Commit 7467e721 authored by skodak's avatar skodak
Browse files

MDL-18900 reimplemented trusttext - now using separate db field; the API will...

MDL-18900 reimplemented trusttext - now using separate db field; the API will be improved and documented together with the new support functions needed for new Editor element
parent e2d7687f
......@@ -1551,20 +1551,6 @@ function filter_text($text, $courseid=NULL) {
return filter_manager::instance()->filter_text($text, $context, $courseid);
}
/**
* Is the text marked as trusted?
*
* @param string $text text to be searched for TRUSTTEXT marker
* @return boolean
*/
function trusttext_present($text) {
if (strpos($text, TRUSTTEXT) !== FALSE) {
return true;
} else {
return false;
}
}
/**
* Legacy function, used for cleaning of old forum and glossary text only.
* @param string $text text that may contain TRUSTTEXT marker
......@@ -1582,54 +1568,6 @@ function trusttext_strip($text) {
}
}
/**
* Mark text as trusted, such text may contain any HTML tags because the
* normal text cleaning will be bypassed.
* Please make sure that the text comes from trusted user before storing
* it into database!
*/
function trusttext_mark($text) {
//TODO: delete
global $CFG;
if (!empty($CFG->enabletrusttext) and (strpos($text, TRUSTTEXT) === FALSE)) {
return TRUSTTEXT.$text;
} else {
return $text;
}
}
function trusttext_after_edit(&$text, $context) {
//TODO: delete
if (has_capability('moodle/site:trustcontent', $context)) {
$text = trusttext_strip($text);
$text = trusttext_mark($text);
} else {
$text = trusttext_strip($text);
}
}
function trusttext_prepare_edit(&$text, &$format, $usehtmleditor, $context) {
global $CFG;
//TODO: delete
$options = new object();
$options->smiley = false;
$options->filter = false;
if (!empty($CFG->enabletrusttext)
and has_capability('moodle/site:trustcontent', $context)
and trusttext_present($text)) {
$options->noclean = true;
} else {
$options->noclean = false;
}
$text = trusttext_strip($text);
if ($usehtmleditor) {
$text = format_text($text, $format, $options);
$format = FORMAT_HTML;
} else if (!$options->noclean){
$text = clean_text($text, $format);
}
}
/**
* Must be called before editing of all texts
* with trust flag. Removes all XSS nasties
......@@ -1651,7 +1589,7 @@ function trusttext_pre_edit($object, $field, $context) {
}
/**
* Is user trusted to enter no dangerous XSS in this context?
* Is urrent user trusted to enter no dangerous XSS in this context?
* Please note the user must be in fact trusted everywhere on this server!!
* @param $context
* @return bool true if user trusted
......
......@@ -11,6 +11,7 @@ required changes in code:
* move post instalation code from lib.php into db/install.php
* completely rewrite file handling
* rewrite backup/restore
* rewrite trusstext support - new db table columns needed
optional - no changes needed in older code:
* portfolio support
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment