kalipso/racalmas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update template defaults and escaping

Browse Source
This commit is contained in:
Milan
2019-03-02 16:04:08 +01:00
parent 88a52dd674
commit 95ff06592d
12 changed files with 113 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
lib/calcms/template.pm
View File

@@ -6,6 +6,7 @@ use strict;
use Data::Dumper;
use HTML::Template::Compiled();
use HTML::Template::Compiled::Plugin::XMLEscape();
#use HTML::Template::JIT();
use JSON();
use Cwd();
@@ -64,47 +65,14 @@ sub process {
return;
}
#print STDERR $filename."\n";
log::error( $config, "cannot find template $filename " ) unless -e $filename;
log::error( $config, "cannot read template $filename " ) unless -r $filename;
my $default_escape = '0';
$default_escape = 'JS' if ( $filename =~ /\.js$/ );
$default_escape = 'JS' if ( $filename =~ /\.json$/ );
$default_escape = 'HTML_ALL' if ( $filename =~ /\.html$/ );
my $html_template = undef;
unless ( $filename =~ /\.xml$/ ) {
$html_template = HTML::Template::Compiled->new(
filename => $filename,
die_on_bad_params => 0,
case_sensitive => 0,
loop_context_vars => 0,
global_vars => 0,
tagstyle => '-asp -comment',
default_escape => $default_escape,
cache => 0,
utf8 => 1,
);
} else {
$html_template = HTML::Template::Compiled->new(
filename => $filename,
die_on_bad_params => 0,
case_sensitive => 1,
loop_context_vars => 0,
global_vars => 0,
tagstyle => '-asp -comment',
default_escape => 'XML',
plugin => [qw(HTML::Template::Compiled::Plugin::XMLEscape)],
utf8 => 1
);
unless (-r $filename){
log::error($config, qq{template "$filename" does not exist}) unless -e $filename;
log::error($config, qq{missing permissions to read "$filename"});
}
my $html_template = initTemplate($filename);
#$params=
setRelativeUrls( $params, 0 ) unless ( defined $params->{extern} ) && ( $params->{extern} eq '1' );
# HTML::Template::Compiled->preload($cache_dir);
$html_template->param($params);
if ( ( defined $_[1] ) && ( $_[1] eq 'print' ) ) {
print $html_template->output;
@@ -113,6 +81,42 @@ sub process {
}
}
sub initTemplate{
my $filename=shift;
my $default_escape = 'none';
$default_escape = 'js' if ( $filename =~ /\.js$/ );
$default_escape = 'js' if ( $filename =~ /\.json$/ );
$default_escape = 'html_all' if ( $filename =~ /\.html$/ );
if ( $filename =~ /\.xml$/ ) {
return HTML::Template::Compiled->new(
filename => $filename,
die_on_bad_params => 1,
case_sensitive => 1,
loop_context_vars => 0,
global_vars => 0,
tagstyle => '-asp -comment --comment --tt',
default_escape => 'XML',
cache => 1,
utf8 => 1,
plugin => [qw(HTML::Template::Compiled::Plugin::XMLEscape)],
);
}
return HTML::Template::Compiled->new(
filename => $filename,
die_on_bad_params => 1,
case_sensitive => 1,
loop_context_vars => 0,
global_vars => 0,
tagstyle => '-asp -comment --comment --tt',
default_escape => $default_escape,
cache => 1,
utf8 => 1,
);
}
# set relative urls in nested params structure
sub setRelativeUrls {
my $params = shift;

4
website/agenda/planung/templates/edit_comment.html
View File

@@ -19,8 +19,8 @@
<td class="level<TMPL_VAR level>"><img src="image/comment.png" class="level<TMPL_VAR level>"><a name="event_comments_<TMPL_VAR id>" /></td>
<td class="date"><TMPL_VAR start_date_name></td>
<td class="time"><TMPL_VAR start_time_name></td>
<td class="author"><TMPL_VAR author escape=0></td>
<td class="content <TMPL_VAR news_status>"><textarea><TMPL_VAR content escape=0></textarea></td>
<td class="author"><TMPL_VAR author escape=none></td>
<td class="content <TMPL_VAR news_status>"><textarea><TMPL_VAR content escape=none></textarea></td>
</tr>
<tr style="border-bottom:1px gray solid;">
<td />

