if not post_type in ['question', 'link', 'discussion']: # fixme: make dynamic
return werkzeug.utils.redirect('/forum/%s' % slug(forum))
if not user.email or not tools.single_email_re.match(user.email):
- return werkzeug.utils.redirect("/forum/%s/user/%s/edit?email_required=1" % (slug(forum), self._uid))
+ return werkzeug.utils.redirect("/forum/%s/user/%s/edit?email_required=1" % (slug(forum), request.session.uid))
values = self._prepare_forum_values(forum=forum, searches={}, header={'ask_hide': True})
return request.website.render("website_forum.new_%s" % post_type, values)
set_tags(tags);
};
+ function htmlEntities(str) {
+ return String(str).replace(/&/g, '&').replace(/</g, '<').replace(/>/g, '>').replace(/"/g, '"');
+ }
+
function set_tags(tags) {
$("input.load_tags").textext({
plugins: 'tags focus autocomplete ajax',
val = self.val();
self.clearItems();
$.each(suggestions || [], function(index, item) {
- self.addSuggestion(item);
+ self.addSuggestion(htmlEntities(item));
});
var lowerCasesuggestions = $.map(suggestions, function(n,i){return n.toLowerCase();});
if(jQuery.inArray(val.toLowerCase(), lowerCasesuggestions) ==-1) {
- self.addSuggestion("Create '" + val + "'");
+ self.addSuggestion("Create '" + htmlEntities(val) + "'");
}
},
},
<t t-call="website_forum.header">
<t t-set="head">
<script type="text/javascript">
- $(function () {
+ window.onload = function() {
$("[data-toggle='popover']").popover();
- });
+ };
</script>
</t>
<h1 class="mt0">Ask Your Question</h1>