##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

failsafe the GET `page` argument
marcink -
r2845:6b176c67 beta
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -32,6 +32,7 b' from webhelpers.paginate import Page'
32 32 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator
33 33 from rhodecode.lib.base import BaseController, render
34 34 from rhodecode.model.db import UserLog
35 from rhodecode.lib.utils2 import safe_int
35 36
36 37 log = logging.getLogger(__name__)
37 38
@@ -50,7 +51,7 b' class AdminController(BaseController):'
50 51 .options(joinedload(UserLog.repository))\
51 52 .order_by(UserLog.action_date.desc())
52 53
53 p = int(request.params.get('page', 1))
54 p = safe_int(request.params.get('page', 1), 1)
54 55 c.users_log = Page(users_log, page=p, items_per_page=10)
55 56 c.log_data = render('admin/admin_log.html')
56 57
Show file before | Show file after | Hide comments
@@ -39,6 +39,7 b' from rhodecode.model.notification import'
39 39 from rhodecode.lib.auth import LoginRequired, NotAnonymous
40 40 from rhodecode.lib import helpers as h
41 41 from rhodecode.model.meta import Session
42 from rhodecode.lib.utils2 import safe_int
42 43
43 44
44 45 log = logging.getLogger(__name__)
@@ -62,7 +63,8 b' class NotificationsController(BaseContro'
62 63 c.user = self.rhodecode_user
63 64 notif = NotificationModel().get_for_user(self.rhodecode_user.user_id,
64 65 filter_=request.GET.getall('type'))
65 p = int(request.params.get('page', 1))
66
67 p = safe_int(request.params.get('page', 1), 1)
66 68 c.notifications = Page(notif, page=p, items_per_page=10)
67 69 c.pull_request_type = Notification.TYPE_PULL_REQUEST
68 70 c.comment_type = [Notification.TYPE_CHANGESET_COMMENT,
Show file before | Show file after | Hide comments
@@ -37,6 +37,7 b' from rhodecode.lib.helpers import RepoPa'
37 37 from rhodecode.lib.compat import json
38 38 from rhodecode.lib.graphmod import _colored, _dagwalker
39 39 from rhodecode.lib.vcs.exceptions import RepositoryError, ChangesetDoesNotExistError
40 from rhodecode.lib.utils2 import safe_int
40 41
41 42 log = logging.getLogger(__name__)
42 43
@@ -65,7 +66,7 b' class ChangelogController(BaseRepoContro'
65 66 c.size = int(session.get('changelog_size', default))
66 67 # min size must be 1
67 68 c.size = max(c.size, 1)
68 p = int(request.params.get('page', 1))
69 p = safe_int(request.params.get('page', 1), 1)
69 70 branch_name = request.params.get('branch', None)
70 71 try:
71 72 if branch_name:
Show file before | Show file after | Hide comments
@@ -30,6 +30,7 b' from rhodecode.lib.helpers import Page'
30 30 from rhodecode.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
31 31 from rhodecode.lib.base import BaseRepoController, render
32 32 from rhodecode.model.db import Repository, User, UserFollowing
33 from rhodecode.lib.utils2 import safe_int
33 34
34 35 log = logging.getLogger(__name__)
35 36
@@ -43,7 +44,7 b' class FollowersController(BaseRepoContro'
43 44 super(FollowersController, self).__before__()
44 45
45 46 def followers(self, repo_name):
46 p = int(request.params.get('page', 1))
47 p = safe_int(request.params.get('page', 1), 1)
47 48 repo_id = c.rhodecode_db_repo.repo_id
48 49 d = UserFollowing.get_repo_followers(repo_id)\
49 50 .order_by(UserFollowing.follows_from)
Show file before | Show file after | Hide comments
@@ -42,6 +42,7 b' from rhodecode.model.db import Repositor'
42 42 from rhodecode.model.repo import RepoModel
43 43 from rhodecode.model.forms import RepoForkForm
44 44 from rhodecode.model.scm import ScmModel
45 from rhodecode.lib.utils2 import safe_int
45 46
46 47 log = logging.getLogger(__name__)
47 48
@@ -105,7 +106,7 b' class ForksController(BaseRepoController'
