def get(self):
databaseOperations.connectToDatabase('astrodb')
news = []
news.extend(databaseOperations.fetchAllNews(10))#to convert from sqlite3 object to list
#counts the webpage hits
hitsLib.updateHits('hits.txt')
#modifyList adds a preview of the news to every new(new[3])
def modifyList(new):
path = '../news/' + str(new[0])
newFile = open(path, 'r+')
newContent = newFile.read()
newFile.close()
finalNew = []
finalNew.extend(x for x in new[:3])
finalNew.append(newContent)
finalNew.extend(x for x in new[3:])
return finalNew
news = map(modifyList, news)
self.render("../main.html",
userName=self.get_secure_cookie("user"),
isAdmin=databaseOperations.isAdmin(self.get_secure_cookie("user")),
news=news)
databaseOperations.closeConnectionToDatabase()
def post(self):
if not self.current_user:
self.redirect("/")
return
else:
username = self.get_secure_cookie("user")
cpassword = self.get_argument("cpassword", None)
npassword = self.get_argument("npassword", None)
rnpassword = self.get_argument("rnpassword", None)
databaseOperations.connectToDatabase('astrodb')
errMsg = errorCheck.checkChangePassword(username, cpassword, npassword, rnpassword)
if errMsg != None:
databaseOperations.closeConnectionToDatabase()
self.render("../controlpanel.html", userName=self.get_secure_cookie("user"), errMsg=errMsg)
return
hashedcPwd = hashlib.sha512(cpassword).hexdigest()
hashednPwd = hashlib.sha512(npassword).hexdigest()
hashedrnPwd = hashlib.sha512(rnpassword).hexdigest()
try:
databaseOperations.connectToDatabase('astrodb')
databaseOperations.changePassword(username, hashednPwd)
databaseOperations.closeConnectionToDatabase()
self.render("../controlpanel.html", userName=self.get_secure_cookie("user"), errMsg = "Password successfully changed")
except:
self.render("../controlpanel.html", userName=self.get_secure_cookie("user"), errMsg = "Error changing password")
def post(self):
username = self.get_secure_cookie("user")
databaseOperations.connectToDatabase('astrodb')
if not databaseOperations.isAdmin(username) or databaseOperations.isBanned(username) or not databaseOperations.isVerified(username):
databaseOperations.closeConnectionToDatabase()
self.redirect("/")
return
title = self.get_argument("title", None)
code_type = self.get_argument("codeType", None)
description = self.get_argument("description", None)
codeFile = self.request.files['codeFile'][0]
path = "../code/" + str(databaseOperations.getNextCodeID())
codePath = open(path, "w")
codePath.write(codeFile['body'])
databaseOperations.insertCode(title, code_type, description)
userList = []
userList.extend(databaseOperations.fetchAllUsers())#to convert from sqlite3 object to list
msgs = []
msgs.extend(databaseOperations.fetchMsgs(2))#to convert from sqlite3 object to list
databaseOperations.closeConnectionToDatabase()
#Get hits
hitsList = hitsLib.readHits('hits.txt')
hitsList = map(lambda x:x.split(':')[1], hitsList)
self.render("../admin.html", userName=self.get_secure_cookie("user"), userList=userList, hitsList = hitsList, msgs=msgs, errMsg = "Code uploaded succesfully!")
