Example #1
0
def shouts_(request):
    form = request.web_input(userid="", name="", backid=None, nextid=None)
    form.name = request.matchdict.get('name', form.name)
    form.userid = define.get_int(form.userid)

    otherid = profile.resolve(request.userid, form.userid, form.name)

    if not otherid:
        raise WeasylError("userRecordMissing")
    elif not request.userid and "h" in define.get_config(otherid):
        return Response(define.errorpage(request.userid, errorcode.no_guest_access))

    userprofile = profile.select_profile(otherid, images=True, viewer=request.userid)
    has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
    page_title = u"%s's shouts" % (userprofile['full_name'] if has_fullname else userprofile['username'],)
    page = define.common_page_start(request.userid, title=page_title)

    page.append(define.render('user/shouts.html', [
        # Profile information
        userprofile,
        # User information
        profile.select_userinfo(otherid, config=userprofile['config']),
        # Relationship
        profile.select_relation(request.userid, otherid),
        # Myself
        profile.select_myself(request.userid),
        # Comments
        shout.select(request.userid, ownerid=otherid),
        # Feature
        "shouts",
    ]))

    return Response(define.common_page_end(request.userid, page))
Example #2
0
def request(form):
    token = security.generate_key(100)
    email = emailer.normalize_address(form.email)

    # Determine the user associated with `username`; if the user is not found,
    # raise an exception
    user_id = d.engine.scalar("""
        SELECT userid FROM login WHERE email = %(email)s
    """,
                              email=email)

    # If `user_id` exists, then the supplied email was valid; if not valid, do nothing, raising
    #   no errors for plausible deniability of email existence
    if user_id:
        # Insert a record into the forgotpassword table for the user,
        # or update an existing one
        now = d.get_time()
        address = d.get_address()

        d.engine.execute("""
            INSERT INTO forgotpassword (userid, token, set_time, address)
            VALUES (%(id)s, %(token)s, %(time)s, %(address)s)
            ON CONFLICT (userid) DO UPDATE SET
                token = %(token)s,
                set_time = %(time)s,
                address = %(address)s
        """,
                         id=user_id,
                         token=token,
                         time=now,
                         address=address)

        # Generate and send an email to the user containing a password reset link
        emailer.append([email], None, "Weasyl Password Recovery",
                       d.render("email/reset_password.html", [token]))
Example #3
0
def index_(request):
    page = define.common_page_start(request.userid,
                                    title="Home",
                                    canonical_url="/")
    page.append(
        define.render("etc/index.html", index.template_fields(request.userid)))
    return Response(define.common_page_end(request.userid, page))
Example #4
0
    def GET(self, charid=""):
        form = web.input(charid="", ignore="", anyway="")

        rating = define.get_rating(self.user_id)
        charid = define.get_int(charid) if charid else define.get_int(form.charid)

        try:
            item = character.select_view(
                self.user_id, charid, rating,
                ignore=define.text_bool(form.ignore, True), anyway=form.anyway
            )
        except WeasylError as we:
            if we.value in ("UserIgnored", "TagBlocked"):
                we.errorpage_kwargs['links'] = [
                    ("View Character", "?ignore=false"),
                    ("Return to the Home Page", "/index"),
                ]
            raise

        canonical_url = "/character/%d/%s" % (charid, slug_for(item["title"]))

        page = define.common_page_start(self.user_id, canonical_url=canonical_url, title=item["title"])
        page.append(define.render('detail/character.html', [
            # Profile
            profile.select_myself(self.user_id),
            # Character detail
            item,
            # Violations
            [i for i in macro.MACRO_REPORT_VIOLATION if 2000 <= i[0] < 3000],
        ]))

        return define.common_page_end(self.user_id, page)
Example #5
0
    def GET(self, name=None):
        form = web.input(userid="")
        otherid = profile.resolve(self.user_id, define.get_int(form.userid), name)
        if not otherid:
            raise WeasylError("userRecordMissing")

        userprofile = profile.select_profile(otherid, images=True, viewer=self.user_id)
        has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
        page_title = u"%s's staff notes" % (userprofile['full_name'] if has_fullname else userprofile['username'],)
        page = define.common_page_start(self.user_id, title=page_title)

        userinfo = profile.select_userinfo(otherid, config=userprofile['config'])
        reportstats = profile.select_report_stats(otherid)
        userinfo['reportstats'] = reportstats
        userinfo['reporttotal'] = sum(reportstats.values())

        page.append(define.render(template.user_shouts, [
            # Profile information
            userprofile,
            # User information
            userinfo,
            # Relationship
            profile.select_relation(self.user_id, otherid),
            # Myself
            profile.select_myself(self.user_id),
            # Comments
            shout.select(self.user_id, ownerid=otherid, staffnotes=True),
            # Feature
            "staffnotes",
        ]))

        return define.common_page_end(self.user_id, page, now=time.time())
Example #6
0
    def GET(self, name=""):
        form = web.input(userid="", name="", backid=None, nextid=None)
        form.name = name if name else form.name
        form.userid = define.get_int(form.userid)

