for my $k (qw[boxes format_timestamp page_type content_type site_config
declare insert_code
- tidy_html clean_html escape_html escape_title escape_plaintext strip_by_mode
+ tidy_html clean_html escape_html format_htmltext escape_plaintext strip_by_mode
]) {
$app->helper($k => $self->can("_$k"))
}
=cut
sub _clean_html {
- my ($c, $html, $type) = @_;
+ my ($c, $html) = @_;
my $allowed = $c->app->config->{Editor}->{allowed_tags};
return Newslash::Util::TextFormatter::clean_html($allowed, $html);
}
return Newslash::Util::TextFormatter::escape_plaintext($text);
}
-=head2 escape_title($text)
+=head2 format_htmltext($text)
- escape title, then returns result.
+ format html/text, then returns result.
=cut
-sub _escape_title {
- my ($c, $text) = @_;
- return Newslash::Util::TextFormatter::escape_plaintext($text);
+sub _format_htmltext {
+ my ($c, $text, $type) = @_;
+ my $allowed;
+
+ if ($type eq "title") {
+ return Newslash::Util::TextFormatter::escape_plaintext($text);
+ }
+ elsif ($type eq "story") {
+ return Newslash::Util::TextFormatter::tidy_html($text);
+ }
+ elsif ($type eq "comment") {
+ $allowed = $c->app->config->{Editor}->{allowed_tags};
+ }
+ elsif ($type eq "journal") {
+ $allowed = $c->app->config->{Editor}->{allowed_tags};
+ }
+ elsif ($type eq "submission") {
+ $allowed = $c->app->config->{Editor}->{allowed_tags};
+ }
+ else {
+ $allowed = $c->app->config->{Editor}->{allowed_tags};
+ }
+ return Newslash::Util::TextFormatter::escape_html($allowed, $text);
}
=head2 strip_by_mode($html, $post_type)
use EscapeHTML qw();
use HTML::Tidy;
use Data::Dumper;
+use Encode;
use constant ANCHOR => -4;
use constant NOTAGS => -3;
'show-body-only' => 1,
} );
my $tidyed = $tidy->clean($html);
+ chomp($tidyed);
return $tidyed;
}
'show-body-only' => 1,
} );
my $tidyed = $tidy->clean($escaped);
- chomp($tidyed);
return $tidyed;
}
my $message = "";
$params->{title} = $c->escape_title($data->{title});
- $params->{comment} = $c->clean_html($data->{comment}, "comment");
+ $params->{comment} = $c->format_htmltext($data->{comment}, "comment");
$params->{discussion_id} = $data->{discussion_id};
$params->{stoid} = $data->{stoid};
$params->{pid} = $data->{pid};
$item->{introtext} = $c->strip_by_mode($params->{article}, $params->{posttype});
}
else {
- $item->{introtext} = $c->clean_html($params->{article}, "journal");
+ $item->{introtext} = $c->format_htmltext($params->{article}, "journal");
}
$item->{intro_text} = $item->{intro_text};
$item->{title} = $params->{description};
$c->rendered(404);
return;
}
- my $related = $stories->get_related_items($story->{stoid});
+ my $related = $stories->get_related_items(stoid => $story->{stoid});
$story->{related} = $related;
$c->render(json => { item => $story });
}
# client send data like this:
# {"item":{"title":"ほげ","introtext":"ほんぶん","bodytext":"","createtime":"2017-06-30T21:50:04","author":"hylom","dept":"テスト","commentstatus":"enabled","submissioncopy":0,"url":"","email":"","tags_string":"news","related_urls":"http://sdtest.osdn.co.jp:3000/story/16/01/28/0610215/"},"action":"preview"}
- $params->{title} = $c->escape_plaintext($item->{title});
+ $params->{title} = $c->format_htmltext($item->{title}, "title");
$message = "no_title" if !$params->{title};
# convert time
# check: introtext exists ?
my $intro_text = $item->{intro_text} || $item->{introtext} || "";
- $params->{introtext} = $c->clean_html($intro_text, "story");
+ $params->{introtext} = $c->format_htmltext($intro_text, "story");
if (!$params->{introtext}) {
$message = "introtext_not_given";
}
# bodytext (omittable)
my $body_text = $item->{body_text} || $item->{bodytext} || "";
- $params->{bodytext} = $c->clean_html($body_text, "story");
-
- # TODO: related urls
- #$params->{add_related} = $item->{add_related} || $item->{related_urls} || "";
+ $params->{bodytext} = $c->format_htmltext($body_text, "story");
+
+ # related urls
+ my $related_string = $item->{add_related} || $item->{related_urls} || "";
+ my @relateds = split(/\s+/, $related_string);
+ my $related_sids = [];
+ for my $related (@relateds) {
+ if ($related =~ m|^.*(\d\d/\d\d/\d\d/\d+)/|) {
+ push @$related_sids, $1;
+ }
+ }
+ $params->{add_related} = $related_sids;
# tags
# tags_strings is like: "mainpage japan business transport"
my @tags = split(/\s+/, $item->{tags_string} || "");
+ $params->{add_tags} = \@tags;
+
# add topics
my $primary_topic = $topics->get_primary_topic_from_tags(\@tags);
if ($primary_topic) {
$params->{topics_chosen} = { 49 => 10, }; # tid => weight
}
-
# TODO: media related
#$item->{mediaurl};
#$item->{mediatype};
# params => $params);
}
- # TODO: add tags
# error check
if (!$stoid) {
if ($stories->last_errorno && $stories->last_errorno == 1062) { #ER_DUP_ENTRY
if ($item->{introtext} || $item->{intro_text}) {
my $text = $item->{introtext} || $item->{intro_text};
$text =~ s/\s+\z//m;
- $params->{introtext} = $c->clean_html($text, "submission");
+ $params->{introtext} = $c->format_htmltext($text, "submission");
$params->{introtext} =~ s/\s+\z//m;
}
else {