def get(self, content_id):
databaseOperations.connectToDatabase('astrodb')
if self.current_user:
sessionUserID = databaseOperations.getIDFromUser(self.get_secure_cookie("user"))[0]
else:
sessionUserID = -1
news = databaseOperations.fetchNews(content_id)
if news:
path = '../news/' + str(news[0])
newsFile = open(path, 'r+')
newsContent = newsFile.read()
newsFile.close()
else:
newsContent = None
self.render("../shownews.html",
userName=self.get_secure_cookie("user"),
news=news,
newsContent = newsContent,
sessionUserID = sessionUserID,
isAdmin=databaseOperations.isAdmin(self.get_secure_cookie("user")),
commentNum=databaseOperations.fetchCommentNum(content_id),
comments=databaseOperations.fetchComments(content_id),
contentID=content_id )
databaseOperations.closeConnectionToDatabase()
def get(self, content_id):
databaseOperations.connectToDatabase('astrodb')
if self.current_user:
sessionUserID = databaseOperations.getIDFromUser(self.get_secure_cookie("user"))[0]
else:
sessionUserID = -1
code=databaseOperations.fetchCode(content_id)
if code:
path = '../code/' + str(code[0])
codeFile = open(path, 'r+')
codeContent = codeFile.read()
codeFile.close()
else:
codeContent = None
self.render("../showcode.html",
userName=self.get_secure_cookie("user"),
code=code,
codeContent = codeContent,
sessionUserID = sessionUserID,
isAdmin=databaseOperations.isAdmin(self.get_secure_cookie("user")),
commentNum=databaseOperations.fetchCommentNum(content_id),
comments=databaseOperations.fetchComments(content_id),
contentID=content_id)
databaseOperations.closeConnectionToDatabase()
def post(self):
try:
unbannedUser = self.get_argument("unbannedUser")
user = self.get_secure_cookie("user")
databaseOperations.connectToDatabase('astrodb')
if not databaseOperations.isAdmin(user):
self.redirect("/")
return
databaseOperations.unban(unbannedUser)
userList = []
userList.extend(databaseOperations.fetchAllUsers())#to convert from sqlite3 object to list
msgs = []
msgs.extend(databaseOperations.fetchMsgs(2))#to convert from sqlite3 object to list
#Get hits
hitsList = hitsLib.readHits('hits.txt')
hitsList = map(lambda x:x.split(':')[1], hitsList)
self.render("../admin.html", userName=user, userList = userList, hitsList = hitsList, msgs=msgs, errMsg = "User " + unbannedUser + " succesfully unbanned")
databaseOperations.closeConnectionToDatabase()
except:
userList = []
userList.extend(databaseOperations.fetchAllUsers())#to convert from sqlite3 object to list
msgs = []
msgs.extend(databaseOperations.fetchMsgs(2))#to convert from sqlite3 object to list
unbannedUser = self.get_argument("unbannedUser")
self.render("../admin.html", userName=self.get_secure_cookie("user"), userList = userList, msgs=msgs, errMsg = "Error unbanning user " + unbannedUser)
def post(self):
username = self.get_secure_cookie("user")
databaseOperations.connectToDatabase('astrodb')
if not databaseOperations.isAdmin(username) or databaseOperations.isBanned(username) or not databaseOperations.isVerified(username):
databaseOperations.closeConnectionToDatabase()
self.redirect("/")
return
title = self.get_argument("title", None)
date = time.strftime("%d %b %G %H:%M", time.localtime(time.time()))
newsFile = self.request.files['newsFile'][0]
path = "../news/" + str(databaseOperations.getNextNewsID())
newsPath = open(path, "w")
newsPath.write(newsFile['body'])
newsimg = self.request.files['newsimg'][0]
path = "../imgs/news/" + str(databaseOperations.getNextNewsID()) + ".jpg"
imgPath = open(path, "w")
imgPath.write(newsimg['body'])
databaseOperations.insertNews(title, date)
userList = []
userList.extend(databaseOperations.fetchAllUsers())#to convert from sqlite3 object to list
msgs = []
msgs.extend(databaseOperations.fetchMsgs(2))#to convert from sqlite3 object to list
databaseOperations.closeConnectionToDatabase()
#Get hits
hitsList = hitsLib.readHits('hits.txt')
hitsList = map(lambda x:x.split(':')[1], hitsList)
self.render("../admin.html", userName=self.get_secure_cookie("user"), userList=userList, hitsList = hitsList, msgs=msgs, errMsg = "News posted succesfully!")