        config = define.get_config(self.user_id)
        rating = define.get_rating(self.user_id)
        otherid = profile.resolve(self.user_id, form.userid, form.name)

        if not otherid:
            raise WeasylError("userRecordMissing")
        elif not self.user_id and "h" in define.get_config(otherid):
            return define.errorpage(self.user_id, errorcode.no_guest_access)

        userprofile = profile.select_profile(otherid, images=True, viewer=self.user_id)
        has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
        page_title = u"%s's journals" % (userprofile['full_name'] if has_fullname else userprofile['username'],)
        page = define.common_page_start(self.user_id, title=page_title)

        page.append(define.render(template.user_journals, [
            # Profile information
            userprofile,
            # User information
            profile.select_userinfo(otherid, config=userprofile['config']),
            # Relationship
            profile.select_relation(self.user_id, otherid),
            # Journals list
            # TODO(weykent): use select_user_list
            journal.select_list(self.user_id, rating, 250, otherid=otherid, config=config),
            # Latest journal
            journal.select_latest(self.user_id, rating, otherid=otherid),
        ]))

        return define.common_page_end(self.user_id, page)
Example #7
0
def index_(request):
    page = define.common_page_start(request.userid,
                                    options=["homepage"],
                                    title="Home")
    page.append(
        define.render("etc/index.html", index.template_fields(request.userid)))
    return Response(define.common_page_end(request.userid, page))
Example #8
0
def character_(request):
    form = request.web_input(charid="", ignore="", anyway="")

    rating = define.get_rating(request.userid)
    charid = define.get_int(request.matchdict.get('charid', form.charid))

    try:
        item = character.select_view(
            request.userid, charid, rating,
            ignore=form.ignore != 'false', anyway=form.anyway
        )
    except WeasylError as we:
        if we.value in ("UserIgnored", "TagBlocked"):
            we.errorpage_kwargs['links'] = [
                ("View Character", "?ignore=false"),
                ("Return to the Home Page", "/index"),
            ]
        raise

    canonical_url = "/character/%d/%s" % (charid, slug_for(item["title"]))

    page = define.common_page_start(request.userid, canonical_url=canonical_url, title=item["title"])
    page.append(define.render('detail/character.html', [
        # Profile
        profile.select_myself(request.userid),
        # Character detail
        item,
        # Violations
        [i for i in macro.MACRO_REPORT_VIOLATION if 2000 <= i[0] < 3000],
    ]))

    return Response(define.common_page_end(request.userid, page))
Example #9
0
    def GET(self, journalid=""):
        form = web.input(journalid="", ignore="", anyway="")

        rating = define.get_rating(self.user_id)
        journalid = define.get_int(journalid) if journalid else define.get_int(form.journalid)

        try:
            item = journal.select_view(
                self.user_id, rating, journalid,
                ignore=define.text_bool(form.ignore, True), anyway=form.anyway
            )
        except WeasylError as we:
            if we.value in ("UserIgnored", "TagBlocked"):
                we.errorpage_kwargs['links'] = [
                    ("View Journal", "?ignore=false"),
                    ("Return to the Home Page", "/index"),
                ]
            raise

        canonical_url = "/journal/%d/%s" % (journalid, slug_for(item["title"]))

        page = define.common_page_start(self.user_id, options=["pager"], canonical_url=canonical_url, title=item["title"])
        page.append(define.render(template.detail_journal, [
            # Myself
            profile.select_myself(self.user_id),
            # Journal detail
            item,
            # Violations
            [i for i in macro.MACRO_REPORT_VIOLATION if 3000 <= i[0] < 4000],
        ]))

        return define.common_page_end(self.user_id, page)
Example #10
0
def request(form):
    token = security.generate_key(100)
    email = emailer.normalize_address(form.email)

    # Determine the user associated with `username`; if the user is not found,
    # raise an exception
    user_id = d.engine.scalar("""
        SELECT userid FROM login WHERE email = %(email)s
    """, email=email)

    # If `user_id` exists, then the supplied email was valid; if not valid, do nothing, raising
    #   no errors for plausible deniability of email existence
    if user_id:
        # Insert a record into the forgotpassword table for the user,
        # or update an existing one
        now = d.get_time()
        address = d.get_address()

        d.engine.execute("""
            INSERT INTO forgotpassword (userid, token, set_time, address)
            VALUES (%(id)s, %(token)s, %(time)s, %(address)s)
            ON CONFLICT (userid) DO UPDATE SET
                token = %(token)s,
                set_time = %(time)s,
                address = %(address)s
        """, id=user_id, token=token, time=now, address=address)

