]> git.openstreetmap.org Git - osqa.git/blob - forum/skins/default/templates/question_edit.html
projects / osqa.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Prevent XSS attacks with wmd using the google-caja html sanitizer.
[osqa.git] / forum / skins / default / templates / question_edit.html
1 {% extends "base.html" %}
2 <!-- question_edit.html -->
3 {% load i18n %}
4 {% load extra_tags %}
5 {% block title %}{% spaceless %}{% trans "Edit question" %}{% endspaceless %}{% endblock %}
6 {% block forejs %}
7         <script type='text/javascript' src='{% media  "/media/js/wmd/showdown.js" %}'></script>
8         <script type='text/javascript' src='{% media  "/media/js/wmd/wmd.js" %}'></script>
9         <script type='text/javascript' src='{% media  "/media/js/html_sanitizer.js" %}'></script>
10         <link rel="stylesheet" type="text/css" href="{% media  "/media/js/wmd/wmd.css" %}" />
11         <script type="text/javascript">
12                 //todo move javascript out        
13         $().ready(function(){
14             $("#nav_questions").attr('className',"on");
15             $('#editor').TextAreaResizer();
16             
17
18             //toggle preview of editor
19             var display = true;
20             var txt = "[{% trans "hide preview" %}]";
21             $('#pre-collapse').text(txt);
22             $('#pre-collapse').bind('click', function(){
23                 txt = display ? "[{% trans "show preview" %}]" : "[{% trans "hide preview" %}]";
24                 display = !display;
25                 $('#previewer').toggle();
26                 $('#pre-collapse').text(txt);
27             });
28             
29             //Tags autocomplete action
30                 $("#id_tags").autocomplete("{% url matching_tags %}", {
31                         matchContains: true,
32                 max: 20,
33                 multiple: true,
34                 multipleSeparator: " ",
35                 highlightItem: true,
36                 scroll: true,
37                 scrollHeight: 300,
38                         /*formatItem: function(row, i, max) {
39                                 return row.n + " ("+ row.c +")";
40                         },
41                 formatResult: function(row, i, max){
42                     return row.n;
43                 }*/
44                 formatItem: function(row, i, max, value) {
45                     return row[1] + " (" + row[2] + ")";
46                 },
47
48                 formatResult: function(row, i, max, value){
49                     return row[1];
50                 }
51                 
52             });         
53
54             $('#id_revision').unbind().change(function(){
55                 $("#select_revision").click();
56             });
57
58             init = $("textarea#editor")[0].value;
59
60             title = $("input#id_title")[0].value;
61             body = $("textarea#editor")[0].value;
62             tag = $("input#id_tags")[0].value;
63         });
64
65         function submitClicked(e, f) {
66             if(!(browserTester('chrome') || browserTester('safari'))) {
67                 $("input.submit")[0].disabled=true;
68                 $("input.submit")[1].disabled=true;
69             }
70             window.removeEventListener('beforeunload', beforeUnload, true);
71             if (f) {
72                 f.submit();
73             }
74         }
75
76         function beforeUnload(e) {
77             if($("input#id_title")[0].value != title || $("textarea#editor")[0].value != body || $("input#id_tags")[0].value != tag) {
78                  return yourWorkWillBeLost(e);
79             }
80         }
81         window.addEventListener('beforeunload', beforeUnload, true);
82
83         var init = "";
84         var title = "";
85         var body = "";
86         var tag = "";
87         </script>
88 {% endblock %}
89         
90 {% block content %}
91 <div id="main-bar" class="headNormal">
92     {% block edittype %}{% trans "Edit question" %}{% endblock %} [<a href="{{ question.get_absolute_url }}">{% trans "back" %}</a>]
93 </div>
94 <div id="main-body" class="ask-body">
95     <div id="askform">
96         <form id="fmedit" action="" method="post">
97             {% csrf_token %}
98             <label for="id_revision" ><strong>{% trans "revision" %}:</strong></label> <br/> 
99             {% if revision_form.revision.errors %}{{ revision_form.revision.errors.as_ul }}{% endif %}
100             <div style="vertical-align:middle">
101             {{ revision_form.revision }} <input type="submit" style="display:none" id="select_revision" name="select_revision" 
102                                                                                         value="{% trans "select revision"%}">
103             </div> 
104             <div class="form-item">
105                 <label for="id_title" ><strong>{{ form.title.label_tag }}:</strong></label> <span class="form-error"></span><br/> 
106                 {{ form.title }} {{ form.title.errors }}  
107                 <div class="title-desc">
108                     {{ form.title.help_text }}
109                 </div>     
110             </div>
111             <div class="form-item">
112                 <div id="wmd-button-bar" class="wmd-panel"></div>
113                 {{ form.text }}
114                 <span class="form-error"></span>
115                 <div class="preview-toggle">
116                     <table width="100%">
117                         <tr>
118                             <td>
119                                 <span id="pre-collapse" title="{% trans "Toggle the real time Markdown editor preview" %}">{% trans "toggle preview" %}</span>
120                             </td>
121                             <td style="text-align: right;" id="editor-metrics"></td>
122                             {% if settings.WIKI_ON %}
123                             <td style="text-align:right;">
124                                 {{ form.wiki }} <span style="color:#000;cursor:help" title="{{form.wiki.help_text}}">{{ form.wiki.label_tag }} </span>
125                             </td>
126                             {% endif %}
127                         </tr>
128                     
129                     </table>   
130                 </div>
131                 <div id="previewer" class="wmd-preview"></div>
132             </div>
133             <div class="form-item">
134                 <strong>{{ form.tags.label_tag }}:</strong> <span class="form-error"></span><br/>
135                 {{ form.tags }}  {{ form.tags.errors }}
136                 <div class="title-desc">
137                     {{ form.tags.help_text }}
138                 </div>
139             </div>
140             <strong>{{ form.summary.label_tag }}</strong> <br/>
141             {{ form.summary }}  {{ form.summary.errors }}
142             <div class="title-desc">
143                 {{ form.summary.help_text }}
144             </div>
145             
146             {% if form.recaptcha %}
147             <div class="question-captcha" style="float: left">
148                 {{ form.recaptcha.errors }}
149                 {{ form.recaptcha }}
150             </div>
151             <div class="clear"></div>
152             {% endif %}
153             
154             <div class="error" ></div>
155             <input type="button" value="{% trans "Save edit" %}" class="submit" onclick="submitClicked(event, this.form)" />
156             <input type="button" value="{% trans "Cancel" %}" class="submit" onclick="submitClicked(event, null); history.back(-1);" />
157         </form>
158     </div>
159 </div>
160 {% endblock %}
161
162 {% block sidebar %}
163 {% include "question_edit_tips.html" %}
164 {% endblock %}
165
166 {% block endjs %}
167 {% endblock %}
168 <!-- end question_edit.html -->
OSQA