svn commit: r1705329 [1/2] - in /ofbiz/trunk: applications/accounting/webapp
Locked
svn commit: r1705329 [1/2] - in /ofbiz/trunk: applications/accounting/webapp
 
|
Author: jleroux
Date: Fri Sep 25 16:27:12 2015 New Revision: 1705329 URL: http://svn.apache.org/viewvc?rev=1705329&view=rev Log: I found a possible XSS attack through ProductContentWrapper.java.getProductContentAsText() which is notably used in several FTL files. This exists also in others *ContentWrapper.java. Note that in supported releases it's hard to exploit, it's a Stored XSS https://www.owasp.org/index.php/Types_of_Cross-Site_Scripting which means you need 1st to somehow inject exploiting code in the DB. This fixes it by changing the ContentWrapper interface from public interface ContentWrapper { public StringUtil.StringWrapper get(String contentTypeId); } to public interface ContentWrapper { public StringUtil.StringWrapper get(String contentTypeId, String encoderType) { } And changing the Category, Party, Product, ProductPromo and WorkEffort ContentWrapperS accordingly. This means to use 2 types of encoderTypes: "html" and "url". The "html" encoderType will be used for all ProductContentTypes but those who contain URL in their ContentTypeIdS (actually end with, "_URL") which will use "url" encoderType. It concerns not only the get() method but also methods like getPartyContentAsText(), getProductContentAsText(), etc. It seems a big change but it's straightforward. It's normally complete. There are some (unrelated) tabs replaced by spaces here and there, and few trailing spaces removed but nothing big Modified: ofbiz/trunk/applications/accounting/webapp/accounting/reports/SalesInvoiceByProductCategorySummary.ftl ofbiz/trunk/applications/content/src/org/ofbiz/content/content/ContentWrapper.java ofbiz/trunk/applications/order/src/org/ofbiz/order/order/OrderReturnServices.java ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/ShoppingCartItem.java ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/product/ProductPromoWorker.java ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/entry/catalog/InlineProductDetail.groovy ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/entry/catalog/ProductDetail.groovy ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/order/CompanyHeader.groovy ofbiz/trunk/applications/order/webapp/ordermgr/entry/SplitShip.ftl ofbiz/trunk/applications/order/webapp/ordermgr/entry/cart/showcartitems.ftl ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/breadcrumbs.ftl ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/categorydetail.ftl ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/compareproducts.ftl ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/compareproductslist.ftl ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/configproductdetail.ftl ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/inlineProductDetail.ftl ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/productdetail.ftl ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/productsummary.ftl ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/quickaddsummary.ftl ofbiz/trunk/applications/order/webapp/ordermgr/order/editorderitems.ftl ofbiz/trunk/applications/order/webapp/ordermgr/order/orderinfo.ftl ofbiz/trunk/applications/order/webapp/ordermgr/order/orderitems.ftl ofbiz/trunk/applications/party/src/org/ofbiz/party/content/PartyContentWrapper.java ofbiz/trunk/applications/party/webapp/partymgr/party/editShoppingList.ftl ofbiz/trunk/applications/party/webapp/partymgr/party/profileblocks/SerializedInventory.ftl ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CatalogUrlFilter.java ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CategoryContentWrapper.java ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CategoryServices.java ofbiz/trunk/applications/product/src/org/ofbiz/product/category/ftl/CatalogUrlSeoTransform.java ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductContentWrapper.java ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductEvents.java ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductPromoContentWrapper.java ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductSearch.java ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductWorker.java ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/actions/category/EditCategoryContentContent.groovy ofbiz/trunk/applications/product/webapp/catalog/product/AddAdditionalImages.ftl ofbiz/trunk/applications/product/widget/catalog/ProductForms.xml ofbiz/trunk/applications/workeffort/src/org/ofbiz/workeffort/content/WorkEffortContentWrapper.java ofbiz/trunk/specialpurpose/ebay/src/org/ofbiz/ebay/ProductsExportToEbay.java ofbiz/trunk/specialpurpose/ebaystore/webapp/ebaystore/store/productsearchExport.ftl ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/cart/UpdateCart.ftl ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/cart/showcart.ftl ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/catalog/LayeredCategoryDetail.ftl ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/catalog/ProductCategoryLink.ftl ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/catalog/configproductdetail.ftl ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/catalog/miniproductsummary.ftl ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/catalog/productdetail.ftl ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/customer/SerializedInventorySummary.ftl ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/customer/SubscriptionSummary.ftl ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/order/splitship.ftl ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/shoppinglist/editShoppingList.ftl ofbiz/trunk/specialpurpose/solr/src/org/ofbiz/solr/ProductUtil.java ofbiz/trunk/specialpurpose/webpos/webapp/webpos/cart/ShowCart.ftl ofbiz/trunk/specialpurpose/webpos/webapp/webpos/cart/ShowCartItemSelected.ftl ofbiz/trunk/specialpurpose/webpos/webapp/webpos/catalog/CategoryDetail.ftl Modified: ofbiz/trunk/applications/accounting/webapp/accounting/reports/SalesInvoiceByProductCategorySummary.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/webapp/accounting/reports/SalesInvoiceByProductCategorySummary.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/accounting/webapp/accounting/reports/SalesInvoiceByProductCategorySummary.ftl (original) +++ ofbiz/trunk/applications/accounting/webapp/accounting/reports/SalesInvoiceByProductCategorySummary.ftl Fri Sep 25 16:27:12 2015 @@ -27,7 +27,7 @@ under the License. <ul> <li>Month: ${month}/${year}</li> - <li>Root Category: ${(Static["org.ofbiz.product.category.CategoryContentWrapper"].getProductCategoryContentAsText(rootProductCategory, "CATEGORY_NAME", locale, dispatcher))!} [${rootProductCategoryId}]</li> + <li>Root Category: ${(Static["org.ofbiz.product.category.CategoryContentWrapper"].getProductCategoryContentAsText(rootProductCategory, "CATEGORY_NAME", locale, dispatcher, "html"))!} [${rootProductCategoryId}]</li> <li>Organization: ${(organizationPartyName.groupName)!} [${organizationPartyId?default("No Organization Specified")}]</li> <li>Currency: ${(currencyUom.description)!} [${currencyUomId?default("No Currency Specified")}]</li> </ul> @@ -38,10 +38,10 @@ under the License. <td>Day</td> <td>[No Product]</td> <#list productList as product> - <td>${product.internalName?default((Static["org.ofbiz.product.product.ProductContentWrapper"].getProductContentAsText(product, "PRODUCT_NAME", locale, dispatcher))!)}<br />P:[${product.productId}]</td> + <td>${product.internalName?default((Static["org.ofbiz.product.product.ProductContentWrapper"].getProductContentAsText(product, "PRODUCT_NAME", locale, dispatcher, "html"))!)}<br />P:[${product.productId}]</td> </#list> <#list productCategoryList as productCategory> - <td>${(Static["org.ofbiz.product.category.CategoryContentWrapper"].getProductCategoryContentAsText(productCategory, "CATEGORY_NAME", locale, dispatcher))!}<br />C:[${productCategory.productCategoryId}]</td> + <td>${(Static["org.ofbiz.product.category.CategoryContentWrapper"].getProductCategoryContentAsText(productCategory, "CATEGORY_NAME", locale, dispatcher, "html"))!}<br />C:[${productCategory.productCategoryId}]</td> </#list> </tr> <#-- Days of the month --> Modified: ofbiz/trunk/applications/content/src/org/ofbiz/content/content/ContentWrapper.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/content/src/org/ofbiz/content/content/ContentWrapper.java?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/content/src/org/ofbiz/content/content/ContentWrapper.java (original) +++ ofbiz/trunk/applications/content/src/org/ofbiz/content/content/ContentWrapper.java Fri Sep 25 16:27:12 2015 @@ -26,6 +26,6 @@ import org.ofbiz.base.util.StringUtil; public interface ContentWrapper { - public StringUtil.StringWrapper get(String contentTypeId); + public StringUtil.StringWrapper get(String contentTypeId, String encoderType); } Modified: ofbiz/trunk/applications/order/src/org/ofbiz/order/order/OrderReturnServices.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/src/org/ofbiz/order/order/OrderReturnServices.java?