From: Cake Date: Tue, 12 Jan 2010 14:57:06 +0000 (+0900) Subject: systems サニタイズ導入 X-Git-Tag: version-alpha~193^2~15 X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=37dec05b74ce950182663a4002063a84115835a7;p=trpgtools-onweb%2Fcake-frame.git systems サニタイズ導入 --- diff --git a/app/controllers/systems_controller.php b/app/controllers/systems_controller.php index f2778f7..30c616d 100644 --- a/app/controllers/systems_controller.php +++ b/app/controllers/systems_controller.php @@ -83,6 +83,8 @@ class SystemsController extends AppController { } if (empty($this->data)) { $this->data = $this->System->read(null, $id); + + $this->data['System'] = $this->_restore_html_system($this->data['System']); } } @@ -107,6 +109,10 @@ class SystemsController extends AppController { } $systems = $this->paginate(); + if (!empty($systems)) { + $systems = $this->HtmlEscape->nl_unescape($systems); + } + $this->set('systems', $systems); } @@ -126,8 +132,21 @@ class SystemsController extends AppController { $this->redirect(array('action'=>'index')); } - $this->set('system', $system); + $this->set('system', $this->HtmlEscape->nl2br_escaped($system)); + } + + + /* 共通関数 */ + function _restore_html_system($data, $nl2br = false) { + $data['name'] = $this->System->restore_html($data['name'], false, false, false); + $data['detail'] = $this->System->restore_html($data['detail'], false, false, false); + if ($nl2br) { + $data['detail'] = nl2br($data['detail']); + } + + return $data; } + } -?> \ No newline at end of file + diff --git a/app/models/app_model.php b/app/models/app_model.php index 51d45d1..628ed64 100644 --- a/app/models/app_model.php +++ b/app/models/app_model.php @@ -35,14 +35,18 @@ class AppModel extends Model { // i18n Error Messages // Working on the CakePlus $error_messages = array( - 'notEmpty' => __('Please be sure to input.', true), + 'alphaNumeric' => __('Please input only alphanumeric characters.', true), 'between' => __('Between %2$d and %3$d characters.', true), - 'minLength' => __('More than %2$d characters.', true), - 'maxLength' => __('Less than %2$d characters.', true), - 'alphaNumeric' => __('Please input only alphameric characters.', true), - 'compare2fields' => __('Please input same as above.', true), 'betweenWrapper' => __('Too short or Too long.', true), + 'betweenWrapper' => __('Too short or Too long.', true), + 'boolean' => __('Incorrect value.', true), 'isUnique' => __('It was already registed.', true), + 'minLength' => __('More than %2$d characters.', true), + 'maxLength' => __('Less than %2$d characters.', true), + 'notEmpty' => __('Please be sure to input.', true), + 'numeric' => __('Please input only number.', true), + 'publicFlag' => __('Incorrect value.', true), + 'url' => __('Please input URL.', true), ); $this->setErrorMessageI18n($error_messages, false); @@ -87,4 +91,18 @@ class AppModel extends Model { return Validation::between($check, $min, $max); } + /* check PublicFlag Setting */ + function publicFlag($data) + { + $public_flag_settings = array( + 'public', + 'private', + ); + if (isset($data["public_flag"]) && in_array($data["public_flag"], $public_flag_settings)) { + return true; + } else { + return false; + } + } + } diff --git a/app/models/system.php b/app/models/system.php index 16c29c4..2cb4383 100644 --- a/app/models/system.php +++ b/app/models/system.php @@ -11,11 +11,10 @@ class System extends AppModel { 'auto' => false, 'add' => true, 'edit' => true, - ), - 'default' => array( - 'auto' => false, - 'add' => true, - 'edit' => true, + 'escape' => array( + 'html' => true, + 'all' => true, + ), ), 'sort_order' => array( 'auto' => false, @@ -32,16 +31,59 @@ class System extends AppModel { 'add' => true, 'edit' => true, ), - 'logo_filename' => array( + 'set_npc' => array( 'auto' => false, - 'add' => false, - 'edit' => false, + 'add' => true, + 'edit' => true, + ), + 'public_flag' => array( + 'auto' => false, + 'add' => true, + 'edit' => true, + ), + 'detail' => array( + 'auto' => false, + 'add' => true, + 'edit' => true, + 'escape' => array( + 'html' => true, + 'images' => true, + 'sctipts' => true, + ), ), ); var $validate = array( - 'name' => array('notempty'), - 'sort_order' => array('numeric'), + 'name' => array( + 'notEmpty' => array( + 'rule' => array('notEmpty'), + ), + ), + 'sort_order' => array( + 'numeric' => array( + 'rule' => array('numeric'), + ), + ), + 'image_filename' => array( + 'url' => array( + 'rule' => array('url', true), + ), + ), + 'url' => array( + 'url' => array( + 'rule' => array('url', true), + ), + ), + 'set_npc' => array( + 'boolean' => array( + 'rule' => array('boolean'), + ), + ), + 'public_flag' => array( + 'publicFlag' => array( + 'rule' => array('publicFlag'), + ), + ), ); //The Associations below have been created with all possible keys, those that are not needed can be removed @@ -66,5 +108,11 @@ class System extends AppModel { ) ); + /* コールバックメソッド */ + function beforeSave($options = array()) + { + return parent::beforeSave($options); + } + } -?> \ No newline at end of file + diff --git a/app/views/systems/admin_edit.ctp b/app/views/systems/admin_edit.ctp index 8c11e48..7cf6488 100644 --- a/app/views/systems/admin_edit.ctp +++ b/app/views/systems/admin_edit.ctp @@ -32,7 +32,21 @@ 'label' => __('URL', true), ) ); - echo $form->input('public_flag'); + echo $form->input('set_npc', array( + 'label' => __('Use NPC', true), + 'selected' => true + ) + ); + echo $form->input('public_flag', array( + 'type' => 'select', + 'label' => __('Public', true), + 'options' => array( + 'public' => __('Public', true), + 'private' => __('Private', true), + ), + 'selected' => 'public', + ) + ); echo $form->input('detail', array( 'label' => __('Detail', true), ) @@ -45,7 +59,7 @@
diff --git a/app/views/systems/admin_view.ctp b/app/views/systems/admin_view.ctp index 26493d1..97e178a 100644 --- a/app/views/systems/admin_view.ctp +++ b/app/views/systems/admin_view.ctp @@ -60,7 +60,7 @@