From: skodak Date: Mon, 20 Apr 2009 11:37:39 +0000 (+0000) Subject: MDL-18900 reimplemented trusttext - now using separate db field; the API will be... X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=7467e72197e12e6deb96ba58fd2584b2abfdc3bb;p=moodle.git MDL-18900 reimplemented trusttext - now using separate db field; the API will be improved and documented together with the new support functions needed for new Editor element --- diff --git a/lib/weblib.php b/lib/weblib.php index d3dcf377fc..9ad99356f3 100644 --- a/lib/weblib.php +++ b/lib/weblib.php @@ -1551,20 +1551,6 @@ function filter_text($text, $courseid=NULL) { return filter_manager::instance()->filter_text($text, $context, $courseid); } -/** - * Is the text marked as trusted? - * - * @param string $text text to be searched for TRUSTTEXT marker - * @return boolean - */ -function trusttext_present($text) { - if (strpos($text, TRUSTTEXT) !== FALSE) { - return true; - } else { - return false; - } -} - /** * Legacy function, used for cleaning of old forum and glossary text only. * @param string $text text that may contain TRUSTTEXT marker @@ -1582,54 +1568,6 @@ function trusttext_strip($text) { } } -/** - * Mark text as trusted, such text may contain any HTML tags because the - * normal text cleaning will be bypassed. - * Please make sure that the text comes from trusted user before storing - * it into database! - */ -function trusttext_mark($text) { -//TODO: delete - global $CFG; - if (!empty($CFG->enabletrusttext) and (strpos($text, TRUSTTEXT) === FALSE)) { - return TRUSTTEXT.$text; - } else { - return $text; - } -} - -function trusttext_after_edit(&$text, $context) { -//TODO: delete - if (has_capability('moodle/site:trustcontent', $context)) { - $text = trusttext_strip($text); - $text = trusttext_mark($text); - } else { - $text = trusttext_strip($text); - } -} - -function trusttext_prepare_edit(&$text, &$format, $usehtmleditor, $context) { - global $CFG; -//TODO: delete - $options = new object(); - $options->smiley = false; - $options->filter = false; - if (!empty($CFG->enabletrusttext) - and has_capability('moodle/site:trustcontent', $context) - and trusttext_present($text)) { - $options->noclean = true; - } else { - $options->noclean = false; - } - $text = trusttext_strip($text); - if ($usehtmleditor) { - $text = format_text($text, $format, $options); - $format = FORMAT_HTML; - } else if (!$options->noclean){ - $text = clean_text($text, $format); - } -} - /** * Must be called before editing of all texts * with trust flag. Removes all XSS nasties @@ -1651,7 +1589,7 @@ function trusttext_pre_edit($object, $field, $context) { } /** - * Is user trusted to enter no dangerous XSS in this context? + * Is urrent user trusted to enter no dangerous XSS in this context? * Please note the user must be in fact trusted everywhere on this server!! * @param $context * @return bool true if user trusted diff --git a/mod/upgrade.txt b/mod/upgrade.txt index 90cfb78b2c..3e24896840 100644 --- a/mod/upgrade.txt +++ b/mod/upgrade.txt @@ -11,6 +11,7 @@ required changes in code: * move post instalation code from lib.php into db/install.php * completely rewrite file handling * rewrite backup/restore +* rewrite trusstext support - new db table columns needed optional - no changes needed in older code: * portfolio support