        # Generate and send an email to the user containing a password reset link
        emailer.append([email], None, "Weasyl Password Recovery", d.render("email/reset_password.html", [token]))
Example #11
0
def staffnotes_(request):
    form = request.web_input(userid="")
    otherid = profile.resolve(request.userid, define.get_int(form.userid), request.matchdict.get('name', None))
    if not otherid:
        raise WeasylError("userRecordMissing")

    userprofile = profile.select_profile(otherid, images=True, viewer=request.userid)
    has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
    page_title = u"%s's staff notes" % (userprofile['full_name'] if has_fullname else userprofile['username'],)
    page = define.common_page_start(request.userid, title=page_title)

    userinfo = profile.select_userinfo(otherid, config=userprofile['config'])
    reportstats = profile.select_report_stats(otherid)
    userinfo['reportstats'] = reportstats
    userinfo['reporttotal'] = sum(reportstats.values())

    page.append(define.render('user/shouts.html', [
        # Profile information
        userprofile,
        # User information
        userinfo,
        # Relationship
        profile.select_relation(request.userid, otherid),
        # Myself
        profile.select_myself(request.userid),
        # Comments
        shout.select(request.userid, ownerid=otherid, staffnotes=True),
        # Feature
        "staffnotes",
    ]))

    return Response(define.common_page_end(request.userid, page))
Example #12
0
def render_form(request,
                scopes,
                credentials,
                mobile,
                error=None,
                username='',
                password='',
                remember_me=False,
                not_me=False):
    db = d.connect()
    client = db.query(orm.OAuthConsumer).get(credentials['client_id'])
    if request.userid:
        user = db.query(orm.Login).get(request.userid)
        user_media = media.get_user_media(request.userid)
    else:
        user = user_media = None
    credentials['scopes'] = scopes
    return d.render('oauth2/authorize.html', [
        scopes,
        credentials,
        client,
        user,
        user_media,
        mobile,
        error,
        username,
        password,
        remember_me,
        not_me,
    ])
Example #13
0
def journal_(request):
    form = request.web_input(journalid="", ignore="", anyway="")

    rating = define.get_rating(request.userid)
    journalid = define.get_int(request.matchdict.get('journalid', form.journalid))

    try:
        item = journal.select_view(
            request.userid, rating, journalid,
            ignore=define.text_bool(form.ignore, True), anyway=form.anyway
        )
    except WeasylError as we:
        if we.value in ("UserIgnored", "TagBlocked"):
            we.errorpage_kwargs['links'] = [
                ("View Journal", "?ignore=false"),
                ("Return to the Home Page", "/index"),
            ]
        raise

    canonical_url = "/journal/%d/%s" % (journalid, slug_for(item["title"]))

    page = define.common_page_start(request.userid, canonical_url=canonical_url, title=item["title"])
    page.append(define.render('detail/journal.html', [
        # Myself
        profile.select_myself(request.userid),
        # Journal detail
        item,
        # Violations
        [i for i in macro.MACRO_REPORT_VIOLATION if 3000 <= i[0] < 4000],
    ]))

    return Response(define.common_page_end(request.userid, page))
Example #14
0
def vouch_(request):
    if not define.is_vouched_for(request.userid):
        raise WeasylError("vouchRequired")

    targetid = int(request.POST['targetid'])

    updated = define.engine.execute(
        "UPDATE login SET voucher = %(voucher)s WHERE userid = %(target)s AND voucher IS NULL RETURNING email",
        voucher=request.userid,
        target=targetid,
    ).first()

    target_username = define.get_display_name(targetid)

    if updated is not None:
        define._get_all_config.invalidate(targetid)
        emailer.send(updated.email, "Weasyl Account Verified",
                     define.render("email/verified.html", [target_username]))

    if target_username is None:
        assert updated is None
        raise WeasylError("Unexpected")

    raise HTTPSeeOther(location=request.route_path(
        'profile_tilde', name=define.get_sysname(target_username)))
Example #15
0
def journals_(request):
    name = request.matchdict.get('name', request.params.get('name', ''))
    userid = define.get_int(request.params.get('userid'))

    rating = define.get_rating(request.userid)
    otherid = profile.resolve(request.userid, userid, name)

    if not otherid:
        raise WeasylError("userRecordMissing")
    elif not request.userid and "h" in define.get_config(otherid):
        raise WeasylError('noGuests')

    userprofile = profile.select_profile(otherid, viewer=request.userid)
    has_fullname = userprofile[
        'full_name'] is not None and userprofile['full_name'].strip() != ''
    page_title = u"%s's journals" % (userprofile['full_name'] if has_fullname
                                     else userprofile['username'], )
    page = define.common_page_start(request.userid, title=page_title)

    page.append(
        define.render(
            'user/journals.html',
            [
                # Profile information
                userprofile,
                # User information
                profile.select_userinfo(otherid, config=userprofile['config']),
                # Relationship
                profile.select_relation(request.userid, otherid),
                # Journals list
                journal.select_list(request.userid, rating, otherid=otherid),
            ]))

    return Response(define.common_page_end(request.userid, page))
Example #16
0
    def GET(self, name=""):
        now = time.time()

