Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Set safeMode to true and use helper for all parsedown
Signed-off-by: snipe <snipe@snipe.net>
  • Loading branch information
snipe committed Aug 29, 2022
1 parent e8f2e50 commit 9cf5f30
Show file tree
Hide file tree
Showing 11 changed files with 29 additions and 31 deletions.
5 changes: 3 additions & 2 deletions app/Helpers/Helper.php
Expand Up @@ -22,12 +22,13 @@ class Helper
* @since [v2.0]
* @return string
*/
public static function parseEscapedMarkedown($str)
public static function parseEscapedMarkedown($str = null)
{
$Parsedown = new \Parsedown();
$Parsedown->setSafeMode(true);

if ($str) {
return $Parsedown->text(e($str));
return $Parsedown->text($str);
}
}

Expand Down
8 changes: 4 additions & 4 deletions app/Models/Accessory.php
Expand Up @@ -2,6 +2,7 @@

namespace App\Models;

use App\Helpers\Helper;
use App\Models\Traits\Acceptable;
use App\Models\Traits\Searchable;
use App\Presenters\Presentable;
Expand Down Expand Up @@ -299,15 +300,14 @@ public function requireAcceptance()
*/
public function getEula()
{
$Parsedown = new \Parsedown();

if ($this->category->eula_text) {
return $Parsedown->text(e($this->category->eula_text));
return Helper::parseEscapedMarkedown($this->category->eula_text);
} elseif ((Setting::getSettings()->default_eula_text) && ($this->category->use_default_eula == '1')) {
return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
return Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
}

return null;
return null;
}

/**
Expand Down
8 changes: 4 additions & 4 deletions app/Models/Asset.php
Expand Up @@ -5,6 +5,7 @@
use App\Events\AssetCheckedOut;
use App\Events\CheckoutableCheckedOut;
use App\Exceptions\CheckoutNotAllowed;
use App\Helpers\Helper;
use App\Http\Traits\UniqueSerialTrait;
use App\Http\Traits\UniqueUndeletedTrait;
use App\Models\Traits\Acceptable;
Expand Down Expand Up @@ -875,13 +876,12 @@ public function requireAcceptance()
*/
public function getEula()
{
$Parsedown = new \Parsedown();


if (($this->model) && ($this->model->category)) {
if ($this->model->category->eula_text) {
return $Parsedown->text(e($this->model->category->eula_text));
return Helper::parseEscapedMarkedown($this->model->category->eula_text);
} elseif ($this->model->category->use_default_eula == '1') {
return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
return Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
} else {
return false;
}
Expand Down
6 changes: 3 additions & 3 deletions app/Models/Category.php
Expand Up @@ -9,6 +9,7 @@
use Illuminate\Database\Eloquent\SoftDeletes;
use Illuminate\Support\Facades\Gate;
use Watson\Validating\ValidatingTrait;
use App\Helpers\Helper;

/**
* Model for Categories. Categories are a higher-level group
Expand Down Expand Up @@ -207,12 +208,11 @@ public function models()
*/
public function getEula()
{
$Parsedown = new \Parsedown();

if ($this->eula_text) {
return $Parsedown->text(e($this->eula_text));
return Helper::parseEscapedMarkedown($this->eula_text);
} elseif ((Setting::getSettings()->default_eula_text) && ($this->use_default_eula == '1')) {
return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
return Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
} else {
return null;
}
Expand Down
7 changes: 3 additions & 4 deletions app/Models/Consumable.php
Expand Up @@ -2,6 +2,7 @@

namespace App\Models;

use App\Helpers\Helper;
use App\Models\Traits\Acceptable;
use App\Models\Traits\Searchable;
use App\Presenters\Presentable;
Expand Down Expand Up @@ -265,12 +266,10 @@ public function requireAcceptance()
*/
public function getEula()
{
$Parsedown = new \Parsedown();

if ($this->category->eula_text) {
return $Parsedown->text(e($this->category->eula_text));
return Helper::parseEscapedMarkedown($this->category->eula_text);
} elseif ((Setting::getSettings()->default_eula_text) && ($this->category->use_default_eula == '1')) {
return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
return Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
} else {
return null;
}
Expand Down
6 changes: 3 additions & 3 deletions app/Models/License.php
Expand Up @@ -2,6 +2,7 @@

namespace App\Models;

use App\Helpers\Helper;
use App\Models\Traits\Searchable;
use App\Presenters\Presentable;
use Carbon\Carbon;
Expand Down Expand Up @@ -337,12 +338,11 @@ public function requireAcceptance()
*/
public function getEula()
{
$Parsedown = new \Parsedown();

if ($this->category->eula_text) {
return $Parsedown->text(e($this->category->eula_text));
return Helper::parseEscapedMarkedown($this->category->eula_text);
} elseif ($this->category->use_default_eula == '1') {
return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
return Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
} else {
return false;
}
Expand Down
8 changes: 3 additions & 5 deletions app/Models/Setting.php
Expand Up @@ -8,9 +8,10 @@
use Illuminate\Support\Collection;
use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\Cache;
use Parsedown;
use App\Helpers\Helper;
use Watson\Validating\ValidatingTrait;


/**
* Settings model.
*/
Expand Down Expand Up @@ -135,7 +136,6 @@ public static function setupCompleted(): bool
public function lar_ver(): string
{
$app = App::getFacadeApplication();

return $app::VERSION;
}

Expand All @@ -147,9 +147,7 @@ public function lar_ver(): string
public static function getDefaultEula(): ?string
{
if (self::getSettings()->default_eula_text) {
$parsedown = new Parsedown();

return $parsedown->text(e(self::getSettings()->default_eula_text));
return Helper::parseEscapedMarkedown(self::getSettings()->default_eula_text);
}

return null;
Expand Down
6 changes: 3 additions & 3 deletions app/Presenters/AssetModelPresenter.php
Expand Up @@ -2,6 +2,8 @@

namespace App\Presenters;

use App\Helpers\Helper;

/**
* Class AssetModelPresenter
*/
Expand Down Expand Up @@ -159,10 +161,8 @@ public static function dataTableLayout()
*/
public function note()
{
$Parsedown = new \Parsedown();

if ($this->model->note) {
return $Parsedown->text($this->model->note);
return Helper::parseEscapedMarkedown($this->model->note);
}
}

Expand Down
2 changes: 1 addition & 1 deletion resources/views/auth/login.blade.php
Expand Up @@ -28,7 +28,7 @@
@if ($snipeSettings->login_note)
<div class="col-md-12">
<div class="alert alert-info">
{!! Parsedown::instance()->text(e($snipeSettings->login_note)) !!}
{!! Helper::parseEscapedMarkedown($snipeSettings->login_note) !!}
</div>
</div>
@endif
Expand Down
2 changes: 1 addition & 1 deletion resources/views/dashboard.blade.php
Expand Up @@ -17,7 +17,7 @@
<div class="box-body">
<div class="row">
<div class="col-md-12">
{!! Parsedown::instance()->text(e($snipeSettings->dashboard_message)) !!}
{!! Helper::parseEscapedMarkedown($snipeSettings->dashboard_message) !!}
</div>
</div>
</div>
Expand Down
2 changes: 1 addition & 1 deletion resources/views/layouts/default.blade.php
Expand Up @@ -827,7 +827,7 @@
</div>
@if ($snipeSettings->footer_text!='')
<div class="pull-right">
{!! Parsedown::instance()->text(e($snipeSettings->footer_text)) !!}
{!! Helper::parseEscapedMarkedown($snipeSettings->footer_text) !!}
</div>
@endif

Expand Down

0 comments on commit 9cf5f30

Please sign in to comment.