From 46af2136fac3c2ef7fc3662263d8dfddc4c15f20 Mon Sep 17 00:00:00 2001 From: MichaelDaum Date: Fri, 24 Feb 2012 17:01:06 +0000 Subject: [PATCH] Item11433: check access rights before extracting the TopicTitle git-svn-id: http://svn.foswiki.org/trunk/NatSkinPlugin@14081 0b4bb1d4-4e5a-0410-9cc4-b2b747904278 --- bin/natsearch | 2 +- data/System/NatSkinPlugin.txt | 2 +- lib/Foswiki/Plugins/NatSkinPlugin.pm | 2 +- lib/Foswiki/Plugins/NatSkinPlugin/ContentType.pm | 2 +- lib/Foswiki/Plugins/NatSkinPlugin/DEPENDENCIES | 1 + lib/Foswiki/Plugins/NatSkinPlugin/ExternalLink.pm | 2 +- lib/Foswiki/Plugins/NatSkinPlugin/HtmlTitle.pm | 10 ++++++++-- lib/Foswiki/Plugins/NatSkinPlugin/Revisions.pm | 2 +- lib/Foswiki/Plugins/NatSkinPlugin/Search.pm | 2 +- lib/Foswiki/Plugins/NatSkinPlugin/ThemeEngine.pm | 3 ++- lib/Foswiki/Plugins/NatSkinPlugin/UserActions.pm | 2 +- lib/Foswiki/Plugins/NatSkinPlugin/Utils.pm | 2 +- lib/Foswiki/Plugins/NatSkinPlugin/WebComponent.pm | 2 +- lib/Foswiki/Plugins/NatSkinPlugin/WebLink.pm | 2 +- lib/Foswiki/Plugins/NatSkinPlugin/WebLogo.pm | 12 ++++++++---- 15 files changed, 30 insertions(+), 18 deletions(-) diff --git a/bin/natsearch b/bin/natsearch index bfbf378..0192219 100755 --- a/bin/natsearch +++ b/bin/natsearch @@ -1,7 +1,7 @@ #!/usr/bin/perl -w # Foswiki - The Free and Open Source Wiki, http://foswiki.org/ # -# Copyright (C) 2003-2010 Michael Daum http://michaeldaumconsulting.com +# Copyright (C) 2003-2012 Michael Daum http://michaeldaumconsulting.com # # based on photonsearch # Copyright (C) 2001 Esteban Manchado Velázquez, zoso@foton.es diff --git a/data/System/NatSkinPlugin.txt b/data/System/NatSkinPlugin.txt index ff6585f..9faa466 100644 --- a/data/System/NatSkinPlugin.txt +++ b/data/System/NatSkinPlugin.txt @@ -201,7 +201,7 @@ See NatSkin#Installation_Instructions * Set SHORTDESCRIPTION = Theming engine for NatSkin --> | Plugin Author: | Michael Daum | -| Copyright ©: | 2003-2010, Michael Daum http://michaeldaumconsulting.com | +| Copyright ©: | 2003-2012, Michael Daum http://michaeldaumconsulting.com | | License: | GPL ([[http://www.gnu.org/copyleft/gpl.html][GNU General Public License]]) | | Release: | %$RELEASE% | | Version: | %$VERSION% | diff --git a/lib/Foswiki/Plugins/NatSkinPlugin.pm b/lib/Foswiki/Plugins/NatSkinPlugin.pm index 364b1a2..d65196f 100755 --- a/lib/Foswiki/Plugins/NatSkinPlugin.pm +++ b/lib/Foswiki/Plugins/NatSkinPlugin.pm @@ -1,7 +1,7 @@ ############################################################################### # NatSkinPlugin.pm - Plugin handler for the NatSkin. # -# Copyright (C) 2003-2010 MichaelDaum http://michaeldaumconsulting.com +# Copyright (C) 2003-2012 MichaelDaum http://michaeldaumconsulting.com # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License diff --git a/lib/Foswiki/Plugins/NatSkinPlugin/ContentType.pm b/lib/Foswiki/Plugins/NatSkinPlugin/ContentType.pm index d977f03..e553a59 100644 --- a/lib/Foswiki/Plugins/NatSkinPlugin/ContentType.pm +++ b/lib/Foswiki/Plugins/NatSkinPlugin/ContentType.pm @@ -1,7 +1,7 @@ ############################################################################### # NatSkinPlugin.pm - Plugin handler for the NatSkin. # -# Copyright (C) 2003-2010 MichaelDaum http://michaeldaumconsulting.com +# Copyright (C) 2003-2012 MichaelDaum http://michaeldaumconsulting.com # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License diff --git a/lib/Foswiki/Plugins/NatSkinPlugin/DEPENDENCIES b/lib/Foswiki/Plugins/NatSkinPlugin/DEPENDENCIES index 0af98fc..911f698 100644 --- a/lib/Foswiki/Plugins/NatSkinPlugin/DEPENDENCIES +++ b/lib/Foswiki/Plugins/NatSkinPlugin/DEPENDENCIES @@ -10,6 +10,7 @@ Foswiki::Plugins::NatEditPlugin,>=1993,perl,Required Foswiki::Plugins::RenderPlugin,>=3644,perl,Required