diff options
| author | KatolaZ <katolaz@freaknet.org> | 2017-07-08 07:47:51 +0100 |
|---|---|---|
| committer | KatolaZ <katolaz@freaknet.org> | 2017-07-08 07:47:51 +0100 |
| commit | a6a9f827dee9c98c70aee5bd51f7f7d16f3b8368 (patch) | |
| tree | 4cd40d5d8f2bcec09479b2d9f1cfc18c5b81e87d /templ.go | |
| parent | 363384c445c2b74593cb7b6b153f3cf2463ccd48 (diff) | |
Fixed form parsing and template escaping
Diffstat (limited to 'templ.go')
| -rw-r--r-- | templ.go | 34 |
1 files changed, 15 insertions, 19 deletions
@@ -9,19 +9,18 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * - * You should have received a copy of the GNU Affero General Public + * You should have received a copy of the GNU Affero General Public * License along with this program. If not, see * <http://www.gnu.org/licenses/>. * * (c) Vincenzo "KatolaZ" Nicosia 2017 -- <katolaz@freaknet.org> - * - * - * This file is part of "binnit", a minimal no-fuss pastebin-like + * + * + * This file is part of "binnit", a minimal no-fuss pastebin-like * server written in golang * */ - /* * * minimal Templating support for binnit @@ -35,29 +34,28 @@ import ( "io/ioutil" "os" "regexp" - "strings" "strconv" + "strings" ) -func format_rows(content string) (string) { +func format_rows(content string) string { var ret string lines := strings.Split(content, "\n") ret += "<table class='content'>" - + for l_num, l := range lines { ret += "<tr>\n" - ret += "<td class='lineno'><pre>"+ strconv.Itoa(l_num+1) + "</pre></td>" - ret += "<td class='line'><pre>"+ l +"</pre></td>" + ret += "<td class='lineno'><pre>" + strconv.Itoa(l_num+1) + "</pre></td>" + ret += "<td class='line'><pre>" + l + "</pre></td>" ret += "</tr>" } ret += "</table>" return ret } - func prepare_paste_page(title, date, content, templ_dir string) (string, error) { s := "" @@ -83,28 +81,26 @@ func prepare_paste_page(title, date, content, templ_dir string) (string, error) f_templ, err := os.Open(templ_file) defer f_templ.Close() - if cont, err := ioutil.ReadFile(templ_file); err == nil { tmpl := string(cont) - // ...and replace {{CONTENT}} with the paste itself! re, _ := regexp.Compile("{{TITLE}}") - tmpl = string(re.ReplaceAll([]byte(tmpl), []byte(title))) + tmpl = string(re.ReplaceAllLiteralString(tmpl, title)) re, _ = regexp.Compile("{{DATE}}") - tmpl = string(re.ReplaceAll([]byte(tmpl), []byte(date))) + tmpl = string(re.ReplaceAllLiteralString(tmpl, date)) re, _ = regexp.Compile("{{CONTENT}}") - tmpl = string(re.ReplaceAll([]byte(tmpl), []byte(format_rows(content)))) + tmpl = string(re.ReplaceAllLiteralString(tmpl, format_rows(content))) re, _ = regexp.Compile("{{RAW_CONTENT}}") - tmpl = string(re.ReplaceAll([]byte(tmpl), []byte(content))) + tmpl = string(re.ReplaceAllLiteralString(tmpl, content)) s += tmpl - + } else { return "", errors.New("Error opening template file") } - + // insert footer foot_file := templ_dir + "/footer.html" f_foot, err := os.Open(foot_file) |