diff options
author | nodiscc <nodiscc@gmail.com> | 2015-01-11 14:56:22 +0100 |
---|---|---|
committer | nodiscc <nodiscc@gmail.com> | 2015-01-11 14:56:22 +0100 |
commit | 486f25a5f4ab2a9191618edcb89ebb61350ff600 (patch) | |
tree | c19fbb34904a1c5148202d01fa723d29b0e1557d | |
parent | a2d5ef2127881561bf359390fac2d8d336a37335 (diff) | |
parent | fe16b01edb80ac2f2212125fadba8358dff91b95 (diff) | |
download | Shaarli-486f25a5f4ab2a9191618edcb89ebb61350ff600.tar.gz Shaarli-486f25a5f4ab2a9191618edcb89ebb61350ff600.tar.zst Shaarli-486f25a5f4ab2a9191618edcb89ebb61350ff600.zip |
Merge pull request #93 from ArthurHoaro/scripttag
Remove language attribute on script tag and improve QRCode JS
-rw-r--r-- | index.php | 30 | ||||
-rw-r--r-- | tpl/changetag.html | 4 | ||||
-rw-r--r-- | tpl/editlink.html | 2 | ||||
-rw-r--r-- | tpl/linklist.html | 20 |
4 files changed, 32 insertions, 24 deletions
@@ -430,7 +430,7 @@ if (isset($_POST['login'])) | |||
430 | ban_loginFailed(); | 430 | ban_loginFailed(); |
431 | $redir = ''; | 431 | $redir = ''; |
432 | if (isset($_GET['post'])) { $redir = '&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):''); } | 432 | if (isset($_GET['post'])) { $redir = '&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):''); } |
433 | echo '<script language="JavaScript">alert("Wrong login/password.");document.location=\'?do=login'.$redir.'\';</script>'; // Redirect to login screen. | 433 | echo '<script>alert("Wrong login/password.");document.location=\'?do=login'.$redir.'\';</script>'; // Redirect to login screen. |
434 | exit; | 434 | exit; |
435 | } | 435 | } |
436 | } | 436 | } |
@@ -1387,12 +1387,12 @@ function renderPage() | |||
1387 | 1387 | ||
1388 | // Make sure old password is correct. | 1388 | // Make sure old password is correct. |
1389 | $oldhash = sha1($_POST['oldpassword'].$GLOBALS['login'].$GLOBALS['salt']); | 1389 | $oldhash = sha1($_POST['oldpassword'].$GLOBALS['login'].$GLOBALS['salt']); |
1390 | if ($oldhash!=$GLOBALS['hash']) { echo '<script language="JavaScript">alert("The old password is not correct.");document.location=\'?do=changepasswd\';</script>'; exit; } | 1390 | if ($oldhash!=$GLOBALS['hash']) { echo '<script>alert("The old password is not correct.");document.location=\'?do=changepasswd\';</script>'; exit; } |
1391 | // Save new password | 1391 | // Save new password |
1392 | $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless. | 1392 | $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless. |
1393 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); | 1393 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); |
1394 | writeConfig(); | 1394 | writeConfig(); |
1395 | echo '<script language="JavaScript">alert("Your password has been changed.");document.location=\'?do=tools\';</script>'; | 1395 | echo '<script>alert("Your password has been changed.");document.location=\'?do=tools\';</script>'; |
1396 | exit; | 1396 | exit; |
1397 | } | 1397 | } |
1398 | else // show the change password form. | 1398 | else // show the change password form. |
@@ -1423,7 +1423,7 @@ function renderPage() | |||
1423 | $GLOBALS['disablejquery']=!empty($_POST['disablejquery']); | 1423 | $GLOBALS['disablejquery']=!empty($_POST['disablejquery']); |
1424 | $GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']); | 1424 | $GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']); |
1425 | writeConfig(); | 1425 | writeConfig(); |
1426 | echo '<script language="JavaScript">alert("Configuration was saved.");document.location=\'?do=tools\';</script>'; | 1426 | echo '<script>alert("Configuration was saved.");document.location=\'?do=tools\';</script>'; |
1427 | exit; | 1427 | exit; |
1428 | } | 1428 | } |
1429 | else // Show the configuration form. | 1429 | else // Show the configuration form. |
@@ -1467,7 +1467,7 @@ function renderPage() | |||
