def addAlert(userID, alertTypes, msgText, link, alertTitle):
msgText = dbShared.dbInsertSafe(msgText)
alertTitle = dbShared.dbInsertSafe(alertTitle)
if len(msgText) + len(alertTitle) + 3 > 1023:
# Truncate the message so it will fit
msgText = msgText[:(1020 - len(alertTitle))]
msgText = msgText[:msgText[:-9].rfind("\n")]
msgText = msgText + "\n more..."
conn = ghConn()
cursor = conn.cursor()
if (alertTypes % 2 == 1):
cursor.execute("".join((
"INSERT INTO tAlerts (userID, alertType, alertTime, alertMessage, alertLink, alertStatus) VALUES ('",
userID, "', 1, NOW(), '", alertTitle, " - ", msgText, "', '", link,
"', 0);")))
homeid = cursor.lastrowid
if (alertTypes >= 4):
cursor.execute("".join((
"INSERT INTO tAlerts (userID, alertType, alertTime, alertMessage, alertLink, alertStatus) VALUES ('",
userID, "', 4, NOW(), '", alertTitle, " - ", msgText, "', '", link,
"', 0);")))
mobileid = cursor.lastrowid
if (alertTypes != 1 and alertTypes != 4 and alertTypes != 5):
cursor.execute("".join((
"INSERT INTO tAlerts (userID, alertType, alertTime, alertMessage, alertLink, alertStatus) VALUES ('",
userID, "', 2, NOW(), '", alertTitle, " - ", msgText, "', '", link,
"', 0);")))
emailid = cursor.lastrowid
cursor.close()
sendAlertMail(conn, userID, msgText, link, emailid, alertTitle)
else:
cursor.close()
def main():
form = cgi.FieldStorage()
# Get Cookies
useCookies = 1
cookies = Cookie.SimpleCookie()
try:
cookies.load(os.environ['HTTP_COOKIE'])
except KeyError:
useCookies = 0
if useCookies:
try:
currentUser = cookies['userID'].value
except KeyError:
currentUser = ''
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
sid = form.getfirst('gh_sid', '')
# Get a session
logged_state = 0
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
spawnName = form.getfirst('name', '')
galaxy = form.getfirst('galaxy', '')
# escape input to prevent sql injection
spawnName = dbShared.dbInsertSafe(spawnName)
galaxy = dbShared.dbInsertSafe(galaxy)
return getSpawnXML(spawnName, galaxy, currentUser, logged_state)
# Get a session
logged_state = 0
galaxy = form.getfirst('galaxy', '')
uid = form.getfirst('uid', '')
resGroup = form.getfirst('resGroup', '')
resType = form.getfirst('resType', '')
unitsGT = form.getfirst('unitsGT', '')
unitsLT = form.getfirst('unitsLT', '')
formatType = form.getfirst('formatType', '')
resGroups = form.getfirst('resGroups', '')
resTypes = form.getfirst('resTypes', '')
favGroup = form.getfirst('favGroup', '')
sortBy = form.getfirst('sortBy', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
galaxy = dbShared.dbInsertSafe(galaxy)
uid = dbShared.dbInsertSafe(uid)
resGroup = dbShared.dbInsertSafe(resGroup)
resType = dbShared.dbInsertSafe(resType)
unitsGT = dbShared.dbInsertSafe(unitsGT)
unitsLT = dbShared.dbInsertSafe(unitsLT)
resGroups = dbShared.dbInsertSafe(resGroups)
resTypes = dbShared.dbInsertSafe(resTypes)
favGroup = dbShared.dbInsertSafe(favGroup)
sortBy = dbShared.dbInsertSafe(sortBy)
sess = dbSession.getSession(sid)
if (sess != ''):
logged_state = 1
currentUser = sess
You should have received a copy of the GNU Affero General Public License
along with Galaxy Harvester. If not, see <http://www.gnu.org/licenses/>.
"""
import cgi
import MySQLdb
import dbShared
#
form = cgi.FieldStorage()
resCategory = form.getfirst('resCategory', '')
outType = form.getfirst('outType', '')
# escape input to prevent sql injection
resCategory = dbShared.dbInsertSafe(resCategory)
outType = dbShared.dbInsertSafe(outType)
print 'Content-type: text/html\n'
if outType == 'links':
print '<ul class="plain">'
elif outType == 'graphic':
print ''
else:
print '<option value="none" title="p00000000000">None</option>'
if len(resCategory) > 0:
joinStr = ' INNER JOIN (SELECT resourceGroup FROM tResourceGroupCategory WHERE resourceCategory = "' + resCategory + '") rgc ON tResourceGroup.resourceGroup = rgc.resourceGroup'
else:
joinStr = ''
import cgi
import urllib
sys.path.append("../")
import dbInfo
#
form = cgi.FieldStorage()
key1 = form.getfirst('key1', '')
key2 = form.getfirst('key2', '')
key3 = form.getfirst('key3', '')
key4 = form.getfirst('key4', '')
key5 = form.getfirst('key5', '')
iFile = form.getfirst('iFile', '')
iContent = form.getfirst('iContent', '')
# escape input
key1 = dbShared.dbInsertSafe(key1)
key2 = dbShared.dbInsertSafe(key2)
key3 = dbShared.dbInsertSafe(key3)
key4 = dbShared.dbInsertSafe(key4)
key5 = dbShared.dbInsertSafe(key5)
iFile = urllib.unquote(iFile)
iContent = urllib.unquote(iContent)
def n2n(inVal):
if (inVal == None):
return '\N'
else:
return str(inVal)
# Main program
print 'Content-type: text/html\n'
# Get form info
wpID = form.getfirst("wpID", "")
galaxy = form.getfirst("galaxy", "")
planet = form.getfirst("planet", "")
spawnID = form.getfirst("resID", "")
spawnName = form.getfirst("resName", "")
price = form.getfirst("price", "0")
concentration = form.getfirst("concentration", "")
location = form.getfirst("location", "")
wpName = form.getfirst("wpName", "")
shareLevel = form.getfirst("shareLevel", "")
forceOp = form.getfirst("forceOp", "")
waypointID = form.getfirst("waypointID", "")
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
wpID = dbShared.dbInsertSafe(wpID)
galaxy = dbShared.dbInsertSafe(galaxy)
planet = dbShared.dbInsertSafe(planet)
spawnID = dbShared.dbInsertSafe(spawnID)
spawnName = dbShared.dbInsertSafe(spawnName)
price = dbShared.dbInsertSafe(price)
concentration = dbShared.dbInsertSafe(concentration)
location = dbShared.dbInsertSafe(location)
wpName = dbShared.dbInsertSafe(wpName)
shareLevel = dbShared.dbInsertSafe(shareLevel)
forceOp = dbShared.dbInsertSafe(forceOp)
waypointID = dbShared.dbInsertSafe(waypointID)
lattitude = ""
longitude = ""
def main():
# Get current url
try:
url = os.environ['SCRIPT_NAME']
except KeyError:
url = ''
form = cgi.FieldStorage()
uiTheme = ''
# Get Cookies
useCookies = 1
cookies = Cookie.SimpleCookie()
try:
cookies.load(os.environ['HTTP_COOKIE'])
except KeyError:
useCookies = 0
if useCookies:
try:
currentUser = cookies['userID'].value
except KeyError:
currentUser = ''
try:
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
try:
uiTheme = cookies['uiTheme'].value
except KeyError:
uiTheme = ''
else:
currentUser = ''
loginResult = form.getfirst('loginAttempt', '')
sid = form.getfirst('gh_sid', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
# Get a session
logged_state = 0
linkappend = ''
disableStr = ''
if loginResult == None:
loginResult = 'success'
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
if (uiTheme == ''):
uiTheme = dbShared.getUserAttr(currentUser, 'themeName')
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
else:
disableStr = ' disabled="disabled"'
if (uiTheme == ''):
uiTheme = 'crafter'
# Get recipe id from path
path = []
if os.environ.has_key('PATH_INFO'):
path = os.environ['PATH_INFO'].split('/')[1:]
path = [p for p in path if p != '']
recipeHTML = ''
slotHTML = ''
schemImageName = ''
schematicDetailsHTML = ''
ingTypes = ''
ingGroups = ''
pageType = 'recipe'
if len(path) > 0:
recipeID = dbShared.dbInsertSafe(path[0])
url = url + '/' + recipeID
r = ghObjectRecipe.schematicRecipe()
if logged_state == 1:
# Look up recipe info
try:
conn = dbShared.ghConn()
cursor = conn.cursor()
except Exception:
recipeHTML = "Error: could not connect to database"
if (cursor and recipeID.isdigit()):
cursor.execute(
'SELECT recipeID, userID, tRecipe.schematicID, recipeName, (SELECT imageName FROM tSchematicImages si WHERE si.schematicID=tRecipe.schematicID AND si.imageType=1) AS schemImage, schematicName, complexity FROM tRecipe INNER JOIN tSchematic ON tRecipe.schematicID = tSchematic.schematicID WHERE recipeID='
+ recipeID + ';')
row = cursor.fetchone()
if (row != None):
if row[1] == currentUser:
# main recipe data
if (row[4] != None):
schemImageName = row[4]
else:
schemImageName = 'none.jpg'
r.recipeID = row[0]
r.schematicID = row[2]
r.recipeName = row[3]
r.schematicImage = schemImageName
# schematic quality data
schematicDetailsHTML = '<div><a href="' + ghShared.BASE_SCRIPT_URL + 'schematics.py/' + row[
2] + '" title="Go to schematic page.">' + row[
5] + '</a></div>'
schematicDetailsHTML += '<div>Complexity: ' + str(
row[6]) + '</div>'
expGroup = ''
expProp = ''
schematicDetailsHTML += '<td valign="top"><h3>Qualities</h3><ul id="qualitiesList" style="margin-top:6px;">'
expCursor = conn.cursor()
expCursor.execute(
'SELECT tSchematicQualities.expQualityID, expProperty, expGroup, statName, statWeight, weightTotal FROM tSchematicQualities INNER JOIN tSchematicResWeights ON tSchematicQualities.expQualityID = tSchematicResWeights.expQualityID WHERE schematicID="'
+ r.schematicID +
'" ORDER BY expGroup, expProperty, statName;')
expRow = expCursor.fetchone()
while (expRow != None):
if (expGroup != expRow[2]):
tmpName = expRow[2].replace('_', ' ')
schematicDetailsHTML = schematicDetailsHTML + '<li class="groupText">' + tmpName + '</li>'
