github/plexpy
1
0
Fork 0
mirror of https://github.com/Tautulli/Tautulli.git synced 2025-07-08 14:10:52 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Sanitize player name

Browse source
This commit is contained in:
Jonathan Wong 2015-12-05 23:26:54 -08:00
parent 8c4292f9ac
commit b47ccd06f9
5 changed files with 35 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

6
data/interfaces/default/home_stats.html
View file

@ -39,7 +39,7 @@ user_id Returns the user id for the associated stat.
friendly_name Returns the friendly name of the user for the associated stat.
== Only if 'stat_id' is 'top_platform' or 'last_watched' ==
platform_type Returns the platform name for the associated stat.
player Returns the player name for the associated stat.
== Only if 'stat_id' is 'last_watched' ==
last_watch Returns the time the media item was last watched.
@ -709,7 +709,7 @@ DOCUMENTATION :: END
<script>
$('#last-watch-stat').text(moment(${top_stat['rows'][0]['last_watch']},"X").format(date_format));
</script>
</span> - ${top_stat['rows'][0]['platform_type']}
</span> - ${top_stat['rows'][0]['player']}
</p>
</div>
</div>
@ -755,7 +755,7 @@ DOCUMENTATION :: END
<script>
$('#home-platforms-instance-list-last-watch-${loop.index + 1}').text(moment(${top_stat['rows'][loop.index]['last_watch']},"X").format(date_format));
</script>
</span> - ${top_stat['rows'][loop.index]['platform_type']}
</span> - ${top_stat['rows'][loop.index]['player']}
</p>
</div>
</div>

12
plexpy/datafactory.py
View file

@ -108,6 +108,9 @@ class DataFactory(object):
# Rename Mystery platform names
platform = common.PLATFORM_NAME_OVERRIDES.get(item["platform"], item["platform"])
# Sanitize player name
player = helpers.sanitize(item["player"])
row = {"reference_id": item["reference_id"],
"id": item["id"],
"date": item["date"],
@ -119,7 +122,7 @@ class DataFactory(object):
"user": item["user"],
"friendly_name": item["friendly_name"],
"platform": platform,
"player": item["player"],
"player": player,
"ip_address": item["ip_address"],
"media_type": item["media_type"],
"rating_key": item["rating_key"],
@ -545,7 +548,7 @@ class DataFactory(object):
'session_history_metadata.thumb, ' \
'session_history_metadata.grandparent_thumb, ' \
'MAX(session_history.started) as last_watch, ' \
'session_history.player as platform, ' \
'session_history.player, ' \
'((CASE WHEN session_history.view_offset IS NULL THEN 0.1 ELSE \
session_history.view_offset * 1.0 END) / \
(CASE WHEN session_history_metadata.duration IS NULL THEN 1.0 ELSE \
@ -572,6 +575,9 @@ class DataFactory(object):
else:
thumb = item[8]
# Sanitize player name
player = helpers.sanitize(item["player"])
row = {'row_id': item[0],
'user': item[1],
'friendly_name': item[2],
@ -582,7 +588,7 @@ class DataFactory(object):
'thumb': thumb,
'grandparent_thumb': item[8],
'last_watch': item[9],
'platform_type': item[10],
'player': player,
}
last_watched.append(row)

6
plexpy/helpers.py
View file

@ -430,3 +430,9 @@ def process_json_kwargs(json_kwargs):
params = json.loads(json_kwargs)
return params
def sanitize(string):
if string:
return str(string).replace('<','&lt;').replace('>','&gt;')
else:
return ''

15
plexpy/users.py
View file

@ -89,13 +89,16 @@ class Users(object):
# Rename Mystery platform names
platform = common.PLATFORM_NAME_OVERRIDES.get(item["platform"], item["platform"])
# Sanitize player name
player = helpers.sanitize(item["player"])
row = {"id": item['id'],
"plays": item['plays'],
"last_seen": item['last_seen'],
"friendly_name": item['friendly_name'],
"ip_address": item['ip_address'],
"platform": platform,
"player": item['player'],
"player": player,
"last_watched": item['last_watched'],
"thumb": thumb,
"media_type": item['media_type'],
@ -180,12 +183,15 @@ class Users(object):
# Rename Mystery platform names
platform = common.PLATFORM_NAME_OVERRIDES.get(item["platform"], item["platform"])
# Sanitize player name
player = helpers.sanitize(item["player"])
row = {"id": item['id'],
"last_seen": item['last_seen'],
"ip_address": item['ip_address'],
"play_count": item['play_count'],
"platform": platform,
"player": item['player'],
"player": player,
"last_watched": item['last_watched'],
"thumb": thumb,
"media_type": item['media_type'],
@ -531,7 +537,10 @@ class Users(object):
# Rename Mystery platform names
platform_type = common.PLATFORM_NAME_OVERRIDES.get(item[2], item[2])
row = {'player_name': item[0],
# Sanitize player name
player = helpers.sanitize(item[0])
row = {'player_name': player,
'platform_type': platform_type,
'total_plays': item[1],
'result_id': result_id

10
plexpy/webserve.py
View file

@ -1,7 +1,4 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# This file is part of PlexPy.
# This file is part of PlexPy.
#
# PlexPy is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@ -16,7 +13,7 @@
# You should have received a copy of the GNU General Public License
# along with PlexPy. If not, see <http://www.gnu.org/licenses/>.
from plexpy import logger, notifiers, plextv, pmsconnect, common, log_reader, datafactory, graphs, users
from plexpy import logger, notifiers, plextv, pmsconnect, common, log_reader, datafactory, graphs, users, helpers
from plexpy.helpers import checked, radio
from mako.lookup import TemplateLookup
@ -738,6 +735,9 @@ class WebInterface(object):
if not session['ip_address']:
ip_address = data_factory.get_session_ip(session['session_key'])
session['ip_address'] = ip_address
# Sanitize player name
session['player'] = helpers.sanitize(session['player'])
except:
return serve_template(templatename="current_activity.html", data=None)