adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 11:28:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Correctly encode confirm handlers

Browse source 
With encode set to false the onclick handler will be sent through
h() regardless, making links and postLinks work again.
This commit is contained in:
Alexander Hofbauer 2013-08-13 10:11:22 +02:00
parent 1c1701813b
commit 80e589f19d
5 changed files with 30 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
lib/Cake/Test/Case/View/Helper/FormHelperTest.php
View file

@ -7050,6 +7050,19 @@ class FormHelperTest extends CakeTestCase {
'/a' '/a'
)); ));
$result = $this->Form->postLink('Delete', '/posts/delete/1', array('escape' => false), '\'Confirm\' this "deletion"?');
$this->assertTags($result, array(
'form' => array(
'method' => 'post', 'action' => '/posts/delete/1',
'name' => 'preg:/post_\w+/', 'id' => 'preg:/post_\w+/', 'style' => 'display:none;'
),
'input' => array('type' => 'hidden', 'name' => '_method', 'value' => 'POST'),
'/form',
'a' => array('href' => '#', 'onclick' => 'preg:/if \(confirm\("'Confirm' this \\\\"deletion\\\\"\?"\)\) \{ document\.post_\w+\.submit\(\); \} event\.returnValue = false; return false;/'),
'Delete',
'/a'
));
$result = $this->Form->postLink('Delete', '/posts/delete', array('data' => array('id' => 1))); $result = $this->Form->postLink('Delete', '/posts/delete', array('data' => array('id' => 1)));
$this->assertContains('<input type="hidden" name="data[id]" value="1"/>', $result); $this->assertContains('<input type="hidden" name="data[id]" value="1"/>', $result);

8
lib/Cake/Test/Case/View/Helper/HtmlHelperTest.php
View file

@ -221,6 +221,14 @@ class HtmlHelperTest extends CakeTestCase {
); );
$this->assertTags($result, $expected); $this->assertTags($result, $expected);
$result = $this->Html->link('Home', '/home', array('escape' => false, 'confirm' => 'Confirm\'s "nightmares"'));
$expected = array(
'a' => array('href' => '/home', 'onclick' => 'if (confirm(&quot;Confirm&#039;s \&quot;nightmares\&quot;&quot;)) { return true; } return false;'),
'Home',
'/a'
);
$this->assertTags($result, $expected);
$result = $this->Html->link('Home', '/home', array('default' => false)); $result = $this->Html->link('Home', '/home', array('default' => false));
$expected = array( $expected = array(
'a' => array('href' => '/home', 'onclick' => 'event.returnValue = false; return false;'), 'a' => array('href' => '/home', 'onclick' => 'event.returnValue = false; return false;'),

9
lib/Cake/View/Helper.php
View file

@ -505,11 +505,16 @@ class Helper extends Object {
* @param string $message Message to be displayed * @param string $message Message to be displayed
* @param string $okCode Code to be executed after user chose 'OK' * @param string $okCode Code to be executed after user chose 'OK'
* @param string $cancelCode Code to be executed after user chose 'Cancel' * @param string $cancelCode Code to be executed after user chose 'Cancel'
* @param array $options Array of options
* @return string onclick JS code * @return string onclick JS code
*/ */
protected function _confirm($message, $okCode, $cancelCode = '') { protected function _confirm($message, $okCode, $cancelCode = '', $options = array()) {
$message = json_encode($message); $message = json_encode($message);
return "if (confirm({$message})) { {$okCode} } {$cancelCode}"; $confirm = "if (confirm({$message})) { {$okCode} } {$cancelCode}";
if (isset($options['escape']) && $options['escape'] === false) {
$confirm = h($confirm);
}
return $confirm;
} }
/** /**

2
lib/Cake/View/Helper/FormHelper.php
View file

@ -1784,7 +1784,7 @@ class FormHelper extends AppHelper {
$url = '#'; $url = '#';
$onClick = 'document.' . $formName . '.submit();'; $onClick = 'document.' . $formName . '.submit();';
if ($confirmMessage) { if ($confirmMessage) {
$options['onclick'] = $this->_confirm($confirmMessage, $onClick); $options['onclick'] = $this->_confirm($confirmMessage, $onClick, '', $options);
} else { } else {
$options['onclick'] = $onClick . ' '; $options['onclick'] = $onClick . ' ';
} }

2
lib/Cake/View/Helper/HtmlHelper.php
View file

@ -359,7 +359,7 @@ class HtmlHelper extends AppHelper {
unset($options['confirm']); unset($options['confirm']);
} }
if ($confirmMessage) { if ($confirmMessage) {
$options['onclick'] = $this->_confirm($confirmMessage, 'return true;', 'return false;'); $options['onclick'] = $this->_confirm($confirmMessage, 'return true;', 'return false;', $options);
} elseif (isset($options['default']) && !$options['default']) { } elseif (isset($options['default']) && !$options['default']) {
if (isset($options['onclick'])) { if (isset($options['onclick'])) {
$options['onclick'] .= ' '; $options['onclick'] .= ' ';