string ProcessUserHtml(UserInfo user, string html)
{
var tds = new CKEditorTemplateTokenDataSource(Settings.TemplatesFileId);
var tokenReplace = new UserHtmlTokenReplace(PortalSettings, user, ModuleId);
return(HtmlStripper.StripTags(
HttpUtility.HtmlDecode(tokenReplace.ReplaceEnvironmentTokens(tokenReplace.ReplaceCKEditorTemplateTokens(html, tds.Templates))),
false, Settings.StripTags, ",;"
));
}
/// <summary>
/// Handles Click event for Update button
/// </summary>
/// <param name='sender'>
/// Sender.
/// </param>
/// <param name='e'>
/// Event args.
/// </param>
protected void buttonUpdate_Click(object sender, EventArgs e)
{
try {
var userId = GetUserId();
if (userId != null)
{
var dataProvider = new UserHtmlDataProvider();
var item = dataProvider.GetUserHtml(userId.Value, ModuleId);
var isNewItem = (item == null);
// determine if we are adding or updating
// ALT: if (Null.IsNull (itemId))
if (isNewItem)
{
item = new UserHtmlInfo();
}
item.UserHtml = HtmlStripper.StripTags(textUserHtml.Text, true, Settings.StripTags, ",;");
item.ModuleId = ModuleId;
item.UserId = userId.Value;
var now = DateTime.Now;
if (isNewItem)
{
item.CreatedByUserId = UserId;
item.CreatedOnDate = now;
}
item.LastModifiedByUserId = UserId;
item.LastModifiedOnDate = now;
if (isNewItem)
{
dataProvider.Add(item);
SessionUserId = item.UserId;
}
else
{
dataProvider.Update(item);
}
ModuleController.SynchronizeModule(ModuleId);
Response.Redirect(Globals.NavigateURL(), true);
}
}
catch (Exception ex) {
Exceptions.ProcessModuleLoadException(this, ex);
}
}
public void StripTagsTest()
{
Assert.Equal(
"<p>Some content</p>",
HtmlStripper.StripTags(
"<p>Some content</p><script type=\"text/javascript\">alert ('Hello!');</script>",
"script"
)
);
Assert.Equal(
"<div>Some content</div>",
HtmlStripper.StripTags(
"<div>Some content<script>alert ('Hello!');</script></div>",
"script"
)
);
Assert.Equal(
"<p>Some content</p>",
HtmlStripper.StripTags(
"<style type=\"text/css\">p { font-weight:bold; }</style><p>Some content</p><script type=\"text/javascript\">alert ('Hello!');</script>",
"script", "style"
)
);
Assert.Equal(
"<p>Some content</p>",
HtmlStripper.StripTags(
"<style type=\"text/css\">p { font-weight:bold; }</style><p>Some content</p><script type=\"text/javascript\">alert ('Hello!');</script>",
htmlEncoded: false,
tags: "script, style",
tagSeparators: ",;"
)
);
}
