This commit is contained in:
cbartondock 2021-11-21 09:23:52 -05:00
commit f58c5bee1c
48 changed files with 7167 additions and 4744 deletions

View File

@ -23,7 +23,7 @@ To receive fixes for security vulnerabilities it is required to always upgrade t
| V 0.6.13|JavaScript could get executed in the description series, categories or publishers title||
| V 0.6.13|JavaScript could get executed in the shelf title||
| V 0.6.13|Login with the old session cookie after logout. Thanks to @ibarrionuevo||
| V 0.6.14|CSRF was possible. Thanks to @mik317 and Hagai Wechsler (WhiteSource) ||
| V 0.6.14|CSRF was possible. Thanks to @mik317 and Hagai Wechsler (WhiteSource) |CVE-2021-25965|
| V 0.6.14|Cross-Site Scripting vulnerability on typeahead inputs. Thanks to @notdodo||

View File

@ -1575,7 +1575,7 @@ def edit_user(user_id):
if not content or (not config.config_anonbrowse and content.name == "Guest"):
flash(_(u"User not found"), category="error")
return redirect(url_for('admin.admin'))
languages = calibre_db.speaking_language()
languages = calibre_db.speaking_language(return_all_languages=True)
translations = babel.list_translations() + [LC('en')]
kobo_support = feature_support['kobo'] and config.config_kobo_sync
if request.method == "POST":

View File

@ -612,7 +612,7 @@ class CalibreDB():
return self.session.query(Data).filter(Data.book == book_id).filter(Data.format == file_format).first()
# Language and content filters for displaying in the UI
def common_filters(self, allow_show_archived=False):
def common_filters(self, allow_show_archived=False, return_all_languages=False):
if not allow_show_archived:
archived_books = (
ub.session.query(ub.ArchivedBook)
@ -625,10 +625,10 @@ class CalibreDB():
else:
archived_filter = true()
if current_user.filter_language() != "all":
lang_filter = Books.languages.any(Languages.lang_code == current_user.filter_language())
else:
if current_user.filter_language() == "all" or return_all_languages:
lang_filter = true()
else:
lang_filter = Books.languages.any(Languages.lang_code == current_user.filter_language())
negtags_list = current_user.list_denied_tags()
postags_list = current_user.list_allowed_tags()
neg_content_tags_filter = false() if negtags_list == [''] else Books.tags.any(Tags.name.in_(negtags_list))
@ -796,18 +796,19 @@ class CalibreDB():
return result[offset:limit_all], result_count, pagination
# Creates for all stored languages a translated speaking name in the array for the UI
def speaking_language(self, languages=None):
def speaking_language(self, languages=None, return_all_languages=False, reverse_order=False):
from . import get_locale
if not languages:
languages = self.session.query(Languages) \
.join(books_languages_link) \
.join(Books) \
.filter(self.common_filters()) \
.filter(self.common_filters(return_all_languages=return_all_languages)) \
.group_by(text('books_languages_link.lang_code')).all()
for lang in languages:
lang.name = isoLanguages.get_language_name(get_locale(), lang.lang_code)
return languages
return sorted(languages, key=lambda x: x.name, reverse=reverse_order)
def update_title_sort(self, config, conn=None):
# user defined sort function for calibre databases (Series, etc.)

View File

@ -114,7 +114,7 @@ def search_objects_add(db_book_object, db_type, input_elements):
type_elements = c_elements.value
else:
type_elements = c_elements.name
if inp_element.lower() == type_elements.lower(): # Lowercase check
if inp_element == type_elements:
found = True
break
if not found:

View File

@ -112,6 +112,7 @@ LANGUAGE_NAMES = {
"elx": "elamština",
"eng": "Angličtina",
"enm": "Angličtina; středověká (1100-1500)",
"enu": "Enu",
"epo": "esperanto",
"est": "estonština",
"eus": "baskičtina",
@ -533,6 +534,7 @@ LANGUAGE_NAMES = {
"elx": "Elamisch",
"eng": "Englisch",
"enm": "Mittelenglisch",
"enu": "Enu",
"epo": "Esperanto",
"est": "Estnisch",
"eus": "Baskisch",
@ -945,6 +947,7 @@ LANGUAGE_NAMES = {
"eka": "Ekajuk",
"elx": "Elamite",
"eng": "Αγγλικά",
"enu": "Enu",
"myv": "Erzya",
"epo": "Εσπεράντο",
"est": "Εσθονικά",
@ -1330,6 +1333,7 @@ LANGUAGE_NAMES = {
"elx": "Elamita",
"eng": "Inglés",
"enm": "Inglés medio (1100-1500)",
"enu": "Enu",
"epo": "Esperanto",
"est": "Estonio",
"eus": "Vasco",
@ -1751,6 +1755,7 @@ LANGUAGE_NAMES = {
"elx": "elami",
"eng": "englanti",
"enm": "keskienglanti",
"enu": "Enu",
"epo": "esperanto",
"est": "viro",
"eus": "baski",
@ -2172,6 +2177,7 @@ LANGUAGE_NAMES = {
"elx": "élamite",
"eng": "anglais",
"enm": "anglais moyen (1100-1500)",
"enu": "enu",
"epo": "espéranto",
"est": "estonien",
"eus": "basque",
@ -2593,6 +2599,7 @@ LANGUAGE_NAMES = {
"elx": "elamita",
"eng": "angol",
"enm": "angol; középkori (1100-1500)",
"enu": "Enu",
"epo": "eszperantó",
"est": "észt",
"eus": "Baszk",
@ -3014,6 +3021,7 @@ LANGUAGE_NAMES = {
"elx": "Elamitico",
"eng": "Inglese",
"enm": "Inglese medio (1100-1500)",
"enu": "Enu",
"epo": "Esperanto",
"est": "Estone",
"eus": "Basco",
@ -3435,6 +3443,7 @@ LANGUAGE_NAMES = {
"elx": "エラム語",
"eng": "英語",
"enm": "英語; 中世 (1100-1500)",
"enu": "Enu",
"epo": "エスペラント",
"est": "エストニア語",
"eus": "バスク語",
@ -3856,6 +3865,7 @@ LANGUAGE_NAMES = {
"elx": "Elamite",
"eng": "English",
"enm": "English; Middle (1100-1500)",
"enu": "Enu",
"epo": "Esperanto",
"est": "Estonian",
"eus": "Basque",
@ -4277,6 +4287,7 @@ LANGUAGE_NAMES = {
"elx": "Elamitisch",
"eng": "Engels",
"enm": "Engels; middel (1100-1500)",
"enu": "Enu",
"epo": "Esperanto",
"est": "Estlands",
"eus": "Baskisch",
@ -4698,6 +4709,7 @@ LANGUAGE_NAMES = {
"elx": "elamicki",
"eng": "Angielski",
"enm": "angielski średniowieczny (1100-1500)",
"enu": "Enu",
"epo": "esperanto",
"est": "estoński",
"eus": "baskijski",
@ -5110,6 +5122,7 @@ LANGUAGE_NAMES = {
"eka": "Ekajuk",
"elx": "Elamite",
"eng": "Inglês",
"enu": "Enu",
"myv": "Erzya",
"epo": "Esperanto",
"est": "Estónio",
@ -5493,6 +5506,7 @@ LANGUAGE_NAMES = {
"elx": "Эламский",
"eng": "Английский",
"enm": "Среднеанглийский (1100-1500)",
"enu": "Enu",
"epo": "Эсперанто",
"est": "Эстонский",
"eus": "Баскский",
@ -5914,6 +5928,7 @@ LANGUAGE_NAMES = {
"elx": "Elamitiska",
"eng": "Engelska",
"enm": "Medelengelska (1100-1500)",
"enu": "Enu",
"epo": "Esperanto",
"est": "Estniska",
"eus": "Baskiska",
@ -6326,6 +6341,7 @@ LANGUAGE_NAMES = {
"eka": "Ekajuk (Afrika)",
"elx": "Elamca",
"eng": "İngilizce",
"enu": "Enu",
"myv": "Erzya dili",
"epo": "Esperanto",
"est": "Estonca",
@ -6709,6 +6725,7 @@ LANGUAGE_NAMES = {
"elx": "еламська",
"eng": "англійська",
"enm": "середньоанглійська (1100-1500)",
"enu": "ену",
"epo": "есперанто",
"est": "естонська",
"eus": "баскська",
@ -7130,6 +7147,7 @@ LANGUAGE_NAMES = {
"elx": "埃兰语",
"eng": "英语",
"enm": "英语中古1100-1500",
"enu": "Enu",
"epo": "世界语",
"est": "爱沙尼亚语",
"eus": "巴斯克语",
@ -7542,6 +7560,7 @@ LANGUAGE_NAMES = {
"eka": "Ekajuk",
"elx": "Elamite",
"eng": "英文",
"enu": "Enu",
"myv": "Erzya",
"epo": "世界語",
"est": "愛沙尼亞文",
@ -7925,6 +7944,7 @@ LANGUAGE_NAMES = {
"elx": "Elamite",
"eng": "English",
"enm": "English; Middle (1100-1500)",
"enu": "Enu",
"epo": "Esperanto",
"est": "Estonian",
"eus": "Basque",

