add authorId to chat and userlist, possibly privacy/security issue?

This commit is contained in:
John McLear 2013-03-12 17:34:15 +00:00 committed by Marcel Klehr
parent 0bceac98e3
commit babb33d825
2 changed files with 7 additions and 5 deletions

View File

@ -111,7 +111,7 @@ var chat = (function()
var authorName = msg.userName == null ? _('pad.userlist.unnamed') : padutils.escapeHtml(msg.userName); var authorName = msg.userName == null ? _('pad.userlist.unnamed') : padutils.escapeHtml(msg.userName);
var html = "<p class='" + authorClass + "'><b>" + authorName + ":</b><span class='time " + authorClass + "'>" + timeStr + "</span> " + text + "</p>"; var html = "<p data-authorId='" + msg.userId + "' class='" + authorClass + "'><b>" + authorName + ":</b><span class='time " + authorClass + "'>" + timeStr + "</span> " + text + "</p>";
if(isHistoryAdd) if(isHistoryAdd)
$(html).insertAfter('#chatloadmessagesbutton'); $(html).insertAfter('#chatloadmessagesbutton');
else else

View File

@ -119,9 +119,9 @@ var paduserlist = (function()
return ['<td style="height:', height, 'px" class="usertdswatch"><div class="swatch" style="background:' + data.color + '">&nbsp;</div></td>', '<td style="height:', height, 'px" class="usertdname">', nameHtml, '</td>', '<td style="height:', height, 'px" class="activity">', padutils.escapeHtml(data.activity), '</td>'].join(''); return ['<td style="height:', height, 'px" class="usertdswatch"><div class="swatch" style="background:' + data.color + '">&nbsp;</div></td>', '<td style="height:', height, 'px" class="usertdname">', nameHtml, '</td>', '<td style="height:', height, 'px" class="activity">', padutils.escapeHtml(data.activity), '</td>'].join('');
} }
function getRowHtml(id, innerHtml) function getRowHtml(id, innerHtml, authorId)
{ {
return '<tr id="' + id + '">' + innerHtml + '</tr>'; return '<tr data-authorId="'+authorId+'" id="' + id + '">' + innerHtml + '</tr>';
} }
function rowNode(row) function rowNode(row)
@ -191,18 +191,20 @@ var paduserlist = (function()
domId: domId, domId: domId,
animationPower: animationPower animationPower: animationPower
}; };
var authorId = data.id;
handleRowData(row); handleRowData(row);
rowsPresent.splice(position, 0, row); rowsPresent.splice(position, 0, row);
var tr; var tr;
if (animationPower == 0) if (animationPower == 0)
{ {
tr = $(getRowHtml(domId, getUserRowHtml(getAnimationHeight(0), data))); tr = $(getRowHtml(domId, getUserRowHtml(getAnimationHeight(0), data), authorId));
row.animationStep = 0; row.animationStep = 0;
} }
else else
{ {
rowsFadingIn.push(row); rowsFadingIn.push(row);
tr = $(getRowHtml(domId, getEmptyRowHtml(getAnimationHeight(ANIMATION_START)))); tr = $(getRowHtml(domId, getEmptyRowHtml(getAnimationHeight(ANIMATION_START)), authorId));
} }
handleRowNode(tr, data); handleRowNode(tr, data);
if (position == 0) if (position == 0)