expGroup = expRow[2]
if (expProp != expRow[1]):
tmpName = expRow[1].replace('_', ' ')
schematicDetailsHTML = schematicDetailsHTML + '<li class="schemQualityProperty altText">' + tmpName + '</li>'
expProp = expRow[1]
schematicDetailsHTML += '<li class="schemQualityItem" tag="' + expRow[
3] + ':' + str(
(expRow[4] * 1.0 / expRow[5]) * 100
) + '"><span class="inlineBlock" style="width:100px;">' + ghNames.getStatName(
expRow[3]) + (': </span><span>%.0f' % (
(expRow[4] * 1.0 / expRow[5]) * 100)
) + '%</span></li>'
expRow = expCursor.fetchone()
expCursor.close()
# Look up ingredient data
ri = None
sqlStr = 'SELECT si.ingredientName, ingredientResource, ingredientObject, ingredientQuantity, ingredientContribution, rt.containerType tcontainer, rg.containerType gcontainer, rt.resourceTypeName, rg.groupName, ingredientQuality FROM tSchematicIngredients si LEFT JOIN (SELECT ingredientName, ingredientResource, ingredientQuality FROM tRecipeIngredients WHERE recipeID=' + str(
r.recipeID
) + ') ri ON si.ingredientName = ri.ingredientName LEFT JOIN tResourceType rt ON si.ingredientObject = rt.resourceType LEFT JOIN tResourceGroup rg ON si.ingredientObject = rg.resourceGroup WHERE schematicID="' + r.schematicID + '" ORDER BY ingredientQuantity DESC, si.ingredientName'
ingCursor = conn.cursor()
ingCursor.execute(sqlStr)
ingRow = ingCursor.fetchone()
while (ingRow != None):
if ingRow[5] == None:
if ingRow[6] == None:
container = 'default'
objectName = ingRow[2].rpartition(
'/')[2].replace('_', ' ')
if objectName[-4:] == '.iff':
objectName = objectName[:-4]
else:
ingGroups += '"' + ingRow[2] + '",'
container = ingRow[6]
objectName = ingRow[8]
else:
ingTypes += '"' + ingRow[2] + '",'
container = ingRow[5]
objectName = ingRow[7]
# get details of ingredient resource for schematic
resDetails = ''
if ingRow[1] != None and (ingRow[5] != None
or ingRow[6] != None):
spawn = resource.getResource(
conn, logged_state, currentUser, ingRow[1],
None, None)
resDetails = 'Loaded with: ' + spawn.spawnName + ', ' + spawn.resourceTypeName + '<br />' + spawn.getStatList(
)
r.recipeIngredients.append(
ghObjectRecipe.recipeIngredient(
ingRow[2], ingRow[1], ingRow[0], ingRow[3],
container, objectName, ingRow[9],
resDetails))
ingRow = ingCursor.fetchone()
ingCursor.close()
if ingTypes != '':
ingTypes = ingTypes[:-1]
if ingGroups != '':
ingGroups = ingGroups[:-1]
slotHTML = r.getIngredientSlots()
else:
recipeHTML = "That is not your recipe."
else:
recipeHTML = "The recipe ID given could not be found."
cursor.close()
else:
# Render recipe home if any non number in sub path
pageType = 'home'
conn.close()
else:
recipeHTML = "You must be logged in to manage recipes."
else:
recipeHTML = 'You have not specified a recipe to edit, would you like to create a new one?<div style="float:right;"><button type=button value="New Recipe" class="ghButton" onclick="addRecipe();">New Recipe</button></div>'
pictureName = dbShared.getUserAttr(currentUser, 'pictureName')
print 'Content-type: text/html\n'
env = Environment(loader=FileSystemLoader('templates'))
env.globals['BASE_SCRIPT_URL'] = ghShared.BASE_SCRIPT_URL
env.globals['MOBILE_PLATFORM'] = ghShared.getMobilePlatform(
os.environ['HTTP_USER_AGENT'])
template = env.get_template('recipe.html')
print template.render(uiTheme=uiTheme,
loggedin=logged_state,
currentUser=currentUser,
loginResult=loginResult,
linkappend=linkappend,
url=url,
pictureName=pictureName,
imgNum=ghShared.imgNum,
galaxyList=ghLists.getGalaxyList(),
professionList=ghLists.getProfessionList(),
recipeHTML=recipeHTML,
slotHTML=slotHTML,
schematicDetailsHTML=schematicDetailsHTML,
ingTypes=ingTypes,
ingGroups=ingGroups,
pageType=pageType,
recipeID=r.recipeID,
recipeName=r.recipeName,
schemImageName=schemImageName)
currentUser = ''
try:
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
email = form.getfirst("email")
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
email = dbShared.dbInsertSafe(email)
# Get a session
logged_state = 0
linkappend = ''
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
linkappend = 'gh_sid=' + sid
# Check for errors
errstr = ''
if (len(email) < 6):
errstr = errstr + "That is not a valid email address. \r\n"
cursor = conn.cursor()
cursor.execute("SELECT userID FROM tUsers WHERE userID='" + nameString + "'")
row = cursor.fetchone()
if row == None:
userid = ""
else:
userid = row[0]
cursor.close()
conn.close()
return userid
# Main program
form = cgi.FieldStorage()
uname = form.getfirst("uname", "")
uname = dbShared.dbInsertSafe(uname)
result = ""
tmpID = findName(uname)
if (tmpID == ""):
result = ""
else:
result = "That user name is not available."
print 'Content-type: text/html\n'
print result
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
sid = form.getfirst('gh_sid', '')
spawnName = form.getfirst('spawn', '')
galaxy = form.getfirst('galaxy', '')
planets = form.getfirst('planets', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
spawnName = dbShared.dbInsertSafe(spawnName)
galaxy = dbShared.dbInsertSafe(galaxy)
planets = dbShared.dbInsertSafe(planets)
# Get a session
logged_state = 0
sess = dbSession.getSession(sid)
if (sess != ''):
logged_state = 1
currentUser = sess
# Main program
print 'Content-type: text/html\n'
else:
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
# Get form info
itemID = form.getfirst("itemID", "")
favType = form.getfirst("favType", "")
favGroup = form.getfirst("favGroup", "")
itemName = form.getfirst("itemName", "")
galaxyID = form.getfirst("galaxy", "")
operation = form.getfirst("op", "")
units = form.getfirst("units", "")
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
itemID = dbShared.dbInsertSafe(itemID)
favType = dbShared.dbInsertSafe(favType)
favGroup = dbShared.dbInsertSafe(favGroup)
itemName = dbShared.dbInsertSafe(itemName)
galaxyID = dbShared.dbInsertSafe(galaxyID)
operation = dbShared.dbInsertSafe(operation)
units = dbShared.dbInsertSafe(units)
result = ""
# Get a session
logged_state = 0
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
along with Galaxy Harvester. If not, see <http://www.gnu.org/licenses/>.
"""
import os
import sys
import Cookie
import dbSession
import dbShared
import cgi
import MySQLdb
#
form = cgi.FieldStorage()
resType = form.getfirst('resType', '')
# escape input to prevent sql injection
resType = dbShared.dbInsertSafe(resType)
# Main program
print 'Content-type: text/html\n'
clist = '<table class="userData" width="100%">'
conn = dbShared.ghConn()
cursor = conn.cursor()
if (cursor):
clist += '<thead><tr class="tableHead"><th>Creature</th><th>Yield</th></thead>'
sqlStr = 'SELECT speciesName, maxAmount FROM tResourceTypeCreature WHERE resourceType="' + resType + '" ORDER BY maxAmount DESC, speciesName'
cursor.execute(sqlStr)
row = cursor.fetchone()
while (row != None):
clist += ' <tr class="statRow"><td>' + str(row[0]).replace('_',' ') + '</td><td>' + str(row[1]) + '</td>'
clist += ' </tr>'
"""
import dbShared
import cgi
import MySQLdb
import ghShared
import dbShared
#
form = cgi.FieldStorage()
galaxy = form.getfirst('galaxy', '')
uid = form.getfirst('uid', '')
lastTime = form.getfirst('lastTime', '')
# escape input to prevent sql injection
galaxy = dbShared.dbInsertSafe(galaxy)
uid = dbShared.dbInsertSafe(uid)
lastTime = dbShared.dbInsertSafe(lastTime)
timeCriteria = ""
pageSize = 42
# Main program
print 'Content-type: text/html\n'
if (len(lastTime) > 5):
timeCriteria = " AND eventTime < '" + lastTime + "'"
conn = dbShared.ghConn()
cursor = conn.cursor()
if (cursor):
if uid != '':
print '<table class="userData" width="640">'
else:
currentUser = ''
sid = form.getfirst('gh_sid', '')
galaxy = form.getfirst('galaxy', '')
prof = form.getfirst('prof', '')
schematicID = form.getfirst('schematicID', '')
unavailable = form.getfirst('unavailable', '')
excludeGroups = form.getfirst('excludeGroups', '')
compare = form.getfirst('compare','undefined')
# Get a session
logged_state = 0
linkappend = ''
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
galaxy = dbShared.dbInsertSafe(galaxy)
prof = dbShared.dbInsertSafe(prof)
schematicID = dbShared.dbInsertSafe(schematicID)
excludeGroups = dbShared.dbInsertSafe(excludeGroups)
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
# Main program
resGroup = ''
import ghLists
import dbShared
#
form = cgi.FieldStorage()
groupType = form.getfirst('groupType', '')
profession = form.getfirst('profession', '')
craftingTab = form.getfirst('craftingTab', '')
resType = form.getfirst('resType', '')
resSecondary = form.getfirst('resSecondary', '')
resGroup = form.getfirst('resGroup', '')
selectSchematic = form.getfirst('selectSchematic', '')
listFormat = form.getfirst('listFormat', 'list')
# escape input to prevent sql injection
groupType = dbShared.dbInsertSafe(groupType)
profession = dbShared.dbInsertSafe(profession)
