From: Simon Cozens <simon@simon-cozens.org>
Date: Sat, 31 Jan 2004 14:55:43 +0000 (+0000)
Subject: Make untainting, editing, and other things work.
X-Git-Tag: 2.10~335
X-Git-Url: https://git.decadent.org.uk/gitweb/?p=maypole.git;a=commitdiff_plain;h=d635ca733a7199c4f9893e8d5a50e96a1295f092

Make untainting, editing, and other things work.


git-svn-id: http://svn.maypole.perl.org/Maypole/trunk@27 48953598-375a-da11-a14b-00016c27c3ee
---

diff --git a/lib/Apache/MVC.pm b/lib/Apache/MVC.pm
index 68a9927..467f0f9 100644
--- a/lib/Apache/MVC.pm
+++ b/lib/Apache/MVC.pm
@@ -32,28 +32,29 @@ sub config {
 sub set_database {
     my ($calling_class, $dsn) = @_;
     $calling_class = ref $calling_class if ref $calling_class;
-    $calling_class->config->{dsn} = $dsn;
-    $calling_class->config->{loader} = Class::DBI::Loader->new(
+    my $config = $calling_class->config;
+    $config->{model} ||= "Apache::MVC::Model::CDBI";
+    $config->{model}->require;
+    $config->{dsn} = $dsn;
+    $config->{loader} = Class::DBI::Loader->new(
         namespace => $calling_class,
         dsn => $dsn
     ); 
+    $config->{classes} = [ $config->{loader}->classes ];
+    for my $subclass (@{$config->{classes}}) {
+        no strict 'refs';
+        unshift @{$subclass."::ISA"}, $config->{model};
+        $config->{model}->adopt($subclass)
+           if $config->{model}->can("adopt");
+    }
 }
 
 sub init {
     my $class = shift;
     my $config = $class->config;
-    $config->{model} ||= "Apache::MVC::Model::CDBI";
     $config->{view}  ||= "Apache::MVC::View::TT";
-    $config->{model}->require;
     $config->{view}->require;
-    $config->{classes} = [ $class->config->{loader}->classes ];
     $config->{display_tables} ||= [ $class->config->{loader}->tables ];
-    for my $subclass (@{$config->{classes}}) {
-        no strict 'refs';
-        unshift @{$subclass."::ISA"}, $class->config->{model};
-        $config->{model}->adopt($subclass)
-           if $config->{model}->can("adopt");
-    }
     $class->view_object($class->config->{view}->new);
     $class->init_done(1);
 
diff --git a/lib/Apache/MVC/Model/CDBI.pm b/lib/Apache/MVC/Model/CDBI.pm
index f9b2087..695e1cb 100644
--- a/lib/Apache/MVC/Model/CDBI.pm
+++ b/lib/Apache/MVC/Model/CDBI.pm
@@ -20,13 +20,13 @@ sub related {
     map {to_PL($_)} 
     grep { exists $r->{config}{ok_tables}{$_} }
     map {$_->table}
-    keys %{shift->__hasa_list}
+    keys %{shift->__hasa_list || {}}
 }
 
 sub do_edit :Exported {
     my ($self, $r) = @_;
     my $h = CGI::Untaint->new(%{$r->{params}});
-    my ($obj) = @{$self->objects};
+    my ($obj) = @{$r->objects};
     if ($obj) {
         # We have something to edit
         $obj->update_from_cgi($h);
diff --git a/lib/BeerDB.pm b/lib/BeerDB.pm
index dc81a68..7cb998f 100644
--- a/lib/BeerDB.pm
+++ b/lib/BeerDB.pm
@@ -7,6 +7,14 @@ BeerDB->set_database("dbi:mysql:beerdb");
 BeerDB->config->{template_root} = "/opt/beer";
 BeerDB->config->{uri_base} = "http://neo.trinity-house.org.uk/beerdb/";
 BeerDB->config->{display_tables} = [qw[beer brewery pub style]];
+BeerDB::Brewery->untaint_columns(
+    printable => [qw/name notes url/],
+    #url => [qw/url/]
+);
+BeerDB::Beer->untaint_columns(
+    printable => [qw/abv name price notes/],
+    date =>[ qw/date/],
+);
 
 use Class::DBI::Loader::Relationship;
 BeerDB->config->{loader}->relationship($_) for (