jQuery in Action, 3rd edition
The moose likes JForum and the fly likes How add static function to htm templates in JForum Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » JForum
Bookmark "How add static function to htm templates in JForum" Watch "How add static function to htm templates in JForum" New topic

How add static function to htm templates in JForum

Omar Komiha

Joined: Mar 06, 2014
Posts: 1
Hi folks,

My name is Omar.

My knowledge about JForum is very minimal so forgive me if my question is very stupid or unrelated to JForum.

I want to add a token to an htm (template) page by calling a java static function. The token is meant to protect the form from Cross-Site Request Forgery (CSRF) attacks, and therefore needs to be generated dynamically.

I saw that calling static functions is possible from htm templates, and since this is normally not possible from htm/html pages I assumed that this is a JForum feature.

What I did is add the following code to the htm page:

However when I run the code I get the following error:

Expression TokenGenerator is undefined on line 4, column 47 in custom/forum_login.htm.

It seems that I also need to configure something to complete this, however I have no clue how to do that ...

Any help would be appreciated.
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
Welcome to JavaRanch. That's not so much a feature of JForum, but rather of the FreeMarker templating engine JForum uses. I don't think it allows you to call random static methods without some preparation; at least that's how I read http://freemarker.org/docs/pgui_misc_beanwrapper.html#autoid_55. A better way would be to call that method in the Java class, and then put its results into the HashMap that collects all template variables.
Jeanne Boyarsky
author & internet detective

Joined: May 26, 2003
Posts: 33119

Welcome to CodeRanch! As Ulf noted, those aren't really html files. They are Freemarker templates.

I wrote a blog series on how we fixed CSRF on our JForum install. It's not trivial.

[OCA 8 book] [Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Other Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, TOGAF part 1 and part 2
I agree. Here's the link: http://aspose.com/file-tools
subject: How add static function to htm templates in JForum
It's not a secret anymore!