Merge pull request #93 from ArthurHoaro/scripttag

Remove language attribute on script tag and improve QRCode JS
This commit is contained in:
nodiscc 2015-01-11 14:56:22 +01:00
commit 486f25a5f4
4 changed files with 32 additions and 24 deletions

View file

@ -430,7 +430,7 @@ function ban_canLogin()
ban_loginFailed(); ban_loginFailed();
$redir = ''; $redir = '';
if (isset($_GET['post'])) { $redir = '&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):''); } if (isset($_GET['post'])) { $redir = '&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):''); }
echo '<script language="JavaScript">alert("Wrong login/password.");document.location=\'?do=login'.$redir.'\';</script>'; // Redirect to login screen. echo '<script>alert("Wrong login/password.");document.location=\'?do=login'.$redir.'\';</script>'; // Redirect to login screen.
exit; exit;
} }
} }
@ -1387,12 +1387,12 @@ function renderPage()
// Make sure old password is correct. // Make sure old password is correct.
$oldhash = sha1($_POST['oldpassword'].$GLOBALS['login'].$GLOBALS['salt']); $oldhash = sha1($_POST['oldpassword'].$GLOBALS['login'].$GLOBALS['salt']);
if ($oldhash!=$GLOBALS['hash']) { echo '<script language="JavaScript">alert("The old password is not correct.");document.location=\'?do=changepasswd\';</script>'; exit; } if ($oldhash!=$GLOBALS['hash']) { echo '<script>alert("The old password is not correct.");document.location=\'?do=changepasswd\';</script>'; exit; }
// Save new password // Save new password
$GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless. $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless.
$GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']);
writeConfig(); writeConfig();
echo '<script language="JavaScript">alert("Your password has been changed.");document.location=\'?do=tools\';</script>'; echo '<script>alert("Your password has been changed.");document.location=\'?do=tools\';</script>';
exit; exit;
} }
else // show the change password form. else // show the change password form.
@ -1423,7 +1423,7 @@ function renderPage()
$GLOBALS['disablejquery']=!empty($_POST['disablejquery']); $GLOBALS['disablejquery']=!empty($_POST['disablejquery']);
$GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']); $GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']);
writeConfig(); writeConfig();
echo '<script language="JavaScript">alert("Configuration was saved.");document.location=\'?do=tools\';</script>'; echo '<script>alert("Configuration was saved.");document.location=\'?do=tools\';</script>';
exit; exit;
} }
else // Show the configuration form. else // Show the configuration form.
@ -1467,7 +1467,7 @@ function renderPage()
$LINKSDB[$key]=$value; $LINKSDB[$key]=$value;
} }
$LINKSDB->savedb(); // Save to disk. $LINKSDB->savedb(); // Save to disk.
echo '<script language="JavaScript">alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>'; echo '<script>alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>';
exit; exit;
} }
@ -1484,7 +1484,7 @@ function renderPage()
$LINKSDB[$key]=$value; $LINKSDB[$key]=$value;
} }
$LINKSDB->savedb(); // Save to disk. $LINKSDB->savedb(); // Save to disk.
echo '<script language="JavaScript">alert("Tag was renamed in '.count($linksToAlter).' links.");document.location=\'?searchtags='.urlencode($_POST['totag']).'\';</script>'; echo '<script>alert("Tag was renamed in '.count($linksToAlter).' links.");document.location=\'?searchtags='.urlencode($_POST['totag']).'\';</script>';
exit; exit;
} }
} }
@ -1515,7 +1515,7 @@ function renderPage()
pubsubhub(); pubsubhub();
// If we are called from the bookmarklet, we must close the popup: // If we are called from the bookmarklet, we must close the popup:
if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script language="JavaScript">self.close();</script>'; exit; } if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; }
$returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' ); $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' );
$returnurl .= '#'.smallHash($linkdate); // Scroll to the link which has been edited. $returnurl .= '#'.smallHash($linkdate); // Scroll to the link which has been edited.
header('Location: '.$returnurl); // After saving the link, redirect to the page the user was on. header('Location: '.$returnurl); // After saving the link, redirect to the page the user was on.
@ -1526,7 +1526,7 @@ function renderPage()
if (isset($_POST['cancel_edit'])) if (isset($_POST['cancel_edit']))
{ {
// If we are called from the bookmarklet, we must close the popup: // If we are called from the bookmarklet, we must close the popup:
if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script language="JavaScript">self.close();</script>'; exit; } if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; }
$returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' ); $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' );
$returnurl .= '#'.smallHash($_POST['lf_linkdate']); // Scroll to the link which has been edited. $returnurl .= '#'.smallHash($_POST['lf_linkdate']); // Scroll to the link which has been edited.
