Author: thomas.heute(a)jboss.com Date: 2009-01-31 03:57:18 -0500 (Sat, 31 Jan 2009) New Revision: 12743 Modified: branches/Enterprise_Portal_Platform_4_3/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java Log: minor Modified: branches/Enterprise_Portal_Platform_4_3/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java =================================================================== --- branches/Enterprise_Portal_Platform_4_3/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java 2009-01-30 23:17:10 UTC (rev 12742) +++ branches/Enterprise_Portal_Platform_4_3/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java 2009-01-31 08:57:18 UTC (rev 12743) @@ -62,6 +62,7 @@ import org.jboss.portal.search.impl.jcr.JCRQuery; import org.jboss.portal.search.impl.jcr.JCRQueryConverter; import org.jboss.portal.security.PortalPermission; +import org.jboss.portal.server.ParameterSanitizer; import org.jboss.portal.server.request.URLContext; import org.jboss.portal.server.request.URLFormat; import org.jboss.portal.workflow.WorkflowException; @@ -237,13 +238,13 @@ String sPath = rReq.getParameter("path"); if (sPath != null) { - sPath = ParameterValidation.sanitizeFromPattern(sPath, CHECK_FOR_XSS_PATTERN, SLASH); + sPath = ParameterSanitizer.sanitizeFromPattern(sPath, CHECK_FOR_XSS_PATTERN, SLASH); } String sNavPath = rReq.getParameter("navpath"); if (sNavPath != null) { - sNavPath = ParameterValidation.sanitizeFromPattern(sNavPath, CHECK_FOR_XSS_PATTERN, SLASH); + sNavPath = ParameterSanitizer.sanitizeFromPattern(sNavPath, CHECK_FOR_XSS_PATTERN, SLASH); } if (op == null) @@ -552,7 +553,7 @@ rRes.setContentType("text/html"); rReq.setAttribute("currpath", sPath); String language = rReq.getParameter("language"); - ParameterValidation.sanitizeFromPattern(language, CHECK_FOR_XSS_PATTERN, "en"); + ParameterSanitizer.sanitizeFromPattern(language, CHECK_FOR_XSS_PATTERN, "en"); rReq.setAttribute("language", language); javax.portlet.PortletRequestDispatcher prd = getPortletContext().getRequestDispatcher(CMSAdminConstants.CMS_JSP_PATH + "/editbinary.jsp"); prd.include(rReq, rRes); @@ -625,7 +626,7 @@ else if (CMSAdminConstants.OP_EDIT.equals(op)) { String sLanguage = rReq.getParameter("language"); - ParameterValidation.sanitizeFromPattern(sLanguage, CHECK_FOR_XSS_PATTERN, "en"); + ParameterSanitizer.sanitizeFromPattern(sLanguage, CHECK_FOR_XSS_PATTERN, "en"); String sVersion = rReq.getParameter("version"); @@ -707,7 +708,7 @@ else if (CMSAdminConstants.OP_EXPORTARCHIVE_PICKUP.equals(op)) { String sPickupFile = rReq.getParameter("filepath"); - ParameterValidation.sanitizeFromPattern(sPickupFile, CHECK_FOR_XSS_PATTERN, SLASH); + ParameterSanitizer.sanitizeFromPattern(sPickupFile, CHECK_FOR_XSS_PATTERN, SLASH); rRes.setContentType("text/html"); PortletRequestDispatcher prd = null; @@ -986,7 +987,7 @@ if (!item.isFormField()) { String sFilename = item.getName(); - sFilename = ParameterValidation.sanitizeFromPattern(sFilename, CHECK_FOR_XSS_PATTERN, ""); + sFilename = ParameterSanitizer.sanitizeFromPattern(sFilename, CHECK_FOR_XSS_PATTERN, ""); if (!"".equals(sFilename)) { @@ -1050,7 +1051,7 @@ { String fieldName = item.getFieldName(); String itemValue = item.getString(aReq.getCharacterEncoding()); - itemValue = ParameterValidation.sanitizeFromPattern(itemValue, CHECK_FOR_XSS_PATTERN, ""); + itemValue = ParameterSanitizer.sanitizeFromPattern(itemValue, CHECK_FOR_XSS_PATTERN, ""); if ("destination".equals(fieldName)) { sPath = itemValue;