diff options
| -rw-r--r-- | app/controllers/admin_controller.rb | 3 | ||||
| -rw-r--r-- | app/views/admin/index.rhtml | 1 | ||||
| -rw-r--r-- | todo.txt | 13 |
3 files changed, 8 insertions, 9 deletions
diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index fdada3839..7ff75064c 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: admin_controller.rb,v 1.19 2008-07-30 13:37:21 francis Exp $ +# $Id: admin_controller.rb,v 1.20 2008-09-08 01:49:57 francis Exp $ class AdminController < ApplicationController layout "admin" @@ -16,6 +16,7 @@ class AdminController < ApplicationController @public_body_count = PublicBody.count @info_request_count = InfoRequest.count @track_thing_count = TrackThing.count + @comment_count = Comment.count # Tasks to do last_event_time_clause = '(select created_at from info_request_events where info_request_events.info_request_id = info_requests.id order by created_at desc limit 1)' diff --git a/app/views/admin/index.rhtml b/app/views/admin/index.rhtml index 6749c263f..b3f57517b 100644 --- a/app/views/admin/index.rhtml +++ b/app/views/admin/index.rhtml @@ -7,6 +7,7 @@ <li><%=@info_request_count%> requests</li> <li><%=@user_count%> users</li> <li><%=@track_thing_count%> tracked things</li> +<li><%=@comment_count%> annotations</li> </ul> <hr> @@ -13,11 +13,6 @@ Write code to make sure the Return-Path is never foi@sandwich grrr Maybe move "send followup" into actions? -Call this - # See ActionController::RequestForgeryProtection for details - # Uncomment the :secret if you're not using the cookie session store - protect_from_forgery # :secret => '<%= app_secret %>' - This page very slow: http://www.whatdotheyknow.com/user/stuart_hardwicke_carruthers @@ -68,8 +63,6 @@ Comments etc. do not sort in right order - by date, but not by time Perhaps show grouping count? http://www.whatdotheyknow.com/search/variety:comment/newest -Try changing "email me" link to something else like "track by email" - CSS things - CSS error on "all councils" page on some browsers - Spacing on error boxes round form elements @@ -83,7 +76,6 @@ Show similar requests after you have filed yours - maybe on preview too. Turning off frontpage - Remove javascript from default :) -Add count of comments to admin summary page Flag bad comments, delete comments from admin interface - perhaps via contact form, and form sending refering URL? @@ -110,6 +102,11 @@ http://www.whatdotheyknow.com/body/hblb Later ===== +Protect from CSRF with this in app controller (care it doesn't break anything): + # See ActionController::RequestForgeryProtection for details + # Uncomment the :secret if you're not using the cookie session store + protect_from_forgery # :secret => '<%= app_secret %>' + Look at quote_address_if_necessary in actionmailer's quoting.rb - why did it not work for the email address with "@" in its name part? |