Mercurial > public > sg101

comparison gpp/shoutbox/models.py @ 162:6a5bdcf93ad3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix #48; shoutbox was no longer escaping user input on display.
author Brian Neal <bgneal@gmail.com>
date Tue, 22 Dec 2009 03:55:37 +0000
parents e1d1a70d312d
children
comparison
equal deleted inserted replaced
161:445e1466a98d 162:6a5bdcf93ad3
3 """ 3 """
4 import datetime 4 import datetime
5 5
6 from django.db import models 6 from django.db import models
7 from django.contrib.auth.models import User 7 from django.contrib.auth.models import User
8 from django.utils.html import urlize 8 from django.utils.html import escape, urlize
9 9
10 from smiley import smilify_html 10 from smiley import smilify_html
11 11
12 12
13 class Shout(models.Model): 13 class Shout(models.Model):
29 return ('shoutbox-view', [str(self.id)]) 29 return ('shoutbox-view', [str(self.id)])
30 30
31 def save(self, *args, **kwargs): 31 def save(self, *args, **kwargs):
32 if not self.id: 32 if not self.id:
33 self.shout_date = datetime.datetime.now() 33 self.shout_date = datetime.datetime.now()
34 self.html = urlize(smilify_html(self.shout), trim_url_limit=15, 34 self.html = urlize(smilify_html(escape(self.shout)), trim_url_limit=15,
35 nofollow=True) 35 nofollow=True)
36 super(Shout, self).save(*args, **kwargs) 36 super(Shout, self).save(*args, **kwargs)
37 37
38 38
39 class ShoutFlag(models.Model): 39 class ShoutFlag(models.Model):