my $submissions = $c->model('submissions');
my $util = $c->model('util');
- my $allowed_tags = <<'EOT';
-{
- "a": ["href"],
- "blockquote": [],
- "i": [],
- "strong": []
-}
-EOT
-
- my $allowed = decode_json($allowed_tags);
+ my $allowed = $c->app->config->{Editor}->{allowed_tags};
my $data = $c->req->json;
+ my $item = $data->{item};
- $params->{title} = $util->escape_html({}, $data->{title});
- $params->{url} = $data->{url};
- $params->{email} = $data->{email};
- $params->{introtext} = $util->clean_html($allowed, $data->{introtext});
+ $params->{title} = $util->escape_html({}, $item->{title});
+ $params->{url} = $item->{url};
+ $params->{email} = $item->{email};
+ $params->{introtext} = $util->clean_html($allowed, $item->{introtext});
$params->{tid} = 49; #mainpage
$params->{action} = $data->{action} || 'preview';
$extra_params->{createheaders} = $c->req->headers->to_string;
if ($params->{action} eq 'preview') {
my $result = {
title => $params->{title},
- intro_text => $params->{introtext},
+ introtext => $params->{introtext},
email => $params->{email},
tid => $params->{tid},
};
- $c->render(json => $result);
+ $c->render(json => {item => $result});
}
elsif ($params->{action} eq 'post') {
my $sub_id = $submissions->create($params, $user, $extra_params, $opts);
$c->rendered(409);
return;
}
+ $c->render(json => { err => 1, message => $submissions->last_error });
+ $c->rendered(500);
$c->rendered(500);
}
}