        form = web.input(userid="", name="", backid=None, nextid=None)
        form.name = name if name else form.name
        form.userid = define.get_int(form.userid)

        otherid = profile.resolve(self.user_id, form.userid, form.name)

        if not otherid:
            raise WeasylError("userRecordMissing")
        elif not self.user_id and "h" in define.get_config(otherid):
            return define.errorpage(self.user_id, errorcode.no_guest_access)

        userprofile = profile.select_profile(otherid, images=True, viewer=self.user_id)
        has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
        page_title = u"%s's shouts" % (userprofile['full_name'] if has_fullname else userprofile['username'],)
        page = define.common_page_start(self.user_id, title=page_title)

        page.append(define.render(template.user_shouts, [
            # Profile information
            userprofile,
            # User information
            profile.select_userinfo(otherid, config=userprofile['config']),
            # Relationship
            profile.select_relation(self.user_id, otherid),
            # Myself
            profile.select_myself(self.user_id),
            # Comments
            shout.select(self.user_id, ownerid=otherid),
            # Feature
            "shouts",
        ]))

        return define.common_page_end(self.user_id, page, now=now)
Example #17
0
def request(form):
    token = security.generate_key(100)
    email = emailer.normalize_address(form.email)
    username = d.get_sysname(form.username)

    # Determine the user associated with `username`; if the user is not found,
    # raise an exception
    user = d.engine.execute(
        "SELECT userid, email FROM login WHERE login_name = %(username)s",
        username=username).first()

    if not user:
        raise WeasylError("loginRecordMissing")

    # Check the user's email address against the provided e-mail address,
    # raising an exception if there is a mismatch
    if email != emailer.normalize_address(user.email):
        raise WeasylError("emailInvalid")

    # Insert a record into the forgotpassword table for the user,
    # or update an existing one
    now = d.get_time()
    address = d.get_address()

    d.engine.execute("""
        INSERT INTO forgotpassword (userid, token, set_time, address)
        VALUES (%(id)s, %(token)s, %(time)s, %(address)s)
        ON CONFLICT (userid) DO UPDATE SET
            token = %(token)s,
            set_time = %(time)s,
            address = %(address)s
    """, id=user.userid, token=token, time=now, address=address)

    # Generate and send an email to the user containing a password reset link
    emailer.append([email], None, "Weasyl Password Recovery", d.render("email/reset_password.html", [token]))
Example #18
0
def staffnotes_(request):
    form = request.web_input(userid="")
    otherid = profile.resolve(request.userid, define.get_int(form.userid), request.matchdict.get('name', None))
    if not otherid:
        raise WeasylError("userRecordMissing")

    userprofile = profile.select_profile(otherid, images=True, viewer=request.userid)
    has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
    page_title = u"%s's staff notes" % (userprofile['full_name'] if has_fullname else userprofile['username'],)
    page = define.common_page_start(request.userid, title=page_title)

    userinfo = profile.select_userinfo(otherid, config=userprofile['config'])
    reportstats = profile.select_report_stats(otherid)
    userinfo['reportstats'] = reportstats
    userinfo['reporttotal'] = sum(reportstats.values())

    page.append(define.render('user/shouts.html', [
        # Profile information
        userprofile,
        # User information
        userinfo,
        # Relationship
        profile.select_relation(request.userid, otherid),
        # Myself
        profile.select_myself(request.userid),
        # Comments
        shout.select(request.userid, ownerid=otherid, staffnotes=True),
        # Feature
        "staffnotes",
    ]))

    return Response(define.common_page_end(request.userid, page))
Example #19
0
def shouts_(request):
    form = request.web_input(userid="", name="", backid=None, nextid=None)
    form.name = request.matchdict.get('name', form.name)
    form.userid = define.get_int(form.userid)

    otherid = profile.resolve(request.userid, form.userid, form.name)

    if not otherid:
        raise WeasylError("userRecordMissing")
    elif not request.userid and "h" in define.get_config(otherid):
        return Response(define.errorpage(request.userid, errorcode.no_guest_access))

    userprofile = profile.select_profile(otherid, images=True, viewer=request.userid)
    has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
    page_title = u"%s's shouts" % (userprofile['full_name'] if has_fullname else userprofile['username'],)
    page = define.common_page_start(request.userid, title=page_title)

    page.append(define.render('user/shouts.html', [
        # Profile information
        userprofile,
        # User information
        profile.select_userinfo(otherid, config=userprofile['config']),
        # Relationship
        profile.select_relation(request.userid, otherid),
        # Myself
        profile.select_myself(request.userid),
        # Comments
        shout.select(request.userid, ownerid=otherid),
        # Feature
        "shouts",
    ]))

    return Response(define.common_page_end(request.userid, page))
Example #20
0
def journals_(request):
    form = request.web_input(userid="", name="", backid=None, nextid=None)
    form.name = request.matchdict.get('name', form.name)
    form.userid = define.get_int(form.userid)

