docs and input sanitization
This commit is contained in:
posativ
parent
1199424a2b
commit
54548d4bd5
13
isso/db.py
13
isso/db.py
@ -38,6 +38,10 @@ class Abstract:
|
||||
|
||||
|
||||
class SQLite(Abstract):
|
||||
"""A basic :class:`Abstract` implementation using SQLite3. All comments
|
||||
share a single database. The tuple (id, path) acts as unique identifier
|
||||
for a comment. Multiple comments per path (= that is the URI to your blog
|
||||
post) are ordered by that id."""
|
||||
|
||||
fields = [
|
||||
'id', 'path', 'timestamp',
|
||||
@ -45,8 +49,7 @@ class SQLite(Abstract):
|
||||
]
|
||||
|
||||
def initialize(self, conf):
|
||||
|
||||
self.dbpath = join(conf['DATA_DIR'], 'comments.db')
|
||||
self.dbpath = conf['SQLITE']
|
||||
|
||||
with sqlite3.connect(self.dbpath) as con:
|
||||
sql = ('main.comments (id INTEGER NOT NULL, path VARCHAR(255) NOT NULL,'
|
||||
@ -78,7 +81,7 @@ class SQLite(Abstract):
|
||||
keys = ','.join(self.fields)
|
||||
values = ','.join('?'*len(self.fields))
|
||||
con.execute('INSERT INTO comments (%s) VALUES (%s);' % (keys, values),
|
||||
[0, path, time.time(), c.text, c.author, c.email, c.website, c.parent])
|
||||
(0, path, time.time(), c.text, c.author, c.email, c.website, c.parent))
|
||||
|
||||
def update(self, path, comment):
|
||||
return
|
||||
@ -88,8 +91,8 @@ class SQLite(Abstract):
|
||||
|
||||
def retrieve(self, path, limit=20):
|
||||
with sqlite3.connect(self.dbpath) as con:
|
||||
rv = con.execute("SELECT * FROM comments WHERE path = '%s'" % path \
|
||||
+ " ORDER BY id DESC;").fetchall()
|
||||
rv = con.execute("SELECT * FROM comments WHERE path = ?" \
|
||||
+ " ORDER BY id DESC;", (path, )).fetchall()
|
||||
|
||||
for item in rv:
|
||||
yield self.query2comment(item)
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
|
||||
import shutil
|
||||
import os
|
||||
import tempfile
|
||||
import unittest
|
||||
|
||||
@ -11,9 +11,9 @@ class TestSQLite(unittest.TestCase):
|
||||
|
||||
def setUp(self):
|
||||
|
||||
self.path = tempfile.mkdtemp()
|
||||
fd, self.path = tempfile.mkstemp()
|
||||
self.db = SQLite()
|
||||
self.db.initialize({'DATA_DIR': self.path})
|
||||
self.db.initialize({'SQLITE': self.path})
|
||||
|
||||
def test_add(self):
|
||||
|
||||
@ -33,4 +33,4 @@ class TestSQLite(unittest.TestCase):
|
||||
assert rv[0].text == 'Baz'
|
||||
|
||||
def tearDown(self):
|
||||
shutil.rmtree(self.path)
|
||||
os.unlink(self.path)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user