94
website/agenda/planung/templates/edit_event.html
View File

@@ -157,7 +157,7 @@
<!-- import rerun from old event of series or any event of any project -->
<TMPL_IF .allow.update_event>
<div id="selectRerun" style="display:none;" class="select panel">
<div class="panel-header">
<b><TMPL_VAR weekday_short_name>, <TMPL_VAR start_date_name>, <TMPL_VAR start_time_name></b>,
@@ -168,20 +168,20 @@
<div onclick="selectOldEventFromSeries('rerunEventId','<TMPL_VAR start_date>'); updateCheckBox($(this).find('input:radio'),true);"
class="option"
>
<input type="radio" name="group" class="default">
<TMPL_VAR .loc.label_rerun_select_old>
</div>
<input type="radio" name="group" class="default">
<TMPL_VAR .loc.label_rerun_select_old>
</div>
<div onclick="selectOtherEvent('rerunEventId'); updateCheckBox($(this).find('input:radio'),true);"
class="option"
>
<input type="radio" name="group">
<TMPL_VAR .loc.label_rerun_select_other>
</div>
<input id="rerunEventId" value="-1" style="display:none" onchange="copyFromEvent('rerunEventId')">
<input type="radio" name="group">
<TMPL_VAR .loc.label_rerun_select_other>
</div>
<input id="rerunEventId" value="-1" style="display:none" onchange="copyFromEvent('rerunEventId')">
<div id="import_rerun" class="active" style="display:none;"></div>
<div id="import_rerun" class="active" style="display:none;"></div>
<button onclick="hideSelectRerun('rerunEventId')"><TMPL_VAR .loc.button_cancel></button>
</div>
</div>
@@ -191,14 +191,14 @@
<TMPL_IF .allow.assign_series_events>
<div id="selectChangeSeries" class="active" style="display:none" class="panel">
<div class="panel-header">
<TMPL_VAR .loc.button_assign_series>
<TMPL_VAR .loc.button_assign_series>
</div>
<div class="panel-body">
<div id="changeSeriesContainer"> </div>
<input id="changeSeriesId" value="-1" style="display:none">
<button onclick="hideChangeSeries()"><TMPL_VAR .loc.button_cancel></button>
<button onclick="changeSeries()"><TMPL_VAR .loc.button_assign></button>
</div>
<div id="changeSeriesContainer"> </div>
<input id="changeSeriesId" value="-1" style="display:none">
<button onclick="hideChangeSeries()"><TMPL_VAR .loc.button_cancel></button>
<button onclick="changeSeries()"><TMPL_VAR .loc.button_assign></button>
</div>
</div>
</TMPL_IF>
@@ -393,7 +393,7 @@
<td>
<img style="float:right;padding-left:1em" src="showImage.cgi?project_id=<TMPL_VAR project_id>&studioId=<TMPL_VAR .studio_id>&type=icon&filename=<TMPL_VAR image>">
<div><TMPL_VAR topic</div>
<div><TMPL_VAR html_content escape=0></div>
<div><TMPL_VAR html_content escape=none></div>
</td>
</tr>
</table>
@@ -433,7 +433,7 @@
<TMPL_IF .allow.update_event_field_topic>
<textarea name="topic" placeholder="<TMPL_VAR .loc.label_topics>"><TMPL_VAR topic></textarea>
<TMPL_ELSE>
<TMPL_VAR html_topic escape=0>
<TMPL_VAR html_topic escape=none>
</TMPL_IF>
</td>
</tr>
@@ -444,7 +444,7 @@
<TMPL_IF .allow.update_event_field_description>
<textarea name="content" placeholder="<TMPL_VAR .loc.label_description>"><TMPL_VAR content></textarea>
<TMPL_ELSE>
<TMPL_VAR html_content escape=0>
<TMPL_VAR html_content escape=none>
</TMPL_IF>
</td>
</tr>
@@ -499,34 +499,34 @@
<TMPL_UNLESS edit_lock>
<div class="buttons" style="text-align:center">
<TMPL_IF show_new_event_from_schedule>
<TMPL_IF .allow.create_event_from_schedule>
<button type="submit" name="action" value="create_event_from_schedule"
onclick="leavePage();return true"
><TMPL_VAR .loc.button_create></button>
</TMPL_IF>
<TMPL_ELSIF show_new_event>
<TMPL_IF .allow.create_event>
<button type="submit" name="action" value="create_event"
onclick="leavePage();return true"
><TMPL_VAR .loc.button_create></button>
</TMPL_IF>
<TMPL_ELSE>
<TMPL_IF .allow.update_event>
<button type="submit" name="action" value="save"
onclick="leavePage();return true"
><TMPL_VAR .loc.button_save></button>
</TMPL_IF>
</TMPL_IF>
<TMPL_IF .allow.delete_event>
<TMPL_UNLESS new_event>
<button type="submit" name="action" value="delete"
onclick="leavePage();commitForm('event_<TMPL_VAR event_id>','delete','delete event');return false;"
><TMPL_VAR .loc.button_delete></button>
</TMPL_UNLESS>
</TMPL_IF>
</div>
<div class="buttons" style="text-align:center">
<TMPL_IF show_new_event_from_schedule>
<TMPL_IF .allow.create_event_from_schedule>
<button type="submit" name="action" value="create_event_from_schedule"
onclick="leavePage();return true"
><TMPL_VAR .loc.button_create></button>
</TMPL_IF>
<TMPL_ELSIF show_new_event>
<TMPL_IF .allow.create_event>
<button type="submit" name="action" value="create_event"
onclick="leavePage();return true"
><TMPL_VAR .loc.button_create></button>
</TMPL_IF>
<TMPL_ELSE>
<TMPL_IF .allow.update_event>
<button type="submit" name="action" value="save"
onclick="leavePage();return true"
><TMPL_VAR .loc.button_save></button>
</TMPL_IF>
</TMPL_IF>
<TMPL_IF .allow.delete_event>
<TMPL_UNLESS new_event>
<button type="submit" name="action" value="delete"
onclick="leavePage();commitForm('event_<TMPL_VAR event_id>','delete','delete event');return false;"
><TMPL_VAR .loc.button_delete></button>
</TMPL_UNLESS>
</TMPL_IF>
</div>
</TMPL_UNLESS>