105 106 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
106 107 'repository.admin')
107 108 def forks(self, repo_name):
108 p = int(request.params.get('page', 1))
109 p = safe_int(request.params.get('page', 1), 1)
109 110 repo_id = c.rhodecode_db_repo.repo_id
110 111 d = []
111 112 for r in Repository.get_repo_forks(repo_id):
Show file before | Show file after | Hide comments
@@ -41,6 +41,7 b' from rhodecode.model.db import UserLog, '
41 41 from rhodecode.model.meta import Session
42 42 from sqlalchemy.sql.expression import func
43 43 from rhodecode.model.scm import ScmModel
44 from rhodecode.lib.utils2 import safe_int
44 45
45 46 log = logging.getLogger(__name__)
46 47
@@ -57,7 +58,7 b' class JournalController(BaseController):'
57 58 @NotAnonymous()
58 59 def index(self):
59 60 # Return a rendered template
60 p = int(request.params.get('page', 1))
61 p = safe_int(request.params.get('page', 1), 1)
61 62
62 63 c.user = User.get(self.rhodecode_user.user_id)
63 64 all_repos = self.sa.query(Repository)\
@@ -177,7 +178,7 b' class JournalController(BaseController):'
177 178 @LoginRequired()
178 179 def public_journal(self):
179 180 # Return a rendered template
180 p = int(request.params.get('page', 1))
181 p = safe_int(request.params.get('page', 1), 1)
181 182
182 183 c.following = self.sa.query(UserFollowing)\
183 184 .filter(UserFollowing.user_id == self.rhodecode_user.user_id)\
Show file before | Show file after | Hide comments
@@ -40,7 +40,7 b' from whoosh.index import open_dir, Empty'
40 40 from whoosh.qparser import QueryParser, QueryParserError
41 41 from whoosh.query import Phrase, Wildcard, Term, Prefix
42 42 from rhodecode.model.repo import RepoModel
43 from rhodecode.lib.utils2 import safe_str
43 from rhodecode.lib.utils2 import safe_str, safe_int
44 44
45 45 log = logging.getLogger(__name__)
46 46
@@ -83,7 +83,7 b' class SearchController(BaseController):'
83 83 log.debug(cur_query)
84 84
85 85 if c.cur_query:
86 p = int(request.params.get('page', 1))
86 p = safe_int(request.params.get('page', 1), 1)
87 87 highlight_items = set()
88 88 try:
89 89 idx = open_dir(config['app_conf']['index_dir'],
Show file before | Show file after | Hide comments
@@ -31,6 +31,7 b' from rhodecode.lib.auth import LoginRequ'
31 31 from rhodecode.lib.base import BaseRepoController, render
32 32 from rhodecode.lib.helpers import RepoPage
33 33 from pylons.controllers.util import redirect
34 from rhodecode.lib.utils2 import safe_int
34 35
35 36 log = logging.getLogger(__name__)
36 37
@@ -44,8 +45,8 b' class ShortlogController(BaseRepoControl'
44 45 super(ShortlogController, self).__before__()
45 46
46 47 def index(self, repo_name):
47 p = int(request.params.get('page', 1))
48 size = int(request.params.get('size', 20))
48 p = safe_int(request.params.get('page', 1), 1)
49 size = safe_int(request.params.get('size', 20), 20)
49 50
50 51 def url_generator(**kw):
51 52 return url('shortlog_home', repo_name=repo_name, size=size, **kw)
Show file before | Show file after | Hide comments
@@ -147,6 +147,23 b' def generate_api_key(username, salt=None'
147 147 return hashlib.sha1(username + salt).hexdigest()
148 148
149 149
150 def safe_int(val, default=None):
151 """
152 Returns int() of val if val is not convertable to int use default
153 instead
154
155 :param val:
156 :param default:
157 """
158
159 try:
160 val = int(val)
161 except ValueError:
162 val = default
163
164 return val
165
166
150 167 def safe_unicode(str_, from_encoding=None):
151 168 """
152 169 safe unicode function. Does few trick to turn str_ into unicode
General Comments 0
You need to be logged in to leave comments. Login now