rejetto forum

[Solved] How comment a file from the webpage... Possible or not?

0 Members and 1 Guest are viewing this topic.

Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
    • Posts: 1298
  • ....... chut ! shh!
    • View Profile
Hi  :)
   
I wish I could comment a file from the webpage ... I tried this (the "add to log' is for see if it work)
---
Quote
<form method='post'>
    <input type='text' name='filecomment' value="{.!Filename to comment.}"
             onclick="if(this.value=='{.!Filename to comment.}')this.value='' "
             style="background-color:#fff; border:1px solid #000;" size="28">
    <input id=texto name=text value="{.!Enter your comment here.}"
             onclick="if(this.value=='{.!Enter your comment here.}')this.value='' "
             style="background-color:#fff; border:1px solid #000;"
             onfocus="javascript:refresh='true';" size="77"  onchange="textsend();">
    <input type='submit' name='commentfile'>
</form>

---
Quote
[special:begin]
{.if|{.and| {.postvar|commentfile.} | {.filename|{.postvar|filecomment.}.} .}|{:
{.add to log| commentaire sur
  %folder-resource%\{.filename|{.postvar|filecomment.}.}
  {.postvar|text.}
.}
:}/if.}

This is displayed in the log ... but at this moment, the comment is not saved and not displayed on the web page.

My questions are:

This is it possible with the existing macros?

If yes, someone would be a solution to suggest?

Thank you in advance. ;)

« Last Edit: November 04, 2009, 06:15:35 PM by SilentPliz »


Offline rejetto

  • Administrator
  • Tireless poster
  • *****
    • Posts: 13521
    • View Profile
you should use {.set item|/this-folder/file|comment={.postvar|text.}.}

in such case, i see we miss a way to have the text of the comment untouched.
i mean, consider if it contains this.}
once postvar is expanded, it would break the syntax.
{:quoting:} around {.postvar.} cannot be used to solve this problem, because postvar would never be expanded to its value.
the only way i can imagine is to have another command, quote, and use it this way
{.quote|{:{.postvar|text.}:}.}

i explain what this would do. Let's say 'text' value is "hello .} i break!".
the final result, with {.quote.} would be
{:hello .} i break!:}
that's harmless.

if someone has a better idea....


Offline rejetto

  • Administrator
  • Tireless poster
  • *****
    • Posts: 13521
    • View Profile

Offline Mars

  • Operator
  • Tireless poster
  • *****
    • Posts: 2063
    • View Profile
Quote
if someone has a better idea....

not actually without your delphi code  of macro quote


Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
    • Posts: 1298
  • ....... chut ! shh!
    • View Profile
Rejetto thank you!  :) :) :) :)

With the current beta...
This works perfectly with hfs.comments.txt files.
For this to work normally with descript.ion files, it was necessary that I apply the code modified by Mars:

http://www.rejetto.com/forum/index.php?topic=7475.msg1046472#msg1046472

Now everything works perfectly. ;)

The code used in template:

{.if|{.and| {.postvar|commentfile.} | {.filename|{.postvar|filecomment.}.} .}|{:
  {.set item|%folder%/{.filename|{.postvar|filecomment.}.}|comment={.postvar|text.}.}
:}/if.}


Thank you again for you two!


PS: Mars torture your hfs.exe (with new {.quote.})... the hunter of bugs is on the teeth ;D... Continued...

« Last Edit: September 25, 2009, 04:57:32 PM by SilentPliz »


Offline rejetto

  • Administrator
  • Tireless poster
  • *****
    • Posts: 13521
    • View Profile
until now, comments could not contain macros, except internal comments. those contained in the VFS.
this exception was made because such comments were considered safe, always set by the admin.
i see now that this assumption is wrong.
with such script you will end by exposing editing of in-VFS comments to the web.

think of a user setting {.delete|C:\boot.ini.} to a comment.
if this comment is saved to an external file, no problem, it's quoted.
if it is set for a virtual element, let's say, a virtual folder, enter the troubles.
because such virtual elements stores the comment internally, as said before.

at the moment the easier solution i see to this is to prevent macros also to such comments. in next release.


Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
    • Posts: 1298
  • ....... chut ! shh!
    • View Profile
   
rejetto, thank you for the warning ! ;)

I'm always a little wary of certain "forms"... so even if the macros are quoted with external files, so no great danger, I included this option in my "sector" reserved for forms with many restrictions ... Users must "vraiment montrer patte blanche" for access it.

{.if |{.and|%user%|{.!=|%user%|anonymous.}.}|
{.if|{.get|can delete.}{.and|{.get|can access.}|{.get|can upload.}.}|
etc etc...

But it is true that this kind of script may give some bad ideas to some people.  :-\

---Thus the "247" beta will be welcome as usual!

« Last Edit: September 30, 2009, 01:27:45 AM by SilentPliz »


Offline Steven

  • Occasional poster
  • *
    • Posts: 13
    • View Profile
What would happen if you were to upload the .comment file via web browser?
brb i'm going to see what will happen


Offline Steven

  • Occasional poster
  • *
    • Posts: 13
    • View Profile
Confirmed. Uploaded a .comment file from within the site (Via Firefox) and on a page refresh, the .comment file had disappeared and the file had a comment.
Very interesting ;)