roller-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From snoopd...@apache.org
Subject svn commit: r425054 - /incubator/roller/branches/roller_2.3/src/org/apache/roller/presentation/weblog/formbeans/CommentFormEx.java
Date Mon, 24 Jul 2006 13:56:59 GMT
Author: snoopdave
Date: Mon Jul 24 06:56:58 2006
New Revision: 425054

URL: http://svn.apache.org/viewvc?rev=425054&view=rev
Log:
Remove HTML from incoming comment name, url and email fields

Modified:
    incubator/roller/branches/roller_2.3/src/org/apache/roller/presentation/weblog/formbeans/CommentFormEx.java

Modified: incubator/roller/branches/roller_2.3/src/org/apache/roller/presentation/weblog/formbeans/CommentFormEx.java
URL: http://svn.apache.org/viewvc/incubator/roller/branches/roller_2.3/src/org/apache/roller/presentation/weblog/formbeans/CommentFormEx.java?rev=425054&r1=425053&r2=425054&view=diff
==============================================================================
--- incubator/roller/branches/roller_2.3/src/org/apache/roller/presentation/weblog/formbeans/CommentFormEx.java
(original)
+++ incubator/roller/branches/roller_2.3/src/org/apache/roller/presentation/weblog/formbeans/CommentFormEx.java
Mon Jul 24 06:56:58 2006
@@ -21,6 +21,8 @@
 
 import javax.servlet.ServletRequest;
 import javax.servlet.http.HttpServletRequest;
+import org.apache.commons.lang.StringUtils;
+import org.apache.roller.util.Utilities;
 
 import org.apache.struts.action.ActionMapping;
 import org.apache.roller.RollerException;
@@ -112,6 +114,15 @@
     public void copyTo(org.apache.roller.pojos.CommentData dataHolder, Locale locale) 
         throws RollerException
     {
+        if (!StringUtils.isEmpty(name)) {
+            name = Utilities.removeHTML(name);
+        }
+        if (!StringUtils.isEmpty(url)) {
+            url = Utilities.removeHTML(url);
+        }
+        if (!StringUtils.isEmpty(email)) {
+            email = Utilities.removeHTML(email);
+        }
         super.copyTo(dataHolder, locale);
         if (getSpam() == null) dataHolder.setSpam(Boolean.FALSE);
         if (getNotify() == null) dataHolder.setNotify(Boolean.FALSE);



Mime
View raw message