header('Location: '.$returnurl); // After canceling, redirect to the page the user was on. header('Location: '.$returnurl); // After canceling, redirect to the page the user was on.
@ -1545,7 +1545,7 @@ function renderPage()
$LINKSDB->savedb(); // save to disk $LINKSDB->savedb(); // save to disk
// If we are called from the bookmarklet, we must close the popup: // If we are called from the bookmarklet, we must close the popup:
if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script language="JavaScript">self.close();</script>'; exit; } if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; }
header('Location: ?'); // After deleting the link, redirect to the home page. header('Location: ?'); // After deleting the link, redirect to the home page.
exit; exit;
} }
@ -1681,7 +1681,7 @@ function renderPage()
if (!isset($_POST['token']) || (!isset($_FILES)) || (isset($_FILES['filetoupload']['size']) && $_FILES['filetoupload']['size']==0)) if (!isset($_POST['token']) || (!isset($_FILES)) || (isset($_FILES['filetoupload']['size']) && $_FILES['filetoupload']['size']==0))
{ {
$returnurl = ( empty($_SERVER['HTTP_REFERER']) ? '?' : $_SERVER['HTTP_REFERER'] ); $returnurl = ( empty($_SERVER['HTTP_REFERER']) ? '?' : $_SERVER['HTTP_REFERER'] );
echo '<script language="JavaScript">alert("The file you are trying to upload is probably bigger than what this webserver can accept ('.getMaxFileSize().' bytes). Please upload in smaller chunks.");document.location=\''.htmlspecialchars($returnurl).'\';</script>'; echo '<script>alert("The file you are trying to upload is probably bigger than what this webserver can accept ('.getMaxFileSize().' bytes). Please upload in smaller chunks.");document.location=\''.htmlspecialchars($returnurl).'\';</script>';
exit; exit;
} }
if (!tokenOk($_POST['token'])) die('Wrong token.'); if (!tokenOk($_POST['token'])) die('Wrong token.');
@ -1785,11 +1785,11 @@ function importFile()
} }
$LINKSDB->savedb(); $LINKSDB->savedb();
echo '<script language="JavaScript">alert("File '.json_encode($filename).' ('.$filesize.' bytes) was successfully processed: '.$import_count.' links imported.");document.location=\'?\';</script>'; echo '<script>alert("File '.json_encode($filename).' ('.$filesize.' bytes) was successfully processed: '.$import_count.' links imported.");document.location=\'?\';</script>';
} }
else else
{ {
echo '<script language="JavaScript">alert("File '.json_encode($filename).' ('.$filesize.' bytes) has an unknown file format. Nothing was imported.");document.location=\'?\';</script>'; echo '<script>alert("File '.json_encode($filename).' ('.$filesize.' bytes) has an unknown file format. Nothing was imported.");document.location=\'?\';</script>';
} }
} }
@ -2123,7 +2123,7 @@ function install()
$GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']);
$GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.htmlspecialchars(indexUrl()) : $_POST['title'] ); $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.htmlspecialchars(indexUrl()) : $_POST['title'] );
writeConfig(); writeConfig();
echo '<script language="JavaScript">alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>'; echo '<script>alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>';
exit; exit;
} }
@ -2177,7 +2177,7 @@ function templateTZform($ptz=false)
$cities_html = $cities[$pcontinent]; $cities_html = $cities[$pcontinent];
$timezone_form = "Continent: <select name=\"continent\" id=\"continent\" onChange=\"onChangecontinent();\">${continents_html}</select>"; $timezone_form = "Continent: <select name=\"continent\" id=\"continent\" onChange=\"onChangecontinent();\">${continents_html}</select>";
$timezone_form .= "&nbsp;&nbsp;&nbsp;&nbsp;City: <select name=\"city\" id=\"city\">${cities[$pcontinent]}</select><br />"; $timezone_form .= "&nbsp;&nbsp;&nbsp;&nbsp;City: <select name=\"city\" id=\"city\">${cities[$pcontinent]}</select><br />";
$timezone_js = "<script language=\"JavaScript\">"; $timezone_js = "<script>";
$timezone_js .= "function onChangecontinent(){document.getElementById(\"city\").innerHTML = citiescontinent[document.getElementById(\"continent\").value];}"; $timezone_js .= "function onChangecontinent(){document.getElementById(\"city\").innerHTML = citiescontinent[document.getElementById(\"continent\").value];}";
$timezone_js .= "var citiescontinent = ".json_encode($cities).";" ; $timezone_js .= "var citiescontinent = ".json_encode($cities).";" ;
$timezone_js .= "</script>" ; $timezone_js .= "</script>" ;
@ -2292,7 +2292,7 @@ function writeConfig()
$config .= ' ?>'; $config .= ' ?>';
if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) || strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0) if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) || strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0)
{ {
echo '<script language="JavaScript">alert("Shaarli could not create the config file. Please make sure Shaarli has the right to write in the folder is it installed in.");document.location=\'?\';</script>'; echo '<script>alert("Shaarli could not create the config file. Please make sure Shaarli has the right to write in the folder is it installed in.");document.location=\'?\';</script>';
exit; exit;
} }
} }

