Escaping should work properly now.
This commit is contained in:
parent
57ae3243f8
commit
0fcc1bc04d
@ -165,7 +165,7 @@ func shortcodeToUnicode(msg string) string {
|
|||||||
return msg
|
return msg
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: Write a test for this
|
// TODO: Write tests for this
|
||||||
func PreparseMessage(msg string) string {
|
func PreparseMessage(msg string) string {
|
||||||
msg = strings.Replace(msg, "<p><br>", "\n\n", -1)
|
msg = strings.Replace(msg, "<p><br>", "\n\n", -1)
|
||||||
msg = strings.Replace(msg, "<p>", "\n\n", -1)
|
msg = strings.Replace(msg, "<p>", "\n\n", -1)
|
||||||
|
@ -8,6 +8,7 @@ package common
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"database/sql"
|
"database/sql"
|
||||||
|
"html"
|
||||||
"html/template"
|
"html/template"
|
||||||
"strconv"
|
"strconv"
|
||||||
"time"
|
"time"
|
||||||
@ -235,8 +236,10 @@ func (topic *Topic) Delete() error {
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// TODO: Write tests for this
|
||||||
func (topic *Topic) Update(name string, content string) error {
|
func (topic *Topic) Update(name string, content string) error {
|
||||||
content = PreparseMessage(content)
|
name = html.EscapeString(html.UnescapeString(name))
|
||||||
|
content = PreparseMessage(html.UnescapeString(content))
|
||||||
parsedContent := ParseMessage(content, topic.ParentID, "forums")
|
parsedContent := ParseMessage(content, topic.ParentID, "forums")
|
||||||
_, err := topicStmts.edit.Exec(name, content, parsedContent, topic.ID)
|
_, err := topicStmts.edit.Exec(name, content, parsedContent, topic.ID)
|
||||||
topic.cacheRemove()
|
topic.cacheRemove()
|
||||||
|
@ -4,6 +4,7 @@ import (
|
|||||||
//"log"
|
//"log"
|
||||||
//"fmt"
|
//"fmt"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"html"
|
||||||
"log"
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
"strconv"
|
"strconv"
|
||||||
@ -43,10 +44,7 @@ func routeEditTopic(w http.ResponseWriter, r *http.Request, user common.User) co
|
|||||||
return common.NoPermissionsJSQ(w, r, user, isJs)
|
return common.NoPermissionsJSQ(w, r, user, isJs)
|
||||||
}
|
}
|
||||||
|
|
||||||
topicName := r.PostFormValue("topic_name")
|
err = topic.Update(r.PostFormValue("topic_name"), r.PostFormValue("topic_content"))
|
||||||
topicContent := common.PreparseMessage(r.PostFormValue("topic_content"))
|
|
||||||
// TODO: Fully parse the post and store it in the parsed column
|
|
||||||
err = topic.Update(topicName, topicContent)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return common.InternalErrorJSQ(err, w, r, isJs)
|
return common.InternalErrorJSQ(err, w, r, isJs)
|
||||||
}
|
}
|
||||||
@ -352,7 +350,7 @@ func routeReplyEditSubmit(w http.ResponseWriter, r *http.Request, user common.Us
|
|||||||
return common.NoPermissionsJSQ(w, r, user, isJs)
|
return common.NoPermissionsJSQ(w, r, user, isJs)
|
||||||
}
|
}
|
||||||
|
|
||||||
content := common.PreparseMessage(r.PostFormValue("edit_item"))
|
content := common.PreparseMessage(html.UnescapeString(r.PostFormValue("edit_item")))
|
||||||
_, err = stmts.editReply.Exec(content, common.ParseMessage(content, fid, "forums"), rid)
|
_, err = stmts.editReply.Exec(content, common.ParseMessage(content, fid, "forums"), rid)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return common.InternalErrorJSQ(err, w, r, isJs)
|
return common.InternalErrorJSQ(err, w, r, isJs)
|
||||||
@ -457,7 +455,7 @@ func routeProfileReplyEditSubmit(w http.ResponseWriter, r *http.Request, user co
|
|||||||
return common.NoPermissionsJSQ(w, r, user, isJs)
|
return common.NoPermissionsJSQ(w, r, user, isJs)
|
||||||
}
|
}
|
||||||
|
|
||||||
content := common.PreparseMessage(r.PostFormValue("edit_item"))
|
content := common.PreparseMessage(html.UnescapeString(r.PostFormValue("edit_item")))
|
||||||
_, err = stmts.editProfileReply.Exec(content, common.ParseMessage(content, 0, ""), rid)
|
_, err = stmts.editProfileReply.Exec(content, common.ParseMessage(content, 0, ""), rid)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return common.InternalErrorJSQ(err, w, r, isJs)
|
return common.InternalErrorJSQ(err, w, r, isJs)
|
||||||
|
Loading…
Reference in New Issue
Block a user