Subversion Repositories wimsdev

Rev

Rev 17089 | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
2832 bpr 1 
!if $wims_class=
2 
  !read adm/language names.phtml
3 
!else
10087 bpr 4 
  !read adm/class/classlang names.phtml
2832 bpr 5 
  !set modu_lang=$moduclass_lang
6 
!endif
13683 obado 7 
 
14602 guerimand 8 
!! ---------- replaced by script/adm/partialdetag.proc
9 
!!# try to prevent HTML and JavaScript Injection
10 
!!# see code injection samples here : https://www.codeproject.com/Articles/134024/HTML-and-JavaScript-Injection
11 
!!# all prohibited words must be set without CAPS
12 
!!prohibited_words=</script >,</form >,</script>,</form>,<meta,behavior:,javascript:,onabort=,onafterprint=,onanimationend=,onanimationiteration=,onanimationstart=,onbeforeprint=,onbeforeunload=,onblur=,oncanplay=,oncanplaythrough=,onchange=,onclick=,oncontextmenu=,oncopy=,oncut=,ondblclick=,ondrag=,ondragend=,ondragenter=,ondragleave=,ondragover=,ondragstart=,ondrop=,ondurationchange=,onended=,onerror=,onfocus=,onfocusin=,onfocusout=,onfullscreenchange=,onfullscreenerror=,onhashchange=,oninput=,oninvalid=,onkeydown=,onkeypress=,onkeyup=,onload=,onloadeddata=,onloadedmetadata=,onloadstart=,onmessage=,onmousedown=,onmouseenter=,onmouseleave=,onmousemove=,onmouseover=,onmouseout=,onmouseup=,onmousewheel=,onoffline=,ononline=,onopen=,onpagehide=,onpageshow=,onpaste=,onpause=,onplay=,onplaying=,onpopstate=,onprogress=,onratechange=,onresize=,onreset=,onscroll=,onsearch=,onseeked=,onseeking=,onselect=,onshow=,onstalled=,onstorage=,onsubmit=,onsuspend=,ontimeupdate=,ontoggle=,ontouchcancel=,ontouchend=,ontouchmove=,ontouchstart=,ontransitionend=,onunload=,onvolumechange=,onwaiting=,onwheel=
1790 bpr 13 
wims_trustfile=primitives.phtml
23 reyssat 14 
wims_nw=Forumdir forumdir mb_readpolicy mb_sendpolicy mb_password \
14637 guerimand 15 
	mb_creation mb_nolink spolycode rpolycode mb_title mb_supervisor \
10991 bpr 16 
	mb_mail send_right read_right s_hidecode is_owner forumrealuser forumuser \
23 reyssat 17 
	user_lastname user_firstname user_email fuser fpassword \
18 
	month ident s_hidecode c_smail \
19 
	empty
20 
wims_nr=wims_sesrandom
21 
Forumdir=!replace internal ../wimshome/ by $wims_home/ in ../$forumdir
22 
!if robot isin $session
13679 bpr 23 
  job=list
24 
  !exit
23 reyssat 25 
!endif
26 
 
17089 guerimand 27 
!! disconnect forum for example class
17163 guerimand 28 
!if $wims_superclass=$empty
29 
  sclass=$wims_class
30 
!else
31 
  sclass=$wims_superclass
32 
!endif
33 
!if $wims_class!=$empty and $sclass<10000
17089 guerimand 34 
  error=closedmodexcls
35 
  !exit
36 
!endif
37 
 
23 reyssat 38 
!if $error!=$empty or $cmd=help
13679 bpr 39 
  !exit
23 reyssat 40 
!endif
41 
 
42 
!if $read_right=0
13679 bpr 43 
  error=no_read_right
44 
  !exit
23 reyssat 45 
!endif
46 
 
47 
!if $send_right=0 and $job iswordof preview compose send
13679 bpr 48 
  error=no_send_right
49 
  !exit
23 reyssat 50 
!endif
51 
 
52 
wims_multiexec=pari maxima yacas
53 
insmath_rawmath=yes
54 
insmath_slashsubst=yes
1790 bpr 55 
msg2wims_primitives=draw def define comment if for while doc
23 reyssat 56 
 
57 
!for i in preview,send,list
12902 obado 58 
  !if $(c_$i)!=$empty
59 
    job=$i
60 
  !endif
23 reyssat 61 
!next i
62 
!reset c_preview c_send c_list
237 bpr 63 
!bound job within list,thread,read,compose,preview,send,config,erase,threadlist default list
23 reyssat 64 
archlist=!record 0 of $forumdir/.archives
65 
archlist=!words2items $archlist
66 
!bound mlist within .newlist,$archlist default .newlist
67 
 
68 
# quote_lim: limit to number of lines in quoting.
69 
!distribute item 128,100,100,32,80,100 into \
70 
 subject_lim,list_lim,thread_lim,sender_lim,mail_lim,quote_lim
71 
 
72 
wims_form_method=post
10087 bpr 73 
 
74 
!!module_title=$mb_title
12902 obado 75 
 
23 reyssat 76 
!if $job iswordof preview send
12902 obado 77 
  lens=!sh cd $wims_home; bin/msg2wims $wims_sesdir/user-deposit $wims_sesdir/message.wims
14637 guerimand 78 
  !if $wims_user=supervisor or $mb_nolink!=yes
79 
    script_option=allowlink
80 
  !endif
14632 guerimand 81 
  !readproc adm/partialdetag.proc file $wims_home/$wims_sesdir/message.wims $wims_home/$wims_sesdir/message.wims
12902 obado 82 
  !if $wims_exec_error!=$empty
83 
    t=!trim $wims_exec_error
84 
    !if $t!=open_tag
85 
      error=$wims_exec_error
86 
      job=compose
87 
      !exit
88 
    !else
89 
      error=open_tag
90 
      job=preview
91 
    !endif
23 reyssat 92 
  !endif
12902 obado 93 
  !distribute word $lens into srclen,msglen
94 
  !if $srclen=0
95 
    job=preview
96 
  !endif
97 
  !if ($srclen>0 and $msglen=0) or $msglen=$empty
98 
    error=translation_fail
99 
    job=compose
100 
    !exit
101 
  !endif
102 
  c_sender=!items2words $c_sender
103 
  c_sender=!char 1 to $sender_lim of $c_sender
104 
  c_smail=!trim $c_smail
105 
  c_smail=!char 1 to $mail_lim of $c_smail
106 
  c_subject=!char 1 to $subject_lim of $c_subject
107 
  c_subject=!replace < by &lt; in $c_subject
23 reyssat 108 
!endif
109 
 
110 
!read var.proc.$job
111 
 
112 
!if $error!=$empty
12902 obado 113 
  wims_module_log=error: $error
23 reyssat 114 
!else
12902 obado 115 
  wims_module_log=$job  	$forum
116 
  !if classes isin $forumdir and $job iswordof read list
117 
    now=!date '+%Y%m%d%H%M%S'
118 
    !if $wims_user=supervisor and ($wims_realuser=$empty or $wims_realuser=supervisor)
119 
      deffile=wimshome/log/classes/$wims_class/supervisor
120 
    !else
121 
      !if $wims_realuser!=$empty
122 
        deffile=wimshome/log/classes/$wims_class/.users/$wims_realuser
123 
      !else
124 
        deffile=wimshome/log/classes/$wims_class/.users/$wims_user
125 
      !endif
126 
    !endif
127 
    !setdef !set user_lastmsg=$now in $deffile
23 reyssat 128 
  !endif
129 
!endif
130 
 
10991 bpr 131 
!set already_seen=!record 0 of $forumdir/.users/$forumrealuser