Added preview for node editing.

Fixed redirection to previous page during authentication workflow.
SEO: fixed issue with page having unicode keywords (tags).
Fixed caller of {CMS_ENCODERS}.secured_url_content to avoid obsolete implicate conversions to STRING_8.
Cosmetic and unused local variables removal.

Author: jocelyn

.gitignore

@@ -7,3 +7,4 @@ EIFGENs
 .*.swo
 Thumbs.db
 *.dll
+examples/demo/docker-inc/site/mysql/*

examples/demo/src/demo_cms_server.e

@@ -1,7 +1,5 @@
-note
-	description: "[
-				DEMO application server.
-			]"
+note
+	description: "DEMO application server."
 	date: "$Date$"
 	revision: "$Revision$"
 

modules/admin/handler/cms_admin_info_handler.e

@@ -1,4 +1,4 @@
-note
+note
 	description: "Display information about ROC CMS installation."
 	date: "$Date$"
 	revision: "$Revision$"
@@ -8,7 +8,6 @@ class
 
 inherit
 	CMS_HANDLER
-
 	WSF_URI_HANDLER
 
 create
@@ -40,8 +39,6 @@ feature -- Execution
 		end
 
 	append_system_info_to (s: STRING)
-		local
-			n: INTEGER
 		do
 			s.append ("<ul>")
 			across

modules/auth/cms_auth_module_i.e

@@ -103,7 +103,7 @@ feature {NONE} -- Template
 
 	smarty_template_login_block (a_request: WSF_REQUEST; a_module: CMS_MODULE; a_block_id: READABLE_STRING_8; a_cms_api: CMS_API): like smarty_template_block
 		local
-			l_destination: detachable READABLE_STRING_32
+			l_destination: detachable READABLE_STRING_GENERAL
 		do
 			Result := smarty_template_block (a_module, a_block_id, a_cms_api)
 			if Result /= Void then
@@ -112,8 +112,12 @@ feature {NONE} -- Template
 				elseif attached {WSF_STRING} a_request.form_parameter ("destination") as p_destination then
 					l_destination := p_destination.value
 				end
-				if l_destination /= Void then
-					Result.set_value (secured_url_content (l_destination), "site_destination")
+				if
+					l_destination /= Void and then
+					not l_destination.is_whitespace and then
+					l_destination.is_valid_as_string_8
+				then
+					Result.set_value (secured_url_content (l_destination.to_string_8), "site_destination")
 				end
 			end
 		end

modules/auth/cms_authentication_module.e

@@ -167,7 +167,7 @@ feature -- Hooks configuration
 			l_url_name: READABLE_STRING_GENERAL
 		do
 			if attached {WSF_STRING} a_response.request.item ("destination") as p_destination then
-				l_destination := secured_url_content (p_destination.value)
+				l_destination := secured_url_content (p_destination.url_encoded_value)
 			else
 				l_destination := a_response.location
 			end
@@ -391,8 +391,12 @@ feature -- Handler
 			elseif attached a_auth_api.cms_api.module_by_name ("session_auth") then
 					-- FIXME: find better solution to support a default login system.
 				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
-				if attached {WSF_STRING} req.item ("destination") as l_destination then
-					r.set_redirection ("account/auth/roc-session-login?destination=" + secured_url_content (l_destination.url_encoded_value))
+				if
+					attached {WSF_STRING} req.item ("destination") as l_destination and then
+					attached l_destination.value as v and then
+					v.is_valid_as_string_8
+				then
+					r.set_redirection ("account/auth/roc-session-login?destination=" + secured_url_content (v.to_string_8))
 				else
 					r.set_redirection ("account/auth/roc-session-login")
 				end
@@ -402,8 +406,13 @@ feature -- Handler
 			elseif attached a_auth_api.cms_api.module_by_name ("basic_auth") then
 					-- FIXME: find better solution to support a default login system.
 				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
-				if attached {WSF_STRING} req.item ("destination") as l_destination then
-					r.set_redirection ("account/auth/roc-basic-login?destination=" + secured_url_content (l_destination.url_encoded_value))
+
+				if
+					attached {WSF_STRING} req.item ("destination") as l_destination and then
+					attached l_destination.value as v and then
+					v.is_valid_as_string_8
+				then
+					r.set_redirection ("account/auth/roc-basic-login?destination=" + secured_url_content (v.to_string_8))
 				else
 					r.set_redirection ("account/auth/roc-basic-login")
 				end
@@ -441,10 +450,6 @@ feature -- Handler
 			l_user_api: CMS_USER_API
 			u: CMS_TEMP_USER
 			l_exist: BOOLEAN
-			es: CMS_AUTHENTICATION_EMAIL_SERVICE
-			l_url_activate: STRING
-			l_url_reject: STRING
-			l_token: STRING
 			l_captcha_passed: BOOLEAN
 			l_email: READABLE_STRING_8
 		do

modules/auth/cms_user_register_webapi_handler.e

@@ -43,11 +43,6 @@ feature -- Execution
 			l_user_api: CMS_USER_API
 			u: CMS_TEMP_USER
 			l_exist: BOOLEAN
-
-			l_url_activate: STRING
-			l_url_reject: STRING
-			l_token: STRING
-			l_captcha_passed: BOOLEAN
 			l_email: READABLE_STRING_8
 		do
 			if

