Commit Graph

221 Commits (7c3ddea71a7431ec455597260759583019740e50)

Author SHA1 Message Date
Frank Ronny Larsen 67cfc1d333 OPPG-470: More potential threats in validator 2013-07-17 12:55:51 +02:00
Svein-Tore Griff With db388d9a14 OPPG-470: Fixed several (potential) security problems
The biggest problem was that no filtering was done on lists because list values wasn't passed by referende through foreach
Also made sure lists where lists and keys where numbers
Made sure libraries only have library and semantics properties
2013-07-17 11:41:23 +02:00
Frank Ronny Larsen 46e4d67c06 Merge branch 'master' of b.amendor.com:h5p 2013-07-16 08:56:10 +02:00
Svein-Tore Griff With b69ee7c2e3 OPPG-436: Rewrote logic so that the entire library processing is skipped if the user doesn't have access to update libraries 2013-07-15 17:36:56 +02:00
Frank Ronny Larsen 6d231499e3 OPPG-459: "multiple" option for semantic type "select"
Specifies that the select shall handle multiple options.
Used by dynamicCheckboxes widget.
2013-07-15 16:25:10 +02:00
Frank Ronny Larsen fcc9ed4e24 Merge branch 'master' of b.amendor.com:h5p 2013-07-15 15:12:51 +02:00
Frank Ronny Larsen ca8aca2678 Validator fixes...
Added better handling of select widget for multiple selects:
 - Test for array, checks each element if found.
 - Tests if valid options are set in semantics, enters "strict" mode if set (allows only said options)
 - Non strict mode allows any option.
 - All set values are htmlspecialcharred, even if strict.
2013-07-15 15:07:53 +02:00
Svein-Tore Griff With 4dfb80a8d9 Move whitelist logic out of drupal and into H5P core 2013-07-13 22:25:18 +02:00
Frank Ronny Larsen 706c61bfe8 Replaced PHP strip_tags with D7 filter_xss. Good thing we cache this.. 2013-07-12 14:49:37 +02:00
Frank Ronny Larsen 7af599ae0d OPPG-413: Merge file handlers, better htmlspecialchars
Filelike objects are now handled by the same code, not 4 copies of it.
htmlspecialchars are now specified as UTF-8 and will encode ALL quotes.
2013-07-11 15:17:26 +02:00
Frank Ronny Larsen fb1b9fc719 OPPG-413: Fixed security hole inserted by validator itself.. 2013-07-11 15:13:15 +02:00
Frank Ronny Larsen 4509626a0d OPPG-413: Changed how HTML is handled for text. Any text widget with tags specified will now be treated as HTML 2013-07-11 14:36:31 +02:00
Frank Ronny Larsen 27345e22f8 BUGFIX: Use , not semantics tags after preprocessing tags, fixes in_array bugs 2013-07-11 13:12:17 +02:00
Frank Ronny Larsen b487f452d6 BUGFIX: Regexp from semantics does not contain delimiters. Add in PHP 2013-07-10 11:02:17 +02:00
Frank Ronny Larsen ec5c3ae1d5 BUGFIX: -> 2013-07-10 10:34:41 +02:00
Frank Ronny Larsen 7ab0309d0c OPPG-413: If using defaults, add extra tags for table etc. too. + Extra validation for image/video/audio 2013-07-10 09:59:35 +02:00
Frank Ronny Larsen ca1e84293a OPPG-413: Use default tag list if no tags are set. 2013-07-09 15:42:30 +02:00
Frank Ronny Larsen d57f4cb109 Merge branch 'master' of b.amendor.com:h5p
Conflicts:
	library/h5p.classes.php
2013-07-09 15:16:36 +02:00
Frank Ronny Larsen ab316a163c OPPG-425: Add hook_alter_h5p_semantics
Also re-adds getLibrarySemantics in core, used by the validator to fetch decoded semantics.
This function is also responsible for calling the hook.
2013-07-09 15:13:09 +02:00
Frode Petterson 9a12f49aea OPPG-413: Added this. 2013-07-09 14:43:22 +02:00
Frank Ronny Larsen 938b38c6f6 Comment fix 2013-07-09 11:01:29 +02:00
Frank Ronny Larsen d3953475f0 Whitespace 2013-07-09 10:14:42 +02:00
Frank Ronny Larsen a247ca470c OPPG-413: Validator just got a little more annoying. Gives warning if mandatory fields are missing in group 2013-07-09 10:10:32 +02:00
Frank Ronny Larsen 6e99a052e2 OPPG-413: BUGFIX: Use isset() to check for existence 2013-07-09 09:41:57 +02:00
Frank Ronny Larsen 1548ebaf94 OPPG-172: Added library whitelist extension
Adds js and css as allowed extensions for library.
