]> git.openstreetmap.org Git - osqa.git/blob - forum/skins/default/templates/ask.html
projects / osqa.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Prevent XSS attacks with wmd using the google-caja html sanitizer.
[osqa.git] / forum / skins / default / templates / ask.html
1 {% extends "base.html" %}
2 <!-- template ask.html -->
3 {% load i18n extra_tags extra_filters %}
4 {% block title %}{% spaceless %}{% trans "Ask a question" %}{% endspaceless %}{% endblock %}
5 {% block forejs %}
6         <script type='text/javascript' src='{% media  "/media/js/wmd/showdown.js" %}'></script>
7         <script type='text/javascript' src='{% media  "/media/js/wmd/wmd.js" %}'></script>
8         <script type='text/javascript' src='{% media  "/media/js/html_sanitizer.js" %}'></script>
9         <link rel="stylesheet" type="text/css" href="{% media  "/media/js/wmd/wmd.css" %}" />
10         <script type="text/html" id="question-summary-template">
11             <div class="answer-summary">
12                 <a href="%URL%"><div class="answer-votes">%SCORE%</div></a>
13                 <div class="answer-link">
14                     <a class="question-hyperlink" href="%URL%" title="%SUMMARY%">%TITLE%</a>
15                 </div>
16             </div>
17         </script>
18         <script type="text/javascript">
19         $(function(){
20             //set current module button style
21             $("#nav_ask").attr('className',"on");
22             $('#editor').TextAreaResizer();
23
24             //toggle preview of editor
25                         //todo remove copy-paste
26             var display = true;
27             var txt = "[{% trans "hide preview" %}]";
28             $('#pre-collapse').text(txt);
29             $('#pre-collapse').bind('click', function(){
30                 txt = display ? "[{% trans "show preview" %}]" : "[{% trans "hide preview" %}]";
31                 display = !display;
32                 $('#previewer').toggle();
33                 $('#pre-collapse').text(txt);
34             });
35
36             //Tags autocomplete action
37                 $("#id_tags").autocomplete("{% url matching_tags %}", {
38                 minChars: 1,
39                         matchContains: true,
40                 max: 10,
41                 multiple: true,
42                 multipleSeparator: " ",
43                 highlightItem: true,
44                 scroll: true,
45                 scrollHeight: 300,
46
47
48                         /*
49                         formatItem: function(row, i, max) {
50                                 return row.n + " ("+ row.c +")";
51                         },
52                 formatResult: function(row, i, max){
53                     return row.n;
54                 }
55                 */
56
57                 formatItem: function(row, i, max, value) {
58                     return row[1] + " (" + row[2] + ")";
59                 },
60
61                 formatResult: function(row, i, max, value){
62                     return row[1];
63                 }
64
65             });
66
67         });
68
69         function submitClicked(e, f) {
70             if(!(browserTester('chrome') || browserTester('safari'))) {
71                 $("input.submit")[0].disabled=true;
72             }
73             window.removeEventListener('beforeunload', beforeUnload, true);
74             if (f) {
75                 f.submit();
76             }
77         }
78
79         function beforeUnload(e) {
80             if($("input#id_title")[0].value != "" || $("textarea#editor")[0].value != "" || $("input#id_tags")[0].value != "") {
81                 return yourWorkWillBeLost(e);
82             }
83         }
84         window.addEventListener('beforeunload', beforeUnload, true);
85
86         var related_questions_url = "{% url related_questions %}";
87         </script>
88         <script src="{% media "/media/js/osqa.ask.js" %}" type="text/javascript"></script>
89 {% endblock %}
90
91 {% block content %}
92 <div id="main-bar" class="headNormal">
93         {% trans "Ask a question" %}
94 </div>
95 <div id="main-body" class="ask-body">
96     <div id="askform">
97         <form id="fmask" action="" method="post" accept-charset="utf-8">
98             {% csrf_token %}
99                         {% if not request.user.is_authenticated %}
100             <div class="message">
101                 <span class="strong big">{% trans "You are welcome to start submitting your question anonymously." %}</span>
102                 <p>{% blocktrans %}
103                     After submiting your question, you will be redirected to the login/signup page.
104                     Your question will be saved in the current session and will be published after you login with your existing account,
105                     or signup for a new account{% endblocktrans %}{% if "ask"|contained_in:settings.REQUIRE_EMAIL_VALIDATION_TO %}
106                     {% trans "and validate your email." %}{% else %}.{% endif %}</p>
107             </div>
108             {% else %}
109                 {% if not request.user.email_valid_and_can_ask %}
110                     <div class="message">
111                         {% blocktrans %}Remember, your question will not be published until you validate your email.{% endblocktrans %}
112                         <a href="{% url send_validation_email %}">{% trans "Send me a validation link." %}</a>
113                     </div>
114                 {% endif %}
115                         {% endif %}
116             <div class="form-item">
117                 <label for="id_title" ><strong>{{ form.title.label_tag }}:</strong></label> <span class="form-error"></span><br/>
118                 {{ form.title }} {{ form.title.errors }}
119                 <div class="title-desc">
120                     {{ form.title.help_text }}
121                 </div>
122             </div>
123             <div id="ask-related-questions"></div>
124             <div class="form-item">
125                 <div id="wmd-button-bar" class="wmd-panel"></div>
126                 {{ form.text }} {{ form.text.errors }}
127                 <div class="preview-toggle">
128                     <table width="100%">
129                         <tr>
130                             <td>
131                                 <span id="pre-collapse" title="{% trans "Toggle the real time Markdown editor preview" %}">{% trans "toggle preview" %}</span>
132                             </td>
133                             <td style="text-align: right;" id="editor-metrics"></td>
134                             {% if settings.WIKI_ON %}
135                             <td class="tright">
136                                 {{ form.wiki }} <span class="help_text" title="{{form.wiki.help_text}}">{{ form.wiki.label_tag }} </span>
137                             </td>
138                             {% endif %}
139                         </tr>
140
141                     </table>
142                 </div>
143                 <div id="previewer" class="wmd-preview"></div>
144                 <span class="form-error"></span>
145             </div>
146             <div class="form-item">
147                 <strong>{{ form.tags.label_tag }}:</strong> {% trans "(required)" %} <span class="form-error"></span><br/>
148                 {{ form.tags }}  {{ form.tags.errors }}
149             </div>
150                         <p class="title-desc">
151                                 {{ form.tags.help_text }}
152                         </p>
153                         
154             {% if form.recaptcha %}
155             <div class="question-captcha" style="float: left">
156                 {{ form.recaptcha.errors }}
157                 {{ form.recaptcha }}
158             </div>
159             <div class="clear"></div>
160             {% endif %}
161                         
162             {% if not request.user.is_authenticated %}                                                                        
163             <input name="ask" type="button" value="{% trans "Login/signup to post your question" %}" class="submit" onclick="submitClicked(event, this.form)"/>
164                         {% else %}
165             <input name="ask" type="button" value="{% trans "Ask your question" %}" class="submit" onclick="submitClicked(event, this.form)"/>
166             {% endif %}
167         </form>
168     </div>
169 </div>
170 {% endblock %}
171
172 {% block sidebar %}
173 {% include "question_edit_tips.html" %}
174 {% endblock %}
175
176 {% block endjs %}
177 {% endblock %}
178 <!-- end template ask.html -->
OSQA