craftingTab = dbShared.dbInsertSafe(craftingTab)
resType = dbShared.dbInsertSafe(resType)
resSecondary = dbShared.dbInsertSafe(resSecondary)
resGroup = dbShared.dbInsertSafe(resGroup)
selectSchematic = dbShared.dbInsertSafe(selectSchematic)
listFormat = dbShared.dbInsertSafe(listFormat)
filterStr = ''
joinStr = ''
if (groupType == 'prof'):
if (profession.isdigit()):
filterStr = ' WHERE tProfession.profID = ' + str(profession)
elif (groupType == 'tab'):
if (craftingTab.isdigit()):
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
galaxy = form.getfirst('galaxy', '')
unavailableDays = form.getfirst('unavailableDays', '')
planet = form.getfirst('planetSel', '')
planetName = form.getfirst('planetName', '')
resGroup = form.getfirst('resGroup', '')
resCategory = form.getfirst('resCategory', '')
resType = form.getfirst('resType', '')
sort = form.getfirst('sort', '')
favorite = form.getfirst('favorite', 'undefined')
formatType = form.getfirst('formatType', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
galaxy = dbShared.dbInsertSafe(galaxy)
unavailableDays = dbShared.dbInsertSafe(unavailableDays)
planet = dbShared.dbInsertSafe(planet)
planetName = dbShared.dbInsertSafe(planetName)
resGroup = dbShared.dbInsertSafe(resGroup)
resCategory = dbShared.dbInsertSafe(resCategory)
resType = dbShared.dbInsertSafe(resType)
sort = dbShared.dbInsertSafe(sort)
favorite = dbShared.dbInsertSafe(favorite)
# Get a session
logged_state = 0
linkappend = ''
sess = dbSession.getSession(sid, 2592000)
def main():
# Get current url
try:
url = os.environ['SCRIPT_NAME']
except KeyError:
url = ''
form = cgi.FieldStorage()
uiTheme = ''
# Get Cookies
useCookies = 1
cookies = Cookie.SimpleCookie()
try:
cookies.load(os.environ['HTTP_COOKIE'])
except KeyError:
useCookies = 0
if useCookies:
try:
currentUser = cookies['userID'].value
except KeyError:
currentUser = ''
try:
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
try:
uiTheme = cookies['uiTheme'].value
except KeyError:
uiTheme = ''
try:
galaxy = cookies['galaxy'].value
except KeyError:
galaxy = "8"
else:
currentUser = ''
loginResult = form.getfirst('loginAttempt', '')
sid = form.getfirst('gh_sid', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
# Get a session
logged_state = 0
linkappend = ''
disableStr = ''
if loginResult == None:
loginResult = 'success'
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
if (uiTheme == ''):
uiTheme = dbShared.getUserAttr(currentUser, 'themeName')
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
else:
disableStr = ' disabled="disabled"'
if (uiTheme == ''):
uiTheme = 'crafter'
# Get recipe id from path
path = []
if os.environ.has_key('PATH_INFO'):
path = os.environ['PATH_INFO'].split('/')[1:]
path = [p for p in path if p != '']
recipeHTML = ''
slotHTML = ''
schematicSummaryHTML = ''
schematicDetailsHTML = ''
ingTypes = ''
ingGroups = ''
pageType = 'recipe'
if len(path) > 0:
recipeID = dbShared.dbInsertSafe(path[0])
url = url + '/' + recipeID
if logged_state == 1:
# Look up recipe info
try:
conn = dbShared.ghConn()
cursor = conn.cursor()
except Exception:
recipeHTML = "Error: could not connect to database"
if (cursor and recipeID.isdigit()):
cursor.execute('SELECT recipeID, userID, tRecipe.schematicID, recipeName, (SELECT imageName FROM tSchematicImages si WHERE si.schematicID=tRecipe.schematicID AND si.imageType=1) AS schemImage, schematicName, complexity FROM tRecipe INNER JOIN tSchematic ON tRecipe.schematicID = tSchematic.schematicID WHERE recipeID=' + recipeID + ';')
row = cursor.fetchone()
if (row != None):
if row[1] == currentUser:
# main recipe data
if (row[4] != None):
schemImageName = row[4]
else:
schemImageName = 'none.jpg'
schematicSummaryHTML = '<img src="/images/schematics/' + schemImageName + '" class="schematics" />'
r = ghObjectRecipe.schematicRecipe()
r.recipeID = row[0]
r.schematicID = row[2]
r.recipeName = row[3]
r.schematicImage = schemImageName
recipeHTML = '<div><a href="" id="nameLink" onclick="$(this).hide();$(\'#nameEditor\').show();$(\'#recipeName\').focus();return false;" title="Click to edit name." class="nameLink">' + r.recipeName + '</a></div><div id="nameEditor" style="display:none;"><input type="text" id="recipeName" size="30" maxlength="255" value="' + r.recipeName + '" onblur="$(\'#nameLink\').html(this.value).show();$(\'#nameEditor\').hide();" onkeyup="if(event.keyCode == 13){$(\'#nameLink\').html(this.value).show();$(\'#nameEditor\').hide();}"/></div><div style="float:right;"><button type=button value="Save" class="ghButton" onclick="saveRecipe(' + recipeID + ',$(\'#recipeName\').val());">Save</button> <button type=button value="Delete" class="ghButton" onclick="deleteRecipe(\'recipe\',' + str(r.recipeID) + ');">Delete</button></div>'
recipeHTML += '<div class="footer"/><div id="factoryCalc" style="text-align:left">Calculate Factory Run: <input type="text" id="factoryAmount" size="6" maxlength="4"/> units. <button type="button" value="Calculate" class="ghButton" onclick="getFactoryList(parseInt($(\'#factoryAmount\').val()))">Calculate</button><div id="factoryResults"></div></div>'
# schematic quality data
schematicDetailsHTML = '<div><a href="' + ghShared.BASE_SCRIPT_URL + 'schematics.py/' + row[2] + '" title="Go to schematic page.">' + row[5] + '</a></div>'
schematicDetailsHTML += '<div>Complexity: ' + str(row[6]) + '</div>'
expGroup = ''
expProp = ''
schematicDetailsHTML += '<td valign="top"><h3>Qualities</h3><ul id="qualitiesList" style="margin-top:6px;">'
expCursor = conn.cursor()
expCursor.execute('SELECT tSchematicQualities.expQualityID, expProperty, expGroup, statName, statWeight, weightTotal FROM tSchematicQualities INNER JOIN tSchematicResWeights ON tSchematicQualities.expQualityID = tSchematicResWeights.expQualityID WHERE schematicID="' + r.schematicID + '" ORDER BY expGroup, expProperty, statName;')
expRow = expCursor.fetchone()
while (expRow != None):
if (expGroup != expRow[2]):
tmpName = expRow[2].replace('_',' ')
schematicDetailsHTML = schematicDetailsHTML + '<li class="groupText">' + tmpName + '</li>'
expGroup = expRow[2]
if (expProp != expRow[1]):
tmpName = expRow[1].replace('_',' ')
schematicDetailsHTML = schematicDetailsHTML + '<li class="schemQualityProperty altText">' + tmpName + '</li>'
expProp = expRow[1]
schematicDetailsHTML += '<li class="schemQualityItem" tag="' + expRow[3] + ':' + str((expRow[4]*1.0/expRow[5])*100) + '"><span class="inlineBlock" style="width:100px;">' + ghNames.getStatName(expRow[3]) + (': </span><span>%.0f' % ((expRow[4]*1.0/expRow[5])*100)) + '%</span></li>'
expRow = expCursor.fetchone()
expCursor.close()
# Look up ingredient data
ri = None
sqlStr = 'SELECT si.ingredientName, ingredientResource, ingredientObject, ingredientQuantity, ingredientContribution, rt.containerType tcontainer, rg.containerType gcontainer, rt.resourceTypeName, rg.groupName, ingredientQuality FROM tSchematicIngredients si LEFT JOIN (SELECT ingredientName, ingredientResource, ingredientQuality FROM tRecipeIngredients WHERE recipeID=' + str(r.recipeID) + ') ri ON si.ingredientName = ri.ingredientName LEFT JOIN tResourceType rt ON si.ingredientObject = rt.resourceType LEFT JOIN tResourceGroup rg ON si.ingredientObject = rg.resourceGroup WHERE schematicID="' + r.schematicID + '" ORDER BY ingredientQuantity DESC, si.ingredientName'
ingCursor = conn.cursor()
ingCursor.execute(sqlStr)
ingRow = ingCursor.fetchone()
while (ingRow != None):
if ingRow[5] == None:
if ingRow[6] == None:
container = 'default'
objectName = ingRow[2].rpartition('/')[2].replace('_',' ')
if objectName[-4:] == '.iff':
objectName = objectName[:-4]
else:
ingGroups += '"' + ingRow[2] + '",'
container = ingRow[6]
objectName = ingRow[8]
else:
ingTypes += '"' + ingRow[2] + '",'
container = ingRow[5]
objectName = ingRow[7]
# get details of ingredient resource for schematic
resDetails = ''
if ingRow[1] != None and (ingRow[5] != None or ingRow[6] != None):
spawn = resource.getResource(conn, logged_state, currentUser, ingRow[1], None, None)
resDetails = 'Loaded with: ' + spawn.spawnName + ', ' + spawn.resourceTypeName + '<br />' + spawn.getStatList()
r.recipeIngredients.append(ghObjectRecipe.recipeIngredient(ingRow[2], ingRow[1], ingRow[0], ingRow[3], container, objectName, ingRow[9], resDetails))
ingRow = ingCursor.fetchone()
ingCursor.close()
if ingTypes != '':
ingTypes = ingTypes[:-1]
if ingGroups != '':
ingGroups = ingGroups[:-1]
slotHTML = r.getIngredientSlots()
else:
recipeHTML = "That is not your recipe."
else:
recipeHTML = "The recipe ID given could not be found."
cursor.close()
else:
# Render recipe home if any non number in sub path
pageType = 'home'
recipeHTML = 'Home<div style="float:right;"><button type=button value="New Recipe" class="ghButton" onclick="addRecipe();">New Recipe</button></div>'
conn.close()
else:
recipeHTML = "You must be logged in to manage recipes."
