ether · Pita · Feb 14, 2012 · Jan 16, 2012 · Jan 17, 2012 · Jan 17, 2012
diff --git a/bin/checkPad.js b/bin/checkPad.js
@@ -15,7 +15,8 @@ var log4js = require("log4js");
 log4js.setGlobalLogLevel("INFO");
 var async = require("async");
 var db = require('../node/db/DB');
-var Changeset = require('../node/utils/Changeset');
+var CommonCode = require('../node/utils/common_code');
+var Changeset = CommonCode.require("/Changeset");
 var padManager;
 
 async.series([

diff --git a/bin/convert.js b/bin/convert.js
@@ -1,11 +1,12 @@
+var CommonCode = require('../node/utils/common_code');
 var startTime = new Date().getTime();
 var fs = require("fs");
 var ueberDB = require("ueberDB");
 var mysql = require("mysql");
 var async = require("async");
-var Changeset = require("../node/utils/Changeset");
-var randomString = require("../node/utils/randomstring");
-var AttributePoolFactory = require("../node/utils/AttributePoolFactory");
+var Changeset = CommonCode.require("/Changeset");
+var randomString = CommonCode.require('/pad_utils').randomString;
+var AttributePoolFactory = CommonCode.require("/AttributePoolFactory");
 
 var settingsFile = process.argv[2];
 var sqlOutputFile = process.argv[3];

diff --git a/node/db/AuthorManager.js b/node/db/AuthorManager.js
@@ -18,11 +18,11 @@
  * limitations under the License.
  */
 
+var CommonCode = require('../utils/common_code');
 var ERR = require("async-stacktrace");
 var db = require("./DB").db;
 var async = require("async");
-
-var randomString = require("../utils/randomstring");
+var randomString = CommonCode.require('/pad_utils').randomString;
 
 /**
  * Checks if the author exists

diff --git a/node/db/GroupManager.js b/node/db/GroupManager.js
@@ -18,9 +18,10 @@
  * limitations under the License.
  */
 
+var CommonCode = require('../utils/common_code');
 var ERR = require("async-stacktrace");
 var customError = require("../utils/customError");
-var randomString = require("../utils/randomstring");
+var randomString = CommonCode.require('/pad_utils').randomString;
 var db = require("./DB").db;
 var async = require("async");
 var padManager = require("./PadManager");

diff --git a/node/db/Pad.js b/node/db/Pad.js
@@ -2,9 +2,11 @@
  * The pad object, defined with joose
  */
 
+var CommonCode = require('../utils/common_code');
 var ERR = require("async-stacktrace");
-var Changeset = require("../utils/Changeset");
-var AttributePoolFactory = require("../utils/AttributePoolFactory");
+var Changeset = CommonCode.require("/Changeset");
+var AttributePoolFactory = CommonCode.require("/AttributePoolFactory");
+var randomString = CommonCode.require('/pad_utils').randomString;
 var db = require("./DB").db;
 var async = require("async");
 var settings = require('../utils/Settings');
@@ -477,15 +479,7 @@ function hash(password, salt)
 
 function generateSalt()
 {
-  var len = 86;
-  var chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./";
-  var randomstring = '';
-  for (var i = 0; i < len; i++)
-  {
-    var rnum = Math.floor(Math.random() * chars.length);
-    randomstring += chars.substring(rnum, rnum + 1);
-  }
-  return randomstring;
+  return randomstring(86);
 }
 
 function compare(hashStr, password)

diff --git a/node/db/ReadOnlyManager.js b/node/db/ReadOnlyManager.js
@@ -18,11 +18,11 @@
  * limitations under the License.
  */
 
+var CommonCode = require('../utils/common_code');
 var ERR = require("async-stacktrace");
 var db = require("./DB").db;
 var async = require("async");
-
-var randomString = require("../utils/randomstring");
+var randomString = CommonCode.require('/pad_utils').randomString;
 
 /**
  * returns a read only id for a pad

diff --git a/node/db/SecurityManager.js b/node/db/SecurityManager.js
@@ -18,15 +18,15 @@
  * limitations under the License.
  */
 
+var CommonCode = require('../utils/common_code');
 var ERR = require("async-stacktrace");
 var db = require("./DB").db;
 var async = require("async");
 var authorManager = require("./AuthorManager");
 var padManager = require("./PadManager");
 var sessionManager = require("./SessionManager");
 var settings = require("../utils/Settings")
-
-var randomString = require("../utils/randomstring");
+var randomString = CommonCode.require('/pad_utils').randomString;
 
 /**
  * This function controlls the access to a pad, it checks if the user can access a pad.

diff --git a/node/db/SessionManager.js b/node/db/SessionManager.js
@@ -18,9 +18,10 @@
  * limitations under the License.
  */
 
+var CommonCode = require('../utils/common_code');
 var ERR = require("async-stacktrace");
 var customError = require("../utils/customError");
-var randomString = require("../utils/randomstring");
+var randomString = CommonCode.require('/pad_utils').randomString;
 var db = require("./DB").db;
 var async = require("async");
 var groupMangager = require("./GroupManager");

diff --git a/node/easysync_tests.js b/node/easysync_tests.js
@@ -20,8 +20,9 @@
  * limitations under the License.
  */
 
-var Changeset = require('./utils/Changeset');
-var AttributePoolFactory = require("./utils/AttributePoolFactory");
+var CommonCode = require('./utils/common_code');
+var Changeset = CommonCode.require("/Changeset");
+var AttributePoolFactory = CommonCode.require("/AttributePoolFactory");
 
 function random() {
   this.nextInt = function (maxValue) {

diff --git a/node/handler/APIHandler.js b/node/handler/APIHandler.js
@@ -18,11 +18,12 @@
  * limitations under the License.
  */
 