Manually add swf if wanted.
2013-07-08 18:22:38 +02:00
Pål Jørgensen 112e1e1108 Merge branch 'master' of b.amendor.com:h5p 2013-07-08 17:12:48 +02:00
Pål Jørgensen 118024d479 Only clearing cache if at least one library was created or updated 2013-07-08 17:12:40 +02:00
Frank Ronny Larsen a7aeefc367 OPPG-414: Removed just in case-code. 2013-07-08 17:02:05 +02:00
Frank Ronny Larsen d2e3558927 OPPG-413: Enable caching, fill default tag list for HTML validation 2013-07-08 16:15:54 +02:00
Frank Ronny Larsen 35e2623e1b OPPG-413: Validation of specific limitations from semantics. 2013-07-08 15:28:45 +02:00
Frank Ronny Larsen 1ca9eff064 OPPG-413: Validation fixes 2013-07-08 14:59:15 +02:00
Frank Ronny Larsen 5f0ba2f2a0 OPPG-413: Validator mostly ready. Huge problems with lists. 2013-07-05 17:35:59 +02:00
Frank Ronny Larsen d1036e9a5a OPPG-172: Added File extentension white list for content
Scan content files to ensure all files comply with the configured
set of valid extensions.
Disallows adding htaccess or php to allowed extension too.
2013-06-30 22:14:16 +02:00
Frank Ronny Larsen 312bd0f8b5 OPPG-414: Specific permission for updating libraries
Added a permission.
Added a new function to H5PFrameworkInterface for testing if allowed to update library
Added apropriate tests.
2013-06-30 16:39:17 +02:00
Frank Ronny Larsen a34d0ea3e7 BUGFIX: Use DIRECTORY_SEPARATOR instead of '/' 2013-06-30 15:32:38 +02:00
Svein-Tore Griff With 0eb3051ca2 Add storage for the extra h5p.json data 2013-05-07 20:55:44 +02:00
Svein-Tore Griff With 8a94973852 Removing external resources 2013-05-07 19:38:52 +02:00
Svein-Tore Griff With da99000fe8 Translation of semantics now working 2013-05-03 11:21:08 +02:00
Svein-Tore Griff With 1a9a9b8b0b Add code for supporting language files. The code doesn't work but doesn't seem to break anything either. 2013-05-02 17:09:48 +02:00
Svein-Tore Griff With 7d25f28a6d Fix bugs after refactoring library validation. Also added camelcase on a variable. 2013-05-01 23:24:58 +02:00
Svein-Tore Griff With 252cb01573 refactoring, not stable 2013-05-01 17:22:09 +02:00
Svein-Tore Griff With 0ab794f67b Allow dots in filenames 2013-04-14 15:31:29 +02:00
Svein-Tore Griff With 1cb36af66e Use '-' instead of '_' in folder names 2013-04-13 15:03:04 +02:00
Svein-Tore Griff With 995e56cf60 Save h5p libraries in folders with understandable names 2013-04-13 14:55:33 +02:00
Svein-Tore Griff With 18b2475918 Do not attempt to save library dependencies for libraries that have already been saved, and also remove previous dependencies for libraries that are beeing patched 2013-04-13 14:11:25 +02:00
Svein-Tore Griff With d51e6e8d01 Fix dependency checking 2013-04-13 13:28:48 +02:00
Frode Petterson 57cc64f28c Added checking for fullscreen. 2013-04-11 14:59:33 +02:00
Frode Petterson 16767e690d Added responsive design to CP.
Added fullscreen option to H5P module.
2013-04-10 17:08:57 +02:00
Frode Petterson 64eda45a14 Added autoload so other modules easily may use our classes.
Moved H5P scripts to library array.
Fixed editor dependencies.
2013-04-03 15:39:59 +02:00
Svein-Tore Griff With 526b2f4042 Add documentation 2013-03-29 16:35:54 +01:00
Svein-Tore Griff With 556b92f438 Add documentation 2013-03-29 16:10:29 +01:00
Svein-Tore Griff With d790299326 Revert "Merge branch 'master' of b.amendor.com:h5p"
This reverts commit 87c44d7d041fbc7b74eee20f70db17bf053bc1e4, reversing
changes made to fc545475b1dc2d699e76392bb8b3ae4ce01a8e1c.
