X-Git-Url: https://git.mdrn.pl/wolnelektury.git/blobdiff_plain/04474c1980a751d4b6ca205e47b82e6471028e7f..d5036b0a2531a84a0381053b1927aa1a23984ed0:/apps/catalogue/views.py

diff --git a/apps/catalogue/views.py b/apps/catalogue/views.py
index ade37e52a..acf2ea244 100644
--- a/apps/catalogue/views.py
+++ b/apps/catalogue/views.py
@@ -97,13 +97,17 @@ def book_list(request):
 
 
 def tagged_object_list(request, tags=''):
+    # Prevent DoS attacks on our database
+    if len(tags.split('/')) > 6:
+        raise Http404
+        
     try:
         tags = models.Tag.get_tag_list(tags)
     except models.Tag.DoesNotExist:
         raise Http404
     
     model = models.Book
-    shelf_is_set = any(tag.category == 'set' for tag in tags)
+    shelf_is_set = (len(tags) == 1 and tags[0].category == 'set')
     theme_is_set = any(tag.category == 'theme' for tag in tags)
     if theme_is_set:
         model = models.Fragment
@@ -132,6 +136,13 @@ def book_detail(request, slug):
         context_instance=RequestContext(request))
 
 
+def book_text(request, slug):
+    book = get_object_or_404(models.Book, slug=slug)
+    
+    return render_to_response('catalogue/book_text.html', locals(),
+        context_instance=RequestContext(request))
+
+
 def logout_then_redirect(request):
     auth.logout(request)
     return HttpResponseRedirect(request.GET.get('next', '/'))