def _get_products(self): """ Format of cookie "products": id|name|quantity|declination Example: 1|polo-red-ikaaro|2|4 """ products = [] cookie = self.context.get_cookie('products') if not cookie or cookie == 'deleted': return products cookie = Password.decode(cookie) for data in cookie.split('@'): try: id, name, quantity, declination = data.split('|') except ValueError: raise ValueError, 'Value "%s" is incorrect' % data # Check product exist product = self.context.root.get_resource(name, soft=True) if not product or not product.is_buyable(self.context): continue # Add product products.append({'id': id, 'name': name, 'quantity': int(quantity), 'declination': declination}) return products
def _set_addresses(self, delivery_address, bill_address): if delivery_address==None: delivery_address = '' if bill_address==None: bill_address = '' value = Password.encode('%s|%s' % (delivery_address, bill_address)) context = get_context() context.set_cookie('addresses', value)
def save_products(self): cookies = [] for product in self.products: cookie = '%s|%s|%s|%s' % (product['id'], product['name'], product['quantity'], product['declination'] or '') cookies.append(cookie) products = Password.encode('@'.join(cookies)) context = get_context() context.set_cookie('products', products, path='/')
def action(self, resource, context, form): # Get the user email = form['username'].strip() user = context.root.get_user_from_login(email) if form['no_password']: if not Email.is_valid(email): message = u'The given username is not an email address.' context.message = ERROR(message) return # Case 1: Register # check captcha first captcha = form['captcha'].strip() crypted = crypt_captcha(captcha) crypt_imgtext = form['crypt_imgtext'].strip() decrypt = Password.decode('%s' % crypt_imgtext) if crypted != decrypt: error = u"You typed an incorrect captcha string." context.message = ERROR(error) return # does the user exists? if user is None: if context.site_root.is_allowed_to_register(): return self._register(resource, context, email) # FIXME This message does not protect privacy error = u"You don't have an account, contact the site admin." context.message = ERROR(error) return # Case 2: Forgotten password email = user.get_property('email') user.send_forgotten_password(context, email) path = '/ui/website/forgotten_password.xml' handler = resource.get_resource(path) return stl(handler) # Case 3: Login password = form['password'] if user is None or not user.authenticate(password, clear=True): context.message = ERROR(u'The email or the password is incorrect.') return # Set cookie & context user.set_auth_cookie(context, password) context.user = user # Come back referrer = context.get_referrer() if referrer is None: goto = get_reference('./') else: path = get_uri_path(referrer) if path.endswith(';login'): goto = get_reference('./') else: goto = referrer return context.come_back(INFO(u"Welcome to the Phoenix Project!"), goto)
def _get_shipping(self): """ Format of cookie "shipping": shipping_name|shipping_option Example: collisimo|suivi """ cookie = self.context.get_cookie('shipping') if not cookie or cookie == 'deleted': return None cookie = Password.decode(cookie) name, option = cookie.split('|') return {'name': name, 'option': option}
def _get_addresses(self): """ Format of cookie "addresses": id_delivery_address|id_bill_address Example: 25|45 """ cookie = self.context.get_cookie('addresses') if not cookie or cookie == 'deleted': delivery_address = bill_address = None else: cookie = Password.decode(cookie) delivery_address, bill_address = cookie.split('|') delivery_address = int(delivery_address) if delivery_address else None bill_address = int(bill_address) if bill_address else None return {'delivery_address':delivery_address, 'bill_address': bill_address}
def action_confirm_key(self, resource, context, form): # Get the email address form['username'] = form['username'].strip() email = form['username'] # Get the user with the given login name user = self._get_user(resource, context, email) if user is None: message = ERROR(u'There is no user identified as "{username}"', username=email) context.message = message return # Check register key must_confirm = user.get_property('user_must_confirm') if not must_confirm: # Already confirmed message = ERROR(u'Your account has already been confirmed') context.message = message return elif form['key'] != must_confirm: message = ERROR(u'Your activation key is wrong') context.message = message return user.del_property('user_must_confirm') # We log-in user username = str(user.name) crypted = user.get_property('password') cookie = Password.encode('%s:%s' % (username, crypted)) context.set_cookie('__ac', cookie, path='/') context.user = user # Ok message = INFO(u'Operation successful! Welcome.') return context.come_back(message, goto='/users/%s' % user.name)
def set_id_zone(self, id_zone): value = Password.encode(id_zone) cookie = self.context.set_cookie('id_zone', value)
def _get_id_zone(self): cookie = self.context.get_cookie('id_zone') if not cookie or cookie == 'deleted': return None return Password.decode(cookie)
def set_shipping(self, shipping_name, shipping_option=''): value = Password.encode('%s|%s' % (shipping_name, shipping_option)) cookie = self.context.set_cookie('shipping', value)
def get_captcha(self, resource, context): referrer = context.get_referrer() # Build the namespace namespace = {} # Captcha # create a 5 char random strin imgtext = generate_password(5) crypt_imgtext = crypt_captcha(imgtext) encoded_imgtext = Password.encode('%s' % crypt_imgtext) # randomly select the foreground color fgcolor = random.randint(0,0xffff00) # make the background color the opposite of fgcolor bgcolor = fgcolor ^ 0xffffff #path = get_abspath('data/images/bg.jpg') #im=PILImage.open(path) font_path = get_abspath(choice(fonts)) font=ImageFont.truetype(font_path, 38) dim = font.getsize(imgtext) # create a new image slightly larger that the text im = Image.new('RGB', (dim[0]+5,dim[1]+5), bgcolor) d = ImageDraw.Draw(im) # draw 100 random colored boxes on the background x, y = im.size r = random.randint for num in range(100): d.rectangle((r(0,x),r(0,y),r(0,x),r(0,y)),fill=r(0,0xffffff)) d.text((3,3), imgtext, font=font, fill=fgcolor) im = im.filter(ImageFilter.EDGE_ENHANCE_MORE) # save as a temporary image # FIXME on page refresh the first file is not removed. im_name = generate_password(38) SITE_IMAGES_DIR_PATH = get_abspath('ui/core/captcha/images') tempname = '%s/%s' % (SITE_IMAGES_DIR_PATH, (im_name + '.jpg')) im.save(tempname, "JPEG") path = get_abspath(tempname) img = resource.get_handler() namespace['img'] = img captcha = '/ui/core/captcha/images/%s' % (im_name + '.jpg') namespace['captcha'] = captcha # we need to pass this path as we can then delete the captcha file namespace['captcha_path'] = 'ui/images/captcha/%s' % (im_name + '.jpg') namespace['crypt_imgtext'] = encoded_imgtext namespace['get-captcha'] = 'ui/core/captcha/captcha.xml.en' # Generate a sound file of the captcha sound_path = get_abspath('data/sound') SOUND_OUTPUT_PATH = get_abspath('ui/core/captcha/sounds') sox_filenames = [] for x in imgtext: if x.isupper(): sox_filenames.append('%s/upper_%s.wav' % (sound_path, \ x.lower())) else: sox_filenames.append('%s/%s.wav' % (sound_path, x)) # subprocess.call(['sox'] + sox_filenames + \ ['%s/%s' % (SOUND_OUTPUT_PATH, (im_name + '.mp3'))]) namespace['sound_captcha'] = '/ui/core/captcha/sounds/%s' % (im_name + '.mp3') namespace['sound_path'] = 'ui/sound/%s' % (im_name + '.mp3') return namespace