modules/feed_aggregator/feed_aggregator_module.e

@@ -1,4 +1,4 @@
-note
+note
 	description: "CMS module bringing support for feed aggregation."
 	date: "$Date$"
 	revision: "$Revision$"
@@ -352,10 +352,7 @@ feature -- Hook
 	feed_to_html (a_feed_id: READABLE_STRING_GENERAL; a_count: INTEGER; with_feed_info: BOOLEAN; a_response: CMS_RESPONSE): detachable STRING
 		local
 			nb: INTEGER
-			i: INTEGER
-			e: FEED_ITEM
 			l_cache: CMS_FILE_STRING_8_CACHE
-			lnk: detachable FEED_LINK
 			vis: FEED_TO_XHTML_VISITOR
 			s: STRING
 		do
@@ -410,11 +407,7 @@ feature -- Hook
 
 	feed_to_atom (a_feed_id: READABLE_STRING_GENERAL; a_count: INTEGER): detachable STRING
 		local
-			nb: INTEGER
-			i: INTEGER
-			e: FEED_ITEM
 			vis: ATOM_FEED_GENERATOR
-			s: STRING
 			l_cache: CMS_FILE_STRING_8_CACHE
 		do
 			if

modules/messaging/src/cms_messaging_module.e

@@ -1,8 +1,6 @@
-note
-	description: "[
-			Module that provides messenger functionality.
-		]"
-	author: "$Author: jfiat $"
+note
+	description: "Module that provides messenger functionality."
+	author: "$Author$"
 	date: "$Date$"
 	revision: "$Revision$"
 
@@ -238,8 +236,6 @@ $(document).ready(function() {
 			r: CMS_RESPONSE
 			e: CMS_EMAIL
 			l_emails: ARRAYED_LIST [CMS_EMAIL]
-			vars: STRING_TABLE [READABLE_STRING_8]
-			l_messaging_email_address: READABLE_STRING_8
 			s: STRING
 			l_uid: READABLE_STRING_32
 			f: like new_messaging_form

modules/node/cms_node_api.e

@@ -1,7 +1,5 @@
-note
-	description: "[
-			API to manage CMS Nodes
-		]"
+note
+	description: "API to manage CMS Nodes."
 	date: "$Date$"
 	revision: "$Revision$"
 
@@ -315,8 +313,6 @@ feature -- Access: feeds
 			l_size: NATURAL_64
 			l_exhausted: BOOLEAN
 			lnk: FEED_LINK
-			mesg: CMS_CUSTOM_RESPONSE_MESSAGE
-			l_payload: STRING
 			l_feed_name: STRING_32
 		do
 			create l_feed_name.make_from_string (cms_api.setup.site_name)

modules/node/cms_node_module.e

@@ -188,8 +188,10 @@ feature -- Access: router
 			a_router.map (l_uri_mapping, a_router.methods_get_post)
 
 			a_router.handle ("/node/add/{type}", l_node_handler, a_router.methods_get_post)
+			a_router.handle ("/node/preview/{type}", l_node_handler, a_router.methods_post)
 			a_router.handle ("/node/{id}/revision", l_node_handler, a_router.methods_get)
 			a_router.handle ("/node/{id}/edit", l_node_handler, a_router.methods_get_post)
+			a_router.handle ("/node/{id}/preview", l_node_handler, a_router.methods_post)
 			a_router.handle ("/node/{id}/delete", l_node_handler, a_router.methods_get_post)
 			a_router.handle ("/node/{id}/trash", l_node_handler, a_router.methods_get_post)
 
@@ -231,6 +233,9 @@ feature -- Hooks
 			-- <Precursor>
 		do
 			a_response.add_style (a_response.module_resource_url (Current, "/files/css/node.css", Void), Void)
+			if attached {NODE_FORM_RESPONSE} a_response then
+				a_response.add_javascript_url (a_response.module_resource_url (Current, "/files/js/node_form.js", Void))
+			end
 		end
 
 	block_list: ITERABLE [like {CMS_BLOCK}.name]

modules/node/handler/node_handler.e

@@ -180,11 +180,18 @@ feature -- HTTP Methods
 			-- <Precursor>
 		local
 			edit_response: NODE_FORM_RESPONSE
+			preview_response: NODE_PREVIEW_RESPONSE
 		do
 			fixme ("Refactor code: extract methods: edit_node and add_node")
 			if req.percent_encoded_path_info.ends_with ("/edit") then
 				create edit_response.make (req, res, api, node_api)
 				edit_response.execute
+			elseif
+				req.percent_encoded_path_info.ends_with ("/preview")
+				or else req.percent_encoded_path_info.starts_with ("/node/preview")
+			then
+				create preview_response.make (req, res, api, node_api)
+				preview_response.execute
 			elseif req.percent_encoded_path_info.ends_with ("/delete") then
 				if
 					attached {WSF_STRING} req.form_parameter ("op") as l_op and then

