X-Git-Url: https://git.mdrn.pl/wolnelektury.git/blobdiff_plain/88eaa6c36bd8a5eb8fe1a1b3ad1f8aaddb258d5c..d3db8ba2750af385acc9f247da53ec3851637cba:/apps/catalogue/views.py?ds=inline diff --git a/apps/catalogue/views.py b/apps/catalogue/views.py index 56df88f99..f07f9abc4 100644 --- a/apps/catalogue/views.py +++ b/apps/catalogue/views.py @@ -97,16 +97,21 @@ def book_list(request): def tagged_object_list(request, tags=''): + # Prevent DoS attacks on our database + if len(tags.split('/')) > 6: + raise Http404 + try: tags = models.Tag.get_tag_list(tags) except models.Tag.DoesNotExist: raise Http404 model = models.Book + shelf_is_set = (len(tags) == 1 and tags[0].category == 'set') theme_is_set = any(tag.category == 'theme' for tag in tags) if theme_is_set: model = models.Fragment - + extra_where = 'NOT catalogue_tag.category = "set"' related_tags = models.Tag.objects.related_for_model(tags, model, counts=True, extra={'where': [extra_where]}) categories = split_tags(related_tags) @@ -117,7 +122,7 @@ def tagged_object_list(request, tags=''): queryset_or_model=model, tags=tags, template_name='catalogue/tagged_object_list.html', - extra_context = {'categories': categories }, + extra_context = {'categories': categories, 'shelf_is_set': shelf_is_set }, ) @@ -125,12 +130,20 @@ def book_detail(request, slug): book = get_object_or_404(models.Book, slug=slug) tags = list(book.tags.filter(~Q(category='set'))) categories = split_tags(tags) + book_children = book.children.all().order_by('parent_number') form = forms.SearchForm() return render_to_response('catalogue/book_detail.html', locals(), context_instance=RequestContext(request)) +def book_text(request, slug): + book = get_object_or_404(models.Book, slug=slug) + + return render_to_response('catalogue/book_text.html', locals(), + context_instance=RequestContext(request)) + + def logout_then_redirect(request): auth.logout(request) return HttpResponseRedirect(request.GET.get('next', '/'))