@@ -22,50 +22,3 @@ Rake::RDocTask.new(:rdoc) do |rdoc| rdoc.rdoc_files.include('README') rdoc.rdoc_files.include('lib/**/*.rb') end - -# Globals - -PKG_NAME = 'active_scaffold_plugin' -PKG_VERSION = '1.0' - -PKG_FILES = ['README', 'CHANGELOG', 'MIT-LICENSE', 'init.rb', 'install.rb'] -PKG_DIRECTORIES = ['app/', 'lib/', 'public/', 'tasks/', 'test/'] -PKG_DIRECTORIES.each do |dir| - Find.find(dir) do |f| - if FileTest.directory?(f) and f =~ /\.svn/ - Find.prune - else - PKG_FILES << f - end - end -end - -# Tasks - -task :package -Rake::PackageTask.new(PKG_NAME, PKG_VERSION) do |p| - p.need_tar = true - p.package_files = PKG_FILES -end - -# "Gem" part of the Rakefile -begin - require 'rake/gempackagetask' - - spec = Gem::Specification.new do |s| - s.platform = Gem::Platform::RUBY - s.summary = "ActiveScaffold is a Rails plugin for rich ActiveRecord CRUD." - s.name = PKG_NAME - s.version = PKG_VERSION - s.requirements << 'none' - s.files = PKG_FILES - s.description = "ActiveScaffold is a Rails plugin for rich ActiveRecord CRUD." - end - - task :package_gem - Rake::GemPackageTask.new(spec) do |pkg| - pkg.need_zip = true - pkg.need_tar = true - end -rescue LoadError -end Rakefile @@ -23,7 +23,7 @@ <label for="<%= "record_#{active_scaffold_config.model}" %>"><%= active_scaffold_config.model %></label> <%# select_options = options_for_select(options_for_association(nested_association)) unless column.through_association? -%> - <% select_options ||= options_for_select(active_scaffold_config.model.find(:all).collect {|c| [c.to_label, c.id]}) -%> + <% select_options ||= options_for_select(active_scaffold_config.model.find(:all).collect {|c| [h(c.to_label), c.id]}) -%> <% unless select_options.empty? -%> <%= select_tag 'associated_id', '<option value="">' + as_('- select -') + '</option>' + select_options %> <% end -%> frontends/default/views/_add_existing_form.rhtml @@ -9,7 +9,7 @@ <% unless readonly -%> <%= render :partial => form_partial_for_column(column), :locals => { :column => column, :scope => scope } -%> <% else -%> - <p><%= @record.send(column.name) -%></p> + <p><%= h @record.send(column.name) -%></p> <% end -%> </td> <% end -%> frontends/default/views/_form_association_record.rhtml @@ -1,10 +1,10 @@ <% for name in [:info, :warning, :error] %> <% if flash[name] %> <p class="<%= "#{name}-message message" %>" > - <%= flash[name] %> + <%= h flash[name] %> <% if request.xhr? %> <a href="#" onclick="Element.remove(this.parentNode); return false;"><%= as_('Close') %></a> <% end %> </p> <% end %> -<% end %> \ No newline at end of file +<% end %> frontends/default/views/_messages.rhtml @@ -35,7 +35,7 @@ concat render(:active_scaffold => controller.controller_path, :constraints => @constraints, :conditions => association.options[:conditions], - :label => @label, + :label => h(@label), :params => {:nested => true, :parent_column => column_name, :parent_model => association.active_record} ), binding end frontends/default/views/_nested.rhtml @@ -27,7 +27,7 @@ else end %> - <h4><%= @record.to_label.nil? ? active_scaffold_config.update.label : as_('Update %s', @record.to_label) %></h4> + <h4><%= @record.to_label.nil? ? active_scaffold_config.update.label : as_('Update %s', clean_column_value(@record.to_label)) %></h4> <% if request.xhr? -%> <div id="<%= element_messages_id(:action => :update) %>" class="messages-container"><%= error_messages_for :record %></div> @@ -46,4 +46,4 @@ end </form> <script type="text/javascript"> Form.focusFirstElement('<%= element_form_id(:action => :update) -%>'); -</script> \ No newline at end of file +</script> frontends/default/views/_update_form.rhtml 7b6991efd2568a6ae5ecd7e0c00b9d150c80ec7e cainlevy cainlevy@561dde7e-7729-0410-be8e-ef83869d6c7d http://github.com/edwinmoss/active_scaffold/commit/77bf6d56b86de39bd44ad535f19e151b3ed89b10 77bf6d56b86de39bd44ad535f19e151b3ed89b10 2007-12-03T16:41:14-08:00 2007-12-03T16:41:14-08:00 cleaning up rake tasks (folder, and gem packaging task) closing a few XSS holes (thanks dov) git-svn-id: http://activescaffold.googlecode.com/svn/trunk@693 561dde7e-7729-0410-be8e-ef83869d6c7d 626d4dcbfb1ae01f4767ef07a7ba859370125f3e cainlevy cainlevy@561dde7e-7729-0410-be8e-ef83869d6c7d