12
website/agenda/planung/templates/edit_image.html
View File

@@ -9,7 +9,7 @@ found no image
<TMPL_LOOP images>
<TMPL_IF filename>
<div id="imageEditor" class="editor">
<button onclick="assignImage('<TMPL_VAR filename escape=0>', '<TMPL_VAR .target>', '<TMPL_VAR .project_id>', '<TMPL_VAR .studio_id>', '<TMPL_VAR .series_id>', '<TMPL_VAR .event_id>', '<TMPL_VAR .pid>'); return false"><TMPL_VAR .loc.select_image></button/>
<button onclick="assignImage('<TMPL_VAR filename escape=none>', '<TMPL_VAR .target>', '<TMPL_VAR .project_id>', '<TMPL_VAR .studio_id>', '<TMPL_VAR .series_id>', '<TMPL_VAR .event_id>', '<TMPL_VAR .pid>'); return false"><TMPL_VAR .loc.select_image></button/>
<div class="panel-body">
@@ -23,10 +23,10 @@ found no image
<input type="hidden" name="studio_id" value="<TMPL_VAR .studio_id>">
<label><TMPL_VAR .loc.label_name></label><br>
<input value="<TMPL_VAR name escape=0>" name="update_name" class="field" placeholder="<TMPL_VAR .loc.label_name>"><br>
<input value="<TMPL_VAR name escape=none>" name="update_name" class="field" placeholder="<TMPL_VAR .loc.label_name>"><br>
<label><TMPL_VAR .loc.label_description></label><br>
<textarea class="field" name="update_description" cols="50" rows=5 placeholder="<TMPL_VAR .loc.label_description>"><TMPL_VAR description escape=0></textarea><br>
<textarea class="field" name="update_description" cols="50" rows=5 placeholder="<TMPL_VAR .loc.label_description>"><TMPL_VAR description escape=none></textarea><br>
<label><TMPL_VAR .loc.label_author>/<TMPL_VAR .loc.label_licence></label><br>
<input name="licence" value="<TMPL_VAR licence>" class="field<TMPL_IF missing_licence> error</TMPL_IF>" placeholder="<TMPL_VAR .loc.label_licence_missing>"/><br>
@@ -35,18 +35,18 @@ found no image
<input type="checkbox" name="public" <TMPL_IF public>checked="checked" value="1"<TMPL_ELSE>value="0"</TMPL_IF> /><br>
<TMPL_IF name="update_image">
<input type="hidden" name="save_image" value="<TMPL_VAR filename escape=0>" />
<input type="hidden" name="save_image" value="<TMPL_VAR filename escape=none>" />
<button onclick="this.submit"><TMPL_VAR .loc.button_save></button/>
</TMPL_IF>
<TMPL_IF name="delete_image">
<button onclick="askDeleteImage('img_<TMPL_VAR id escape=0>','<TMPL_VAR filename escape=0>');return false;"><TMPL_VAR .loc.button_delete></button>
<button onclick="askDeleteImage('img_<TMPL_VAR id escape=none>','<TMPL_VAR filename escape=none>');return false;"><TMPL_VAR .loc.button_delete></button>
</TMPL_IF>
<div id="status" ></div>
<TMPL_VAR .loc.label_created_at> <TMPL_VAR created_at> <TMPL_VAR .loc.label_created_by> <TMPL_VAR created_by><br>
<TMPL_VAR .loc.label_modified_at> <TMPL_VAR modified_at> <TMPL_VAR .loc.label_modified_by> <TMPL_VAR modified_by><br>
<TMPL_VAR .loc.label_link>: {{<TMPL_VAR filename escape=0>|<TMPL_VAR name>}}<br>
<TMPL_VAR .loc.label_link>: {{<TMPL_VAR filename escape=none>|<TMPL_VAR name>}}<br>
</form>

