From f40ad85645f27fc4b80683acdbefd01a1da51afd Mon Sep 17 00:00:00 2001
From: Rob Hudson
Date: Sat, 20 Sep 2008 17:00:19 -0700
Subject: Updating SQL panel to use Pygments for SQL highlighting if it's
 available, moving the EXPLAIN link to the left to avoid scrolling.

I have a feeling that the SQL panel could use a serious security review since
we're passing SQL in via GET which is, I'm sure, a big no-no.
---
 debug_toolbar/panels/sql.py                           | 19 ++++++++++++++-----
 debug_toolbar/templates/debug_toolbar/panels/sql.html |  4 ++--
 .../templates/debug_toolbar/panels/sql_explain.html   |  2 +-
 3 files changed, 17 insertions(+), 8 deletions(-)

(limited to 'debug_toolbar')

diff --git a/debug_toolbar/panels/sql.py b/debug_toolbar/panels/sql.py
index cdcbd1b..4b059ac 100644
--- a/debug_toolbar/panels/sql.py
+++ b/debug_toolbar/panels/sql.py
@@ -57,9 +57,18 @@ class SQLDebugPanel(DebugPanel):
 
 def reformat_sql(sql):
     sql = sql.replace('`,`', '`, `')
-    sql = sql.replace('` FROM `', '` \n  FROM `')
-    sql = sql.replace('` WHERE ', '` \n  WHERE ')
-    sql = sql.replace('` INNER JOIN ', '` \n  INNER JOIN ')
-    sql = sql.replace('` OUTER JOIN ', '` \n  OUTER JOIN ')
-    sql = sql.replace(' ORDER BY ', ' \n  ORDER BY ')
+    sql = sql.replace('SELECT ', 'SELECT\n\t')
+    sql = sql.replace('` FROM ', '`\nFROM\n\t')
+    sql = sql.replace('` WHERE ', '`\nWHERE\n\t')
+    sql = sql.replace('` INNER JOIN ', '`\nINNER JOIN\n\t')
+    sql = sql.replace('` OUTER JOIN ', '`\nOUTER JOIN\n\t')
+    sql = sql.replace(' ORDER BY ', '\nORDER BY\n\t')
+    # Use Pygments to highlight SQL if it's available
+    try:
+        from pygments import highlight
+        from pygments.lexers import SqlLexer
+        from pygments.formatters import HtmlFormatter
+        sql = highlight(sql, SqlLexer(), HtmlFormatter(noclasses=True))
+    except ImportError:
+        pass
     return sql
diff --git a/debug_toolbar/templates/debug_toolbar/panels/sql.html b/debug_toolbar/templates/debug_toolbar/panels/sql.html
index bd167bc..4663047 100644
--- a/debug_toolbar/templates/debug_toolbar/panels/sql.html
+++ b/debug_toolbar/templates/debug_toolbar/panels/sql.html
@@ -3,16 +3,16 @@
 	<thead>
 		<tr>
 			<th>Time&nbsp;(ms)</th>
-			<th>Query</th>
 			<th>Action</th>
+			<th>Query</th>
 		</tr>
 	</thead>
 	<tbody>
 		{% for query in queries %}
 			<tr class="{% cycle 'row1' 'row2' %}">
 				<td>{{ query.time|floatformat:"4" }}</td>
-				<td><pre>{{ query.sql|wordwrap:80|escape }}</pre></td>
 				<td><a class="remoteCall" href="/__debug__/sql_explain/?sql={{ query.raw_sql|urlencode }}&params={{ query.params|urlencode }}&time={{ query.time|floatformat:"4"|urlencode }}">EXPLAIN</a></td>
+				<td>{{ query.sql|safe }}</td>
 			</tr>
 		{% endfor %}
 	</tbody>
diff --git a/debug_toolbar/templates/debug_toolbar/panels/sql_explain.html b/debug_toolbar/templates/debug_toolbar/panels/sql_explain.html
index 8219205..d2fd567 100644
--- a/debug_toolbar/templates/debug_toolbar/panels/sql_explain.html
+++ b/debug_toolbar/templates/debug_toolbar/panels/sql_explain.html
@@ -2,7 +2,7 @@
 <h3>SQL Explained</h3>
 <dl>
 	<dt>Executed SQL</dt>
-	<dd><pre>{{ sql|wordwrap:80 }}</pre></dd>
+	<dd><pre>{{ sql|safe }}</pre></dd>
 	<dt>Time</dt>
 	<dd>{{ time }} ms</dd>
 </dl>
-- 
cgit v1.2.3