Author: thomas.heute(a)jboss.com
Date: 2009-01-31 11:02:41 -0500 (Sat, 31 Jan 2009)
New Revision: 12750
Modified:
branches/Enterprise_Portal_Platform_4_3/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java
Log:
update error handling
Modified:
branches/Enterprise_Portal_Platform_4_3/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java
===================================================================
---
branches/Enterprise_Portal_Platform_4_3/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java 2009-01-31
16:02:05 UTC (rev 12749)
+++
branches/Enterprise_Portal_Platform_4_3/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java 2009-01-31
16:02:41 UTC (rev 12750)
@@ -925,19 +925,6 @@
folder.setName(sFolderName);
folder.setBasePath(sNewPath);
- if (!CHECK_FOR_XSS_PATTERN.matcher(sFolderName).matches() )
- {
- // Invalid folder name
- aRes.setRenderParameter("op",
CMSAdminConstants.OP_CONFIRM_CREATE_COLLECTION_VALIDATION_ERROR);
- aRes.setRenderParameter("path",
aReq.getParameter("destination"));
-
- //used to remember the data already submitted by the user
- aRes.setRenderParameter("error:message",
CMSAdminConstants.CMS_FOLDERNAME_INVALID);
- aRes.setRenderParameter("error:newcollectionname",
aReq.getParameter("newcollectionname"));
- aRes.setRenderParameter("error:newcollectiondescription",
aReq.getParameter("newcollectiondescription"));
- return;
- }
-
try
{
Command saveCMD =
CMSService.getCommandFactory().createFolderSaveCommand(folder);
@@ -1389,7 +1376,7 @@
String sLanguage = aReq.getParameter("language");
//Perform server side data validation
- if (sFileName == null || sFileName.trim().length() == 0 ||
!CHECK_FOR_XSS_PATTERN.matcher(sFileName).matches() )
+ if (sFileName == null || sFileName.trim().length() == 0)
{
//Validation Error occurred
//FileName should not be empty
@@ -1442,7 +1429,11 @@
Boolean bExists = null;
try
{
- bExists = (Boolean)CMSService.execute(existsCMD);
+ if (!CHECK_FOR_XSS_PATTERN.matcher(content.getBasePath()).matches())
+ {
+ throw new CMSException(content.getBasePath() + " is not a legal
path element");
+ }
+ bExists = (Boolean)CMSService.execute(existsCMD);
}
catch (CMSException cme)
{
Show replies by date