diff --git a/action.php b/action.php index 517fc29..ac57152 100644 --- a/action.php +++ b/action.php @@ -106,4 +106,36 @@ switch ($VARS['action']) { $note->saveNote(); returnToSender(""); break; + case "maketodolist": + if (empty($VARS['noteid'])) { + die($Strings->get("invalid parameters")); + } + $note = Note::loadNote($VARS['noteid']); + if (!$note->hasWriteAccess(new User($_SESSION['uid']))) { + die($Strings->get("invalid parameters")); + } + $note->toChecklist(); + $note->saveNote(); + returnToSender(""); + break; + case "togglecheckitem": + if (empty($VARS['noteid'])) { + die($Strings->get("invalid parameters")); + } + $note = Note::loadNote($VARS['noteid']); + if (!$note->hasWriteAccess(new User($_SESSION['uid']))) { + die($Strings->get("invalid parameters")); + } + + if (!empty($VARS['text'])) { + $note->toggleChecklistItem($VARS['text']); + $note->saveNote(); + } + + if (isset($VARS['reload'])) { + returnToSender(""); + } else { + http_response_code(204); + } + break; } \ No newline at end of file diff --git a/composer.json b/composer.json index 3542cee..1c00eec 100644 --- a/composer.json +++ b/composer.json @@ -5,7 +5,10 @@ "require": { "catfan/medoo": "^1.5", "guzzlehttp/guzzle": "^6.2", - "erusev/parsedown": "^1.7" + "erusev/parsedown": "^1.7", + "leblanc-simon/parsedown-checkbox": "^0.0.2", + "erusev/parsedown-extra": "^0.7.1", + "vanilla/htmlawed": "v2.2.4.1" }, "license": "MPL-2.0", "authors": [ diff --git a/composer.lock b/composer.lock index b680b7d..10fd048 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "1aea304797149ba2b5bccc0f6d82c060", + "content-hash": "b50c578394552657e0fcab936a4b1a01", "packages": [ { "name": "catfan/medoo", @@ -111,6 +111,50 @@ ], "time": "2018-03-08T01:11:30+00:00" }, + { + "name": "erusev/parsedown-extra", + "version": "0.7.1", + "source": { + "type": "git", + "url": "https://github.com/erusev/parsedown-extra.git", + "reference": "0db5cce7354e4b76f155d092ab5eb3981c21258c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/erusev/parsedown-extra/zipball/0db5cce7354e4b76f155d092ab5eb3981c21258c", + "reference": "0db5cce7354e4b76f155d092ab5eb3981c21258c", + "shasum": "" + }, + "require": { + "erusev/parsedown": "~1.4" + }, + "type": "library", + "autoload": { + "psr-0": { + "ParsedownExtra": "" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Emanuil Rusev", + "email": "hello@erusev.com", + "homepage": "http://erusev.com" + } + ], + "description": "An extension of Parsedown that adds support for Markdown Extra.", + "homepage": "https://github.com/erusev/parsedown-extra", + "keywords": [ + "markdown", + "markdown extra", + "parsedown", + "parser" + ], + "time": "2015-11-01T10:19:22+00:00" + }, { "name": "guzzlehttp/guzzle", "version": "6.3.3", @@ -292,6 +336,51 @@ ], "time": "2017-03-20T17:10:46+00:00" }, + { + "name": "leblanc-simon/parsedown-checkbox", + "version": "0.0.2", + "source": { + "type": "git", + "url": "https://github.com/leblanc-simon/parsedown-checkbox.git", + "reference": "abd857aafc890f55421c87cb9b3cfe9b2791f23f" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/leblanc-simon/parsedown-checkbox/zipball/abd857aafc890f55421c87cb9b3cfe9b2791f23f", + "reference": "abd857aafc890f55421c87cb9b3cfe9b2791f23f", + "shasum": "" + }, + "require": { + "erusev/parsedown-extra": "^0.7.1" + }, + "type": "library", + "autoload": { + "files": [ + "ParsedownCheckbox.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Simon Leblanc", + "email": "contact@leblanc-simon.eu", + "homepage": "https://www.leblanc-simon.fr" + } + ], + "description": "An extension of Parsedown and ParsedownExtra that adds support for checkbox", + "homepage": "https://github.com/leblanc-simon/parsedown-checkbox", + "keywords": [ + "checkbox", + "markdown", + "markdown extra", + "parsedown", + "parser" + ], + "time": "2017-05-10T03:43:13+00:00" + }, { "name": "psr/http-message", "version": "1.0.1", @@ -341,6 +430,45 @@ "response" ], "time": "2016-08-06T14:39:51+00:00" + }, + { + "name": "vanilla/htmlawed", + "version": "v2.2.4.1", + "source": { + "type": "git", + "url": "https://github.com/vanilla/htmlawed.git", + "reference": "58651edbc4c45a2d6b5254b8a9a69dc63ff1457b" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/vanilla/htmlawed/zipball/58651edbc4c45a2d6b5254b8a9a69dc63ff1457b", + "reference": "58651edbc4c45a2d6b5254b8a9a69dc63ff1457b", + "shasum": "" + }, + "require": { + "php": ">=5.4.0" + }, + "require-dev": { + "tburry/pquery": "~1.0.1" + }, + "type": "library", + "autoload": { + "classmap": [ + "src/Htmlawed.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "LGPL-3.0" + ], + "authors": [ + { + "name": "Todd Burry", + "email": "todd@vanillaforums.com" + } + ], + "description": "A composer wrapper for the htmLawed library to purify & filter HTML. Tested with PHPUnit and PhantomJS!", + "time": "2017-09-13T19:20:25+00:00" } ], "packages-dev": [], diff --git a/langs/en/notes.json b/langs/en/notes.json index 305141d..1ddc0b5 100644 --- a/langs/en/notes.json +++ b/langs/en/notes.json @@ -12,5 +12,7 @@ "Cancel": "Cancel", "Save": "Save", "Close": "Close", - "Refresh": "Refresh" + "Refresh": "Refresh", + "Make a List": "Make a List", + "More": "More" } diff --git a/lib/Note.lib.php b/lib/Note.lib.php index 1380453..c7ed319 100644 --- a/lib/Note.lib.php +++ b/lib/Note.lib.php @@ -116,9 +116,19 @@ class Note { * @return string */ public function getHTML(bool $fragment = true): string { - $parsedown = new Parsedown; - $parsedown->setSafeMode(true); - return $parsedown->text($this->content); + $parsedown = new ParsedownCheckbox(); + $html = $parsedown->text($this->content); + $safehtml = Htmlawed::filter($html, ['safe' => 1]); + if ($fragment) { + return $safehtml; + } + $document = "\n" + . "\n" + . "\n" + . "