2013-03-09 01:20:55 +01:00
Svein-Tore Griff With 18d3798ec1 Revert "Merged in changes."
This reverts commit 801234f263adc38b91f845019ef114fa65af370a.
2013-03-08 18:30:53 +01:00
Svein-Tore Griff With ec3b36037c Revert "Tried to make H5P work again.."
This reverts commit afcf767628591dbcc4f2a48868d994edfb39209d.
2013-03-08 18:30:38 +01:00
Frode Petterson 98c06da4e6 Tried to make H5P work again.. 2013-03-08 11:51:55 +01:00
Frode Petterson 8177e0a251 Merged in changes. 2013-03-07 17:14:41 +01:00
Frode Petterson 9c934a752a Merge branch 'master' of b.amendor.com:h5p
Conflicts:
	example_content/boardgame/H5P.Boardgame
	example_content/boardgame/H5P.MultiChoice
	example_content/boardgame/H5P.QuestionSet
	example_content/boardgame/h5p.json
	example_content/summary/h5p.json
	h5p.classes.inc
	h5p.install
	h5p.module
2013-03-07 12:39:30 +01:00
Frode Petterson f71bf70561 Added class to libraries. 2013-03-07 12:34:29 +01:00
Svein-Tore Griff With 678f62d10a Fix problem with h5peditor changes not beeing saved when a node is beeing revisioned 2013-03-07 05:31:30 +01:00
Svein-Tore Griff With c5f3b92245 Merge conflicts 2013-03-07 04:19:22 +01:00
Svein-Tore Griff With c996a7b5ea Adding versioning support 2013-03-07 04:12:59 +01:00
Frank Ronny Larsen bf15f46d82 DEVEL: Changed CSS drop procedure 2013-02-28 20:06:18 +01:00
Svein-Tore Griff With 517f7e6e9d Resolve conflicts 2013-02-27 22:49:56 +01:00
Frode Petterson ad828c1984 Fixed php notice. 2013-02-25 15:45:34 +01:00
Svein-Tore Griff With 71763222e2 Save dependencies by library id instead of by machine_name and version 2013-02-24 00:12:57 +01:00
Frank Ronny Larsen 027a32baf1 Fixes for defaultStyles, adds boolean requirement parsing too 2013-02-23 23:29:41 +01:00
Frank Ronny Larsen 4a41265a23 DEVEL: Added defaultStyles setting to library dependencies 2013-02-23 22:51:47 +01:00
Svein-Tore Griff With b1bc724578 Remove already fixed todo item 2013-02-17 15:40:07 +01:00
Svein-Tore Griff With c656710889 Rename H5PFramework to H5PFrameworkInterface (Adopting drupals naming convention for interfaces) 2013-02-17 15:39:26 +01:00
Svein-Tore Griff With a5cb1db6d4 Rename classes and interfaces 2013-02-17 15:04:30 +01:00
Svein-Tore Griff With a2f1798173 Rename store -> save 2013-02-17 14:05:02 +01:00
Svein-Tore Griff With ab90fa41ce Add doc 2013-02-15 11:38:49 +01:00
Svein-Tore Griff With ef00e707ad Working proof of concept for editorLibraries 2013-02-08 04:38:27 +01:00
Svein-Tore Griff With 4e7a445198 Add validation for editor dependencies 2013-02-06 17:39:45 +01:00
Svein-Tore Griff With 7db3def124 Fix undefined function bug 2013-02-05 15:36:39 +01:00
Svein-Tore Griff With a5acd003d0 Rename init to main_library and remove init from libraries, add schema to db 2013-01-27 23:08:48 +01:00
Svein-Tore Griff With 905afe7dde Add the schema to the database 2013-01-25 15:14:29 +01:00
Svein-Tore Griff With c4b3c420fd Minor bug fixes 2013-01-20 16:13:11 +01:00
Svein-Tore Griff With bf286eb664 Merge branch 'master' of intern.amendor.com:h5p 2013-01-20 14:51:01 +01:00
Svein-Tore Griff With 62b6c498c3 Begin adding support for external resources 2013-01-17 23:39:24 +01:00
Svein-Tore Griff With a5e031d81f Store whether or not a library is runnable 2013-01-17 23:21:10 +01:00
Frode Petterson ec7214bc60 Merge branch 'master' of b.amendor.com:h5p 2013-01-17 10:14:03 +01:00
Frode Petterson d7340fad8a Constructive comment. 2013-01-17 10:13:58 +01:00
Svein-Tore Griff With decfb609ab Ignore files starting with . or _ 2013-01-16 22:00:12 +01:00
Frank Ronny Larsen 2d3abae249 Fixes to H5P module
Regex for library names changed to be a lot less restrictive.