def post(self):
(name, message) = (self.get_argument("name", None), self.get_argument("message", None))
date = time.strftime("%d %b %G %H:%M", time.localtime(time.time()))
ip_address = self.request.remote_ip
errMsg = errorCheck.checkSendMessage(name, message)
if errMsg != None:
self.render("../message.html", userName=self.get_secure_cookie("user"), message=errMsg)
return
databaseOperations.connectToDatabase('astrodb')
databaseOperations.insertMessage(name, message, date, ip_address)
databaseOperations.closeConnectionToDatabase()
self.render("../message.html", userName=self.get_secure_cookie("user"), message="Message successfully sent")
def post(self):
(username, password) = (self.get_argument("user", None), self.get_argument("pwd", None))
#Check for empty fields, wrong login, not verified, banned users
databaseOperations.connectToDatabase('astrodb')
errMsg = errorCheck.checkLogin(username, password)
if errMsg != None:
databaseOperations.closeConnectionToDatabase()
self.render("../login.html", userName=self.get_secure_cookie("user"), errMsg=errMsg)
return
databaseOperations.closeConnectionToDatabase()
self.set_secure_cookie("user", username)
self.redirect("/")
def get(self, content_id):
databaseOperations.connectToDatabase('astrodb')
if self.current_user:
sessionUserID = databaseOperations.getIDFromUser(self.get_secure_cookie("user"))[0]
else:
sessionUserID = -1
self.render("../showart.html",
userName=self.get_secure_cookie("user"),
art=databaseOperations.fetchArt(content_id),
sessionUserID = sessionUserID,
isAdmin=databaseOperations.isAdmin(self.get_secure_cookie("user")),
commentNum=databaseOperations.fetchCommentNum(content_id),
comments=databaseOperations.fetchComments(content_id),
contentID=content_id)
databaseOperations.closeConnectionToDatabase()
def post(self):
if not self.current_user:
self.redirect("/")
return
else:
username = self.get_secure_cookie("user")
email = self.get_argument("email", "notvalid")
if not errorCheck.checkEmail(email):
self.render("../controlpanel.html", userName=self.get_secure_cookie("user"), errMsg = "This is not a valid email address")
return
try:
databaseOperations.connectToDatabase('astrodb')
databaseOperations.changeEmailAddress(username, email)
databaseOperations.closeConnectionToDatabase()
self.render("../controlpanel.html", userName=self.get_secure_cookie("user"), errMsg = "Email address successfully changed")
except:
self.render("../controlpanel.html", userName=self.get_secure_cookie("user"), errMsg = "Error changing email address")
def get(self):
databaseOperations.connectToDatabase('astrodb')
username = self.get_secure_cookie("user")
if not databaseOperations.isAdmin(username) or databaseOperations.isBanned(username) or not databaseOperations.isVerified(username):
databaseOperations.closeConnectionToDatabase()
self.redirect("/")
return
else:
#Get hits
hitsList = hitsLib.readHits('hits.txt')
hitsList = map(lambda x:x.split(':')[1], hitsList)
userList = []
userList.extend(databaseOperations.fetchAllUsers())#to convert from sqlite3 object to list
msgs = []
msgs.extend(databaseOperations.fetchMsgs(2))#to convert from sqlite3 object to list
databaseOperations.closeConnectionToDatabase()
self.render("../admin.html", userName=self.get_secure_cookie("user"), userList=userList, hitsList=hitsList, msgs=msgs, errMsg = None)
def get(self, news_id):
try:
if not self.current_user:
self.redirect("/login")
return
databaseOperations.connectToDatabase('astrodb')
if not databaseOperations.isAdmin( self.get_secure_cookie("user") ):
databaseOperations.closeConnectionToDatabase()
self.redirect("/")
return
databaseOperations.deleteNews(news_id)
databaseOperations.closeConnectionToDatabase()
self.redirect("/")
except:
print "Error deleting news with news id", news_id
def post(self):
try:
(email, username, password) = (self.get_argument("email", None), self.get_argument("username", None), self.get_argument("password", None))
#Check for empty fields & already existing users
databaseOperations.connectToDatabase('astrodb')
errMsg = errorCheck.checkRegister(email, username, password)
databaseOperations.closeConnectionToDatabase()
if errMsg != None:
self.render("../register.html", userName=self.get_secure_cookie("user"), errMsg=errMsg)
return
hashedPwd = hashlib.sha512(password).hexdigest()
ip_address = self.request.remote_ip
databaseOperations.connectToDatabase('astrodb')
databaseOperations.register(email, username, hashedPwd, ip_address)
#Create reset code
chars = string.ascii_lowercase + string.ascii_uppercase + string.digits
resetCode = ''.join( random.choice(chars) for r in range(15) )
databaseOperations.changeResetCode(username, resetCode)
databaseOperations.closeConnectionToDatabase()
#Construct the verification code
r = str(random.randint(0,1000))
verificationCode = hashlib.sha512(username + hashedPwd + r).hexdigest()[:35]
#Construct the URL and EMAIL CONTENTS
url = "http://www.astrocamel.com/verify?u=%s&c=%s&r=%s" %(username, verificationCode, r)
to = email
gmail_user = '******'
gmail_pwd = 'x'
smtpserver = smtplib.SMTP("smtp.gmail.com",587)
smtpserver.ehlo()
smtpserver.starttls()
smtpserver.ehlo
smtpserver.login(gmail_user, gmail_pwd)
header = 'To:' + to + '\n' + 'From: ' + gmail_user + '\n' + 'Subject:Registration at AstroCamel \n'
msg = header + "\n You have successfully registers at AstroCamel.com. Visit " + url + " to verify your registration. \n\n"
smtpserver.sendmail(gmail_user, to, msg)
smtpserver.close()
self.render("../message.html", userName=self.get_secure_cookie("user"), message="Registration complete. Check your email for the verification code. You may need to check your junk mail")
except:
self.render("../message.html", userName=self.get_secure_cookie("user"), message="Registration could not be complete due to an error")
def post(self, content_id):
username = self.get_secure_cookie("user")
databaseOperations.connectToDatabase('astrodb')
if not self.current_user or databaseOperations.isBanned(username) or not databaseOperations.isVerified(username):
self.redirect("/login")
return
(comment, user) = (self.get_argument("comment", None), self.current_user)
date = time.strftime("%d %b %G %H:%M", time.localtime(time.time()))
user_id = databaseOperations.getIDFromUser(user)[0]
content_type = databaseOperations.getContentTypeFromID(content_id)[0]
print content_type
if not comment:
self.redirect( "/show%s/%s" %(content_type, str(content_id)) )
return
databaseOperations.insertComment(content_id, user_id, comment, date)
databaseOperations.closeConnectionToDatabase()
self.redirect( "/show%s/%s" %(content_type, str(content_id)) )
def post(self):
try:
username = self.get_argument("user", None)
#Check for empty field
if not username:
self.render("../message.html", userName=self.get_secure_cookie("user"), message="Username was left blank")
return
databaseOperations.connectToDatabase('astrodb')
email = databaseOperations.getEmailFromUsername(username)
if not email:
self.render("../message.html", userName=self.get_secure_cookie("user"), message="Cannot reset password for this user")
return
else:
email = email[0]
#Create reset code
chars = string.ascii_lowercase + string.ascii_uppercase + string.digits
resetCode = ''.join( random.choice(chars) for r in range(15) )
databaseOperations.changeResetCode(username, resetCode)
databaseOperations.closeConnectionToDatabase()
#Construct the URL
url = "http://www.astrocamel.com/resetpassword?u=%s&c=%s" %(username, resetCode)
to = email
gmail_user = '******'
gmail_pwd = 'x'
smtpserver = smtplib.SMTP("smtp.gmail.com",587)
smtpserver.ehlo()
smtpserver.starttls()
smtpserver.ehlo
smtpserver.login(gmail_user, gmail_pwd)
header = 'To:' + to + '\n' + 'From: ' + gmail_user + '\n' + 'Subject:Lost Password - AstroCamel \n'
msg = header + "\n You have requested a password reset. Please follow the link: " + url + " to reset your password. \n\n"
smtpserver.sendmail(gmail_user, to, msg)
smtpserver.close()
self.render("../message.html", userName=self.get_secure_cookie("user"), message="An email has been sent to your address with further instructions on how to reset your password. You may need to check your junk mail")
except:
self.render("../message.html", userName=self.get_secure_cookie("user"), message="Cannot reset password for this user")
def get(self):
u = str(self.get_argument("u", None))
c = str(self.get_argument("c", None))
r = str(self.get_argument("r", None))
databaseOperations.connectToDatabase('astrodb')
verified = databaseOperations.isVerified(u)
databaseOperations.closeConnectionToDatabase()
if verified:
self.render("../message.html", userName=self.get_secure_cookie("user"), message=u + " is already verified")
return
try:
databaseOperations.connectToDatabase('astrodb')
