Merge commit '4969f31e1f' into WebGUI8

2010-06-26 14:37:31 -07:00 · 2010-06-26 14:37:31 -07:00 · e5b82bc861
commit e5b82bc861
parent 55ec1788ed 4969f31e1f
61 changed files with 2199 additions and 521 deletions
--- a/lib/WebGUI/Session/Form.pm
+++ b/lib/WebGUI/Session/Form.pm
@ -183,9 +183,10 @@ the one in this user's current session.
 sub validToken {
 	my ($self)  = @_;
    my $session = $self->session;
-    $session->log->debug('HTTP method: '. $session->request->method);
-    $session->log->debug('CSRF token: '. $session->scratch->get('webguiCsrfToken'));
+    $session->log->warn('HTTP method: '. $session->request->method);
+    $session->log->warn('CSRF token: '. $session->scratch->get('webguiCsrfToken'));
    return 0 unless $session->request->method eq 'POST';
+    $session->log->warn('Web token: '. $self->param('webguiCsrfToken'));
    return 0 unless $self->param('webguiCsrfToken') eq $session->scratch->get('webguiCsrfToken');
    return 1;
 }
--- a/lib/WebGUI/Session/Url.pm
+++ b/lib/WebGUI/Session/Url.pm
@ -401,10 +401,16 @@ The string to make compliant. This is usually a page title or a filename.
 =cut

 sub makeCompliant {
-	my $self = shift;
-	my $url = shift;
-	my $i18n = WebGUI::International->new($self->session);
-	return $i18n->makeUrlCompliant($url);
+    my $self = shift;
+    my $url = shift;
+    $url =~ s{^\s+}{};          # remove leading whitespace
+    $url =~ s{\s+$}{};          # remove trailing whitespace
+    $url =~ s{^/+}{};           # remove leading slashes
+    $url =~ s{/+$}{};           # remove trailing slashes
+    $url =~ s{[^\w/:._-]+}{-}g; # replace anything aside from word or other allowed characters with dashes
+    $url =~ s{//+}{/}g;         # remove double slashes
+    $url =~ s{--+}{-}g;         # remove double dashes
+    return $url;
 }

 #-------------------------------------------------------------------