form-processing-procs.tcl

  • last updated 2 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
fix typos

ad_form reform:

- use actual flags instead of parsing arguments all the time

- retrieve proc flags from ad_proc definition (TODO: have some api for this?)

- follow the thread of peculiar ad_form logic to fix new csrf signing feature

- improve documentation using @param instead of manual formatting

- leave some note to travellers in the code

    • -243
    • +229
    ./form-processing-procs.tcl
reflow overlong lines in comments

ad_form: Add optional parameter -csrf_protection_p (defaults to false)

white space changes

simplify code

improve security of ad_forms by binding request to a user

fix bracket in last commit

use usual idioms, white space changes

Greatly reduce complexity of code required to support -export flag for ad_form:

instead of juggle variables around to mimick export_vars, just set -export flag

value as a form property, then use the real export_vars on it later when form

is rendered. This will support all current features (e.g. :multiple, :sign, :array)

more reliably and reduce code duplication.

  1. … 1 more file in changeset.
improve wording

  1. … 7 more files in changeset.
make spelling of names more consistent

  1. … 5 more files in changeset.
Revert massive replacement of empty list creation sentences. The use of '[list]' instead of '{}' adds semantics that could be used for performance improvements in the future, such as using a different internal representation. There is already work in this direction, avoiding the generation of the string representation during comparison of empty strings (huge thanks to Stefan Sobernig for the pointer: https://core.tcl.tk/tcl/info/44527c632ed609c2).

  1. … 475 more files in changeset.
Prefer '{}' to '[list]' when creating empty lists

  1. … 71 more files in changeset.
Fix typos

  1. … 34 more files in changeset.
Fix typos

  1. … 14 more files in changeset.
Use consistently ad_script_abort after ad_return_error.

Removed incorrectly placed "--" between named parameter and its value

Bug fix: avoid confusion between command argument and option, when argument starts with "-"

  1. … 81 more files in changeset.
merged changes from the oacs-5-9 branch and resolved conflicts

  1. … 7834 more files in changeset.
Fix spelling errors

  1. … 22 more files in changeset.
- add validation against invalid host header fields

  1. … 3 more files in changeset.
Fix indentation from previous commit

Fixed problem when exporting empty variables pointed by Gustaf:

when one exported something like {{var ""} ... this was seen as absence of value,

so $var was searched for one in the caller scope. Hardened check for presence of an explicit value.

- only subst value, when it was provided explicitely in the "- -export" list. (see also change in www/register/user-new.tcl in http://cvs.openacs.org/changelog/OpenACS?cs=oacs-5-9%3Agustafn%3A20160525130725)

- set port to default-port when switching proto to https behind a proxy

  1. … 1 more file in changeset.
ad_form: completed support for -export parameter. Now the same syntax used

for "vars" argument in export_vars proc can be used. In particular

one can specify :multiple, :array and :sign flags on variables.

This change required modification to template::widget::hidden: now, when

specifying both -value and -values flags, if -values is non-empty this will

have the precedence over -value, and this widget will me multiple.

Commit on branch 5-9

  1. … 1 more file in changeset.
ad_form: completed support for -export parameter. Now the same syntax used

for "vars" argument in export_vars proc can be used. In particular

one can specify :multiple, :array and :sign flags on variables.

This change required modification to template::widget::hidden: now, when

specifying both -value and -values flags, if -values is non-empty this will

have the precedence over -value, and this widget will me multiple.

  1. … 1 more file in changeset.
- remove trailing .html from doc references (to allow e.g. .adp as well)

  1. … 4 more files in changeset.
- remove globals for errorInfo/errorCode and use namespace qualifiers instead

  1. … 12 more files in changeset.