Changes for page 新しい学校ページを作成
Last modified by Super Admin on 2026/03/22 00:39
From version 
23.1 
23.1
edited by Super Admin
on 2026/03/09 12:25
on 2026/03/09 12:25
Change comment:
There is no comment for this version
To version 29.1
29.1
edited by Super Admin
on 2026/03/13 02:03
on 2026/03/13 02:03
Change comment:
There is no comment for this version
Summary
Details
-
Page properties
-
- Content
-
... ... @@ -37,16 +37,6 @@ 37 37 #set($newObj = $newDoc.getObject('SeitokaiCode.SchoolClass', $objNum)) 38 38 $newObj.set('schoolCode', $schoolCode) 39 39 $newObj.set('schoolName', $schoolName) 40 - ## 現在の年度を初期値として設定(4月始まり) 41 - #set($now = $datetool.date) 42 - #set($currentYear = $datetool.format('yyyy', $now)) 43 - #set($currentMonth = $mathtool.toInteger($datetool.format('MM', $now))) 44 - #if($currentMonth >= 4) 45 - #set($fiscalYear = $currentYear) 46 - #else 47 - #set($fiscalYear = $mathtool.sub($mathtool.toInteger($currentYear), 1).toString()) 48 - #end 49 - $newObj.set('fiscalYear', $fiscalYear) 50 50 $newDoc.saveWithProgrammingRights('学校ページを新規作成') 51 51 ## 作成後にビューにリダイレクト 52 52 $response.sendRedirect($xwiki.getURL($targetPage, 'view')) ... ... @@ -118,6 +118,13 @@ 118 118 119 119 <script> 120 120 (function() { 111 + // XSSエスケープ関数 112 + function escapeHtml(s) { 113 + var div = document.createElement('div'); 114 + div.appendChild(document.createTextNode(s)); 115 + return div.innerHTML; 116 + } 117 + 121 121 // 学校マスターデータをJSON APIから取得 122 122 var schools = []; 123 123 var schoolsLoaded = false; ... ... @@ -124,7 +124,8 @@ 124 124 125 125 // schools.json をロード(XWiki添付ファイルとして配置) 126 126 // 配置先: SeitokaiCode.SchoolMasterData の添付ファイル 127 - fetch('/rest/wikis/xwiki/spaces/SeitokaiCode/pages/SchoolMasterData/attachments/schools.json') 124 + var restBase = '$request.contextPath/rest/wikis/xwiki'; 125 + fetch(restBase + '/spaces/SeitokaiCode/pages/SchoolMasterData/attachments/schools.json') 128 128 .then(function(r) { return r.json(); }) 129 129 .then(function(data) { schools = data; schoolsLoaded = true; }) 130 130 .catch(function() { ... ... @@ -161,11 +161,11 @@ 161 161 var li = document.createElement('li'); 162 162 li.className = 'search-result-item'; 163 163 li.innerHTML = 164 - '<div class="search-result-name">' + s.name + '</div>' + 162 + '<div class="search-result-name">' + escapeHtml(s.name) + '</div>' + 165 165 '<div class="search-result-info">' + 166 - s.pref + ' ' + s.city + ' ・ ' + s.type + '(' + s.est + ')' + 164 + escapeHtml(s.pref) + ' ' + escapeHtml(s.city) + ' ・ ' + escapeHtml(s.type) + '(' + escapeHtml(s.est) + ')' + 167 167 '</div>' + 168 - '<div class="search-result-code">' + s.code + '</div>'; 166 + '<div class="search-result-code">' + escapeHtml(s.code) + '</div>'; 169 169 li.onclick = function() { selectSchool(s); }; 170 170 resultsList.appendChild(li); 171 171 }); ... ... @@ -191,13 +191,13 @@ 191 191 192 192 // 重複チェック(XWikiにページが存在するか確認) 193 193 var targetPage = 'Schools.' + school.code + '.WebHome'; 194 - fetch( '/rest/wikis/xwiki/spaces/Schools/spaces/' + school.code + '/pages/WebHome')192 + fetch(restBase + '/spaces/Schools/spaces/' + school.code + '/pages/WebHome') 195 195 .then(function(r) { 196 196 if (r.ok) { 197 197 // 既存ページあり 198 198 document.getElementById('duplicateWarning').style.display = 'block'; 199 199 document.getElementById('duplicateLink').href = 200 - '/bin/ view/Schools/' + school.code + '/';198 + '$request.contextPath/bin/Schools/' + school.code + '/'; 201 201 document.getElementById('submitArea').style.display = 'none'; 202 202 } else { 203 203 // 新規作成OK