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/src/org/ofbiz/order/order/OrderReturnServices.java (original) +++ ofbiz/trunk/applications/order/src/org/ofbiz/order/order/OrderReturnServices.java Fri Sep 25 16:27:12 2015 @@ -1844,7 +1844,7 @@ public class OrderReturnServices { newItem.set("itemDescription", orderItem.get("itemDescription")); } else { newItem.set("productId", refurbItem.get("productId")); - newItem.set("itemDescription", ProductContentWrapper.getProductContentAsText(refurbItem, "PRODUCT_NAME", locale, null)); + newItem.set("itemDescription", ProductContentWrapper.getProductContentAsText(refurbItem, "PRODUCT_NAME", locale, null, "html")); } newItem.set("orderItemTypeId", orderItem.get("orderItemTypeId")); newItem.set("productFeatureId", orderItem.get("productFeatureId")); @@ -1959,7 +1959,7 @@ public class OrderReturnServices { newItem.set("productId", repairItemProduct.get("productId")); // TODO: orderItemTypeId, prodCatalogId, productCategoryId newItem.set("quantity", repairQuantity); - newItem.set("itemDescription", ProductContentWrapper.getProductContentAsText(repairItemProduct, "PRODUCT_NAME", locale, null)); + newItem.set("itemDescription", ProductContentWrapper.getProductContentAsText(repairItemProduct, "PRODUCT_NAME", locale, null, "html")); newItem.set("statusId", "ITEM_CREATED"); orderItems.add(newItem); additionalItemTotal = additionalItemTotal.add(repairQuantity.multiply(repairUnitPrice)); Modified: ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/ShoppingCartItem.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/ShoppingCartItem.java?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/ShoppingCartItem.java (original) +++ ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/ShoppingCartItem.java Fri Sep 25 16:27:12 2015 @@ -714,12 +714,12 @@ public class ShoppingCartItem implements protected ShoppingCartItem(GenericValue product, Map<String, GenericValue> additionalProductFeatureAndAppls, Map<String, Object> attributes, String prodCatalogId, Locale locale, String itemType, ShoppingCart.ShoppingCartItemGroup itemGroup) { this(product, additionalProductFeatureAndAppls, attributes, prodCatalogId, null, locale, itemType, itemGroup, null); if (product != null) { - String productName = ProductContentWrapper.getProductContentAsText(product, "PRODUCT_NAME", this.locale, null); + String productName = ProductContentWrapper.getProductContentAsText(product, "PRODUCT_NAME", this.locale, null, "html"); // if the productName is null or empty, see if there is an associated virtual product and get the productName of that product if (UtilValidate.isEmpty(productName)) { GenericValue parentProduct = this.getParentProduct(); if (parentProduct != null) { - productName = ProductContentWrapper.getProductContentAsText(parentProduct, "PRODUCT_NAME", this.locale, null); + productName = ProductContentWrapper.getProductContentAsText(parentProduct, "PRODUCT_NAME", this.locale, null, "html"); } } @@ -1753,12 +1753,12 @@ public class ShoppingCartItem implements } else { GenericValue product = getProduct(); if (product != null) { - String productName = ProductContentWrapper.getProductContentAsText(product, "PRODUCT_NAME", this.locale, null); + String productName = ProductContentWrapper.getProductContentAsText(product, "PRODUCT_NAME", this.locale, null, "html"); // if the productName is null or empty, see if there is an associated virtual product and get the productName of that product if (UtilValidate.isEmpty(productName)) { GenericValue parentProduct = this.getParentProduct(); if (parentProduct != null) { - productName = ProductContentWrapper.getProductContentAsText(parentProduct, "PRODUCT_NAME", this.locale, null); + productName = ProductContentWrapper.getProductContentAsText(parentProduct, "PRODUCT_NAME", this.locale, null, "html"); } } if (productName == null) { @@ -1777,13 +1777,13 @@ public class ShoppingCartItem implements GenericValue product = getProduct(); if (product != null) { - String description = ProductContentWrapper.getProductContentAsText(product, "DESCRIPTION", this.locale, null); + String description = ProductContentWrapper.getProductContentAsText(product, "DESCRIPTION", this.locale, null, "html"); // if the description is null or empty, see if there is an associated virtual product and get the description of that product if (UtilValidate.isEmpty(description)) { GenericValue parentProduct = this.getParentProduct(); if (parentProduct != null) { - description = ProductContentWrapper.getProductContentAsText(parentProduct, "DESCRIPTION", this.locale, null); + description = ProductContentWrapper.getProductContentAsText(parentProduct, "DESCRIPTION", this.locale, null, "html"); } } @@ -2587,7 +2587,7 @@ public class ShoppingCartItem implements } if (UtilValidate.isEmpty(itemDescription)) { - itemDescription = ProductContentWrapper.getProductContentAsText(product, "PRODUCT_NAME", locale, null); + itemDescription = ProductContentWrapper.getProductContentAsText(product, "PRODUCT_NAME", locale, null, "html"); } return itemDescription; Modified: ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/product/ProductPromoWorker.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/product/ProductPromoWorker.java?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/product/ProductPromoWorker.java (original) +++ ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/product/ProductPromoWorker.java Fri Sep 25 16:27:12 2015 @@ -710,7 +710,7 @@ public class ProductPromoWorker { if (UtilValidate.isEmpty(messageContext.get("partyId"))) messageContext.put("partyId", "any"); GenericValue product = EntityQuery.use(delegator).from("Product").where("productId", productId).cache().queryOne(); if (product != null) { - messageContext.put("productName", ProductContentWrapper.getProductContentAsText(product, "PRODUCT_NAME", locale, null)); + messageContext.put("productName", ProductContentWrapper.getProductContentAsText(product, "PRODUCT_NAME", locale, null, "html")); } String msgProp = UtilProperties.getMessage("promotext", "action." + productPromoAction.getString("productPromoActionEnumId"), messageContext, locale); Modified: ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/entry/catalog/InlineProductDetail.groovy URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/entry/catalog/InlineProductDetail.groovy?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/entry/catalog/InlineProductDetail.groovy (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/entry/catalog/InlineProductDetail.groovy Fri Sep 25 16:27:12 2015 @@ -51,8 +51,8 @@ if (inlineProductId) { if (inlineProduct) { context.product = inlineProduct; contentWrapper = new ProductContentWrapper(inlineProduct, request); - context.put("title", contentWrapper.get("PRODUCT_NAME")); - context.put("metaDescription", contentWrapper.get("DESCRIPTION")); + context.put("title", contentWrapper.get("PRODUCT_NAME", "html")); + context.put("metaDescription", contentWrapper.get("DESCRIPTION", "html")); productTemplate = product.detailScreen; if (productTemplate) { detailScreen = productTemplate; @@ -115,7 +115,7 @@ if (inlineProduct) { context.productContentWrapper = productContentWrapper; // get the main detail image (virtual or single product) - mainDetailImage = productContentWrapper.get("DETAIL_IMAGE_URL"); + mainDetailImage = productContentWrapper.get("DETAIL_IMAGE_URL", "url"); if (mainDetailImage) { mainDetailImageUrl = ContentUrlTag.getContentPrefix(request) + mainDetailImage; context.mainDetailImageUrl = mainDetailImageUrl.toString(); @@ -225,8 +225,8 @@ if (inlineProduct) { contentWrapper = new ProductContentWrapper(imageMap[key], request); // initial image paths - detailImage = contentWrapper.get("DETAIL_IMAGE_URL") ?: productContentWrapper.get("DETAIL_IMAGE_URL"); - largeImage = contentWrapper.get("LARGE_IMAGE_URL") ?: productContentWrapper.get("LARGE_IMAGE_URL"); + detailImage = contentWrapper.get("DETAIL_IMAGE_URL", "url") ?: productContentWrapper.get("DETAIL_IMAGE_URL", "url"); + largeImage = contentWrapper.get("LARGE_IMAGE_URL", "url") ?: productContentWrapper.get("LARGE_IMAGE_URL", "url"); // full image URLs detailImageUrl = null; Modified: ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/entry/catalog/ProductDetail.groovy URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/entry/catalog/ProductDetail.groovy?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/entry/catalog/ProductDetail.groovy (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/entry/catalog/ProductDetail.groovy Fri Sep 25 16:27:12 2015 @@ -121,7 +121,7 @@ if (product) { context.productContentWrapper = productContentWrapper; // get the main detail image (virtual or single product) - mainDetailImage = productContentWrapper.get("DETAIL_IMAGE_URL"); + mainDetailImage = productContentWrapper.get("DETAIL_IMAGE_URL", "url"); if (mainDetailImage) { mainDetailImageUrl = ContentUrlTag.getContentPrefix(request) + mainDetailImage; context.mainDetailImageUrl = mainDetailImageUrl.toString(); @@ -347,8 +347,8 @@ if (product) { contentWrapper = new ProductContentWrapper(imageMap[key], request); // initial image paths - detailImage = contentWrapper.get("DETAIL_IMAGE_URL") ?: productContentWrapper.get("DETAIL_IMAGE_URL"); - largeImage = contentWrapper.get("LARGE_IMAGE_URL") ?: productContentWrapper.get("LARGE_IMAGE_URL"); + detailImage = contentWrapper.get("DETAIL_IMAGE_URL", "url") ?: productContentWrapper.get("DETAIL_IMAGE_URL", "url"); + largeImage = contentWrapper.get("LARGE_IMAGE_URL", "url") ?: productContentWrapper.get("LARGE_IMAGE_URL", "url"); // full image URLs detailImageUrl = null; Modified: ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/order/CompanyHeader.groovy URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/order/CompanyHeader.groovy?