From 4b3f62eff0395c4cbbf7ae83aa4f3037c5f918b3 Mon Sep 17 00:00:00 2001 From: Chris Dodge Date: Mon, 29 Jul 2013 10:52:48 -0400 Subject: [PATCH] add some client side validation to make sure org/course/run is URL sage --- cms/static/js/base.js | 14 ++++++++++++++ cms/templates/index.html | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/cms/static/js/base.js b/cms/static/js/base.js index 04551dd283..b10d4b31bd 100644 --- a/cms/static/js/base.js +++ b/cms/static/js/base.js @@ -653,6 +653,20 @@ function saveNewCourse(e) { bInErr = (display_name_errMsg || org_errMsg || number_errMsg || run_errMsg); + // check for suitable encoding + if (!bInErr) { + encoding_errMsg = gettext('Please do not use any spaces or special characters in this field.'); + + if (encodeURIComponent(org) != org) + org_errMsg = encoding_errMsg; + if (encodeURIComponent(number) != number) + number_errMsg = encoding_errMsg; + if (encodeURIComponent(run) != run) + run_errMsg = encoding_errMsg; + + bInErr = (display_name_errMsg || org_errMsg || number_errMsg || run_errMsg); + } + header_err_msg = (bInErr) ? gettext('Please correct the fields below.') : null; setNewCourseErrMsgs(header_err_msg, display_name_errMsg, org_errMsg, number_errMsg, run_errMsg); diff --git a/cms/templates/index.html b/cms/templates/index.html index 3e07570ed1..5cecabe2b2 100644 --- a/cms/templates/index.html +++ b/cms/templates/index.html @@ -67,7 +67,7 @@
  • - ${_("The unique number that identifies your course within your organization")} - ${_("Note: This cannot be changed")} + ${_("The unique number that identifies your course within your organization")} - ${_("Note: No spaces or special characters are allowed. This cannot be changed")}