else:
recipeHTML = 'You have not specified a recipe to edit, would you like to create a new one?<div style="float:right;"><button type=button value="New Recipe" class="ghButton" onclick="addRecipe();">New Recipe</button></div>'
pictureName = dbShared.getUserAttr(currentUser, 'pictureName')
print 'Content-type: text/html\n'
env = Environment(loader=FileSystemLoader('templates'))
env.globals['BASE_SCRIPT_URL'] = ghShared.BASE_SCRIPT_URL
template = env.get_template('recipe.html')
print template.render(uiTheme=uiTheme, loggedin=logged_state, currentUser=currentUser, loginResult=loginResult, linkappend=linkappend, url=url, pictureName=pictureName, imgNum=ghShared.imgNum, planetList=ghLists.getPlanetList(), galaxyList=ghLists.getGalaxyList(), professionList=ghLists.getProfessionList(), recipeHTML=recipeHTML, slotHTML=slotHTML, schematicSummaryHTML=schematicSummaryHTML, schematicDetailsHTML=schematicDetailsHTML, ingTypes=ingTypes, ingGroups=ingGroups, pageType=pageType)
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
spawnName = form.getfirst('spawn', '')
galaxy = form.getfirst('galaxy', '')
planets = form.getfirst('planets', '')
spawnID = form.getfirst('spawnID', '')
availability = form.getfirst('availability', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
spawnName = dbShared.dbInsertSafe(spawnName)
galaxy = dbShared.dbInsertSafe(galaxy)
planets = dbShared.dbInsertSafe(planets)
spawnID = dbShared.dbInsertSafe(spawnID)
availability = dbShared.dbInsertSafe(availability)
# Get a session
logged_state = 0
linkappend = ''
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
linkappend = 'gh_sid=' + sid
resGroup = form.getfirst('resGroup', '')
resCategory = form.getfirst('resCategory', '')
resType = form.getfirst('resType', '')
sort = form.getfirst('sort', '')
formatType = form.getfirst('formatType', '')
userBy = form.getfirst('userBy', '')
userAction = form.getfirst('userAction', '')
minVals = form.getfirst('minVals', '')
maxVals = form.getfirst('maxVals', '')
percVals = form.getfirst('percVals', '')
available = form.getfirst('available', '')
verified = form.getfirst('verified', '')
lastValue = form.getfirst('lastValue', '')
compare = form.getfirst('compare', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
galaxy = dbShared.dbInsertSafe(galaxy)
planet = dbShared.dbInsertSafe(planet)
planetName = dbShared.dbInsertSafe(planetName)
resGroup = dbShared.dbInsertSafe(resGroup)
resCategory = dbShared.dbInsertSafe(resCategory)
resType = dbShared.dbInsertSafe(resType)
sort = dbShared.dbInsertSafe(sort)
userBy = dbShared.dbInsertSafe(userBy)
userAction = dbShared.dbInsertSafe(userAction)
minVals = dbShared.dbInsertSafe(minVals)
maxVals = dbShared.dbInsertSafe(maxVals)
percVals = dbShared.dbInsertSafe(percVals)
lastValue = dbShared.dbInsertSafe(lastValue)
# Get a session
currentUser = cookies['userID'].value
except KeyError:
currentUser = ''
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
sid = form.getfirst('gh_sid', '')
# Get a session
logged_state = 0
galaxy = form.getfirst('galaxy', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
galaxy = dbShared.dbInsertSafe(galaxy)
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
# Main program
print 'Content-type: text/html\n'
print '<table width="100%" class=resourceStats>'
if galaxy != '':
if logged_state == 1:
favJoin = ' LEFT JOIN (SELECT itemID, favGroup FROM tFavorites WHERE userID="' + currentUser + '" AND favType=1) favs ON tResources.spawnID = favs.itemID'
favCols = ', favGroup'
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
sid = form.getfirst('gh_sid', '')
galaxy = form.getfirst('galaxy', '')
resourceType = form.getfirst('resType', '')
creatureName = form.getfirst('creatureName', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
resourceType = dbShared.dbInsertSafe(resourceType)
creatureName = dbShared.dbInsertSafe(creatureName)
# Get a session
logged_state = 0
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
# Main program
result = ""
if galaxy.isdigit() != True:
result = "Error: Invalid galaxy ID provided."
def main():
# Get current url
try:
url = os.environ['REQUEST_URI']
except KeyError:
url = ''
uiTheme = ''
form = cgi.FieldStorage()
# Get Cookies
useCookies = 1
cookies = Cookie.SimpleCookie()
try:
cookies.load(os.environ['HTTP_COOKIE'])
except KeyError:
useCookies = 0
if useCookies:
try:
currentUser = cookies['userID'].value
except KeyError:
currentUser = ''
try:
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
try:
uiTheme = cookies['uiTheme'].value
except KeyError:
uiTheme = ''
try:
avatarResult = cookies['avatarAttempt'].value
except KeyError:
avatarResult = ''
try:
galaxy = cookies['galaxy'].value
except KeyError:
galaxy = ghShared.DEFAULT_GALAXY
else:
currentUser = ''
loginResult = form.getfirst('loginAttempt', '')
avatarResult = form.getfirst('avatarAttempt', '')
sid = form.getfirst('gh_sid', '')
galaxy = form.getfirst('galaxy', ghShared.DEFAULT_GALAXY)
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
# Get a session
logged_state = 0
linkappend = ''
disableStr = ''
created = datetime.fromtimestamp(time.time())
inGameInfo = ''
pictureName = ''
userPictureName = ''
friendCountStr = ''
donateTotal = ''
userTitle = ''
donorBadge = ''
email = ''
defaultAlertTypes = 0
sharedInventory = 0
sharedRecipes = 0
siteAlertCheckStr = ''
emailAlertCheckStr = ''
mobileAlertCheckStr = ''
reputation = 0
resScore = 0
mapScore = 0
repColor = 'grey'
resColor = 'grey'
mapColor = 'grey'
abilities = []
if loginResult == None:
loginResult = 'success'
sess = dbSession.getSession(sid)
if (sess != ''):
logged_state = 1
currentUser = sess
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
conn = dbShared.ghConn()
cursor = conn.cursor()
cursor.execute(
'SELECT userID, emailAddress, themeName FROM tUsers WHERE userID="'
+ currentUser + '"')
row = cursor.fetchone()
if (row != None):
email = row[1]
uiTheme = row[2]
cursor.close()
conn.close()
else:
disableStr = ' disabled="disabled"'
if (uiTheme == ''):
uiTheme = 'crafter'
path = []
uid = ''
template = 'user.html'
userPage = 'root'
if os.environ.has_key('PATH_INFO'):
path = os.environ['PATH_INFO'].split('/')[1:]
path = [p for p in path if p != '']
# get user attributes
if len(path) > 0:
uid = dbShared.dbInsertSafe(path[0])
if len(path) > 1:
userPage = path[1]
if userPage == 'inventory':
template = 'inventory.html'
else:
created = dbShared.getUserAttr(uid, 'created')
inGameInfo = dbShared.getUserAttr(uid, 'inGameInfo')
userPictureName = dbShared.getUserAttr(uid, 'pictureName')
defaultAlerts = dbShared.getUserAttr(uid, 'defaultAlertTypes')
if defaultAlerts > 0:
if defaultAlerts % 2 == 1:
siteAlertCheckStr = ' checked="checked"'
if defaultAlerts >= 4:
mobileAlertCheckStr = ' checked="checked"'
if defaultAlerts != 1 and defaultAlerts != 4 and defaultAlerts != 5:
emailAlertCheckStr = ' checked="checked"'
sharedInventory = dbShared.getUserAttr(uid, 'sharedInventory')
sharedRecipes = dbShared.getUserAttr(uid, 'sharedRecipes')
donateTotal = dbShared.getUserDonated(uid)
userTitle = dbShared.getUserTitle(uid)
userStats = dbShared.getUserStats(uid, galaxy).split(',')
resScore = int(userStats[0])
mapScore = int(userStats[1])
reputation = int(userStats[2])
if resScore != None:
if resScore > 2000:
resColor = '#ffcc00'
elif resScore > 500:
resColor = '#3366ff'
elif resScore > 25:
resColor = '#009933'
if mapScore != None:
if mapScore > 400:
mapColor = '#ffcc00'
elif mapScore > 100:
mapColor = '#3366ff'
elif mapScore > 5:
mapColor = '#009933'
if reputation != None:
if reputation > 100:
repColor = '#ffcc00'
elif reputation > 50:
repColor = '#3366ff'
elif reputation > 10:
repColor = '#009933'
elif reputation < 0:
repColor = '#800000'
if userPictureName == '':
userPictureName = 'default.jpg'
if donateTotal != '':
donorBadge = '<img src="/images/coinIcon.png" width="16" title="This user has donated to the site" alt="coin" />'
# get friend count
conn = dbShared.ghConn()
cursor = conn.cursor()
cursor.execute(
'SELECT Count(uf1.added) FROM tUserFriends uf1 INNER JOIN tUserFriends uf2 ON uf1.friendID=uf2.userID AND uf1.userID=uf2.friendID WHERE uf1.userID="'
+ uid + '"')
row = cursor.fetchone()
if (row != None):
friendCountStr = '(' + str(row[0]) + ')'
cursor.close()
conn.close()
# Load list of unlocked abilities
for k, v in ghShared.ABILITY_DESCR.iteritems():
if reputation >= ghShared.MIN_REP_VALS[
k] and ghShared.MIN_REP_VALS[k] != -99:
a = userAbility(k, v, True)
a.minReputation = ghShared.MIN_REP_VALS[k]
abilities.append(a)
convertGI = ghShared.convertText(inGameInfo, "js")
tmpStat = dbShared.friendStatus(uid, currentUser)
joinedStr = 'Joined ' + ghShared.timeAgo(created) + ' ago'
pictureName = dbShared.getUserAttr(currentUser, 'pictureName')
print 'Content-type: text/html\n'
env = Environment(loader=FileSystemLoader('templates'))
env.globals['BASE_SCRIPT_URL'] = ghShared.BASE_SCRIPT_URL
env.globals['MOBILE_PLATFORM'] = ghShared.getMobilePlatform(
os.environ['HTTP_USER_AGENT'])
template = env.get_template(template)
if userPage == 'inventory':
print template.render(
uiTheme=uiTheme,
loggedin=logged_state,
currentUser=currentUser,
loginResult=loginResult,
linkappend=linkappend,
url=url,
pictureName=pictureName,
imgNum=ghShared.imgNum,
galaxyList=ghLists.getGalaxyList(),
professionList=ghLists.getProfessionList(galaxy),
resourceGroupList=ghLists.getResourceGroupList(),
resourceTypeList=ghLists.getResourceTypeList(galaxy),
uid=uid,
editable=(uid == currentUser and logged_state == 1))
else:
print template.render(uiTheme=uiTheme,
loggedin=logged_state,
currentUser=currentUser,
loginResult=loginResult,
linkappend=linkappend,
url=url,
pictureName=pictureName,
imgNum=ghShared.imgNum,
galaxyList=ghLists.getGalaxyList(),
themeList=ghLists.getThemeList(),
uid=uid,
convertGI=convertGI,
sid=sid,
avatarResult=avatarResult,
email=email,
donorBadge=donorBadge,
joinedStr=joinedStr,
userPictureName=userPictureName,
tmpStat=tmpStat,
userTitle=userTitle,
friendCountStr=friendCountStr,
userAbilities=abilities,
resScore=resScore,
mapScore=mapScore,
reputation=reputation,
resColor=resColor,
mapColor=mapColor,
repColor=repColor,
siteAlertCheckStr=siteAlertCheckStr,
emailAlertCheckStr=emailAlertCheckStr,
mobileAlertCheckStr=mobileAlertCheckStr,
sharedInventory=sharedInventory,
sharedRecipes=sharedRecipes)
import dbSession
import dbShared
import cgi
import MySQLdb
try:
import json
except ImportError:
import simplejson as json
#
form = cgi.FieldStorage()
q = form.getfirst('query', '')
galaxy = form.getfirst('galaxy', '')
unavailable = form.getfirst('unavailable', '')
# escape input to prevent sql injection
q = dbShared.dbInsertSafe(q)
galaxy = dbShared.dbInsertSafe(galaxy)
errstr = ''
if galaxy.isdigit() == False:
errstr = 'Error: You must specify a galaxy.'
spawns = ['']
criteriaStr = ' WHERE galaxy = ' + str(galaxy)
if unavailable != 'on':
criteriaStr += ' AND unavailable IS NULL'
qlen = len(q)
if qlen > 0:
criteriaStr += ' AND SUBSTRING(spawnName, 1, ' + str(qlen) + ') = \'' + q + '\''
# Main program
resType = form.getfirst('resType', '')
sort = form.getfirst('sort', '')
formatType = form.getfirst('formatType', '')
userBy = form.getfirst('userBy', '')
userAction = form.getfirst('userAction', '')
minVals = form.getfirst('minVals', '')
maxVals = form.getfirst('maxVals', '')
percVals = form.getfirst('percVals', '')
available = form.getfirst('available', '')
verified = form.getfirst('verified', '')
lastValue = form.getfirst('lastValue', '')
compare = form.getfirst('compare', '')
favorite = form.getfirst('favorite', 'undefined')
fetchSize = form.getfirst('fetchSize', '20')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
galaxy = dbShared.dbInsertSafe(galaxy)
planet = dbShared.dbInsertSafe(planet)
planetName = dbShared.dbInsertSafe(planetName)
resGroup = dbShared.dbInsertSafe(resGroup)
resCategory = dbShared.dbInsertSafe(resCategory)
resType = dbShared.dbInsertSafe(resType)
sort = dbShared.dbInsertSafe(sort)
userBy = dbShared.dbInsertSafe(userBy)
userAction = dbShared.dbInsertSafe(userAction)
minVals = dbShared.dbInsertSafe(minVals)
maxVals = dbShared.dbInsertSafe(maxVals)
percVals = dbShared.dbInsertSafe(percVals)
lastValue = dbShared.dbInsertSafe(lastValue)
favorite = dbShared.dbInsertSafe(favorite)
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with Galaxy Harvester. If not, see <http://www.gnu.org/licenses/>.
"""
import MySQLdb
import dbShared
import ghLists
import cgi
# return option list of schematics with images uploaded
form = cgi.FieldStorage()
schematicID = form.getfirst('schematicID', '')
# escape input to prevent sql injection
schematicID = dbShared.dbInsertSafe(schematicID)
if schematicID == '':
whereStr = ' WHERE imageType=1'
else:
# only include schematics of same object type as schematic passed
conn = dbShared.ghConn()
cursor = conn.cursor()
# get old image file name
cursor.execute('SELECT objectType FROM tSchematic WHERE schematicID="' + schematicID + '";')
row = cursor.fetchone()
if row != None:
result = row[0]
else:
result = 0
whereStr = ' WHERE imageType=1 AND objectType=' + str(result) + ' AND tSchematic.schematicID != "' + schematicID + '"'
if uid == '':
return 'SELECT userID, eventTime, spawnName, eventType, planetName, tResources.resourceType, tResourceType.resourceTypeName, containerType FROM tResourceEvents INNER JOIN tResources ON tResourceEvents.spawnID = tResources.spawnID INNER JOIN tResourceType ON tResources.resourceType = tResourceType.resourceType LEFT JOIN tPlanet ON tResourceEvents.planetID = tPlanet.planetID WHERE tResourceEvents.galaxy=' + galaxy + timeCriteria + ' ORDER BY eventTime DESC LIMIT ' + str(
PAGE_SIZE) + ';'
else:
return 'SELECT galaxyName, eventTime, spawnName, eventType, planetName, tResources.resourceType, tResourceType.resourceTypeName, containerType FROM tResourceEvents INNER JOIN tResources ON tResourceEvents.spawnID = tResources.spawnID INNER JOIN tGalaxy ON tResourceEvents.galaxy = tGalaxy.galaxyID INNER JOIN tResourceType ON tResources.resourceType = tResourceType.resourceType LEFT JOIN tPlanet ON tResourceEvents.planetID = tPlanet.planetID WHERE userID="' + uid + '"' + timeCriteria + ' ORDER BY eventTime DESC LIMIT ' + str(
PAGE_SIZE) + ';'
form = cgi.FieldStorage()
galaxy = form.getfirst('galaxy', '')
uid = form.getfirst('uid', '')
lastTime = form.getfirst('lastTime', '')
formatType = form.getfirst('formatType', '')
# escape input to prevent sql injection
galaxy = dbShared.dbInsertSafe(galaxy)
uid = dbShared.dbInsertSafe(uid)
lastTime = dbShared.dbInsertSafe(lastTime)
timeCriteria = ''
errors = ''
responseData = ''
# Main program
firstCol = 'Member'
if uid != '':
firstCol = 'Galaxy'
if formatType == 'json':
print 'Content-type: text/json\n'
else:
print 'Content-type: text/html\n'
cookies = Cookie.SimpleCookie()
useCookies = 1
errorstr = ''
try:
cookies.load(os.environ["HTTP_COOKIE"])
except KeyError:
useCookies = 0
form = cgi.FieldStorage()
uname = form.getfirst("uname")
email = form.getfirst("email")
userpass = form.getfirst("userpass")
src_url = form.getfirst("src_url")
# escape input to prevent sql injection
uname = dbShared.dbInsertSafe(uname)
email = dbShared.dbInsertSafe(email)
userpass = dbShared.dbInsertSafe(userpass)
if uname == None or email == None or userpass == None:
errorstr = "Missing user parameters"
else:
if len(uname) < 3:
errorstr = errorstr + "The login name must be at least 3 characters.\n"
if len(email) < 6:
errorstr = errorstr + "That was not a valid email address.\n"
if len(userpass) < 6:
errorstr = errorstr + "The password must be at least 6 characters.\n"
if re.search('\W', uname):
errorstr = errorstr + "Error: user name contains illegal characters.\n"
if re.search('[><"&\']', email):
You should have received a copy of the GNU Affero General Public License
along with Galaxy Harvester. If not, see <http://www.gnu.org/licenses/>.
"""
import cgi
import MySQLdb
import dbShared
import ghShared
#
form = cgi.FieldStorage()
resGroup = form.getfirst('resGroup', '')
outType = form.getfirst('outType', '')
# escape input to prevent sql injection
resGroup = dbShared.dbInsertSafe(resGroup)
outType = dbShared.dbInsertSafe(outType)
print 'Content-type: text/html\n'
if outType == 'links':
print '<ul class="plain">'
else:
print '<option value="none" title="p00000000000">None</option>'
if len(resGroup) > 0:
criteriaStr = ' AND (resourceGroup = "' + resGroup + '" OR resourceCategory = "' + resGroup + '")'
else:
criteriaStr = ''
conn = dbShared.ghConn()
cursor = conn.cursor()
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
# Get form info
galaxy = form.getfirst("galaxy", "")
fltTypes = form.getfirst("fltTypes", "")
alertTypes = form.getfirst("alertTypes", "")
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
galaxy = dbShared.dbInsertSafe(galaxy)
fltTypes = dbShared.dbInsertSafe(fltTypes)
alertTypes = dbShared.dbInsertSafe(alertTypes)
fltTypes = fltTypes.split(",")
alertTypes = alertTypes.split(",")
result = ""
# Get a session
logged_state = 0
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
currentUser = ''
try:
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
email = form.getfirst("email")
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
email = dbShared.dbInsertSafe(email)
# Get a session
logged_state = 0
linkappend = ''
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
linkappend = 'gh_sid=' + sid
# Check for errors
errstr=''
if (len(email) < 6):
errstr = errstr + "That is not a valid email address. \r\n"
sid = form.getfirst('gh_sid', '')
try:
uiTheme = cookies['uiTheme'].value
except KeyError:
uiTheme = ''
else:
currentUser = ''
loginResult = form.getfirst('loginAttempt', '')
sid = form.getfirst('gh_sid', '')
# Get a session
logged_state = 0
linkappend = ''
disableStr = ''
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
if loginResult == None:
loginResult = 'success'
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
if (uiTheme == ''):
uiTheme = dbShared.getUserAttr(currentUser, 'themeName')
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
else:
disableStr = ' disabled=\'disabled\''
if (uiTheme == ''):
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
# Get form info
sort = form.getfirst("sort", "rank")
perPage = form.getfirst("perPage", "10")
lastItem = form.getfirst("lastItem", "")
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
perPage = dbShared.dbInsertSafe(perPage)
lastItem = dbShared.dbInsertSafe(lastItem)
# Get a session
logged_state = 0
sess = dbSession.getSession(sid)
if (sess != ''):
logged_state = 1
currentUser = sess
fltCount = 0
result = ""
orderStr = ""
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
if not form.has_key("schemImage"): errstr = "No image sent."
img_data = form["schemImage"]
if not img_data.file: errstr = "image sent is not a file."