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/order/CompanyHeader.groovy (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/order/CompanyHeader.groovy Fri Sep 25 16:27:12 2015 @@ -213,7 +213,7 @@ if (emails) { // website websiteUrls = from("PartyContactWithPurpose") - .where("partyId", partyId, "contactMechPurposeTypeId", "PRIMARY_WEB_URL") + .where("partyId", partyId, "contactMechPurposeTypeId", "PRIMARY_WEB_URL", "url") .filterByDate("contactFromDate", "contactThruDate", "purposeFromDate", "purposeThruDate") .queryList(); if (websiteUrls) { Modified: ofbiz/trunk/applications/order/webapp/ordermgr/entry/SplitShip.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/entry/SplitShip.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/entry/SplitShip.ftl (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/entry/SplitShip.ftl Fri Sep 25 16:27:12 2015 @@ -176,7 +176,7 @@ function submitForm(form, mode, value) { <#if cartLine.getProductId()??> <#-- product item --> <#-- start code to display a small image of the product --> - <#assign smallImageUrl = Static["org.ofbiz.product.product.ProductContentWrapper"].getProductContentAsText(cartLine.getProduct(), "SMALL_IMAGE_URL", locale, dispatcher)!> + <#assign smallImageUrl = Static["org.ofbiz.product.product.ProductContentWrapper"].getProductContentAsText(cartLine.getProduct(), "SMALL_IMAGE_URL", locale, dispatcher, "url")!> <#if !smallImageUrl?string?has_content><#assign smallImageUrl = "/images/defaultImage.jpg"></#if> <#if smallImageUrl?string?has_content> <a href="<@ofbizUrl>product?product_id=${cartLine.getProductId()}</@ofbizUrl>"> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/entry/cart/showcartitems.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/entry/cart/showcartitems.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/entry/cart/showcartitems.ftl (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/entry/cart/showcartitems.ftl Fri Sep 25 16:27:12 2015 @@ -238,7 +238,7 @@ under the License. <div>${uiLabelMap.OrderChooseFollowingForGift}:</div> <#list cartLine.getAlternativeOptionProductIds() as alternativeOptionProductId> <#assign alternativeOptionProduct = delegator.findOne("Product", Static["org.ofbiz.base.util.UtilMisc"].toMap("productId", alternativeOptionProductId), true)> - <#assign alternativeOptionName = Static["org.ofbiz.product.product.ProductContentWrapper"].getProductContentAsText(alternativeOptionProduct, "PRODUCT_NAME", locale, dispatcher)!> + <#assign alternativeOptionName = Static["org.ofbiz.product.product.ProductContentWrapper"].getProductContentAsText(alternativeOptionProduct, "PRODUCT_NAME", locale, dispatcher, "html")!> <div><a href="<@ofbizUrl>setDesiredAlternateGwpProductId?alternateGwpProductId=${alternativeOptionProductId}&alternateGwpLine=${cartLineIndex}</@ofbizUrl>" class="buttontext">Select: ${alternativeOptionName?default(alternativeOptionProductId)}</a></div> </#list> </#if> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/breadcrumbs.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/breadcrumbs.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/breadcrumbs.ftl (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/breadcrumbs.ftl Fri Sep 25 16:27:12 2015 @@ -17,7 +17,7 @@ specific language governing permissions under the License. --> <div class="breadcrumbs"> -<#assign isDefaultTheme = !layoutSettings.VT_FTR_TMPLT_LOC?contains("multiflex")> +<#assign isDefaultTheme = !layoutSettings.VT_FTR_TMPLT_LOC?contains("multiflex")> <#if isDefaultTheme> <a href="<@ofbizUrl>main</@ofbizUrl>" class="linktext">${uiLabelMap.CommonMain}</a> > <#else> @@ -52,17 +52,17 @@ under the License. ${crumb} </#if> </a> - <#if crumb_has_next> ></#if> + <#if crumb_has_next> ></#if> </#if> <#assign previousCategoryId = crumb /> </#if> </#list> <#-- Show the product, if there is one --> <#if productContentWrapper??> - <#if isDefaultTheme> - > ${productContentWrapper.get("PRODUCT_NAME")!} + <#if isDefaultTheme> + > ${productContentWrapper.get("PRODUCT_NAME", "html")!} <#else> - <li>${productContentWrapper.get("PRODUCT_NAME")!}</li> + <li>${productContentWrapper.get("PRODUCT_NAME", "html")!}</li> </ul> </#if> </#if> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/categorydetail.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/categorydetail.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/categorydetail.ftl (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/categorydetail.ftl Fri Sep 25 16:27:12 2015 @@ -91,7 +91,7 @@ under the License. <a href="<@ofbizUrl>advancedsearch?SEARCH_CATEGORY_ID=${productCategory.productCategoryId}</@ofbizUrl>" class="buttontext">${uiLabelMap.ProductSearchInCategory}</a> </#if> <#assign longDescription = categoryContentWrapper.get("LONG_DESCRIPTION")!/> - <#assign categoryImageUrl = categoryContentWrapper.get("CATEGORY_IMAGE_URL")!/> + <#assign categoryImageUrl = categoryContentWrapper.get("CATEGORY_IMAGE_URL", "url")!/> <#if categoryImageUrl?string?has_content || longDescription?has_content> <div> <#if categoryImageUrl?string?has_content> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/compareproducts.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/compareproducts.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/compareproducts.ftl (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/compareproducts.ftl Fri Sep 25 16:27:12 2015 @@ -26,13 +26,13 @@ under the License. <#assign productContentWrapper = productData.productContentWrapper/> <#assign price = productData.priceMap/> <#assign productUrl><@ofbizCatalogAltUrl productId=product.productId/></#assign> - <#assign smallImageUrl = productContentWrapper.get("SMALL_IMAGE_URL")/> + <#assign smallImageUrl = productContentWrapper.get("SMALL_IMAGE_URL", "url")/> <#if smallImageUrl!?length == 0> <#assign smallImageUrl = "/images/defaultImage.jpg"/> </#if> <td style="width:${tdWidth?c}%;"> <img src="<@ofbizContentUrl>${contentPathPrefix!}${smallImageUrl}</@ofbizContentUrl>" alt="Small Image"/><br /> - ${productContentWrapper.get("PRODUCT_NAME")}<br /> + ${productContentWrapper.get("PRODUCT_NAME", "html")}<br /> <#if totalPrice??> <div>${uiLabelMap.ProductAggregatedPrice}: <span class='basePrice'><@ofbizCurrency amount=totalPrice isoCode=totalPrice.currencyUsed/></span></div> <#else> @@ -101,7 +101,7 @@ under the License. <#list compareList as product> <#assign productData = productDataMap[product.productId]/> <#assign productContentWrapper = productData.productContentWrapper/> - <td>${productContentWrapper.get("DESCRIPTION")?default(" ")}</td> + <td>${productContentWrapper.get("DESCRIPTION", "html")?default(" ")}</td> </#list> </tr> <#-- Long Description --> @@ -110,7 +110,7 @@ under the License. <#list compareList as product> <#assign productData = productDataMap[product.productId]/> <#assign productContentWrapper = productData.productContentWrapper/> - <td>${productContentWrapper.get("LONG_DESCRIPTION")?default(" ")}</td> + <td>${productContentWrapper.get("LONG_DESCRIPTION", "html")?default(" ")}</td> </#list> </tr> <#list productFeatureTypeIds as productFeatureTypeId> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/compareproductslist.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/compareproductslist.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/compareproductslist.ftl (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/compareproductslist.ftl Fri Sep 25 16:27:12 2015 @@ -30,7 +30,7 @@ under the License. <#list productCompareList as product> <tr> <td> - ${Static["org.ofbiz.product.product.ProductContentWrapper"].getProductContentAsText(product, "PRODUCT_NAME", request)} + ${Static["org.ofbiz.product.product.ProductContentWrapper"].getProductContentAsText(product, "PRODUCT_NAME", request, "html")} </td> <td> <form method="post" action="<@ofbizUrl>removeFromCompare</@ofbizUrl>" name="removeFromCompare${product_index}form"> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/configproductdetail.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/configproductdetail.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/configproductdetail.ftl (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/configproductdetail.ftl Fri Sep 25 16:27:12 2015 @@ -193,7 +193,7 @@ function getConfigDetails() { <#-- Product image/name/price --> <tr> <td valign="top" width="0"> - <#assign productLargeImageUrl = productContentWrapper.get("LARGE_IMAGE_URL")!> + <#assign productLargeImageUrl = productContentWrapper.get("LARGE_IMAGE_URL", "url")!> <#-- remove the next two lines to always display the virtual image first (virtual images must exist) --> <#if firstLargeImage?has_content> <#assign productLargeImageUrl = firstLargeImage> @@ -203,8 +203,8 @@ function getConfigDetails() { </#if> </td> <td align="right" valign="top"> - <h2>${productContentWrapper.get("PRODUCT_NAME")!