def post(self):
if(self.request.cookies.get('user') and self.check_secure_val(self.request.cookies.get('user'))):
frontPage = self.request.POST['frontPage']
sidebar = self.request.POST['sidebar']
frontPage = util.htmlify(frontPage)
sidebar = util.htmlify(sidebar)
# if not frontPage:
# frontPage = ""
# if not sidebar:
# sidebar = ""
front = databases.frontPage.all()
if(front.count() > 0):
for i in front:
i.delete()
newFront = databases.frontPage(text = frontPage)
newFront.put()
side = databases.sidebar.all()
if(side.count() > 0):
for i in side:
i.delete()
newSide = databases.sidebar(text = sidebar)
newSide.put()
def help_func(args,u413):
params=args.split(' ',1)
if args.strip()=="":
helpout=''
u413.type("The following commands are available:")
helpout='<br/><table>'
for cmd in command.cmds:
if u413.user.level>=u413.cmds[cmd].level and not u413.cmds[cmd].hidden:
c=u413.cmds[cmd]
helpout+='<tr><td style="width:2em;"></td><td>'+cmd+'</td><td style="padding-left:1em;">'+command.cmds[cmd].description+"</td></tr>"
helpout+='</table><br/>[] - optional parameter<br/><> - required parameter<br/>SHIFT+ENTER to drop down to a new line.<br/>Type HELP --BBCODE for bbcode help'
u413.donttype(helpout)
elif params[0].upper()=="--BBCODE":
u413.type("The following BBCodes are available:")
out='<br/><table>'
for code in bbcodes:
if bbcodes[code][0]:
out+='<tr><td style="width:2em;"></td><td>%s</td></tr>'%bbcodes[code][1]
else:
out+='<tr><td style="width:2em;">*</td><td>%s</td></tr>'%bbcodes[code][1]
out+='</table><br/>(* = available on the wall)'
u413.donttype(out)
else:
cmd=args.split()[0].upper()
if cmd in command.cmds and int(command.cmds[cmd].level)<=int(u413.user.level):
c=command.cmds[cmd]
#change this to something that shows a more detailed help
u413.type(cmd+' - '+c.description)
u413.donttype("Usage: "+cmd+" "+util.htmlify (c.usage))
for a in c.args:
u413.donttype('<span class="tab"></span>'+a+' - '+c.args[a])
else:
u413.type('"%s" is not a command.'%cmd)
def topic_func(args, u413):
params = args.split(' ', 2)
if len(params) == 0 or not util.isint(params[0]):
u413.type("Invalid topic ID.")
return
topic = int(params[0])
if len(params) == 1:
page = 1
output_page(topic, 1, u413)
elif len(params) == 2:
if params[1].upper() == "REPLY":
u413.j["Command"] = "REPLY"
u413.cmddata["topic"] = topic
u413.continue_cmd()
else:
page = 1
if util.isint(params[1]):
page = int(params[1])
elif params[1].upper() == 'LAST':
page = db.count_posts(topic)
if page == 0:
page = 1
else:
page = math.ceil(page / 10.0)
output_page(topic, page, u413)
elif params[1].upper() == "REPLY":
db.query(
"INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"
% (topic, u413.user.userid, db.escape(util.htmlify(params[3]))))
u413.type("Reply made successfully.")
def post(self):
if(self.request.cookies.get('user') and self.check_secure_val(self.request.cookies.get('user'))):
user = databases.User.get_by_id(int(self.request.cookies.get('user').split('|')[0]))
content = util.htmlify(util.escape(self.request.POST['content']))
logging.debug(content)
postid = self.request.get('id')
post = databases.Post.get_by_id(int(postid))
if post:
comment = databases.Comment.addComment(post, user, content)
self.render('comments.html', comment = comment, post = post, user = user)
else:
self.write('ERROR')
def whois_func(args,u413):
args=args.split(' ')[0]
if len(args)==0:
u413.cmds["WHO"].callback('',u413)
else:
u=db.query("SELECT * FROM users WHERE UCASE(username)='%s';"%db.escape(args.upper()))
if len(u)==0:
u413.type('"%s" is not a u413 member.'%util.htmlify(args.upper()))
else:
u=u[0]
s=db.query("SELECT user FROM sessions WHERE user='******';"%db.escape(u["id"]))
if len(s)==0:
s=False
else:
s=True
u413.donttype('Username: '******'User ID: '+u["id"])
u413.donttype('User access: '+user.userlvl(int(u["access"]))+' ('+u["access"]+')')
u413.donttype('Logged in: '+str(s))
def help_func(args, u413):
params = args.split(' ', 1)
if args.strip() == "":
helpout = ''
u413.type("The following commands are available:")
helpout = '<br/><table>'
for cmd in command.cmds:
if u413.user.level >= u413.cmds[cmd].level and not u413.cmds[
cmd].hidden:
c = u413.cmds[cmd]
helpout += '<tr><td style="width:2em;"></td><td>' + cmd + '</td><td style="padding-left:1em;">' + command.cmds[
cmd].description + "</td></tr>"