src_url = form.getfirst('src_url', '/schematics.py')
schematicID = form.getfirst('schematicID', '')
copyFromSchem = form.getfirst('copyFromSchem', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
schematicID = dbShared.dbInsertSafe(schematicID)
copyFromSchem = dbShared.dbInsertSafe(copyFromSchem)
# Get a session
logged_state = 0
linkappend = ''
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
# Check for errors
sid = form.getfirst('gh_sid', '')
try:
uiTheme = cookies['uiTheme'].value
except KeyError:
uiTheme = ''
try:
galaxy = cookies['galaxy'].value
except KeyError:
galaxy = form.getfirst('galaxy', ghShared.DEFAULT_GALAXY)
else:
loginResult = form.getfirst('loginAttempt', '')
sid = form.getfirst('gh_sid', '')
galaxy = form.getfirst('galaxy', ghShared.DEFAULT_GALAXY)
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
# Get a session
if loginResult == None:
loginResult = 'success'
sess = dbSession.getSession(sid)
if (sess != ''):
logged_state = 1
currentUser = sess
if (uiTheme == ''):
uiTheme = dbShared.getUserAttr(currentUser, 'themeName')
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
else:
if (uiTheme == ''):
def getPlanetName(planetid):
nameStr = getItemName('SELECT planetID, planetName FROM tPlanet WHERE planetID='+dbShared.dbInsertSafe(planetid)+';')
return nameStr
def main():
# Get current url
try:
url = os.environ['SCRIPT_NAME']
except KeyError:
url = ''
uiTheme = ''
schematicID = ''
schemImageAttempt = ''
schemHTML = '<h2>That schematic does not exist.</h2>'
form = cgi.FieldStorage()
# Get Cookies
useCookies = 1
cookies = Cookie.SimpleCookie()
try:
cookies.load(os.environ['HTTP_COOKIE'])
except KeyError:
useCookies = 0
if useCookies:
try:
currentUser = cookies['userID'].value
except KeyError:
currentUser = ''
try:
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
try:
uiTheme = cookies['uiTheme'].value
except KeyError:
uiTheme = ''
try:
schemImageAttempt = cookies['schemImageAttempt'].value
except KeyError:
schemImageAttempt = ''
try:
galaxy = cookies['galaxy'].value
except KeyError:
galaxy = form.getfirst('galaxy', ghShared.DEFAULT_GALAXY)
else:
currentUser = ''
loginResult = form.getfirst('loginAttempt', '')
sid = form.getfirst('gh_sid', '')
schemImageAttempt = form.getfirst('schemImageAttempt', '')
galaxy = form.getfirst('galaxy', ghShared.DEFAULT_GALAXY)
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
# Get a session
logged_state = 0
linkappend = ''
disableStr = ''
if loginResult == None:
loginResult = 'success'
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
if (uiTheme == ''):
uiTheme = dbShared.getUserAttr(currentUser, 'themeName')
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
else:
disableStr = ' disabled="disabled"'
if (uiTheme == ''):
uiTheme = 'crafter'
path = []
s = None
if os.environ.has_key('PATH_INFO'):
path = os.environ['PATH_INFO'].split('/')[1:]
path = [p for p in path if p != '']
favHTML = ''
if len(path) > 0:
schematicID = dbShared.dbInsertSafe(path[0])
url = url + '/' + schematicID
if (schematicID != 'index') and (schematicID != 'home'):
# Build the schematic object
try:
conn = dbShared.ghConn()
cursor = conn.cursor()
except Exception:
errorstr = "Error: could not connect to database"
if (cursor):
cursor.execute(
'SELECT schematicName, complexity, xpAmount, (SELECT imageName FROM tSchematicImages tsi WHERE tsi.schematicID=tSchematic.schematicID AND tsi.imageType=1) AS schemImage FROM tSchematic WHERE schematicID="'
+ schematicID + '";')
row = cursor.fetchone()
if (row != None):
# main schematic data
if (row[3] != None):
schemImageName = row[3]
else:
schemImageName = 'none.jpg'
s = ghObjectSchematic.schematic()
s.schematicID = schematicID
s.schematicName = row[0]
s.complexity = row[1]
s.xpAmount = row[2]
s.schematicImage = schemImageName
ingCursor = conn.cursor()
ingCursor.execute(
'SELECT ingredientName, ingredientType, ingredientObject, ingredientQuantity, res.resName FROM tSchematicIngredients LEFT JOIN (SELECT resourceGroup AS resID, groupName AS resName FROM tResourceGroup UNION ALL SELECT resourceType, resourceTypeName FROM tResourceType) res ON ingredientObject = res.resID WHERE schematicID="'
+ schematicID +
'" ORDER BY ingredientType, ingredientQuantity DESC;')
ingRow = ingCursor.fetchone()
while (ingRow != None):
tmpName = ingRow[2]
tmpName = tmpName.replace('shared_', '')
if (ingRow[1] == 0):
# resource
if (ingRow[4] != None):
tmpLink = '</td><td><a href="' + ghShared.BASE_SCRIPT_URL + 'resourceType.py/' + ingRow[
2] + '">' + ingRow[4] + '</a>'
else:
tmpLink = '</td><td><a href="' + ghShared.BASE_SCRIPT_URL + 'resourceType.py/' + ingRow[
2] + '">' + ingRow[2] + '</a>'
else:
# component
tmpLink = getComponentLink(conn, tmpName,
ingRow[1])
s.ingredients.append(
ghObjectSchematic.schematicIngredient(
ingRow[0], ingRow[1], tmpName, ingRow[3],
ingRow[4], tmpLink))
ingRow = ingCursor.fetchone()
ingCursor.close()
# schematic quality data
expGroup = ''
expProp = ''
qg = None
qp = None
expCursor = conn.cursor()
expCursor.execute(
'SELECT tSchematicQualities.expQualityID, expProperty, expGroup, statName, statWeight, weightTotal FROM tSchematicQualities INNER JOIN tSchematicResWeights ON tSchematicQualities.expQualityID = tSchematicResWeights.expQualityID WHERE schematicID="'
+ schematicID +
'" ORDER BY expGroup, expProperty, statName;')
expRow = expCursor.fetchone()
while (expRow != None):
if expRow[1] != expProp:
if qp != None:
qg.properties.append(qp)
qp = None
qp = ghObjectSchematic.schematicQualityProperty(
expRow[1], expRow[5])
expProp = expRow[1]
if expRow[2] != expGroup:
if qg != None:
s.qualityGroups.append(qg)
qg = None
qg = ghObjectSchematic.schematicQualityGroup(
expRow[2])
expGroup = expRow[2]
sw = ghObjectSchematic.schematicStatWeight(
expRow[0], expRow[3], expRow[4], expRow[5])
qp.statWeights.append(sw)
expRow = expCursor.fetchone()
if qp != None:
qg.properties.append(qp)
if qg != None:
s.qualityGroups.append(qg)
expCursor.close()
# Get list of schematics this one can be used in
useCursor = conn.cursor()
useCursor.execute(
'SELECT tSchematicIngredients.schematicID, s2.schematicName FROM tSchematicIngredients INNER JOIN tSchematic ON tSchematicIngredients.ingredientObject = tSchematic.objectPath OR tSchematicIngredients.ingredientObject = tSchematic.objectGroup INNER JOIN tSchematic s2 ON tSchematicIngredients.schematicID=s2.schematicID WHERE tSchematic.schematicID = "'
+ schematicID +
'" GROUP BY tSchematicIngredients.schematicID;')
useRow = useCursor.fetchone()
while (useRow != None):
s.schematicsUsedIn.append([useRow[0], useRow[1]])
useRow = useCursor.fetchone()
useCursor.close()
if logged_state > 0:
favCursor = conn.cursor()
favSQL = ''.join((
'SELECT itemID FROM tFavorites WHERE favType=4 AND userID="',
currentUser, '" AND favGroup="', schematicID,
'" AND galaxy=', galaxy))
favCursor.execute(favSQL)
favRow = favCursor.fetchone()
if favRow != None:
favHTML = ' <div class="inlineBlock" style="width:3%;float:left;"><a alt="Favorite" title="Favorite" style="cursor: pointer;" onclick="toggleFavorite(this, 4, \'' + schematicID + '\', $(\'#galaxySel\').val());"><img src="/images/favorite16On.png" /></a></div>'
else:
favHTML = ' <div class="inlineBlock" style="width:3%;float:left;"><a alt="Favorite" title="Favorite" style="cursor: pointer;" onclick="toggleFavorite(this, 4, \'' + schematicID + '\', $(\'#galaxySel\').val());"><img src="/images/favorite16Off.png" /></a></div>'
favCursor.close()
cursor.close()
conn.close()
pictureName = dbShared.getUserAttr(currentUser, 'pictureName')
print 'Content-type: text/html\n'
env = Environment(loader=FileSystemLoader('templates'))
env.globals['BASE_SCRIPT_URL'] = ghShared.BASE_SCRIPT_URL
env.globals['MOBILE_PLATFORM'] = ghShared.getMobilePlatform(
os.environ['HTTP_USER_AGENT'])
template = env.get_template('schematics.html')
print template.render(
uiTheme=uiTheme,
loggedin=logged_state,
currentUser=currentUser,
loginResult=loginResult,
linkappend=linkappend,
url=url,
pictureName=pictureName,
imgNum=ghShared.imgNum,
galaxyList=ghLists.getGalaxyList(),
professionList=ghLists.getProfessionList(),
schematicTabList=ghLists.getSchematicTabList(),
objectTypeList=ghLists.getObjectTypeList(),
noenergyTypeList=ghLists.getOptionList(
'SELECT resourceType, resourceTypeName FROM tResourceType WHERE resourceCategory != "energy" ORDER BY resourceTypeName;'
),
resourceGroupList=ghLists.getResourceGroupList(),
schematicID=schematicID,
schematic=s,
favHTML=favHTML)
def getSpawnName(spawnid):
nameStr = getItemName('SELECT spawnID, spawnName FROM tResources WHERE spawnID='+dbShared.dbInsertSafe(spawnid)+';')
return nameStr
currentUser = ''
try:
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
sid = form.getfirst('gh_sid', '')
wpID = form.getfirst('wpID', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
wpID = dbShared.dbInsertSafe(wpID)
# Get a session
logged_state = 0
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
# Main program
print 'Content-type: text/html\n'
if (logged_state > 0):
try:
def getResourceTypeName(typeid):
nameStr = getItemName('SELECT resourceType, resourceTypeName FROM tResourceType WHERE resourceType="'+dbShared.dbInsertSafe(typeid)+'";')
return nameStr
def main():
resHTML = '<h2>That resource does not exist</h2>'
resHistory = ''
useCookies = 1
linkappend = ''
logged_state = 0
currentUser = ''
galaxy = ''
spawnName = ''
