cyberpresidentvanellope/CHOMPStation2
1
0
Fork 0
mirror of https://github.com/CHOMPStation2/CHOMPStation2.git synced 2025-12-11 10:43:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2816 from comma/HTML

Browse Source 
HTML in papers
This commit is contained in:
Jim "Apples"
2013-05-24 14:30:36 -07:00
parent 5eb23b9cee 1486e4b487
commit 858d98eb7c
3 changed files with 37 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
code/__HELPERS/text.dm
View File

@@ -140,7 +140,24 @@
return t_out return t_out
//checks text for html tags
//if tag is not in whitelist (var/list/paper_tag_whitelist in global.dm)
//relpaces < with &lt;
proc/checkhtml(var/t)
t = sanitize_simple(t, list("&#"="."))
var/p = findtext(t,"<",1)
while (p) //going through all the tags
var/start = p++
var/tag = copytext(t,p, p+1)
if (tag != "/")
while (reject_bad_text(copytext(t, p, p+1), 1))
tag = copytext(t,start, p)
p++
tag = copytext(t,start+1, p)
if (!(tag in paper_tag_whitelist)) //if it's unkown tag, disarming it
t = copytext(t,1,start-1) + "&lt;" + copytext(t,start+1)
p = findtext(t,"<",p)
return t
/* /*
* Text searches * Text searches
*/ */

6
code/global.dm
View File

@@ -27,6 +27,12 @@ var/global/list/global_map = null
////////////// //////////////
var/list/paper_tag_whitelist = list("center","p","div","span","h1","h2","h3","h4","h5","h6","hr","pre", \
"big","small","font","i","u","b","s","sub","sup","tt","br","hr","ol","ul","li","caption","col", \
"table","td","th","tr")
var/list/paper_blacklist = list("java","onblur","onchange","onclick","ondblclick","onfocus","onkeydown", \
"onkeypress","onkeyup","onload","onmousedown","onmousemove","onmouseout","onmouseover", \
"onmouseup","onreset","onselect","onsubmit","onunload")
var/BLINDBLOCK = 0 var/BLINDBLOCK = 0
var/DEAFBLOCK = 0 var/DEAFBLOCK = 0

14
code/modules/paperwork/paper.dm
View File

@@ -236,7 +236,8 @@
if(href_list["write"]) if(href_list["write"])
var/id = href_list["write"] var/id = href_list["write"]
//var/t = strip_html_simple(input(usr, "What text do you wish to add to " + (id=="end" ? "the end of the paper" : "field "+id) + "?", "[name]", null),8192) as message //var/t = strip_html_simple(input(usr, "What text do you wish to add to " + (id=="end" ? "the end of the paper" : "field "+id) + "?", "[name]", null),8192) as message
var/t = strip_html_simple(input("Enter what you want to write:", "Write", null, null) as message, MAX_MESSAGE_LEN) //var/t = strip_html_simple(input("Enter what you want to write:", "Write", null, null) as message, MAX_MESSAGE_LEN)
var/t = input("Enter what you want to write:", "Write", null, null) as message
var/obj/item/i = usr.get_active_hand() // Check to see if he still got that darn pen, also check if he's using a crayon or pen. var/obj/item/i = usr.get_active_hand() // Check to see if he still got that darn pen, also check if he's using a crayon or pen.
var/iscrayon = 0 var/iscrayon = 0
if(!istype(i, /obj/item/weapon/pen)) if(!istype(i, /obj/item/weapon/pen))
@@ -248,6 +249,17 @@
if((!in_range(src, usr) && loc != usr && !( istype(loc, /obj/item/weapon/clipboard) ) && loc.loc != usr && usr.get_active_hand() != i)) // Some check to see if he's allowed to write if((!in_range(src, usr) && loc != usr && !( istype(loc, /obj/item/weapon/clipboard) ) && loc.loc != usr && usr.get_active_hand() != i)) // Some check to see if he's allowed to write
return return
t = checkhtml(t)
// check for exploits
for(var/bad in paper_blacklist)
if(findtext(t,bad))
usr << "\blue You think to yourself, \"Hm.. this is only paper...\""
log_admin("PAPER: [usr] ([usr.ckey]) tried to use forbidden word in [src]: [bad].")
message_admins("PAPER: [usr] ([usr.ckey]) tried to use forbidden word in [src]: [bad].")
return
t = replacetext(t, "\n", "<BR>")
t = parsepencode(t, i, usr, iscrayon) // Encode everything from pencode to html t = parsepencode(t, i, usr, iscrayon) // Encode everything from pencode to html
if(id!="end") if(id!="end")