Revision 5d557254
Von Moritz Bunkus vor fast 16 Jahren hinzugefügt
SL/Form.pm | ||
---|---|---|
70 | 70 |
sub _store_value { |
71 | 71 |
$main::lxdebug->enter_sub(2); |
72 | 72 |
|
73 |
my $self = shift;
|
|
73 |
my $curr = shift;
|
|
74 | 74 |
my $key = shift; |
75 | 75 |
my $value = shift; |
76 | 76 |
|
77 |
my $curr = $self; |
|
78 |
|
|
79 | 77 |
while ($key =~ /\[\+?\]\.|\./) { |
80 | 78 |
substr($key, 0, $+[0]) = ''; |
81 | 79 |
|
... | ... | |
103 | 101 |
sub _input_to_hash { |
104 | 102 |
$main::lxdebug->enter_sub(2); |
105 | 103 |
|
106 |
my $self = shift;
|
|
107 |
my $input = shift; |
|
104 |
my $params = shift;
|
|
105 |
my $input = shift;
|
|
108 | 106 |
|
109 |
my @pairs = split(/&/, $input); |
|
107 |
my @pairs = split(/&/, $input);
|
|
110 | 108 |
|
111 | 109 |
foreach (@pairs) { |
112 | 110 |
my ($key, $value) = split(/=/, $_, 2); |
113 |
$self->_store_value($self->unescape($key), $self->unescape($value));
|
|
111 |
_store_value($params, unescape(undef, $key), unescape(undef, $value));
|
|
114 | 112 |
} |
115 | 113 |
|
116 | 114 |
$main::lxdebug->leave_sub(2); |
... | ... | |
119 | 117 |
sub _request_to_hash { |
120 | 118 |
$main::lxdebug->enter_sub(2); |
121 | 119 |
|
122 |
my $self = shift;
|
|
123 |
my $input = shift; |
|
120 |
my $params = shift;
|
|
121 |
my $input = shift;
|
|
124 | 122 |
|
125 | 123 |
if (!$ENV{'CONTENT_TYPE'} |
126 | 124 |
|| ($ENV{'CONTENT_TYPE'} !~ /multipart\/form-data\s*;\s*boundary\s*=\s*(.+)$/)) { |
127 | 125 |
|
128 |
$self->_input_to_hash($input);
|
|
126 |
_input_to_hash($params, $input);
|
|
129 | 127 |
|
130 | 128 |
$main::lxdebug->leave_sub(2); |
131 | 129 |
return; |
... | ... | |
173 | 171 |
substr $line, $-[0], $+[0] - $-[0], ""; |
174 | 172 |
} |
175 | 173 |
|
176 |
$previous = $self->_store_value($name, '');
|
|
177 |
$self->{FILENAME} = $filename if ($filename);
|
|
174 |
$previous = _store_value($params, $name, '');
|
|
175 |
$params->{FILENAME} = $filename if ($filename);
|
|
178 | 176 |
|
179 | 177 |
next; |
180 | 178 |
} |
... | ... | |
196 | 194 |
$main::lxdebug->leave_sub(2); |
197 | 195 |
} |
198 | 196 |
|
197 |
sub _recode_recursively { |
|
198 |
my ($iconv, $param) = @_; |
|
199 |
|
|
200 |
if (ref $param eq 'HASH') { |
|
201 |
foreach my $key (keys %{ $param }) { |
|
202 |
if (!ref $param->{$key}) { |
|
203 |
$param->{$key} = $iconv->convert($param->{$key}); |
|
204 |
} else { |
|
205 |
_recode_recursively($iconv, $param->{$key}); |
|
206 |
} |
|
207 |
} |
|
208 |
|
|
209 |
} elsif (ref $param eq 'ARRAY') { |
|
210 |
foreach my $idx (0 .. scalar(@{ $param }) - 1) { |
|
211 |
if (!ref $param->[$idx]) { |
|
212 |
$param->[$idx] = $iconv->convert($param->[$idx]); |
|
213 |
} else { |
|
214 |
_recode_recursively($iconv, $param->[$idx]); |
|
215 |
} |
|
216 |
} |
|
217 |
} |
|
218 |
} |
|
219 |
|
|
199 | 220 |
sub new { |
200 | 221 |
$main::lxdebug->enter_sub(); |
201 | 222 |
|
... | ... | |
220 | 241 |
|
221 | 242 |
bless $self, $type; |
222 | 243 |
|
223 |
$self->_request_to_hash($_); |
|
244 |
my $parameters = { }; |
|
245 |
_request_to_hash($parameters, $_); |
|
246 |
|
|
247 |
my $db_charset = $main::dbcharset; |
|
248 |
$db_charset ||= Common::DEFAULT_CHARSET; |
|
249 |
|
|
250 |
if ($parameters->{INPUT_ENCODING} && (lc $parameters->{INPUT_ENCODING} ne $db_charset)) { |
|
251 |