4
website/agenda/planung/templates/image.html
View File

@@ -78,8 +78,8 @@
</div>
<form id="image_manager" action="image.cgi">
<input name="search" value="<TMPL_VAR search escape=0>" style="width:20em;">
<input type="hidden" name="filename" value="<TMPL_VAR filename escape=0>">
<input name="search" value="<TMPL_VAR search escape=none>" style="width:20em;">
<input type="hidden" name="filename" value="<TMPL_VAR filename escape=none>">
<button onclick="searchImage('<TMPL_VAR target>', '<TMPL_VAR .project_id>', '<TMPL_VAR .studio_id>', '<TMPL_VAR .series_id>', '<TMPL_VAR .event_id>', '<TMPL_VAR .pid>'); return false;"><TMPL_VAR .loc.button_search></button>
</form>
<TMPL_VAR count> <TMPL_VAR .loc.label_search_hits><br />

6
website/agenda/planung/templates/imageUpload.html
View File

@@ -31,18 +31,18 @@
<td>
<TMPL_IF filename>
<input value="{{thumbs/<TMPL_VAR filename escape=0>|<TMPL_VAR name escape=0>}}" size="50" />
<input value="{{thumbs/<TMPL_VAR filename escape=none>|<TMPL_VAR name escape=none>}}" size="50" />
</TMPL_IF>
</td>
</tr>
<tr>
<td>Name: </td>
<td><input value="<TMPL_VAR name escape=0>" name="name" size="40" maxlength="100" required> </td>
<td><input value="<TMPL_VAR name escape=none>" name="name" size="40" maxlength="100" required> </td>
</tr>
<tr>
<td>Beschreibung: </td>
<td><textarea name="description" cols="50" rows=5><TMPL_VAR description escape=0></textarea></td>
<td><textarea name="description" cols="50" rows=5><TMPL_VAR description escape=none></textarea></td>
</tr>
<tr>
<td><label><TMPL_VAR .loc.label_author>/<TMPL_VAR .loc.label_licence></label></td>

2
website/agenda/planung/templates/upload_audio_recordings.html
View File

@@ -44,7 +44,7 @@
<td>
<TMPL_IF filename>
<TMPL_VAR filename escape=0>"
<TMPL_VAR filename escape=none>"
</TMPL_IF>
</td>

