def do_GET(self):
try:
global database
self.path = 'web/' + self.path
query_str = urlparse.urlparse(self.path).query
if len(query_str) == 0:
return SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)
else:
for query in query_str.split('&'):
query = query.split('=')
if len(query) > 1:
key = query[0]
val = urllib.unquote(query[1])
if key == 'id':
return SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(
self)
if key == 'search':
val = re.sub('[^0-9a-zA-Z]+', ' ',
val).lower().split(' ')
self.send_response(200)
self.send_header('Content-type', 'text/html')
self.end_headers()
obj = employees.search(database, val, False, True)
if len(obj) > 2:
obj_parsed = json.loads(obj)
if len(obj_parsed) > 0:
if not val[0] in flag_db:
flag_db[val[0]] = '00000000'
obj_parsed[0]['flags'] = flag_db[val[0]]
obj = json.dumps(obj_parsed)
self.wfile.write(str(obj))
self.wfile.close()
if key == 'flag':
obj = '{}'
id = val[:6]
num = val[6:]
if len(num) > 0:
num = int(num)
if len(id) == 6 and num >= 0 and num <= 7:
obj = employees.search(database, [id], False,
True)
if len(obj) > 2:
if not id in flag_db:
flag_db[id] = '00000000'
flag_db[id] = flag_db[
id][:num] + '1' + flag_db[id][num + 1:]
save_flag_db()
self.send_response(200)
self.send_header('Content-type', 'text/html')
self.end_headers()
self.wfile.write('')
self.wfile.close()
except Exception as error:
self.send_response(400)
self.end_headers()
self.wfile.close()
sys.stderr.write(str(error) + '\n')
pass
def do_GET(self):
try:
global database
self.path='web/'+self.path
query_str=urlparse.urlparse(self.path).query
if len(query_str)==0:
return SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)
else:
for query in query_str.split('&'):
query=query.split('=')
if len(query)>1:
key=query[0]
val=urllib.unquote(query[1])
if key=='id':
return SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)
if key=='search':
val=re.sub('[^0-9a-zA-Z]+',' ',val).lower().split(' ')
self.send_response(200)
self.send_header('Content-type','text/html')
self.end_headers()
obj=employees.search(database,val,False,True)
if len(obj)>2:
obj_parsed=json.loads(obj)
if len(obj_parsed)>0:
if not val[0] in flag_db:
flag_db[val[0]]='00000000'
obj_parsed[0]['flags']=flag_db[val[0]]
obj=json.dumps(obj_parsed)
self.wfile.write(str(obj))
self.wfile.close()
if key=='flag':
obj='{}'
id=val[:6]
num=val[6:]
if len(num)>0:
num=int(num)
if len(id)==6 and num>=0 and num<=7:
obj=employees.search(database,[id],False,True)
if len(obj)>2:
if not id in flag_db:
flag_db[id]='00000000'
flag_db[id]=flag_db[id][:num]+'1'+flag_db[id][num+1:]
save_flag_db()
self.send_response(200)
self.send_header('Content-type','text/html')
self.end_headers()
self.wfile.write('')
self.wfile.close()
except Exception as error:
self.send_response(400)
self.end_headers()
self.wfile.close()
sys.stderr.write(str(error)+'\n')
pass
def do_GET(self):
try:
global database
self.path = self.path.split('?')
query_str = '?'.join(self.path[1:])
if len(query_str) > 0:
print(query_str)
for query in query_str.split('&'):
query = query.split('=')
if len(query) > 1:
key = query[0]
val = urllib.unquote(query[1])
if key == 'search':
val = re.sub('[^0-9a-zA-Z]+', ' ',
val).lower().split(' ')
self.send_response(200)
self.send_header('Content-type', 'text/html')
self.end_headers()
self.wfile.write(
str(
employees.search(database, val, False,
True)))
self.wfile.close()
return
self.path = self.path[0]
if len(self.path) > 0 and self.path[-1] == '/':
self.path += 'index.html'
cwd = os.getcwd() + '/web/'
self.path = os.path.abspath(cwd + self.path)
if self.path.find(cwd) != 0 or not os.path.isfile(self.path):
self.send_response(404)
self.end_headers()
return
file = open(self.path, 'r')
self.send_response(200)
mime = mimetypes.guess_type(self.path)
if len(mime) > 0:
mime = mime[0]
else:
mime = 'text/plain'
print(mime + ' ' + self.path)
self.send_header('Content-type', mime)
self.end_headers()
self.wfile.write(file.read())
self.wfile.close()
except Exception as error:
print(error)
self.send_response(401)
def do_GET(self):
try:
global database
self.path=self.path.split('?')
query_str='?'.join(self.path[1:])
if len(query_str)>0:
print(query_str)
for query in query_str.split('&'):
query=query.split('=')
if len(query)>1:
key=query[0]
val=urllib.unquote(query[1])
if key=='search':
val=re.sub('[^0-9a-zA-Z]+',' ',val).lower().split(' ')
self.send_response(200)
self.send_header('Content-type','text/html')
self.end_headers()
self.wfile.write(str(employees.search(database,val,False,True)))
self.wfile.close()
return
self.path=self.path[0]
if len(self.path)>0 and self.path[-1]=='/':
self.path+='index.html'
cwd=os.getcwd()+'/web/'
self.path=os.path.abspath(cwd+self.path)
if self.path.find(cwd)!=0 or not os.path.isfile(self.path):
self.send_response(404)
self.end_headers()
return
file=open(self.path,'r')
self.send_response(200)
mime=mimetypes.guess_type(self.path)
if len(mime)>0:
mime=mime[0]
else:
mime='text/plain'
print(mime+' '+self.path)
self.send_header('Content-type',mime)
self.end_headers()
self.wfile.write(file.read())
self.wfile.close()
except Exception as error:
print(error)
self.send_response(401)
def authorize(department,id,issue):
global database
global scoring_host
lookup=employees.search(database,[id],True)
lookup=json.loads(lookup)
if len(lookup)>0:
lookup=lookup[0]
if lookup['ID']==id:
print('Welcome '+lookup['ID']+'!')
try:
urllib2.urlopen('http://'+scoring_host+'/?flag='+id+str(index)).read()
pygame.mixer.music.load("../sounds/granted.mp3")
pygame.mixer.music.play()
time.sleep(2)
except:
pass
return True
pygame.mixer.music.load("../sounds/denied.mp3")
pygame.mixer.music.play()
time.sleep(2)
return False
def authorize(department,id,issue):
global database
global scoring_host
lookup=employees.search(database,[id],True)
lookup=json.loads(lookup)
if len(lookup)>0:
lookup=lookup[0]
if lookup['ID']==id:
print('Welcome '+lookup['Full Name']+'!')
try:
urllib2.urlopen('http://'+scoring_host+'/?flag='+id+str(index)).read()
pygame.mixer.music.load("../sounds/granted.mp3")
pygame.mixer.music.play()
time.sleep(2)
except:
pass
return True
pygame.mixer.music.load("../sounds/denied.mp3")
pygame.mixer.music.play()
time.sleep(2)
return False
