diff options
| author | Matthias Andreas Benkard <code@mail.matthias.benkard.de> | 2012-02-27 00:23:24 +0100 |
|---|---|---|
| committer | Matthias Andreas Benkard <code@mail.matthias.benkard.de> | 2012-02-27 00:23:24 +0100 |
| commit | 4f0c9082222181ad5a8aacb199050f93f57d17cf (patch) | |
| tree | 3d3a2ae47ae9676cca853d543792c505213304b2 /src | |
| parent | 6bed4694e00bbfe3ff65dd00ccb45decf1321d57 (diff) | |
Sanitize and format descriptions prior to display.
Diffstat (limited to 'src')
| -rw-r--r-- | src/mulk/benki/book_marx.clj | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/src/mulk/benki/book_marx.clj b/src/mulk/benki/book_marx.clj index bf574d4..91dcc8f 100644 --- a/src/mulk/benki/book_marx.clj +++ b/src/mulk/benki/book_marx.clj @@ -4,6 +4,8 @@ [hiccup core page-helpers] [clojureql predicates] [clojure.core.match :only [match]] + [hiccup.core :only [escape-html]] + [ring.util.codec :only [url-encode]] noir.core [mulk.benki util db auth]) (:require [clojure.algo.monads :as m] @@ -11,7 +13,8 @@ [clojure.string :as string] [clojureql.core :as cq] [noir.request :as request] - [noir.session :as session]) + [noir.session :as session] + hiccup.core) (:import [org.jsoup.Jsoup])) (def bookmark_tags (cq/table :bookmark_tags)) @@ -34,10 +37,17 @@ (cq/where (=* :visibility "public"))))) + +(defn htmlize-description [text] + (let [input (escape-html text)] + (map (fn [x] [:p {} x]) (string/split text #"\n\s*?\n")))) + (defpage "/marx" {} (let [user (session/get :user) marks (-> bookmarks (cq/join users (=* :bookmarks.owner :users.id)) + (cq/project [:bookmarks.* :users.first_name]) + ;;(cq/rename {:users.id :uid}) (restrict-visibility (session/get :user)) (cq/sort [:date#desc]))] (with-dbt @@ -48,12 +58,12 @@ (for [mark @marks] [:li {:class "bookmark"} [:h2 {:class "bookmark-title"} - [:a {:href (:uri mark)} - (:title mark)]] + [:a {:href (escape-html (:uri mark))} + (escape-html (:title mark))]] [:p {:class "bookmark-date"} - (:date mark)] + (escape-html (:date mark))] [:p {:class "bookmark-description"} - (:description mark)]])]])))) + (htmlize-description (:description mark))]])]])))) (defmacro ignore-errors [& body] `(try (do ~@body) |