From a9be0691d9efd84cbf5a9f05236caf4df23bcfdb Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 19 May 2012 11:28:46 -0700 Subject: Create an ajax response framework that inserts tags to guard against UTF-7, and create a $.gallery_autocomplete variant of jQuery's autocomplete that expects the first line to be a tag and discards it. More complete fix for #1871. --- modules/tag/controllers/tags.php | 4 ++-- modules/tag/helpers/tag_event.php | 4 ++-- modules/tag/views/tag_block.html.php | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) (limited to 'modules/tag') diff --git a/modules/tag/controllers/tags.php b/modules/tag/controllers/tags.php index edb8c89b..9af3843e 100644 --- a/modules/tag/controllers/tags.php +++ b/modules/tag/controllers/tags.php @@ -57,9 +57,9 @@ class Tags_Controller extends Controller { ->limit($limit) ->find_all(); foreach ($tag_list as $tag) { - $tags[] = $tag->name; + $tags[] = html::clean($tag->name); } - print implode("\n", $tags); + ajax::response(implode("\n", $tags)); } } diff --git a/modules/tag/helpers/tag_event.php b/modules/tag/helpers/tag_event.php index d4f1c757..d2757219 100644 --- a/modules/tag/helpers/tag_event.php +++ b/modules/tag/helpers/tag_event.php @@ -72,7 +72,7 @@ class tag_event_Core { $url = url::site("tags/autocomplete"); $form->script("") ->text("$('form input[name=tags]').ready(function() { - $('form input[name=tags]').autocomplete( + $('form input[name=tags]').gallery_autocomplete( '$url', {max: 30, multiple: true, multipleSeparator: ',', cacheLength: 1}); });"); @@ -123,7 +123,7 @@ class tag_event_Core { $autocomplete_url = url::site("tags/autocomplete"); $group->script("") ->text("$('input[name=tags]') - .autocomplete( + .gallery_autocomplete( '$autocomplete_url', {max: 30, multiple: true, multipleSeparator: ',', cacheLength: 1} ) diff --git a/modules/tag/views/tag_block.html.php b/modules/tag/views/tag_block.html.php index 98fa0d4f..d25b8dcb 100644 --- a/modules/tag/views/tag_block.html.php +++ b/modules/tag/views/tag_block.html.php @@ -2,7 +2,7 @@