Revert to using fieldmangler for adding fields

In 5.1.5 we switched to using `<$action-setfield>` instead of `<$fieldmangler>`. The problem was that in the process we lost the validation of field names, making it possible to create fields with illegal names Fixes #1186
2014-12-04 09:39:14 +00:00 · 2014-12-04 09:39:14 +00:00 · 2689e2861b
parent bb74be7ac1
commit 2689e2861b
2 changed files with 51 additions and 21 deletions
--- a/core/modules/widgets/fieldmangler.js
+++ b/core/modules/widgets/fieldmangler.js
@ -71,24 +71,38 @@ FieldManglerWidget.prototype.handleRemoveFieldEvent = function(event) {
 };

 FieldManglerWidget.prototype.handleAddFieldEvent = function(event) {
-	var tiddler = this.wiki.getTiddler(this.mangleTitle);
-	if(tiddler && typeof event.param === "string") {
-		var name = event.param.toLowerCase().trim();
-		if(name !== "" && !$tw.utils.hop(tiddler.fields,name)) {
-			if(!$tw.utils.isValidFieldName(name)) {
-				alert($tw.language.getString(
-					"InvalidFieldName",
-					{variables:
-						{fieldName: name}
-					}
-				));
-				return true;
+	var tiddler = this.wiki.getTiddler(this.mangleTitle),
+		addition = this.wiki.getModificationFields(),
+		hadInvalidFieldName = false,
+		addField = function(name,value) {
+			var trimmedName = name.toLowerCase().trim();
+	debugger;
+			if(!$tw.utils.isValidFieldName(trimmedName)) {
+				if(!hadInvalidFieldName) {
+					alert($tw.language.getString(
+						"InvalidFieldName",
+						{variables:
+							{fieldName: trimmedName}
+						}
+					));
+					hadInvalidFieldName = true;
+					return;
+				}
+			} else {
+				addition[trimmedName] = value || "";
 			}
-			var addition = this.wiki.getModificationFields();
-			addition[name] = "";
-			this.wiki.addTiddler(new $tw.Tiddler(tiddler,addition));
+			return;
+		};
+	addition.title = this.mangleTitle;
+	if(typeof event.param === "string") {
+		addField(event.param,"");
+	}
+	if(typeof event.paramObject === "object") {
+		for(var name in event.paramObject) {
+			addField(name,event.paramObject[name]);
 		}
 	}
+	this.wiki.addTiddler(new $tw.Tiddler(tiddler,addition));
 	return true;
 };

--- a/core/ui/EditTemplate/fields.tid
+++ b/core/ui/EditTemplate/fields.tid
@ -5,9 +5,27 @@ tags: $:/tags/EditTemplate
 \define config-title()
 $:/config/EditTemplateFields/Visibility/$(currentField)$
 \end
+
 \define config-filter()
 [[hide]] -[title{$(config-title)$}]
 \end
+
+\define new-field(name,value)
+<$reveal type="nomatch" text="" default="""$name$""">
+<$button>
+<$action-sendmessage $message="tm-add-field" $name$="""$value$"""/>
+<$action-deletetiddler $tiddler="$:/temp/newfieldname"/>
+<$action-deletetiddler $tiddler="$:/temp/newfieldvalue"/>
+<<lingo Fields/Add/Button>>
+</$button>
+</$reveal>
+<$reveal type="match" text="" default="""$name$""">
+<$button>
+<<lingo Fields/Add/Button>>
+</$button>
+</$reveal>
+\end
+
 <div class="tc-edit-fields">
 <table class="tc-edit-fields">
 <tbody>
@ -32,6 +50,7 @@ $:/config/EditTemplateFields/Visibility/$(currentField)$
 </table>
 </div>

+<$fieldmangler>
 <div class="tc-edit-field-add">
 <em class="tc-edit">
 <<lingo Fields/Add/Prompt>>
@ -43,11 +62,8 @@ $:/config/EditTemplateFields/Visibility/$(currentField)$
 <$edit-text tiddler="$:/temp/newfieldvalue" tag="input" default="" placeholder={{$:/language/EditTemplate/Fields/Add/Value/Placeholder}} class="tc-edit-texteditor"/>
 </span>
 <span class="tc-edit-field-add-button">
-<$button>
-<$action-setfield $field={{$:/temp/newfieldname}} $value={{$:/temp/newfieldvalue}}/>
-<$action-deletetiddler $tiddler="$:/temp/newfieldname"/>
-<$action-deletetiddler $tiddler="$:/temp/newfieldvalue"/>
-<<lingo Fields/Add/Button>>
-</$button>
+<$macrocall $name="new-field" name={{$:/temp/newfieldname}} value={{$:/temp/newfieldvalue}}/>
 </span>
 </div>
+</$fieldmangler>
+