password = databaseOperations.getPasswordFromUser(u)[0]
databaseOperations.closeConnectionToDatabase()
except:
self.render("../message.html", userName=self.get_secure_cookie("user"), message="Could not validate username " + u)
return
correctValidationCode = hashlib.sha512(u + password + r).hexdigest()[:35]
if c == correctValidationCode:
databaseOperations.connectToDatabase('astrodb')
databaseOperations.verify(u)
databaseOperations.closeConnectionToDatabase()
message="Verification complete. You can now log in"
else:
message="Could not validate username" + u
self.render("../message.html", userName=self.get_secure_cookie("user"), message=message)
def get(self, comment_id):
try:
if not self.current_user:
self.redirect("/login")
return
databaseOperations.connectToDatabase('astrodb')
content_id = databaseOperations.getContentIDFromCommentID(comment_id)[0]
content_type = databaseOperations.getContentTypeFromID(content_id)[0]
contentPath = "/show%s/%s" %(content_type, str(content_id))
user = databaseOperations.getUserFromCommentID(comment_id)[0]
if user == self.get_secure_cookie("user") or databaseOperations.isAdmin(self.get_secure_cookie("user")):
#if user is the author of the comment, or if admin
databaseOperations.deleteComment(comment_id)
databaseOperations.closeConnectionToDatabase()
self.redirect( contentPath )
except:
print "Error deleting comment with comment id", comment_id
def post(self):
username = self.get_secure_cookie("user")
databaseOperations.connectToDatabase('astrodb')
if not databaseOperations.isAdmin(username) or databaseOperations.isBanned(username) or not databaseOperations.isVerified(username):
databaseOperations.closeConnectionToDatabase()
self.redirect("/")
return
description = self.get_argument("description", None)
nextArtID = str(databaseOperations.getNextArtID())
#upload gfx
gfxFile = self.request.files['gfxFile'][0]
path = "../imgs/art/gfx/" + nextArtID + ".jpg"
gfxPath = open(path, "w")
gfxPath.write(gfxFile['body'])
#resize gfx and put in directory
size = 250, 80
bigImage = Image.open(path)
try:
bigImage.load()
except:
bigImage = bigImage.rotate(30)
bigImage.save("../imgs/art/" + nextArtID + "small.jpg", "JPEG")
#insert gfx into db
databaseOperations.insertGfx(description)
userList = []
userList.extend(databaseOperations.fetchAllUsers())#to convert from sqlite3 object to list
msgs = []
msgs.extend(databaseOperations.fetchMsgs(2))#to convert from sqlite3 object to list
databaseOperations.closeConnectionToDatabase()
#Get hits
hitsList = hitsLib.readHits('hits.txt')
hitsList = map(lambda x:x.split(':')[1], hitsList)
self.render("../admin.html", userName=self.get_secure_cookie("user"), userList=userList, hitsList = hitsList, msgs=msgs, errMsg = "GFX uploaded succesfully!")
def get(self):
#try:
u = self.get_argument("u", None)
c = self.get_argument("c", None)
databaseOperations.connectToDatabase('astrodb')
resetCode = databaseOperations.getResetCodeFromUsername(u)
if not resetCode:
self.render("../message.html", userName=self.get_secure_cookie("user"), message="Cannot reset password for this user")
return
else:
resetCode = resetCode[0]
#Reset code
if resetCode == c:
hashedPwd = hashlib.sha512(u).hexdigest()
databaseOperations.ResetPassword(u, hashedPwd)
databaseOperations.closeConnectionToDatabase()
self.render("../message.html", userName=self.get_secure_cookie("user"), message="Your password has been reset to: %s" %u)
return
else:
databaseOperations.closeConnectionToDatabase()
self.render("../message.html", userName=self.get_secure_cookie("user"), message="Cannot reset password for this user")
def get(self, art_id):
databaseOperations.connectToDatabase('astrodb')
content_id = databaseOperations.getContentIDFromArtID(art_id)
databaseOperations.closeConnectionToDatabase()
self.render("../website.html", userName=self.get_secure_cookie("user"), art_id=art_id, content_id=content_id[0])
def get(self):
databaseOperations.connectToDatabase('astrodb')
self.render("../gallery.html", userName=self.get_secure_cookie("user"), gfxs=databaseOperations.fetchGfxs(2), webs=databaseOperations.fetchWebs(2))
databaseOperations.closeConnectionToDatabase()
def get(self):
databaseOperations.connectToDatabase('astrodb')
self.render("../code.html", userName=self.get_secure_cookie("user"), codes=databaseOperations.fetchCodes(2))
databaseOperations.closeConnectionToDatabase()