1467 | $LINKSDB[$key]=$value; | 1467 | $LINKSDB[$key]=$value; |
1468 | } | 1468 | } |
1469 | $LINKSDB->savedb(); // Save to disk. | 1469 | $LINKSDB->savedb(); // Save to disk. |
1470 | echo '<script language="JavaScript">alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>'; | 1470 | echo '<script>alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>'; |
1471 | exit; | 1471 | exit; |
1472 | } | 1472 | } |
1473 | 1473 | ||
@@ -1484,7 +1484,7 @@ function renderPage() | |||
1484 | $LINKSDB[$key]=$value; | 1484 | $LINKSDB[$key]=$value; |
1485 | } | 1485 | } |
1486 | $LINKSDB->savedb(); // Save to disk. | 1486 | $LINKSDB->savedb(); // Save to disk. |
1487 | echo '<script language="JavaScript">alert("Tag was renamed in '.count($linksToAlter).' links.");document.location=\'?searchtags='.urlencode($_POST['totag']).'\';</script>'; | 1487 | echo '<script>alert("Tag was renamed in '.count($linksToAlter).' links.");document.location=\'?searchtags='.urlencode($_POST['totag']).'\';</script>'; |
1488 | exit; | 1488 | exit; |
1489 | } | 1489 | } |
1490 | } | 1490 | } |
@@ -1515,7 +1515,7 @@ function renderPage() | |||
1515 | pubsubhub(); | 1515 | pubsubhub(); |
1516 | 1516 | ||
1517 | // If we are called from the bookmarklet, we must close the popup: | 1517 | // If we are called from the bookmarklet, we must close the popup: |
1518 | if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script language="JavaScript">self.close();</script>'; exit; } | 1518 | if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; } |
1519 | $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' ); | 1519 | $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' ); |
1520 | $returnurl .= '#'.smallHash($linkdate); // Scroll to the link which has been edited. | 1520 | $returnurl .= '#'.smallHash($linkdate); // Scroll to the link which has been edited. |
1521 | header('Location: '.$returnurl); // After saving the link, redirect to the page the user was on. | 1521 | header('Location: '.$returnurl); // After saving the link, redirect to the page the user was on. |
@@ -1526,7 +1526,7 @@ function renderPage() | |||
1526 | if (isset($_POST['cancel_edit'])) | 1526 | if (isset($_POST['cancel_edit'])) |
1527 | { | 1527 | { |
1528 | // If we are called from the bookmarklet, we must close the popup: | 1528 | // If we are called from the bookmarklet, we must close the popup: |
1529 | if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script language="JavaScript">self.close();</script>'; exit; } | 1529 | if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; } |
1530 | $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' ); | 1530 | $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' ); |
1531 | $returnurl .= '#'.smallHash($_POST['lf_linkdate']); // Scroll to the link which has been edited. | 1531 | $returnurl .= '#'.smallHash($_POST['lf_linkdate']); // Scroll to the link which has been edited. |
1532 | header('Location: '.$returnurl); // After canceling, redirect to the page the user was on. | 1532 | header('Location: '.$returnurl); // After canceling, redirect to the page the user was on. |
@@ -1545,7 +1545,7 @@ function renderPage() | |||
1545 | $LINKSDB->savedb(); // save to disk | 1545 | $LINKSDB->savedb(); // save to disk |
1546 | 1546 | ||
1547 | // If we are called from the bookmarklet, we must close the popup: | 1547 | // If we are called from the bookmarklet, we must close the popup: |
1548 | if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script language="JavaScript">self.close();</script>'; exit; } | 1548 | if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; } |
1549 | header('Location: ?'); // After deleting the link, redirect to the home page. | 1549 | header('Location: ?'); // After deleting the link, redirect to the home page. |
1550 | exit; | 1550 | exit; |
1551 | } | 1551 | } |
@@ -1681,7 +1681,7 @@ HTML; | |||
1681 | if (!isset($_POST['token']) || (!isset($_FILES)) || (isset($_FILES['filetoupload']['size']) && $_FILES['filetoupload']['size']==0)) | 1681 | if (!isset($_POST['token']) || (!isset($_FILES)) || (isset($_FILES['filetoupload']['size']) && $_FILES['filetoupload']['size']==0)) |
1682 | { | 1682 | { |
1683 | $returnurl = ( empty($_SERVER['HTTP_REFERER']) ? '?' : $_SERVER['HTTP_REFERER'] ); | 1683 | $returnurl = ( empty($_SERVER['HTTP_REFERER']) ? '?' : $_SERVER['HTTP_REFERER'] ); |
1684 | echo '<script language="JavaScript">alert("The file you are trying to upload is probably bigger than what this webserver can accept ('.getMaxFileSize().' bytes). Please upload in smaller chunks.");document.location=\''.htmlspecialchars($returnurl).'\';</script>'; | 1684 | echo '<script>alert("The file you are trying to upload is probably bigger than what this webserver can accept ('.getMaxFileSize().' bytes). Please upload in smaller chunks.");document.location=\''.htmlspecialchars($returnurl).'\';</script>'; |
1685 | exit; | 1685 | exit; |
1686 | } | 1686 | } |
1687 | if (!tokenOk($_POST['token'])) die('Wrong token.'); | 1687 | if (!tokenOk($_POST['token'])) die('Wrong token.'); |
@@ -1785,11 +1785,11 @@ function importFile() | |||
1785 | } | 1785 | } |
1786 | $LINKSDB->savedb(); | 1786 | $LINKSDB->savedb(); |
1787 | 1787 | ||
1788 | echo '<script language="JavaScript">alert("File '.json_encode($filename).' ('.$filesize.' bytes) was successfully processed: '.$import_count.' links imported.");document.location=\'?\';</script>'; | 1788 | echo '<script>alert("File '.json_encode($filename).' ('.$filesize.' bytes) was successfully processed: '.$import_count.' links imported.");document.location=\'?\';</script>'; |
1789 | } | 1789 | } |
1790 | else | 1790 | else |
1791 | { | 1791 | { |
1792 | echo '<script language="JavaScript">alert("File '.json_encode($filename).' ('.$filesize.' bytes) has an unknown file format. Nothing was imported.");document.location=\'?\';</script>'; | 1792 | echo '<script>alert("File '.json_encode($filename).' ('.$filesize.' bytes) has an unknown file format. Nothing was imported.");document.location=\'?\';</script>'; |
1793 | } | 1793 | } |
1794 | } | 1794 | } |
1795 | 1795 | ||
@@ -2123,7 +2123,7 @@ function install() | |||
2123 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); | 2123 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); |
2124 | $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.htmlspecialchars(indexUrl()) : $_POST['title'] ); | 2124 | $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.htmlspecialchars(indexUrl()) : $_POST['title'] ); |
2125 | writeConfig(); | 2125 | writeConfig(); |
2126 | echo '<script language="JavaScript">alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>'; | 2126 | echo '<script>alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>'; |
2127 | exit; | 2127 | exit; |
2128 | } | 2128 | } |
2129 | 2129 | ||
@@ -2177,7 +2177,7 @@ function templateTZform($ptz=false) | |||
2177 | $cities_html = $cities[$pcontinent]; | 2177 | $cities_html = $cities[$pcontinent]; |
2178 | $timezone_form = "Continent: <select name=\"continent\" id=\"continent\" onChange=\"onChangecontinent();\">${continents_html}</select>"; | 2178 | $timezone_form = "Continent: <select name=\"continent\" id=\"continent\" onChange=\"onChangecontinent();\">${continents_html}</select>"; |
2179 | $timezone_form .= " City: <select name=\"city\" id=\"city\">${cities[$pcontinent]}</select><br />"; | 2179 | $timezone_form .= " City: <select name=\"city\" id=\"city\">${cities[$pcontinent]}</select><br />"; |
2180 | $timezone_js = "<script language=\"JavaScript\">"; | 2180 | $timezone_js = "<script>"; |
