Am 04.05.20 um 18:00 schrieb Vladislav Kurz: > I know that redesigning the whole calculation as web application would be > much > better. But if protection against 80% of users can be done with 20% effort, I > would do it. You say that 100 % protection is not possible, so there is no > reason to do anything...
As previously explained, there is probably no need to code the whole application as a web app. All you need should need, in my opinion, is a frontend (GUI+X2Go, or Web, doesn't matter), proper input sanitizing, and libreoffice in headless mode. *.ods files are ZIP archives, so you can unzip them like so: unzip samplecalc.ods Archive: samplecalc.ods extracting: mimetype extracting: Thumbnails/thumbnail.png creating: Configurations2/accelerator/ creating: Configurations2/popupmenu/ creating: Configurations2/toolpanel/ creating: Configurations2/menubar/ creating: Configurations2/images/Bitmaps/ creating: Configurations2/toolbar/ creating: Configurations2/floater/ creating: Configurations2/statusbar/ creating: Configurations2/progressbar/ inflating: content.xml inflating: meta.xml inflating: styles.xml inflating: manifest.rdf inflating: settings.xml inflating: META-INF/manifest.xml You would then use xmlstarlet to modify the fields in content.xml. Or even simpler (but dirty), put some unique placeholders there and use sed to replace them with your sanitized user-provided values. Zip it all back together, and run: soffice --convert-to pdf samplecalc.ods --headless This gives you a samplecalc.pdf that you can open in a PDF viewer or web browser. Or you could provide your users with a template *.ods with identical fields, but lacking the formulas. Have them fill out the fields in their "dumb" copy, then read the field contents into your template and provide them with the output. Either as PDF or as *.ods again - with the value fields, but lacking the formulas again. No need to rape X2Go code for this. In fact, it's probably safer and saner to run all this on a web server. -Stefan -- BAUR-ITCS UG (haftungsbeschränkt) Geschäftsführer: Stefan Baur Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243 _______________________________________________ x2go-dev mailing list x2go-dev@lists.x2go.org https://lists.x2go.org/listinfo/x2go-dev
