def addComment(self, author, email, website, content, post_id): #Check captcha m = md5.new() m.update(content) hash_val = m.hexdigest() if hash_val != session().get('captcha_ok_for'): raise Exception('Wrong captcha check') else: del session()['captcha_ok_for'] if website != '' and website.find("http://") != 0: website = "http://%s" % (website) #Strip scripts, style and meta content = re.sub('<(script|meta|style)(.|\s)*?>(.|\s)*?</(script|meta|style)>', '', content) #Check for same URL's posted try: self.checkURLSpam(author, content) except SpamComment: return '<p><b style="background-color: #ffffcc; color: red">Your comment was marked as spam.</b>, but will be readded if it isn\'t.</p>' self._expireCache(post_id) id = BlogCommentModel.add(author, email, website, content, post_id) email_data = { 'title': 'An comment has been posted', 'author': author, 'email': email, 'website': website, 'content': content, 'delete_link': self._getDeleteURL(id), 'post_id': self._getCommentURL(post_id, id) } #Send a notification email if hasattr(getConfig(), 'DEFAULT_EMAIL'): text = """%(title)s Author: %(author)s Email: %(email)s Website: %(website)s Post link: %(post_id)s Content: %(content)s Delete link: %(delete_link)s """ % email_data mail = getConfig().DEFAULT_EMAIL getMailManager().sendEmail(mail, [mail], '[Skeletonz] %s' % email_data['title'], text) if id: return renderComment(BlogCommentModel.getById(id), True, False) else: return '<p><b style="background-color: #ffffcc; color: red">Your comment was marked as spam.</b>, but will be readded if it isn\'t.</p>'
def validateCaptcha(self, url, content): cur_url = session().get('captcha_current_url') if url == cur_url: m = md5.new() m.update(content) session()['captcha_ok_for'] = m.hexdigest() return 'ok' #Only one guess if cur_url: del session()['captcha_current_url'] return 'error'
def fixFilename(self, action, new_name): ns = amiweb.session()['upload_ns'] if action == 'change': if model.Files.countFilesWithFilename(new_name): ns['filename'] = filename ns['new_filename'] = model.Files.newFilename(filename) return render( "skeletonz/plugins/upload/view/upload_already_found.tmpl", ns) ns['filename'] = new_name #Else let is stay the same del amiweb.session()['upload_ns'] return self.uploadComplete(ns)
def deleteFile(self, file_id, ftype, linkonly=0): ident = model.Files.deleteFileById(file_id) page_obj = CMSModel.Pages.getPageById( amiweb.session()['current_page_id']) AmiCache.expireCurrentPage() return self.getEditHTML(ftype, ident, linkonly)
def getCaptchaHTML(self): matches = self._getPictures('birds', 5) cats = self._getPictures('cats', 1) session()['captcha_current_url'] = cats[0] matches.extend(cats) random.shuffle(matches) form_html = [] form_html.append('<form><table>') li_item = '<td><input type="radio" name="c_match" value="%s" id="%s" />'\ '<label for="%s"><img src="%s" /></label></td>' for i in range(0, len(matches), 2): img_1 = matches[i] img_2 = matches[i+1] form_html.append('<tr>') id = 'item_%s' % i id2 = 'item_%s' % (i+1) form_html.append(li_item % (img_1, id, id, img_1)) form_html.append(li_item % (img_2, id2, id2, img_2)) form_html.append('</tr>') form_html.append('</table></form>') return ' '.join(form_html)
def uploadFile(self, file, ident, ftype, id=0, linkonly=0): bdata = "" for l in file.file.readlines(): bdata += l filename = file.filename.split("\\") filename = filename[-1:][0] ns = { 'site': self, 'BASE_URL': getConfig().BASE_URL, 'ident': ident, 'id': id, 'filename': filename, 'ident_id': makeLinkAble(ident), 'linkonly': linkonly, 'ftype': ftype } ns['data'] = bdata if model.Files.countFilesWithFilename(filename): ns['new_filename'] = model.Files.newFilename(filename) amiweb.session()['upload_ns'] = ns return render( "skeletonz/plugins/upload/view/upload_already_found.tmpl", ns) return self.uploadComplete(ns)
def updateBlogXML(ident): from plugin import GENERIC_POST_LINK rss_file = "blog_%s.xml" % converters.makeLinkAble(ident) rss_items = [] page_obj = CMSModel.Pages.getPageById(amiweb.session().get( 'current_page_id', 1)) def filterContent(text): return getFormatManager().htmlFormat(text, False, True, page_obj) for item in BlogModel.getAllPosts(ident, 10): if item.isPublished(): item_content = filterContent(item.content) link = "%s/%s" % (getConfig().BASE_URL, GENERIC_POST_LINK % item.id) rss_items.append( PyRSS2Gen.RSSItem(title=item.title, link=link, guid=link, description="%s" % item_content, pubDate=item.posted)) host_page = CMSModel.Pages.getPageById( BlogModel.getBlogByIdent(ident).host_page) link = "%s/%s" % (getConfig().BASE_URL, host_page.getFullLink()) rss_obj = PyRSS2Gen.RSS2(title=ident, link=link, description="", lastBuildDate=datetime.datetime.now(), items=rss_items) getRSSManager().publish(rss_file, rss_obj)
def getCurrentUser(self): session = amiweb.session() if session.has_key('username'): user = amiweb.db().query( "select usr.*,grp.name as groupname from c4_user usr left join c4_group grp on grp.id=usr.group_id where usr.username='******'" % session['username'], as_one=True) return user else: return None
def filterContent(self, content, edit_mode, wrap_in_p, page=None): if not page: try: page = Pages.getPageById(session()['current_page_id']) except KeyError: page = Pages.getPageById(getMainPageId()) result = self.amiformat(content, edit_mode, wrap_in_p, page) result = splitter(result, page_filters.filters, page_filters.combinators, edit_mode, page) result = result.replace("[!", "[") return result
def showUpload(self, ftype, id=0, linkonly=0): file = model.Files.getFileById(id) ns = { 'site': self, 'BASE_URL': getConfig().BASE_URL, 'file': file, 'page_id': amiweb.session()['current_page_id'], 'ftype': ftype, 'linkonly': linkonly } return render("skeletonz/plugins/upload/view/upload.tmpl", ns)
def setLogin(self, username, password): login_ok = UserModel.Users.checkLogin(username, password) if login_ok: session = amiweb.session() session['logged_in'] = True session['username'] = username self.setViewEditMode("on") AmiCache.expireEditPages() page = Model.Pages.getPageById(getCurrentPage()) ns = {'template': self.template, 'full_link': page.getFullLink()} return render("skeletonz/view/whole_sites/login_ok.tmpl", ns)
def setLogout(self, id): session = amiweb.session() try: id = int(id) except: id = getCurrentPage() session['logged_in'] = False session['username'] = None AmiCache.expireEditPages() page = Model.Pages.getPageById(id) url = "%s/%s" % (BASE_URL, page.getFullLink()) raise amiweb.HTTPFound(url)
def cacheAllPages(self): if not getConfig().USE_CACHING: return False #Maybe function called from a new thread try: gb = db() except AttributeError: setUpConnection() self.expireAllPages() pages = Model.Pages.getAllPages() cur_page = getCurrentPage() for page in pages: session()['current_page_id'] = page.id self.cachePage(page) session()['current_page_id'] = cur_page return "ok"
def servePage(self, page_id, current_info): print "[Site] SiteEdit servePage: servingPage<br>" edit_mode = current_info['edit_mode'] if AmiCache.isCacheUp2Date(page_id, is_edit=edit_mode): if current_info['is_CMS_page']: amiweb.session()["current_page_id"] = page_id content = AmiCache.getValue(page_id, is_edit=edit_mode) else: content = renderView(current_info, "site_structure") AmiCache.updateCache(page_id, content, is_edit=edit_mode) page = Model.Pages.getPageById(page_id) #Append dynamic sections to this content = sections.fillSections(current_info, content, page) return content
def servePage(self, page_id, current_info): #print "[Site] Site servePage:<br>" if page_id and AmiCache.isCacheUp2Date(page_id): #print "[Site] Site servePage: pulling page from session<br>" if current_info['is_CMS_page']: amiweb.session()["current_page_id"] = page_id content = AmiCache.getValue(page_id) else: #print "[Site] Site servePage: loading & rendering page and putting in session<br>" content = renderView(current_info, "site_structure") page = Model.Pages.getPageById(page_id) #Append sections to this content = sections.fillSections(current_info, content, page) AmiCache.updateCache(page_id, content) return content
def add(self, ident, title, content, labels, posted=None): user = amiweb.session().get('username', 'none') if not posted: posted = datetime.datetime.now() blog = self.getBlogByIdent(ident) if not blog: blog = self.addBlog(ident) db().insert('plugin_blog_post', blog_id=blog.id, title=title, content=content, author=user, posted=str(posted), labels=labels) updateBlogXML(ident)
def checkPagePremission(self, page_id): try: session = amiweb.session() except: return False if CHECK_LOGIN == False: return True try: username = session.get('username', None) except: username = None if username == None: return False #Get page page = Model.Pages.getPageById(page_id) if page == None: return False if page.premission_type == "Every user": #Every user can edit return True if username == ADMIN_USERNAME or UserModel.Users.isAdmin(username): return True elif page.premission_type == "user": #Check if it's this user if username == page.premission_value: return True elif page.premission_type == "group": #Check if the group is there, if it's not reset it if UserModel.Groups.getGroupByName(page.premission_value) == None: Pages.resetPremissions(page.id) return False #Check if the user is in this group if UserModel.Groups.isInGroup(page.premission_value, username): return True return False
def registerUpdate(self, page_id, text): #Register only if there is something new l_log = self.getLatestLog(page_id) if l_log and l_log.text.__hash__() == text.__hash__(): return user = session()['username'] #Select the current revision revision = db().select('pagelog', page_id=page_id, order_by='revision') if len(revision) == 0: revision = 1 else: revision = revision[-1].revision + 1 time = "%s" % datetime.datetime.now() db().insert('pagelog', edited_by=user, page_id=page_id, text=text, revision=revision, time_of_edit=time)