helpout += '</table><br/>[] - optional parameter<br/><> - required parameter<br/>SHIFT+ENTER to drop down to a new line.<br/>Type HELP --BBCODE for bbcode help'
u413.donttype(helpout)
elif params[0].upper() == "--BBCODE":
u413.type("The following BBCodes are available:")
out = '<br/><table>'
for code in bbcodes:
if bbcodes[code][0]:
out += '<tr><td style="width:2em;"></td><td>%s</td></tr>' % bbcodes[
code][1]
else:
out += '<tr><td style="width:2em;">*</td><td>%s</td></tr>' % bbcodes[
code][1]
out += '</table><br/>(* = available on the wall)'
u413.donttype(out)
else:
cmd = args.split()[0].upper()
if cmd in command.cmds and int(command.cmds[cmd].level) <= int(
u413.user.level):
c = command.cmds[cmd]
#change this to something that shows a more detailed help
u413.type(cmd + ' - ' + c.description)
u413.donttype("Usage: " + cmd + " " + util.htmlify(c.usage))
for a in c.args:
u413.donttype('<span class="tab"></span>' + a + ' - ' +
c.args[a])
else:
u413.type('"%s" is not a command.' % cmd)
def whois_func(args, u413):
args = args.split(' ')[0]
if len(args) == 0:
u413.cmds["WHO"].callback('', u413)
else:
u = db.query("SELECT * FROM users WHERE UCASE(username)='%s';" %
db.escape(args.upper()))
if len(u) == 0:
u413.type('"%s" is not a u413 member.' %
util.htmlify(args.upper()))
else:
u = u[0]
s = db.query("SELECT user FROM sessions WHERE user='******';" %
db.escape(u["id"]))
if len(s) == 0:
s = False
else:
s = True
u413.donttype('Username: '******'User ID: ' + u["id"])
u413.donttype('User access: ' + user.userlvl(int(u["access"])) +
' (' + u["access"] + ')')
u413.donttype('Logged in: ' + str(s))
def wall_func(args, u413):
r = db.query("SELECT * FROM wall ORDER BY posted;")
if args.strip() == '':
if len(r) == 0:
u413.type("There are no notes on the wall.")
else:
u413.type("Welcome to the wall!")
out = '<br/><table style="padding-right:8px;">'
for entry in r:
u = db.query("SELECT username FROM users WHERE id=%i" %
int(entry["user"]))
out += '<tr><td>{{<span class="transmit" data-transmit="WHOIS {0}">{0}</span>}}</td><td style="padding-left:1em;">{1} <span class="dim">{2}</span></td></tr>'.format(
u[0]["username"], bbcodify(entry["text"]),
util.ago(entry["posted"]))
u413.donttype(out + '</table>')
u413.set_context("WALL")
u413.clear_screen()
else:
if len(r) >= 256:
db.query("DELETE FROM wall ORDER BY posted LIMIT 1;")
db.query("INSERT INTO wall(user,text) VALUES(%i,'%s');" %
(u413.user.userid, db.escape(util.htmlify(args))))
wall_func('', u413)
def post(self):
if(self.request.cookies.get('user') and self.check_secure_val(self.request.cookies.get('user'))):
user = databases.User.get_by_id(int(self.request.cookies.get('user').split('|')[0]))
content = util.htmlify(self.request.POST['content'])
post = databases.Post.addPost(user, content)
self.render("post.html", post = post, user = user)
def register_func(args,u413):
#check for special cases
if u413.user.name!="Guest":
u413.type("You need to be logged out to register.")
return
params=args.split()
#REGISTER has already requested continuation
if "step" in u413.cmddata:
if args=="":
u413.type("Action cancelled.")
u413.set_context("")
return
#Note: For all, ignore extra arguments
#USERNAME>
if u413.cmddata["step"]==1:
if is_taken(params[0]):
u413.type("Username already in use.")
u413.set_context("")
else:
u413.cmddata["username"]=params[0]
u413.cmddata["step"]=2
u413.type("Enter a password:"******"PASSWORD")
u413.continue_cmd()
u413.use_password()
#PASSWORD>
elif u413.cmddata["step"]==2:
if is_stupid(u413.cmddata["username"],params[0]):
u413.type("That's a stupid password. Pick another one.")
else:
u413.cmddata["password"]=params[0]
u413.cmddata["step"]=3
u413.type("Confirm your password:"******"CONFIRM PASSWORD")
u413.continue_cmd()
u413.use_password()
#CONFIRM PASSWORD>
elif u413.cmddata["step"]==3:
if u413.cmddata["password"]==params[0]:
db.query("INSERT INTO users(username,password,access,alias) VALUES('%s','%s',%i,'[]');"%(db.escape(util.htmlify(util.stripctrl(u413.cmddata["username"]))),user.sha256(params[0]),user.User.member))
u413.type("You are now registered.")
else:
u413.type("Passwords do not match.")
u413.set_context("")
#initial use of command
else:
#REGISTER
if len(args)==0:
u413.cmddata["step"]=1
u413.type("Enter your desired username:"******"USERNAME")
u413.continue_cmd()
#REGISTER username
elif len(params)==1:
if is_taken(params[0]):
u413.type("Username already in use.")
else:
u413.cmddata["username"]=params[0]
u413.cmddata["step"]=2
u413.type("Enter a password:"******"PASSWORD")
u413.use_password()
u413.continue_cmd()
#REGISTER username password
#Note: ignore anything after username/password
else:
if is_taken(params[0]):
u413.type("Username already in use.")
elif is_stupid(params[0],params[1]):
u413.cmddata["username"]=params[0]
u413.cmddata["step"]=2
u413.type("That's a stupid password. Pick another one.")
u413.continue_cmd()
u413.use_password()
else:
u413.cmddata["username"]=params[0]
u413.cmddata["password"]=params[1]
u413.cmddata["step"]=3
u413.type("Confirm your password:"******"CONFIRM PASSWORD")
u413.continue_cmd()
u413.use_password()
def ping_func(args, u413):
u413.type("PONG " + util.htmlify(args))
def alias_func(args, u413):
if "step" in u413.cmddata:
if u413.cmddata["step"] == 1:
u413.cmddata["step"] = 2
u413.cmddata["to"] = args
u413.type("Enter the pattern to be replaced:")
u413.set_context("FROM")
u413.continue_cmd()
elif u413.cmddata["step"] == 2:
u413.user.alias.append({"to": u413.cmddata["to"], "from": args})
db.query("UPDATE users SET alias='%s' WHERE id=%i;" %
(db.escape(repr(u413.user.alias)), u413.user.userid))
u413.type("Alias created successfully.")
u413.set_context(u413.cmddata["context"])
elif u413.cmddata["step"] == 3:
x = None
for a in range(len(u413.user.alias)):
if args.upper() == u413.user.alias[a]["from"].upper():
x = a
if x == None:
u413.type('"%s" is not an alias.' % args)
else:
del u413.user.alias[x]
db.query("UPDATE users SET alias='%s' WHERE id=%i;" %
(db.escape(repr(u413.user.alias)), u413.user.userid))
u413.type("Alias deleted.")
u413.set_context(u413.cmddata["context"])
else:
params = args.split(' ', 1)
#ALIAS
if len(args.split(' ', 1)[0]) == 0:
aliases = eval(
db.query("SELECT alias FROM users WHERE id=%i;" %
u413.user.userid)[0]["alias"])
if len(aliases) == 0:
u413.type("You have no aliases.")
else:
u413.type("Your aliases:")
out = '<table>'
for alias in aliases:
out += '<tr><td style="width:2em;"></td><td>%s -> %s</td></tr>' % (
util.htmlify(alias["from"]), util.htmlify(alias["to"]))
u413.donttype(out + '</table>')
#ALIAS to | --delete | --new
elif len(params) == 1:
if params[0].upper() == "--DELETE":
u413.cmddata["step"] = 3
u413.cmddata["context"] = u413.user.context
u413.type("Enter the pattern to be deleted:")
u413.set_context("PATTERN")
u413.continue_cmd()
elif params[0].upper() == "--NEW":
u413.cmddata["step"] = 1
u413.cmddata["context"] = u413.user.context
u413.type("Enter the command to alias:")
u413.set_context("TO")
u413.continue_cmd()
else:
u413.cmddata["step"] = 2
u413.cmddata["context"] = u413.user.context
u413.cmddata["to"] = params[0]
u413.type("Enter the pattern to be replaced:")
u413.set_context("FROM")
u413.continue_cmd()
#ALIAS to from | --delete from
else:
if params[0].upper() == "--DELETE":
x = None
for a in range(len(u413.user.alias)):
if params[1].upper() == u413.user.alias[a]["from"].upper():
x = a
if x == None:
u413.type('"%s" is not an alias.' % params[1])
else:
del u413.user.alias[x]
db.query(
"UPDATE users SET alias='%s' WHERE id=%i;" %
(db.escape(repr(u413.user.alias)), u413.user.userid))
u413.type("Alias deleted.")
else:
u413.user.alias.append({"to": params[0], "from": params[1]})
db.query("UPDATE users SET alias='%s' WHERE id=%i;" %
(db.escape(repr(u413.user.alias)), u413.user.userid))
u413.type("Alias created successfully.")
def topic_func(args,u413):
params=args.split(' ',2)
if len(params)==0 or not util.isint(params[0]):
u413.type("Invalid topic ID.")
return
topic=int(params[0])
if len(params)==1:
page=1
output_page(topic,1,u413)
elif len(params)==2:
if params[1].upper()=="REPLY":
u413.j["Command"]="REPLY"
u413.cmddata["topic"]=topic
u413.continue_cmd()
else:
page=1
if util.isint(params[1]):
page=int(params[1])
elif params[1].upper()=='LAST':
page=db.count_posts(topic)
if page==0:
page=1
else:
page=math.ceil(page/10.0)
output_page(topic,page,u413)
elif params[1].upper()=="REPLY":
db.query("INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"%(topic,u413.user.userid,db.escape(util.htmlify(params[3]))))
u413.type("Reply made successfully.")
def reply_func(args, u413):
#already used REPLY
if "step" in u413.cmddata:
if args.strip() == '':
u413.type("Action cancelled.")
u413.set_context("")
#ID>
elif u413.cmddata["step"] == 1:
if util.isint(args):
u413.cmddata["step"] = 2
u413.cmddata["topic"] = int(args)
u413.type("Enter your reply:")
u413.set_context("REPLY")
u413.continue_cmd()
else:
u413.type("Invalid topic ID.")
u413.set_context("")
#REPLY>
elif u413.cmddata["step"] == 2:
db.query(
"INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"
% (u413.cmddata["topic"], u413.user.userid,
db.escape(util.htmlify(args))))
reload_topic(u413.cmddata["topic"], u413.cmddata["page"], u413)
#first use of REPLY
else:
params = args.split(' ', 1)
context = u413.user.context.split(' ')
#REPLY
if args.strip() == '':
if "TOPIC" in u413.user.context:
u413.cmddata["step"] = 2
u413.cmddata["topic"] = int(u413.user.context.split(' ')[1])
u413.type("Enter your reply:")
u413.set_context("REPLY")
u413.continue_cmd()
else:
u413.cmddata["step"] = 1
u413.type("Enter the topic ID:")
u413.set_context("TOPIC ID")
u413.continue_cmd()
#REPLY [id]
elif len(params) == 1:
if util.isint(params[0]):
u413.cmddata["step"] = 2
u413.cmddata["topic"] = int(params[0])
u413.type("Enter your reply:")
u413.continue_cmd()
elif "TOPIC" in u413.user.context:
topic = int(u413.user.context.split(' ')[1])
db.query(
"INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"
% (topic, u413.user.userid, db.escape(util.htmlify(args))))
page = 1
if len(context) > 2:
page = int(context[2])
reload_topic(int(context[1]), page, u413)
else:
u413.type("Invalid topic ID.")
#REPLY [[id] message]
else:
if util.isint(params[0]):
if len(params) == 2:
db.query(
"INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"
% (int(params[0]), u413.user.userid,
db.escape(util.htmlify(params[1]))))
page = 1
if len(context) > 2:
page = int(context[2])
u413.type("Reply added successfully.")
else:
u413.cmddata["step"] = 2
u413.cmddata["topic"] = int(params[0])
u413.type("Enter your reply:")
u413.set_context("REPLY")
u413.continue_cmd()
elif "TOPIC" in u413.user.context:
topic = int(u413.user.context.split(' ')[1])
db.query(
"INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"
% (topic, u413.user.userid, db.escape(util.htmlify(args))))
page = 1
if len(context) > 2:
page = int(context[2])
reload_topic(topic, page, u413)
else:
u413.type("Topic ID required.")
u413.cmddata["page"] = 1
if len(context) > 2:
u413.cmddata["page"] = int(context[2])
def register_func(args, u413):
#check for special cases
if u413.user.name != "Guest":
u413.type("You need to be logged out to register.")
return
params = args.split()
#REGISTER has already requested continuation
if "step" in u413.cmddata:
if args == "":
u413.type("Action cancelled.")
u413.set_context("")
return
#Note: For all, ignore extra arguments
#USERNAME>
if u413.cmddata["step"] == 1:
if is_taken(params[0]):
u413.type("Username already in use.")
u413.set_context("")
else:
u413.cmddata["username"] = params[0]
u413.cmddata["step"] = 2
u413.type("Enter a password:"******"PASSWORD")
u413.continue_cmd()
u413.use_password()
#PASSWORD>
elif u413.cmddata["step"] == 2:
if is_stupid(u413.cmddata["username"], params[0]):
u413.type("That's a stupid password. Pick another one.")
else:
u413.cmddata["password"] = params[0]
u413.cmddata["step"] = 3
u413.type("Confirm your password:"******"CONFIRM PASSWORD")
u413.continue_cmd()
u413.use_password()
#CONFIRM PASSWORD>
elif u413.cmddata["step"] == 3:
if u413.cmddata["password"] == params[0]:
if is_taken(u413.cmddata["username"]):
u413.type("Username already in use.")
else:
db.query(
"INSERT INTO users(username,password,access,alias) VALUES('%s','%s',%i,'[]');"
% (db.escape(
util.htmlify(
util.stripctrl(u413.cmddata["username"]))),
user.sha256(params[0]), user.User.member))
u413.type("You are now registered.")
else:
u413.type("The passwords do not match.")
u413.set_context("")
#initial use of command
else:
#REGISTER
if len(args) == 0:
u413.cmddata["step"] = 1
u413.type("Enter your desired username:"******"USERNAME")
u413.continue_cmd()
#REGISTER username
elif len(params) == 1:
if is_taken(params[0]):
u413.type("Username already in use.")
else:
u413.cmddata["username"] = params[0]
u413.cmddata["step"] = 2
u413.type("Enter a password:"******"PASSWORD")
u413.use_password()
u413.continue_cmd()
#REGISTER username password
#Note: ignore anything after username/password
else:
if is_taken(params[0]):
u413.type("Username already in use.")
elif is_stupid(params[0], params[1]):
u413.cmddata["username"] = params[0]
u413.cmddata["step"] = 2
u413.type("That's a stupid password. Pick another one.")
u413.continue_cmd()
u413.use_password()
else:
u413.cmddata["username"] = params[0]
if is_taken(u413.cmddata["username"]):
u413.type("Username already in use.")
else:
u413.cmddata["password"] = params[1]
u413.cmddata["step"] = 3
u413.type("Confirm your password:"******"CONFIRM PASSWORD")
u413.continue_cmd()
u413.use_password()
def reply_func(args,u413):
#already used REPLY
if "step" in u413.cmddata:
if args.strip()=='':
u413.type("Action cancelled.")
u413.set_context("")
#ID>
elif u413.cmddata["step"]==1:
if util.isint(args):
u413.cmddata["step"]=2
u413.cmddata["topic"]=int(args)
u413.type("Enter your reply:")
u413.set_context("REPLY")
u413.continue_cmd()
else:
u413.type("Invalid topic ID.")
u413.set_context("")
#REPLY>
elif u413.cmddata["step"]==2:
db.query("INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"%(u413.cmddata["topic"],u413.user.userid,db.escape(util.htmlify(args))))
reload_topic(u413.cmddata["topic"],u413.cmddata["page"],u413)
#first use of REPLY
else:
params=args.split(' ',1)
context=u413.user.context.split(' ')
#REPLY
if args.strip()=='':
if "TOPIC" in u413.user.context:
u413.cmddata["step"]=2
u413.cmddata["topic"]=int(u413.user.context.split(' ')[1])
u413.type("Enter your reply:")
u413.set_context("REPLY")
u413.continue_cmd()
else:
u413.cmddata["step"]=1
u413.type("Enter the topic ID:")
u413.set_context("TOPIC ID")
u413.continue_cmd()
#REPLY [id]
elif len(params)==1:
if util.isint(params[0]):
u413.cmddata["step"]=2
u413.cmddata["topic"]=int(params[0])
u413.type("Enter your reply:")
u413.continue_cmd()
elif "TOPIC" in u413.user.context:
topic=int(u413.user.context.split(' ')[1])
db.query("INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"%(topic,u413.user.userid,db.escape(util.htmlify(args))))
page=1
if len(context)>2:
page=int(context[2])
reload_topic(int(context[1]),page,u413)
else:
u413.type("Invalid topic ID.")
#REPLY [[id] message]
else:
if util.isint(params[0]):
if len(params)==2:
db.query("INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"%(int(params[0]),u413.user.userid,db.escape(util.htmlify(params[1]))))
page=1
if len(context)>2:
page=int(context[2])
u413.type("Reply added successfully.")
else:
u413.cmddata["step"]=2
u413.cmddata["topic"]=int(params[0])
u413.type("Enter your reply:")
u413.set_context("REPLY")
u413.continue_cmd()
elif "TOPIC" in u413.user.context:
topic=int(u413.user.context.split(' ')[1])
db.query("INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"%(topic,u413.user.userid,db.escape(util.htmlify(args))))
page=1
if len(context)>2:
page=int(context[2])
reload_topic(topic,page,u413)
else:
u413.type("Topic ID required.")
u413.cmddata["page"]=1
if len(context)>2:
u413.cmddata["page"]=int(context[2])
def ping_func(args, u413):
u413.type("PONG " + util.htmlify(args))
def login(self,username,password):
password=sha256(password)
r=db.query("SELECT * FROM users WHERE LCASE(username)='%s' AND password='******';"%(db.escape(util.htmlify(username.lower())),password))
if len(r)==0:
return False
r=r[0]
self.name=r["username"]
self.level=int(r["access"])
self.userid=int(r["id"])
self.mute=bool(ord(r["muted"]))
db.query("UPDATE sessions SET username='******',user=%i,access=%i WHERE id='%s';"%(self.name,self.userid,self.level,self.session))
return True
def wall_func(args,u413):
r=db.query("SELECT * FROM wall ORDER BY posted;")
if args.strip()=='':
if len(r)==0:
u413.type("There are no notes on the wall.")
else:
u413.type("Welcome to the wall!")
out='<br/><table style="padding-right:8px;">'
for entry in r:
u=db.query("SELECT username FROM users WHERE id=%i"%int(entry["user"]))
out+='<tr><td>{{<span class="transmit" data-transmit="WHOIS {0}">{0}</span>}}</td><td style="padding-left:1em;">{1} <span class="dim">{2}</span></td></tr>'.format(u[0]["username"],bbcodify(entry["text"]),util.ago(entry["posted"]))
u413.donttype(out+'</table>')
u413.set_context("WALL")
u413.clear_screen()
else:
if len(r)>=256:
db.query("DELETE FROM wall ORDER BY posted LIMIT 1;")
db.query("INSERT INTO wall(user,text) VALUES(%i,'%s');"%(u413.user.userid,db.escape(util.htmlify(args))))
wall_func('',u413)
def edit_func(args, u413):
# EDIT already requested continuation
if "step" in u413.cmddata:
# ID>
if u413.cmddata["step"] == 1:
u413.donttype('"' + args + '"')
if util.isint(args):
u413.cmddata["id"] = int(args)
u413.cmddata["step"] = 2
u413.set_context("NEW BODY")
u413.type("Enter the new post body:")
u413.edit_text(util.dehtmlify(db.query("SELECT post FROM posts WHERE id=%i;" % int(args))[0]["post"]))
u413.continue_cmd()
else:
u413.type("Invalid post ID.")
u413.set_context("")
# NEW BODY>
elif u413.cmddata["step"] == 2:
post = int(db.query("SELECT owner FROM posts WHERE id=%i;" % u413.cmddata["id"])[0]["owner"])
owner = int(db.query("SELECT access FROM users WHERE id=%i;" % post)[0]["access"])
if post != u413.user.userid:
if u413.user.level < user.User.halfmod or u413.user.level <= owner:
u413.type("You do not have permission to edit other user's posts.")
return
db.query(
"UPDATE posts SET post='%s',editor=%i,edited=NOW() WHERE id=%i;"
% (db.escape(util.htmlify(args)), u413.user.userid, u413.cmddata["id"])
)
u413.type("Post edited successfully.")
u413.set_context(u413.cmddata["context"])
# EDIT used for the first time
else:
params = args.split(" ", 1)
# EDIT
if len(args) == 0:
u413.cmddata["step"] = 1
u413.cmddata["context"] = u413.user.context
u413.type("Enter the post's ID:")
u413.set_context("Post ID")
u413.continue_cmd()
# EDIT id
elif len(params) == 1:
if util.isint(args):
u413.cmddata["step"] = 2
u413.cmddata["context"] = u413.user.context
u413.cmddata["id"] = int(args)
u413.type("Enter the new post body:")
u413.set_context("NEW BODY")
u413.edit_text(util.dehtmlify(db.query("SELECT post FROM posts WHERE id=%i;" % int(args))[0]["post"]))
u413.continue_cmd()
else:
u413.type("Invalid post ID.")
# EDIT id body
else:
if util.isint(params[0]):
post = int(db.query("SELECT owner FROM posts WHERE id=%i;" % int(params[0]))[0]["owner"])
owner = int(db.query("SELECT access FROM users WHERE id=%i;" % post)[0]["access"])
if post != u413.user.userid:
if u413.user.level < user.User.halfmod or u413.user.level <= owner:
u413.type("You do not have permission to edit other user's posts.")
return
db.query(
"UPDATE posts SET post='%s',editor=%i,edited=NOW() WHERE id=%i;"
% (db.escape(util.htmlify(params[1])), u413.user.userid, int(params[0]))
)
u413.type("Post edited successfully.")
u413.set_context("")
else:
u413.type("Invalid post ID.")
def newtopic_func(args,u413):
params=args.split(' ',1)
#continued NEWTOPIC
if "step" in u413.cmddata:
if args=='':
u413.type("Action cancelled.")
u413.set_context("")
return
#BOARD>
if u413.cmddata["step"]==1:
if isint(args) and int(params[0])!=0:
u413.cmddata["step"]=2
u413.cmddata["board"]=args
u413.type("Enter the topic's title:")
u413.set_context("TITLE")
u413.continue_cmd()
else:
u413.type('Invalid board ID.')
u413.set_context("")
#TITLE>
elif u413.cmddata["step"]==2:
u413.cmddata["step"]=3
u413.cmddata["title"]=args
u413.type("Enter the topic's body:")
u413.set_context("BODY")
u413.continue_cmd()
#BODY>
elif u413.cmddata["step"]==3:
db.query("INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(TRUE,'%s',%i,%i,0,'%s',FALSE,NULL,NOW());"%(db.escape(u413.cmddata["title"]),int(u413.cmddata["board"]),u413.user.userid,db.escape(util.htmlify(args))))
topic=int(db.query("SELECT id FROM posts ORDER BY id DESC LIMIT 1;")[0]["id"])
u413.type("Topic %i was created successfully."%topic)
u413.set_context("")
#first use
else:
#NEWTOPIC
if args.strip()=='':
if "BOARD" in u413.user.context:
u413.cmddata["step"]=2
u413.cmddata["board"]=int(u413.user.context[6:])
u413.type("Enter the topic's title:")
u413.set_context("TITLE")
else:
u413.cmddata["step"]=1
u413.type("Enter the board ID:")
u413.set_context("BOARD")
u413.continue_cmd()
#NEWTOPIC board
elif len(params)==1:
if isint(params[0]) and int(params[0])!=0:
u413.cmddata["step"]=2
u413.cmddata["board"]=int(params[0])
u413.type("Enter the topic's title:")
u413.set_context("TITLE")
u413.continue_cmd()
else:
u413.type('Invalid board ID')
#NEWTOPIC board topic
else:
if isint(params[0]) and int(params[0])!=0:
u413.cmddata["step"]=3
u413.cmddata["board"]=int(params[0])
u413.cmddata["topic"]=params[1]
u413.type("Enter the topic's body:")
u413.set_context("BODY")
u413.continue_cmd()
else:
u413.donttype('<span class="error">Invalid board ID</span>')
def echo_func(args,u413): u413.type(util.htmlify(args))
def newtopic_func(args, u413):
params = args.split(' ', 1)
#continued NEWTOPIC
if "step" in u413.cmddata:
if args == '':
u413.type("Action cancelled.")
u413.set_context("")
return
#BOARD>
if u413.cmddata["step"] == 1:
if isint(args) and int(params[0]) != 0:
u413.cmddata["step"] = 2
u413.cmddata["board"] = args
u413.type("Enter the topic's title:")
u413.set_context("TITLE")
u413.continue_cmd()
else:
u413.type('Invalid board ID.')
u413.set_context("")
#TITLE>
elif u413.cmddata["step"] == 2:
u413.cmddata["step"] = 3
u413.cmddata["title"] = args
u413.type("Enter the topic's body:")
u413.set_context("BODY")
u413.continue_cmd()
#BODY>
elif u413.cmddata["step"] == 3:
db.query(
"INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(TRUE,'%s',%i,%i,0,'%s',FALSE,NULL,NOW());"
%
(db.escape(u413.cmddata["title"]), int(u413.cmddata["board"]),
u413.user.userid, db.escape(util.htmlify(args))))
topic = int(
db.query("SELECT id FROM posts ORDER BY id DESC LIMIT 1;")[0]
["id"])
u413.type("Topic %i was created successfully." % topic)
u413.set_context("")
#first use
else:
#NEWTOPIC
if args.strip() == '':
if "BOARD" in u413.user.context:
u413.cmddata["step"] = 2
u413.cmddata["board"] = int(u413.user.context[6:])
u413.type("Enter the topic's title:")
u413.set_context("TITLE")
else:
u413.cmddata["step"] = 1
u413.type("Enter the board ID:")
u413.set_context("BOARD")
u413.continue_cmd()
#NEWTOPIC board
elif len(params) == 1:
if isint(params[0]) and int(params[0]) != 0:
u413.cmddata["step"] = 2
u413.cmddata["board"] = int(params[0])
u413.type("Enter the topic's title:")
u413.set_context("TITLE")
u413.continue_cmd()
else:
u413.type('Invalid board ID')
#NEWTOPIC board topic
else:
if isint(params[0]) and int(params[0]) != 0:
u413.cmddata["step"] = 3
u413.cmddata["board"] = int(params[0])
u413.cmddata["topic"] = params[1]
u413.type("Enter the topic's body:")
u413.set_context("BODY")
u413.continue_cmd()
else:
u413.donttype('<span class="error">Invalid board ID</span>')
def echo_func(args, u413):
u413.type(util.htmlify(args))
def edit_func(args, u413):
#EDIT already requested continuation
if "step" in u413.cmddata:
#ID>
if u413.cmddata["step"] == 1:
u413.donttype('"' + args + '"')
if util.isint(args):
u413.cmddata["id"] = int(args)
u413.cmddata["step"] = 2
u413.set_context("NEW BODY")
u413.type("Enter the new post body:")
u413.edit_text(
util.dehtmlify(
db.query("SELECT post FROM posts WHERE id=%i;" %
int(args))[0]["post"]))
u413.continue_cmd()
else:
u413.type("Invalid post ID.")
u413.set_context("")
#NEW BODY>
elif u413.cmddata["step"] == 2:
post = int(
db.query("SELECT owner FROM posts WHERE id=%i;" %
u413.cmddata["id"])[0]["owner"])
owner = int(
db.query("SELECT access FROM users WHERE id=%i;" %
post)[0]["access"])
if post != u413.user.userid:
if u413.user.level < user.User.halfmod or u413.user.level <= owner:
u413.type(
"You do not have permission to edit other user's posts."
)
return
db.query(
"UPDATE posts SET post='%s',editor=%i,edited=NOW() WHERE id=%i;"
% (db.escape(
util.htmlify(args)), u413.user.userid, u413.cmddata["id"]))
u413.type("Post edited successfully.")
u413.set_context(u413.cmddata["context"])
#EDIT used for the first time
else:
params = args.split(' ', 1)
#EDIT
if len(args) == 0:
u413.cmddata["step"] = 1
u413.cmddata["context"] = u413.user.context
u413.type("Enter the post's ID:")
u413.set_context("Post ID")
u413.continue_cmd()
#EDIT id
elif len(params) == 1:
if util.isint(args):
u413.cmddata["step"] = 2
u413.cmddata["context"] = u413.user.context
u413.cmddata["id"] = int(args)
u413.type("Enter the new post body:")
u413.set_context("NEW BODY")
u413.edit_text(
util.dehtmlify(
db.query("SELECT post FROM posts WHERE id=%i;" %
int(args))[0]["post"]))
u413.continue_cmd()
else:
u413.type("Invalid post ID.")
#EDIT id body
else:
if util.isint(params[0]):
post = int(
db.query("SELECT owner FROM posts WHERE id=%i;" %
int(params[0]))[0]["owner"])
owner = int(
db.query("SELECT access FROM users WHERE id=%i;" %
post)[0]["access"])
if post != u413.user.userid:
if u413.user.level < user.User.halfmod or u413.user.level <= owner:
u413.type(
"You do not have permission to edit other user's posts."
)
return
db.query(
"UPDATE posts SET post='%s',editor=%i,edited=NOW() WHERE id=%i;"
% (db.escape(util.htmlify(
params[1])), u413.user.userid, int(params[0])))
u413.type("Post edited successfully.")
u413.set_context("")
else:
u413.type("Invalid post ID.")
def alias_func(args,u413):
if "step" in u413.cmddata:
if u413.cmddata["step"]==1:
u413.cmddata["step"]=2
u413.cmddata["to"]=args
u413.type("Enter the pattern to be replaced:")
u413.set_context("FROM")
u413.continue_cmd()
elif u413.cmddata["step"]==2:
u413.user.alias.append({"to":u413.cmddata["to"],"from":args})
db.query("UPDATE users SET alias='%s' WHERE id=%i;"%(db.escape(repr(u413.user.alias)),u413.user.userid))
u413.type("Alias created successfully.")
u413.set_context(u413.cmddata["context"])
elif u413.cmddata["step"]==3:
x=None
for a in range(len(u413.user.alias)):
if args.upper()==u413.user.alias[a]["from"].upper():
x=a
if x==None:
u413.type('"%s" is not an alias.'%args)
else:
del u413.user.alias[x]
db.query("UPDATE users SET alias='%s' WHERE id=%i;"%(db.escape(repr(u413.user.alias)),u413.user.userid))
u413.type("Alias deleted.")
u413.set_context(u413.cmddata["context"])
else:
params=args.split(' ',1)
#ALIAS
if len(args.split(' ',1)[0])==0:
aliases=eval(db.query("SELECT alias FROM users WHERE id=%i;"%u413.user.userid)[0]["alias"])
if len(aliases)==0:
u413.type("You have no aliases.")
else:
u413.type("Your aliases:")
out='<table>'
for alias in aliases:
out+='<tr><td style="width:2em;"></td><td>%s -> %s</td></tr>'%(util.htmlify(alias["from"]),util.htmlify(alias["to"]))
u413.donttype(out+'</table>')
#ALIAS to | --delete | --new
elif len(params)==1:
if params[0].upper()=="--DELETE":
u413.cmddata["step"]=3
u413.cmddata["context"]=u413.user.context
u413.type("Enter the pattern to be deleted:")
u413.set_context("PATTERN")
u413.continue_cmd()
elif params[0].upper()=="--NEW":
u413.cmddata["step"]=1
u413.cmddata["context"]=u413.user.context
u413.type("Enter the command to alias:")
u413.set_context("TO")
u413.continue_cmd()
else:
u413.cmddata["step"]=2
u413.cmddata["context"]=u413.user.context
u413.cmddata["to"]=params[0]
u413.type("Enter the pattern to be replaced:")
u413.set_context("FROM")
u413.continue_cmd()
#ALIAS to from | --delete from
else:
if params[0].upper()=="--DELETE":
x=None
for a in range(len(u413.user.alias)):
if params[1].upper()==u413.user.alias[a]["from"].upper():
x=a
if x==None:
u413.type('"%s" is not an alias.'%params[1])
else:
del u413.user.alias[x]
db.query("UPDATE users SET alias='%s' WHERE id=%i;"%(db.escape(repr(u413.user.alias)),u413.user.userid))
u413.type("Alias deleted.")
else:
u413.user.alias.append({"to":params[0],"from":params[1]})
db.query("UPDATE users SET alias='%s' WHERE id=%i;"%(db.escape(repr(u413.user.alias)),u413.user.userid))
u413.type("Alias created successfully.")
def nsfwall_func(args,u413):
r=db.query("SELECT * FROM nsfwall ORDER BY posted;")
if args.strip()=='':
if len(r)==0:
u413.type("There are no notes on the nsfwall.")
else:
u413.type("The wall for all your NSFW needs.")
out='<br/><table style="padding-right:8px;">'
for entry in r:
u=db.query("SELECT username FROM users WHERE id=%i"%int(entry["user"]))
out+='<tr><td>{%s}</td><td style="padding-left:1em;">%s <span class="dim">%s</span></td></tr>'%(u[0]["username"],bbcodify(entry["text"]),util.ago(entry["posted"]))
u413.donttype(out+'</table>')
u413.set_context("NSFWALL")
u413.clear_screen()
else:
if len(r)>=256:
db.query("DELETE FROM nsfwall ORDER BY posted LIMIT 1;")
db.query("INSERT INTO nsfwall(user,text) VALUES(%i,'%s');"%(u413.user.userid,db.escape(util.htmlify(args))))
nsfwall_func('',u413)