+var CommonCode = require('../utils/common_code');
 var ERR = require("async-stacktrace");
 var fs = require("fs");
 var api = require("../db/API");
 var padManager = require("../db/PadManager");
-var randomString = require("../utils/randomstring");
+var randomString = CommonCode.require('/pad_utils').randomString;
 
 //ensure we have an apikey
 var apikey = null;

diff --git a/node/handler/PadMessageHandler.js b/node/handler/PadMessageHandler.js
@@ -18,11 +18,12 @@
  * limitations under the License.
  */
 
+var CommonCode = require('../utils/common_code');
 var ERR = require("async-stacktrace");
 var async = require("async");
 var padManager = require("../db/PadManager");
-var Changeset = require("../utils/Changeset");
-var AttributePoolFactory = require("../utils/AttributePoolFactory");
+var Changeset = CommonCode.require("/Changeset");
+var AttributePoolFactory = CommonCode.require("/AttributePoolFactory");
 var authorManager = require("../db/AuthorManager");
 var readOnlyManager = require("../db/ReadOnlyManager");
 var settings = require('../utils/Settings');

diff --git a/node/handler/TimesliderMessageHandler.js b/node/handler/TimesliderMessageHandler.js
@@ -18,11 +18,12 @@
  * limitations under the License.
  */
 
+var CommonCode = require('../utils/common_code');
 var ERR = require("async-stacktrace");
 var async = require("async");
 var padManager = require("../db/PadManager");
-var Changeset = require("../utils/Changeset");
-var AttributePoolFactory = require("../utils/AttributePoolFactory");
+var Changeset = CommonCode.require("/Changeset");
+var AttributePoolFactory = CommonCode.require("/AttributePoolFactory");
 var settings = require('../utils/Settings');
 var authorManager = require("../db/AuthorManager");
 var log4js = require('log4js');

diff --git a/node/utils/ExportDokuWiki.js b/node/utils/ExportDokuWiki.js
@@ -15,7 +15,8 @@
  */
 
 var async = require("async");
-var Changeset = require("./Changeset");
+var CommonCode = require('./common_code');
+var Changeset = CommonCode.require("/Changeset");
 var padManager = require("../db/PadManager");
 
 function getPadDokuWiki(pad, revNum, callback)

diff --git a/node/utils/ExportHtml.js b/node/utils/ExportHtml.js
@@ -14,10 +14,12 @@
  * limitations under the License.
  */
 
+var CommonCode = require('./common_code');
 var async = require("async");
-var Changeset = require("./Changeset");
+var Changeset = CommonCode.require("/Changeset");
 var padManager = require("../db/PadManager");
 var ERR = require("async-stacktrace");
+var Security = CommonCode.require('/security');
 
 function getPadPlainText(pad, revNum)
 {
@@ -269,7 +271,7 @@ function getHTMLFromAtext(pad, atext)
         //from but they break the abiword parser and are completly useless
         s = s.replace(String.fromCharCode(12), "");
 
-        assem.append(_escapeHTML(s));
+        assem.append(_encodeWhitespace(Security.escapeHTML(s)));
       } // end iteration over spans in line
 
       var tags2close = [];
@@ -292,7 +294,7 @@ function getHTMLFromAtext(pad, atext)
         var url = urlData[1];
         var urlLength = url.length;
         processNextChars(startIndex - idx);
-        assem.append('<a href="' + _escapeHTML(url) + '">');
+        assem.append('<a href="' + Security.escapeHTMLAttribute(url) + '">');
         processNextChars(urlLength);
         assem.append('</a>');
       });
@@ -493,25 +495,7 @@ exports.getPadHTMLDocument = function (padId, revNum, noDocType, callback)
   });
 }
 
-function _escapeHTML(s)
-{
-  var re = /[&"<>]/g;
-  if (!re.MAP)
-  {
-    // persisted across function calls!
-    re.MAP = {
-      '&': '&amp;',
-      '"': '&quot;',
-      '<': '&lt;',
-      '>': '&gt;'
-    };
-  }
-
-  s = s.replace(re, function (c)
-  {
-    return re.MAP[c];
-  });
-
+function _encodeWhitespace(s) {
   return s.replace(/[^\x21-\x7E\s\t\n\r]/g, function(c)
   {
     return "&#" +c.charCodeAt(0) + ";"

diff --git a/node/utils/ImportHtml.js b/node/utils/ImportHtml.js
@@ -17,9 +17,10 @@
 var jsdom = require('jsdom-nocontextifiy').jsdom;
 var log4js = require('log4js');
 
-var Changeset = require("./Changeset");
-var contentcollector = require("./contentcollector");
-var map = require("../../static/js/ace2_common.js").map;
+var CommonCode = require('../utils/common_code');
+var Changeset = CommonCode.require("/Changeset");
+var contentcollector = CommonCode.require("/contentcollector");
+var map = CommonCode.require("/ace2_common").map;
 
 function setPadHTML(pad, html, callback)
 {

diff --git a/node/utils/common_code.js b/node/utils/common_code.js
@@ -0,0 +1,22 @@
+/**
+ * Copyright 2009 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS-IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+var RequireKernel = require('require-kernel/');
+
+var CLIENT_JS_SRC = __dirname + '/../../static/js/';
+var client_require = RequireKernel.requireForPaths('file://' + CLIENT_JS_SRC);
+
+exports.require = client_require;