Ejemplo n.º 1
0
def index(req,page="README"):
	# make sure the html fetch operation doesn't timeout too early
	sess = Session(req)
	sess.set_timeout(20)
	sess.save()

        # use the README page as the course index
	if page == "index":
		page = "README"
		
	# fetch the markdown text from dropbox
	link = "%s%s"%(githubRoot,page)
	#req.write(link)
	try:
		if page.endswith('.md') or page == 'README':
			# this is an HTML page
			req.content_type = "text/html"
			# give the page a title
			req.write("<title>ACCAD 5102</title>")
			# grab the stylesheet
			req.write("<style>%s</style>"%urllib2.urlopen("%sscreen.css"%webRoot).read())
			response = urllib2.urlopen(link)
                        #req.write(response.read())
			req.write(markdown.markdown(response.read(), ['tables']))
		else:
			util.redirect(req, link)
	except:
##		raise
##		req.write("error")
##		e = sys.exc_info()[0]
##		req.write(e)
		req.write("<br>This page does not exist yet")
Ejemplo n.º 2
0
def login(req, **params):
    """ New login attempt. Clean out old session if present, and create new one. """

    sess = Session(req)
    if not sess.is_new():
        sess.delete()
        sess = Session(req)
        if not sess.is_new():
            req.status = apache.HTTP_BAD_REQUEST
            return 'failed to create new session'

    if 'u' not in params or 'p' not in params:
        req.status = apache.HTTP_BAD_REQUEST
        return 'some parameters were not provided'

    ret = dict()

    if params['u'] != 'einstein' or params['p'] != 'fuckbin':
        ret['success'] = False
        ret['error'] = 'bad username or password'

        # note: session is not saved!
    else:
        ret['success'] = True

        # keep some stuff in session...
        sess['username'] = params['u']
        sess['user_id'] = 1

        sess.set_timeout(60 * 60 * 24 * 365 * 10)  # 10 year
        sess.save()

        # grab the user's cookie, and save the seen leaks into the database
        seen_ranges = urllib.unquote(Cookie.get_cookie(req, '__CJ_seen').value)
        seen_ranges = json.loads(seen_ranges)
        values = [[sess['user_id'], i] for seen_range in seen_ranges
                  for i in range(seen_range['start'], seen_range['end'] + 1)]

        db = Database.get()
        c = db.cursor()
        c.executemany(
            """ replace into user_seen (user_id, leak_id) values (%s, %s) """,
            values)
        db.commit()
        c.close()

    req.content_type = 'application/json'
    return json.dumps(ret, ensure_ascii=False)
Ejemplo n.º 3
0
def login(req, **params):
    """ New login attempt. Clean out old session if present, and create new one. """

    sess = Session(req)
    if not sess.is_new():
        sess.delete()
        sess = Session(req)
        if not sess.is_new():
            req.status = apache.HTTP_BAD_REQUEST
            return 'failed to create new session'

    if 'u' not in params or 'p' not in params:
        req.status = apache.HTTP_BAD_REQUEST
        return 'some parameters were not provided'

    ret = dict()

    if params['u'] != 'einstein' or params['p'] != 'fuckbin':
        ret['success'] = False
        ret['error'] = 'bad username or password'

        # note: session is not saved!
    else:
        ret['success'] = True

        # keep some stuff in session...
        sess['username'] = params['u']
        sess['user_id'] = 1

        sess.set_timeout(60 * 60 * 24 * 365 * 10)  # 10 year
        sess.save()

        # grab the user's cookie, and save the seen leaks into the database
        seen_ranges = urllib.unquote(Cookie.get_cookie(req, '__CJ_seen').value)
        seen_ranges = json.loads(seen_ranges)
        values = [[sess['user_id'], i] for seen_range in seen_ranges for i in
            range(seen_range['start'], seen_range['end'] + 1)]

        db = Database.get()
        c = db.cursor()
        c.executemany(""" replace into user_seen (user_id, leak_id) values (%s, %s) """, values)
        db.commit()
        c.close()

    req.content_type = 'application/json'
    return json.dumps(ret, ensure_ascii=False)
Ejemplo n.º 4
0
class session(object):

    session = None

    def __init__(self, core):
        self.request = core.request
        self.core = core

        try:
            self.cookie_name = core.config.apache_options['mod_python.session.cookie_name']
        except:
            self.cookie_name = 'pysid'

        try:
            self.pysid = self.core.input.cookie(self.cookie_name)
        except:
            self.pysid = None

        self.core.log_message(1, '------------ Session Handler Initialised')

    def __init_session(self, pysid):

        self.session = Session(req=self.request, sid=pysid, lock=self.core.config.settings['session']['lock'])

        if self.session.is_new():
            self.session.set_timeout(self.core.config.settings['session']['timeout'])
            self.session.save()

    def start(self):

        try:
            self.__init_session(self.pysid)
        except ValueError:
            self.__init_session(None)

    def get_id(self):

        if self.session == None:
            self.start()

        return self.session.id()

    def set(self, name, value):

        if self.session == None:
            self.start()

        self.session[name] = value
        self.session.save()

    def get(self, name = None):

        if not self.session:
            self.start()

        try:
            if not name:
                return self.session

            return self.session[name]
        except:
            return None

    def destroy(self):
        self.session.invalidate()
        self.session.delete()