You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@roller.apache.org by sn...@apache.org on 2006/11/21 16:52:00 UTC
svn commit: r477713 - in /incubator/roller/trunk:
src/org/apache/roller/ui/authoring/struts/actions/BookmarkSaveAction.java
web/WEB-INF/classes/ApplicationResources.properties
Author: snoopdave
Date: Tue Nov 21 07:51:59 2006
New Revision: 477713
URL: http://svn.apache.org/viewvc?view=rev&rev=477713
Log:
ROL-1279: Bookmark form should check for valid URLs
Modified:
incubator/roller/trunk/src/org/apache/roller/ui/authoring/struts/actions/BookmarkSaveAction.java
incubator/roller/trunk/web/WEB-INF/classes/ApplicationResources.properties
Modified: incubator/roller/trunk/src/org/apache/roller/ui/authoring/struts/actions/BookmarkSaveAction.java
URL: http://svn.apache.org/viewvc/incubator/roller/trunk/src/org/apache/roller/ui/authoring/struts/actions/BookmarkSaveAction.java?view=diff&rev=477713&r1=477712&r2=477713
==============================================================================
--- incubator/roller/trunk/src/org/apache/roller/ui/authoring/struts/actions/BookmarkSaveAction.java (original)
+++ incubator/roller/trunk/src/org/apache/roller/ui/authoring/struts/actions/BookmarkSaveAction.java Tue Nov 21 07:51:59 2006
@@ -20,8 +20,11 @@
*/
package org.apache.roller.ui.authoring.struts.actions;
+import java.net.MalformedURLException;
+import java.net.URL;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.lang.StringUtils;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionError;
@@ -44,6 +47,7 @@
* @struts.action path="/roller-ui/authoring/bookmarkSave" name="bookmarkFormEx"
* validate="true" input="/roller-ui/authoring/bookmarkEdit.do"
* @struts.action-forward name="Bookmarks" path="/roller-ui/authoring/bookmarks.do?method=selectFolder"
+ * @struts.action-forward name="BookmarkForm" path=".BookmarkForm"
*
* @author Dave Johnson
*/
@@ -60,7 +64,7 @@
BookmarkFormEx form = (BookmarkFormEx)actionForm;
RollerRequest rreq = RollerRequest.getRollerRequest(request);
BookmarkManager bmgr = RollerFactory.getRoller().getBookmarkManager();
-
+
BookmarkData bd = null;
if (null != form.getId() && !form.getId().trim().equals(""))
{
@@ -73,6 +77,14 @@
request.getParameter(RequestConstants.FOLDER_ID));
bd.setFolder(fd);
}
+
+ // Fix for ROL-1279, check for valid bookmark URLs
+ ActionErrors errors = validateBookmark(null, form);
+ if (errors.size() > 0) {
+ saveErrors(request, errors);
+ return mapping.findForward("BookmarkForm");
+ }
+
RollerSession rses = RollerSession.getRollerSession(request);
if (bd.getFolder().getWebsite().hasUserPermissions(
rses.getAuthenticatedUser(), PermissionsData.AUTHOR))
@@ -88,13 +100,35 @@
}
else
{
- ActionErrors errors = new ActionErrors();
errors.add(null, new ActionError("error.permissions.deniedSave"));
saveErrors(request, errors);
forward = mapping.findForward("access-denied");
}
return forward;
+ }
+
+ public ActionErrors validateBookmark(ActionErrors errors, BookmarkFormEx form) {
+ if (errors == null) errors = new ActionErrors();
+ if (StringUtils.isNotEmpty(form.getUrl()) && !validURL(form.getUrl())) {
+ errors.add("url", new ActionError("bookmarkForm.error.invalidURL", form.getUrl()));
+ }
+ if (StringUtils.isNotEmpty(form.getFeedUrl()) && !validURL(form.getFeedUrl())) {
+ errors.add("feedUrl", new ActionError("bookmarkForm.error.invalidURL", form.getFeedUrl()));
+ }
+ if (StringUtils.isNotEmpty(form.getImage()) && !validURL(form.getImage())) {
+ errors.add("image", new ActionError("bookmarkForm.error.invalidURL", form.getImage()));
+ }
+ return errors;
+ }
+
+ public boolean validURL(String url) {
+ boolean valid = false;
+ try {
+ URL test = new URL(url);
+ valid = true;
+ } catch (MalformedURLException intentionallyIgnored) {}
+ return valid;
}
}
Modified: incubator/roller/trunk/web/WEB-INF/classes/ApplicationResources.properties
URL: http://svn.apache.org/viewvc/incubator/roller/trunk/web/WEB-INF/classes/ApplicationResources.properties?view=diff&rev=477713&r1=477712&r2=477713
==============================================================================
--- incubator/roller/trunk/web/WEB-INF/classes/ApplicationResources.properties (original)
+++ incubator/roller/trunk/web/WEB-INF/classes/ApplicationResources.properties Tue Nov 21 07:51:59 2006
@@ -45,6 +45,8 @@
bookmarkForm.url=Bookmark URL
bookmarkForm.weight=Display Weight
+bookmarkForm.error.invalidURL=Invalid URL: {0}
+
# ----------------------------------------------------------- BookmarksForm.jsp
bookmarksForm.root=root
@@ -493,6 +495,7 @@
correct username.
error.permissionDenied.reason3=Your blog server's database connection is \
misconfigured. To resolve this problem, see your system administrator.
+
#-------------------------------------------------------------- Struts Validator