2181 | $timezone_js .= "function onChangecontinent(){document.getElementById(\"city\").innerHTML = citiescontinent[document.getElementById(\"continent\").value];}"; | 2181 | $timezone_js .= "function onChangecontinent(){document.getElementById(\"city\").innerHTML = citiescontinent[document.getElementById(\"continent\").value];}"; |
2182 | $timezone_js .= "var citiescontinent = ".json_encode($cities).";" ; | 2182 | $timezone_js .= "var citiescontinent = ".json_encode($cities).";" ; |
2183 | $timezone_js .= "</script>" ; | 2183 | $timezone_js .= "</script>" ; |
@@ -2292,7 +2292,7 @@ function writeConfig() | |||
2292 | $config .= ' ?>'; | 2292 | $config .= ' ?>'; |
2293 | if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) || strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0) | 2293 | if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) || strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0) |
2294 | { | 2294 | { |
2295 | echo '<script language="JavaScript">alert("Shaarli could not create the config file. Please make sure Shaarli has the right to write in the folder is it installed in.");document.location=\'?\';</script>'; | 2295 | echo '<script>alert("Shaarli could not create the config file. Please make sure Shaarli has the right to write in the folder is it installed in.");document.location=\'?\';</script>'; |
2296 | exit; | 2296 | exit; |
2297 | } | 2297 | } |
2298 | } | 2298 | } |
diff --git a/tpl/changetag.html b/tpl/changetag.html index 79fea9a9..fdfb0b37 100644 --- a/tpl/changetag.html +++ b/tpl/changetag.html | |||
@@ -12,11 +12,11 @@ | |||
12 | <input type="text" name="totag" id="totag"> | 12 | <input type="text" name="totag" id="totag"> |
13 | <input type="submit" name="renametag" value="Rename tag" class="bigbutton"> | 13 | <input type="submit" name="renametag" value="Rename tag" class="bigbutton"> |
14 | or <input type="submit" name="deletetag" value="Delete tag" class="bigbutton" onClick="return confirmDeleteTag();"><br>(Case sensitive)</form> | 14 | or <input type="submit" name="deletetag" value="Delete tag" class="bigbutton" onClick="return confirmDeleteTag();"><br>(Case sensitive)</form> |
15 | <script language="JavaScript">function confirmDeleteTag() { var agree=confirm("Are you sure you want to delete this tag from all links ?"); if (agree) return true ; else return false ; }</script> | 15 | <script>function confirmDeleteTag() { var agree=confirm("Are you sure you want to delete this tag from all links ?"); if (agree) return true ; else return false ; }</script> |
16 | </div> | 16 | </div> |
17 | {include="page.footer"} | 17 | {include="page.footer"} |
18 | {if="($GLOBALS['config']['OPEN_SHAARLI'] || isLoggedIn()) && empty($GLOBALS['disablejquery'])"} | 18 | {if="($GLOBALS['config']['OPEN_SHAARLI'] || isLoggedIn()) && empty($GLOBALS['disablejquery'])"} |
19 | <script language="JavaScript"> | 19 | <script> |
20 | $(document).ready(function() | 20 | $(document).ready(function() |
21 | { | 21 | { |
22 | $('#fromtag').autocomplete({source:'{$source}?ws=singletag',minLength:1}); | 22 | $('#fromtag').autocomplete({source:'{$source}?ws=singletag',minLength:1}); |
diff --git a/tpl/editlink.html b/tpl/editlink.html index 454dfff4..047e7f0d 100644 --- a/tpl/editlink.html +++ b/tpl/editlink.html | |||
@@ -33,7 +33,7 @@ | |||
33 | </div> | 33 | </div> |
34 | {include="page.footer"} | 34 | {include="page.footer"} |
35 | {if="($GLOBALS['config']['OPEN_SHAARLI'] || isLoggedIn()) && empty($GLOBALS['disablejquery'])"} | 35 | {if="($GLOBALS['config']['OPEN_SHAARLI'] || isLoggedIn()) && empty($GLOBALS['disablejquery'])"} |
36 | <script language="JavaScript"> | 36 | <script> |
37 | $(document).ready(function() | 37 | $(document).ready(function() |
38 | { | 38 | { |
39 | $('#lf_tags').autocomplete({source:'{$source}?ws=tags',minLength:1}); | 39 | $('#lf_tags').autocomplete({source:'{$source}?ws=tags',minLength:1}); |
diff --git a/tpl/linklist.html b/tpl/linklist.html index 42a75a1a..d5bfadf8 100644 --- a/tpl/linklist.html +++ b/tpl/linklist.html | |||
