def install(self, rq, *args): setup_all() registerForm = "display:none;"; registerSuccess = "display:none;"; try: admin = members.get_by(is_admin=1) if admin != None: raise forbiddenException() except exceptions.OperationalError as e: if rq.q.has_key('username'): if rq.q.getfirst('email') == None: email = "" else: email = rq.q.getfirst('email').decode('utf8') if rq.q.getfirst('phone') == None: phone = "" else: phone = rq.q.getfirst('phone').decode('utf8') create_all() members(username = rq.q.getfirst('username').decode('utf8'), password = hashlib.sha256(rq.q.getfirst('password').decode('utf8')).hexdigest().decode('utf8'), email = rq.q.getfirst('email').decode('utf8'), phone = rq.q.getfirst('phone').decode('utf8'), is_admin = 1, is_banned = 0 ) session.commit() registerSuccess = ""; else: registerForm = ""; return { 'script':rq.script, 'registerForm':registerForm, 'registerSuccess':registerSuccess }
def install(self, rq, *args): setup_all() registerForm = "display:none;" registerSuccess = "display:none;" try: admin = members.get_by(is_admin=1) if admin != None: raise forbiddenException() except exceptions.OperationalError as e: if rq.q.has_key('username'): if rq.q.getfirst('email') == None: email = "" else: email = rq.q.getfirst('email').decode('utf8') if rq.q.getfirst('phone') == None: phone = "" else: phone = rq.q.getfirst('phone').decode('utf8') create_all() members(username=rq.q.getfirst('username').decode('utf8'), password=hashlib.sha256( rq.q.getfirst('password').decode( 'utf8')).hexdigest().decode('utf8'), email=rq.q.getfirst('email').decode('utf8'), phone=rq.q.getfirst('phone').decode('utf8'), is_admin=1, is_banned=0) session.commit() registerSuccess = "" else: registerForm = "" return { 'script': rq.script, 'registerForm': registerForm, 'registerSuccess': registerSuccess }
def members(self, rq, *args): returnUrl = urllib.quote(rq.script.decode("utf8")+u'/members/'+u'/'.join(args).decode("utf8")+u'?'+rq.qs.decode("utf8")) if not userLoggedin(rq) and returnUrl != u"/?": raise redirectException(rq.script+"/session/?returnUrl=%s" %returnUrl) elif not userLoggedin(rq): raise redirectException(rq.script+"/session/") if not userLoggedisAdmin(rq): raise forbiddenException() membersScript = viewMainMembersPage(rq.script) if rq.q.has_key("view"): if escape(rq.q.getfirst("view","")) == "add": membersScript = viewAddMember(rq.script) elif escape(rq.q.getfirst("view","")) == "edit": member = members.get_by(id = int(escape(rq.q.getfirst("id","")))) if member == None: raise fileNotFoundException() membersScript = viewEditMember(id = member.id, script_s = rq.script) elif escape(rq.q.getfirst("view","")) == "member": member = members.get_by(id = int(rq.q.getfirst("id",""))) if member == None: raise fileNotFoundException() membersScript = viewMember(member.id) elif escape(rq.q.getfirst("view","")) == "search": membersScript = processMemberResults(term = escape(rq.q.getfirst("term","").decode("utf8")), script_s = rq.script) elif escape(rq.q.getfirst("view","")) == "deleted": membersScript += "\n$('#deleted').show()" elif rq.q.has_key("process"): if escape(rq.q.getfirst("process")) == "add": new_member = members( username = escape(rq.q.getfirst("username","").decode("utf8")), password = hashlib.sha256(escape(rq.q.getfirst("password").decode('utf8'))).hexdigest(), email = escape(rq.q.getfirst("email","").decode("utf8")), phone = escape(rq.q.getfirst("phone","").decode("utf8")), is_admin = int(escape(rq.q.getfirst("is_admin","").decode("utf8"))) ) session.commit() membersScript = "window.location.replace('%(script)s/page/members/?view=member&id=%(id)s');" %{'script':rq.script, 'id':new_member.id} elif escape(rq.q.getfirst("process","")) == "edit": member = members.get_by(id = int(escape(rq.q.getfirst("id","")))) if member == None: raise fileNotFoundException() member.username = escape(rq.q.getfirst("username","").decode("utf8")) if rq.q.getfirst("password") == None or rq.q.getfirst("password") == "": pass else: member.password = hashlib.sha256(escape(rq.q.getfirst("password").decode('utf8'))).hexdigest() member.email = escape(rq.q.getfirst("email","").decode("utf8")) member.phone = escape(rq.q.getfirst("phone","").decode("utf8")) member.is_admin = int(escape(rq.q.getfirst("is_admin",""))) member.is_banned = int(escape(rq.q.getfirst("is_banned",""))) member.ban_reason = escape(rq.q.getfirst("ban_reason","").decode("utf8")) session.commit() membersScript = "window.location.replace('%(script)s/page/members/?view=member&id=%(id)s');" %{'script':rq.script, 'id':member.id} elif escape(rq.q.getfirst("process","")) == "delete": member = members.get_by(id = int(escape(rq.q.getfirst("id","")))) if member == None: raise fileNotFoundException() membersScript = viewDeletedMember(id = member.id, script_s = rq.script) return {'membersScript':membersScript, 'script':rq.script}
def members(self, rq, *args): returnUrl = urllib.quote( rq.script.decode("utf8") + u'/members/' + u'/'.join(args).decode("utf8") + u'?' + rq.qs.decode("utf8")) if not userLoggedin(rq) and returnUrl != u"/?": raise redirectException(rq.script + "/session/?returnUrl=%s" % returnUrl) elif not userLoggedin(rq): raise redirectException(rq.script + "/session/") if not userLoggedisAdmin(rq): raise forbiddenException() membersScript = viewMainMembersPage(rq.script) if rq.q.has_key("view"): if escape(rq.q.getfirst("view", "")) == "add": membersScript = viewAddMember(rq.script) elif escape(rq.q.getfirst("view", "")) == "edit": member = members.get_by( id=int(escape(rq.q.getfirst("id", "")))) if member == None: raise fileNotFoundException() membersScript = viewEditMember(id=member.id, script_s=rq.script) elif escape(rq.q.getfirst("view", "")) == "member": member = members.get_by(id=int(rq.q.getfirst("id", ""))) if member == None: raise fileNotFoundException() membersScript = viewMember(member.id) elif escape(rq.q.getfirst("view", "")) == "search": membersScript = processMemberResults(term=escape( rq.q.getfirst("term", "").decode("utf8")), script_s=rq.script) elif escape(rq.q.getfirst("view", "")) == "deleted": membersScript += "\n$('#deleted').show()" elif rq.q.has_key("process"): if escape(rq.q.getfirst("process")) == "add": new_member = members( username=escape( rq.q.getfirst("username", "").decode("utf8")), password=hashlib.sha256( escape(rq.q.getfirst("password").decode( 'utf8'))).hexdigest(), email=escape(rq.q.getfirst("email", "").decode("utf8")), phone=escape(rq.q.getfirst("phone", "").decode("utf8")), is_admin=int( escape(rq.q.getfirst("is_admin", "").decode("utf8")))) session.commit() membersScript = "window.location.replace('%(script)s/page/members/?view=member&id=%(id)s');" % { 'script': rq.script, 'id': new_member.id } elif escape(rq.q.getfirst("process", "")) == "edit": member = members.get_by( id=int(escape(rq.q.getfirst("id", "")))) if member == None: raise fileNotFoundException() member.username = escape( rq.q.getfirst("username", "").decode("utf8")) if rq.q.getfirst("password") == None or rq.q.getfirst( "password") == "": pass else: member.password = hashlib.sha256( escape(rq.q.getfirst("password").decode( 'utf8'))).hexdigest() member.email = escape( rq.q.getfirst("email", "").decode("utf8")) member.phone = escape( rq.q.getfirst("phone", "").decode("utf8")) member.is_admin = int(escape(rq.q.getfirst("is_admin", ""))) member.is_banned = int(escape(rq.q.getfirst("is_banned", ""))) member.ban_reason = escape( rq.q.getfirst("ban_reason", "").decode("utf8")) session.commit() membersScript = "window.location.replace('%(script)s/page/members/?view=member&id=%(id)s');" % { 'script': rq.script, 'id': member.id } elif escape(rq.q.getfirst("process", "")) == "delete": member = members.get_by( id=int(escape(rq.q.getfirst("id", "")))) if member == None: raise fileNotFoundException() membersScript = viewDeletedMember(id=member.id, script_s=rq.script) return {'membersScript': membersScript, 'script': rq.script}