- added generic view implementation of 403 status code.

diff --git a/CHANGES b/CHANGES
index 0686590..b514a0c 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -22,6 +22,7 @@
 -- 汎用ビュークラスを実装
 --- ビューへの出力時によく使われる処理を雛形として実装したもの
 --- Ethna_View_Json.php
+--- Ethna_View_403.php
 --- Ethna_View_404.php
 --- Ethna_View_500.php
 --- Ethna_View_Redirect.php
@@ -74,6 +75,14 @@
 - フォーム定義が配列で、Ethna_ActionForm#getHiddenVars の値を Ethna_ActionForm#setAppNE した場合、クロスサイトスクリプティング脆弱性が存在するバグを修正 (thanks: shuitic)
 -- http://sourceforge.jp/ticket/browse.php?group_id=1343&tid=17332
 
+** 2.5.0-preview4
+
+*** bug fix
+
+- フォーム定義が配列で、Ethna_ActionForm#getHiddenVars の値を Ethna_ActionForm#setAppNE した場合、クロスサイトスクリプティング
+脆弱性が存在するバグを修正 (thanks: shuitic)
+-- http://sourceforge.jp/ticket/browse.php?group_id=1343&tid=17332
+
 ** 2.5.0-preview3
 
 *** features

diff --git a/Ethna.php b/Ethna.php
index b0e152d..58356dd 100644 (file)
--- a/Ethna.php
+++ b/Ethna.php
@@ -82,6 +82,7 @@ require_once ETHNA_BASE . '/class/Ethna_Util.php';
 require_once ETHNA_BASE . '/class/Ethna_ViewClass.php';
 require_once ETHNA_BASE . '/class/View/Ethna_View_Json.php';
 require_once ETHNA_BASE . '/class/View/Ethna_View_Redirect.php';
+require_once ETHNA_BASE . '/class/View/Ethna_View_403.php';
 require_once ETHNA_BASE . '/class/View/Ethna_View_404.php';
 require_once ETHNA_BASE . '/class/View/Ethna_View_500.php';
 require_once ETHNA_BASE . '/class/View/Ethna_View_List.php';

diff --git a/class/Ethna_Controller.php b/class/Ethna_Controller.php
index bd9929f..9b3b7f8 100644 (file)
--- a/class/Ethna_Controller.php
+++ b/class/Ethna_Controller.php
@@ -118,6 +118,7 @@ class Ethna_Controller
 
     /** @var    array   デフォルトのforward定義 */
     var $forward_default = array(
+        '403' => array( 'view_name' => 'Ethna_View_403',),
         '404' => array( 'view_name' => 'Ethna_View_404',),
         '500' => array( 'view_name' => 'Ethna_View_500',), 
         'json' => array( 'view_name' => 'Ethna_View_Json',),

diff --git a/class/Plugin/Generator/Project.php b/class/Plugin/Generator/Project.php
index b4a2dfc..2b77944 100644 (file)
--- a/class/Plugin/Generator/Project.php
+++ b/class/Plugin/Generator/Project.php
@@ -152,6 +152,7 @@ class Ethna_Plugin_Generator_Project extends Ethna_Plugin_Generator
             "etc.ini.php" => sprintf("$basedir/etc/%s-ini.php", $macro['project_prefix']),
             "template.index.tpl" => sprintf("$basedir/template/$locale/index.tpl"),
             "template.layout.tpl" => sprintf("$basedir/template/$locale/layout.tpl"),
+            "template.403.tpl" => sprintf("$basedir/template/$locale/error403.tpl"),
             "template.404.tpl" => sprintf("$basedir/template/$locale/error404.tpl"),
             "template.500.tpl" => sprintf("$basedir/template/$locale/error500.tpl"),
         );

diff --git a/class/View/Ethna_View_403.php b/class/View/Ethna_View_403.php
new file mode 100644 (file)
index 0000000..9551a57
--- /dev/null
+++ b/class/View/Ethna_View_403.php
@@ -0,0 +1,42 @@
+<?php
+// vim: foldmethod=marker
+/**
+ *  Ethna_View_403.php
+ *
+ *  @author     Yoshinari Takaoka <takaoka@beatcraft.com>
+ *  @license    http://www.opensource.org/licenses/bsd-license.php The BSD License
+ *  @package    Ethna
+ *  @version    $Id$
+ */
+
+// {{{ Ethna_View_403
+/**
+ *  403ページ(アクセスを禁止することを知らせるページ)
+ *  を出力するビューの実装
+ *
+ *  @author     Yoshinari Takaoka <takaoka@beatcraft.com>
+ *  @access     public
+ *  @package    Ethna
+ */
+class Ethna_View_403 extends Ethna_ViewClass
+{
+    /**#@+
+     *  @access private
+     */
+
+    /**#@-*/
+
+    /**
+     *  403 ページを出力するための前処理を行う
+     *
+     *  @access public
+     *  @param  array  $param  出力に必要なユーザー定義パラメータ
+     */
+    function preforward($param = array())
+    {
+        $this->error(403);
+    }
+
+}
+// }}}
+?>

diff --git a/skel/template.403.tpl b/skel/template.403.tpl
new file mode 100644 (file)
index 0000000..d3170a6
--- /dev/null
+++ b/skel/template.403.tpl
@@ -0,0 +1 @@
+403 Forbidden.