View File

@ -1,19 +1,35 @@
{% extends "layout.html" %}
{% block body %}
<h1>{{title}}</h1>
<div class="filterheader hidden-xs">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}">
<div id="asc" data-order="{{ order }}" data-id="{{ data }}" class="btn btn-primary {% if order == 1 %} active{% endif%}"><span class="glyphicon glyphicon-sort-by-alphabet"></span></div>
<div id="desc" data-id="{{ data }}" class="btn btn-primary{% if order == 0 %} active{% endif%}"><span class="glyphicon glyphicon-sort-by-alphabet-alt"></span></div>
{% if charlist|length %}
<div id="all" class="active btn btn-primary {% if charlist|length > 9 %}hidden-sm{% endif %}">{{_('All')}}</div>
{% endif %}
<div class="btn-group character {% if charlist|length > 9 %}hidden-sm{% endif %}" role="group">
{% for char in charlist%}
<div class="btn btn-primary char">{{char}}</div>
{% endfor %}
</div>
</div>
<div class="container">
<div class="col-xs-12 col-sm-6">
<div div id="list" class="col-xs-12 col-sm-6">
{% for lang in languages %}
{% if loop.index0 == (loop.length/2)|int and loop.length > 20 %}
</div>
<div class="col-xs-12 col-sm-6">
</div>
<div id="second" class="col-xs-12 col-sm-6">
{% endif %}
<div class="row">
<div class="row" data-id="{% if lang.name %}{{lang.name}}{% else %}{{lang[0].name}}{% endif %}">
<div class="col-xs-2 col-sm-2 col-md-1" align="left"><span class="badge">{{lang_counter[loop.index0].bookcount}}</span></div>
<div class="col-xs-10 col-sm-10 col-md-11"><a id="list_{{loop.index0}}" href="{{url_for('web.books_list', book_id=lang.lang_code, data=data, sort_param='new')}}">{{lang.name}}</a></div>
</div>
{% endfor %}
</div>
</div>
</div>
{% endblock %}
{% block js %}
<script src="{{ url_for('static', filename='js/filter_list.js') }}"></script>
{% endblock %}

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -62,27 +62,13 @@ searched_ids = {}
logged_in = dict()
def store_user_session():
if flask_session.get('_user_id', ""):
if logged_in.get(flask_session.get('_user_id', "")):
logged_in[flask_session.get('_user_id', "")].append(flask_session.get('_id', ""))
else:
logged_in[flask_session.get('_user_id', "")] = [flask_session.get('_id', "")]
log.info(flask_session.get('_id', ""))
def delete_user_session(user_id, session_key):
try:
logged_in.get(str(user_id), []).remove(session_key)
except ValueError:
pass
def check_user_session(user_id, session_key):
return session_key in logged_in.get(str(user_id), [])
def signal_store_user_session(object, user):
store_user_session()
def store_user_session():
if flask_session.get('user_id', ""):
flask_session['_user_id'] = flask_session.get('user_id', "")
if flask_session.get('_user_id', ""):
try:
if not check_user_session(flask_session.get('_user_id', ""), flask_session.get('_id', "")):

View File

@ -831,7 +831,7 @@ def list_books():
books = calibre_db.session.query(db.Books).filter(calibre_db.common_filters()).all()
entries = calibre_db.get_checkbox_sorted(books, state, off, limit, order)
elif search:
entries, filtered_count, __ = calibre_db.get_search_results(search, off, order, limit, *join)
entries, filtered_count, __ = calibre_db.get_search_results(search, off, [order,''], limit, *join)
else:
entries, __, __ = calibre_db.fill_indexpage((int(off) / (int(limit)) + 1), limit, db.Books, True, order, *join)
@ -1012,30 +1012,25 @@ def formats_list():
@web.route("/language")
@login_required_if_no_ano
def language_overview():
if current_user.check_visibility(constants.SIDEBAR_LANGUAGE):
charlist = list()
if current_user.filter_language() == u"all":
languages = calibre_db.speaking_language()
# ToDo: generate first character list for languages
if current_user.check_visibility(constants.SIDEBAR_LANGUAGE) and current_user.filter_language() == u"all":
if current_user.get_view_property('language', 'dir') == 'desc':
order = db.Languages.lang_code.desc()
order_no = 0
else:
#try:
# cur_l = LC.parse(current_user.filter_language())
#except UnknownLocaleError:
# cur_l = None
languages = calibre_db.session.query(db.Languages).filter(
db.Languages.lang_code == current_user.filter_language()).all()
languages[0].name = isoLanguages.get_language_name(get_locale(), languages[0].name.lang_code)
#if cur_l:
# languages[0].name = cur_l.get_language_name(get_locale())
#else:
# languages[0].name = _(isoLanguages.get(part3=languages[0].lang_code).name)
order = db.Languages.lang_code.asc()
order_no = 1
charlist = list()
languages = calibre_db.speaking_language(reverse_order=not order_no)
for lang in languages:
upper_lang = lang.name[0].upper()
if upper_lang not in charlist:
charlist.append(upper_lang)
lang_counter = calibre_db.session.query(db.books_languages_link,
func.count('books_languages_link.book').label('bookcount')).group_by(
text('books_languages_link.lang_code')).all()
return render_title_template('languages.html', languages=languages, lang_counter=lang_counter,
charlist=charlist, title=_(u"Languages"), page="langlist",
data="language")
data="language", order=order_no)
else:
abort(404)

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff