source: main/trunk/greenstone2/macros/talkback.dm@ 31853

Last change on this file since 31853 was 28888, checked in by ak19, 10 years ago

First security commit. 1. Introducing the new securitools.h and .cpp files, which port the functions necessary to implement security in Greenstone from OWASP-ESAPI for Java, since OWASP's C++ version is largely not yet implemented, even though their code compiles. The newly added runtime-src/packages/security which contains OWASP ESAPI for C++ will therefore be removed again shortly. 2. receptionist.cpp now sets various web-encoded variants for each cgiarg macro, such as HTML entity encoded, attr encoded, javascript encoded (and css encoded variants). These are now used in the macro files based on which variant is suited to the context. 3. This commit further contains the minimum changes to protect the c, d, and p cgi variables.
  • Property svn:executable set to *
File size: 2.9 KB
Line 
1package Global
2
3# Currently nothing in talkbackscript
4_talkbackscript_ {
5}
6
7
8package talkback
9
10# The following values are typically set in <gsdlhome>/macro/zextra.dm
11# They are left commented out here so the error log does not get swamped
12# with 'redefined' warning
13#_talkfromcgi_ {}
14#_talktocgi_ {}
15
16_talktoCollect_ {}
17_talkfromCollect_ {}
18
19_talkfromLibrary_ {_talkfromcgi_/library.cgi}
20_talkfromUploadSimulate_ {_talkfromcgi_/talkback-transfer.pl}
21_talkfromUploadProgress_ {_talkfromcgi_/talkback-progressbar.pl}
22
23_talktoLibrary_ {_talktocgi_/library.cgi}
24_talktoUpload_ {_talktocgi_/talkback-progressbar.pl}
25
26
27
28_uploadForm_ {
29
30 <form name="uploadForm"
31 action="_talkfromUploadSimulate_"
32 enctype="multipart/form-data"
33 method="post">
34 <input type="hidden" name="yes_upload" value="1" />
35 <input type="hidden" name="process" value="1" />
36 <input type="hidden" name="fromCollect" value="_cgiargcAttrsafe_" />
37 <input type="hidden" name="toCollect" value="_talktoCollect_" />
38 <input type="hidden" name="oid" value="" />
39 <input type="hidden" name="talktoUpload" value="_talktoUpload_" />
40
41 </form>
42
43 <div id="talktoProgressBar" style="display: block;">
44 <iframe style="float: top;" width="600" height="100" frameborder="0"
45 src="_talktoUpload_">
46 </iframe>
47 </div>
48
49
50 <script type="text/javascript">
51
52
53 function talktoProgressBarHide(oid)
54 \{
55
56 var ttpb = document.getElementById("talktoProgressBar");
57 ttpb.style.display = "none";
58 \}
59
60
61 function talkbackUploadSubmit(oid)
62 \{
63 var ttpb = document.getElementById("talktoProgressBar");
64 ttpb.style.display = "block";
65
66 //if (window.addEventListener) \{
67 // window.addEventListener('beforeunload',talktoProgressBarHide,true);
68 //\}
69 //else \{
70 // window.attachEvent('onbeforeunload',talktoProgressBarHide);
71 //\}
72
73 //alert("away to submit");
74
75 var uploadForm = document.uploadForm;
76 uploadForm.oid.value = oid;
77 uploadForm.submit();
78 \}
79 </script>
80}
81
82_monitorUpload_ {
83
84<center>
85 <div style="width: 450px;">
86 <iframe frameborder="0" width="400" height="80"
87 src="_talkfromUploadProgress_">
88 </iframe>
89 </div>
90</center>
91
92
93}
94
95#---------------------------
96
97_imagethispage_ {DL Talkback}
98
99_content_ {
100_optnavigationbar_
101
102
103<div class="divbar">&nbsp;</div>
104
105<div style="min-height: 500px;">
106 <div style="width: 49%; height: 100%; float: left; margin-left: 1px">
107
108 <iframe width="100%" height="500" frameborder="0"
109 src="_talkfromLibrary_?a=p&p=about&c=_talkfromCollect_&talkback=1">
110 </iframe>
111
112
113 </div>
114
115 <div style="float: right; width: 49%; height: 100%; margin-right: 1px;">
116 <iframe width="100%" height="500" frameborder="0"
117 src="_talktoLibrary_?a=p&p=about&c=_talktoCollect_&talkback=1">
118 </iframe>
119 </div>
120
121</div>
122<div style="clear: both"></div>
123<div class="divbar">&nbsp;</div>
124
125
126}
127
128# _monitorUpload_
Note: See TracBrowser for help on using the repository browser.