}</h2> - <div>${productContentWrapper.get("DESCRIPTION")!}</div> + <h2>${productContentWrapper.get("PRODUCT_NAME", "html")!}</h2> + <div>${productContentWrapper.get("DESCRIPTION", "html")!}</div> <div><b>${product.productId!}</b></div> <#-- example of showing a certain type of feature with the product --> <#if sizeProductFeatureAndAppls?has_content> @@ -394,9 +394,9 @@ function getConfigDetails() { <#list imageKeys as key> <#assign swatchProduct = imageMap.get(key)> <#if swatchProduct?has_content && indexer < maxIndex> - <#assign imageUrl = Static["org.ofbiz.product.product.ProductContentWrapper"].getProductContentAsText(swatchProduct, "SMALL_IMAGE_URL", request)!> + <#assign imageUrl = Static["org.ofbiz.product.product.ProductContentWrapper"].getProductContentAsText(swatchProduct, "SMALL_IMAGE_URL", request, "url")!> <#if !imageUrl?string?has_content> - <#assign imageUrl = productContentWrapper.get("SMALL_IMAGE_URL")!> + <#assign imageUrl = productContentWrapper.get("SMALL_IMAGE_URL", "url")!> </#if> <#if !imageUrl?string?has_content> <#assign imageUrl = "/images/defaultImage.jpg"> @@ -423,7 +423,7 @@ function getConfigDetails() { <#-- Long description of product --> <tr> <td colspan="2"> - <div>${productContentWrapper.get("LONG_DESCRIPTION")!}</div> + <div>${productContentWrapper.get("LONG_DESCRIPTION", "html")!}</div> </td> </tr> @@ -461,7 +461,7 @@ function getConfigDetails() { <#if instructions?has_content> <a href="javascript:showErrorAlert("${uiLabelMap.CommonErrorMessage2}","${instructions}");" class="buttontext">Instructions</a> </#if> - <#assign image = question.content.get("IMAGE_URL")!> + <#assign image = question.content.get("IMAGE_URL", "url")!> <#if image?has_content> <img src='<@ofbizContentUrl>${contentPathPrefix!}${image!}</@ofbizContentUrl>' vspace='5' hspace='5' class='cssImgSmall' align='left' alt="" /> </#if> @@ -620,7 +620,7 @@ function getConfigDetails() { </#if> <#if assocProducts?has_content> <tr><td> </td></tr> - <tr><td colspan="2"><h2>${beforeName!}<#if showName == "Y">${productContentWrapper.get("PRODUCT_NAME")!}</#if>${afterName!}</h2></td></tr> + <tr><td colspan="2"><h2>${beforeName!}<#if showName == "Y">${productContentWrapper.get("PRODUCT_NAME", "html")!}</#if>${afterName!}</h2></td></tr> <tr><td><hr /></td></tr> <#list assocProducts as productAssoc> <tr><td> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/inlineProductDetail.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/inlineProductDetail.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/inlineProductDetail.ftl (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/inlineProductDetail.ftl Fri Sep 25 16:27:12 2015 @@ -258,7 +258,7 @@ ${virtualJavaScript!} <table border="0" cellpadding="2" cellspacing="0" width="100%"> <tr> <td align="left" valign="top" width="0"> - <#assign productLargeImageUrl = productContentWrapper.get("LARGE_IMAGE_URL")!> + <#assign productLargeImageUrl = productContentWrapper.get("LARGE_IMAGE_URL", "url")!> <#if firstLargeImage?has_content> <#assign productLargeImageUrl = firstLargeImage> </#if> @@ -268,7 +268,7 @@ ${virtualJavaScript!} </#if> </td> <td align="right" valign="top" width="100%"> - <#-- <h2>${productContentWrapper.get("PRODUCT_NAME")!}</h2> --> + <#-- <h2>${productContentWrapper.get("PRODUCT_NAME", "html")!}</h2> --> <#assign inStock = true> <#if product.isVirtual!?upper_case == "Y"> <#if product.virtualVariantMethodEnum! == "VV_FEATURETREE" && featureLists?has_content> @@ -365,9 +365,9 @@ ${virtualJavaScript!} <#list imageKeys as key> <#assign swatchProduct = imageMap.get(key)> <#if swatchProduct?has_content && indexer < maxIndex> - <#assign imageUrl = Static["org.ofbiz.product.product.ProductContentWrapper"].getProductContentAsText(swatchProduct, "SMALL_IMAGE_URL", request)!> + <#assign imageUrl = Static["org.ofbiz.product.product.ProductContentWrapper"].getProductContentAsText(swatchProduct, "SMALL_IMAGE_URL", request, "url")!> <#if !imageUrl?string?has_content> - <#assign imageUrl = productContentWrapper.get("SMALL_IMAGE_URL")!> + <#assign imageUrl = productContentWrapper.get("SMALL_IMAGE_URL", "url")!> </#if> <#if !imageUrl?string?has_content> <#assign imageUrl = "/images/defaultImage.jpg"> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/productdetail.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/productdetail.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/productdetail.ftl (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/productdetail.ftl Fri Sep 25 16:27:12 2015 @@ -304,7 +304,7 @@ ${virtualJavaScript!} <#-- Product image/name/price --> <tr> <td valign="top" width="0"> - <#assign productLargeImageUrl = productContentWrapper.get("LARGE_IMAGE_URL")!> + <#assign productLargeImageUrl = productContentWrapper.get("LARGE_IMAGE_URL", "url")!> <#-- remove the next two lines to always display the virtual image first (virtual images must exist) --> <#if firstLargeImage?has_content> <#assign productLargeImageUrl = firstLargeImage> @@ -314,8 +314,8 @@ ${virtualJavaScript!} </#if> </td> <td align="right" valign="top"> - <h2>${productContentWrapper.get("PRODUCT_NAME")!}</h2> - <div>${productContentWrapper.get("DESCRIPTION")!}</div> + <h2>${productContentWrapper.get("PRODUCT_NAME", "html")!}</h2> + <div>${productContentWrapper.get("DESCRIPTION", "html")!}</div> <div><b>${product.productId!}</b></div> <#-- example of showing a certain type of feature with the product --> <#if sizeProductFeatureAndAppls?has_content> @@ -596,9 +596,9 @@ ${virtualJavaScript!} <#list imageKeys as key> <#assign swatchProduct = imageMap.get(key)> <#if swatchProduct?has_content && indexer < maxIndex> - <#assign imageUrl = Static["org.ofbiz.product.product.ProductContentWrapper"].getProductContentAsText(swatchProduct, "SMALL_IMAGE_URL", request)!> + <#assign imageUrl = Static["org.ofbiz.product.product.ProductContentWrapper"].getProductContentAsText(swatchProduct, "SMALL_IMAGE_URL", request, "url")!> <#if !imageUrl?string?has_content> - <#assign imageUrl = productContentWrapper.get("SMALL_IMAGE_URL")!> + <#assign imageUrl = productContentWrapper.get("SMALL_IMAGE_URL", "url")!> </#if> <#if !imageUrl?string?has_content> <#assign imageUrl = "/images/defaultImage.jpg"> @@ -633,8 +633,8 @@ ${virtualJavaScript!} <#-- Long description of product --> <div id="long-description"> - <div>${productContentWrapper.get("LONG_DESCRIPTION")!}</div> - <div>${productContentWrapper.get("WARNINGS")!}</div> + <div>${productContentWrapper.get("LONG_DESCRIPTION", "html")!}</div> + <div>${productContentWrapper.get("WARNINGS", "html")!}</div> </div> <#-- Any attributes/etc may go here --> @@ -646,7 +646,7 @@ ${virtualJavaScript!} <#assign targetRequest = targetRequestName> </#if> <#if assocProducts?has_content> - <h2>${beforeName!}<#if showName == "Y">${productContentWrapper.get("PRODUCT_NAME")!}</#if>${afterName!}</h2> + <h2>${beforeName!}<#if showName == "Y">${productContentWrapper.get("PRODUCT_NAME", "html")!}</#if>${afterName!}</h2> <div class="productsummary-container"> <#list assocProducts as productAssoc> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/productsummary.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/productsummary.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/productsummary.ftl (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/productsummary.ftl Fri Sep 25 16:27:12 2015 @@ -62,7 +62,7 @@ ${virtualJavaScript!} <#if requestAttributes.productCategoryMember??> <#assign prodCatMem = requestAttributes.productCategoryMember> </#if> - <#assign smallImageUrl = productContentWrapper.get("SMALL_IMAGE_URL")!> + <#assign smallImageUrl = productContentWrapper.get("SMALL_IMAGE_URL", "url")!> <#if !smallImageUrl?string?has_content><#assign smallImageUrl = "/images/defaultImage.jpg"></#if> <#-- end variable setup --> <#assign productInfoLinkId = "productInfoLink"> @@ -160,9 +160,9 @@ ${virtualJavaScript!} </div> <div class="productinfo"> <div> - <a href="${productUrl}" class="linktext">${productContentWrapper.get("PRODUCT_NAME")!}</a> + <a href="${productUrl}" class="linktext">${productContentWrapper.get("PRODUCT_NAME", "html")!}</a> </div> - <div>${productContentWrapper.get("DESCRIPTION")!}<#if daysToShip??> - ${uiLabelMap.ProductUsuallyShipsIn} <b>${daysToShip}</b> ${uiLabelMap.CommonDays}!</#if></div> + <div>${productContentWrapper.get("DESCRIPTION", "html")!}<#if daysToShip??> - ${uiLabelMap.ProductUsuallyShipsIn} <b>${daysToShip}</b> ${uiLabelMap.CommonDays}!</#if></div> <#-- Display category-specific product comments --> <#if prodCatMem?? && prodCatMem.comments?has_content> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/quickaddsummary.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/quickaddsummary.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/quickaddsummary.ftl (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/entry/catalog/quickaddsummary.ftl Fri Sep 25 16:27:12 2015 @@ -25,7 +25,7 @@ under the License. </span> <span class="name"> <div> - <a href="<@ofbizUrl>product?product_id=${product.productId}</@ofbizUrl>" class="buttontext">${productContentWrapper.get("PRODUCT_NAME")!}</a> + <a href="<@ofbizUrl>product?product_id=${product.productId}</@ofbizUrl>" class="buttontext">${productContentWrapper.get("PRODUCT_NAME", "html")!