] = array(); $allowed_tags_student['th']['align'] = array(); -$allowed_tags_student['th']['axis'] = array(); +//$allowed_tags_student['th']['axis'] = array(); $allowed_tags_student['th']['bgcolor'] = array(); -$allowed_tags_student['th']['char'] = array(); +//$allowed_tags_student['th']['char'] = array(); $allowed_tags_student['th']['charoff'] = array(); $allowed_tags_student['th']['colspan'] = array(); -$allowed_tags_student['th']['headers'] = array(); +//$allowed_tags_student['th']['headers'] = array(); $allowed_tags_student['th']['height'] = array(); $allowed_tags_student['th']['nowrap'] = array(); $allowed_tags_student['th']['rowspan'] = array(); -$allowed_tags_student['th']['scope'] = array(); +//$allowed_tags_student['th']['scope'] = array(); $allowed_tags_student['th']['valign'] = array(); $allowed_tags_student['th']['width'] = array(); // THEAD $allowed_tags_student['thead'] = array(); $allowed_tags_student['thead']['align'] = array(); -$allowed_tags_student['thead']['char'] = array(); +//$allowed_tags_student['thead']['char'] = array(); $allowed_tags_student['thead']['charoff'] = array(); $allowed_tags_student['thead']['valign'] = array(); // TITLE -$allowed_tags_student['title'] = array(); +/* +$allowed_tags_student['title'] = array();*/ // TR $allowed_tags_student['tr'] = array(); $allowed_tags_student['tr']['align'] = array(); $allowed_tags_student['tr']['bgcolor'] = array(); -$allowed_tags_student['tr']['char'] = array(); +//$allowed_tags_student['tr']['char'] = array(); $allowed_tags_student['tr']['charoff'] = array(); $allowed_tags_student['tr']['valign'] = array(); // TT From d15031c26e16285613c5a3fbb531eacf04ff175b Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Mon, 31 May 2010 12:08:34 +0200 Subject: [PATCH 4/4] Fixing document title when editing document see CT#905 --- main/document/edit_document.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/main/document/edit_document.php b/main/document/edit_document.php index a697a70cbe..90b538c8a8 100755 --- a/main/document/edit_document.php +++ b/main/document/edit_document.php @@ -448,7 +448,7 @@ if (file_exists($filepath.$doc)) { /* Display user interface */ // Display the header -$nameTools = get_lang('EditDocument') . ': '.$file_name; +$nameTools = get_lang('EditDocument') . ': '.$oldTitle; Display::display_header($nameTools, 'Doc'); // Display the tool title @@ -541,7 +541,8 @@ if ($owner_id == $_user['user_id'] || api_is_platform_admin() || $is_allowed_to_ $checked->setChecked(true); } } - if ($is_certificate_mode) + + if ($is_certificate_mode) $form->addElement('style_submit_button', 'submit', get_lang('SaveCertificate'), 'class="save"'); else $form->addElement('style_submit_button','submit',get_lang('SaveDocument'), 'class="save"'); @@ -562,7 +563,7 @@ if ($owner_id == $_user['user_id'] || api_is_platform_admin() || $is_allowed_to_ /* $form->addElement('html', '
'); */ -if (isset($_REQUEST['curdirpath']) && $_GET['curdirpath']=='/certificates') { + if (isset($_REQUEST['curdirpath']) && $_GET['curdirpath']=='/certificates') { $all_information_by_create_certificate=DocumentManager::get_all_info_to_certificate(); $str_info=''; foreach ($all_information_by_create_certificate[0] as $info_value) { @@ -571,6 +572,7 @@ if (isset($_REQUEST['curdirpath']) && $_GET['curdirpath']=='/certificates') { $create_certificate=get_lang('CreateCertificateWithTags'); Display::display_normal_message($create_certificate.':

'.$str_info,false); } + if ($is_certificate_mode) { echo '
'; echo ''.Display::return_icon('back.png',get_lang('Back').' '.get_lang('To').' '.get_lang('CertificateOverview')).get_lang('Back').' '.get_lang('To').' '.get_lang('CertificateOverview').''; @@ -582,6 +584,7 @@ if (isset($_REQUEST['curdirpath']) && $_GET['curdirpath']=='/certificates') { nav_to_slideshow($slide_id); } } + $form->display(); //Display::display_error_message(get_lang('ReadOnlyFile')); }