mirror of
https://github.com/pgadmin-org/pgadmin4.git
synced 2025-02-25 18:55:31 -06:00
[Python 3 compatibility] Introduced a separate HTML safe string function
in 'utils' module, earlier the function -'escape(...)' was converting the strings to bytes, and that's reason, it was not working on Python 3.
This commit is contained in:
Ashesh Vashi
@@ -9,7 +9,6 @@
|
|||||||
|
|
||||||
"""Implements Backup Utility"""
|
"""Implements Backup Utility"""
|
||||||
|
|
||||||
import cgi
|
|
||||||
import json
|
import json
|
||||||
import os
|
import os
|
||||||
|
|
||||||
@@ -22,7 +21,7 @@ from config import PG_DEFAULT_DRIVER
|
|||||||
from pgadmin.misc.bgprocess.processes import BatchProcess, IProcessDesc
|
from pgadmin.misc.bgprocess.processes import BatchProcess, IProcessDesc
|
||||||
from pgadmin.model import Server
|
from pgadmin.model import Server
|
||||||
from pgadmin.utils.ajax import make_json_response, bad_request
|
from pgadmin.utils.ajax import make_json_response, bad_request
|
||||||
from pgadmin.utils import PgAdminModule, get_storage_directory
|
from pgadmin.utils import PgAdminModule, get_storage_directory, html
|
||||||
|
|
||||||
|
|
||||||
# set template path for sql scripts
|
# set template path for sql scripts
|
||||||
@@ -124,36 +123,36 @@ class BackupMessage(IProcessDesc):
|
|||||||
res = '<div class="h5">'
|
res = '<div class="h5">'
|
||||||
|
|
||||||
if self.backup_type == BACKUP.OBJECT:
|
if self.backup_type == BACKUP.OBJECT:
|
||||||
res += cgi.escape(
|
res += html.safe_str(
|
||||||
_(
|
_(
|
||||||
"Backing up an object on the server - '{0}' on database '{1}'"
|
"Backing up an object on the server - '{0}' on database '{1}'"
|
||||||
).format(
|
).format(
|
||||||
"{0} ({1}:{2})".format(s.name, s.host, s.port),
|
"{0} ({1}:{2})".format(s.name, s.host, s.port),
|
||||||
self.database
|
self.database
|
||||||
)
|
)
|
||||||
).encode('ascii', 'xmlcharrefreplace')
|
)
|
||||||
if self.backup_type == BACKUP.GLOBALS:
|
if self.backup_type == BACKUP.GLOBALS:
|
||||||
res += cgi.escape(
|
res += html.safe_str(
|
||||||
_("Backing up the globals for the server - '{0}'").format(
|
_("Backing up the globals for the server - '{0}'").format(
|
||||||
"{0} ({1}:{2})".format(s.name, s.host, s.port)
|
"{0} ({1}:{2})".format(s.name, s.host, s.port)
|
||||||
)
|
)
|
||||||
).encode('ascii', 'xmlcharrefreplace')
|
)
|
||||||
elif self.backup_type == BACKUP.SERVER:
|
elif self.backup_type == BACKUP.SERVER:
|
||||||
res += cgi.escape(
|
res += html.safe_str(
|
||||||
_("Backing up the server - '{0}'").format(
|
_("Backing up the server - '{0}'").format(
|
||||||
"{0} ({1}:{2})".format(s.name, s.host, s.port)
|
"{0} ({1}:{2})".format(s.name, s.host, s.port)
|
||||||
)
|
)
|
||||||
).encode('ascii', 'xmlcharrefreplace')
|
)
|
||||||
else:
|
else:
