mtrx/crablog
1
0
Fork 0
Code Issues 12 Pull requests 1 Projects 1 Releases Packages Wiki Activity Actions

fixed html escaping and fixed env variable names

Browse source
This commit is contained in:
Leonard Lorenz 2020-11-21 21:17:33 +01:00
parent 7becde6dc7
commit 7f4637e13f
4 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
content/templates/blog-by-id.html
View file

@ -4,7 +4,7 @@
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta property="og:title" content=" {{ post.title }} | {{ username }}' blog" />
<meta property="og:description" content="{{ post.body }}" />
<meta property="og:description" content="{{ post.body | safe | striptags }}" />
<meta property="og:image" content="/static/site-image.png" />
<title> {{ post.title }} | {{ username }}' blog </title>

2
site/Cargo.lock generated
View file

@ -561,7 +561,7 @@ checksum = "8aebca1129a03dc6dc2b127edd729435bbc4a37e1d5f4d7513165089ceb02634"
[[package]]
name = "crablog"
version = "0.1.0"
version = "0.2.0"
dependencies = [
"actix-files",
"actix-web",

6
site/src/api.rs
View file

@ -36,7 +36,7 @@ async fn blog_edit_post(
form: Form<NewPostForm>,
) -> impl Responder {
let (valid, id) = id_valid(post_id);
if valid && *CONFIG_MAP.read().unwrap().get("AUTH_TOKEN").unwrap() == form.token {
if valid && *CONFIG_MAP.read().unwrap().get("SUBMIT_TOKEN").unwrap() == form.token {
edit_post_by_id(
id as i32,
&form.title.as_str(),
@ -59,7 +59,7 @@ async fn blog_delete_post(
form: Form<BlogActionForm>,
) -> impl Responder {
let (valid, id) = id_valid(post_id);
if valid && *CONFIG_MAP.read().unwrap().get("AUTH_TOKEN").unwrap() == form.token {
if valid && *CONFIG_MAP.read().unwrap().get("SUBMIT_TOKEN").unwrap() == form.token {
println!("Deleted post: {}", id);
delete_post_by_id(id as i32);
} else {
@ -78,7 +78,7 @@ async fn blog_hide_post(
form: Form<BlogActionForm>,
) -> impl Responder {
let (valid, id) = id_valid(post_id);
if valid && *CONFIG_MAP.read().unwrap().get("AUTH_TOKEN").unwrap() == form.token {
if valid && *CONFIG_MAP.read().unwrap().get("SUBMIT_TOKEN").unwrap() == form.token {
println!("Hid post: {}", id);
hide_post_by_id(id as i32);
} else {

4
site/src/main.rs
View file

@ -29,8 +29,8 @@ async fn main() -> std::io::Result<()> {
HttpServer::new(|| {
let tera =
Tera::new(format!("{}{}", CONFIG_MAP.read().unwrap().get("ROOT_PATH").unwrap(), "/templates/*").as_str()).unwrap();
let mut tera = Tera::new(format!("{}{}", CONFIG_MAP.read().unwrap().get("ROOT_PATH").unwrap(), "/templates/*").as_str()).unwrap();
tera.autoescape_on(vec![".sql"]);
App::new()
.data(tera)