version 0.3.29

[fms.git] / src / http / ipagehandler.cpp

diff --git a/src/http/ipagehandler.cpp b/src/http/ipagehandler.cpp
index c9e4a1a..1ec7947 100644 (file)
--- a/src/http/ipagehandler.cpp
+++ b/src/http/ipagehandler.cpp
@@ -1,7 +1,6 @@
 #include "../../include/http/ipagehandler.h"\r
 #include "../../include/stringfunctions.h"\r
 #include "../../include/http/multipartparser.h"\r
-#include "../../include/db/sqlite3db.h"\r
 \r
 #include <Poco/Net/HTMLForm.h>\r
 #include <Poco/UUIDGenerator.h>\r
@@ -54,7 +53,7 @@ const std::string IPageHandler::CreateFormPassword()
        {\r
        }\r
 \r
-       SQLite3DB::Statement st=SQLite3DB::DB::Instance()->Prepare("INSERT INTO tmpFormPassword(Date,Password) VALUES(?,?);");\r
+       SQLite3DB::Statement st=m_db->Prepare("INSERT INTO tmpFormPassword(Date,Password) VALUES(?,?);");\r
        st.Bind(0,Poco::DateTimeFormatter::format(date,"%Y-%m-%d %H:%M:%S"));\r
        st.Bind(1,uuid.toString());\r
        st.Step();\r
@@ -152,19 +151,29 @@ const std::string IPageHandler::SanitizeOutput(const std::string &input)
        return output;\r
 }\r
 \r
+const std::string IPageHandler::SanitizeTextAreaOutput(const std::string &input)\r
+{\r
+       // must do & first because all other elements have & in them!\r
+       std::string output=StringFunctions::Replace(input,"&","&amp;");\r
+       output=StringFunctions::Replace(output,"<","&lt;");\r
+       output=StringFunctions::Replace(output,">","&gt;");\r
+       output=StringFunctions::Replace(output,"\"","&quot;");\r
+       return output;\r
+}\r
+\r
 const bool IPageHandler::ValidateFormPassword(const std::map<std::string,std::string> &vars)\r
 {\r
        Poco::DateTime date;\r
        date-=Poco::Timespan(0,1,0,0,0);\r
 \r
-       SQLite3DB::Statement st=SQLite3DB::DB::Instance()->Prepare("DELETE FROM tmpFormPassword WHERE Date<?;");\r
+       SQLite3DB::Statement st=m_db->Prepare("DELETE FROM tmpFormPassword WHERE Date<?;");\r
        st.Bind(0,Poco::DateTimeFormatter::format(date,"%Y-%m-%d %H:%M:%S"));\r
        st.Step();\r
 \r
        std::map<std::string,std::string>::const_iterator i=vars.find("formpassword");\r
        if(i!=vars.end())\r
        {\r
-               st=SQLite3DB::DB::Instance()->Prepare("SELECT COUNT(*) FROM tmpFormPassword WHERE Password=?;");\r
+               st=m_db->Prepare("SELECT COUNT(*) FROM tmpFormPassword WHERE Password=?;");\r
                st.Bind(0,(*i).second);\r
                st.Step();\r
                if(st.RowReturned())\r
@@ -197,3 +206,15 @@ const bool IPageHandler::ValidateFormPassword(const std::map<std::string,std::st
                return false;\r
        }\r
 }\r
+\r
+const bool IPageHandler::WillHandleURI(const std::string &uri)\r
+{\r
+       if(uri.find(m_pagename)!=std::string::npos)\r
+       {\r
+               return true;\r
+       }\r
+       else\r
+       {\r
+               return false;\r
+       }\r
+}\r