View file

@ -12,11 +12,11 @@
<input type="text" name="totag" id="totag"> <input type="text" name="totag" id="totag">
<input type="submit" name="renametag" value="Rename tag" class="bigbutton"> <input type="submit" name="renametag" value="Rename tag" class="bigbutton">
&nbsp;&nbsp;or&nbsp; <input type="submit" name="deletetag" value="Delete tag" class="bigbutton" onClick="return confirmDeleteTag();"><br>(Case sensitive)</form> &nbsp;&nbsp;or&nbsp; <input type="submit" name="deletetag" value="Delete tag" class="bigbutton" onClick="return confirmDeleteTag();"><br>(Case sensitive)</form>
<script language="JavaScript">function confirmDeleteTag() { var agree=confirm("Are you sure you want to delete this tag from all links ?"); if (agree) return true ; else return false ; }</script> <script>function confirmDeleteTag() { var agree=confirm("Are you sure you want to delete this tag from all links ?"); if (agree) return true ; else return false ; }</script>
</div> </div>
{include="page.footer"} {include="page.footer"}
{if="($GLOBALS['config']['OPEN_SHAARLI'] || isLoggedIn()) && empty($GLOBALS['disablejquery'])"} {if="($GLOBALS['config']['OPEN_SHAARLI'] || isLoggedIn()) && empty($GLOBALS['disablejquery'])"}
<script language="JavaScript"> <script>
$(document).ready(function() $(document).ready(function()
{ {
$('#fromtag').autocomplete({source:'{$source}?ws=singletag',minLength:1}); $('#fromtag').autocomplete({source:'{$source}?ws=singletag',minLength:1});

