[Fusionforge-commits] FusionForge branch 6.1 updated. v6.1alpha0-1-g640a2e5

Franck Villaume nerville at libremir.placard.fr.eu.org
Sun Oct 8 11:02:02 CEST 2017


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "FusionForge".

The branch, 6.1 has been updated
       via  640a2e5a69a2f8648818d9fc945da401c2c96a9b (commit)
      from  777d09421ddd07308b5107c3f1923d9af896eef6 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://scm.fusionforge.org/anonscm/gitweb/?p=fusionforge/fusionforge.git;a=commitdiff;h=640a2e5a69a2f8648818d9fc945da401c2c96a9b

commit 640a2e5a69a2f8648818d9fc945da401c2c96a9b
Author: Franck Villaume <franck.villaume at trivialdev.com>
Date:   Sun Oct 8 11:01:37 2017 +0200

    tracker widget: fix creation with section title

diff --git a/src/common/widget/Widget_TrackerContent.class.php b/src/common/widget/Widget_TrackerContent.class.php
index 59f9103..2b64922 100644
--- a/src/common/widget/Widget_TrackerContent.class.php
+++ b/src/common/widget/Widget_TrackerContent.class.php
@@ -71,15 +71,18 @@ class Widget_TrackerContent extends Widget {
 	}
 
 	function create(&$request) {
+		$sanitizer = new TextSanitizer();
 		$hp = Codendi_HTMLPurifier::instance();
 		$this->trackercontent_title = $hp->purify($request->get('title'), CODENDI_PURIFIER_CONVERT_HTML);
 		$trackerrows = getArrayFromRequest('trackercontent_layout');
 		$trackerextrafields = getArrayFromRequest('trackercontent_ef');
+		$trackercelltitles = getArrayFromRequest('trackercontent_title');
 		$res = db_query_params('INSERT INTO artifact_display_widget (owner_id, title) VALUES ($1, $2)', array($this->owner_id, $this->trackercontent_title));
 		$content_id = db_insertid($res, 'artifact_display_widget', 'id');
 		foreach ($trackerrows as $rowkey => $trackerrow) {
 			$columns = explode(',', $trackerrow);
 			$extrafields = explode(',', $trackerextrafields[$rowkey]);
+			$celltitle = explode(',', $trackercelltitles[$rowkey]);
 			$rowid = $rowkey;
 			foreach ($columns as $columnkey => $column) {
 				if ($extrafields[$columnkey] == "fake") {
@@ -87,8 +90,9 @@ class Widget_TrackerContent extends Widget {
 				} else {
 					$extrafieldid = substr($extrafields[$columnkey], 2); //remove prefix ef
 				}
-				db_query_params('INSERT INTO artifact_display_widget_field (id, field_id, column_id, row_id, width) VALUES ($1, $2, $3, $4, $5)',
-						array($content_id, $extrafieldid, $columnkey, $rowid, $column));
+				$section = $sanitizer->SanitizeHtml($celltitle[$columnkey]);
+				db_query_params('INSERT INTO artifact_display_widget_field (id, field_id, column_id, row_id, width, section) VALUES ($1, $2, $3, $4, $5, $6)',
+						array($content_id, $extrafieldid, $columnkey, $rowid, $column, $section));
 			}
 		}
 		return $content_id;

-----------------------------------------------------------------------

Summary of changes:
 src/common/widget/Widget_TrackerContent.class.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
FusionForge



More information about the Fusionforge-commits mailing list