Bug #5595: New b:0 will be respected in download links.

cc3aec0f · Carsten Rose · d45a7960 · cc3aec0f · cc3aec0f
Commit cc3aec0f authored 6 years ago by Carsten Rose
--- a/extension/Documentation/Manual.rst
+++ b/extension/Documentation/Manual.rst
@@ -1072,7 +1072,7 @@ The following code will render a 'new person' button::

 	{{p:form&form=Person|s|N|t:new person AS link}}

-For better reading, the format string might be wrapped in single or double quotes (this ist optional): ::
+For better reading, the format string might be wrapped in single or double quotes (this is optional): ::

 	{{"p:form&form=Person|s|N|t:new person" AS link}}

@@ -1275,7 +1275,7 @@ This is in general a good security improvement for directories with user supplie
 File upload
 -----------

-By default the mime type of every uploaded file is checked against a whitelist of allowed mime types. The mime type of
+By default the mime type of every uploaded file is checked against a white list of allowed mime types. The mime type of
 a file can be (easily) faked by an attacker. This check is good to handle regular user file upload for specific file types. To
 prevent attacks against uploading and executing malicous code this won't help.


--- a/extension/qfq/qfq/report/Link.php
+++ b/extension/qfq/qfq/report/Link.php
@@ -559,7 +559,7 @@ class Link {

        // Download Link needs some extra work
        if ($tokenGiven[TOKEN_DOWNLOAD]) {
-            $this->buildDownloadLate($vars);
+            $vars = $this->buildDownloadLate($vars);
        }

        // Final Checks
@@ -1270,6 +1270,9 @@ EOF;

    private function buildDownloadLate($vars) {

+        if ($vars[NAME_BOOTSTRAP_BUTTON] == '') {
+            $vars = $this->buildBootstrapButton($vars, '');
+        }

        $bootstrapButton = $vars[NAME_BOOTSTRAP_BUTTON];
        if ($vars[NAME_BOOTSTRAP_BUTTON] == '0') {
@@ -1295,11 +1298,13 @@ EOF;
        $vars[NAME_URL] = API_DIR . '/' . API_DOWNLOAD_PHP;
        $vars[NAME_LINK_CLASS_DEFAULT] = NO_CLASS;

-        if ($vars[NAME_BOOTSTRAP_BUTTON] == '0') {
-            $vars[NAME_EXTRA_CONTENT_WRAP] = '<button type="button" ' . $attributes . $onClick . '>';
-        } else {
+//        if ($vars[NAME_BOOTSTRAP_BUTTON] == '0') {
+//            $vars[NAME_EXTRA_CONTENT_WRAP] = '<button type="button" ' . $attributes . $onClick . '>';
+//        } else {
            $vars[NAME_EXTRA_CONTENT_WRAP] = '<span ' . $attributes . $onClick . '>';
-        }
+        $vars[NAME_BOOTSTRAP_BUTTON] = '0';
+
+//        }

        return $vars;

@@ -1558,11 +1563,14 @@ EOF;

        $value = trim($value);

-        if (empty($value)) {
-            $vars[NAME_BOOTSTRAP_BUTTON] = 0;
+        if ($value === '0') {
            return $vars;
        }

+        if ($value === '') {
+            $value = 'default';
+        }
+
        // Just in case the user forgot 'btn-' in front of btn-default, btn-primary, btn-su...
        if (substr($value, 0, 4) != 'btn-') {
            $value = 'btn-' . $value;