View file

@ -33,7 +33,7 @@
</div> </div>
{include="page.footer"} {include="page.footer"}
{if="($GLOBALS['config']['OPEN_SHAARLI'] || isLoggedIn()) && empty($GLOBALS['disablejquery'])"} {if="($GLOBALS['config']['OPEN_SHAARLI'] || isLoggedIn()) && empty($GLOBALS['disablejquery'])"}
<script language="JavaScript"> <script>
$(document).ready(function() $(document).ready(function()
{ {
$('#lf_tags').autocomplete({source:'{$source}?ws=tags',minLength:1}); $('#lf_tags').autocomplete({source:'{$source}?ws=tags',minLength:1});

View file

@ -52,7 +52,7 @@
<span class="linkarchive"><a href="https://web.archive.org/web/{$value.url|htmlspecialchars}">archive</a> - </span> <span class="linkarchive"><a href="https://web.archive.org/web/{$value.url|htmlspecialchars}">archive</a> - </span>
{/if} {/if}
<div class="linkqrcode"><a href="http://qrfree.kaywa.com/?l=1&amp;s=8&amp;d={$scripturl|urlencode}%3F{$value.linkdate|smallHash}" <div class="linkqrcode"><a href="http://qrfree.kaywa.com/?l=1&amp;s=8&amp;d={$scripturl|urlencode}%3F{$value.linkdate|smallHash}"
onclick="showQrCode(this); return false;" class="qrcode" data-permalink="{$scripturl}?{$value.linkdate|smallHash}"><img src="images/qrcode.png#" title="QR-Code" alt="QR-Code"></a></div> - onclick="return showQrCode(this);" class="qrcode" data-permalink="{$scripturl}?{$value.linkdate|smallHash}"><img src="images/qrcode.png#" title="QR-Code"></a></div> -
<a href="{$value.url|htmlspecialchars}"><span class="linkurl" title="Short link">{$value.url|htmlspecialchars}</span></a><br> <a href="{$value.url|htmlspecialchars}"><span class="linkurl" title="Short link">{$value.url|htmlspecialchars}</span></a><br>
{if="$value.tags"} {if="$value.tags"}
<div class="linktaglist"> <div class="linktaglist">
@ -79,12 +79,20 @@
return false; return false;
} }
function isCanvasSupported(){
var elem = document.createElement('canvas');
return !!(elem.getContext && elem.getContext('2d'));
}
// Show the QR-Code of a permalink (when the QR-Code icon is clicked). // Show the QR-Code of a permalink (when the QR-Code icon is clicked).
function showQrCode(caller,loading=false) function showQrCode(caller,loading)
{ {
if( !isCanvasSupported() ) return true;
// Dynamic javascript lib loading: We only load qr.js if the QR code icon is clicked: // Dynamic javascript lib loading: We only load qr.js if the QR code icon is clicked:
if (typeof(qr)=='undefined') // Load qr.js only if not present. if (typeof(qr)=='undefined') // Load qr.js only if not present.
{ {
loading = typeof loading !== 'undefined' ? loading : false;
if (!loading) // If javascript lib is still loading, do not append script to body. if (!loading) // If javascript lib is still loading, do not append script to body.
{ {
var element = document.createElement("script"); var element = document.createElement("script");
@ -101,12 +109,12 @@
// Build the div which contains the QR-Code: // Build the div which contains the QR-Code:
var element = document.createElement('div'); var element = document.createElement('div');
element.id="permalinkQrcode"; element.id="permalinkQrcode";
// Make QR-Code div commit sepuku when clicked: // Make QR-Code div commit sepuku when clicked:
if ( element.attachEvent ){ element.attachEvent('onclick', 'this.parentNode.removeChild(this);' ); } // Damn IE element.addEventListener('click', remove_qrcode ); // Works on every canvas supported browser
else { element.setAttribute('onclick', 'this.parentNode.removeChild(this);' ); }
// Build the QR-Code: // Build the QR-Code:
var image = qr.image({size: 8,value: caller.dataset.permalink}); var image = qr.image({size: 8,value: caller.getAttribute('data-permalink')});
if (image) if (image)
{ {
element.appendChild(image); element.appendChild(image);