More fixes

8 years ago · 634a7c2471
parent 0875fd5201
commit 634a7c2471
2 changed files with 3 additions and 3 deletions
--- a/server.py
+++ b/server.py
@ -55,10 +55,10 @@ def query(filter, query):

@app.route('/parts/getfile/<filename>')
 def getfile(filename):
-    if(re.match('^[\w\-_]+\.pdf$', filename) == None):
+    if(re.match('^[\w\-_]+$', filename) == None):
        return 'No injections pls.'

-    return send_from_directory('/srv/datasheets/', 'filename')
+    return send_from_directory('/srv/datasheets/', filename + '.pdf')

@app.route('/parts/alter/<partID>', methods=['POST'])
 def alter(partID):
--- a/static/script.js
+++ b/static/script.js
@ -235,7 +235,7 @@ $(document).ready(function() {

              newResults += '<div class="results-datasheet">';
              if (data[i].datasheet != null)
-                newResults += '<a href="https://www.elab.kth.se/parts/getfile/' + data[i].datasheet + '"><i class="fa fa-file-text" aria-hidden="true"></i></a>';
+                newResults += '<a href="https://www.elab.kth.se/parts/getfile/' + data[i].datasheet.substring(0, data[i].datasheet.length - 4) + '"><i class="fa fa-file-text" aria-hidden="true"></i></a>';
              newResults += '</div>';
              newResults += '</a>'
              newResults += '</div>';