def run(environ): status = '200 OK' headers = [] responseBody = html.getHead(title='Se connecter') path = environ['module_path'] if path == '': responseBody += u""" <form action="submit.htm" method="POST"> <table> <tr> <td><label for="name">Nom :</label></td> <td><input type="text" id="name" name="name" /></td> </tr> <tr> <td><label for="passwd">Mot de passe :</label></td> <td> <input type="password" id="passwd" name="passwd" /> </td> </tr> <tr> <td colspan="2"> <input type="submit" value="Se connecter" /> </td> </tr> </table> </form>""" elif path == 'submit.htm': data = parsers.http_query(environ, 'POST') assert all((key in data) for key in ('name', 'passwd')) currentUser = user.User(data['name'], hashlib.md5(data['passwd']).hexdigest()) def getCookie(name, value): return cookie.Cookie(name=name, value=value, expires=2592000, path='/') nameCookie = getCookie('name', currentUser.name) passwdCookie = getCookie('passwdhash', currentUser.passwdhash) headers.append(('Set-Cookie', str(nameCookie))) headers.append(('Set-Cookie', str(passwdCookie))) headers.append(('Location', '/')) status = '302 Found' responseBody += 'Bienvenue %s !' % str(nameCookie.value) else: raise exceptions.Error404() responseBody += html.getFoot() return status, headers, responseBody
def run(environ): status = "200 OK" headers = [] path = environ["module_path"] responseBody = html.getHead(title="Soumission d'un torrent") if path == "": categoriesHtml = "" categories = db.conn.cursor() categories.execute("SELECT c_id, name FROM categories") for category in categories: categoriesHtml += '<option value="%s">%s</option>' % (category[0], category[1]) responseBody += form % {"categories": categoriesHtml} responseBody += html.getFoot() elif path == "submit.htm": data = parsers.http_query(environ, "POST") assert all( (key in data) for key in ("name", "license", "url", "description", "category", "audio", "video", "file", "icon") ) else: raise exceptions.Error404() return status, headers, responseBody
def run(environ): status = '200 OK' headers = [] responseBody = html.getHead(title=u'Créer un compte') path = environ['module_path'] if path == '': responseBody += u""" <form action="submit.htm" method="POST"> <table> <tr> <td><label for="name">Nom :</label></td> <td><input type="text" id="name" name="name" /></td> </tr> <tr> <td><label for="passwd1">Mot de passe :</label></td> <td> <input type="password" id="passwd1" name="passwd1" /> </td> </tr> <tr> <td><label for="passwd2"> Mot de passe (confirmation) : </label></td> <td> <input type="password" id="passwd2" name="passwd2" /> </td> </tr> <tr> <td><label for="email">Adresse de courriel :</label></td> <td><input type="text" id="email" name="email" /></td> </tr> <tr> <td colspan="2"> <input type="submit" value="S'inscrire" /> </td> </tr> </table> </form>""" elif path == 'submit.htm': data = parsers.http_query(environ, 'POST') assert all((key in data) for key in ('name', 'passwd1', 'passwd2', 'email')) cursor = db.conn.cursor() cursor.execute("SELECT name FROM users WHERE name=%s", (data['name'],)) row = cursor.fetchone() anyError = False if row is not None: responseBody += u"""<p>Il y a déjà un utilisateur ayant ce nom. Veuillez en choisir un autre.</p>""" anyError = True if data['passwd1'] != data['passwd2']: responseBody += u"""<p>Le mot de passe et sa confirmation ne sont pas identiques.</p>""" anyError = True if not testName.match(data['name']): responseBody += u"""<p>Le nom d'utilisateur est incorrect. Taille : de 2 à 36, et ne peux contenir que des caractères alphanumériques, des underscores et des tirets.</p>""" anyError = True if not testEmail.match(data['email']): responseBody += u"""<p>L'adresse de courriel est invalide.</p>""" anyError = True if not anyError: ##DB#users cursor.execute("""INSERT INTO users VALUES (NULL,%s,%s,%s,'','','')""", ( data['name'], hashlib.md5(data['passwd1']).hexdigest(), data['email'])) db.conn.commit() responseBody += u"""Votre compte a été créé.""" else: raise exceptions.Error404() responseBody += html.getFoot() return status, headers, responseBody
