|
|
Input Filtering We can control the data fields in Composr using the fields.xml file which is located in data/fields.xml, this file defines all the restrictions for the website which goes in to the fields. Composr has a special built-in editor just to edit this file so you don't have to manually go to that file to make the changes. You can go to this editor by logging in to your Adminzone and then going to “setup>>field filters”. There you will find the editor with the contents from fields.xml which are basically some pre-defined set of configurations. The root XML tag for the config file is 'fieldRestrictions'. Furthermore, 'qualify' and 'filter' tags can be placed underneath themselves and each other to provide nestings of arbitrary complexity. The 'qualify' tag is used to limit the context under which restriction tags may apply. The 'filter' tag is used to limit the situations under which restriction tags may apply, but it filters based on membership rather than context. Filters - 1) As you might see in pre-defined configuration, in the filter tag, an 'notstaff' flag is set to 1, this means the contained restrictions will only apply to non-staff, if you will leave it out this will apply to all the members. 2) Apart from 'notstaff' we have two other flags , 'groups' and 'members' respectively. In the 'groups' flag you can provide a comma-separated list of usergroup ID numbers to which the contained restrictions will apply, likewise for 'members' flag you can provide a comma-separated list of member ID's. Qualify- 1) The Qualify tag can have three types of attributes namely, pages, types, and fields. 2) In the pages attribute you can provide a comma-separated list of strings of page names where the restrictions have to be applied. 3) Types attribute can have a comma-separated list indicating which types have to be targeted to apply the restrictions. For example the URL 'type' parameters. 4) Fields attribute can have a comma-separated list of names of parameters to which the restrictions have to be applied. For example, you can set add the title to fields like this “ fields='title' ”. Restrictions - Restrictions are what we define within the qualify tag, there are many different types of restriction tags, 'minlength', give an error if the field value does not meet the minimum length. This is useful to prevent people posting poorly completed entries. 'maxlength', give an error if the field value does not meet the maximum length. There are many others like 'shun' which will provide an error if the value doesn't match the contained expression and 'pattern' which will fail if the regular expression doesn't match. We can try the following example to remove the shouting from the news page. This you should find in the predefined configuration you can remove the comments which would make it look something like this, <filter notstaff="1"> <qualify pages="cms_news" types="add,_add" fields="post"> <minLength>5</minLength> <maxLength>32000</maxLength> <shun>Testing</shun> <disallowedWord>shit*</disallowedWord> <disallowedSubstring>I shouldn't be telling you this, but</disallowedSubstring> </qualify> </filter> As you can see the qualify tag defines “cms_news” page in the pages attribute, and there are restrictions like minLength, maxLength, shun, dissallowedWord, which would basically ban or restrict a word from being used in the field, and also we have disallowedSubstring which will provide an error if the field value contains a match for the contained wildcard expression. This is useful as a blocking word-filter. |
|
|
Assigned for tutorial review by Deepu |
|
|
Input Filtering ---------------------- Composr provides a powerful feature for filtering the user input data given through various forms in Composr. The admin users can apply this feature, using an xml config file for defining the filters. This filter system can influence the form results by filtering its input values. The config file is 'fields.xml' which is located in data_custom/fields.xml, this file defines all the restrictions for the website which goes in to the fields. Composr has a special built-in editor just to edit this file so you don't have to manually go to that file to make the changes. You can go to this editor by logging in to your Adminzone and then going to "Setup >> Field filters”. There you can find the editor with the contents from fields.xml file which are basically some predefined set of configurations.(screenshot_001.png) Structure of fields.xml file --------------------------------------- The 'fields.xml' config file mainly contains the following types of xml tags, they are - The root tag 'fieldRestrictions' - The 'qualify' and 'filter' tags - Restriction tags The 'fieldRestrictions' is the root tag in that config xml file. Furthermore, 'qualify' and 'filter' tags can be placed underneath themselves and each other to provide nesting of arbitrary complexity. The 'qualify' tag is used to limit the context under which restriction tags may apply. The 'filter' tag is used to limit the situations under which restriction tags may apply, but it filters based on membership rather than context. The 'qualify' tag : -------------------------- The qualify tag can have the following attributes namely, - pages, indicating the pages on which the contained restrictions apply. - types, indicating the types on which the contained restrictions apply. For example the URL 'type' parameters. - fields, indicating the names of parameters on which the contained restrictions apply. All these three attributes can have more than one values separated by comma. The 'filter' tag : ----------------------- The 'filter' tag also contains the following three optional attributes: - 'notstaff' : If it is set to 1, then the contained restrictions will only apply to non-staff, if you leave it out it will apply to all the members. - 'groups' : In the 'groups' flag you can provide a comma-separated list of usergroup ID numbers to which the contained restrictions will apply. - 'members' : Likewise a comma-separated list of member ID numbers to which the contained restrictions will apply. Restriction tags ------------------------- Restrictions are what we define within the qualify tag, there are many different types of restriction tags, - 'minlength', give an error if the field value does not meet the minimum length. This is useful to prevent people posting poorly completed entries. - 'maxlength', give an error if the field value does not meet the maximum length. There are many others like 'shun' which will provide an error if the value doesn't match the contained expression and 'pattern' which will fail if the regular expression doesn't match. (For more restriction tags refer: http://compo.sr/docs9/tut_fields_filter.htm#title__3 ) We can try the following example to remove the shouting from the news page. This you should find in the predefined configuration you can remove the comments which would make it look something like this, <filter notstaff="1"> <qualify pages="cms_news" types="add,_add" fields="post"> <minLength>5</minLength> <maxLength>32000</maxLength> <shun>Testing</shun> <disallowedWord>shit*</disallowedWord> <disallowedSubstring>I shouldn't be telling you this, but</disallowedSubstring> </qualify> </filter> As you can see the qualify tag defines “cms_news” page in the pages attribute, and there are restrictions like minLength, maxLength, shun, dissallowedWord, which would basically ban or restrict a word from being used in the field, and also we have disallowedSubstring which will provide an error if the field value contains a match for the contained wildcard expression. This is useful as a blocking word-filter. screenshot_001.png (98,154 bytes) |
|
|
Largely duplicates existing tutorial, but did use some wording and added examples to existing tutorial. |
- Anonymous
