fernando/tomolino-processmaker
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added double encoding for already existing HTMl entities

Browse Source 
Added encoding into HTML-ENTITIES
Added revert back into UTF-8
Changed version to 3.2.5
This commit is contained in:
tomolimo
2018-02-01 16:01:09 +01:00
parent f6fb74ff4e
commit c5589795df
5 changed files with 39 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
front/processmaker.helpdesk.form.php
View File

@@ -583,7 +583,17 @@ function processMakerShowCase( $ID, $from_helpdesk ) {
// to change this HTML code // to change this HTML code
$dom = new DOMDocument(); $dom = new DOMDocument();
$dom->loadHTML($buffer, LIBXML_HTML_NOIMPLIED | LIBXML_HTML_NODEFDTD | LIBXML_NOXMLDECL);
// will convert '&' to '&amp;', '<' to '&lt;' and '>' to '&gt;'
$buffer = htmlspecialchars($buffer, ENT_NOQUOTES);
// will restore '&lt;' to '<' and '&gt;' to '>'
// so that only the already escaped entites will get the double encoding
$buffer = str_replace(['&lt;', '&gt;'], ['<', '>'], $buffer);
// will convert any UTF-8 char that can't be expressed in ASCII into an HTML entity
$buffer = mb_convert_encoding($buffer, 'HTML-ENTITIES');
$dom->loadHTML($buffer, LIBXML_HTML_NOIMPLIED | LIBXML_HTML_NODEFDTD );
$xpath = new DOMXPath($dom); $xpath = new DOMXPath($dom);
// hide some fields // hide some fields
@@ -606,8 +616,8 @@ function processMakerShowCase( $ID, $from_helpdesk ) {
$elt->setAttribute( 'colspan', '2'); $elt->setAttribute( 'colspan', '2');
} }
//$res = $xpath->query('//*[@name="content"]/ancestor::tr[1]'); $res = $xpath->query('//*[@name="content"]/ancestor::tr[1]');
$res = $xpath->query('//*[@name="add"]/ancestor::tr[@class="tab_bg_1"]/preceding-sibling::tr[1]'); //$res = $xpath->query('//*[@name="add"]/ancestor::tr[@class="tab_bg_1"]/preceding-sibling::tr[1]');
$table = $xpath->query('//*[@name="add"]/ancestor::table[1]'); $table = $xpath->query('//*[@name="add"]/ancestor::table[1]');
$tr = $table->item(0)->insertBefore(new DOMElement('tr'), $res->item(0)); $tr = $table->item(0)->insertBefore(new DOMElement('tr'), $res->item(0));
@@ -634,8 +644,9 @@ function processMakerShowCase( $ID, $from_helpdesk ) {
$buffer = $dom->saveHTML(); $buffer = $dom->saveHTML();
// will revert back any char converted above
$buffer = mb_convert_encoding($buffer, 'UTF-8', 'HTML-ENTITIES');
echo $buffer; echo $buffer;
//showFormHelpdesk($ID, $pmItem, $caseInfo);
} }
} }

18
inc/processmaker.class.php
View File

@@ -2704,4 +2704,22 @@ class PluginProcessmakerProcessmaker extends CommonDBTM {
echo Html::scriptBlock($scriptblock); echo Html::scriptBlock($scriptblock);
} }
//static protected $saved_ob_level;
//static function pre_item_form_processmakerticket($item) {
// self::$saved_ob_level = ob_get_level();
// ob_start();
//}
//static function post_item_form_processmakerticket($item) {
// $buffer = ob_get_clean();
// // 9.1 only: hack to fix an issue with the initEditorSystem which calls scriptStart without calling scriptEnd
// if (ob_get_level() > self::$saved_ob_level) {
// $buffer = ob_get_clean().$buffer;
// }
// echo $buffer;
//}
} }

10
js/cases.helpdesk.js
View File

@@ -14,6 +14,7 @@ function onClickContinue(obj) {
} }
// call old handler if any // call old handler if any
//debugger;
if (obj != undefined && oldHandler) { if (obj != undefined && oldHandler) {
oldHandler(obj.target); oldHandler(obj.target);
} }
@@ -65,15 +66,10 @@ function onLoadFrame( evt, caseId, delIndex, caseNumber, processName ) {
//debugger; //debugger;
bGLPIHideElement(linkList, 'href', 'cases_Step?TYPE=ASSIGN_TASK&UID=-1&POSITION=10000&ACTION=ASSIGN'); bGLPIHideElement(linkList, 'href', 'cases_Step?TYPE=ASSIGN_TASK&UID=-1&POSITION=10000&ACTION=ASSIGN');
//buttonContinue.form.action = null; //'';
//if (buttonContinue.addEventListener)
// buttonContinue.addEventListener("click", onClickContinue, false);
//else
// buttonContinue.attachEvent("onclick", onClickContinue);
oldHandler = buttonContinue.onclick; oldHandler = buttonContinue.onclick;
buttonContinue.onclick = onClickContinue; buttonContinue.onclick = onClickContinue;
submitButton = $("input[name='add'][type=submit]")[0]; submitButton = $("input[name='add'][type=submit]")[0];
submitButton.insertAdjacentHTML('beforebegin', "<input type='hidden' name='processmaker_action' value='routecase'/>"); submitButton.insertAdjacentHTML('beforebegin', "<input type='hidden' name='processmaker_action' value='routecase'/>");
submitButton.insertAdjacentHTML('beforebegin', "<input type='hidden' name='processmaker_caseid' value='" + caseId + "'/>"); submitButton.insertAdjacentHTML('beforebegin', "<input type='hidden' name='processmaker_caseid' value='" + caseId + "'/>");

4
processmaker.xml
View File

@@ -23,11 +23,11 @@
</authors> </authors>
<versions> <versions>
<version> <version>
<num>3.2.4</num> <num>3.2.5</num>
<compatibility>9.2</compatibility> <compatibility>9.2</compatibility>
</version> </version>
<version> <version>
<num>3.2.4</num> <num>3.2.5</num>
<compatibility>9.1</compatibility> <compatibility>9.1</compatibility>
</version> </version>
</versions> </versions>

2
setup.php
View File

@@ -119,7 +119,7 @@ function plugin_version_processmaker() {
global $LANG; global $LANG;
return array ('name' => 'Process Maker', return array ('name' => 'Process Maker',
'version' => '3.2.4', 'version' => '3.2.5',
'author' => 'Olivier Moron', 'author' => 'Olivier Moron',
'homepage' => 'https://github.com/tomolimo/processmaker', 'homepage' => 'https://github.com/tomolimo/processmaker',
'minGlpiVersion' => '9.1'); 'minGlpiVersion' => '9.1');