1
0
Fork 0
forked from bton/matekasse

removed escape

This commit is contained in:
bton 2024-03-06 21:27:12 +01:00
parent f4181ade07
commit c86b91a246

View file

@ -64,7 +64,7 @@ def create_app(test_config=None):
c = db.cursor() c = db.cursor()
c.execute("SELECT * FROM users") c.execute("SELECT * FROM users")
users = c.fetchall() users = c.fetchall()
return render_template("list.html", users=escape(users), preis=escape(preis/100)) return render_template("list.html", user_name=users preis=(preis/100)
@app.route("/transactionlist") @app.route("/transactionlist")
def transactionlist(): def transactionlist():
@ -124,7 +124,7 @@ def create_app(test_config=None):
if user != None : if user != None :
c.execute(f"SELECT * FROM tags WHERE userid={user[0]}") c.execute(f"SELECT * FROM tags WHERE userid={user[0]}")
tags = c.fetchall() tags = c.fetchall()
return render_template("user.html", user=escape(user), tags=escape(tags)) return render_template("user.html", user=user, tags=tags)
else: else:
return render_template("error.html", error_code="043") return render_template("error.html", error_code="043")
@ -144,7 +144,7 @@ def create_app(test_config=None):
user_name = user[1] user_name = user[1]
db.remove_user(user_id) db.remove_user(user_id)
socketio.emit("update", "update") socketio.emit("update", "update")
return render_template("removeuser.html", user_name=escape(user_name)) return render_template("removeuser.html", user_name=user_name)
else: else:
return render_template("error.html", error_code="043") return render_template("error.html", error_code="043")
@ -235,7 +235,7 @@ def create_app(test_config=None):
session_id = uuid.uuid4() session_id = uuid.uuid4()
session[id] = session_id session[id] = session_id
user_queue.put([user_id, "remove", session_id]) user_queue.put([user_id, "remove", session_id])
return render_template("removetag.html", user=escape(user_id)) return render_template("removetag.html", user=user_id)
else: else:
db = get_db() db = get_db()
c = db.cursor() c = db.cursor()