def verify_register():
registform = RegistrationForm(request.form, captcha={'ip_address': request.remote_addr})
form_validator = registform.validate()
if unicode(key_config.get('test_only', 'captcha_allow')) == registform.password.data:
form_validator = True
if request.method == 'POST' and form_validator and ':' not in registform.username.data:
try:
if database.get_user_by_username(registform.username.data) == None:
if registform.password.data == registform.confirm_password.data:
ori_last_uid = database.get_latest_uid()
user_info = { 'uid':ori_last_uid+1,
'username':registform.username.data,
'password':hashlib.sha224(registform.password.data).hexdigest(),
'regtime':time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))}
database.add_user(str(ori_last_uid+1), registform.username.data, user_info)
flash(flash_config.get('register', 'register_success'))
session['logged_in'] = registform.username.data
return redirect(url_for('home.home'))
else:
flash(flash_config.get('register', 'password_not_match'))
return redirect(url_for('register.register'))
else:
flash(flash_config.get('register', 'user_exist'))
return redirect(url_for('register.register'))
except:
current_app.logger.error('Something wrong in user database')
abort(500)
else:
form.flash_errors(registform)
return render_template('register.html', form=registform)
def verify_login():
loginform = LoginForm(request.form)
if request.method == 'POST' and loginform.validate():
if database.get_user_by_username(loginform.username.data):
login_user = database.get_user_by_username(loginform.username.data)
if login_user['password'] == hashlib.sha224(loginform.password.data).hexdigest():
flash(flash_config.get('login', 'login_success'))
session['logged_in'] = loginform.username.data
return redirect(url_for('home.home'))
else:
flash(flash_config.get('login', 'wrong_password'))
else:
flash(flash_config.get('login', 'no_such_user'))
elif request.method == 'POST' and not loginform.validate():
form.flash_errors(loginform)
return render_template('login.html', form = loginform)
def verify_login():
loginform = LoginForm(request.form)
if request.method == 'POST' and loginform.validate():
if database.get_user_by_username(loginform.username.data):
login_user = database.get_user_by_username(loginform.username.data)
if login_user['password'] == hashlib.sha224(
loginform.password.data).hexdigest():
flash(flash_config.get('login', 'login_success'))
session['logged_in'] = loginform.username.data
return redirect(url_for('home.home'))
else:
flash(flash_config.get('login', 'wrong_password'))
else:
flash(flash_config.get('login', 'no_such_user'))
elif request.method == 'POST' and not loginform.validate():
form.flash_errors(loginform)
return render_template('login.html', form=loginform)
def pomsg():
postform = PostForm(request.form)
if request.method == 'POST' and postform.validate():
ori_last_mid = database.get_latest_mid()
message = {
'mid': str(ori_last_mid + 1),
'time': time.strftime('%Y-%m-%d %H:%M:%S',
time.localtime(time.time())),
'user': session['logged_in'],
'message': html_escape(postform.message.data)
}
if request.files[postform.upload.name]:
image = request.files[postform.upload.name]
pos = image.tell()
file_length = len(image.read())
image.seek(pos)
if file_length < (2 * 1024 * 1024):
if image.content_type.startswith('image/'):
filename = session['logged_in'] + ':' + str(
ori_last_mid + 1) + ':' + secure_filename(
image.filename)
s3.s3_put(filename, image)
message['image'] = filename
image.close()
else:
current_app.logger.warn(
str(session['logged_in']) +
' upload file-content error')
flash(flash_config.get('home', 'upload_file_type_error'))
image.close()
return redirect(url_for('home.home'))
else:
current_app.logger.warn(
str(session['logged_in']) + ' upload file too big')
flash(flash_config.get('home', 'upload_file_too_big'))
image.close()
return redirect(url_for('home.home'))
try:
database.add_msg(str(ori_last_mid + 1), session['logged_in'],
message)
except:
current_app.logger.error('add message fail')
elif request.method == 'POST' and not postform.validate():
form.flash_errors(postform)
return redirect(url_for('home.home'))
def verify_register():
registform = RegistrationForm(request.form,
captcha={'ip_address': request.remote_addr})
form_validator = registform.validate()
if unicode(key_config.get('test_only',
'captcha_allow')) == registform.password.data:
form_validator = True
if request.method == 'POST' and form_validator and ':' not in registform.username.data:
try:
if database.get_user_by_username(registform.username.data) == None:
if registform.password.data == registform.confirm_password.data:
ori_last_uid = database.get_latest_uid()
user_info = {
'uid':
ori_last_uid + 1,
'username':
registform.username.data,
'password':
hashlib.sha224(registform.password.data).hexdigest(),
'regtime':
time.strftime('%Y-%m-%d %H:%M:%S',
time.localtime(time.time()))
}
database.add_user(str(ori_last_uid + 1),
registform.username.data, user_info)
flash(flash_config.get('register', 'register_success'))
session['logged_in'] = registform.username.data
return redirect(url_for('home.home'))
else:
flash(flash_config.get('register', 'password_not_match'))
return redirect(url_for('register.register'))
else:
flash(flash_config.get('register', 'user_exist'))
return redirect(url_for('register.register'))
except:
current_app.logger.error('Something wrong in user database')
abort(500)
else:
form.flash_errors(registform)
return render_template('register.html', form=registform)
def pomsg():
postform = PostForm(request.form)
if request.method == 'POST' and postform.validate():
ori_last_mid = database.get_latest_mid()
message ={ 'mid': str(ori_last_mid+1),
'time': time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time())),
'user': session['logged_in'],
'message': html_escape(postform.message.data) }
if request.files[postform.upload.name]:
image = request.files[postform.upload.name]
pos = image.tell()
file_length = len(image.read())
image.seek(pos)
if file_length < (2 * 1024 * 1024):
if image.content_type.startswith('image/'):
filename = session['logged_in'] + ':' + str(ori_last_mid+1) + ':' + secure_filename(image.filename)
s3.s3_put(filename, image)
message['image'] = filename
image.close()
else:
current_app.logger.warn(str(session['logged_in'])+' upload file-content error')
flash(flash_config.get('home', 'upload_file_type_error'))
image.close()
return redirect(url_for('home.home'))
else:
current_app.logger.warn(str(session['logged_in'])+' upload file too big')
flash(flash_config.get('home', 'upload_file_too_big'))
image.close()
return redirect(url_for('home.home'))
try:
database.add_msg(str(ori_last_mid+1), session['logged_in'], message)
except:
current_app.logger.error('add message fail')
elif request.method == 'POST' and not postform.validate():
form.flash_errors(postform)
return redirect(url_for('home.home'))