}</a> </div> </span> <span class="listPrice"> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/order/editorderitems.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/order/editorderitems.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/order/editorderitems.ftl (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/order/editorderitems.ftl Fri Sep 25 16:27:12 2015 @@ -106,7 +106,7 @@ under the License. <div> <a href="/catalog/control/EditProduct?productId=${productId}" class="buttontext" target="_blank">${uiLabelMap.ProductCatalog}</a> <a href="/ecommerce/control/product?product_id=${productId}" class="buttontext" target="_blank">${uiLabelMap.OrderEcommerce}</a> - <#if orderItemContentWrapper.get("IMAGE_URL")?has_content> + <#if orderItemContentWrapper.get("IMAGE_URL", "url")?has_content> <a href="<@ofbizUrl>viewimage?orderId=${orderId}&orderItemSeqId=${orderItem.orderItemSeqId}&orderContentTypeId=IMAGE_URL</@ofbizUrl>" target="_orderImage" class="buttontext">${uiLabelMap.OrderViewImage}</a> </#if> </div> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/order/orderinfo.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/order/orderinfo.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/order/orderinfo.ftl (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/order/orderinfo.ftl Fri Sep 25 16:27:12 2015 @@ -223,7 +223,7 @@ under the License. </td> </tr> </#if> - <#if orderContentWrapper.get("IMAGE_URL")?has_content> + <#if orderContentWrapper.get("IMAGE_URL", "url")?has_content> <tr><td colspan="3"><hr /></td></tr> <tr> <td align="right" valign="top" width="15%" class="label"> ${uiLabelMap.OrderImage}</td> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/order/orderitems.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/order/orderitems.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/order/orderitems.ftl (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/order/orderitems.ftl Fri Sep 25 16:27:12 2015 @@ -95,7 +95,7 @@ under the License. </#if> <a href="/catalog/control/EditProduct?productId=${productId}${StringUtil.wrapString(externalKeyParam)}" class="buttontext" target="_blank">${uiLabelMap.ProductCatalog}</a> <a href="/ecommerce/control/product?product_id=${productId}" class="buttontext" target="_blank">${uiLabelMap.OrderEcommerce}</a> - <#if orderItemContentWrapper.get("IMAGE_URL")?has_content> + <#if orderItemContentWrapper.get("IMAGE_URL", "url")?has_content> <a href="<@ofbizUrl>viewimage?orderId=${orderId}&orderItemSeqId=${orderItem.orderItemSeqId}&orderContentTypeId=IMAGE_URL</@ofbizUrl>" target="_orderImage" class="buttontext">${uiLabelMap.OrderViewImage}</a> </#if> Modified: ofbiz/trunk/applications/party/src/org/ofbiz/party/content/PartyContentWrapper.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/src/org/ofbiz/party/content/PartyContentWrapper.java?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/party/src/org/ofbiz/party/content/PartyContentWrapper.java (original) +++ ofbiz/trunk/applications/party/src/org/ofbiz/party/content/PartyContentWrapper.java Fri Sep 25 16:27:12 2015 @@ -19,25 +19,35 @@ package org.ofbiz.party.content; -import org.ofbiz.content.content.ContentWrapper; -import org.ofbiz.content.content.ContentWorker; +import java.io.IOException; +import java.io.StringWriter; +import java.io.Writer; +import java.util.HashMap; +import java.util.LinkedList; +import java.util.List; +import java.util.Locale; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; + +import org.ofbiz.base.util.Debug; +import org.ofbiz.base.util.GeneralException; +import org.ofbiz.base.util.GeneralRuntimeException; +import org.ofbiz.base.util.StringUtil; +import org.ofbiz.base.util.UtilCodec; +import org.ofbiz.base.util.UtilHttp; +import org.ofbiz.base.util.UtilValidate; import org.ofbiz.base.util.cache.UtilCache; -import org.ofbiz.base.util.*; -import org.ofbiz.entity.GenericValue; +import org.ofbiz.content.content.ContentWorker; +import org.ofbiz.content.content.ContentWrapper; import org.ofbiz.entity.Delegator; +import org.ofbiz.entity.GenericValue; +import org.ofbiz.entity.model.ModelEntity; +import org.ofbiz.entity.model.ModelUtil; import org.ofbiz.entity.util.EntityQuery; import org.ofbiz.entity.util.EntityUtil; -import org.ofbiz.entity.model.ModelUtil; -import org.ofbiz.entity.model.ModelEntity; import org.ofbiz.service.LocalDispatcher; -import javax.servlet.http.HttpServletRequest; - -import java.util.*; -import java.io.Writer; -import java.io.IOException; -import java.io.StringWriter; - /** * WorkEffortContentWrapper; gets work effort content for display */ @@ -68,12 +78,12 @@ public class PartyContentWrapper impleme } // interface implementation - public String get(String contentTypeId, boolean useCache) { - return getPartyContentAsText(party, contentTypeId, locale, mimeTypeId, party.getDelegator(), dispatcher, useCache); + public String get(String contentTypeId, boolean useCache, String encoderType) { + return getPartyContentAsText(party, contentTypeId, locale, mimeTypeId, party.getDelegator(), dispatcher, useCache, encoderType); } - public StringUtil.StringWrapper get(String contentTypeId) { - return StringUtil.makeStringWrapper(get(contentTypeId, true)); + public StringUtil.StringWrapper get(String contentTypeId, String encoderType) { + return StringUtil.makeStringWrapper(get(contentTypeId, true, encoderType)); } public String getId(String contentTypeId) { @@ -94,35 +104,36 @@ public class PartyContentWrapper impleme } } - public String getContent(String contentId, boolean useCache) { - return getPartyContentAsText(party, contentId, null, locale, mimeTypeId, party.getDelegator(), dispatcher, useCache); + public String getContent(String contentId, boolean useCache, String encoderType) { + return getPartyContentAsText(party, contentId, null, locale, mimeTypeId, party.getDelegator(), dispatcher, useCache, encoderType); } - public String getContent(String contentId) { - return getContent(contentId, true); + public String getContent(String contentId, String encoderType) { + return getContent(contentId, true, encoderType); } // static methods - public static String getPartyContentAsText(GenericValue party, String partyContentId, HttpServletRequest request) { + public static String getPartyContentAsText(GenericValue party, String partyContentId, HttpServletRequest request, String encoderType) { LocalDispatcher dispatcher = (LocalDispatcher) request.getAttribute("dispatcher"); - return getPartyContentAsText(party, partyContentId, null, UtilHttp.getLocale(request), "text/html", party.getDelegator(), dispatcher, true); + return getPartyContentAsText(party, partyContentId, null, UtilHttp.getLocale(request), "text/html", party.getDelegator(), dispatcher, true,encoderType); } - public static String getPartyContentAsText(GenericValue party, String partyContentId, Locale locale, LocalDispatcher dispatcher) { - return getPartyContentAsText(party, partyContentId, null, locale, null, null, dispatcher, true); + public static String getPartyContentAsText(GenericValue party, String partyContentId, Locale locale, LocalDispatcher dispatcher, String encoderType) { + return getPartyContentAsText(party, partyContentId, null, locale, null, null, dispatcher, true, encoderType); } public static String getPartyContentAsText(GenericValue party, String partyContentTypeId, - Locale locale, String mimeTypeId, Delegator delegator, LocalDispatcher dispatcher, boolean useCache) { - return getPartyContentAsText(party, null, partyContentTypeId, locale, mimeTypeId, delegator, dispatcher, useCache); + Locale locale, String mimeTypeId, Delegator delegator, LocalDispatcher dispatcher, boolean useCache, String encoderType) { + return getPartyContentAsText(party, null, partyContentTypeId, locale, mimeTypeId, delegator, dispatcher, useCache, encoderType); } public static String getPartyContentAsText(GenericValue party, String contentId, String partyContentTypeId, - Locale locale, String mimeTypeId, Delegator delegator, LocalDispatcher dispatcher, boolean useCache) { + Locale locale, String mimeTypeId, Delegator delegator, LocalDispatcher dispatcher, boolean useCache, String encoderType) { if (party == null) { return null; } - + + UtilCodec.SimpleEncoder encoder = UtilCodec.getEncoder(encoderType); String candidateFieldName = ModelUtil.dbNameToVarName(partyContentTypeId); String cacheKey; if (contentId != null) { @@ -146,19 +157,19 @@ public class PartyContentWrapper impleme String outString = outWriter.toString(); if (outString.length() > 0) { - return partyContentCache.putIfAbsentAndGet(cacheKey, outString); + return partyContentCache.putIfAbsentAndGet(cacheKey, encoder.encode(outString)); } else { String candidateOut = party.getModelEntity().isField(candidateFieldName) ? party.getString(candidateFieldName): ""; - return candidateOut == null ? "" : candidateOut; + return candidateOut == null? "" : encoder.encode(candidateOut); } } catch (GeneralException e) { Debug.logError(e, "Error rendering PartyContent, inserting empty String", module); String candidateOut = party.getModelEntity().isField(candidateFieldName) ? party.getString(candidateFieldName): ""; - return candidateOut == null? "" : candidateOut; + return candidateOut == null? "" : encoder.encode(candidateOut); } catch (IOException e) { Debug.logError(e, "Error rendering PartyContent, inserting empty String", module); String candidateOut = party.getModelEntity().isField(candidateFieldName) ? party.getString(candidateFieldName): ""; - return candidateOut == null? "" : candidateOut; + return candidateOut == null? "" : encoder.encode(candidateOut); } } Modified: ofbiz/trunk/applications/party/webapp/partymgr/party/editShoppingList.