def requesthandler(self): guid = self.request.get('guid') cl = self.request.get('cl') comment = clean(self.request.get('comment')) if len(cl) < 1 and len(comment) > 4: cl = TestLanguage.language(text=comment) remote_addr = self.request.remote_addr ip = self.request.get('ip') if len(ip) > 0: remote_addr = ip username = self.request.get('username') pw = self.request.get('pw') session='' location = geo.get(remote_addr) if type(location) is dict: try: city = location['city'] state= location['state'] country= location['country'] except: city = '' state = '' country = '' try: latitude=location['latitude'] longitude=location['longitude'] except: latitude = None longitude = None if len(comment) > 5 and len(guid) > 7: emptyform=False else: emptyform=True if not emptyform: spamchecked = False akismetkey = Settings.get('akismet') root_url = Settings.get('root_url') if len(root_url) > 0 and string.count(root_url, 'http://') < 1: root_url = 'http://' + root_url a = Akismet() a.setAPIKey(akismetkey, blog_url = root_url) if a.verify_key(): data = dict() data['user_ip']=remote_addr data['user_agent']=self.request.headers['User-Agent'] if a.comment_check(comment, data): spam=True else: spam=False spamchecked=True else: spam=False spamchecked=False result = False if len(username) > 0: session = Users.auth(username=username, pw=pw, session='') if len(session) < 8: username='' if not spam: tdb = db.Query(Translation) tdb.filter('guid = ', guid) item = tdb.get() if item is not None: md5hash = item.md5hash sl = item.sl tl = item.tl st = item.st tt = item.tt domain = item.domain url = item.url professional = item.professional author = item.username cdb = db.Query(Comment) cdb.filter('guid = ', guid) cdb.filter('remote_addr = ', remote_addr) item = cdb.get() if item is None: item = Comment() item.guid = guid item.md5hash = md5hash item.tl = tl item.cl = cl item.comment = comment item.username = username item.spamchecked = spamchecked item.spam = spam item.remote_addr = remote_addr timestamp = datetime.datetime.now() item.minute = timestamp.minute item.hour = timestamp.hour item.day = timestamp.day item.month = timestamp.month item.year = timestamp.year item.domain = domain item.url = url item.city = city item.state = state item.country = country try: item.latitude = latitude item.longitude = longitude except: pass item.put() if professional and len(author) > 0: LSP.comment(guid, comment, lsp=author, username=username, remote_addr=remote_addr) result = True self.response.headers['Content-Type']='text/plain' if result: self.response.out.write('ok') else: self.error(500) self.response.out.write('error') else: tdb = db.Query(Translation) tdb.order('-date') item = tdb.get() if item is not None: guid = item.guid else: guid = '' t = '<table><form action=/comments/submit method=post accept-charset=utf-8>' t = t + '<tr><td>GUID of Translation (guid)</td><td><input type=text name=guid value="' + guid + '"></td></tr>' t = t + '<tr><td>Comment (comment)</td<td><input type=text name=comment></td></tr>' t = t + '<tr><td>Username (username, optional)</td><td><input type=text name=username></td></tr>' t = t + '<tr><td>Password (pw, optional)</td><td><input type=text name=pw></td></tr>' t = t + '<tr><td colspan=2><input type=submit value=SUBMIT></td></tr></table></form>' www.serve(self,t,sidebar=self.__doc__, title = '/comments/submit')
def requesthandler(self): """ Combined GET and POST request handler.""" doc = self.request.get('doc') if user_service == 'google': if doc =='y': www.serve(self,self.__doc__, title = '/users/auth') else: user = users.get_current_user() if user is None: self.redirect(users.create_login_url(self.request.uri)) else: self.redirect('/') else: cookies = Cookies(self,max_age=3600) try: session = cookies['session'] except: session = self.request.get('session') username = clean(self.request.get('username')) pw = self.request.get('pw') callback = self.request.get('callback') remote_addr = self.request.remote_addr proxyurl = self.request.get('proxyurl') username_field = self.request.get('username_field') pw_field = self.request.get('pw_field') success_msg = self.request.get('success_msg') error_msg = self.request.get('error_msg') location = geo.get(remote_addr) city = location.get('city','') state = location.get('state', '') country = location.get('country', '') try: latitude = location['latitude'] longitude = location['longitude'] except: latitude = None longitude = None if len(username) > 2 or len(session) > 2: if len(proxyurl) > 0 and len(username_field) > 0 and len(pw_field) > 0: form=dict() form[username_field]=username form[pw_field]=pw form['user_ip']=remote_addr form_data = urllib.urlencode(form) result = urlfetch.fetch(url=proxyurl, payload=form_data, method=urlfetch.POST, headers={'Content-Type' : 'application/x-www-form-urlencoded','Accept-Charset' : 'utf-8'}) if result.status_code == 200: text = clean(result.content) if string.count(text,success_msg) > 0: m = md5.new() m.update(username) m.update(str(datetime.datetime.now())) session = str(m.hexdigest()) sessioninfo = dict() sessioninfo['username'] = username sessioninfo['session'] = session memcache.set('sessions|' + session, sessioninfo, 1800) else: session = None else: session=None else: sessioninfo = Users.auth(username, pw, session, remote_addr, city=city, state=state, country=country, latitude=latitude, longitude=longitude) if sessioninfo is not None: cookies['session'] = sessioninfo.get('session','') self.response.headers['Content-Type']='text/plain' if len(callback) > 0: self.redirect(callback) else: if type(sessioninfo) is dict: self.response.out.write(sessioninfo.get('session','')) else: self.response.out.write('') else: t = '<form action=/users/auth method=post accept-charset=utf-8>' t = t + '<table><tr><td>Username</td><td><input type=text name=username></td></tr>' t = t + '<tr><td>Password</td><td><input type=password name=pw></td></tr>' t = t + '<tr><td>Proxy URL (External Auth Server)</td><td><input type=text name=proxyurl value=http://www.worldwidelexicon.org/users/proxy></td></tr>' t = t + '<tr><td>Username Field</td><td><input type=text name=username_field value=username></td></tr>' t = t + '<tr><td>Password Field</td><td><input type=text name=pw_field value=pw></td></tr>' t = t + '<tr><td>Success Message / String</td><td><input type=text name=success_msg value=welcome></td></tr>' t = t + '<tr><td>Error Message / String</td><td><input type=text name=error_msg value=invalid></td></tr>' t = t + '<tr><td colspan=2><input type=submit value=LOGIN></td></tr>' t = t + '</table></form>' www.serve(self,t, sidebar = self.__doc__, title = '/users/auth')