Index: /FCKeditor/releases/latest/_samples/asp/sample02.asp
===================================================================
--- /FCKeditor/releases/latest/_samples/asp/sample02.asp (revision 3824)
+++ /FCKeditor/releases/latest/_samples/asp/sample02.asp (revision 3825)
@@ -87,4 +87,10 @@
sBasePath = Left( sBasePath, InStrRev( sBasePath, "/_samples" ) )
+'This RegExp is used to sanitize recived lang parameter
+Dim oRegex
+Set oRegex = New RegExp
+oRegex.Global = True
+oRegex.Pattern = "[^a-z\-]"
+
Dim oFCKeditor
Set oFCKeditor = New FCKeditor
@@ -96,5 +102,5 @@
Else
oFCKeditor.Config("AutoDetectLanguage") = False
- oFCKeditor.Config("DefaultLanguage") = Request.QueryString("Lang")
+ oFCKeditor.Config("DefaultLanguage") = oRegex.Replace( Request.QueryString("Lang"), "")
End If
Index: /FCKeditor/releases/latest/_samples/asp/sample03.asp
===================================================================
--- /FCKeditor/releases/latest/_samples/asp/sample03.asp (revision 3824)
+++ /FCKeditor/releases/latest/_samples/asp/sample03.asp (revision 3825)
@@ -75,4 +75,10 @@
sBasePath = Left( sBasePath, InStrRev( sBasePath, "/_samples" ) )
+'This RegExp is used to sanitize recived toolbar parameter
+Dim oRegex
+Set oRegex = New RegExp
+oRegex.Global = True
+oRegex.Pattern = "[^a-zA-Z]"
+
Dim oFCKeditor
Set oFCKeditor = New FCKeditor
@@ -80,5 +86,5 @@
If Request.QueryString("Toolbar") <> "" Then
- oFCKeditor.ToolbarSet = Server.HTMLEncode( Request.QueryString("Toolbar") )
+ oFCKeditor.ToolbarSet = oRegex.Replace( Request.QueryString("Toolbar"), "" )
End If
Index: /FCKeditor/releases/latest/_samples/asp/sample04.asp
===================================================================
--- /FCKeditor/releases/latest/_samples/asp/sample04.asp (revision 3824)
+++ /FCKeditor/releases/latest/_samples/asp/sample04.asp (revision 3825)
@@ -81,4 +81,10 @@
sBasePath = Left( sBasePath, InStrRev( sBasePath, "/_samples" ) )
+'This RegExp is used to sanitize recived skin parameter
+Dim oRegex
+Set oRegex = New RegExp
+oRegex.Global = True
+oRegex.Pattern = "[^a-zA-Z0-9]"
+
Dim oFCKeditor
Set oFCKeditor = New FCKeditor
@@ -86,5 +92,5 @@
If Request.QueryString("Skin") <> "" Then
- oFCKeditor.Config("SkinPath") = sBasePath + "editor/skins/" & Server.HTMLEncode( Request.QueryString("Skin") ) + "/"
+ oFCKeditor.Config("SkinPath") = sBasePath + "editor/skins/" & oRegex.Replace( Request.QueryString("Skin"), "" ) + "/"
End If
Index: /FCKeditor/releases/latest/_samples/asp/sampleposteddata.asp
===================================================================
--- /FCKeditor/releases/latest/_samples/asp/sampleposteddata.asp (revision 3824)
+++ /FCKeditor/releases/latest/_samples/asp/sampleposteddata.asp (revision 3825)
@@ -48,5 +48,5 @@
%>
- <%=sForm%> |
+ <%=Server.HTMLEncode( sForm )%> |
<%=Server.HTMLEncode( Request.Form(sForm) )%> |
Index: /FCKeditor/releases/latest/_samples/cfm/sample02.cfm
===================================================================