def run(environ): status = '200 OK' headers = [] path = environ['module_path'] if path == '': forums = db.conn.cursor() forums.execute("SELECT f_id, name, description FROM forums;") responseBody = html.getHead(title='Liste des forums') forumRows = '' for forum in forums: lastMessage = db.conn.cursor() lastMessage.execute("""SELECT messages.m_id, topics.t_id, topics.title, users.name FROM messages, topics, users WHERE f_id=%s AND topics.t_id=messages.t_id AND users.u_id=messages.u_id ORDER BY messages.last_update DESC LIMIT 0,1;""", (forum[0],)) lastMessage = lastMessage.fetchone() if lastMessage is None: lastMessage = 'aucun' else: lastMessage = lastForumMessageTemplate % \ {'url': getTopicUrl(lastMessage[1]), 'msg_id': lastMessage[0], 'topic_name': lastMessage[2], 'user_name': lastMessage[3]} if user.currentUser.id != 0: topics = db.conn.cursor() topics.execute("SELECT t_id FROM topics WHERE f_id=%s", (forum[0],)) notRead = 0 for topic in topics: lastRead = db.conn.cursor() lastRead.execute(""" SELECT time FROM last_read WHERE u_id=%s AND t_id=%s""", (user.currentUser.id, topic[0])) if lastRead.rowcount == 0: lastRead = 0 else: lastRead = lastRead.fetchone()[0] counter = db.conn.cursor() counter.execute(""" SELECT COUNT(*) FROM messages WHERE t_id=%s AND UNIX_TIMESTAMP(last_update)>%s""", (topic[0], lastRead)) row = counter.fetchone() notRead += row[0] else: notRead = 0 if notRead == 0: prefix = 'no' else: prefix = '' forumRow = forumRowTemplate % \ {'newmsg_prefix': prefix, 'newmsg': notRead, 'url': getForumUrl(forum[0]), 'forum_name': forum[1], 'forum_desc': forum[2], 'topics': getForumTopicsCount(forum[0]), 'posts': getForumPostsCount(forum[0]), 'lastmessage': lastMessage} forumRows += forumRow responseBody += forumsListTemplate % forumRows responseBody += html.getFoot() return status, headers, responseBody parsed = forumMatch.match(path) if parsed is not None: f_id = parsed.group('f_id') forum = db.conn.cursor() forum.execute("SELECT name FROM forums WHERE f_id = %s", f_id) if forum.rowcount < 1: raise exceptions.Error404() forum = forum.fetchone() responseBody = html.getHead(title=u"%s (forum)" % forum[0]) topicRows = u'' topics = db.conn.cursor() topics.execute("SELECT t_id, title FROM topics WHERE f_id=%s", (f_id,)) for topic in topics: lastMessage = db.conn.cursor() lastMessage.execute("""SELECT messages.m_id, users.name FROM messages, users WHERE t_id=%s AND users.u_id=messages.u_id ORDER BY messages.last_update DESC LIMIT 0,1;""", (topic[0],)) lastMessage = lastMessage.fetchone() if lastMessage is None: lastMessage = 'aucun' else: lastMessage = lastTopicMessageTemplate % \ {'url': getTopicUrl(topic[0]), 'msg_id': lastMessage[0], 'user_name': lastMessage[1]} if user.currentUser.id != 0: lastRead = db.conn.cursor() lastRead.execute(""" SELECT time FROM last_read WHERE t_id=%s AND last_read.u_id=%s""", (topic[0], user.currentUser.id)) row = lastRead.fetchone() if row is None: lastRead = 0 else: lastRead = row[0] notRead = db.conn.cursor() notRead.execute(""" SELECT COUNT(*) FROM messages WHERE UNIX_TIMESTAMP(last_update)>%s AND t_id=%s""", (lastRead,topic[0])) notRead = notRead.fetchone()[0] else: notRead = 0 if notRead == 0: prefix = 'no' else: prefix = '' topicRow = topicRowTemplate % \ {'newmsg_prefix': prefix, 'newmsg': notRead, 'url': getTopicUrl(topic[0]), 'topic_name': topic[1], 'posts': getTopicPostsCount(topic[0]), 'lastmessage': lastMessage} topicRows += topicRow responseBody += topicsListTemplate % (forum[0], topicRows) responseBody += html.getFoot() return status, headers, responseBody parsed = topicMatch.match(path) if parsed is not None: f_id = parsed.group('f_id') t_id = parsed.group('t_id') topic = db.conn.cursor() topic.execute("SELECT title FROM topics WHERE t_id=%s", (t_id,)) if topic.rowcount == 0: raise exceptions.Error404() topic = topic.fetchone() updateLastRead = db.conn.cursor() args = (t_id, user.currentUser.id) updateLastRead.execute(""" DELETE FROM last_read WHERE t_id=%s AND u_id=%s""", args) updateLastRead.execute("INSERT INTO last_read VALUES(%s, %s, %s)", args + (time.time(),)) messages = db.conn.cursor() messages.execute(""" SELECT m_id, content, created_on, users.u_id, users.name, avatar FROM messages INNER JOIN users USING (u_id) WHERE t_id=%s""", (t_id,)) responseBody = html.getHead(title=u"%s (sujet)" % topic[0]) messageRows = u'' for message in messages: def getAvatarHtml(avatarUrl): if avatarUrl != '': return '<img src="%s" alt="avatar" />' % avatarUrl else: return '' messageRow = messageRowTemplate % \ {'user_url': '/users/%s/' % message[4], 'user_name': message[4], 'avatar': getAvatarHtml(message[5]), 'message_content': render.forum(message[1]), 'id': message[0]} messageRows += messageRow responseBody += topicBodyTemplate % (topic[0], messageRows) responseBody += html.getFoot() return status, headers, responseBody parsed = newTopicMatch.match(path) if parsed is not None: f_id = parsed.group('f_id') responseBody = html.getHead(title='Nouveau sujet') if user.currentUser.id == 0: responseBody += notAllowedTemplate elif path.endswith('submit.htm'): data = parsers.http_query(environ, 'POST') assert all((key in data) for key in ('title', 'content')) cursor = db.conn.cursor() cursor.execute("SELECT COUNT(*) FROM forums WHERE f_id=%s", (f_id,)) try: assert cursor.fetchone()[0] == 1 cursor.execute("INSERT INTO topics VALUES('', %s, %s)", (f_id, data['title'])) cursor.execute(""" INSERT INTO messages VALUES('', %s, %s, %s, CURRENT_TIMESTAMP, '')""", (cursor.lastrowid,user.currentUser.id,data['content'])) responseBody += u"<p>Le sujet a été créé avec succès.</p>" status = '302 Found' headers.append(('Location', '../')) except Exception, e: print repr(e) responseBody += failedSubmitionTemplate % \ {'content': data['content']} else: responseBody += newTopicTemplate responseBody += html.getFoot() return status, headers, responseBody
except Exception, e: print repr(e) responseBody += failedSubmitionTemplate % \ {'content': data['content']} else: responseBody += newTopicTemplate responseBody += html.getFoot() return status, headers, responseBody parsed = newMessageMatch.match(path) if parsed is not None: t_id = parsed.group('t_id') responseBody = html.getHead(title=u'Réponse au sujet') if user.currentUser.id == 0: responseBody += notAllowedTemplate elif path.endswith('submit.htm'): data = parsers.http_query(environ, 'POST') assert all((key in data) for key in ('content')) cursor = db.conn.cursor() cursor.execute("SELECT COUNT(*) FROM topics WHERE t_id=%s", (f_id,)) try: assert cursor.fetchone()[0] == 1 cursor.execute(""" INSERT INTO messages VALUES('', %s, %s, %s, CURRENT_TIMESTAMP, '')""", (t_id, user.currentUser.id, data['content'])) responseBody += u"<p>La réponse a été envoyée avec succès.</p>" status = '302 Found' headers.append(('Location', '../')) except Exception, e: print repr(e) responseBody += failedSubmitionTemplate % \