@@ -52,7 +52,7 @@ | |||
52 | <span class="linkarchive"><a href="https://web.archive.org/web/{$value.url|htmlspecialchars}">archive</a> - </span> | 52 | <span class="linkarchive"><a href="https://web.archive.org/web/{$value.url|htmlspecialchars}">archive</a> - </span> |
53 | {/if} | 53 | {/if} |
54 | <div class="linkqrcode"><a href="http://qrfree.kaywa.com/?l=1&s=8&d={$scripturl|urlencode}%3F{$value.linkdate|smallHash}" | 54 | <div class="linkqrcode"><a href="http://qrfree.kaywa.com/?l=1&s=8&d={$scripturl|urlencode}%3F{$value.linkdate|smallHash}" |
55 | onclick="showQrCode(this); return false;" class="qrcode" data-permalink="{$scripturl}?{$value.linkdate|smallHash}"><img src="images/qrcode.png#" title="QR-Code" alt="QR-Code"></a></div> - | 55 | onclick="return showQrCode(this);" class="qrcode" data-permalink="{$scripturl}?{$value.linkdate|smallHash}"><img src="images/qrcode.png#" title="QR-Code"></a></div> - |
56 | <a href="{$value.url|htmlspecialchars}"><span class="linkurl" title="Short link">{$value.url|htmlspecialchars}</span></a><br> | 56 | <a href="{$value.url|htmlspecialchars}"><span class="linkurl" title="Short link">{$value.url|htmlspecialchars}</span></a><br> |
57 | {if="$value.tags"} | 57 | {if="$value.tags"} |
58 | <div class="linktaglist"> | 58 | <div class="linktaglist"> |
@@ -79,12 +79,20 @@ function remove_qrcode() | |||
79 | return false; | 79 | return false; |
80 | } | 80 | } |
81 | 81 | ||
82 | function isCanvasSupported(){ | ||
83 | var elem = document.createElement('canvas'); | ||
84 | return !!(elem.getContext && elem.getContext('2d')); | ||
85 | } | ||
86 | |||
82 | // Show the QR-Code of a permalink (when the QR-Code icon is clicked). | 87 | // Show the QR-Code of a permalink (when the QR-Code icon is clicked). |
83 | function showQrCode(caller,loading=false) | 88 | function showQrCode(caller,loading) |
84 | { | 89 | { |
90 | if( !isCanvasSupported() ) return true; | ||
91 | |||
85 | // Dynamic javascript lib loading: We only load qr.js if the QR code icon is clicked: | 92 | // Dynamic javascript lib loading: We only load qr.js if the QR code icon is clicked: |
86 | if (typeof(qr)=='undefined') // Load qr.js only if not present. | 93 | if (typeof(qr)=='undefined') // Load qr.js only if not present. |
87 | { | 94 | { |
95 | loading = typeof loading !== 'undefined' ? loading : false; | ||
88 | if (!loading) // If javascript lib is still loading, do not append script to body. | 96 | if (!loading) // If javascript lib is still loading, do not append script to body. |
89 | { | 97 | { |
90 | var element = document.createElement("script"); | 98 | var element = document.createElement("script"); |
@@ -101,12 +109,12 @@ function showQrCode(caller,loading=false) | |||
101 | // Build the div which contains the QR-Code: | 109 | // Build the div which contains the QR-Code: |
102 | var element = document.createElement('div'); | 110 | var element = document.createElement('div'); |
103 | element.id="permalinkQrcode"; | 111 | element.id="permalinkQrcode"; |
104 | // Make QR-Code div commit sepuku when clicked: | 112 | |
105 | if ( element.attachEvent ){ element.attachEvent('onclick', 'this.parentNode.removeChild(this);' ); } // Damn IE | 113 | // Make QR-Code div commit sepuku when clicked: |
106 | else { element.setAttribute('onclick', 'this.parentNode.removeChild(this);' ); } | 114 | element.addEventListener('click', remove_qrcode ); // Works on every canvas supported browser |
107 | 115 | ||
108 | // Build the QR-Code: | 116 | // Build the QR-Code: |
109 | var image = qr.image({size: 8,value: caller.dataset.permalink}); | 117 | var image = qr.image({size: 8,value: caller.getAttribute('data-permalink')}); |
110 | if (image) | 118 | if (image) |
111 | { | 119 | { |
112 | element.appendChild(image); | 120 | element.appendChild(image); |