From: John Dong Date: Wed, 29 Aug 2007 21:43:11 +0000 (-0400) Subject: Merge from jdong X-Git-Url: https://projects.mako.cc/source/selectricity/commitdiff_plain/2fbe78e290a7b405067fddb52cad684fa5c8f3ba?hp=bbacedb4b2728febf97975b7e2ee627e6cac9e43 Merge from jdong --- diff --git a/.bzrignore b/.bzrignore index 1e24ca1..57a67d2 100644 --- a/.bzrignore +++ b/.bzrignore @@ -6,3 +6,4 @@ test.log tmp public/engine_files .DS_Store +vendor/plugins/sitealizer/lib/last_update diff --git a/app/models/full_voter.rb b/app/models/full_voter.rb index 980fb5c..b82667c 100644 --- a/app/models/full_voter.rb +++ b/app/models/full_voter.rb @@ -9,4 +9,12 @@ class FullVoter < Voter self.password = token_generator.token end end + + protected + def validate + # E-mail regex, moderate complexity + # Stolen from http://www.regular-expressions.info/email.html + errors.add(:email, "is not valid") unless email =~ + /^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i + end end diff --git a/app/models/user.rb b/app/models/user.rb index 78266ad..eca592d 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -6,13 +6,12 @@ class User < ActiveRecord::Base attr_accessor :password attr_accessor :current_user - validates_presence_of :login, :email + validates_presence_of :email validates_presence_of :password, :if => :password_required? validates_presence_of :password_confirmation, :if => :password_required? validates_length_of :password, :within => 4..40, :if => :password_required? validates_confirmation_of :password, :if => :password_required? validates_length_of :login, :within => 3..40 - validates_length_of :email, :within => 3..100 validates_uniqueness_of :login, :email, :case_sensitive => false before_save :encrypt_password @@ -68,4 +67,12 @@ class User < ActiveRecord::Base def password_required? crypted_password.blank? || !password.blank? end + def validate + # E-mail regex, moderate complexity + # Stolen from http://www.regular-expressions.info/email.html + errors.add(:email, "is not valid") unless email =~ + /^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i + errors.add(:login, "should not begin or end with spaces") if login.strip! + errors.add(:login, "should contain only letters, numbers, and spaces") unless login =~ /^[A-Za-z0-9 ]*$/ + end end diff --git a/app/views/election/_candidate_line.rhtml b/app/views/election/_candidate_line.rhtml index 5145b88..870a2de 100644 --- a/app/views/election/_candidate_line.rhtml +++ b/app/views/election/_candidate_line.rhtml @@ -1,6 +1,6 @@ <% -%>
-
  • <%= @current_candidate.name -%> +
  • <%=h @current_candidate.name -%> <% if @show_details %> (<%= link_to_remote "Hide Details", :update => "cand#{@current_candidate.id}", diff --git a/app/views/election/_candidate_line_edit.rhtml b/app/views/election/_candidate_line_edit.rhtml index 78f8580..61a9f63 100644 --- a/app/views/election/_candidate_line_edit.rhtml +++ b/app/views/election/_candidate_line_edit.rhtml @@ -1,6 +1,6 @@ <% -%>
    -

    <%= @current_candidate.name %> +

    <%=h @current_candidate.name %> (<%= link_to_remote "Delete", :complete => "Element.remove('cand#{@current_candidate.id}')", :url => { :action => :delete_candidate, diff --git a/app/views/election/_winner.rhtml b/app/views/election/_winner.rhtml index 531e0d2..0e55aa2 100644 --- a/app/views/election/_winner.rhtml +++ b/app/views/election/_winner.rhtml @@ -6,7 +6,7 @@

      <% for candidate in @winners %> -
    • <%= @candidates_by_id[candidate].name %>
    • +
    • <%=h @candidates_by_id[candidate].name %>
    • <% end %>
    @@ -14,7 +14,7 @@ <% winner = @winners[0] %>

    The winner of the election was: - <%= @candidates_by_id[winner].name %> + <%=h @candidates_by_id[winner].name %>

    <% end %> diff --git a/app/views/election/_winner_details.rhtml b/app/views/election/_winner_details.rhtml index 0903952..36877ae 100644 --- a/app/views/election/_winner_details.rhtml +++ b/app/views/election/_winner_details.rhtml @@ -6,12 +6,12 @@ preferred to any other candidates is listed here:

    <% for candidate in @election.candidates.sort %> - <%= candidate.name %> + <%=h candidate.name %> <% end %> <% for cand1 in @election.candidates.sort %> - <%= cand1.name %> + <%=h cand1.name %> <% for cand2 in @election.candidates.sort %> <% if cand1 == cand2 %> diff --git a/app/views/election/edit.rhtml b/app/views/election/edit.rhtml index 968d157..40aaad2 100644 --- a/app/views/election/edit.rhtml +++ b/app/views/election/edit.rhtml @@ -1,4 +1,4 @@ -

    <%= @election.name %>: Edit Overview

    +

    <%=h @election.name %>: Edit Overview

    <% form_tag(:action => 'update', :id => @election) do %> <%= render :partial => 'overview_form' %> diff --git a/app/views/election/edit_candidate.rhtml b/app/views/election/edit_candidate.rhtml index fe56aa0..7e1dd65 100644 --- a/app/views/election/edit_candidate.rhtml +++ b/app/views/election/edit_candidate.rhtml @@ -1,4 +1,4 @@ -

    Editing <%= @candidate.name %>

    +

    Editing <%=h @candidate.name %>

    <%= error_messages_for :candidate %> <% form_tag( { :action => :update_candidate, :id => @candidate.id }, diff --git a/app/views/election/list.rhtml b/app/views/election/list.rhtml index 83be6c6..321bf46 100644 --- a/app/views/election/list.rhtml +++ b/app/views/election/list.rhtml @@ -5,9 +5,9 @@ <% for election in @elections %> -

    <%= link_to election.name, :action => 'show', :id => election %>

    +

    <%=h link_to election.name, :action => 'show', :id => election %>

    Description:

    -
    <%= election.description %>
    +
    <%=h election.description %>

    Election Information:

      diff --git a/app/views/election/new_voters.rhtml b/app/views/election/new_voters.rhtml index d1f0fab..5f06446 100644 --- a/app/views/election/new_voters.rhtml +++ b/app/views/election/new_voters.rhtml @@ -1,5 +1,5 @@ <% @edit = true %> -

      <%= @election.name %>: Enter List of Voter Email Addresses

      +

      <%=h @election.name %>: Enter List of Voter Email Addresses

      <%= render :partial => 'voter_list' %> diff --git a/app/views/site/index.rhtml b/app/views/site/index.rhtml index 046228d..c828403 100644 --- a/app/views/site/index.rhtml +++ b/app/views/site/index.rhtml @@ -46,7 +46,7 @@
      • <%= link_to( "Create a QuickVote", :controller => 'quickvote', :action => 'create') %>
      • -
      • <%= link_to( "Recent QuickVotes", :controller => 'quickvote', :action => 'my_quickvotes')%>
      • +
      • <%= link_to( "My Recent QuickVotes", :controller => 'quickvote', :action => 'my_quickvotes')%>

      Recently created QuickVotes include:

      diff --git a/vendor/plugins/sitealizer/lib/last_update b/vendor/plugins/sitealizer/lib/last_update deleted file mode 100644 index d393158..0000000 --- a/vendor/plugins/sitealizer/lib/last_update +++ /dev/null @@ -1 +0,0 @@ -Wed Aug 29 13:54:03 -0400 2007