template::data::validate::richtext_or_file (public)

 template::data::validate::richtext_or_file value_ref message_ref

Defined in packages/acs-templating/tcl/richtext-or-file-procs.tcl

Validate submitted richtext_or_file by checking that the format is valid, HTML doesn't contain illegal tags, etc.

Parameters:
value_ref - Reference variable to the submitted value
message_ref - Reference variable for returning an error message
Returns:
True (1) if the submitted value is valid, false (0) otherwise

Partial Call Graph (max 5 caller/called nodes):
%3 ad_html_security_check ad_html_security_check (public) template::data::validate::text template::data::validate::text (public) template::util::richtext_or_file::formats template::util::richtext_or_file::formats (public) template::data::validate::richtext_or_file template::data::validate::richtext_or_file template::data::validate::richtext_or_file->ad_html_security_check template::data::validate::richtext_or_file->template::data::validate::text template::data::validate::richtext_or_file->template::util::richtext_or_file::formats

Testcases:
No testcase defined.
Source code:


    upvar 2 $message_ref message $value_ref richtext_or_file_list

    lassign $richtext_or_file_list storage_type mime_type text filename tmp_filename content_url

    if { $text ne "" && [lsearch -exact [template::util::richtext_or_file::formats$mime_type] == -1 } {
        set message "Invalid text format, '$mime_type'."
        return 0
    }

    # enhanced text and HTML needs to be security checked
    if { $mime_type in { text/enhanced text/html } } {
        set check_result [ad_html_security_check $text]
        if { $check_result ne "" } {
            set message $check_result
            return 0
        }
    }

    return 1
XQL Not present:
Generic, PostgreSQL, Oracle
[ hide source ] | [ make this the default ]
Show another procedure: