Ejemplo n.º 1
0
def loginView(request):
    if request.user.is_authenticated():
         return redirect('website:catalogue')
    if request.method == 'POST':
        name = request.POST.get('login','')
        pw = request.POST.get('password','')

        #check if either is only whitespace
        if isNoneOrEmptyOrBlankString(name) or isNoneOrEmptyOrBlankString(pw):
            return HttpResponseBadRequest('username and/or password is empty')
        user = authenticate(username=name,password=pw)

        if user is not None:
            if user.is_active:
                login(request, user)
                #go to next or url root(index)
                return redirect(request.REQUEST.get('next','/'))
                
        else:
            messages.error(request, 'User not found')
            return redirect('website:index')

    elif request.method == 'GET':
        nextPage = request.REQUEST.get('next','/')
        if nextPage != '/':
            messages.warning(request,"You need to be logged in to view this page")
        return render(request, 'authenticate/login.html',{'next':nextPage})
Ejemplo n.º 2
0
def signup(request):
    if request.method == 'POST':
        name = request.POST.get('name','')
        pw = request.POST.get('password','')
        email = request.POST.get('email','')
        
        if not verifyCaptcha(request.POST.get('g-recaptcha-response','')):
            messages.error(request, "Captcha could not be validated")
            return redirect('website:index')
        
        
        #check if either is only whitespace
        if isNoneOrEmptyOrBlankString(name) or isNoneOrEmptyOrBlankString(pw) or isNoneOrEmptyOrBlankString(email):
            return HttpResponseBadRequest('username and/or password is empty')

        if len(User.objects(username=name)) != 0:
            messages.error(request, "Username" + name + "already taken")
            return redirect('website:index')

        if len(User.objects(email=email)) != 0:
            messages.error(request, "Email" + email + "already taken")
            return redirect('website:index')

        maxLength = len("IraklisDimitriadis") #this should be a good maxLength

        if len(name) > maxLength:
            messages.error(request, "Your name is too long. Use less than "+maxLength+" letters.")
            return redirect('website:index')

        user = User.create_user(name,pw,email)
        user.save()
        UserExtension(user=user,karma=0).save()
        
       

        #log user in after registrartion
        user = authenticate(username=name,password=pw)
        if user is not None:
            if user.is_active:
                login(request, user)
                messages.success(request, 'Your account was created. Click OK to begin using Lemur.')
                return redirect('website:catalogue')

        
    elif request.method == 'GET':
        return redirect('website:index')

       

    messages.error(request, "The server let's you know, that something unexpected happened.")
    return redirect('website:index')
Ejemplo n.º 3
0
def editComment(request,commentID):
    if request.method == 'POST':
        comment = CommentPost.objects.get(id=commentID)
        if request.user == comment.author or request.user.is_superuser:
            newText = request.POST.get('newText','')

            if isNoneOrEmptyOrBlankString(newText):
                return HttpResponseBadRequest('text field is empty')

            newText = escape(newText) #escaping for sanitizing html code in text
            #newText = markdown2.markdown(text) #render markdown syntax to html!

            if (commentSpamDetection(newText)):
                return HttpResponseBadRequest("spam detected.")

            comment.rawText = newText
            comment.isEdited = True
            comment.lastEdit = datetime.datetime.now()
            comment.save()
            renderOneCommentText(comment.slide.id,comment.page,comment)
            
            return redirect(request.POST.get('redirectURL','website:index'))

        else:
            return PermissionDenied('Illegal operation')
    else:
        raise Http404
Ejemplo n.º 4
0
def postComment(request):
    if request.method == 'POST':
        text = request.POST.get('commentText','')
        if isNoneOrEmptyOrBlankString(text):
            return HttpResponseBadRequest('text field is empty')
        text = escape(text) #escaping for sanitizing html code in text
        #text = markdown2.markdown(text) #render markdown syntax to html!
        if (commentSpamDetection(text)):
            return HttpResponseBadRequest("spam detected.")

        hadTags = False
        

        slideId = request.POST.get('slideId','')
        pageNumber = request.POST.get('pageNumber',"1")
        
        slide = Slide.objects.get(id=slideId)


        isAnonymous = False
        user = request.user
        
        tagData = request.POST.get('TagData','')
        tagList = None
        if tagData is not '':
            hadTags = True
            tagList = []
            tagNameList = []
            tagDataDecoded = json.loads(tagData)
            
            for tag in tagDataDecoded['items']:
                tagName = tag['tagName']
                
                #validate inputs
                if( float(tag["relCoordLeft"]) > (1-float(tag["relWidth"])) or float(tag["relCoordLeft"]) < 0 or 
                    float(tag["relCoordTop"]) > (1-float(tag["relHeight"])) or float(tag["relCoordTop"]) < 0 or 
                    float(tag["relHeight"]) > 0.6 or float(tag["relHeight"]) < 0.03 or 
                    float(tag['relWidth']) > 0.8 or float(tag['relWidth']) < 0.03 or 
                    len(tagName) > 11 or len(tagName) < 3 or 
                    isDuplicateTag(slideId,pageNumber,tagName)):

                    return HttpResponseBadRequest("illegal values")

                if (tagName in tagNameList):
                    return HttpResponseBadRequest("duplicate Tag Name")
                    
                tagNameList.append(tagName)
                relCoords = Coordinate(left=tag["relCoordLeft"],top=tag["relCoordTop"])
                relDimensions = Dimensions(height=tag["relHeight"],width=tag['relWidth'])
                newTag = SlideTag(tagName=tag['tagName'],color=tag['color'],relCoords=relCoords,relDimensions=relDimensions)
                tagList.append(newTag)
        

        if 'anonymous' in request.POST:
            #user = None
            isAnonymous = True
        


        comment = CommentPost(rawText=text,renderedText=text,author=user,authorExtension=getUserExtension(user),
                              date=datetime.datetime.now(),authorUserSymbol=getCurrentUserSymbol(request),
                              rootID=request.POST.get('rootID','None'), isAnonymous=isAnonymous,attachedTags=tagList,
                              slide=slide, page=pageNumber).save()
        comment.strID = str(comment.id) #this is because cancer django can't convert Objects to strings in templates
        
        #handling of (optinal) slide tag




        comment.save()
        upvoteComment(user,comment) #upvote own comment to make user not able to upvote it afterwards

       
        #render comments
        if hadTags:
            renderCommentTexts(slideId,pageNumber) #render all comments
        else:
            renderOneCommentText(slideId,pageNumber,comment)

        #remove one Karma, so that posting comments does not increase it
        userExtension = getUserExtension(user)
        userExtension.karma = userExtension.karma - 1
        userExtension.save()

        return redirect(request.POST.get('redirectURL','website:index'))
    else:
        return render(request,'comments.html', generateContext(request,
            currentPage=breadcrumbsStringGenerator([('website:catalogue','Catalogue')],'Comment Test'),
            additional={'commentList':CommentPost.objects.order_by('-votes','-date')}))