Age | Commit message (Collapse) | Author | Files | Lines |
|
Although we don't allow unauthenticated users to post content, we should
still cover our bases here and ensure people can't inject stuff into the
production website via an inadvertent XSS.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
We use the 'Article' type since this isn't print media.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
These were available only from the home page, but it makes sense to
advertise them on the corresponding index pages too.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This is a lot more flexible and will allow more than just simple
prefixing of the static file resources.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This moves our site static files into the sitestatic directory if they
are shared resources, and also moves a handful of things (such as the
artwork logos) into application-specific static/ directories. This
allows the staticfiles contrib app to work after a few settings tweaks,
a run of collectstatic, and massaging the hardcoded '/media/' prefix out
of our templates.
Django 1.4 is going to make this a lot easier to move things to a CDN
and provides better template tags; for now this is setting the stage
before we can move to that.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
We're getting to the point where we are starting to have a good chunk of JS
scattered about. Centralize a lot of it for maintenance and performance
purposes.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
We were still looking at the permissions on the main application; these
need to be updated to point at the news application instead.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Set up a default DATE_FORMAT in settings.py and use it everywhere we do the
'|date' template filter rather than hardcoding the value in the template.
This also fixes a regression with news date/time now that we changed the
field to store both date and time.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This view was getting huge with ~500 items on it, and most people are not
really interested in seeing every single news item. Use the drop in
pagination and add some controls that still allow browsing to any page of
the list.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Implements FS#13741. A preview function is also added so working with news
items is easier to make sure you get the formatting right.
This will result in some older news items looking a bit weird if they didn't
put linebreaks in all the right places, we can fix a few of these as we
notice them.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
It looks like the `action="."` business was screwing up some browsers,
notably lynx and links. We don't need it as the default is to submit to the
same page anyway, so kill this gunk and see if it fixes a login CSRF issue.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
We didn't include them on many pages, or the ones we did weren't always
useful. Also try to keep the boilerplate to a minimum so you can see the
important bits in the title. 'Arch Linux - ' comes first in all titles, and
from there it can be filled in with something useful.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Make both the title entry and the text area a lot larger so it is easier to
add and edit news items from the developer side.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
- added title
- added permission checks
|
|
|
|
|
|
|
|
side items.
|
|
Special Note
Prior to git import, approx 90% of the code was done by Judd Vinet. Thanks Judd!
|