def uploadFile(self, ident, filename, ftype, data, parent_id=None): os_filename = os.path.abspath("%s/%s" % (self._getFullPath(), filename)) fp = open(os_filename, "wb") fp.write(data) fp.close() if not parent_id: parent_id = session()['current_page_id'] if self.notCreated(filename): id = db().insert("file", ident=ident, filename=filename, type=ftype, parent_id=parent_id) else: db().delete('file', filename=filename, type=ftype) id = db().insert("file", ident=ident, filename=filename, type=ftype, parent_id=parent_id) return self.getFileById(id)
def changePremission(self, page_id, type, value): username = amiweb.session()['username'] if username == ADMIN_USERNAME or UserModel.Users.isAdmin(username): Model.Pages.changePagePremissions(page_id, type, value) return "ok"
def renderView(current_info, template_file): """ The function that renders the whole page. Used by both Site and SiteEdit. """ #print current_info['is_CMS_page'] #print "was CMS page?" if current_info['is_CMS_page']: amiweb.session().SessFact["current_page_id"] = current_info['page_id'] #print current_info['page_id'] #print "was page id?" getFormatManager().resetPagePlugins() template_obj = current_info['template'] page_obj = current_info['page_obj'] if template_obj is None: print "[Site]renderView:template deal is None" else: print "[Site]renderView:template has value" #print "[Site]renderView:printing type(template_obj)" #print type(template_obj) #print "<br>" header = template_obj.getHeader() #print "<br>[Site]renderView:after GetHeader<br>" content = template_obj.getContent() #print "<br>[Site]renderView:after GetContent<br>" footer = template_obj.getFooter() #print "<br>[Site]renderView:after GetFooter<br>" #Get page obj menu = Model.Menus.getStandardMenu() #print "<br>[Site]renderView:after Model.Menus.getStandardMenu<br>" if page_obj.hidden == 1 and not current_info['logged_in']: return """This page is hidden (isn't published yet). <br /> <a href="%s/">Return to homepage</a>""" % BASE_URL #print "<br>[Site]renderView:after page_obj.hidden<br>" #Set site information header.setPage(page_obj) #print "<br>[Site]renderView:after setPage(page_obj)<br>" root_parent = page_obj.getRootParent() current_item = menu.getPageItem(root_parent.id) #print "<br>[Site]renderView:after current_item set<br>" header.setBodyClass(current_item.getClass()) content.setBodyClass(current_item.getClass()) #print "<br>[Site]renderView:after setBodyClass<br>" content.setPage(page_obj) can_edit = current_info['edit_permission'] #print "<br>[Site]renderView:after can_edit<br>" header.setEditMode(can_edit) content.setEditPermission(can_edit) content.setEditMode(can_edit) menu_tmpl = template_obj.getMenu() footer.setPage(page_obj) #We want to generate content, before we call plugins if current_info['edit_mode']: page_obj.generateContentEdit() else: page_obj.generateContent() #Let plugins alter template #print "<br>[Site]renderView:before plugin for loop <br>" #plugins for now for plugin in getPlugins(): plugin = plugin['module'] #print "<br>[Site]renderView: in plugin for loop <br>" try: if current_info['edit_mode']: plugin.addToSiteEditTemplate(template_obj, False) else: plugin.addToSiteTemplate(template_obj, False) except NotImplementedError: pass #print "<br>[Site]renderView:before ns stuffs <br>" ns = { 'template': template_obj, 'page_obj': page_obj, 'edit_mode': current_info['edit_mode'] } #print "<br>[Site]renderView:before final render <br>" rendered = render( "templates/%s/view/%s.tmpl" % (template_obj.getName(), template_file), ns) #print "<br>[Site]renderView:before final return rendered <br>" return rendered
def getViewEditMode(self): #amiweb.session().get("view_edit_mode", "on") amiweb.session().SessFact['view_edit_mode'] = 'on' return amiweb.session().SessFact['view_edit_mode']
def addBlog(self, ident): host_page = amiweb.session()['current_page_id'] db().insert('plugin_blog', ident=ident, host_page=host_page) return self.getBlogByIdent(ident)
def expireCurrentPage(self): if not getConfig().USE_CACHING: return False page_id = session()['current_page_id'] self.expireCache(page_id)
def isLoggedIn(self): try: return amiweb.session().get('logged_in', False) except: return False
def setViewEditMode(self, value): amiweb.session()['view_edit_mode'] = value AmiCache.expireEditPages()
def isAdmin(self): if not self.isLoggedIn(): return False username = amiweb.session()['username'] return UserModel.Users.isAdmin(username) or username == ADMIN_USERNAME
def getCurrentPage(): amiweb.session().SessFact['current_page_id'] = getMainPageId() return int(amiweb.session().SessFact['current_page_id'])