github/plexpy
1
0
Fork 0
mirror of https://github.com/Tautulli/Tautulli.git synced 2025-07-06 21:21:15 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Better sanitization on templates and datatables output.

Browse source
This commit is contained in:
Tim 2015-12-06 14:09:38 +02:00
parent 1157fda96c
commit b0fa0d534e
7 changed files with 206 additions and 196 deletions
Download patch file Download diff file Expand all files Collapse all files

8
plexpy/datatables.py
View file

@ -178,12 +178,18 @@ class DataTables(object):
filtered = self.ssp_db.select(query, args=args)
# Build grand totals
totalcount = self.ssp_db.select('SELECT COUNT(id) from %s' % table_name)[0][0]
totalcount = self.ssp_db.select('SELECT COUNT(id) as total_count from %s' % table_name)[0]['total_count']
# Get draw counter
draw_counter = int(parameters['draw'])
# Paginate results
result = filtered[parameters['start']:(parameters['start'] + parameters['length'])]
# Sanitize on the way out
result = [{k: helpers.sanitize(v) if isinstance(v, basestring) else v for k, v in row.iteritems()}
for row in result]
output = {'result': result,
'draw': draw_counter,
'filteredCount': len(filtered),