Fixes to validation code that assumed stuff. Less strict now too.
Allow multiple JS/CSS files per library.

Attach H5P JS object to targets
2013-01-16 19:39:49 +01:00
Svein-Tore Griff With c283cd83b8 Add comments to the code 2013-01-14 23:47:50 +01:00
Svein-Tore Griff With b364664b27 Adding support for updating nodes 2012-12-22 08:04:09 +01:00
Svein-Tore Griff With 4bc3ea8bf2 Added support for deleting nodes 2012-12-22 07:09:17 +01:00
Svein-Tore Griff With e2bcec52a1 Remove dpm 2012-12-22 06:36:42 +01:00
Svein-Tore Griff With 53bf7fd8a0 Adding support for patching files 2012-12-22 06:35:16 +01:00
falcon 1fa56fad90 Add todo items 2012-12-15 15:45:29 +01:00
falcon a6c118e298 Add todo items 2012-12-04 22:46:15 +01:00
falcon bd3d755ba7 Use library id instead of machine_name to name library folders 2012-12-04 22:35:54 +01:00
falcon 19665aba5a Reconsider versioning system, use major, minor and patch versions 2012-12-04 22:26:20 +01:00
falcon a3045646cb subVersion -> minorVersion 2012-12-04 20:59:44 +01:00
falcon c595c1147a mainVersion -> majorVersion 2012-12-04 20:56:16 +01:00
falcon af6475609e lisence -> license 2012-12-04 20:47:55 +01:00
Svein-Tore Griff With 9f87cf561c Fixed so that node_insert, node_load and node_view works 2012-12-04 15:52:03 +01:00
Svein-Tore Griff With 686df63e9a Fixing spelling error 2012-12-04 09:19:42 +01:00
Svein-Tore Griff With c793e7ce99 Fixing spelling error 2012-12-04 09:19:16 +01:00
falcon 7220b097c1 Fix some bugs 2012-12-03 00:19:25 +01:00
falcon bed42d335a Reconsider main json file and library json files 2012-12-02 21:55:51 +01:00
falcon cff341c984 Finish storage 2012-12-01 22:18:48 +01:00
Svein-Tore Griff With 655a8cd144 Incremental changes 2012-12-01 10:54:15 +01:00
falcon b3caa84446 Fix function naming issue 2012-11-30 23:39:44 +01:00
Svein-Tore Griff With 7984c1bcf5 Incremental work on saving packages 2012-11-30 15:51:39 +01:00
falcon 1e49f83daa Adjustments to validation, and start on insert and update 2012-11-29 22:52:41 +01:00
Svein-Tore Griff With 21c86d02dd Add documentation and also validation of the dependencies in the main h5p.json file 2012-11-29 15:41:06 +01:00
Svein-Tore Griff With 032da68702 Make sure required files and folders exists 2012-11-29 08:57:01 +01:00
Svein-Tore Griff With 8737c75ea3 Validate the main h5p.json file 2012-11-29 08:51:36 +01:00
falcon 9a1cabff9d Add dependency validation 2012-11-28 23:29:22 +01:00
Svein-Tore Griff With 75661ada39 Store library info and prepare for dependency check 2012-11-28 15:31:55 +01:00
Svein-Tore Griff With 6a21c3101b Fix consistence in error reporting 2012-11-28 15:21:34 +01:00
Svein-Tore Griff With 44dfbbc4f6 Validate requirements on the option form 2012-11-28 14:45:54 +01:00
Svein-Tore Griff With 2413be911c Add slashes to regexp 2012-11-28 14:06:55 +01:00
Svein-Tore Griff With d41b47637b Validation functions added 2012-11-28 13:56:42 +01:00
falcon bbddd1be53 Incremental update to library file 2012-11-26 22:48:51 +01:00
Svein-Tore Griff With 692993b00f Add schemas for validating json 2012-11-24 01:09:25 +01:00
Svein-Tore Griff With adcf4288a9 Starting to rewrite the validation according to new content specification 2012-11-23 17:06:03 +01:00
Svein-Tore Griff With 269339228e Move h5p functionality to the library 2012-11-22 14:00:06 +01:00
Svein-Tore Griff With c0633f01af Adding library files etc. (incremental update) 2012-11-21 14:14:07 +01:00