|
||||||
# It should never reach here.
|
# It should never reach here.
|
||||||
res += "Backup"
|
res += "Backup"
|
||||||
|
|
||||||
res += '</div><div class="h5">'
|
res += '</div><div class="h5">'
|
||||||
res += cgi.escape(
|
res += html.safe_str(
|
||||||
_("Running command:")
|
_("Running command:")
|
||||||
).encode('ascii', 'xmlcharrefreplace')
|
)
|
||||||
res += '</b><br><i>'
|
res += '</b><br><i>'
|
||||||
res += cgi.escape(cmd).encode('ascii', 'xmlcharrefreplace')
|
res += html.safe_str(cmd)
|
||||||
|
|
||||||
replace_next = False
|
replace_next = False
|
||||||
|
|
||||||
@@ -163,9 +162,7 @@ class BackupMessage(IProcessDesc):
|
|||||||
x = x.replace('"', '\\"')
|
x = x.replace('"', '\\"')
|
||||||
x = x.replace('""', '\\"')
|
x = x.replace('""', '\\"')
|
||||||
|
|
||||||
return ' "' + cgi.escape(x).encode(
|
return ' "' + html.safe_str(x) + '"'
|
||||||
'ascii', 'xmlcharrefreplace'
|
|
||||||
) + '"'
|
|
||||||
|
|
||||||
return ''
|
return ''
|
||||||
|
|
||||||
@@ -173,9 +170,9 @@ class BackupMessage(IProcessDesc):
|
|||||||
if arg and len(arg) >= 2 and arg[:2] == '--':
|
if arg and len(arg) >= 2 and arg[:2] == '--':
|
||||||
res += ' ' + arg
|
res += ' ' + arg
|
||||||
elif replace_next:
|
elif replace_next:
|
||||||
res += ' "' + cgi.escape(
|
res += ' "' + html.safe_str(
|
||||||
self.bfile
|
self.bfile
|
||||||
).encode('ascii', 'xmlcharrefreplace') + '"'
|
) + '"'
|
||||||
else:
|
else:
|
||||||
if arg == '--file':
|
if arg == '--file':
|
||||||
replace_next = True
|
replace_next = True
|
||||||
|
|||||||
@@ -9,7 +9,6 @@
|
|||||||
|
|
||||||
"""A blueprint module implementing the maintenance tool for vacuum"""
|
"""A blueprint module implementing the maintenance tool for vacuum"""
|
||||||
|
|
||||||
import cgi
|
|
||||||
import json
|
import json
|
||||||
|
|
||||||
from flask import url_for, Response, render_template, request, current_app
|
from flask import url_for, Response, render_template, request, current_app
|
||||||
@@ -19,7 +18,7 @@ from flask.ext.security import login_required
|
|||||||
from config import PG_DEFAULT_DRIVER
|
from config import PG_DEFAULT_DRIVER
|
||||||
from pgadmin.misc.bgprocess.processes import BatchProcess, IProcessDesc
|
from pgadmin.misc.bgprocess.processes import BatchProcess, IProcessDesc
|
||||||
from pgadmin.model import Server
|
from pgadmin.model import Server
|
||||||
from pgadmin.utils import PgAdminModule
|
from pgadmin.utils import PgAdminModule, html
|
||||||
from pgadmin.utils.ajax import bad_request, make_json_response
|
from pgadmin.utils.ajax import bad_request, make_json_response
|
||||||
from pgadmin.utils.driver import get_driver
|
from pgadmin.utils.driver import get_driver
|
||||||
|
|
||||||
@@ -119,16 +118,14 @@ class Message(IProcessDesc):
|
|||||||
if self.data['op'] == "CLUSTER":
|
if self.data['op'] == "CLUSTER":
|
||||||
res = _('CLUSTER')
|
res = _('CLUSTER')
|
||||||
|
|
||||||
res = '<div class="h5">' + cgi.escape(res).encode(
|
res = '<div class="h5">' + html.safe_str(res)
|
||||||
'ascii', 'xmlcharrefreplace'
|
|
||||||
)
|
|
||||||
|
|
||||||
res += '</div><div class="h5">'
|
res += '</div><div class="h5">'
|
||||||
res += cgi.escape(
|
res += html.safe_str(
|
||||||
_("Running Query:")
|
_("Running Query:")
|
||||||
).encode('ascii', 'xmlcharrefreplace')
|
)
|
||||||
res += '</b><br><i>'
|
res += '</b><br><i>'
|
||||||
res += cgi.escape(self.query).encode('ascii', 'xmlcharrefreplace')
|
res += html.safe_str(self.query)
|
||||||
res += '</i></div>'
|
res += '</i></div>'
|
||||||
|
|
||||||
return res
