diff options
| author | Matt George | 2008-09-29 12:30:37 -0500 |
|---|---|---|
| committer | Matt George | 2008-09-29 12:30:37 -0500 |
| commit | 4734384cecd18ee6497730dc997aa34040975d13 (patch) | |
| tree | adbbe87fbc1f441e83ea068f19a5128fffd98f09 /debug_toolbar/views.py | |
| parent | 2a32669822bddb31f687fcf6ca45f5d82d691e8d (diff) | |
| parent | ce8c68b79c2de4abde01b29b1c73754ce4deb981 (diff) | |
| download | django-debug-toolbar-4734384cecd18ee6497730dc997aa34040975d13.tar.bz2 | |
Merge branch 'master' of git://github.com/robhudson/django-debug-toolbar
Conflicts:
debug_toolbar/templates/debug_toolbar/base.html
Diffstat (limited to 'debug_toolbar/views.py')
| -rw-r--r-- | debug_toolbar/views.py | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/debug_toolbar/views.py b/debug_toolbar/views.py new file mode 100644 index 0000000..b67a70b --- /dev/null +++ b/debug_toolbar/views.py @@ -0,0 +1,52 @@ +""" +Helper views for the debug toolbar. These are dynamically installed when the +debug toolbar is displayed, and typically can do Bad Things, so hooking up these +views in any other way is generally not advised. +""" + +import os +import django.views.static +from django.conf import settings +from django.db import connection +from django.http import HttpResponse +from django.shortcuts import render_to_response +from django.utils import simplejson +from django.utils.hashcompat import sha_constructor + +def debug_media(request, path): + root = getattr(settings, 'DEBUG_TOOLBAR_MEDIA_ROOT', None) + if root is None: + parent = os.path.abspath(os.path.dirname(__file__)) + root = os.path.join(parent, 'media') + return django.views.static.serve(request, path, root) + +def sql_explain(request): + """ + Returns the output of the SQL EXPLAIN on the given query. + + Expected GET variables: + sql: urlencoded sql with positional arguments + params: JSON encoded parameter values + time: time for SQL to execute passed in from toolbar just for redisplay + hash: the hash of (secret + sql + params) for tamper checking + """ + from debug_toolbar.panels.sql import reformat_sql + sql = request.GET.get('sql', '') + params = request.GET.get('params', '') + hash = sha_constructor(settings.SECRET_KEY + sql + params).hexdigest() + if hash != request.GET.get('hash', ''): + return HttpResponse('<h3>Tamper alert</h3>') # SQL Tampering alert + if sql.lower().startswith('select'): + params = simplejson.loads(params) + cursor = connection.cursor() + cursor.execute("EXPLAIN %s" % (sql,), params) + headers = [d[0] for d in cursor.description] + result = cursor.fetchall() + cursor.close() + context = { + 'result': result, + 'sql': reformat_sql(cursor.db.ops.last_executed_query(cursor, sql, params)), + 'time': request.GET.get('time', 0.0), + 'headers': headers, + } + return render_to_response('debug_toolbar/panels/sql_explain.html', context) |