Changeset 27277 for main/trunk
- Timestamp:
- 2013-04-29T20:25:28+12:00 (11 years ago)
- Location:
- main/trunk/greenstone2
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone2/macros/document.dm
r27260 r27277 151 151 <script type="text/javascript"> 152 152 153 // http://stackoverflow.com/questions/3830244/get-current-date-time-in-seconds 153 // Unused. Replaced in favour of call to escape() in setMetaArray function that calls urlPostSync 154 // http://stackoverflow.com/questions/6020714/escape-html-using-jquery 154 155 function safeHTML(str) \{ 155 156 return str.replace("&", "&").replace("<", "<").replace(">", ">").replace('"',""").replace("'","'").replace("/", "/"); //"\\"" 156 157 \} 158 157 159 158 160 function addUserComment(_username, _comment, _docid, doc) \{ … … 163 165 _docid = _docid.substring(0, period); 164 166 \} 165 166 // Entity encode the values before storing (at least <, >, /. And single and double quote, ampersand) 167 // http://stackoverflow.com/questions/6020714/escape-html-using-jquery 168 _username = safeHTML(_username); 169 _comment = safeHTML(_comment); 167 170 168 171 169 // Want to store username, timestamp and comment in import/metadata.xml, archives/doc.xml … … 183 181 184 182 185 // To make individual api calls to set username meta, then timestamp then comment meta: 183 // Entity encode the values before storing (at least <, >, /. And single and double quote, ampersand) 184 // http://stackoverflow.com/questions/6020714/escape-html-using-jquery 185 // setMetadataArray escapes the entire JSON, is that better than escaping individually here? 186 //_docid = escape(_docid); 187 //_timestamp = escape(_timestamp); 188 //_username = escape(_username); //safeHTML(_username); 189 //_comment = escape(_comment); //safeHTML(_comment); 190 191 // Use this if making individual api calls to set username meta, then timestamp then comment meta 186 192 // GSAPI already knows the collection 187 193 //gsapi.setMetadata(_docid, "username", null, _username, "accumulate", "import|archives|index"); … … 222 228 223 229 // GSAPI already knows the collection 224 gsapi.setMetadataArray(docArray, "accumulate","import|archives|index"); 225 //doc.AddUserCommentForm.comment.value = "submitted"; 226 doc.getElementById("usercommentfeedback").innerHTML = "_textcommentsubmitted_"; //"submitted"; // <p id="feedback"></p> 230 gsapi.setMetadataArray(docArray, "accumulate", "import|archives|index"); 231 doc.AddUserCommentForm.comment.value = ""; 232 doc.AddUserCommentForm.username.value = ""; 233 doc.getElementById("usercommentfeedback").innerHTML = "_textcommentsubmitted_"; 227 234 \} 228 235 </script> -
main/trunk/greenstone2/perllib/cgiactions/baseaction.pm
r27261 r27277 31 31 use inexport; 32 32 33 our $authen ication_enabled = 0;33 our $authentication_enabled = 0; 34 34 our $mail_enabled = 0; 35 35 … … 71 71 $err_mess .= " Compulsory args: "; 72 72 my @comp_args = ("c"); 73 push(@comp_args,"un") if ($authen ication_enabled);73 push(@comp_args,"un") if ($authentication_enabled); 74 74 push(@comp_args,@{$action_table->{$a}->{'compulsory-args'}}); 75 75 $err_mess .= join(", ", @comp_args); … … 78 78 79 79 my @opt_args = (); 80 push(@opt_args,"un") if (!$authen ication_enabled);80 push(@opt_args,"un") if (!$authentication_enabled); 81 81 push(@opt_args,@{$action_table->{$a}->{'optional-args'}}); 82 82 -
main/trunk/greenstone2/web/script/gsajaxapi.js
r27257 r27277 138 138 return xmlHttp.responseText; 139 139 } 140 140 141 // New, an Ajax Synchronous Post method. 142 // http://www.degraeve.com/reference/simple-ajax-example.php 143 // Async vs Sync: http://www.w3schools.com/ajax/ajax_xmlhttprequest_send.asp 144 // Also: 145 // http://stackoverflow.com/questions/6312447/in-an-ajax-post-do-i-need-to-urlencode-parameters-before-sending 146 // http://api.jquery.com/jQuery.post/ 147 // http://www.w3schools.com/ajax/ajax_xmlhttprequest_send.asp 148 this.urlPostSync = function(scriptURL, params) { 149 var xmlHttp=false; 150 try { 151 // Firefox, Opera 8.0+, Safari 152 xmlHttp=new XMLHttpRequest(); 153 } 154 catch (e) { 155 // Internet Explorer 156 try { 157 xmlHttp=new ActiveXObject("Msxml2.XMLHTTP"); 158 } 159 catch (e) { 160 try { 161 xmlHttp=new ActiveXObject("Microsoft.XMLHTTP"); 162 } 163 catch (e) { 164 alert("Your browser does not support AJAX!"); 165 return false; 166 } 167 } 168 } 169 170 // e.g. scriptURL: /greenstone/cgi-bin/metadata-server.pl 171 xmlHttp.open('POST', scriptURL, false); // false means synchronous 172 xmlHttp.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); 173 174 // If asynchronous: 175 // xmlHttp.onreadystatechange = function() { 176 // if (xmlHttp.readyState == 4) { 177 // updatepage(xmlHttp.responseText); 178 // } 179 // } 180 181 xmlHttp.send(params); // needs to be escaped/encoded 182 183 //alert(xmlHttp.responseText); // if synchronous, process xmlHttp.responseText AFTER send() call 184 return xmlHttp.responseText; 185 } 186 141 187 this.setLiveMetadata = function(id,metaname,metavalue) 142 188 { … … 155 201 // The where parameter can be specified as one or more of: import, archives, index, live 156 202 // separated by |. If null, it is assumed to be index which is the original default 157 // behaviour of calling set-metadata ). E.g. where=import|archives|index203 // behaviour of calling set-metadata. E.g. where=import|archives|index 158 204 this.setMetadata = function(docid,metaname,metapos,metavalue,metamode,where) 159 205 { … … 177 223 } 178 224 179 this.urlGetSync(mdserver + "?" + params);180 //this.urlPostSync(mdserver,params);225 //this.urlGetSync(mdserver + "?" + params); 226 this.urlPostSync(mdserver,params); 181 227 } 182 228 … … 191 237 var mdserver = this.metadataserverURL(); 192 238 193 var params = "a= set-metadata-array";239 var params = "a=" + escape("set-metadata-array"); //"a=set-metadata-array"; 194 240 if(where != null) { 195 params += "&where=" + where; // if where not specified, meta-server will default to setting index meta241 params += "&where=" + escape(where); // if where not specified, meta-server will default to setting index meta 196 242 //} else { 197 243 // params += "&where=import|archives|index"; 198 244 } 199 params += "&c="+ collect_;200 params += "&json="+ docArrayJSON;245 params += "&c="+escape(collect_); 246 params += "&json="+escape(docArrayJSON); 201 247 202 248 if (metamode!=null) { 203 params += "&metamode=" + metamode;204 } 205 206 this.urlGetSync(mdserver + "?" + params);207 249 params += "&metamode=" + escape(metamode); 250 } 251 252 //this.urlGetSync(mdserver + "?" + params); 253 this.urlPostSync(mdserver,params); 208 254 } 209 255
Note:
See TracChangeset
for help on using the changeset viewer.