CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

Check-in list PDF: Escape HTML tags in names

Browse Source
This commit is contained in:
Raphael Michel
2022-01-03 12:41:37 +01:00
parent e74d9e56cf
commit d4a2500204
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/pretix/plugins/checkinlists/exporters.py
View File

@@ -35,6 +35,7 @@
from collections import OrderedDict
from datetime import datetime, time, timedelta
import bleach
import dateutil.parser
from django import forms
from django.db.models import (
@@ -374,8 +375,8 @@ class PDFCheckinList(ReportlabExportMixin, CheckInListMixin, BaseExporter):
CBFlowable(bool(op.last_checked_in)),
'' if op.order.status != Order.STATUS_PAID else '',
op.order.code,
Paragraph(name, self.get_style()),
Paragraph(item, self.get_style()),
Paragraph(bleach.clean(str(name), tags=['br']).strip().replace('<br>', '<br/>'), self.get_style()),
Paragraph(bleach.clean(str(item), tags=['br']).strip().replace('<br>', '<br/>'), self.get_style()),
]
acache = {}
if op.addon_to:
@@ -395,6 +396,7 @@ class PDFCheckinList(ReportlabExportMixin, CheckInListMixin, BaseExporter):
acache[a.question_id] = str(a)
for q in questions:
txt = acache.get(q.pk, '')
txt = bleach.clean(txt, tags=['br']).strip().replace('<br>', '<br/>')
p = Paragraph(txt, self.get_style())
while p.wrap(colwidths[len(row)], 5000)[1] > 50 * mm:
txt = txt[:len(txt) - 50] + "..."