def _preview(request, context_processors, extra_context, form_class=ThreadedCommentForm): """ Returns a preview of the comment so that the user may decide if he or she wants to edit it before submitting it permanently. """ _adjust_max_comment_length(form_class) mydict = request.POST.copy() if "convert" in mydict: mydict['comment'] = mydict['comment'].replace('\n', '<br />') form = form_class(mydict or None) context = { 'next' : _get_next(request), 'form' : form, 'preview_comment' : mydict['comment'], } if "tribe" in mydict: context['tribe'] = Tribe.objects.get(slug=mydict['tribe']) if form.is_valid(): new_comment = form.save(commit=False) new_comment.comment = sanitize_html(new_comment.comment) context['comment'] = new_comment else: context['comment'] = None return render_to_response( 'threadedcomments/preview_comment.html', extra_context, context_instance = RequestContext(request, context, context_processors) )
def topic(request, id, edit=False, template_name="tribes/topic.html"): topic = get_object_or_404(Topic, id=id) if topic.tribe.deleted: raise Http404 are_member = has_member(topic.tribe, request.user) if topic.tribe.private and not are_member: access = do_403_if_not_superuser(request) if access: return access if request.method == "POST" and edit == True: if is_moderator(topic.tribe, request.user): text = request.POST["body"] text += ugettext("<small><i>Topic editet by %(user)s : %(date)s</i></small>") % {'user' : request.user, 'date' : datetime.now()} topic.body = sanitize_html(text) topic.editet = datetime.now() topic.save() elif request.user == topic.creator: created = topic.created now = datetime.now() time_since = now - created if time_since.seconds < 60*20: topic.body = sanitize_html(request.POST["body"]) topic.editet = datetime.now() topic.save() return HttpResponseRedirect(reverse('tribe_topic', args=[topic.id])) topic.views += 1 topic.save() return render_to_response(template_name, { 'topic': topic, 'edit': edit, 'tribe': topic.tribe, "are_member": are_member, "are_moderator" : is_moderator(topic.tribe, request.user), "move_form" : MoveTribeForm(), }, context_instance=RequestContext(request))
def topics(request, slug, form_class=TopicForm, template_name="tribes/topics.html"): tribe = get_object_or_404(Tribe, slug=slug) if tribe.deleted: raise Http404 are_member = has_member(tribe, request.user), are_moderator = is_moderator(tribe, request.user) if tribe.private and not are_member: access = do_403_if_not_superuser(request) if access: return access else: topics = tribe.topics.all() if request.method == "POST": if request.user.is_authenticated(): if are_member: topic_form = form_class(request.POST) if topic_form.is_valid(): topic = topic_form.save(commit=False) topic.tribe = tribe topic.creator = request.user topic.body = sanitize_html(topic.body) topic.save() request.user.message_set.create(message=ugettext("You have started the topic %s") % topic.title) if notification: notification.send(tribe.member_users.all(), "tribes_new_topic", {"topic": topic}) topic_form = form_class() # @@@ is this the right way to reset it? return HttpResponseRedirect(topic.get_absolute_url()) else: request.user.message_set.create(message=ugettext("You are not a member and so cannot start a new topic")) topic_form = form_class() else: return HttpResponseForbidden() else: topic_form = form_class() return render_to_response(template_name, { "topics": topics, "tribe": tribe, "topic_form": topic_form, "are_member": has_member(tribe, request.user), "are_moderator" : are_moderator, }, context_instance=RequestContext(request))
def save(self, force_insert=False, force_update=False): self.summary = sanitize_html(self.summary) self.content = sanitize_html(self.content) self.last_update = datetime.now() super(Article, self).save(force_insert, force_update)
def free_comment(request, content_type=None, object_id=None, edit_id=None, parent_id=None, add_messages=False, ajax=False, model=FreeThreadedComment, form_class=FreeThreadedCommentForm, context_processors=[], extra_context={}): """ Receives POST data and either creates a new ``ThreadedComment`` or ``FreeThreadedComment``, or edits an old one based upon the specified parameters. If there is a 'preview' key in the POST request, a preview will be forced and the comment will not be saved until a 'preview' key is no longer in the POST request. If it is an *AJAX* request (either XML or JSON), it will return a serialized version of the last created ``ThreadedComment`` and there will be no redirect. If invalid POST data is submitted, this will go to the comment preview page where the comment may be edited until it does not contain errors. """ if not edit_id and not (content_type and object_id): raise Http404 # Must specify either content_type and object_id or edit_id if "preview" in request.POST: items = ThreadedComment.objects.filter(content_type__id=content_type, object_id=object_id) if items: extra_context['tribe'] = items[0].content_object.tribe return _preview(request, context_processors, extra_context, form_class=form_class) if edit_id: instance = get_object_or_404(model, id=edit_id) else: instance = None _adjust_max_comment_length(form_class) form = form_class(request.POST, instance=instance) if form.is_valid(): new_comment = form.save(commit=False) if not edit_id: new_comment.ip_address = request.META.get('REMOTE_ADDR', None) new_comment.content_type = get_object_or_404(ContentType, id = int(content_type)) new_comment.object_id = int(object_id) if model == ThreadedComment: new_comment.user = request.user if parent_id: new_comment.parent = get_object_or_404(model, id = int(parent_id)) if "NOMARKUP" in request.POST: new_comment.comment = "<p> " + new_comment.comment.replace('\n', ' <br /> ') + " </p>" new_comment.comment = sanitize_html(new_comment.comment) new_comment.save() if model == ThreadedComment: if add_messages: request.user.message_set.create(message="Your message has been posted successfully.") else: request.session['successful_data'] = { 'name' : form.cleaned_data['name'], 'website' : form.cleaned_data['website'], 'email' : form.cleaned_data['email'], } if ajax == 'json': return JSONResponse([new_comment,]) elif ajax == 'xml': return XMLResponse([new_comment,]) else: return HttpResponseRedirect(_get_next(request)) elif ajax=="json": return JSONResponse({'errors' : form.errors}, is_iterable=False) elif ajax=="xml": template_str = """ <errorlist> {% for error,name in errors %} <field name="{{ name }}"> {% for suberror in error %}<error>{{ suberror }}</error>{% endfor %} </field> {% endfor %} </errorlist> """ response_str = Template(template_str).render(Context({'errors' : zip(form.errors.values(), form.errors.keys())})) return XMLResponse(response_str, is_iterable=False) else: return _preview(request, context_processors, extra_context, form_class=form_class)