uiTheme = ''
galaxyState = 0
# Get current url
try:
url = os.environ['SCRIPT_NAME']
except KeyError:
url = ''
form = cgi.FieldStorage()
# Get Cookies
cookies = Cookie.SimpleCookie()
try:
cookies.load(os.environ['HTTP_COOKIE'])
except KeyError:
useCookies = 0
if useCookies:
try:
currentUser = cookies['userID'].value
except KeyError:
currentUser = ''
try:
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
try:
uiTheme = cookies['uiTheme'].value
except KeyError:
uiTheme = ''
else:
loginResult = form.getfirst('loginAttempt', '')
sid = form.getfirst('gh_sid', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
# Get a session
if loginResult == None:
loginResult = 'success'
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
if (uiTheme == ''):
uiTheme = dbShared.getUserAttr(currentUser, 'themeName')
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
else:
if (uiTheme == ''):
uiTheme = 'crafter'
path = ['']
if os.environ.has_key('PATH_INFO'):
path = os.environ['PATH_INFO'].split('/')[1:]
path = [p for p in path if p != '']
if len(path) > 1:
galaxy = dbShared.dbInsertSafe(path[0])
spawnName = dbShared.dbInsertSafe(path[1])
if galaxy != '':
conn = dbShared.ghConn()
spawn = getResource(conn, logged_state, currentUser, None, galaxy, spawnName)
galaxyState = dbShared.galaxyState(spawn.spawnGalaxy)
if galaxyState == 1:
resHTML = spawn.getHTML(logged_state, 0, "")
else:
resHTML = spawn.getHTML(0, 0, "")
resHistory = getResourceHistory(conn, spawn.spawnID)
conn.close()
else:
resHTML = '<h2>No Galaxy/Resource name given</h2>'
else:
resHTML = '<h2>No Galaxy/Resource name given</h2>'
pictureName = dbShared.getUserAttr(currentUser, 'pictureName')
print 'Content-type: text/html\n'
env = Environment(loader=FileSystemLoader('templates'))
env.globals['BASE_SCRIPT_URL'] = ghShared.BASE_SCRIPT_URL
template = env.get_template('resource.html')
print template.render(uiTheme=uiTheme, loggedin=logged_state, currentUser=currentUser, loginResult=loginResult, linkappend=linkappend, url=url, pictureName=pictureName, imgNum=ghShared.imgNum, galaxyList=ghLists.getGalaxyList(), planetList=ghLists.getPlanetList(), spawnName=spawnName, resHTML=resHTML, resHistory=resHistory)
def getResourceGroupName(groupid):
nameStr = getItemName('SELECT resourceGroup, groupName FROM tResourceGroup WHERE resourceGroup="'+dbShared.dbInsertSafe(groupid)+'";')
return nameStr
else:
currentUser = ''
sid = form.getfirst('gh_sid', '')
galaxy = form.getfirst('galaxy', '')
prof = form.getfirst('prof', '')
schematicID = form.getfirst('schematicID', '')
unavailable = form.getfirst('unavailable', '')
excludeGroups = form.getfirst('excludeGroups', '')
compare = form.getfirst('compare', 'undefined')
# Get a session
logged_state = 0
linkappend = ''
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
galaxy = dbShared.dbInsertSafe(galaxy)
prof = dbShared.dbInsertSafe(prof)
schematicID = dbShared.dbInsertSafe(schematicID)
excludeGroups = dbShared.dbInsertSafe(excludeGroups)
sess = dbSession.getSession(sid)
if (sess != ''):
logged_state = 1
currentUser = sess
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
# Main program
resGroup = ''
errstr = ''
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
# Get form info
alertTypes = form.getfirst("alertTypes", "")
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
alertTypes = dbShared.dbInsertSafe(alertTypes)
# Get a session
logged_state = 0
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
fltCount = 0
result = ""
# Check for errors
errstr = ""
def main():
resHTML = '<h2>That resource does not exist</h2>'
resHistory = ''
useCookies = 1
linkappend = ''
logged_state = 0
currentUser = ''
galaxy = ''
spawnName = ''
spawnID = 0
uiTheme = ''
galaxyState = 0
userReputation = 0
# Get current url
try:
url = os.environ['SCRIPT_NAME']
except KeyError:
url = ''
form = cgi.FieldStorage()
# Get Cookies
cookies = Cookie.SimpleCookie()
try:
cookies.load(os.environ['HTTP_COOKIE'])
except KeyError:
useCookies = 0
if useCookies:
try:
currentUser = cookies['userID'].value
except KeyError:
currentUser = ''
try:
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
try:
uiTheme = cookies['uiTheme'].value
except KeyError:
uiTheme = ''
else:
loginResult = form.getfirst('loginAttempt', '')
sid = form.getfirst('gh_sid', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
# Get a session
if loginResult == None:
loginResult = 'success'
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
if (uiTheme == ''):
uiTheme = dbShared.getUserAttr(currentUser, 'themeName')
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
else:
if (uiTheme == ''):
uiTheme = 'crafter'
path = ['']
if os.environ.has_key('PATH_INFO'):
path = os.environ['PATH_INFO'].split('/')[1:]
path = [p for p in path if p != '']
if len(path) > 1:
galaxy = dbShared.dbInsertSafe(path[0])
spawnName = dbShared.dbInsertSafe(path[1])
if galaxy != '':
conn = dbShared.ghConn()
spawn = getResource(conn, logged_state, currentUser, None, galaxy,
spawnName)
if spawn != None:
spawnID = spawn.spawnID
galaxyState = dbShared.galaxyState(spawn.spawnGalaxy)
# Only show update tools if user logged in and has positive reputation
stats = dbShared.getUserStats(currentUser, galaxy).split(",")
userReputation = int(stats[2])
resHTML = spawn.getHTML(0, "", logged_state > 0
and galaxyState == 1, userReputation)
resHistory = getResourceHistory(conn, spawn.spawnID)
conn.close()
else:
resHTML = '<h2>No Galaxy/Resource name given</h2>'
else:
resHTML = '<h2>No Galaxy/Resource name given</h2>'
pictureName = dbShared.getUserAttr(currentUser, 'pictureName')
print 'Content-type: text/html\n'
env = Environment(loader=FileSystemLoader('templates'))
env.globals['BASE_SCRIPT_URL'] = ghShared.BASE_SCRIPT_URL
env.globals['MOBILE_PLATFORM'] = ghShared.getMobilePlatform(
os.environ['HTTP_USER_AGENT'])
template = env.get_template('resource.html')
print template.render(
uiTheme=uiTheme,
loggedin=logged_state,
currentUser=currentUser,
loginResult=loginResult,
linkappend=linkappend,
url=url,
pictureName=pictureName,
imgNum=ghShared.imgNum,
galaxyList=ghLists.getGalaxyList(),
spawnName=spawnName,
resHTML=resHTML,
resHistory=resHistory,
showAdmin=(userReputation >=
ghShared.MIN_REP_VALS['EDIT_RESOURCE_GALAXY_NAME']),
spawnID=spawnID,
spawnGalaxy=galaxy)
currentUser = ''
try:
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
userpass = form.getfirst("userpass")
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
userpass = dbShared.dbInsertSafe(userpass)
# Get a session
logged_state = 0
linkappend = ''
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
linkappend = 'gh_sid=' + sid
# Check for errors
errstr='';
if (len(userpass) < 6):
currentUser = cookies['userID'].value
except KeyError:
currentUser = ''
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
sid = form.getfirst('gh_sid', '')
uid = form.getfirst('uid', '')
lastUser = form.getfirst('lastUser', '')
direction = form.getfirst('direction', '')
# escape input to prevent sql injection
uid = dbShared.dbInsertSafe(uid)
lastUser = dbShared.dbInsertSafe(lastUser)
direction = dbShared.dbInsertSafe(direction)
userCriteria = ""
pageSize = 10
headStr = ""
tmpStr = ""
rowStr = ""
# Get a session
logged_state = 0
sess = dbSession.getSession(sid)
if (sess != ''):
logged_state = 1
currentUser = sess
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
# Get form info
alertTypes = form.getfirst("alertTypes", "")
formatType = form.getfirst("formatType", "")
includeAll = form.getfirst("includeAll", "")
lastTime = form.getfirst("lastTime", "")
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
alertTypes = dbShared.dbInsertSafe(alertTypes)
lastTime = dbShared.dbInsertSafe(lastTime)
# Get a session
logged_state = 0
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
fltCount = 0
result = ""
statusFilter = ""
if includeAll == "":
currentUser = ''
try:
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
sid = form.getfirst('gh_sid', '')
schematicID = form.getfirst('schematicID', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
schematicID = dbShared.dbInsertSafe(schematicID)
# Get a session
logged_state = 0
sess = dbSession.getSession(sid)
if (sess != ''):
logged_state = 1
currentUser = sess
# Main program
owner = ''
galaxy = 0
schematicName = ''
print 'Content-type: text/html\n'
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
galaxy = form.getfirst('galaxy', '')
unavailableDays = form.getfirst('unavailableDays', '')
planet = form.getfirst('planetSel', '')
planetName = form.getfirst('planetName', '')
resGroup = form.getfirst('resGroup', '')
resCategory = form.getfirst('resCategory', '')
resType = form.getfirst('resType', '')
sort = form.getfirst('sort', '')
favorite = form.getfirst('favorite', 'undefined')
formatType = form.getfirst('formatType', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
galaxy = dbShared.dbInsertSafe(galaxy)
unavailableDays = dbShared.dbInsertSafe(unavailableDays)
planet = dbShared.dbInsertSafe(planet)
planetName = dbShared.dbInsertSafe(planetName)
resGroup = dbShared.dbInsertSafe(resGroup)
resCategory = dbShared.dbInsertSafe(resCategory)
resType = dbShared.dbInsertSafe(resType)
sort = dbShared.dbInsertSafe(sort)
favorite = dbShared.dbInsertSafe(favorite)
# Get a session
logged_state = 0
linkappend = ''
sess = dbSession.getSession(sid, 2592000)
