← Back to branch summary

~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to www/dispatch/html.py

  • Committer: drtomc
  • Date: 2008-02-03 22:43:33 UTC
  • Revision ID: svn-v3-trunk0:2b9c9e99-6f39-0410-b283-7f802c844ae2:trunk:392
Fix another glitch.

Show diffs side-by-side

added added

removed removed

Lines of Context:
www/dispatch/html.py
23
23
# content (the common parts of the HTML pages shared across the entire site).
24
24
# Does not include the login page. See login.py.
25
25
 
 
26
import cgi
26
27
import os.path
27
28
 
28
29
import conf
48
49
<head>
49
50
  <title>%sIVLE</title>
50
51
  <meta http-equiv="Content-Type" content="%s; charset=utf-8" />
51
 
""" % (titlepart, req.content_type))
 
52
""" % (cgi.escape(titlepart), cgi.escape(req.content_type)))
52
53
    # Write inline JavaScript which gives the client code access to certain
53
54
    # server-side variables.
54
55
    if req.username:
63
64
    iconurl = get_icon_url(req.app)
64
65
    if iconurl:
65
66
        req.write("""  <link rel="shortcut icon" href="%s" />
66
 
""" % iconurl)
 
67
""" % cgi.escape(iconurl))
67
68
    req.write("""  <link rel="stylesheet" type="text/css" href="%s" />
68
 
""" % util.make_path('media/common/ivle.css'))
 
69
""" % cgi.escape(util.make_path('media/common/ivle.css')))
69
70
 
70
71
    # Write any app-specific style and script links
71
72
    for style in req.styles:
72
73
        req.write('  <link rel="stylesheet" type="text/css" href="%s" />\n'
73
 
            % util.make_path(style))
 
74
            % cgi.escape(util.make_path(style)))
74
75
    for script in req.scripts:
75
76
        req.write('  <script type="text/javascript" src="%s" />\n'
76
 
            % util.make_path(script))
 
77
            % cgi.escape(util.make_path(script)))
77
78
 
78
79
    req.write("</head>\n\n")
79
80
 
80
81
    # Open the body element and write a bunch of stuff there (the header)
81
82
    req.write("""<body>
82
 
<div id="ivleheader">
 
83
<div id="ivleheader"></div>
 
84
<div id="ivleheader_text">
83
85
  <h1>IVLE</h1>
84
86
  <h2>Informatics Virtual Learning Environment</h2>
85
87
""")
86
88
 
87
89
    if req.username:
88
 
        req.write('  <p class="userhello">Welcome, <span '
89
 
            'class="username">%s</span> |\n'
 
90
        # Get the user's nickname from the request session
 
91
        nickname = req.get_session()['nick']
 
92
        req.write('  <p class="userhello">%s (<span '
 
93
            'class="username">%s</span>) |\n'
90
94
            '    <a href="%s">Help</a> |\n'
91
95
            '    <a href="%s">Logout</a>\n'
92
96
            '  </p>\n' %
93
 
            (req.username, get_help_url(req), util.make_path('logout')))
 
97
            (cgi.escape(nickname), cgi.escape(req.username),
 
98
             cgi.escape(get_help_url(req)),
 
99
             cgi.escape(util.make_path('logout'))))
94
100
    else:
95
101
        req.write('  <p class="userhello">Not logged in.</p>')
96
102
 
100
106
        req.write("  <p><small>Warning: debuginfo is enabled. Remove this "
101
107
            "app from conf.apps.app_url when placed into production."
102
108
            "</small></p>\n")
 
109
    # ivleheader_tabs is a separate div, so it can be positioned absolutely
 
110
    req.write('</div>\n<div id="ivleheader_tabs">\n')
103
111
 
104
112
    if req.username:
105
113
        # Only print app tabs if logged in
155
163
            li_attr = ''
156
164
        file.write('    <li%s>' % li_attr)
157
165
        if app.icon:
158
 
            file.write('<img src="%s" alt="" /> ' % get_icon_url(urlname))
 
166
            file.write('<img src="%s" alt="" /> '
 
167
                % cgi.escape(get_icon_url(urlname)))
159
168
        file.write('<a href="%s">%s</a></li>\n'
160
 
            % (util.make_path(urlname), app.name))
 
169
            % (cgi.escape(util.make_path(urlname)), cgi.escape(app.name)))
161
170
 
162
171
    file.write('  </ul>\n')