[CMF-checkins] CVS: CMF/CMFDefault/skins/content - document_edit.py:1.3.34.1 newsitem_edit.py:1.3.8.1
Tres Seaver
tseaver@zope.com
Sun, 21 Jul 2002 19:52:14 -0400
Update of /cvs-repository/CMF/CMFDefault/skins/content
In directory cvs.zope.org:/tmp/cvs-serv30054/CMFDefault/skins/content
Modified Files:
Tag: CMF-1_3-branch
document_edit.py newsitem_edit.py
Log Message:
- DefaultWorkflow.py:
o Accomodate utility function renaming.
o Normalize imports.
- Document.py:
o Accomodate utility function renaming.
- __init__.py:
o Make explicit module security assertions, enabling scripting
access to 'utils'.
- utils.py:
o Rename private functions to start with '_'.
o Rename public functions not to.
- skins/content/document_edit.py:
o Wire in check for unwanted HTML via 'utils.scrubHTML'.
- skins/content/newsitem_edit.py:
o Wire in check for unwanted HTML via 'utils.scrubHTML'.
=== CMF/CMFDefault/skins/content/document_edit.py 1.3 => 1.3.34.1 ===
##parameters=text_format, text, file='', SafetyBelt='', choice=' Change '
##title=Edit a document
try:
+ from Products.CMFDefault.utils import scrubHTML
+ text = scrubHTML( text ) # Strip Javascript, etc.
context.edit( text_format
, text
, file
@@ -20,8 +22,8 @@
) )
except Exception, msg:
target_action = context.getTypeInfo().getActionById( 'edit' )
- context.REQUEST.RESPONSE.redirect('%s/%s?portal_status_message=%s' % (
- context.absolute_url()
- , target_action
- , msg
- ))
+ context.REQUEST.RESPONSE.redirect(
+ '%s/%s?portal_status_message=%s' % ( context.absolute_url()
+ , target_action
+ , msg
+ ) )
=== CMF/CMFDefault/skins/content/newsitem_edit.py 1.3 => 1.3.8.1 ===
## Script (Python) "newsitem_edit"
##parameters=text, description, text_format=None, choice=' Change '
##title=Edit a news item
+try:
+ from Products.CMFDefault.utils import scrubHTML
+ text = scrubHTML( text ) # Strip Javascript, etc.
+ description = scrubHTML( description )
-context.edit(text=text, description=description, text_format=text_format)
+ context.edit(text=text, description=description, text_format=text_format)
-qst='portal_status_message=News+Item+changed.'
+ qst='portal_status_message=News+Item+changed.'
-if choice == ' Change and View ':
- target_action = context.getTypeInfo().getActionById( 'view' )
-else:
- target_action = context.getTypeInfo().getActionById( 'edit' )
+ if choice == ' Change and View ':
+ target_action = context.getTypeInfo().getActionById( 'view' )
+ else:
+ target_action = context.getTypeInfo().getActionById( 'edit' )
-context.REQUEST.RESPONSE.redirect( '%s/%s?%s' % ( context.absolute_url()
- , target_action
- , qst
- ) )
+ context.REQUEST.RESPONSE.redirect( '%s/%s?%s' % ( context.absolute_url()
+ , target_action
+ , qst
+ ) )
+except Exception, msg:
+ target_action = context.getTypeInfo().getActionById( 'edit' )
+ context.REQUEST.RESPONSE.redirect(
+ '%s/%s?portal_status_message=%s' % ( context.absolute_url()
+ , target_action
+ , msg
+ ) )