require Text::Iconv; |
|
252 |
my $iconv = Text::Iconv->new($parameters->{INPUT_ENCODING}, $db_charset); |
|
253 |
|
|
254 |
_recode_recursively($iconv, $parameters); |
|
255 |
|
|
256 |
delete $parameters{INPUT_ENCODING}; |
|
257 |
} |
|
258 |
|
|
259 |
map { $self->{$_} = $parameters->{$_}; } keys %{ $parameters }; |
|
224 | 260 |
|
225 | 261 |
$self->{action} = lc $self->{action}; |
226 | 262 |
$self->{action} =~ s/( |-|,|\#)/_/g; |
js/calculate_qty.js | ||
---|---|---|
7 | 7 |
var description = document.getElementsByName("description_" + row)[0].value; |
8 | 8 |
} else var action = "calculate_qty"; |
9 | 9 |
url = "common.pl?" + |
10 |
"INPUT_ENCODING=UTF-8&" + |
|
10 | 11 |
"action=" + action + "&" + |
11 | 12 |
"name=" + encodeURIComponent(name) + "&" + |
12 | 13 |
"input_name=" + encodeURIComponent(input_name) + "&" + |
js/common.js | ||
---|---|---|
42 | 42 |
var parm = centerParms(600,500) + ",width=600,height=500,status=yes,scrollbars=yes"; |
43 | 43 |
var name = document.getElementsByName(input_name)[0].value; |
44 | 44 |
url = "common.pl?" + |
45 |
"INPUT_ENCODING=UTF-8&" + |
|
45 | 46 |
"action=set_longdescription&" + |
46 | 47 |
"longdescription=" + encodeURIComponent(document.getElementsByName(input_name)[0].value) + "&" + |
47 | 48 |
"input_name=" + encodeURIComponent(input_name) + "&" |
js/customer_or_vendor_selection.js | ||
---|---|---|
2 | 2 |
var parm = centerParms(800,600) + ",width=800,height=600,status=yes,scrollbars=yes"; |
3 | 3 |
var name = document.getElementsByName(input_name)[0].value; |
4 | 4 |
url = "common.pl?" + |
5 |
"INPUT_ENCODING=UTF-8&" + |
|
5 | 6 |
"action=cov_selection_internal&" + |
6 | 7 |
"name=" + encodeURIComponent(name) + "&" + |
7 | 8 |
"input_name=" + encodeURIComponent(input_name) + "&" + |
js/delivery_customer_selection.js | ||
---|---|---|
2 | 2 |
var parm = centerParms(600,500) + ",width=600,height=500,status=yes,scrollbars=yes"; |
3 | 3 |
var name = document.getElementsByName(input_name)[0].value; |
4 | 4 |
url = "common.pl?" + |
5 |
"INPUT_ENCODING=UTF-8&" + |
|
5 | 6 |
"action=delivery_customer_selection&" + |
6 | 7 |
"name=" + encodeURIComponent(name) + "&" + |
7 | 8 |
"input_name=" + encodeURIComponent(input_name) + "&" + |
js/dunning.js | ||
---|---|---|
1 | 1 |
function set_email_window(input_subject, input_body, input_attachment) { |
2 | 2 |
var parm = centerParms(800,600) + ",width=800,height=600,status=yes,scrollbars=yes"; |
3 | 3 |
var url = "dn.pl?" + |
4 |
"INPUT_ENCODING=UTF-8&" + |
|
4 | 5 |
"action=set_email&" + |
5 | 6 |
"email_subject=" + encodeURIComponent(document.getElementsByName(input_subject)[0].value) + "&" + |
6 | 7 |
"email_body=" + encodeURIComponent(document.getElementsByName(input_body)[0].value) + "&" + |
js/follow_up.js | ||
---|---|---|
4 | 4 |
var parm = centerParms(width, height) + ",width=" + width + ",height=" + height + ",status=yes,scrollbars=yes"; |
5 | 5 |
|
6 | 6 |
url = "fu.pl?" + |
7 |
"INPUT_ENCODING=UTF-8&" + |
|
7 | 8 |
"action=add" + "&" + |
8 | 9 |
"POPUP_MODE=1"; |
9 | 10 |
|
js/part_selection.js | ||
---|---|---|
24 | 24 |
options = ""; |
25 | 25 |
|
26 | 26 |
url = "common.pl?" + |
27 |
"INPUT_ENCODING=UTF-8&" + |
|
27 | 28 |
"action=part_selection_internal&" + |
28 | 29 |
"partnumber=" + encodeURIComponent(partnumber) + "&" + |
29 | 30 |
