From fd3b2e951400bf69ca9394d752118b6a3c039516 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Fri, 20 Jan 2017 14:10:46 +0300
Subject: juick-server: database tags should not be escaped now
---
.../java/com/juick/www/controllers/Discover.java | 138 ---------------------
.../main/java/com/juick/www/controllers/Tags.java | 134 ++++++++++++++++++++
2 files changed, 134 insertions(+), 138 deletions(-)
delete mode 100644 juick-www/src/main/java/com/juick/www/controllers/Discover.java
create mode 100644 juick-www/src/main/java/com/juick/www/controllers/Tags.java
(limited to 'juick-www/src/main/java/com/juick/www/controllers')
diff --git a/juick-www/src/main/java/com/juick/www/controllers/Discover.java b/juick-www/src/main/java/com/juick/www/controllers/Discover.java
deleted file mode 100644
index e5d17501..00000000
--- a/juick-www/src/main/java/com/juick/www/controllers/Discover.java
+++ /dev/null
@@ -1,138 +0,0 @@
-/*
- * Juick
- * Copyright (C) 2008-2011, Ugnich Anton
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see .
- */
-package com.juick.www.controllers;
-
-import com.juick.service.AdsService;
-import com.juick.service.MessagesService;
-import com.juick.service.TagService;
-import com.juick.www.Utils;
-import com.juick.www.WebApp;
-import org.apache.commons.lang3.CharEncoding;
-import org.apache.commons.lang3.StringEscapeUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-
-import javax.inject.Inject;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.net.URLDecoder;
-import java.net.URLEncoder;
-import java.util.List;
-
-/**
- *
- * @author Ugnich Anton
- */
-@Controller
-public class Discover {
- @Inject
- WebApp webApp;
- @Inject
- MessagesService messagesService;
- @Inject
- TagService tagService;
- @Inject
- AdsService adsService;
- @Inject
- PageTemplates templates;
-
- @RequestMapping(value = "/tag/{tagName}", method = RequestMethod.GET)
- protected void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
-
- String paramTagStr = URLDecoder.decode(request.getRequestURI().substring(5), CharEncoding.UTF_8);
- com.juick.Tag paramTag = tagService.getTag(paramTagStr, false);
- if (paramTag == null) {
- response.sendError(HttpServletResponse.SC_NOT_FOUND);
- return;
- } else if (paramTag.SynonymID > 0 && paramTag.TID != paramTag.SynonymID) {
- com.juick.Tag synTag = tagService.getTag(paramTag.SynonymID);
- String url = "/tag/" + URLEncoder.encode(synTag.getName(), CharEncoding.UTF_8);
- if (request.getQueryString() != null) {
- url += "?" + request.getQueryString();
- }
- Utils.sendPermanentRedirect(response, url);
- return;
- } else if (!paramTag.getName().equals(paramTagStr)) {
- String url = "/tag/" + URLEncoder.encode(paramTag.getName(), CharEncoding.UTF_8);
- if (request.getQueryString() != null) {
- url += "?" + request.getQueryString();
- }
- Utils.sendPermanentRedirect(response, url);
- return;
- }
-
- int paramBefore = 0;
- String paramBeforeStr = request.getParameter("before");
- if (paramBeforeStr != null) {
- try {
- paramBefore = Integer.parseInt(paramBeforeStr);
- } catch (NumberFormatException e) {
- }
- }
-
- int visitor_uid = visitor.getUid();
-
- String title = "*" + StringEscapeUtils.escapeHtml4(paramTag.getName());
- List mids = messagesService.getTag(paramTag.TID, visitor_uid, paramBefore, (visitor_uid == 0) ? 40 : 20);
-
- response.setContentType("text/html; charset=UTF-8");
- try (PrintWriter out = response.getWriter()) {
- String head = StringUtils.EMPTY;
- if (tagService.getTagNoIndex(paramTag.TID)) {
- head = "";
- } else if (paramBefore > 0 || mids.size() < 5) {
- head = "";
- }
- templates.pageHead(out, visitor, title, head);
- templates.pageNavigation(out, visitor, null);
-
- out.println("");
-
- if (mids.size() > 0) {
- int vuid = visitor.getUid();
- int ad_mid = adsService.getAdMid(vuid);
- if (ad_mid > 0 && mids.indexOf(ad_mid) == -1) {
- mids.add(0, ad_mid);
- adsService.logAdMid(vuid, ad_mid);
- } else {
- ad_mid = 0;
- }
-
- templates.printMessages(out, null, mids, visitor, visitor_uid == 0 ? 2 : 3, ad_mid);
