예제 #1
0
파일: models.py 프로젝트: synw/django-koica
	def save(self, *args, **kwargs):
		self.title = sanitize_html(self.title)
		if not self.slug:
			#~ must be unique
			self.slug =render_unique_slug(self.__class__, slugify(self.title))
		self.text = sanitize_html(self.text)	
		super(Question, self).save()
예제 #2
0
def markup(value, mtype=1):
    try:
        from django.utils.html import escape
        if mtype == MARKDOWN[0]:
            try:
                import markdown2
            except ImportError:
                try:
                    from django.contrib.markup.templatetags.markup import markdown
                except ImportError:
                    return sanitize_html(force_unicode(value))
                return mark_safe(sanitize_html(markdown(force_unicode(value))))
            else:
                safe_mode = False
                return mark_safe(sanitize_html(markdown2.markdown(force_unicode(value),
                                                                  safe_mode=safe_mode)))
        elif mtype == TEXTILE[0]:
            from django.contrib.markup.templatetags.markup import textile
            return textile(force_unicode(value))
        ## elif mtype == REST[0]:
        ##     from django.contrib.markup.templatetags.markup import restructuredtext
        ##     return restructuredtext(value)
        elif mtype == HTML[0]:
            return mark_safe(sanitize_html(force_unicode(value)))
        elif mtype == PLAINTEXT[0]:
            return escape(force_unicode(value))
        else:
            return markup(value, DEFAULT_MARKUP[0])
    except ImportError:
        # Not marking safe, in case tag fails and users input malicious code.
        return force_unicode(value)
예제 #3
0
def get_book(db, uuid):
    '''
    Returns book with the param uuid
    '''
    book = db.books.find_one({'uuid': uuid}, PUBLIC_SINGLE_BOOK_FIELDS)
    if book:
        return utils.sanitize_html(book)
    return None
예제 #4
0
def get_book(db, uuid):
    '''
    Returns book with the param uuid
    '''
    book = db.books.find_one({'uuid': uuid}, PUBLIC_SINGLE_BOOK_FIELDS)
    if book:
        return utils.sanitize_html(book)
    return None
예제 #5
0
파일: views.py 프로젝트: synw/django-koica
 def get_context_data(self, **kwargs):
     context = super(QuestionTagView, self).get_context_data(**kwargs)
     # ~ have to clean the tag slug as it comes from the url and is not safe
     context["tag_slug"] = sanitize_html(self.kwargs["slug"])
     context["template_to_extend"] = "base.html"
     return context
예제 #6
0
파일: models.py 프로젝트: synw/django-koica
	def save(self, *args, **kwargs):
		self.text = sanitize_html(self.text, clear=True)
		super(QAComment, self).save()
예제 #7
0
파일: models.py 프로젝트: synw/django-koica
	def save(self, *args, **kwargs):
		self.text = sanitize_html(self.text)
		super(Answer, self).save()
예제 #8
0
 def get_context_data(self, **kwargs):
     context = super(QuestionTagView, self).get_context_data(**kwargs)
     #~ have to clean the tag slug as it comes from the url and is not safe
     context['tag_slug'] = sanitize_html(self.kwargs['slug'])
     context['template_to_extend'] = "base.html"
     return context
예제 #9
0
파일: views.py 프로젝트: anantha89/hasjob
def editjob(hashid, key, form=None, post=None, validated=False):
    if form is None:
        form = forms.ListingForm(request.form)
        form.job_type.choices = [(ob.id, ob.title) for ob in JobType.query.filter_by(public=True).order_by('seq')]
        form.job_category.choices = [(ob.id, ob.title) for ob in JobCategory.query.filter_by(public=True).order_by('seq')]
    if post is None:
        post = JobPost.query.filter_by(hashid=hashid).first_or_404()
    if key != post.edit_key:
        abort(403)
    # Don't allow email address to be changed once its confirmed
    if request.method == 'POST' and post.status >= POSTSTATUS.PENDING:
        form.poster_email.data = post.email
    if request.method == 'POST' and (validated or form.validate()):
        form_description = sanitize_html(form.job_description.data)
        form_perks = sanitize_html(form.job_perks_description.data) if form.job_perks.data else ''
        form_how_to_apply = form.job_how_to_apply.data
        form_email_domain = get_email_domain(form.poster_email.data)
        form_words = get_word_bag(u' '.join((form_description, form_perks, form_how_to_apply)))

        similar = False
        for oldpost in JobPost.query.filter(JobPost.email_domain == form_email_domain).filter(
                                            JobPost.status > POSTSTATUS.PENDING).filter(
                                            JobPost.datetime > datetime.utcnow() - agelimit).all():
            if oldpost.id != post.id:
                if oldpost.words:
                    s = SequenceMatcher(None, form_words, oldpost.words)
                    if s.ratio() > 0.6:
                        similar = True
                        break

        if similar:
            flash("This listing is very similar to an earlier listing. You may not relist the same job "
                "in less than %d days. If you believe this to be an error, please email us at %s." % (agelimit.days,
                app.config['ADMINS'][0]), category='interactive')
        else:
            post.headline = form.job_headline.data
            post.type_id = form.job_type.data
            post.category_id = form.job_category.data
            post.location = form.job_location.data
            post.relocation_assist = form.job_relocation_assist.data
            post.description = form_description
            post.perks = form_perks
            post.how_to_apply = form_how_to_apply
            post.company_name = form.company_name.data
            post.company_url = form.company_url.data
            post.email = form.poster_email.data
            post.email_domain = form_email_domain
            post.md5sum = md5sum(post.email)
            # To protect from gaming, don't allow words to be removed in edited listings once the post
            # has been confirmed. Just add the new words.
            if post.status >= POSTSTATUS.CONFIRMED:
                prev_words = post.words or ''
            else:
                prev_words = u''
            post.words = get_word_bag(u' '.join((prev_words, form_description, form_perks, form_how_to_apply)))

            if request.files['company_logo']:
                # The form's validator saved the processed logo in g.company_logo.
                thumbnail = g.company_logo
                logofilename = uploaded_logos.save(thumbnail, name='%s.' % post.hashid)
                post.company_logo = logofilename
            else:
                if form.company_logo_remove.data:
                    post.company_logo = None

            db.session.commit()
            userkeys = session.get('userkeys', [])
            userkeys.append(post.edit_key)
            session['userkeys'] = userkeys
            session.permanent = True
            return redirect(url_for('jobdetail', hashid=post.hashid), code=303)
    elif request.method == 'POST':
        flash("Please correct the indicated errors", category='interactive')
    elif request.method == 'GET':
        # Populate form from model
        form.job_headline.data = post.headline
        form.job_type.data = post.type_id
        form.job_category.data = post.category_id
        form.job_location.data = post.location
        form.job_relocation_assist.data = post.relocation_assist
        form.job_description.data = post.description
        form.job_perks.data = True if post.perks else False
        form.job_perks_description.data = post.perks
        form.job_how_to_apply.data = post.how_to_apply
        form.company_name.data = post.company_name
        form.company_url.data = post.company_url
        form.poster_email.data = post.email

    return render_template('postjob.html', form=form, no_email=post.status > POSTSTATUS.DRAFT)