Fixes in tests and html escaping

paramecio/citoplasma/httputils.py

@@ -1,6 +1,7 @@
 #!/usr/bin/python3
 
-from bottle import request
+import json, re
+from bottle import request, response
 from paramecio.citoplasma.sessions import get_session
 from paramecio.citoplasma.keyutils import create_key_encrypt
 
@@ -19,7 +20,27 @@ except:
         no_csrf=False
 
 
-
+def filter_ajax(data, filter_tags=True):
+    
+    response.set_header('Content-type', 'application/json')
+    
+    #arr_data=map(
+    
+    json_encoded=json.dumps(data)
+    
+    #if filter_tags:
+    #    json_encoded=json_encoded.replace('<', '&lt;').replace('>', '&gt;')
+        
+        #json_encoded=re.sub(r'\\"', '&quot;', json_encoded)
+           
+        #json_encoded=re.sub('\\"', "", json_encoded)
+        #json_encoded=re.sub('\"', "&quot;", json_encoded)
+        
+        #replace('\\"', '&quot;')
+        #replace('\\\\', '${slashes}').
+        
+    return json_encoded
+    
 class GetPostFiles:
 
     # Need this for obtain utf8 valid values

paramecio/citoplasma/sendmail.py

@@ -27,7 +27,7 @@ class SendMail:
         self.smtp=smtplib.SMTP(host=self.host, port=self.port)
         self.txt_error=''
     
-    def send(self, from_address, to_address, subject, message, content_type='plain', attachments=[]):
+    def send(self, from_address, to_address: list, subject, message, content_type='plain', attachments=[]):
         
         if self.ssl==True:
             
@@ -106,6 +106,8 @@ class SendMail:
             
             self.smtp.send_message(msg)
             
+            #self.quit()
+            
             return True
 
         else:
@@ -161,12 +163,15 @@ class SendMail:
             
             self.smtp.send_message(outer)
             
+            #self.quit()
+            
             return True
         
     def quit(self):
         
         self.smtp.quit()
-            
+    
     def __del__(self):
         
-        self.quit()
+        self.smtp.quit()
+    

paramecio/citoplasma/templates/utils/list.phtml

@@ -42,7 +42,7 @@
             % if simplelist.model.fields[field].escape==True:
                 <td class="${simplelist.model.fields[field].name}_td">${simplelist.model.fields[field].show_formatted(row[field])}</td>
             % else:
-                <td class="${simplelist.model.fields[field].name}_td">${simplelist.model.fields[field].show_formatted(row[field])|n}</td>
+                <td class="${simplelist.model.fields[field].name}_td">${str(simplelist.model.fields[field].show_formatted(row[field]))|n}</td>
             % endif
         % endfor
         

paramecio/cromosoma/extrafields/arrayfield.py

@@ -1,4 +1,4 @@
-from paramecio.cromosoma.webmodel import PhangoField
+from paramecio.cromosoma.webmodel import PhangoField,WebModel
 import json
 
 class ArrayField(PhangoField):
@@ -33,7 +33,7 @@ class ArrayField(PhangoField):
         
         final_value=json.dumps(value)
         
-        final_value=super().check(final_value)
+        final_value=WebModel.escape_sql(final_value)
         
         return final_value
 

paramecio/cromosoma/extrafields/dictfield.py

@@ -1,4 +1,4 @@
-from paramecio.cromosoma.webmodel import PhangoField
+from paramecio.cromosoma.webmodel import WebModel, PhangoField
 import json
 
 class DictField(PhangoField):
@@ -18,7 +18,7 @@ class DictField(PhangoField):
                 
                 value={}
                 self.error=True
-                self.txt_error='Sorry, the json array is invalid'
+                self.txt_error='Sorry, the json dict is invalid'
                 
         elif type(value).__name__!='dict':
             
@@ -26,13 +26,13 @@ class DictField(PhangoField):
             self.error=True
             self.txt_error='Sorry, the json array is invalid'
             
-        for k,v in enumerate(value):
+        for k,v in value.items():
             
             value[k]=self.field_type.check(v)
             
         final_value=json.dumps(value)
         
-        final_value=super().check(final_value)
+        #final_value=WebModel.escape_sql(final_value)
         
         return final_value
 

paramecio/cromosoma/extrafields/emailfield.py

@@ -7,6 +7,8 @@ class EmailField(CharField):
     
     def check(self, value):
         
+        value=super().check(value)
+        
         self.error=False
         self.txt_error=''
         
@@ -16,4 +18,4 @@ class EmailField(CharField):
             value=""
             self.txt_error='No valid format'
             
-        return value
+        return value

paramecio/cromosoma/webmodel.py

@@ -989,7 +989,7 @@ class PhangoField:
         
         # Property that define if make escape in show_formatted
         
-        self.escape=True
+        self.escape=False
         
         # File related: if the field have a file related, delete the file
         
@@ -1024,7 +1024,13 @@ class PhangoField:
         
         value=str(value)
         
-        value=WebModel.escape_sql(value)
+        value=value.replace('<', '&lt;')
+        
+        value=value.replace('>', '&gt;')
+        
+        value=value.replace('"', '&quot;')
+        
+        #value=WebModel.escape_sql(value)
         
         if value=="":
             self.txt_error="The field is empty"