From 5f0484c4cb937a8d50eb7680e5a843136785876e Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Fri, 21 Apr 2023 19:05:54 +0200 Subject: [PATCH 1/5] set convertToPdf for view --- out/out.Calendar.php | 1 + out/out.Dashboard.php | 1 + out/out.DropFolderChooser.php | 1 + out/out.MyDocuments.php | 1 + out/out.ObjectCheck.php | 1 + out/out.Search.php | 1 + out/out.Timeline.php | 1 + 7 files changed, 7 insertions(+) diff --git a/out/out.Calendar.php b/out/out.Calendar.php index b6c8f9ea4..0690c583e 100644 --- a/out/out.Calendar.php +++ b/out/out.Calendar.php @@ -89,6 +89,7 @@ if($view) { $view->setParam('cachedir', $settings->_cacheDir); $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('previewWidthDetail', $settings->_previewWidthDetail); + $view->setParam('convertToPdf', $settings->_convertToPdf); $view->setParam('previewConverters', isset($settings->_converters['preview']) ? $settings->_converters['preview'] : array()); $view->setParam('timeout', $settings->_cmdTimeout); $view->setParam('accessobject', $accessop); diff --git a/out/out.Dashboard.php b/out/out.Dashboard.php index 879e94d55..b4a183519 100644 --- a/out/out.Dashboard.php +++ b/out/out.Dashboard.php @@ -22,6 +22,7 @@ if($view) { $view->setParam('cachedir', $settings->_cacheDir); $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('previewConverters', isset($settings->_converters['preview']) ? $settings->_converters['preview'] : array()); + $view->setParam('convertToPdf', $settings->_convertToPdf); $view->setParam('timeout', $settings->_cmdTimeout); $view->setParam('accessobject', $accessop); $view->setParam('xsendfile', $settings->_enableXsendfile); diff --git a/out/out.DropFolderChooser.php b/out/out.DropFolderChooser.php index f7bbef11f..345d57390 100644 --- a/out/out.DropFolderChooser.php +++ b/out/out.DropFolderChooser.php @@ -61,6 +61,7 @@ if($view) { $view->setParam('cachedir', $settings->_cacheDir); $view->setParam('previewWidthMenuList', $settings->_previewWidthMenuList); $view->setParam('previewWidthList', $settings->_previewWidthDropFolderList); + $view->setParam('convertToPdf', $settings->_convertToPdf); $view->setParam('previewConverters', isset($settings->_converters['preview']) ? $settings->_converters['preview'] : array()); $view->setParam('timeout', $settings->_cmdTimeout); $view->setParam('xsendfile', $settings->_enableXsendfile); diff --git a/out/out.MyDocuments.php b/out/out.MyDocuments.php index 7cfa317fb..66b7fb24a 100644 --- a/out/out.MyDocuments.php +++ b/out/out.MyDocuments.php @@ -58,6 +58,7 @@ if($view) { $view->setParam('cachedir', $settings->_cacheDir); $view->setParam('conversionmgr', $conversionmgr); $view->setParam('previewWidthList', $settings->_previewWidthList); + $view->setParam('convertToPdf', $settings->_convertToPdf); $view->setParam('previewConverters', isset($settings->_converters['preview']) ? $settings->_converters['preview'] : array()); $view->setParam('timeout', $settings->_cmdTimeout); $view->setParam('accessobject', $accessop); diff --git a/out/out.ObjectCheck.php b/out/out.ObjectCheck.php index e5ac6bedf..aeee0a6e5 100644 --- a/out/out.ObjectCheck.php +++ b/out/out.ObjectCheck.php @@ -95,6 +95,7 @@ if($view) { $view->setParam('accessobject', $accessop); $view->setParam('conversionmgr', $conversionmgr); $view->setParam('previewWidthList', $settings->_previewWidthList); + $view->setParam('convertToPdf', $settings->_convertToPdf); $view->setParam('previewConverters', isset($settings->_converters['preview']) ? $settings->_converters['preview'] : array()); $view->setParam('timeout', $settings->_cmdTimeout); $view->setParam('xsendfile', $settings->_enableXsendfile); diff --git a/out/out.Search.php b/out/out.Search.php index 4468804a3..6ab56973d 100644 --- a/out/out.Search.php +++ b/out/out.Search.php @@ -651,6 +651,7 @@ if($settings->_showSingleSearchHit && count($entries) == 1) { $view->setParam('workflowmode', $settings->_workflowMode); $view->setParam('enablefullsearch', $settings->_enableFullSearch); $view->setParam('previewWidthList', $settings->_previewWidthList); + $view->setParam('convertToPdf', $settings->_convertToPdf); $view->setParam('previewConverters', isset($settings->_converters['preview']) ? $settings->_converters['preview'] : array()); $view->setParam('conversionmgr', $conversionmgr); $view->setParam('timeout', $settings->_cmdTimeout); diff --git a/out/out.Timeline.php b/out/out.Timeline.php index a7b6e05b2..3f1123251 100644 --- a/out/out.Timeline.php +++ b/out/out.Timeline.php @@ -66,6 +66,7 @@ if($view) { $view->setParam('cachedir', $settings->_cacheDir); $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('previewWidthDetail', $settings->_previewWidthDetail); + $view->setParam('convertToPdf', $settings->_convertToPdf); $view->setParam('previewConverters', isset($settings->_converters['preview']) ? $settings->_converters['preview'] : array()); $view->setParam('timeout', $settings->_cmdTimeout); $view->setParam('xsendfile', $settings->_enableXsendfile); From 5112b1614cc7cd0dcbc3d74b0957852ecb33bc4c Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Fri, 21 Apr 2023 19:06:24 +0200 Subject: [PATCH 2/5] set more options for suggestTerms --- views/bootstrap/class.Settings.