6
website/agenda/templates/categories.html
View File

@@ -8,7 +8,7 @@
<select id="calcms_project" name="project"
onchange="calcms.selectProject()"
>
<TMPL_LOOP projects><option value="<TMPL_VAR name escape=0>"><TMPL_VAR title></option>
<TMPL_LOOP projects><option value="<TMPL_VAR name escape=none>"><TMPL_VAR title></option>
</TMPL_LOOP>
</select>
</form>
@@ -17,13 +17,13 @@
<form id="calcmsCategoryForm" name="calcms_category">
<TMPL_LOOP projects>
<TMPL_UNLESS isEmpty>
<select id="calcms_category_<TMPL_VAR js_name escape=0>" name="category_<TMPL_VAR js_name escape=0>"
<select id="calcms_category_<TMPL_VAR js_name escape=none>" name="category_<TMPL_VAR js_name escape=none>"
title="Kategorien durchsuchen"
onchange="calcms.selectCategory('<TMPL_VAR name>', jQuery(this).val())"
style="display:none;"
>
<option value="">- Kategorie -</option>
<TMPL_LOOP categories><option value="<TMPL_VAR name escape=0>"<TMPL_VAR selected>><TMPL_VAR name> (<TMPL_VAR sum>)</option>
<TMPL_LOOP categories><option value="<TMPL_VAR name escape=none>"<TMPL_VAR selected>><TMPL_VAR name> (<TMPL_VAR sum>)</option>
</TMPL_LOOP>
</select>
</TMPL_UNLESS>

4
website/agenda/templates/comments.html
View File

@@ -34,9 +34,9 @@
<div class="comment level<TMPL_VAR level>" style="float:clear;" >
<a name="comment_<TMPL_VAR id>" />
<div class="w1"><div class="w2"><div class="w3"><div class="w4">
<span class="author"><TMPL_VAR author escape=0></span>,
<span class="author"><TMPL_VAR author escape=none></span>,
<span class="date"><TMPL_VAR start_date_name> - <TMPL_VAR start_time_name></span>
<div class="content"><TMPL_VAR content escape=0></div>
<div class="content"><TMPL_VAR content escape=none></div>
<TMPL_IF allow.new_comments>
<span >
<a href="#calcms_add_comment_<TMPL_VAR id>_anchor"

4
website/agenda/templates/comments_newest.html
View File

@@ -12,8 +12,8 @@
<TMPL_LOOP comments>
<a href="<TMPL_VAR cache_base_url>/<TMPL_VAR .controllers.event>/<TMPL_VAR event_id>.html#comments">
<div class="comments level<TMPL_VAR level>">
<span class="author"><TMPL_VAR author escape=0></span>:
<span class="content"><TMPL_VAR short_content escape=0></span>
<span class="author"><TMPL_VAR author escape=none></span>:
<span class="content"><TMPL_VAR short_content escape=none></span>
</a>
</div>
</TMPL_LOOP>

2
website/agenda/templates/event_details.html
View File

@@ -59,7 +59,7 @@
</TMPL_IF>
</TMPL_IF>
<TMPL_VAR topic ESCAPE=0><TMPL_VAR content ESCAPE=0>
<TMPL_VAR topic escape=none><TMPL_VAR content escape=none>
<TMPL_IF recurrence_date><a href="<TMPL_VAR recurrence>.html">Wiederholung vom <TMPL_VAR recurrence_date></a></TMPL_IF>
</div>

6
website/agenda/templates/series_names.html
View File

@@ -11,15 +11,15 @@
<TMPL_LOOP projects>
<TMPL_UNLESS isEmpty>
<select
id="calcms_series_name_<TMPL_VAR js_name escape=0>"
name="series_name_<TMPL_VAR js_name escape=0>"
id="calcms_series_name_<TMPL_VAR js_name escape=none>"
name="series_name_<TMPL_VAR js_name escape=none>"
title="Sendereihen durchsuchen"
onchange="calcms.selectSeries('<TMPL_VAR name>', jQuery(this).val())"
style="display:none;"
>
<option value="">- Sendereihe -</option>
<TMPL_LOOP series_names><option value="<TMPL_VAR series_name escape=0>"<TMPL_VAR selected escape=0>><TMPL_VAR series_name> (<TMPL_VAR sum>)</option>
<TMPL_LOOP series_names><option value="<TMPL_VAR series_name escape=none>"<TMPL_VAR selected escape=none>><TMPL_VAR series_name> (<TMPL_VAR sum>)</option>
</TMPL_LOOP>
</select>