Foswiki::Plugins::SetVariablePlugin,>=4287,perl,Required Foswiki::Plugins::TopicInteractionPlugin,>=1340,perl,Required +Foswiki::Plugins::ImagePlugin,>=2.40,perl,Required Foswiki::Plugins::WebLinkPlugin,>=1,perl,Optional ONLYIF ( $Foswiki::Plugins::VERSION < 2.1) Foswiki::Plugins::ZonePlugin,>=3.1,perl,Required. required for Foswiki < 1.1 diff --git a/lib/Foswiki/Plugins/NatSkinPlugin/ExternalLink.pm b/lib/Foswiki/Plugins/NatSkinPlugin/ExternalLink.pm index 1fd690c..201ec92 100644 --- a/lib/Foswiki/Plugins/NatSkinPlugin/ExternalLink.pm +++ b/lib/Foswiki/Plugins/NatSkinPlugin/ExternalLink.pm @@ -1,7 +1,7 @@ ############################################################################### # NatSkinPlugin.pm - Plugin handler for the NatSkin. # -# Copyright (C) 2003-2010 MichaelDaum http://michaeldaumconsulting.com +# Copyright (C) 2003-2012 MichaelDaum http://michaeldaumconsulting.com # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License diff --git a/lib/Foswiki/Plugins/NatSkinPlugin/HtmlTitle.pm b/lib/Foswiki/Plugins/NatSkinPlugin/HtmlTitle.pm index 5193edf..0df0730 100644 --- a/lib/Foswiki/Plugins/NatSkinPlugin/HtmlTitle.pm +++ b/lib/Foswiki/Plugins/NatSkinPlugin/HtmlTitle.pm @@ -1,7 +1,7 @@ ############################################################################### # NatSkinPlugin.pm - Plugin handler for the NatSkin. # -# Copyright (C) 2003-2011 MichaelDaum http://michaeldaumconsulting.com +# Copyright (C) 2003-2012 MichaelDaum http://michaeldaumconsulting.com # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -72,7 +72,13 @@ sub getTopicTitle { #print STDERR "using foswiki core means\n"; - my ($meta, undef) = Foswiki::Func::readTopic($web, $topic); + my ($meta, $text) = Foswiki::Func::readTopic($web, $topic); + + if ($Foswiki::cfg{SecureTopicTitles}) { + my $wikiName = Foswiki::Func::getWikiName(); + return $topic + unless Foswiki::Func::checkAccessPermission('VIEW', $wikiName, $text, $topic, $web, $meta); + } # read the formfield value my $title = $meta->get('FIELD', 'TopicTitle'); diff --git a/lib/Foswiki/Plugins/NatSkinPlugin/Revisions.pm b/lib/Foswiki/Plugins/NatSkinPlugin/Revisions.pm index 1590be3..f880eb3 100644 --- a/lib/Foswiki/Plugins/NatSkinPlugin/Revisions.pm +++ b/lib/Foswiki/Plugins/NatSkinPlugin/Revisions.pm @@ -1,7 +1,7 @@ ############################################################################### # NatSkinPlugin.pm - Plugin handler for the NatSkin. # -# Copyright (C) 2003-2010 MichaelDaum http://michaeldaumconsulting.com +# Copyright (C) 2003-2012 MichaelDaum http://michaeldaumconsulting.com # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License diff --git a/lib/Foswiki/Plugins/NatSkinPlugin/Search.pm b/lib/Foswiki/Plugins/NatSkinPlugin/Search.pm index 7b1bebd..c7fea31 100755 --- a/lib/Foswiki/Plugins/NatSkinPlugin/Search.pm +++ b/lib/Foswiki/Plugins/NatSkinPlugin/Search.pm @@ -1,7 +1,7 @@ ############################################################################### # Plugin for Foswiki - The Free and Open Source Wiki, http://foswiki.org/ # -# Copyright (C) 2003-2010 MichaelDaum http://michaeldaumconsulting.com +# Copyright (C) 2003-2012 MichaelDaum http://michaeldaumconsulting.com # # Based on photonsearch # Copyright (C) 2001 Esteban Manchado Velázquez, zoso@foton.es diff --git a/lib/Foswiki/Plugins/NatSkinPlugin/ThemeEngine.pm b/lib/Foswiki/Plugins/NatSkinPlugin/ThemeEngine.pm index 2082ce2..5c8e061 100644 --- a/lib/Foswiki/Plugins/NatSkinPlugin/ThemeEngine.pm +++ b/lib/Foswiki/Plugins/NatSkinPlugin/ThemeEngine.pm @@ -1,7 +1,7 @@ ############################################################################### # NatSkinPlugin.pm - Plugin handler for the NatSkin. # -# Copyright (C) 2003-2011 MichaelDaum http://michaeldaumconsulting.com +# Copyright (C) 2003-2012 MichaelDaum http://michaeldaumconsulting.com # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -394,6 +394,7 @@ sub run { } push @newSkin, $item; } + my $newSkin = join(', ', @newSkin); writeDebug("old skin=$skin, newSkin=$newSkin"); diff --git a/lib/Foswiki/Plugins/NatSkinPlugin/UserActions.pm b/lib/Foswiki/Plugins/NatSkinPlugin/UserActions.pm index 4d6288c..6938cf8 100644 --- a/lib/Foswiki/Plugins/NatSkinPlugin/UserActions.pm +++ b/lib/Foswiki/Plugins/NatSkinPlugin/UserActions.pm @@ -1,7 +1,7 @@ ############################################################################### # NatSkinPlugin.pm - Plugin handler for the NatSkin. # -# Copyright (C) 2003-2011 MichaelDaum http://michaeldaumconsulting.com +# Copyright (C) 2003-2012 MichaelDaum http://michaeldaumconsulting.com # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License diff --git a/lib/Foswiki/Plugins/NatSkinPlugin/Utils.pm b/lib/Foswiki/Plugins/NatSkinPlugin/Utils.pm index 74649eb..47ea27b 100644 --- a/lib/Foswiki/Plugins/NatSkinPlugin/Utils.pm +++ b/lib/Foswiki/Plugins/NatSkinPlugin/Utils.pm @@ -1,7 +1,7 @@ ############################################################################### # NatSkinPlugin.pm - Plugin handler for the NatSkin. # -# Copyright (C) 2003-2010 MichaelDaum http://michaeldaumconsulting.com +# Copyright (C) 2003-2012 MichaelDaum http://michaeldaumconsulting.com # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License diff --git a/lib/Foswiki/Plugins/NatSkinPlugin/WebComponent.pm b/lib/Foswiki/Plugins/NatSkinPlugin/WebComponent.pm index 96da303..81badac 100644 --- a/lib/Foswiki/Plugins/NatSkinPlugin/WebComponent.pm +++ b/lib/Foswiki/Plugins/NatSkinPlugin/WebComponent.pm @@ -1,7 +1,7 @@ ############################################################################### # NatSkinPlugin.pm - Plugin handler for the NatSkin. # -# Copyright (C) 2003-2011 MichaelDaum http://michaeldaumconsulting.com +# Copyright (C) 2003-2012 MichaelDaum http://michaeldaumconsulting.com # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License diff --git a/lib/Foswiki/Plugins/NatSkinPlugin/WebLink.pm b/lib/Foswiki/Plugins/NatSkinPlugin/WebLink.pm index ba114f0..3f76cdf 100644 --- a/lib/Foswiki/Plugins/NatSkinPlugin/WebLink.pm +++ b/lib/Foswiki/Plugins/NatSkinPlugin/WebLink.pm @@ -1,7 +1,7 @@ ############################################################################### # NatSkinPlugin.pm - Plugin handler for the NatSkin. # -# Copyright (C) 2003-2010 MichaelDaum http://michaeldaumconsulting.com +# Copyright (C) 2003-2012 MichaelDaum http://michaeldaumconsulting.com # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License diff --git a/lib/Foswiki/Plugins/NatSkinPlugin/WebLogo.pm b/lib/Foswiki/Plugins/NatSkinPlugin/WebLogo.pm index 587f86f..0c820b2 100644 --- a/lib/Foswiki/Plugins/NatSkinPlugin/WebLogo.pm +++ b/lib/Foswiki/Plugins/NatSkinPlugin/WebLogo.pm @@ -1,7 +1,7 @@ ############################################################################### # NatSkinPlugin.pm - Plugin handler for the NatSkin. # -# Copyright (C) 2003-2010 MichaelDaum http://michaeldaumconsulting.com +# Copyright (C) 2003-2012 MichaelDaum http://michaeldaumconsulting.com # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -55,6 +55,10 @@ sub render { $result =~ s/\$style/renderStyle()/ge; $result =~ s/\$alt/renderAlt()/ge; $result =~ s/\$name/renderName()/ge; + $result =~ s/\$perce?nt/\%/go; + $result =~ s/\$nop//go; + $result =~ s/\$n/\n/go; + $result =~ s/\$dollar/\$/go; return $result; @@ -137,13 +141,13 @@ sub renderLogo { my $name = renderName(); if ($name) { - $result = ''; + $result = ''; } else { my $image = renderSrc(); if ($image) { - $result = ''; + $result = ''; } else { - $result = ''; + $result = ''; } }