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/webapp/partymgr/party/editShoppingList.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/party/webapp/partymgr/party/editShoppingList.ftl (original) +++ ofbiz/trunk/applications/party/webapp/partymgr/party/editShoppingList.ftl Fri Sep 25 16:27:12 2015 @@ -206,7 +206,7 @@ under the License. <#assign isVirtual = product.isVirtual?? && product.isVirtual.equals("Y")> <tr valign="middle"<#if alt_row> class="alternate-row"</#if>> <td><a href="/catalog/control/EditProduct?productId=${shoppingListItem.productId}&externalLoginKey=${requestAttributes.externalLoginKey}">${shoppingListItem.productId} - - ${productContentWrapper.get("PRODUCT_NAME")?default("No Name")}</a> : ${productContentWrapper.get("DESCRIPTION")!} + ${productContentWrapper.get("PRODUCT_NAME", "html")?default("No Name")}</a> : ${productContentWrapper.get("DESCRIPTION", "html")!} </td> <form method="post" action="<@ofbizUrl>removeFromShoppingList</@ofbizUrl>" name='removeform_${shoppingListItem.shoppingListItemSeqId}'> <input type="hidden" name="shoppingListId" value="${shoppingListItem.shoppingListId}" /> Modified: ofbiz/trunk/applications/party/webapp/partymgr/party/profileblocks/SerializedInventory.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/webapp/partymgr/party/profileblocks/SerializedInventory.ftl?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/party/webapp/partymgr/party/profileblocks/SerializedInventory.ftl (original) +++ ofbiz/trunk/applications/party/webapp/partymgr/party/profileblocks/SerializedInventory.ftl Fri Sep 25 16:27:12 2015 @@ -47,7 +47,7 @@ under the License. <#assign product = Static['org.ofbiz.product.product.ProductWorker'].getParentProduct(product.productId, delegator)!> </#if> <#if product?has_content> - <#assign productName = Static['org.ofbiz.product.product.ProductContentWrapper'].getProductContentAsText(product, 'PRODUCT_NAME', request)!> + <#assign productName = Static['org.ofbiz.product.product.ProductContentWrapper'].getProductContentAsText(product, 'PRODUCT_NAME', request, "html")!> <a href="/catalog/control/EditProduct?productId=${product.productId}&externalLoginKey=${requestAttributes.externalLoginKey!}">${productName?default(product.productId)}</a> </#if> </#if> Modified: ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CatalogUrlFilter.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CatalogUrlFilter.java?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CatalogUrlFilter.java (original) +++ ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CatalogUrlFilter.java Fri Sep 25 16:27:12 2015 @@ -353,7 +353,7 @@ public class CatalogUrlFilter extends Co public static String makeCategoryUrl(Delegator delegator, CategoryContentWrapper wrapper, List<String> trail, String contextPath, String previousCategoryId, String productCategoryId, String productId, String viewSize, String viewIndex, String viewSort, String searchString) { String url = ""; - StringWrapper alternativeUrl = wrapper.get("ALTERNATIVE_URL"); + StringWrapper alternativeUrl = wrapper.get("ALTERNATIVE_URL", "url"); if (UtilValidate.isNotEmpty(alternativeUrl) && UtilValidate.isNotEmpty(alternativeUrl.toString())) { StringBuilder urlBuilder = new StringBuilder(); @@ -429,7 +429,7 @@ public class CatalogUrlFilter extends Co public static String makeProductUrl(Delegator delegator, ProductContentWrapper wrapper, List<String> trail, String contextPath, String previousCategoryId, String productCategoryId, String productId) { String url = ""; - StringWrapper alternativeUrl = wrapper.get("ALTERNATIVE_URL"); + StringWrapper alternativeUrl = wrapper.get("ALTERNATIVE_URL", "url"); if (UtilValidate.isNotEmpty(alternativeUrl) && UtilValidate.isNotEmpty(alternativeUrl.toString())) { StringBuilder urlBuilder = new StringBuilder(); urlBuilder.append(contextPath); Modified: ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CategoryContentWrapper.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CategoryContentWrapper.java?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CategoryContentWrapper.java (original) +++ ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CategoryContentWrapper.java Fri Sep 25 16:27:12 2015 @@ -30,11 +30,12 @@ import javax.servlet.http.HttpServletReq import org.ofbiz.base.util.Debug; import org.ofbiz.base.util.GeneralException; +import org.ofbiz.base.util.GeneralRuntimeException; import org.ofbiz.base.util.StringUtil; +import org.ofbiz.base.util.UtilCodec; import org.ofbiz.base.util.UtilHttp; -import org.ofbiz.base.util.UtilValidate; import org.ofbiz.base.util.UtilProperties; -import org.ofbiz.base.util.GeneralRuntimeException; +import org.ofbiz.base.util.UtilValidate; import org.ofbiz.content.content.ContentWorker; import org.ofbiz.content.content.ContentWrapper; import org.ofbiz.entity.Delegator; @@ -75,27 +76,28 @@ public class CategoryContentWrapper impl this.mimeTypeId = "text/html"; } - public StringUtil.StringWrapper get(String prodCatContentTypeId) { - return StringUtil.makeStringWrapper(getProductCategoryContentAsText(productCategory, prodCatContentTypeId, locale, mimeTypeId, productCategory.getDelegator(), dispatcher)); + public StringUtil.StringWrapper get(String prodCatContentTypeId, String encoderType) { + return StringUtil.makeStringWrapper(getProductCategoryContentAsText(productCategory, prodCatContentTypeId, locale, mimeTypeId, productCategory.getDelegator(), dispatcher, encoderType)); } - public static String getProductCategoryContentAsText(GenericValue productCategory, String prodCatContentTypeId, HttpServletRequest request) { + public static String getProductCategoryContentAsText(GenericValue productCategory, String prodCatContentTypeId, HttpServletRequest request, String encoderType) { LocalDispatcher dispatcher = (LocalDispatcher) request.getAttribute("dispatcher"); - return getProductCategoryContentAsText(productCategory, prodCatContentTypeId, UtilHttp.getLocale(request), "text/html", productCategory.getDelegator(), dispatcher); + return getProductCategoryContentAsText(productCategory, prodCatContentTypeId, UtilHttp.getLocale(request), "text/html", productCategory.getDelegator(), dispatcher, encoderType); } - public static String getProductCategoryContentAsText(GenericValue productCategory, String prodCatContentTypeId, Locale locale, LocalDispatcher dispatcher) { - return getProductCategoryContentAsText(productCategory, prodCatContentTypeId, locale, null, null, dispatcher); + public static String getProductCategoryContentAsText(GenericValue productCategory, String prodCatContentTypeId, Locale locale, LocalDispatcher dispatcher, String encoderType) { + return getProductCategoryContentAsText(productCategory, prodCatContentTypeId, locale, null, null, dispatcher, encoderType); } - public static String getProductCategoryContentAsText(GenericValue productCategory, String prodCatContentTypeId, Locale locale, String mimeTypeId, Delegator delegator, LocalDispatcher dispatcher) { + public static String getProductCategoryContentAsText(GenericValue productCategory, String prodCatContentTypeId, Locale locale, String mimeTypeId, Delegator delegator, LocalDispatcher dispatcher, String encoderType) { String candidateFieldName = ModelUtil.dbNameToVarName(prodCatContentTypeId); + UtilCodec.SimpleEncoder encoder = UtilCodec.getEncoder(encoderType); try { Writer outWriter = new StringWriter(); getProductCategoryContentAsText(null, productCategory, prodCatContentTypeId, locale, mimeTypeId, delegator, dispatcher, outWriter); String outString = outWriter.toString(); if (outString.length() > 0) { - return outString; + return encoder.encode(outString); } else { return null; } Modified: ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CategoryServices.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CategoryServices.java?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CategoryServices.java (original) +++ ofbiz/trunk/applications/product/src/org/ofbiz/product/category/CategoryServices.java Fri Sep 25 16:27:12 2015 @@ -503,8 +503,8 @@ public class CategoryServices { Map dataAttrMap = new HashMap(); CategoryContentWrapper categoryContentWrapper = new CategoryContentWrapper(cate, request); String title = null; - if (UtilValidate.isNotEmpty(categoryContentWrapper.get(catNameField))) { - title = new StringBuffer(categoryContentWrapper.get(catNameField).toString()).append(" [").append(catId).append("]").toString(); + if (UtilValidate.isNotEmpty(categoryContentWrapper.get(catNameField, "html"))) { + title = new StringBuffer(categoryContentWrapper.get(catNameField, "html").toString()).append(" [").append(catId).append("]").toString(); dataMap.put("title", title); } else { title = catId.toString(); Modified: ofbiz/trunk/applications/product/src/org/ofbiz/product/category/ftl/CatalogUrlSeoTransform.