Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Fixed #4971 -- Fixed some escaping and quoting problems in the databr…

…owse contrib app. Based on patch from Johann Queuniet.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@5764 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 29078eaeca628810d11ae4c5959ab4c5762ef49d 1 parent b263e17
Gary Wilson Jr. authored July 26, 2007
1  AUTHORS
@@ -214,6 +214,7 @@ answer newbie questions, and generally made Django that much better:
214 214
     plisk
215 215
     Daniel Poelzleithner <http://poelzi.org/>
216 216
     polpak@yahoo.com
  217
+    Johann Queuniet <johann.queuniet@adh.naellia.eu>
217 218
     J. Rademaker
218 219
     Michael Radziej <mir@noris.de>
219 220
     Ramiro Morales <rm0@gmx.net>
3  django/contrib/databrowse/plugins/fieldchoices.py
@@ -37,9 +37,10 @@ def model_index_html(self, request, model, site):
37 37
 
38 38
     def urls(self, plugin_name, easy_instance_field):
39 39
         if easy_instance_field.field in self.field_dict(easy_instance_field.model.model).values():
  40
+            field_value = smart_str(easy_instance_field.raw_value)
40 41
             return [u'%s%s/%s/%s/' % (easy_instance_field.model.url(),
41 42
                 plugin_name, easy_instance_field.field.name,
42  
-                urllib.quote(smart_str(easy_instance_field.raw_value)))]
  43
+                urllib.quote(field_value, safe=''))]
43 44
 
44 45
     def model_view(self, request, model_databrowse, url):
45 46
         self.model, self.site = model_databrowse.model, model_databrowse.site
2  django/contrib/databrowse/templates/databrowse/calendar_day.html
@@ -10,7 +10,7 @@
10 10
 
11 11
 <ul class="objectlist">
12 12
 {% for object in object_list %}
13  
-<li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object }}</a></li>
  13
+<li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object|escape }}</a></li>
14 14
 {% endfor %}
15 15
 </ul>
16 16
 
2  django/contrib/databrowse/templates/databrowse/calendar_month.html
@@ -10,7 +10,7 @@
10 10
 
11 11
 <ul class="objectlist">
12 12
 {% for object in object_list %}
13  
-<li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object }}</a></li>
  13
+<li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object|escape }}</a></li>
14 14
 {% endfor %}
15 15
 </ul>
16 16
 
2  django/contrib/databrowse/templates/databrowse/choice_detail.html
@@ -10,7 +10,7 @@
10 10
 
11 11
 <ul class="objectlist">
12 12
 {% for object in object_list %}
13  
-<li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object }}</a></li>
  13
+<li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object|escape }}</a></li>
14 14
 {% endfor %}
15 15
 </ul>
16 16
 
2  django/contrib/databrowse/templates/databrowse/choice_list.html
@@ -10,7 +10,7 @@
10 10
 
11 11
 <ul class="objectlist">
12 12
 {% for choice in field.choices %}
13  
-<li class="{% cycle odd,even %}"><a href="{{ choice.url }}">{{ choice.label }}</a></li>
  13
+<li class="{% cycle odd,even %}"><a href="{{ choice.url }}">{{ choice.label|escape }}</a></li>
14 14
 {% endfor %}
15 15
 </ul>
16 16
 
2  django/contrib/databrowse/templates/databrowse/homepage.html
@@ -11,7 +11,7 @@
11 11
 	  <h2><a href="{{ model.url }}">{{ model.verbose_name_plural|capfirst }}</a></h2>
12 12
 		<p>
13 13
 		{% for object in model.sample_objects %}
14  
-			<a href="{{ object.url }}">{{ object }}</a>, 
  14
+			<a href="{{ object.url }}">{{ object|escape }}</a>, 
15 15
 		{% endfor %}
16 16
 			<a class="more" href="{{ model.url }}">More &rarr;</a>
17 17
 		</p>
2  django/contrib/databrowse/templates/databrowse/model_detail.html
@@ -12,7 +12,7 @@
12 12
 
13 13
 <ul class="objectlist">
14 14
 {% for object in model.objects %}
15  
-    <li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object }}</a></li>
  15
+    <li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object|escape }}</a></li>
16 16
 {% endfor %}
17 17
 </ul>
18 18
 
10  django/contrib/databrowse/templates/databrowse/object_detail.html
@@ -4,9 +4,9 @@
4 4
 
5 5
 {% block content %}
6 6
 
7  
-<div id="breadcrumbs"><a href="{{ root_url }}">Home</a> / <a href="{{ object.model.url }}">{{ object.model.verbose_name_plural|capfirst }}</a> / {{ object }}</div>
  7
+<div id="breadcrumbs"><a href="{{ root_url }}">Home</a> / <a href="{{ object.model.url }}">{{ object.model.verbose_name_plural|capfirst }}</a> / {{ object|escape }}</div>
8 8
 
9  
-<h1>{{ object.model.verbose_name|capfirst }}: {{ object }}</h1>
  9
+<h1>{{ object.model.verbose_name|capfirst }}: {{ object|escape }}</h1>
10 10
 
11 11
 <table class="objectinfo">
12 12
 {% for field in object.fields %}
@@ -14,8 +14,8 @@
14 14
 <th>{{ field.field.verbose_name|capfirst }}</th>
15 15
 <td>
16 16
 {% if field.urls %}
17  
-{% for urlvalue in field.urls %}
18  
-{% if urlvalue.1 %}<a href="{{ urlvalue.1 }}">{% endif %}{{ urlvalue.0 }}{% if urlvalue.1 %}</a>{% endif %}{% if not forloop.last %}, {% endif %}
  17
+{% for value, url in field.urls %}
  18
+{% if url %}<a href="{{ url }}">{% endif %}{{ value|escape }}{% if url %}</a>{% endif %}{% if not forloop.last %}, {% endif %}
19 19
 {% endfor %}
20 20
 {% else %}None{% endif %}
21 21
 </td>
@@ -29,7 +29,7 @@
29 29
   {% if related_object.object_list %}
30 30
   <ul class="objectlist">
31 31
     {% for object in related_object.object_list %}
32  
-    <li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object }}</a></li>
  32
+    <li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object|escape }}</a></li>
33 33
     {% endfor %}
34 34
   </ul>
35 35
   {% else %}

0 notes on commit 29078ea

Please sign in to comment.
Something went wrong with that request. Please try again.