Commit 7b88b27c authored by Jonny Bradley's avatar Jonny Bradley

[NEW] JQuery wikiplugin (wikiplugin_jq)

Options for not to execute on doc ready and to change the string returned if feature not enabled.
Needs approval and shows on admin/security as unsafe.
parent 55c7f387
......@@ -2879,6 +2879,7 @@ lib/wiki-plugins/wikiplugin_image.php -text
lib/wiki-plugins/wikiplugin_img.php -text
lib/wiki-plugins/wikiplugin_include.php -text
lib/wiki-plugins/wikiplugin_jabber.php -text
lib/wiki-plugins/wikiplugin_jq.php -text
lib/wiki-plugins/wikiplugin_js.php -text
lib/wiki-plugins/wikiplugin_lang.php -text
lib/wiki-plugins/wikiplugin_lastmod.php -text
......
......@@ -214,6 +214,7 @@ function get_default_prefs() {
'wikiplugin_include' => 'y',
'wikiplugin_jabber' => 'n',
'wikiplugin_js' => 'n',
'wikiplugin_jq' => 'n',
'wikiplugin_lang' => 'y',
'wikiplugin_lastmod' => 'n',
'wikiplugin_listpages' => 'n',
......
<?php
/* $Id $
* Params
* notonready = bool (default: false) - set to true if you want it _not_ to execute on document ready
* nojquery = string (default: "<!-- jq smarty plugin inactive: feature_jquery off -->") - Optional markup for when feature_jquery is off
*
* data is the JQuery javascript code
*
*/
function wikiplugin_jq_help() {
return tra("Insert JQuery javascript code.")."<br />~np~{JQ(nojquery='<p>You need JQuery for this!</p>')}".tra("jquery code e.g. \$jq(\"img\").click(function() {\n \$jq(this).hide(\"slow\").show(\"fast\");\n});")."{JQ}~/np~";
}
function wikiplugin_jq_info() {
return array(
'name' => tra('JQuery'),
'documentation' => 'PluginJQ',
'description' => tra('Insert JQuery javascript code. Requires feature_jquery'),
'prefs' => array( 'wikiplugin_jq' ),
'body' => tra('JQuery Code'),
'validate' => 'all',
'params' => array(
'notonready' => array(
'required' => false,
'name' => tra('NotOnReady'),
'description' => tra("Do not execute on document ready (execute inline)"),
),
'nojquery' => array(
'required' => false,
'name' => tra('NoJQuery'),
'description' => tra('Optional markup for when feature_jquery is off'),
)
)
);
}
function wikiplugin_jq($data, $params) {
global $headerlib, $prefs;
extract($params, EXTR_SKIP);
$nojquery = isset($nojquery) ? $nojquery : tr('<!-- jq smarty plugin inactive: feature_jquery off -->');
if ($prefs['feature_jquery'] != 'y') { return $nojquery; }
$notonready = isset($notonready) ? $notonready : false;
if (!$notonready) {
$headerlib->add_jq_onready($data);
} else {
$headerlib->add_js($data);
}
return '';
}
?>
......@@ -128,6 +128,11 @@ if($prefs['wikiplugin_js']=='y') {
'message' => tra('The "js Wikiplugin" is activated. It can be used by wiki editors to use Javascript, which can be used to do all kind of nasty things like cross site scripting attacks, etc.'));
}
if($prefs['wikiplugin_jq']=='y') {
$tikisettings['wikiplugin_jq']=array('risk' => tra('unsafe'),'setting' => tra('on'),
'message' => tra('The "JQ Wikiplugin" is activated. It can be used by wiki editors to use Javascript, which can be used to do all kind of nasty things like cross site scripting attacks, etc.'));
}
if($prefs['wikiplugin_redirect']=='y') {
$tikisettings['wikiplugin_redirect']=array('risk' => tra('unsafe'),'setting' => tra('on'),
'message' => tra('The "Redirect Wikiplugin" is activated. It can be used by wiki editors for cross site scripting attacks.'));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment