def post(self, post_id): comm_content = self.request.get('comment') if not comm_content: return cid = self.request.get('comment_id') if cid: comment = Comment.by_id(cid) if comment: if self.user.key().id() == comment.author: comment.content = comm_content comment.put() else: return self.error(404) else: # when cid does not exist --> create new comment new_comment = Comment(post_id=post_id, content=comm_content, author=self.user) new_comment.put() cid = new_comment.key().id() self.write(json.dumps({'cid': cid, 'comm_author': self.user.name, 'comm_content': comm_content}))
def post(self): path = urllib.unquote(self.request.path) m = parts.search(path) if m is None: self.error(404) return this_path = m.group(1) this_page = m.group(3) or 'index' this_ext = m.group(4) or 'html' # get section and node section = Section.all().filter('path =', this_path).get() node = Node.all().filter('section =', section).get() if section is None or node is None: self.error(404) return self.request.charset = 'utf8' # remove the horribleness from comment if this_page == 'comment' and this_ext == 'html': # firstly, check the 'faux' field and if something is in there, redirect faux = self.request.get('faux') if len(faux) > 0: logging.info('COMMENT: Spam comment detected (Faux field not empty)') self.redirect('/') return # comment submission for each section node = Node.get( self.request.get('node') ) name = self.request.get('name') email = self.request.get('email') website = self.request.get('website') comment_text = re.sub('\r', '', self.request.get('comment')); # if there are more than 4 links (https?://) in the comment, we consider it spam if spammy_links(comment_text): logging.info('COMMENT: Spam comment detected (Too many links)') self.redirect('/') return # now create the comment comment = Comment( node = node, name = name, email = email, website = website, comment = comment_text, ) comment.set_derivatives() comment.put() # send a mail to the admin admin_email = util.config_value('Admin Email') if mail.is_email_valid(admin_email): url_post = util.construct_url() + node.section.path + node.name + '.html' url_mod = util.construct_url() + '/admin/comment/?key=' + str(comment.key()) + ';status=' url_del = util.construct_url() + '/admin/comment/del.html?key='+ str(comment.key()) body = 'From: ' + name + ' <' + email + '>\n' body = body + 'Site: ' + website + '\n\n' body = body + comment_text + '\n\n' body = body + '*** Actions ***\n\n' body = body + 'ViewPost = ' + url_post + '\n\n' body = body + 'Approve = ' + url_mod + 'approve\n' body = body + 'Reject = ' + url_mod + 'reject\n' body = body + 'Delete = ' + url_del + '\n' mail.send_mail(admin_email, admin_email, 'New comment on ' + section.path + node.name + '.html', body) else: # don't do anything logging.info('No valid email set, skipping sending admin an email for new comment') # redirect to the comment page self.redirect('comment.html?key=' + str(comment.key())) return elif this_page == 'message' and this_ext == 'html': # firstly, check the 'faux' field and if something is in there, redirect faux = self.request.get('faux') if len(faux) > 0: logging.info('MESSAGE: Spam detected, not saving') self.redirect('/') return # message submission for each section type = self.request.get('type') subject = self.request.get('subject') message = self.request.POST.items() redirect = self.request.get('redirect') # create the full URL we should be redirecting to full_redirect = util.construct_redirect( redirect ) # now create the message msg = Message( type = type, subject = subject, message = message, ) msg.put() # send a mail to the admin admin_email = util.config_value('Admin Email') if mail.is_email_valid(admin_email): body = 'type : ' + type + '\n' body = body + 'subject : ' + subject + '\n' for k, v in self.request.POST.items(): body = body + k + ' : ' + v + '\n' mail.send_mail(admin_email, admin_email, '[' + type + '] ' + subject, body) else: # don't do anything logging.info('No valid email set, skipping sending admin an email for new message') self.redirect(full_redirect) return else: # not found self.error(404) return