diff options
Diffstat (limited to 'debug_toolbar/views.py')
| -rw-r--r-- | debug_toolbar/views.py | 34 |
1 files changed, 18 insertions, 16 deletions
diff --git a/debug_toolbar/views.py b/debug_toolbar/views.py index 3fa809a..4b4ebc9 100644 --- a/debug_toolbar/views.py +++ b/debug_toolbar/views.py @@ -9,11 +9,19 @@ import django.views.static from django.conf import settings from django.http import HttpResponseBadRequest from django.shortcuts import render_to_response -from django.utils import simplejson -from django.utils.hashcompat import sha_constructor from debug_toolbar.utils.compat.db import connections +try: + import json +except ImportError: # python < 2.6 + from django.utils import simplejson as json + +try: + from hashlib import sha1 +except ImportError: # python < 2.5 + from django.utils.hashcompat import sha_constructor as sha1 + class InvalidSQLError(Exception): def __init__(self, value): @@ -23,14 +31,6 @@ class InvalidSQLError(Exception): return repr(self.value) -def debug_media(request, path): - root = getattr(settings, 'DEBUG_TOOLBAR_MEDIA_ROOT', None) - if root is None: - parent = os.path.abspath(os.path.dirname(__file__)) - root = os.path.join(parent, 'media', 'debug_toolbar') - return django.views.static.serve(request, path, root) - - def sql_select(request): """ Returns the output of the SQL SELECT statement. @@ -45,11 +45,11 @@ def sql_select(request): sql = request.GET.get('sql', '') params = request.GET.get('params', '') alias = request.GET.get('alias', 'default') - hash = sha_constructor(settings.SECRET_KEY + sql + params).hexdigest() + hash = sha1(settings.SECRET_KEY + sql + params).hexdigest() if hash != request.GET.get('hash', ''): return HttpResponseBadRequest('Tamper alert') # SQL Tampering alert if sql.lower().strip().startswith('select'): - params = simplejson.loads(params) + params = json.loads(params) cursor = connections[alias].cursor() cursor.execute(sql, params) headers = [d[0] for d in cursor.description] @@ -80,11 +80,11 @@ def sql_explain(request): sql = request.GET.get('sql', '') params = request.GET.get('params', '') alias = request.GET.get('alias', 'default') - hash = sha_constructor(settings.SECRET_KEY + sql + params).hexdigest() + hash = sha1(settings.SECRET_KEY + sql + params).hexdigest() if hash != request.GET.get('hash', ''): return HttpResponseBadRequest('Tamper alert') # SQL Tampering alert if sql.lower().strip().startswith('select'): - params = simplejson.loads(params) + params = json.loads(params) cursor = connections[alias].cursor() conn = connections[alias].connection @@ -95,6 +95,8 @@ def sql_explain(request): # EXPLAIN QUERY PLAN dumps a more human-readable summary # See http://www.sqlite.org/lang_explain.html for details cursor.execute("EXPLAIN QUERY PLAN %s" % (sql,), params) + elif engine == "psycopg2": + cursor.execute("EXPLAIN ANALYZE %s" % (sql,), params) else: cursor.execute("EXPLAIN %s" % (sql,), params) @@ -126,11 +128,11 @@ def sql_profile(request): sql = request.GET.get('sql', '') params = request.GET.get('params', '') alias = request.GET.get('alias', 'default') - hash = sha_constructor(settings.SECRET_KEY + sql + params).hexdigest() + hash = sha1(settings.SECRET_KEY + sql + params).hexdigest() if hash != request.GET.get('hash', ''): return HttpResponseBadRequest('Tamper alert') # SQL Tampering alert if sql.lower().strip().startswith('select'): - params = simplejson.loads(params) + params = json.loads(params) cursor = connections[alias].cursor() result = None headers = None |