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
# Get form info
galaxy = form.getfirst('galaxy', '')
detailsMethod = form.getfirst('oDetails', '')
profession = form.getfirst('schemProfSel', '')
skillGroup = form.getfirst('skillGroupSel', '')
copyFromSchem = form.getfirst('schemCopySel', '')
schematicName = form.getfirst('schematicName', '')
forceOp = form.getfirst('forceOp', '')
schematicID = form.getfirst('schematicID', '')
schematic = form.getfirst('schematic', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
skillGroup = dbShared.dbInsertSafe(skillGroup)
copyFromSchem = dbShared.dbInsertSafe(copyFromSchem)
schematicName = dbShared.dbInsertSafe(schematicName)
schematicID = dbShared.dbInsertSafe(schematicID)
# Get a session
logged_state = 0
sess = dbSession.getSession(sid)
if (sess != ''):
logged_state = 1
currentUser = sess
userReputation = -9999
# Validation
"""
import os
import sys
import Cookie
import dbSession
import dbShared
import cgi
import MySQLdb
import ghShared
#
form = cgi.FieldStorage()
galaxy = form.getfirst('galaxy', '0')
# escape input to prevent sql injection
galaxy = dbShared.dbInsertSafe(galaxy)
# Main program
clist = ''
containerType = ''
conn = dbShared.ghConn()
cursor = conn.cursor()
if (cursor):
sqlStr = """
SELECT tResourceGroup.resourceGroup,
tResourceGroup.groupName,
COUNT(tResourceTypeCreature.resourceType) AS creatureCount,
tResourceGroup.containerType
FROM tResourceGroup
def main():
form = cgi.FieldStorage()
# Get Cookies
useCookies = 1
cookies = Cookie.SimpleCookie()
try:
cookies.load(os.environ['HTTP_COOKIE'])
except KeyError:
useCookies = 0
if useCookies:
try:
currentUser = cookies['userID'].value
except KeyError:
currentUser = ''
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
sid = form.getfirst('gh_sid', '')
# Get form info
favType = form.getfirst("favType", "")
galaxy = form.getfirst("galaxy", "")
# escape input to prevent sql injection
favType = dbShared.dbInsertSafe(favType)
# Get a session
logged_state = 0
sess = dbSession.getSession(sid)
if (sess != ''):
logged_state = 1
currentUser = sess
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
tmpStr = ''
if galaxy.isdigit():
galaxyCriteria = ' AND tFavorites.galaxy IN (0, {0})'.format(galaxy)
galaxyCriteriaProf = ' AND tProfession.galaxy IN ({1}, {0})'.format(
galaxy, dbShared.getBaseProfs(galaxy))
if logged_state > 0:
if favType == 'p':
sqlStr = ''.join((
'SELECT profID, profName, favsgalaxy FROM tProfession LEFT JOIN (SELECT itemID, galaxy AS favsgalaxy FROM tFavorites WHERE favType=3 AND userID="',
currentUser, '"', galaxyCriteria,
') favs ON tProfession.profID = favs.itemID WHERE tProfession.craftingQuality>0',
galaxyCriteriaProf, ' ORDER BY profName;'))
elif favType == 's':
sqlStr = ''.join((
'SELECT schematicID, schematicName, tFavorites.galaxy FROM tFavorites INNER JOIN tSchematic ON tFavorites.favGroup = tSchematic.schematicID WHERE tFavorites.userID="',
currentUser, '" AND tFavorites.favType=4', galaxyCriteria,
' ORDER BY schematicName'))
else:
sqlStr = ''.join((
'SELECT favGroup, CASE WHEN resourceTypeName IS NULL THEN groupName ELSE resourceTypeName END, resourceCategory FROM tFavorites LEFT JOIN tResourceType ON tFavorites.favGroup=tResourceType.resourceType LEFT JOIN tResourceGroup ON tFavorites.favGroup=tResourceGroup.resourceGroup WHERE tFavorites.userID="',
currentUser,
'" AND tFavorites.favType=2 ORDER BY CASE WHEN tResourceGroup.resourceGroup IS NULL THEN tResourceType.resourceGroup ELSE tResourceGroup.resourceGroup END, resourceType'
))
conn = dbShared.ghConn()
cursor = conn.cursor()
if (cursor):
cursor.execute(sqlStr)
row = cursor.fetchone()
tmpStr = '<ul class="plain">'
while (row != None):
if row[2] != None:
if favType == 'p' or favType == 's':
# Profession and Schematic favorites galaxy specific
if str(row[2]) == galaxy:
favImg = '<img src="/images/favorite16On.png" />'
else:
favImg = '<img src="/images/favorite16Off.png" />'
if favType == 'p':
tmpStr = ''.join((
tmpStr,
'<div class="inlineBlock profToggle"><div style="width:16px;height:16px;float:left;cursor: pointer;" onclick="toggleFavorite(this, 3, \'',
str(row[0]), '\', ', galaxy,
');" title="Click to toggle favorite">', favImg,
'</div>', row[1], '</div>'))
elif favType == 's':
tmpStr = ''.join((
tmpStr,
'<div class="schemToggle"><div style="width:16px;height:16px;float:left;cursor: pointer;" onclick="toggleFavorite(this, 4, \'',
str(row[0]), '\', ', galaxy,
');" title="Click to toggle favorite">', favImg,
'</div><a href="/schematics.py/', row[0], '">',
row[1], '</a></div>'))
else:
tmpStr = ''.join(
(tmpStr,
'<li> <a href="/resourceType.py/',
row[0], '">', str(row[1]), '</a></li>'))
else:
if favType == 'p':
tmpStr = ''.join((
tmpStr,
'<div class="inlineBlock profToggle"><div style="width:16px;height:16px;float:left;cursor: pointer;" onclick="toggleFavorite(this, 3, \'',
str(row[0]), '\', ', galaxy,
');" title="Click to toggle favorite"><img src="/images/favorite16Off.png" /></div>',
row[1], '</div>'))
else:
tmpStr = ''.join((
tmpStr,
'<li><span class="bigLink"><a href="/resourceType.py/',
row[0], '">', str(row[1]), '</a></span></li>'))
row = cursor.fetchone()
tmpStr += '</ul>'
cursor.close()
conn.close()
else:
tmpStr = 'Error: You must be logged in to get your favorites list.'
print 'Content-type: text/html\n'
print tmpStr
import ghShared
import logging
from random import *
import string
sys.path.append("../")
import mailer
import mailInfo
form = cgi.FieldStorage()
# Get Cookies
errorstr = ''
uname = form.getfirst("uname")
email = form.getfirst("email")
# escape input to prevent sql injection
uname = dbShared.dbInsertSafe(uname)
email = dbShared.dbInsertSafe(email)
chars = string.ascii_letters + string.digits
def randomString():
return "".join(choice(chars) for x in range(randint(6,10)))
# Check for errors
result='';
if (uname == None):
result = "no login name sent\n"
else:
newPass = randomString()
crypt_pass = hashlib.sha1(uname + newPass).hexdigest()
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
spawnID = form.getfirst("spawnID", '')
newSpawnName = form.getfirst("newSpawnName", '')
newGalaxyId = form.getfirst("newGalaxyId", '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
newSpawnName = dbShared.dbInsertSafe(newSpawnName)
# Get a session
logged_state = 0
linkappend = ''
sess = dbSession.getSession(sid)
if (sess != ''):
logged_state = 1
currentUser = sess
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
# Check for errors
errstr = ''
currentUser = ''
try:
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
sid = form.getfirst('gh_sid', '')
wpID = form.getfirst('wpID', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
wpID = dbShared.dbInsertSafe(wpID)
# Get a session
logged_state = 0
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
# Main program
print 'Content-type: text/html\n'
if (logged_state > 0):
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
uiTheme = form.getfirst('uiTheme', '')
inGameInfo = form.getfirst('inGameInfo', '')
defaultAlerts = form.getfirst('defaultAlerts', '')
sharedInventory = form.getfirst('sharedInventory', '0')
sharedRecipes = form.getfirst('sharedRecipes', '0')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
uiTheme = dbShared.dbInsertSafe(uiTheme)
inGameInfo = dbShared.dbInsertSafe(inGameInfo)
# Get a session
logged_state = 0
linkappend = ''
sess = dbSession.getSession(sid)
if (sess != ''):
logged_state = 1
currentUser = sess
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
# Check for errors
errstr = ''
import dbSession
import dbShared
import cgi
import MySQLdb
import ghLists
import difflib
from xml.dom import minidom
#
form = cgi.FieldStorage()
spawnName = form.getfirst('name', '')
galaxy = form.getfirst('galaxy', '')
resType = form.getfirst('resType', '')
# escape input to prevent sql injection
spawnName = dbShared.dbInsertSafe(spawnName)
galaxy = dbShared.dbInsertSafe(galaxy)
resType = dbShared.dbInsertSafe(resType)
# Main program
print 'Content-type: text/xml\n'
doc = minidom.Document()
eRoot = doc.createElement("result")
doc.appendChild(eRoot)
try:
conn = dbShared.ghConn()
cursor = conn.cursor()
if useCookies:
try:
currentUser = cookies['userID'].value
except KeyError:
currentUser = ''
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
sid = form.getfirst('gh_sid', '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
# Get a session
logged_state = 0
linkappend = ''
if loginResult == None:
loginResult = 'success'
sess = dbSession.getSession(sid)
if (sess != ''):
logged_state = 1
currentUser = sess
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
# redirect to url for current user inventory
loginResult = cookies['loginAttempt'].value
except KeyError:
loginResult = 'success'
try:
sid = cookies['gh_sid'].value
except KeyError:
sid = form.getfirst('gh_sid', '')
else:
currentUser = ''
loginResult = 'success'
sid = form.getfirst('gh_sid', '')
uiTheme = form.getfirst("uiTheme", '')
inGameInfo = form.getfirst("inGameInfo", '')
# escape input to prevent sql injection
sid = dbShared.dbInsertSafe(sid)
uiTheme = dbShared.dbInsertSafe(uiTheme)
inGameInfo = dbShared.dbInsertSafe(inGameInfo)
# Get a session
logged_state = 0
linkappend = ''
sess = dbSession.getSession(sid, 2592000)
if (sess != ''):
logged_state = 1
currentUser = sess
if (useCookies == 0):
linkappend = 'gh_sid=' + sid
# Check for errors
errstr=''