modules/node/handler/node_preview_response.e

@@ -0,0 +1,132 @@
+note
+	description: "Preview response handling node."
+	revision: "$Revision$"
+
+class
+	NODE_PREVIEW_RESPONSE
+
+inherit
+	CMS_RESPONSE_I
+		rename
+			make as make_response
+		end
+
+create
+	make
+
+feature {NONE} -- Initialization
+
+	make (req: WSF_REQUEST; res: WSF_RESPONSE; a_api: like api; a_node_api: like node_api)
+		do
+			node_api := a_node_api
+			make_response (req, res, a_api)
+		end
+
+feature -- Access
+
+	node_api: CMS_NODE_API
+			-- Associated node API.
+
+feature -- Helpers
+
+	node_id_path_parameter: INTEGER_64
+			-- Node id passed as path parameter for request `request'.
+		local
+			s: STRING
+		do
+			if attached {WSF_STRING} request.path_parameter ("id") as p_nid then
+				s := p_nid.value
+				if s.is_integer_64 then
+					Result := s.to_integer_64
+				end
+			end
+		end
+
+feature -- Execution
+
+	execute
+			-- Computed response message.
+		local
+			html: CMS_HTML_PAGE_RESPONSE
+			nid: INTEGER_64
+			fd: detachable WSF_FORM_DATA
+			l_ct_name: READABLE_STRING_GENERAL
+		do
+			if
+				location.ends_with_general ("/preview")
+				or else location.starts_with_general ("node/preview/")
+			then
+				if attached {WSF_STRING} request.path_parameter ("type") as p_type then
+					l_ct_name := p_type.value
+				else
+					nid := node_id_path_parameter
+					if
+						nid > 0 and then
+						attached node_api.node (nid) as l_node
+					then
+						l_ct_name := l_node.content_type
+					end
+				end
+				if l_ct_name /= Void and then attached node_api.node_type (l_ct_name) as l_type then
+					if
+						attached new_edit_form (Void, request.request_uri, "preview_form", l_type) as f
+					then
+						f.process (Current)
+						fd := f.last_data
+					end
+					if
+						fd /= Void and then
+						fd.is_valid and then
+						attached fd.string_item ("content") as l_content and then
+						attached fd.string_item ("format") as l_format and then
+						attached previewed_content (l_format, l_content) as l_preview
+					then
+						create html.make (l_preview)
+						response.send (html)
+					else
+						api.response_api.send_bad_request ("Invalid preview request!", request, response)
+					end
+				else
+					api.response_api.send_bad_request ("Invalid preview request!", request, response)
+				end
+			else
+				api.response_api.send_bad_request ("Invalid preview request!", request, response)
+			end
+		end
+
+feature {NONE} -- Preview
+
+	previewed_content (a_format: READABLE_STRING_GENERAL; a_content: READABLE_STRING_GENERAL): detachable STRING
+		local
+			l_format: detachable CONTENT_FORMAT
+		do
+			if attached api.format (a_format) as f_format then
+				l_format := f_format
+				if
+					l_format /= Void and then
+					not api.has_permission_to_use_format (l_format)
+				then
+					l_format := Void
+				end
+			end
+			if l_format /= Void then
+				if a_content.is_valid_as_string_8 then
+					Result := l_format.formatted_output (a_content.to_string_8)
+				else
+					Result := l_format.formatted_output (api.utf_8_encoded (a_content))
+				end
+			else
+				Result := html_encoded (a_content)
+			end
+		end
+
+	new_edit_form (a_node: detachable CMS_NODE; a_url: READABLE_STRING_8; a_name: STRING; a_node_type: CMS_NODE_TYPE [CMS_NODE]): CMS_FORM
+			-- Create a web form named `a_name' for node `a_node' (if set), using form action url `a_url', and for type of node `a_node_type'.
+		local
+			n: NODE_FORM_RESPONSE
+		do
+			create n.make (request, response, api, node_api)
+			Result := n.new_edit_form (a_node, a_url, a_name, a_node_type)
+		end
+
+end

modules/node/handler/nodes_handler.e

@@ -1,4 +1,4 @@
-note
+note
 	description: "Request handler related to /nodes."
 	date: "$Date$"
 	revision: "$Revision$"
@@ -71,16 +71,9 @@ feature -- HTTP Methods
 	do_nodes_feed (a_content_type: CMS_CONTENT_TYPE; req: WSF_REQUEST; res: WSF_RESPONSE)
 		local
 			l_feed: FEED
-			l_feed_item: FEED_ITEM
-			l_params: CMS_DATA_QUERY_PARAMETERS
-			n: CMS_NODE
-			pg, nb: NATURAL_64
 			l_size: NATURAL_64
-			l_exhausted: BOOLEAN
-			lnk: FEED_LINK
 			mesg: CMS_CUSTOM_RESPONSE_MESSAGE
 			l_payload: STRING
-			l_feed_name: STRING_32
 		do
 			if attached {WSF_STRING} req.query_parameter ("size") as p_size and then p_size.is_integer then
 				l_size := p_size.integer_value.to_natural_64