Beispiel #1
0
        [WebMethod(EnableSession = true)][EditArticles]                          public bool UpdateGuidanceItem(TeamMentor_Article guidanceItem)
        {
            if (guidanceItem.isNull())
            {
                return(false);
            }
            resetCache();
            var result = guidanceItem.xmlDB_Save_Article(tmXmlDatabase);

            this.logUserActivity("Update Article", "{0} ({1})".format(guidanceItem.Metadata.Title, guidanceItem.Metadata.Id));
            return(result);
        }
Beispiel #2
0
        //this causes  double encoding problems with some properties (like the Title on Html Editor) , but removing it opens up more XSS on other viewers (like the Table)
        public static TeamMentor_Article htmlEncode(this TeamMentor_Article article)
        {
            if (article.isNull())
            {
                return(null);
            }
            var metaData = article.Metadata;

            foreach (var prop in metaData.type().properties())
            {
                if (prop.PropertyType == typeof(string))
                {
                    var value = (string)metaData.prop(prop.Name);
                    metaData.prop(prop.Name, Encoder.HtmlEncode(value));
                }
            }
            if (TMConfig.Current.TMSecurity.Sanitize_HtmlContent)
            {
                article.Content.Data.Value = Sanitizer.GetSafeHtmlFragment(article.Content.Data.Value);
                article.Content.Sanitized  = true;
            }

            return(article);
        }
 public bool UpdateGuidanceItem(TeamMentor_Article guidanceItem)
 {
     editArticles.demand();
                                                         if (guidanceItem.isNull())
                                                             return false;
                                                         resetCache();
                                                         var result = guidanceItem.xmlDB_Save_Article(tmXmlDatabase);
                                                         this.logUserActivity("Update Article", "{0} ({1})".format(guidanceItem.Metadata.Title, guidanceItem.Metadata.Id));
                                                         return result;
 }