- }
-
- if (mids.size() >= 20) {
- String nextpage = "/tag/" + URLEncoder.encode(paramTag.getName(), CharEncoding.UTF_8) + "?before=" + mids.get(mids.size() - 1);
- out.println("Читать дальше →
");
- }
-
- out.println("");
-
- templates.pageHomeColumn(out, visitor);
-
- templates.pageFooter(request, out, visitor, true);
-
- templates.pageEnd(out);
- }
- }
-}
diff --git a/juick-www/src/main/java/com/juick/www/controllers/Tags.java b/juick-www/src/main/java/com/juick/www/controllers/Tags.java
new file mode 100644
index 00000000..ee95d08c
--- /dev/null
+++ b/juick-www/src/main/java/com/juick/www/controllers/Tags.java
@@ -0,0 +1,134 @@
+/*
+ * Juick
+ * Copyright (C) 2008-2011, Ugnich Anton
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+package com.juick.www.controllers;
+
+import com.juick.service.AdsService;
+import com.juick.service.MessagesService;
+import com.juick.service.TagService;
+import com.juick.www.Utils;
+import com.juick.www.WebApp;
+import org.apache.commons.lang3.CharEncoding;
+import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.net.URLDecoder;
+import java.net.URLEncoder;
+import java.util.List;
+
+/**
+ *
+ * @author Ugnich Anton
+ */
+@Controller
+public class Tags {
+ @Inject
+ WebApp webApp;
+ @Inject
+ MessagesService messagesService;
+ @Inject
+ TagService tagService;
+ @Inject
+ AdsService adsService;
+ @Inject
+ PageTemplates templates;
+
+ @RequestMapping(value = "/tag/{tagName}", method = RequestMethod.GET)
+ protected void doGet(HttpServletRequest request,
+ @PathVariable String tagName,
+ @RequestParam(required = false, defaultValue = "0") int before,
+ HttpServletResponse response) throws IOException {
+ com.juick.User visitor = webApp.getVisitorUser(request, response);
+
+ String paramTagStr = URLDecoder.decode(StringEscapeUtils.unescapeHtml4(tagName), CharEncoding.UTF_8);
+ com.juick.Tag paramTag = tagService.getTag(paramTagStr, false);
+ if (paramTag == null) {
+ response.sendError(HttpServletResponse.SC_NOT_FOUND);
+ return;
+ } else if (paramTag.SynonymID > 0 && paramTag.TID != paramTag.SynonymID) {
+ com.juick.Tag synTag = tagService.getTag(paramTag.SynonymID);
+ String url = "/tag/" + URLEncoder.encode(StringEscapeUtils.escapeHtml4(synTag.getName()), CharEncoding.UTF_8);
+ if (request.getQueryString() != null) {
+ url += "?" + request.getQueryString();
+ }
+ Utils.sendPermanentRedirect(response, url);
+ return;
+ } else if (!paramTag.getName().equals(paramTagStr)) {
+ String url = "/tag/" + URLEncoder.encode(StringEscapeUtils.escapeHtml4(paramTag.getName()), CharEncoding.UTF_8);
+ if (request.getQueryString() != null) {
+ url += "?" + request.getQueryString();
+ }
+ Utils.sendPermanentRedirect(response, url);
+ return;
+ }
+
+ int visitor_uid = visitor.getUid();
+
+ String title = "*" + StringEscapeUtils.escapeHtml4(paramTag.getName());
+ List mids = messagesService.getTag(paramTag.TID, visitor_uid, before, (visitor_uid == 0) ? 40 : 20);
+
+ response.setContentType("text/html; charset=UTF-8");
+ try (PrintWriter out = response.getWriter()) {
+ String head = StringUtils.EMPTY;
+ if (tagService.getTagNoIndex(paramTag.TID)) {
+ head = "";
+ } else if (before > 0 || mids.size() < 5) {
+ head = "";
+ }
+ templates.pageHead(out, visitor, title, head);
+ templates.pageNavigation(out, visitor, null);
+
+ out.println("");
+
+ if (mids.size() > 0) {
+ int vuid = visitor.getUid();
+ int ad_mid = adsService.getAdMid(vuid);
+ if (ad_mid > 0 && mids.indexOf(ad_mid) == -1) {
+ mids.add(0, ad_mid);
+ adsService.logAdMid(vuid, ad_mid);
+ } else {
+ ad_mid = 0;
+ }
+
+ templates.printMessages(out, null, mids, visitor, visitor_uid == 0 ? 2 : 3, ad_mid);
+ }
+
+ if (mids.size() >= 20) {
+ String nextpage = "/tag/" + URLEncoder.encode(paramTag.getName(), CharEncoding.UTF_8) + "?before=" + mids.get(mids.size() - 1);
+ out.println("Читать дальше →
");
+ }
+
+ out.println("");
+
+ templates.pageHomeColumn(out, visitor);
+
+ templates.pageFooter(request, out, visitor, true);
+
+ templates.pageEnd(out);
+ }
+ }
+}
--
cgit v1.2.3