mirror of
https://github.com/scinote-eln/scinote-web.git
synced 2024-12-27 02:04:33 +08:00
Escape special chars for FE and BE
This commit is contained in:
parent
9b0f215187
commit
9d96baf008
7 changed files with 37 additions and 29 deletions
|
@ -4,19 +4,21 @@
|
|||
var ChecklistColumnHelper = (function() {
|
||||
function checklistSelect(select, url, values) {
|
||||
var selectedOptions = '';
|
||||
var selectObject = $(`<select id="${select}"
|
||||
data-placeholder = "${I18n.t('repositories.table.checklist.set_checklist')}"
|
||||
data-ajax-url = "${url}"
|
||||
data-combine-tags="true"
|
||||
data-select-multiple-all-selected="${I18n.t('libraries.manange_modal_column.checklist_type.all_options')}"
|
||||
data-select-multiple-name="${I18n.t('libraries.manange_modal_column.checklist_type.multiple_options')}">${selectedOptions}</select>`);
|
||||
if (values) {
|
||||
$.each(values, function(i, option) {
|
||||
selectedOptions += `<option value="${option.value}">${option.label}</option>`;
|
||||
var item = $(`<option value="${option.value}"></option>`);
|
||||
item.text(option.label);
|
||||
item.appendTo(selectObject);
|
||||
});
|
||||
}
|
||||
return $(`<select
|
||||
id="${select}"
|
||||
data-placeholder = "${I18n.t('repositories.table.checklist.set_checklist')}"
|
||||
data-ajax-url = "${url}"
|
||||
data-combine-tags="true"
|
||||
data-select-multiple-all-selected="${I18n.t('libraries.manange_modal_column.checklist_type.all_options')}"
|
||||
data-select-multiple-name="${I18n.t('libraries.manange_modal_column.checklist_type.multiple_options')}"
|
||||
>${selectedOptions}</select>`);
|
||||
|
||||
return selectObject;
|
||||
}
|
||||
|
||||
function checklistHiddenField(formId, columnId, values) {
|
||||
|
|
|
@ -4,14 +4,16 @@
|
|||
var ListColumnHelper = (function() {
|
||||
function listSelect(select, url, value) {
|
||||
var selectedOption = '';
|
||||
var selectObject = $(`<select id="${select}"
|
||||
data-placeholder = "${I18n.t('repositories.table.list.select_item')}"
|
||||
data-ajax-url = "${url}" >${selectedOption}</select>`);
|
||||
|
||||
if (value && value.value) {
|
||||
selectedOption = `<option value="${value.value}">${value.label}</option>`;
|
||||
selectedOption = $(`<option value="${value.value}"></option>`);
|
||||
selectedOption.text(value.label);
|
||||
selectedOption.appendTo(selectObject);
|
||||
}
|
||||
return $(`<select
|
||||
id="${select}"
|
||||
data-placeholder = "${I18n.t('repositories.table.list.select_item')}"
|
||||
data-ajax-url = "${url}"
|
||||
>${selectedOption}</select>`);
|
||||
return selectObject;
|
||||
}
|
||||
|
||||
function listHiddenField(formId, columnId, value) {
|
||||
|
|
|
@ -4,15 +4,16 @@
|
|||
var StatusColumnHelper = (function() {
|
||||
function statusSelect(select, url, value) {
|
||||
var selectedOption = '';
|
||||
if (value && value.value) {
|
||||
selectedOption = `<option value="${value.value}">${value.label}</option>`;
|
||||
}
|
||||
var selectObject = $(`<select id="${select}"
|
||||
data-placeholder = "${I18n.t('repositories.table.status.set_status')}"
|
||||
data-ajax-url = "${url}" ></select>`);
|
||||
|
||||
return $(`<select
|
||||
id="${select}"
|
||||
data-placeholder = "${I18n.t('repositories.table.status.set_status')}"
|
||||
data-ajax-url = "${url}"
|
||||
>${selectedOption}</select>`);
|
||||
if (value && value.value) {
|
||||
selectedOption = $(`<option value="${value.value}"></option>`);
|
||||
selectedOption.text(value.label);
|
||||
selectedOption.appendTo(selectObject);
|
||||
}
|
||||
return selectObject;
|
||||
}
|
||||
|
||||
function statusHiddenField(formId, columnId, value) {
|
||||
|
@ -46,7 +47,9 @@ var StatusColumnHelper = (function() {
|
|||
},
|
||||
tagClass: 'emoji-status',
|
||||
tagLabel: (data) => {
|
||||
return twemoji.parse(data.label);
|
||||
var render = $('<div>').html(twemoji.parse(data.label));
|
||||
render.find(':not(img)').remove();
|
||||
return render.html();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
|
|
@ -637,8 +637,6 @@ var dropdownSelector = (function() {
|
|||
<i class="fas fa-times ${selector.data('config').singleSelect ? 'hidden' : ''}"></i>
|
||||
</div>`).insertBefore(container.find('.input-field .search-field'));
|
||||
|
||||
console.log(selector.data('config').labelHTML);
|
||||
|
||||
if (selector.data('config').labelHTML) {
|
||||
tag.find('.tag-label').html(label);
|
||||
} else {
|
||||
|
|
|
@ -2,8 +2,9 @@
|
|||
|
||||
module RepositoryDatatable
|
||||
class RepositoryChecklistValueSerializer < RepositoryBaseValueSerializer
|
||||
include InputSanitizeHelper
|
||||
def value
|
||||
object.data
|
||||
object.data.each { |i| i[:label] = escape_input(i[:label]) }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -2,10 +2,11 @@
|
|||
|
||||
module RepositoryDatatable
|
||||
class RepositoryListValueSerializer < RepositoryBaseValueSerializer
|
||||
include InputSanitizeHelper
|
||||
def value
|
||||
{
|
||||
id: (object.repository_list_item&.id || ''),
|
||||
text: (object.data || '')
|
||||
text: (escape_input(object.data) || '')
|
||||
}
|
||||
end
|
||||
end
|
||||
|
|
|
@ -2,11 +2,12 @@
|
|||
|
||||
module RepositoryDatatable
|
||||
class RepositoryStatusValueSerializer < RepositoryBaseValueSerializer
|
||||
include InputSanitizeHelper
|
||||
def value
|
||||
{
|
||||
id: object.repository_status_item.id,
|
||||
icon: object.repository_status_item.icon,
|
||||
status: object.repository_status_item.status
|
||||
status: escape_input(object.repository_status_item.status)
|
||||
}
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue