From: <xa...@us...> - 2010-06-14 13:00:24
|
Revision: 27619 http://tikiwiki.svn.sourceforge.net/tikiwiki/?rev=27619&view=rev Author: xavidp Date: 2010-06-14 13:00:18 +0000 (Mon, 14 Jun 2010) Log Message: ----------- [ENH]Modified to set only security as the potentially risky param to check and validate. If ommitted, internal security checking is applied by default Modified Paths: -------------- mods/trunk/wiki-plugins/r/lib/wiki-plugins/wikiplugin_r.php Modified: mods/trunk/wiki-plugins/r/lib/wiki-plugins/wikiplugin_r.php =================================================================== --- mods/trunk/wiki-plugins/r/lib/wiki-plugins/wikiplugin_r.php 2010-06-14 12:04:47 UTC (rev 27618) +++ mods/trunk/wiki-plugins/r/lib/wiki-plugins/wikiplugin_r.php 2010-06-14 13:00:18 UTC (rev 27619) @@ -27,64 +27,74 @@ 'documentation' => 'PluginR', 'description' => tra('Parses R syntax and shows the output either from the code introduced between the plugin tags or from the file attached to a tracker item sent through PluginTracker. It can also be combined with Pretty Trackers to edit params from the script through web forms.'), 'prefs' => array( 'wikiplugin_r' ), - 'validate' => 'all', + 'validate' => 'arguments', 'params' => array( 'attId' => array( 'required' => false, + 'safe' => true, 'name' => tra('attId'), 'description' => tra('AttId from a tracker Item attachment. ex: 1. (Optional)'), 'filter' => 'int', ), 'type' => array( 'required' => false, + 'safe' => true, 'name' => tra('type'), 'description' => tra('Choose the source file type in the appropriate mimetype syntax (Optional). Options: text/csv|text/xml. ex: text/csv. (default). For text/xml, you need to have installed library ("R4X") in R at the server. See documentation for more details'), 'filter' => 'striptags', ), 'wikisyntax' => array( 'required' => false, + 'safe' => true, 'name' => tra('wikisyntax'), 'description' => tra('Choose whether the output should be parsed as wiki syntax (Optional). Options: 0 (no parsing, default), 1 (parsing)'), 'filter' => 'int', ), 'width' => array( 'required' => false, + 'safe' => true, 'name' => tra('width'), 'description' => tra('Width of the graph (Optional). Options: an integer number in pixels (default) or in units specified. If ommitted but height is set, width will be proportional to keep aspect ratio'), 'filter' => 'int', ), 'height' => array( 'required' => false, + 'safe' => true, 'name' => tra('height'), 'description' => tra('Height of the graph (Optional). Options: an integer number in inches (default) or in units specified. If ommitted but width is set, height will be proportional to keep aspect ratio'), 'filter' => 'int', ), 'units' => array( 'required' => false, + 'safe' => true, 'name' => tra('units'), 'description' => tra('Choose units for the width and/or height parameters (Optional). Options: px (default) for pixels, in (inches), cm or mm'), 'filter' => 'alpha', ), 'pointsize' => array( 'required' => false, + 'safe' => true, 'name' => tra('pointsize'), 'description' => tra('The default pointsize of plotted text, interpreted as big points (1/72 inch) at res dpi (optional). Options: interger number such as 12 or bigger'), 'filter' => 'int', ), 'bg' => array( 'required' => false, + 'safe' => true, 'name' => tra('bg'), 'description' => tra('The initial background colour (optional). Options: white, yellow, grey, ... and transparent'), 'filter' => 'striptags', ), 'res' => array( 'required' => false, + 'safe' => true, 'name' => tra('res'), 'description' => tra('The nominal resolution in dpi which will be recorded in the bitmap file (if any). Also used for units other than the default, and to convert points to pixels (Optional). Options: a positive integer (default: 72 dpi). Values higher than 150 usually seem to be too much'), 'filter' => 'int', ), 'x11' => array( 'required' => false, + 'safe' => true, 'name' => tra('x11'), 'description' => tra('Choose whether the server can use X11 to produce graphs in R, or alternatively use dev2bitmap instead (Optional). Options: 1 (R has support for X11, default), 0 (no support for X11 thus using dev2bitmap). These capabilities can be checked in the server with the command in the R console: capabilities()'), 'filter' => 'int', @@ -96,6 +106,7 @@ ), */ 'security' => array( 'required' => false, + 'safe' => false, 'name' => tra('security'), 'description' => tra('Set the security level for the R commands allowed by the plugin. ex: 1. (default), 0 for no security checking.'), 'filter' => 'int', This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |