def upload_page():
if not funcs.is_admin_login():
abort(403)
if request.method == "POST":
print request.form
groupkey = request.form.get("groupkey", None)
if groupkey is None:
abort(403)
try:
file_num = int(request.form.get("file_num"))
except:
abort(403)
if file_num <= 0:
abort(403)
def get_orig_filename(filename, group_key):
pos = filename.rfind("-%s" % group_key)
if pos != -1:
return filename[:pos]
else:
return filename
upload_dir = os.path.join(config.ROOT_PATH, config.UPLOAD_FOLDER)
files = glob.glob(os.path.join(upload_dir, "*-%s" % groupkey))
if not files:
abort(403)
elif len(files) == 1:
o_fn = os.path.basename(get_orig_filename(files[0], groupkey))
dst_fn = gen_dfn_filename(o_fn)
shutil.copy(files[0], dst_fn)
os.remove(files[0])
d_fn = gen_file_item(dst_fn, o_fn)
return redirect(url_for("edit_file", file_indicator=d_fn))
else:
o_fn = "ziparchive.zip"
o_f_type = "zip"
dst_fn = gen_dfn_filename(o_fn)
d_fn = os.path.basename(dst_fn)
d_basefn = d_fn[: d_fn.rfind(".")]
newdir = os.path.join(upload_dir, d_basefn)
os.mkdir(newdir)
for f in files:
o_fn = os.path.basename(get_orig_filename(f, groupkey))
new_o_fn = os.path.join(newdir, o_fn)
shutil.copy(f, new_o_fn)
os.remove(f)
make_archive(dst_fn[: dst_fn.rfind(".")], o_f_type, newdir)
shutil.rmtree(newdir, True)
d_fn2 = gen_file_item(dst_fn, "[Archive]%s" % datetime.utcnow().strftime("%Y-%m-%d %H:%I"))
return redirect(url_for("edit_file", file_indicator=d_fn2))
randkey = "%s-%s" % (sha1(str(datetime.utcnow())).hexdigest(), gen_passwd(8))
return render_template("upload.html", title="Upload Files", randkey=randkey)
def delete_file(file_indicator=None):
if not funcs.is_admin_login(): abort(403)
ufile = UFile.query.filter(UFile.url == file_indicator).first()
if not ufile: abort(404)
fn = funcs.fullname(ufile.filename)
db_session.delete(ufile)
db_session.commit()
try:
os.remove(fn)
except:
pass
return redirect(url_for('file_serve',file_indicator=file_indicator))
def login_page():
redirect_to = request.values.get('next', url_for('homepage'))
print redirect_to
if request.method == 'POST':
u_name = request.form.get('username', None)
u_pass = request.form.get('password', None)
if u_name == config.USERNAME and sha1(u_pass).hexdigest() == config.PASSWORD:
session['username'] = u_name
if request.form.get('keeplog', None) == 'yes':
session.permanent = True
else:
session.permanent = False
return redirect(redirect_to)
else:
flash('Username or password is not valid.')
return render_template('login.html', redirect_to=redirect_to)
def logout_page():
redirect_to = request.args.get('next', url_for('homepage'))
session.pop('username', None)
return redirect(redirect_to)
def edit_file(file_indicator = None):
if request.method == 'GET' and file_indicator is None: return homepage()
if not funcs.is_admin_login():
abort(403)
ufile = None
if request.method == 'POST':
try:
ufile = UFile.query.filter(UFile.id == int(request.form.get('file_id'))).first()
except:
ufile = None
if not ufile:
abort(403)
err = False
name = Markup(request.form.get('name')).striptags().strip()
if not name:
err = True
flash('Title is empty or contains illegal characters.')
else:
ufile.name = name
url = re.sub('[^%a-zA-Z0-9_\-\.]', '', request.form.get('url')).strip('-')
if not url:
err = True
flash('URL is empty or contains illegal characters.')
else:
ufile.url = url
if UFile.query.filter(UFile.url == 'url').count() > 0:
err = True
flash('URL has already existed.')
ufile.password = request.form.get('password').strip()
if not ufile.password: ufile.password = None
ufile.description = request.form.get('description').strip()
if not ufile.description: ufile.description = None
try:
expire_delta = int(request.form.get('expire_delta'))
except:
expire_delta = -1
if expire_delta == -1:
pass
else:
if expire_delta == 0:
ufile.expire_at = None
else:
ufile.expire_at = datetime.utcnow()+timedelta(hours=expire_delta)
for item in ['linkable', 'download', 'homeshow']:
if request.form.get(item) == 'yes':
setattr(ufile, item, True)
else:
setattr(ufile, item, False)
if not err:
db_session.add(ufile)
try:
db_session.commit()
return redirect(url_for('file_serve',file_indicator=url))
except:
flash('Failed to update database.')
if ufile is None: ufile = _get_ufile(file_indicator)
preview = _get_preview(ufile)
fileext = _get_fileext(ufile)
visitkey = gen_passwd()
page_title = "Edit \"%s\"" % ufile.name
if ufile.description is None: ufile.description = ''
if ufile.password is None: ufile.password = ''
response = make_response(render_template('edit.html', ufile=ufile, preview = preview, fileext = fileext, file_indicator = file_indicator, visitkey=visitkey, edit_page = False, title=page_title))
response.set_cookie(sf_cookie_name(ufile.filename), sf_cookie_val(ufile.filename, visitkey))
return response