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/views/bootstrap/class.Settings.php b/views/bootstrap/class.Settings.php index a6ee21dd8..464d8fbba 100644 --- a/views/bootstrap/class.Settings.php +++ b/views/bootstrap/class.Settings.php @@ -358,7 +358,7 @@ if(($kkk = $this->callHook('getFullSearchEngine')) && is_array($kkk)) showConfigOption('settings_fullSearchEngine', 'fullSearchEngine', $fullsearchengines, false, true); ?> showConfigOption('settings_defaultSearchMethod', 'defaultSearchMethod', array('database'=>'settings_defaultSearchMethod_valdatabase', 'fulltext'=>'settings_defaultSearchMethod_valfulltext'), false, true); ?> showConfigCheckbox('settings_showSingleSearchHit', 'showSingleSearchHit'); ?> -showConfigOption('settings_suggestTerms', 'suggestTerms', array('title','comment', 'keywords'), true, true); ?> +showConfigOption('settings_suggestTerms', 'suggestTerms', array('title','comment', 'keywords', 'category', 'content'), true, true); ?> showConfigText('settings_stopWordsFile', 'stopWordsFile'); ?> showConfigCheckbox('settings_enableClipboard', 'enableClipboard'); ?> showConfigCheckbox('settings_enableMenuTasks', 'enableMenuTasks'); ?> From d3ddc38c7ffb7f7f70ea321f7128c181dc111327 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Sat, 22 Apr 2023 19:40:41 +0200 Subject: [PATCH 3/5] take out 'category' from suggestTerms --- views/bootstrap/class.Settings.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/views/bootstrap/class.Settings.php b/views/bootstrap/class.Settings.php index 464d8fbba..17abc51c4 100644 --- a/views/bootstrap/class.Settings.php +++ b/views/bootstrap/class.Settings.php @@ -358,7 +358,7 @@ if(($kkk = $this->callHook('getFullSearchEngine')) && is_array($kkk)) showConfigOption('settings_fullSearchEngine', 'fullSearchEngine', $fullsearchengines, false, true); ?> showConfigOption('settings_defaultSearchMethod', 'defaultSearchMethod', array('database'=>'settings_defaultSearchMethod_valdatabase', 'fulltext'=>'settings_defaultSearchMethod_valfulltext'), false, true); ?> showConfigCheckbox('settings_showSingleSearchHit', 'showSingleSearchHit'); ?> -showConfigOption('settings_suggestTerms', 'suggestTerms', array('title','comment', 'keywords', 'category', 'content'), true, true); ?> +showConfigOption('settings_suggestTerms', 'suggestTerms', array('title','comment', 'keywords', 'content'), true, true); ?> showConfigText('settings_stopWordsFile', 'stopWordsFile'); ?> showConfigCheckbox('settings_enableClipboard', 'enableClipboard'); ?> showConfigCheckbox('settings_enableMenuTasks', 'enableMenuTasks'); ?> From 511492fb5c83e5d780d50f07db63c82b1c909b25 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Sat, 22 Apr 2023 19:41:15 +0200 Subject: [PATCH 4/5] do not suggest terms if query is empty --- out/out.Search.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/out/out.Search.php b/out/out.Search.php index 6ab56973d..850965aa1 100644 --- a/out/out.Search.php +++ b/out/out.Search.php @@ -217,7 +217,7 @@ if($fullsearch) { $total = 0; $index = $fulltextservice->Indexer(); if($index) { - if(!empty($settings->_suggestTerms)) { + if(!empty($settings->_suggestTerms) && !empty($_GET['query'])) { $terms = $index->terms($_GET['query'], $settings->_suggestTerms); } $lucenesearch = $fulltextservice->Search(); From 28174e3a33e2bfa63c46312217c56cb99de7de87 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Sat, 22 Apr 2023 19:41:41 +0200 Subject: [PATCH 5/5] run comment through htmlspecialchars() if markdown parsing is enabled --- views/bootstrap/class.ViewDocument.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/views/bootstrap/class.ViewDocument.php b/views/bootstrap/class.ViewDocument.php index 0d2191f49..2f5478b18 100644 --- a/views/bootstrap/class.ViewDocument.php +++ b/views/bootstrap/class.ViewDocument.php @@ -421,7 +421,7 @@ $(document).ready( function() { if($document->getComment()) { if($settings->_markdownComments) { $Parsedown = new Parsedown(); - $comment = $Parsedown->text($document->getComment()); + $comment = $Parsedown->text(htmlspecialchars($document->getComment())); } else { $comment = htmlspecialchars($document->getComment()); } @@ -773,7 +773,7 @@ $(document).ready( function() { if($latestContent->getComment()) if($settings->_markdownComments) { $Parsedown = new Parsedown(); - $comment = $Parsedown->text($latestContent->getComment()); + $comment = $Parsedown->text(htmlspecialchars($latestContent->getComment())); print "
".$comment."
"; } else { $comment = htmlspecialchars($latestContent->getComment());