--- /FCKeditor/releases/latest/_samples/cfm/sample02.cfm (revision 3824)
+++ /FCKeditor/releases/latest/_samples/cfm/sample02.cfm (revision 3825)
@@ -83,5 +83,5 @@
-
+
Index: /FCKeditor/releases/latest/_samples/cfm/sample02_mx.cfm
===================================================================
--- /FCKeditor/releases/latest/_samples/cfm/sample02_mx.cfm (revision 3824)
+++ /FCKeditor/releases/latest/_samples/cfm/sample02_mx.cfm (revision 3825)
@@ -96,5 +96,5 @@
{
fckEditor.config["AutoDetectLanguage"] = false ;
- fckEditor.config["DefaultLanguage"] = HTMLEditFormat( URL.Lang ) ;
+ fckEditor.config["DefaultLanguage"] = REReplaceNoCase( URL.Lang, "[^a-z\-]", "", "all" ) ;
}
else
Index: /FCKeditor/releases/latest/_samples/cfm/sample03.cfm
===================================================================
--- /FCKeditor/releases/latest/_samples/cfm/sample03.cfm (revision 3824)
+++ /FCKeditor/releases/latest/_samples/cfm/sample03.cfm (revision 3825)
@@ -68,5 +68,5 @@
-
+
Index: /FCKeditor/releases/latest/_samples/cfm/sample03_mx.cfm
===================================================================
--- /FCKeditor/releases/latest/_samples/cfm/sample03_mx.cfm (revision 3824)
+++ /FCKeditor/releases/latest/_samples/cfm/sample03_mx.cfm (revision 3825)
@@ -82,5 +82,5 @@
if ( isDefined( "URL.Toolbar" ) )
{
- fckEditor.ToolbarSet = HTMLEditFormat( URL.Toolbar ) ;
+ fckEditor.ToolbarSet = REReplaceNoCase( URL.Toolbar, "[^a-z]", "", "all" ) ;
}
fckEditor.create() ; // create the editor.
Index: /FCKeditor/releases/latest/_samples/cfm/sample04.cfm
===================================================================
--- /FCKeditor/releases/latest/_samples/cfm/sample04.cfm (revision 3824)
+++ /FCKeditor/releases/latest/_samples/cfm/sample04.cfm (revision 3825)
@@ -78,5 +78,5 @@
-
+
Index: /FCKeditor/releases/latest/_samples/cfm/sample04_mx.cfm
===================================================================
--- /FCKeditor/releases/latest/_samples/cfm/sample04_mx.cfm (revision 3824)
+++ /FCKeditor/releases/latest/_samples/cfm/sample04_mx.cfm (revision 3825)
@@ -88,5 +88,5 @@
if ( isDefined( "URL.Skin" ) )
{
- fckEditor.config['SkinPath'] = basePath & 'editor/skins/' & HTMLEditFormat( URL.Skin ) & '/' ;
+ fckEditor.config['SkinPath'] = basePath & 'editor/skins/' & REReplaceNoCase( URL.Skin, "[^a-z0-9]", "", "all" ) & '/' ;
}
fckEditor.create() ; // create the editor.
Index: /FCKeditor/releases/latest/_samples/cfm/sampleposteddata.cfm
===================================================================
--- /FCKeditor/releases/latest/_samples/cfm/sampleposteddata.cfm (revision 3824)
+++ /FCKeditor/releases/latest/_samples/cfm/sampleposteddata.cfm (revision 3825)
@@ -35,5 +35,4 @@
This page lists all data posted by the form.
-
@@ -49,20 +48,23 @@
FieldNames |
- #FORM.fieldNames# |
+ #HTMLEditFormat( FORM.fieldNames )# |
-
- #key# |
- #HTMLEditFormat( evaluate( "FORM.#key#" ) )# |
-
+
+ #HTMLEditFormat( key )# |
+
+
+
+ #HTMLEditFormat( evaluate( "FORM.#key#" ) )#
+
+
+
+
+ |
+
-
-
-
-
-