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/org/ofbiz/product/category/ftl/CatalogUrlSeoTransform.java?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/product/src/org/ofbiz/product/category/ftl/CatalogUrlSeoTransform.java (original) +++ ofbiz/trunk/applications/product/src/org/ofbiz/product/category/ftl/CatalogUrlSeoTransform.java Fri Sep 25 16:27:12 2015 @@ -209,7 +209,7 @@ public class CatalogUrlSeoTransform impl } else { GenericValue productCategory = delegator.findOne("ProductCategory", UtilMisc.toMap("productCategoryId", categoryId), true); CategoryContentWrapper wrapper = new CategoryContentWrapper(productCategory, request); - StringWrapper alternativeUrl = wrapper.get("ALTERNATIVE_URL"); + StringWrapper alternativeUrl = wrapper.get("ALTERNATIVE_URL", "url"); if (UtilValidate.isNotEmpty(alternativeUrl) && UtilValidate.isNotEmpty(alternativeUrl.toString())) { categoryIdName = SeoUrlUtil.replaceSpecialCharsUrl(alternativeUrl.toString()); categoryNameId = categoryIdName + URL_HYPHEN + categoryId.trim().replaceAll(" ", URL_HYPHEN); @@ -299,7 +299,7 @@ public class CatalogUrlSeoTransform impl urlBuilder.append(productName + URL_HYPHEN); } else { ProductContentWrapper wrapper = new ProductContentWrapper(product, request); - StringWrapper alternativeUrl = wrapper.get("ALTERNATIVE_URL"); + StringWrapper alternativeUrl = wrapper.get("ALTERNATIVE_URL", "url"); if (UtilValidate.isNotEmpty(alternativeUrl) && UtilValidate.isNotEmpty(alternativeUrl.toString())) { productName = SeoUrlUtil.replaceSpecialCharsUrl(alternativeUrl.toString()); if (UtilValidate.isNotEmpty(productName)) { @@ -678,8 +678,8 @@ public class CatalogUrlSeoTransform impl * @param productId * @return */ - public static String makeProductUrl(Delegator delegator, ProductContentWrapper wrapper, String prefix, String contextPath, String currentCategoryId, String previousCategoryId, - String productId) { + public static String makeProductUrl(Delegator delegator, ProductContentWrapper wrapper, String prefix, String contextPath, String currentCategoryId, String previousCategoryId, + String productId) { StringBuilder urlBuilder = new StringBuilder(); GenericValue product = null; urlBuilder.append(prefix); @@ -731,7 +731,7 @@ public class CatalogUrlSeoTransform impl if (UtilValidate.isNotEmpty(productName)) { urlBuilder.append(productName + URL_HYPHEN); } else { - StringWrapper alternativeUrl = wrapper.get("ALTERNATIVE_URL"); + StringWrapper alternativeUrl = wrapper.get("ALTERNATIVE_URL", "url"); if (UtilValidate.isNotEmpty(alternativeUrl) && UtilValidate.isNotEmpty(alternativeUrl.toString())) { productName = SeoUrlUtil.replaceSpecialCharsUrl(alternativeUrl.toString()); if (UtilValidate.isNotEmpty(productName)) { @@ -753,26 +753,26 @@ public class CatalogUrlSeoTransform impl } return urlBuilder.toString(); - } + } - /** + /** * This is used when building category url in services. - * - * @param delegator - * @param wrapper - * @param prefix - * @param productCategoryId - * @param previousCategoryId - * @param productId - * @param viewSize - * @param viewIndex - * @param viewSort - * @param searchString - * @return - */ - public static String makeCategoryUrl(Delegator delegator, CategoryContentWrapper wrapper, String prefix, - String currentCategoryId, String previousCategoryId, String productId, String viewSize, String viewIndex, - String viewSort, String searchString) { + * + * @param delegator + * @param wrapper + * @param prefix + * @param productCategoryId + * @param previousCategoryId + * @param productId + * @param viewSize + * @param viewIndex + * @param viewSort + * @param searchString + * @return + */ + public static String makeCategoryUrl(Delegator delegator, CategoryContentWrapper wrapper, String prefix, + String currentCategoryId, String previousCategoryId, String productId, String viewSize, String viewIndex, + String viewSort, String searchString) { StringBuilder urlBuilder = new StringBuilder(); urlBuilder.append(prefix); if (urlBuilder.charAt(urlBuilder.length() - 1) != '/') { @@ -835,5 +835,5 @@ public class CatalogUrlSeoTransform impl } return urlBuilder.toString(); - } + } } Modified: ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductContentWrapper.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductContentWrapper.java?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductContentWrapper.java (original) +++ ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductContentWrapper.java Fri Sep 25 16:27:12 2015 @@ -30,10 +30,11 @@ import javax.servlet.http.HttpServletReq import org.ofbiz.base.util.Debug; import org.ofbiz.base.util.GeneralException; +import org.ofbiz.base.util.GeneralRuntimeException; import org.ofbiz.base.util.StringUtil; +import org.ofbiz.base.util.UtilCodec; import org.ofbiz.base.util.UtilHttp; import org.ofbiz.base.util.UtilValidate; -import org.ofbiz.base.util.GeneralRuntimeException; import org.ofbiz.base.util.cache.UtilCache; import org.ofbiz.content.content.ContentWorker; import org.ofbiz.content.content.ContentWrapper; @@ -78,28 +79,30 @@ public class ProductContentWrapper imple this.mimeTypeId = "text/html"; } - public StringUtil.StringWrapper get(String productContentTypeId) { + public StringUtil.StringWrapper get(String productContentTypeId, String encoderType) { if (this.product == null) { Debug.logWarning("Tried to get ProductContent for type [" + productContentTypeId + "] but the product field in the ProductContentWrapper is null", module); return null; } - return StringUtil.makeStringWrapper(getProductContentAsText(this.product, productContentTypeId, locale, mimeTypeId, null, null, this.product.getDelegator(), dispatcher)); + return StringUtil.makeStringWrapper(getProductContentAsText(this.product, productContentTypeId, locale, mimeTypeId, null, null, this.product.getDelegator(), dispatcher, encoderType)); } - public static String getProductContentAsText(GenericValue product, String productContentTypeId, HttpServletRequest request) { + public static String getProductContentAsText(GenericValue product, String productContentTypeId, HttpServletRequest request, String encoderType) { LocalDispatcher dispatcher = (LocalDispatcher) request.getAttribute("dispatcher"); - return getProductContentAsText(product, productContentTypeId, UtilHttp.getLocale(request), "text/html", null, null, product.getDelegator(), dispatcher); + return getProductContentAsText(product, productContentTypeId, UtilHttp.getLocale(request), "text/html", null, null, product.getDelegator(), dispatcher, encoderType); } - public static String getProductContentAsText(GenericValue product, String productContentTypeId, Locale locale, LocalDispatcher dispatcher) { - return getProductContentAsText(product, productContentTypeId, locale, null, null, null, null, dispatcher); + public static String getProductContentAsText(GenericValue product, String productContentTypeId, Locale locale, LocalDispatcher dispatcher, String encoderType) { + return getProductContentAsText(product, productContentTypeId, locale, null, null, null, null, dispatcher, encoderType); } - public static String getProductContentAsText(GenericValue product, String productContentTypeId, Locale locale, String mimeTypeId, String partyId, String roleTypeId, Delegator delegator, LocalDispatcher dispatcher) { + public static String getProductContentAsText(GenericValue product, String productContentTypeId, Locale locale, String mimeTypeId, String partyId, + String roleTypeId, Delegator delegator, LocalDispatcher dispatcher, String encoderType) { if (product == null) { return null; } + UtilCodec.SimpleEncoder encoder = UtilCodec.getEncoder(encoderType); String candidateFieldName = ModelUtil.dbNameToVarName(productContentTypeId); /* caching: there is one cache created, "product.content" Each product's content is cached with a key of * contentTypeId::locale::mimeType::productId, or whatever the SEPARATOR is defined above to be. @@ -115,19 +118,19 @@ public class ProductContentWrapper imple getProductContentAsText(null, product, productContentTypeId, locale, mimeTypeId, partyId, roleTypeId, delegator, dispatcher, outWriter); String outString = outWriter.toString(); if (outString.length() > 0) { - return productContentCache.putIfAbsentAndGet(cacheKey, outString); + return productContentCache.putIfAbsentAndGet(cacheKey, encoder.encode(outString)); } else { String candidateOut = product.getModelEntity().isField(candidateFieldName) ? product.getString(candidateFieldName): ""; - return candidateOut == null? "" : candidateOut; + return candidateOut == null? "" : encoder.encode(candidateOut); } } catch (GeneralException e) { Debug.logError(e, "Error rendering ProductContent, inserting empty String", module); String candidateOut = product.getModelEntity().isField(candidateFieldName) ? product.getString(candidateFieldName): ""; - return candidateOut == null? "" : candidateOut; + return candidateOut == null? "" : encoder.encode(candidateOut); } catch (IOException e) { Debug.logError(e, "Error rendering ProductContent, inserting empty String", module); String candidateOut = product.getModelEntity().isField(candidateFieldName) ? product.getString(candidateFieldName): ""; - return candidateOut == null? "" : candidateOut; + return candidateOut == null? "" : encoder.encode(candidateOut); } } Modified: ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductEvents.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductEvents.java?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductEvents.java (original) +++ ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductEvents.java Fri Sep 25 16:27:12 2015 @@ -20,9 +20,9 @@ package org.ofbiz.product.product; import java.math.BigDecimal; import java.sql.Timestamp; +import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; -import java.util.HashMap; import java.util.LinkedList; import java.util.List; import java.util.Map; @@ -1096,7 +1096,7 @@ public class ProductEvents { compareList.add(product); } session.setAttribute("productCompareList", compareList); - String productName = ProductContentWrapper.getProductContentAsText(product, "PRODUCT_NAME", request); + String productName = ProductContentWrapper.getProductContentAsText(product, "PRODUCT_NAME", request, "html"); String eventMsg = UtilProperties.getMessage("ProductUiLabels", "ProductAddToCompareListSuccess", UtilMisc.toMap("name", productName), UtilHttp.getLocale(request)); request.setAttribute("_EVENT_MESSAGE_", eventMsg); return "success"; @@ -1133,7 +1133,7 @@ public class ProductEvents { } } session.setAttribute("productCompareList", compareList); - String productName = ProductContentWrapper.getProductContentAsText(product, "PRODUCT_NAME", request); + String productName = ProductContentWrapper.getProductContentAsText(product, "PRODUCT_NAME", request, "html"); String eventMsg = UtilProperties.getMessage("ProductUiLabels", "ProductRemoveFromCompareListSuccess", UtilMisc.toMap("name", productName), UtilHttp.getLocale(request)); request.setAttribute("_EVENT_MESSAGE_", eventMsg); return "success"; Modified: ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductPromoContentWrapper.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductPromoContentWrapper.java?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductPromoContentWrapper.java (original) +++ ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductPromoContentWrapper.java Fri Sep 25 16:27:12 2015 @@ -33,6 +33,7 @@ import org.ofbiz.base.util.Debug; import org.ofbiz.base.util.GeneralException; import org.ofbiz.base.util.GeneralRuntimeException; import org.ofbiz.base.util.StringUtil; +import org.ofbiz.base.util.UtilCodec; import org.ofbiz.base.util.UtilHttp; import org.ofbiz.base.util.UtilValidate; import org.ofbiz.base.util.cache.UtilCache; @@ -82,28 +83,29 @@ public class ProductPromoContentWrapper this.mimeTypeId = "text/html"; } - public StringUtil.StringWrapper get(String productPromoContentTypeId) { + public StringUtil.StringWrapper get(String productPromoContentTypeId, String encoderType) { if (UtilValidate.isEmpty(this.productPromo)) { Debug.logWarning("Tried to get ProductPromoContent for type [" + productPromoContentTypeId + "] but the productPromo field in the ProductPromoContentWrapper is null", module); return null; } - return StringUtil.makeStringWrapper(getProductPromoContentAsText(this.productPromo, productPromoContentTypeId, locale, mimeTypeId, null, null, this.productPromo.getDelegator(), dispatcher)); + return StringUtil.makeStringWrapper(getProductPromoContentAsText(this.productPromo, productPromoContentTypeId, locale, mimeTypeId, null, null, this.productPromo.getDelegator(), dispatcher, encoderType)); } - public static String getProductPromoContentAsText(GenericValue productPromo, String productPromoContentTypeId, HttpServletRequest request) { + public static String getProductPromoContentAsText(GenericValue productPromo, String productPromoContentTypeId, HttpServletRequest request, String encoderType) { LocalDispatcher dispatcher = (LocalDispatcher) request.getAttribute("dispatcher"); - return getProductPromoContentAsText(productPromo, productPromoContentTypeId, UtilHttp.getLocale(request), "text/html", null, null, productPromo.getDelegator(), dispatcher); + return getProductPromoContentAsText(productPromo, productPromoContentTypeId, UtilHttp.getLocale(request), "text/html", null, null, productPromo.getDelegator(), dispatcher, encoderType); } - public static String getProductContentAsText(GenericValue productPromo, String productPromoContentTypeId, Locale locale, LocalDispatcher dispatcher) { - return getProductPromoContentAsText(productPromo, productPromoContentTypeId, locale, null, null, null, null, dispatcher); + public static String getProductContentAsText(GenericValue productPromo, String productPromoContentTypeId, Locale locale, LocalDispatcher dispatcher, String encoderType) { + return getProductPromoContentAsText(productPromo, productPromoContentTypeId, locale, null, null, null, null, dispatcher, encoderType); } - public static String getProductPromoContentAsText(GenericValue productPromo, String productPromoContentTypeId, Locale locale, String mimeTypeId, String partyId, String roleTypeId, Delegator delegator, LocalDispatcher dispatcher) { + public static String getProductPromoContentAsText(GenericValue productPromo, String productPromoContentTypeId, Locale locale, String mimeTypeId, String partyId, String roleTypeId, Delegator delegator, LocalDispatcher dispatcher, String encoderType) { if (UtilValidate.isEmpty(productPromo)) { return null; } + UtilCodec.SimpleEncoder encoder = UtilCodec.getEncoder(encoderType); String candidateFieldName = ModelUtil.dbNameToVarName(productPromoContentTypeId); /* caching: there is one cache created, "product.promo.content" Each productPromo's content is cached with a key of * contentTypeId::locale::mimeType::productPromoId, or whatever the SEPARATOR is defined above to be. @@ -119,19 +121,19 @@ public class ProductPromoContentWrapper getProductPromoContentAsText(null, productPromo, productPromoContentTypeId, locale, mimeTypeId, partyId, roleTypeId, delegator, dispatcher, outWriter); String outString = outWriter.toString(); if (outString.length() > 0) { - return productPromoContentCache.putIfAbsentAndGet(cacheKey, outString); + return productPromoContentCache.putIfAbsentAndGet(cacheKey, encoder.encode(outString)); } else { String candidateOut = productPromo.getModelEntity().isField(candidateFieldName) ? productPromo.getString(candidateFieldName): ""; - return candidateOut == null? "" : candidateOut; + return candidateOut == null? "" : encoder.encode(candidateOut); } } catch (GeneralException e) { Debug.logError(e, "Error rendering ProductPromoContent, inserting empty String", module); String candidateOut = productPromo.getModelEntity().isField(candidateFieldName) ? productPromo.getString(candidateFieldName): ""; - return candidateOut == null? "" : candidateOut; + return candidateOut == null? "" : encoder.encode(candidateOut); } catch (IOException e) { Debug.logError(e, "Error rendering ProductPromoContent, inserting empty String", module); String candidateOut = productPromo.getModelEntity().isField(candidateFieldName) ? productPromo.getString(candidateFieldName): ""; - return candidateOut == null? "" : candidateOut; + return candidateOut == null? "" : encoder.encode(candidateOut); } } Modified: ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductSearch.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductSearch.java?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductSearch.java (original) +++ ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductSearch.java Fri Sep 25 16:27:12 2015 @@ -977,9 +977,9 @@ public class ProductSearch { StringBuilder ppBuf = new StringBuilder(); ppBuf.append(UtilProperties.getMessage(resource, "ProductCategory", locale)).append(": "); if (productCategory != null) { - String catInfo = CategoryContentWrapper.getProductCategoryContentAsText(productCategory, "CATEGORY_NAME", locale, null); + String catInfo = CategoryContentWrapper.getProductCategoryContentAsText(productCategory, "CATEGORY_NAME", locale, null, "html"); if (UtilValidate.isEmpty(catInfo)) { - catInfo = CategoryContentWrapper.getProductCategoryContentAsText(productCategory, "DESCRIPTION", locale, null); + catInfo = CategoryContentWrapper.getProductCategoryContentAsText(productCategory, "DESCRIPTION", locale, null, "html"); } ppBuf.append(catInfo); } Modified: ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductWorker.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductWorker.java?rev=1705329&r1=1705328&r2=1705329&view=diff ============================================================================== --- ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductWorker.java (original) +++ ofbiz/trunk/applications/product/src/org/ofbiz/product/product/ProductWorker.java Fri Sep 25 16:27:12 2015 @@ -340,7 +340,7 @@ public class ProductWorker { } // got to here, default to PRODUCT_NAME - String alternativeProductName = ProductContentWrapper.getProductContentAsText(alternativeOptionProduct, "PRODUCT_NAME", locale, dispatcher); + String alternativeProductName = ProductContentWrapper.getProductContentAsText(alternativeOptionProduct, "PRODUCT_NAME", locale, dispatcher, "html"); // Debug.logInfo("Using PRODUCT_NAME: " + alternativeProductName, module); return alternativeProductName; } |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |