anonfunc/JellyPy
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Better sanitization on templates and datatables output.

Browse Source
This commit is contained in:
Tim
2015-12-06 14:09:38 +02:00
parent 1157fda96c
commit b0fa0d534e
7 changed files with 206 additions and 196 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
plexpy/datatables.py
View File

@@ -178,12 +178,18 @@ class DataTables(object):
filtered = self.ssp_db.select(query, args=args)
# Build grand totals
totalcount = self.ssp_db.select('SELECT COUNT(id) from %s' % table_name)[0][0]
totalcount = self.ssp_db.select('SELECT COUNT(id) as total_count from %s' % table_name)[0]['total_count']
# Get draw counter
draw_counter = int(parameters['draw'])
# Paginate results
result = filtered[parameters['start']:(parameters['start'] + parameters['length'])]
# Sanitize on the way out
result = [{k: helpers.sanitize(v) if isinstance(v, basestring) else v for k, v in row.iteritems()}
for row in result]
output = {'result': result,
'draw': draw_counter,
'filteredCount': len(filtered),