|
return res
|
||||||
|
|||||||
@@ -9,7 +9,6 @@
|
|||||||
|
|
||||||
"""Implements Restore Utility"""
|
"""Implements Restore Utility"""
|
||||||
|
|
||||||
import cgi
|
|
||||||
import json
|
import json
|
||||||
import os
|
import os
|
||||||
|
|
||||||
@@ -22,7 +21,7 @@ from config import PG_DEFAULT_DRIVER
|
|||||||
from pgadmin.model import Server
|
from pgadmin.model import Server
|
||||||
from pgadmin.misc.bgprocess.processes import BatchProcess, IProcessDesc
|
from pgadmin.misc.bgprocess.processes import BatchProcess, IProcessDesc
|
||||||
from pgadmin.utils.ajax import make_json_response, bad_request
|
from pgadmin.utils.ajax import make_json_response, bad_request
|
||||||
from pgadmin.utils import PgAdminModule, get_storage_directory
|
from pgadmin.utils import PgAdminModule, get_storage_directory, html
|
||||||
|
|
||||||
# set template path for sql scripts
|
# set template path for sql scripts
|
||||||
MODULE_NAME = 'restore'
|
MODULE_NAME = 'restore'
|
||||||
@@ -82,20 +81,20 @@ class RestoreMessage(IProcessDesc):
|
|||||||
|
|
||||||
res = '<div class="h5">'
|
res = '<div class="h5">'
|
||||||
|
|
||||||
res += cgi.escape(
|
res += html.safe_str(
|
||||||
_(
|
_(
|
||||||
"Restoring the backup on the server - '{0}'"
|
"Restoring the backup on the server - '{0}'"
|
||||||
).format(
|
).format(
|
||||||
"{0} ({1}:{2})".format(s.name, s.host, s.port)
|
"{0} ({1}:{2})".format(s.name, s.host, s.port)
|
||||||
)
|
)
|
||||||
).encode('ascii', 'xmlcharrefreplace')
|
)
|
||||||
|
|
||||||
res += '</div><div class="h5"><b>'
|
res += '</div><div class="h5"><b>'
|
||||||
res += cgi.escape(
|
res += html.safe_str(
|
||||||
_("Running command:")
|
_("Running command:")
|
||||||
).encode('ascii', 'xmlcharrefreplace')
|
)
|
||||||
res += '</b><br><i>'
|
res += '</b><br><i>'
|
||||||
res += cgi.escape(cmd).encode('ascii', 'xmlcharrefreplace')
|
res += html.safe_str(cmd)
|
||||||
|
|
||||||
def cmdArg(x):
|
def cmdArg(x):
|
||||||
if x:
|
if x:
|
||||||
@@ -103,9 +102,7 @@ class RestoreMessage(IProcessDesc):
|
|||||||
x = x.replace('"', '\\"')
|
x = x.replace('"', '\\"')
|
||||||
x = x.replace('""', '\\"')
|
x = x.replace('""', '\\"')
|
||||||
|
|
||||||
return ' "' + cgi.escape(x).encode(
|
return ' "' + html.safe_str(x) + '"'
|
||||||
'ascii', 'xmlcharrefreplace'
|
|
||||||
) + '"'
|
|
||||||
|
|
||||||
return ''
|
return ''
|
||||||
|
|
||||||
@@ -120,9 +117,7 @@ class RestoreMessage(IProcessDesc):
|
|||||||
idx += 1
|
idx += 1
|
||||||
|
|
||||||
if no_args > 1:
|
if no_args > 1:
|
||||||
res += ' "' + cgi.escape(self.bfile).encode(
|
res += ' "' + html.safe_str(self.bfile) + '"'
|
||||||
'ascii', 'xmlcharrefreplace'
|
|
||||||
) + '"'
|
|
||||||
|
|
||||||
res += '</i></div>'
|
res += '</i></div>'
|
||||||
|
|
||||||
|
|||||||
18
web/pgadmin/utils/html.py
Normal file
18
web/pgadmin/utils/html.py
Normal file
@@ -0,0 +1,18 @@
|
|||||||
|
##########################################################################
|
||||||
|
#
|
||||||
|
# pgAdmin 4 - PostgreSQL Tools
|
||||||
|
#
|
||||||
|
# Copyright (C) 2013 - 2016, The pgAdmin Development Team
|
||||||
|
# This software is released under the PostgreSQL Licence
|
||||||
|
#
|
||||||
|
#########################################################################
|
||||||
|
|
||||||
|
"""Utilities for HTML"""
|
||||||
|
|
||||||
|
import cgi
|
||||||
|
|
||||||
|
|
||||||
|
def safe_str(x):
|
||||||
|
return cgi.escape(x).encode(
|
||||||
|
'ascii', 'xmlcharrefreplace'
|
||||||
|
).decode()
|
||||||
Reference in New Issue
Block a user