Author: chris.laprun(a)jboss.com Date: 2009-05-28 22:49:28 -0400 (Thu, 28 May 2009) New Revision: 13422 Modified: branches/JBoss_Portal_Branch_2_7/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/jsp/cms/admin/create.jsp Log: - JBEPP-86: Improved error reporting when creating a new file with invalid data. Modified: branches/JBoss_Portal_Branch_2_7/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java =================================================================== --- branches/JBoss_Portal_Branch_2_7/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java 2009-05-28 16:43:34 UTC (rev 13421) +++ branches/JBoss_Portal_Branch_2_7/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java 2009-05-29 02:49:28 UTC (rev 13422) @@ -109,9 +109,9 @@ private static final Pattern CHECK_FOR_XSS_PATTERN = ParameterValidation.XSS_CHECK; private static final String SLASH = "/"; - private static final String INVALID_TITLE = "Invalid title"; - private static final String INVALID_DESCRIPTION = "Invalid description"; - private static final String INVALID_LANG = "INVALID_LANG"; + private static final String INVALID_TITLE = "__INVALID_TITLE__"; + private static final String INVALID_DESCRIPTION = "__INVALID_DESCRIPTION__"; + private static final String INVALID_LANG = "__INVALID_LANG__"; private static final String ERROR_MESSAGE = "error:message"; @@ -982,10 +982,9 @@ String sTitle = ""; String sLanguage = ""; List fileItems = upload.parseRequest(aReq); - Iterator itr = fileItems.iterator(); - while (itr.hasNext()) + for (Object fileItem : fileItems) { - FileItem item = (FileItem)itr.next(); + FileItem item = (FileItem)fileItem; // check if the current item is a form field or an uploaded file if (!item.isFormField()) @@ -1405,9 +1404,10 @@ aRes.setRenderParameter("path", sDirectory); //used to remember the data already submitted by the user + aRes.setRenderParameter(ERROR_MESSAGE, CMSAdminConstants.CMS_INVALID_PARAMETER); aRes.setRenderParameter("error:content", aReq.getParameter("elm1")); - aRes.setRenderParameter("error:description", sDescription); - aRes.setRenderParameter("error:title", sTitle); + aRes.setRenderParameter("error:description", aReq.getParameter("description")); + aRes.setRenderParameter("error:title", aReq.getParameter("title")); aRes.setRenderParameter("error:language", aReq.getParameter("language")); return; @@ -1506,26 +1506,15 @@ String sLanguage = aReq.getParameter("language"); // check title and description for XSS injection... If one found, re-display page with old values - String parameter = null; sTitle = ParameterValidation.sanitizeFromPattern(sTitle, CHECK_FOR_XSS_PATTERN, INVALID_TITLE); boolean invalidTitle = INVALID_TITLE.equals(sTitle); - if(invalidTitle) - { - parameter = "CMS_TITLE"; - } + sDescription = ParameterValidation.sanitizeFromPattern(sDescription, CHECK_FOR_XSS_PATTERN, INVALID_DESCRIPTION); boolean invalidDesc = INVALID_DESCRIPTION.equals(sDescription); - if(invalidDesc) - { - parameter = "CMS_DESCRIPTION"; - } sLanguage = ParameterValidation.sanitizeFromPattern(sLanguage, CHECK_FOR_XSS_PATTERN, INVALID_LANG); boolean invalidLang = INVALID_LANG.equals(sLanguage); if(invalidLang) - { - parameter = "CMS_LANGUAGE"; - } if (invalidTitle || invalidDesc || invalidLang) { Modified: branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/jsp/cms/admin/create.jsp =================================================================== --- branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/jsp/cms/admin/create.jsp 2009-05-28 16:43:34 UTC (rev 13421) +++ branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/jsp/cms/admin/create.jsp 2009-05-29 02:49:28 UTC (rev 13422) @@ -116,9 +116,7 @@ <%if(errorMessage != null){%> <tr> - <td colspan="2"> - <font color="red">${n:i18n("CMS_FILENAME_INVALID")}</font> - </td> + <td><span style="color: red">${n:i18n("CMS_INVALID_PARAMETER")}></span></td> </tr> <%}%>