Mercurial > public > sg101
comparison forums/views/main.py @ 963:4619290d171d
Whitelist hot-linked image sources.
| author | Brian Neal <bgneal@gmail.com> |
|---|---|
| date | Tue, 01 Sep 2015 20:33:40 -0500 |
| parents | 0ca691cccf8d |
| children | e1c03da72818 |
comparison
equal
deleted
inserted
replaced
| 962:10e7570a3aab | 963:4619290d171d |
|---|---|
| 357 'can_moderate': perms.can_moderate(form.topic.forum, request.user), | 357 'can_moderate': perms.can_moderate(form.topic.forum, request.user), |
| 358 'can_reply': True, | 358 'can_reply': True, |
| 359 }, | 359 }, |
| 360 context_instance=RequestContext(request)) | 360 context_instance=RequestContext(request)) |
| 361 | 361 |
| 362 return HttpResponseBadRequest("Oops, did you forget some text?"); | 362 # The client side javascript is pretty simplistic right now and we don't |
| 363 # want to change it yet. It is expecting a single error string. Just grab | |
| 364 # the first error message and use that. | |
| 365 errors = form.errors.as_data() | |
| 366 msg = errors.values()[0][0].message if errors else 'Unknown error' | |
| 367 return HttpResponseBadRequest(msg) | |
| 363 | 368 |
| 364 | 369 |
| 365 def _goto_post(post): | 370 def _goto_post(post): |
| 366 """ | 371 """ |
| 367 Calculate what page the given post is on in its parent topic, then | 372 Calculate what page the given post is on in its parent topic, then |
| 437 if form.is_valid(): | 442 if form.is_valid(): |
| 438 if antispam.utils.spam_check(request, form.cleaned_data['body']): | 443 if antispam.utils.spam_check(request, form.cleaned_data['body']): |
| 439 return HttpResponseRedirect(reverse('antispam-suspended')) | 444 return HttpResponseRedirect(reverse('antispam-suspended')) |
| 440 post = form.save(commit=False) | 445 post = form.save(commit=False) |
| 441 post.touch() | 446 post.touch() |
| 442 post.save() | 447 post.save(html=form.body_html) |
| 443 notify_updated_post(post) | 448 notify_updated_post(post) |
| 444 | 449 |
| 445 # if we are editing a first post, save the parent topic as well | 450 # if we are editing a first post, save the parent topic as well |
| 446 if topic_name: | 451 if topic_name: |
| 447 post.topic.save() | 452 post.topic.save() |
| 587 return HttpResponseRedirect(reverse('antispam-suspended')) | 592 return HttpResponseRedirect(reverse('antispam-suspended')) |
| 588 post = form.save(commit=False) | 593 post = form.save(commit=False) |
| 589 post.topic = topic | 594 post.topic = topic |
| 590 post.user = request.user | 595 post.user = request.user |
| 591 post.user_ip = request.META.get("REMOTE_ADDR", "") | 596 post.user_ip = request.META.get("REMOTE_ADDR", "") |
| 592 post.save() | 597 post.save(html=form.body_html) |
| 593 notify_new_post(post) | 598 notify_new_post(post) |
| 594 | 599 |
| 595 # Save any attachments | 600 # Save any attachments |
| 596 form.attach_proc.save_attachments(post) | 601 form.attach_proc.save_attachments(post) |
| 597 | 602 |