"description=" + encodeURIComponent(description) + "&" + |
js/parts_language_selection.js | ||
---|---|---|
2 | 2 |
var parm = centerParms(600,500) + ",width=600,height=500,status=yes,scrollbars=yes"; |
3 | 3 |
var name = document.getElementsByName(input_name)[0].value; |
4 | 4 |
url = "ic.pl?" + |
5 |
"INPUT_ENCODING=UTF-8&" + |
|
5 | 6 |
"action=parts_language_selection&" + |
6 | 7 |
"id=" + encodeURIComponent(document.ic.id.value) + "&" + |
7 | 8 |
"language_values=" + encodeURIComponent(document.ic.language_values.value) + "&" + |
js/show_history.js | ||
---|---|---|
14 | 14 |
var parm = centerParms(800,500) + ",width=800,height=500,status=yes,scrollbars=yes"; |
15 | 15 |
var name = "History"; |
16 | 16 |
url = "common.pl?" + |
17 |
"INPUT_ENCODING=UTF-8&" + |
|
17 | 18 |
"action=show_history&" + |
18 | 19 |
"longdescription=" + "&" + |
19 | 20 |
"input_name=" + encodeURIComponent(id) + "&" |
js/show_vc_details.js | ||
---|---|---|
6 | 6 |
if (vc_id) |
7 | 7 |
vc_id = vc_id[0].value; |
8 | 8 |
url = "common.pl?" + |
9 |
"INPUT_ENCODING=UTF-8&" + |
|
9 | 10 |
"action=show_vc_details&" + |
10 | 11 |
"vc=" + encodeURIComponent(vc) + "&" + |
11 | 12 |
"vc_id=" + encodeURIComponent(vc_id) |
js/stock_in_out.js | ||
---|---|---|
11 | 11 |
var delivered = document.getElementsByName("delivered")[0].value; |
12 | 12 |
|
13 | 13 |
url = "do.pl?" + |
14 |
"INPUT_ENCODING=UTF-8&" + |
|
14 | 15 |
"action=stock_in_out_form&" + |
15 | 16 |
"in_out=" + encodeURIComponent(in_out) + "&" + |
16 | 17 |
"row=" + encodeURIComponent(row) + "&" + |
js/vendor_selection.js | ||
---|---|---|
2 | 2 |
var parm = centerParms(600,500) + ",width=600,height=500,status=yes,scrollbars=yes"; |
3 | 3 |
var name = document.getElementsByName(input_name)[0].value; |
4 | 4 |
url = "common.pl?" + |
5 |
"INPUT_ENCODING=UTF-8&" + |
|
5 | 6 |
"action=vendor_selection&" + |
6 | 7 |
"name=" + encodeURIComponent(name) + "&" + |
7 | 8 |
"input_name=" + encodeURIComponent(input_name) + "&" + |
templates/webpages/admin/edit_user_de.html | ||
---|---|---|
5 | 5 |
<!-- |
6 | 6 |
function open_connection_test_window() { |
7 | 7 |
// host name port user passwd |
8 |
var url = "admin.pl?action=test_db_connection&" + |
|
8 |
var url = "admin.pl?INPUT_ENCODING=UTF-8&action=test_db_connection&" +
|
|
9 | 9 |
"dbhost=" + encodeURIComponent(get_input_value("dbhost")) + "&" + |
10 | 10 |
"dbport=" + encodeURIComponent(get_input_value("dbport")) + "&" + |
11 | 11 |
"dbname=" + encodeURIComponent(get_input_value("dbname")) + "&" + |
templates/webpages/admin/edit_user_master.html | ||
---|---|---|
5 | 5 |
<!-- |
6 | 6 |
function open_connection_test_window() { |
7 | 7 |
// host name port user passwd |
8 |
var url = "admin.pl?action=test_db_connection&" + |
|
8 |
var url = "admin.pl?INPUT_ENCODING=UTF-8&action=test_db_connection&" +
|
|
9 | 9 |
"dbhost=" + encodeURIComponent(get_input_value("dbhost")) + "&" + |
10 | 10 |
"dbport=" + encodeURIComponent(get_input_value("dbport")) + "&" + |
11 | 11 |
"dbname=" + encodeURIComponent(get_input_value("dbname")) + "&" + |
Auch abrufbar als: Unified diff
Die JavaScript-Funktion "encodeURIComponent()" benutzt immer UTF-8 als Zeichensatz, egal, was die HTTP-Header oder das <form>-Element sagen. Also muss der Input bei Erhalt in den Zeichensatz der Installation konvertiert werden.