    config = define.get_config(request.userid)
    rating = define.get_rating(request.userid)
    otherid = profile.resolve(request.userid, form.userid, form.name)

    if not otherid:
        raise WeasylError("userRecordMissing")
    elif not request.userid and "h" in define.get_config(otherid):
        return Response(define.errorpage(request.userid, errorcode.no_guest_access))

    userprofile = profile.select_profile(otherid, images=True, viewer=request.userid)
    has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
    page_title = u"%s's journals" % (userprofile['full_name'] if has_fullname else userprofile['username'],)
    page = define.common_page_start(request.userid, title=page_title)

    page.append(define.render('user/journals.html', [
        # Profile information
        userprofile,
        # User information
        profile.select_userinfo(otherid, config=userprofile['config']),
        # Relationship
        profile.select_relation(request.userid, otherid),
        # Journals list
        # TODO(weykent): use select_user_list
        journal.select_list(request.userid, rating, 250, otherid=otherid, config=config),
        # Latest journal
        journal.select_latest(request.userid, rating, otherid=otherid),
    ]))

    return Response(define.common_page_end(request.userid, page))
Example #21
0
def create(form):
    # Normalize form data
    username = d.plaintext(form.username[:_USERNAME])
    sysname = d.get_sysname(username)

    email = emailer.normalize_address(form.email)
    emailcheck = emailer.normalize_address(form.emailcheck)

    password = form.password
    passcheck = form.passcheck

    if form.day and form.month and form.year:
        try:
            birthday = arrow.Arrow(int(form.year), int(form.month), int(form.day))
        except ValueError:
            raise WeasylError("birthdayInvalid")
    else:
        birthday = None

    # Check mismatched form data
    if password != passcheck:
        raise WeasylError("passwordMismatch")
    if email != emailcheck:
        raise WeasylError("emailMismatch")

    # Check invalid form data
    if birthday is None or d.age_in_years(birthday) < 13:
        raise WeasylError("birthdayInvalid")
    if not password_secure(password):
        raise WeasylError("passwordInsecure")
    if not email:
        raise WeasylError("emailInvalid")
    if not sysname or ";" in username:
        raise WeasylError("usernameInvalid")
    if sysname in ["admin", "administrator", "mod", "moderator", "weasyl",
                   "weasyladmin", "weasylmod", "staff", "security"]:
        raise WeasylError("usernameInvalid")
    if email_exists(email):
        raise WeasylError("emailExists")
    if username_exists(sysname):
        raise WeasylError("usernameExists")

    # Create pending account
    token = security.generate_key(40)

    d.engine.execute(d.meta.tables["logincreate"].insert(), {
        "token": token,
        "username": username,
        "login_name": sysname,
        "hashpass": passhash(password),
        "email": email,
        "birthday": birthday,
        "unixtime": arrow.now(),
    })

    # Queue verification email
    emailer.append([email], None, "Weasyl Account Creation", d.render(
        "email/verify_account.html", [token, sysname]))
    d.metric('increment', 'createdusers')
Example #22
0
def collections_(request):
    form = request.web_input(userid="",
                             name="",
                             backid=None,
                             nextid=None,
                             folderid=None)
    form.name = request.matchdict.get('name', form.name)
    form.userid = define.get_int(form.userid)

    config = define.get_config(request.userid)
    rating = define.get_rating(request.userid)
    otherid = profile.resolve(request.userid, form.userid, form.name)

    if not otherid:
        raise WeasylError("userRecordMissing")
    elif not request.userid and "h" in define.get_config(otherid):
        return Response(
            define.errorpage(request.userid, errorcode.no_guest_access))

    userprofile = profile.select_profile(otherid,
                                         images=True,
                                         viewer=request.userid)
    has_fullname = userprofile[
        'full_name'] is not None and userprofile['full_name'].strip() != ''
    page_title = u"%s's collections" % (userprofile['full_name']
                                        if has_fullname else
                                        userprofile['username'], )
    page = define.common_page_start(request.userid, title=page_title)

    url_format = "/collections?userid={userid}&%s".format(
        userid=userprofile['userid'])
    result = pagination.PaginatedResult(collection.select_list,
                                        collection.select_count,
                                        'submitid',
                                        url_format,
                                        request.userid,
                                        rating,
                                        66,
                                        otherid=otherid,
                                        backid=define.get_int(form.backid),
                                        nextid=define.get_int(form.nextid),
                                        config=config)

    page.append(
        define.render(
            'user/collections.html',
            [
                # Profile information
                userprofile,
                # User information
                profile.select_userinfo(otherid, config=userprofile['config']),
                # Relationship
                profile.select_relation(request.userid, otherid),
                # Collections
                result,
            ]))

    return Response(define.common_page_end(request.userid, page))
Example #23
0
def submissions_(request):
    name = request.matchdict.get('name', request.params.get('name', ''))
    userid = define.get_int(request.params.get('userid'))

    rating = define.get_rating(request.userid)
    otherid = profile.resolve(request.userid, userid, name)
    folderid = define.get_int(request.params.get('folderid')) or None
    backid = request.params.get('backid')
    nextid = request.params.get('nextid')

    if not otherid:
        raise WeasylError("userRecordMissing")
    elif not request.userid and "h" in define.get_config(otherid):
        raise WeasylError('noGuests')

    userprofile = profile.select_profile(otherid, viewer=request.userid)
    has_fullname = userprofile[
        'full_name'] is not None and userprofile['full_name'].strip() != ''
    page_title = u"%s's submissions" % (userprofile['full_name']
                                        if has_fullname else
                                        userprofile['username'], )
    page = define.common_page_start(request.userid, title=page_title)

    url_format = "/submissions/{username}?%s{folderquery}".format(
        username=define.get_sysname(userprofile['username']),
        folderquery="&folderid=%d" % folderid if folderid else "")
    result = pagination.PaginatedResult(submission.select_list,
                                        submission.select_count,
                                        'submitid',
                                        url_format,
                                        request.userid,
                                        rating,
                                        limit=60,
                                        otherid=otherid,
                                        folderid=folderid,
                                        backid=define.get_int(backid),
                                        nextid=define.get_int(nextid),
                                        profile_page_filter=not folderid)

    page.append(
        define.render(
            'user/submissions.html',
            [
                # Profile information
                userprofile,
                # User information
                profile.select_userinfo(otherid, config=userprofile['config']),
                # Relationship
                profile.select_relation(request.userid, otherid),
                # Recent submissions
                result,
                # Folders
                folder.select_list(otherid),
                # Current folder
                folderid,
            ]))

    return Response(define.common_page_end(request.userid, page))
Example #24
0
 def GET(self):
     now = time.time()
     page = define.common_page_start(self.user_id,
                                     options=["homepage"],
                                     title="Home")
     page.append(
         define.render(template.etc_index,
                       index.template_fields(self.user_id)))
     return define.common_page_end(self.user_id, page, now=now)
Example #25
0
def submission_(request):
    username = request.matchdict.get('name')
    submitid = request.matchdict.get('submitid')

    form = request.web_input(submitid="", ignore="", anyway="")

    rating = define.get_rating(request.userid)
    submitid = define.get_int(submitid) if submitid else define.get_int(form.submitid)

    extras = {
        "pdf": True,
    }

    if define.user_is_twitterbot():
        extras['twitter_card'] = submission.twitter_card(submitid)

    try:
        item = submission.select_view(
            request.userid, submitid, rating,
            ignore=define.text_bool(form.ignore, True), anyway=form.anyway
        )
    except WeasylError as we:
        we.errorpage_kwargs = extras
        if 'twitter_card' in extras:
            extras['options'] = ['nocache']
        if we.value in ("UserIgnored", "TagBlocked"):
            extras['links'] = [
                ("View Submission", "?ignore=false"),
                ("Return to the Home Page", "/index"),
            ]
        raise

    login = define.get_sysname(item['username'])
    canonical_path = request.route_path('submission_detail_profile', name=login, submitid=submitid, slug=slug_for(item['title']))

    if request.GET.get('anyway'):
        canonical_path += '?anyway=true'

    if login != username:
        raise httpexceptions.HTTPMovedPermanently(location=canonical_path)
    extras["canonical_url"] = canonical_path
    extras["title"] = item["title"]

    page = define.common_page_start(request.userid, **extras)
    page.append(define.render('detail/submission.html', [
        # Myself
        profile.select_myself(request.userid),
        # Submission detail
        item,
        # Subtypes
        macro.MACRO_SUBCAT_LIST,
        # Violations
        [i for i in macro.MACRO_REPORT_VIOLATION if 2000 <= i[0] < 3000],
    ]))

    return Response(define.common_page_end(request.userid, page))
Example #26
0
def submission_tag_history_(request):
    submitid = int(request.matchdict['submitid'])

    page_title = "Tag updates"
    page = define.common_page_start(request.userid, title=page_title)
    page.append(define.render('detail/tag_history.html', [
        submission.select_view_api(request.userid, submitid),
        searchtag.tag_history(submitid),
    ]))
    return Response(define.common_page_end(request.userid, page))
Example #27
0
    def GET(self, submitid):
        submitid = int(submitid)

        page_title = "Tag updates"
        page = define.common_page_start(self.user_id, title=page_title)
        page.append(define.render('detail/tag_history.html', [
            submission.select_view_api(self.user_id, submitid),
            searchtag.tag_history(submitid),
        ]))
        return define.common_page_end(self.user_id, page)
Example #28
0
    def GET(self, name=""):

        form = web.input(userid="", name="", backid=None, nextid=None)
        form.name = name if name else form.name
        form.userid = define.get_int(form.userid)

        config = define.get_config(self.user_id)
        rating = define.get_rating(self.user_id)
        otherid = profile.resolve(self.user_id, form.userid, form.name)

        if not otherid:
            raise WeasylError("userRecordMissing")
        elif not self.user_id and "h" in define.get_config(otherid):
            return define.errorpage(self.user_id, errorcode.no_guest_access)

        userprofile = profile.select_profile(otherid,
                                             images=True,
                                             viewer=self.user_id)
        has_fullname = userprofile[
            'full_name'] is not None and userprofile['full_name'].strip() != ''
        page_title = u"%s's characters" % (userprofile['full_name']
                                           if has_fullname else
                                           userprofile['username'], )
        page = define.common_page_start(self.user_id, title=page_title)

        url_format = "/characters?userid={userid}&%s".format(
            userid=userprofile['userid'])
        result = pagination.PaginatedResult(character.select_list,
                                            character.select_count,
                                            'charid',
                                            url_format,
                                            self.user_id,
                                            rating,
                                            60,
                                            otherid=otherid,
                                            backid=define.get_int(form.backid),
                                            nextid=define.get_int(form.nextid),
                                            config=config)

        page.append(
            define.render(
                template.user_characters,
                [
                    # Profile information
                    userprofile,
                    # User information
                    profile.select_userinfo(otherid,
                                            config=userprofile['config']),
                    # Relationship
                    profile.select_relation(self.user_id, otherid),
                    # Characters list
                    result,
                ]))

        return define.common_page_end(self.user_id, page)
Example #29
0
    def GET(self, submitid):
        submitid = int(submitid)

        page_title = "Tag updates"
        page = define.common_page_start(self.user_id, title=page_title)
        page.append(
            define.render('detail/tag_history.html', [
                submission.select_view_api(self.user_id, submitid),
                searchtag.tag_history(submitid),
            ]))
        return define.common_page_end(self.user_id, page)
Example #30
0
    def GET(self, a="", b=None):
        if b is None:
            username, submitid = None, a
        else:
            username, submitid = a, b
        now = time.time()

        form = web.input(submitid="", ignore="", anyway="")

        rating = define.get_rating(self.user_id)
        submitid = define.get_int(submitid) if submitid else define.get_int(form.submitid)

        extras = {
            "pdf": True,
        }

        if define.user_is_twitterbot():
            extras['twitter_card'] = submission.twitter_card(submitid)

        try:
            item = submission.select_view(
                self.user_id, submitid, rating,
                ignore=define.text_bool(form.ignore, True), anyway=form.anyway
            )
        except WeasylError as we:
            we.errorpage_kwargs = extras
            if 'twitter_card' in extras:
                extras['options'] = ['nocache']
            if we.value in ("UserIgnored", "TagBlocked"):
                extras['links'] = [
                    ("View Submission", "?ignore=false"),
                    ("Return to the Home Page", "/index"),
                ]
            raise

        login = define.get_sysname(item['username'])
        if username is not None and login != username:
            raise web.seeother('/~%s/post/%s/%s' % (login, submitid, slug_for(item["title"])))
        extras["canonical_url"] = "/submission/%d/%s" % (submitid, slug_for(item["title"]))
        extras["title"] = item["title"]

        page = define.common_page_start(self.user_id, options=["mediaplayer"], **extras)
        page.append(define.render('detail/submission.html', [
            # Myself
            profile.select_myself(self.user_id),
            # Submission detail
            item,
            # Subtypes
            macro.MACRO_SUBCAT_LIST,
            # Violations
            [i for i in macro.MACRO_REPORT_VIOLATION if 2000 <= i[0] < 3000],
        ]))

        return define.common_page_end(self.user_id, page, now=now)
Example #31
0
def append(db, email, terms):
    token = security.generate_key(40)
    email = emailer.normalize_address(email)

    if not email:
        raise error.WeasylError("emailInvalid")

    define.execute(db, "INSERT INTO premiumpurchase VALUES ('%s', '%s', %i)", [token, email, terms])

    emailer.append([email], None, "Weasyl Premium Verification",
                   define.render("email/verify_premium.html", [token, terms]))
Example #32
0
def shouts_(request):
    form = request.web_input(userid="", name="", backid=None, nextid=None)
    form.name = request.matchdict.get('name', form.name)
    form.userid = define.get_int(form.userid)

    otherid = profile.resolve(request.userid, form.userid, form.name)

    if not otherid:
        raise WeasylError("userRecordMissing")
    elif not request.userid and "h" in define.get_config(otherid):
        raise WeasylError('noGuests')

    userprofile = profile.select_profile(otherid, viewer=request.userid)

    if otherid != request.userid and not define.is_vouched_for(otherid):
        can_vouch = request.userid != 0 and define.is_vouched_for(
            request.userid)

        return Response(
            define.webpage(
                request.userid,
                "error/unverified.html",
                [request, otherid, userprofile['username'], can_vouch],
            ),
            status=403,
        )

    has_fullname = userprofile[
        'full_name'] is not None and userprofile['full_name'].strip() != ''
    page_title = u"%s's shouts" % (userprofile['full_name'] if has_fullname
                                   else userprofile['username'], )
    page = define.common_page_start(request.userid, title=page_title)

    page.append(
        define.render(
            'user/shouts.html',
            [
                # Profile information
                userprofile,
                # User information
                profile.select_userinfo(otherid, config=userprofile['config']),
                # Relationship
                profile.select_relation(request.userid, otherid),
                # Myself
                profile.select_myself(request.userid),
                # Comments
                shout.select(request.userid, ownerid=otherid),
                # Feature
                "shouts",
            ]))

    return Response(define.common_page_end(request.userid, page))
Example #33
0
def collections_(request):
    name = request.matchdict.get('name', request.params.get('name', ''))
    userid = define.get_int(request.params.get('userid'))

    rating = define.get_rating(request.userid)
    otherid = profile.resolve(request.userid, userid, name)

    backid = request.params.get('backid')
    nextid = request.params.get('nextid')

    if not otherid:
        raise WeasylError("userRecordMissing")
    elif not request.userid and "h" in define.get_config(otherid):
        raise WeasylError('noGuests')

    userprofile = profile.select_profile(otherid, viewer=request.userid)
    has_fullname = userprofile[
        'full_name'] is not None and userprofile['full_name'].strip() != ''
    page_title = u"%s's collections" % (userprofile['full_name']
                                        if has_fullname else
                                        userprofile['username'], )
    page = define.common_page_start(request.userid, title=page_title)

    url_format = "/collections?userid={userid}&%s".format(
        userid=userprofile['userid'])
    result = pagination.PaginatedResult(collection.select_list,
                                        collection.select_count,
                                        'submitid',
                                        url_format,
                                        request.userid,
                                        rating,
                                        limit=66,
                                        otherid=otherid,
                                        backid=define.get_int(backid),
                                        nextid=define.get_int(nextid))

    page.append(
        define.render(
            'user/collections.html',
            [
                # Profile information
                userprofile,
                # User information
                profile.select_userinfo(otherid, config=userprofile['config']),
                # Relationship
                profile.select_relation(request.userid, otherid),
                # Collections
                result,
            ]))

    return Response(define.common_page_end(request.userid, page))
Example #34
0
 def render_form(self, scopes, credentials, mobile, error=None,
                 username='', password='', remember_me=False, not_me=False):
     db = d.connect()
     client = db.query(orm.OAuthConsumer).get(credentials['client_id'])
     if self.user_id:
         user = db.query(orm.Login).get(self.user_id)
         user_media = media.get_user_media(self.user_id)
     else:
         user = user_media = None
     credentials['scopes'] = scopes
     return d.render('oauth2/authorize.html', [
         scopes, credentials, client, user, user_media, mobile, error,
         username, password, remember_me, not_me,
     ])
Example #35
0
def request(form):
    token = security.generate_key(100)
    email = emailer.normalize_address(form.email)
    username = d.get_sysname(form.username)

    # Determine the user associated with `username`; if the user is not found,
    # raise an exception
    user = d.engine.execute(
        "SELECT userid, email FROM login WHERE login_name = %(username)s",
        username=username).first()

    if not user:
        raise WeasylError("loginRecordMissing")

    # Check the user's email address against the provided e-mail address,
    # raising an exception if there is a mismatch
    if email != emailer.normalize_address(user.email):
        raise WeasylError("emailInvalid")

    # Insert a record into the forgotpassword table for the user,
    # or update an existing one
    now = d.get_time()
    address = d.get_address()

    try:
        d.engine.execute(
            "INSERT INTO forgotpassword (userid, token, set_time, address)"
            " VALUES (%(id)s, %(token)s, %(time)s, %(address)s)",
            id=user.userid, token=token, time=now, address=address)
    except IntegrityError:
        # An IntegrityError will probably indicate that a password reset request
        # already exists and that the existing row should be updated. If the update
        # doesn't find anything, though, the original error should be re-raised.
        result = d.engine.execute("""
            UPDATE forgotpassword SET
                token = %(token)s,
                set_time = %(time)s,
                address = %(address)s
            WHERE userid = %(id)s
        """, id=user.userid, token=token, time=now, address=address)

        if result.rowcount != 1:
            raise

    # Generate and send an email to the user containing a password reset link
    emailer.append([email], None, "Weasyl Password Recovery", d.render("email/reset_password.html", [token]))
Example #36
0
def request(form):
    token = security.generate_key(100)
    email = emailer.normalize_address(form.email)
    username = d.get_sysname(form.username)

    # Determine the user associated with `username`; if the user is not found,
    # raise an exception
    user = d.engine.execute(
        "SELECT userid, email FROM login WHERE login_name = %(username)s",
        username=username).first()

    if not user:
        raise WeasylError("loginRecordMissing")

    # Check the user's email address against the provided e-mail address,
    # raising an exception if there is a mismatch
    if email != emailer.normalize_address(user.email):
        raise WeasylError("emailInvalid")

    # Insert a record into the forgotpassword table for the user,
    # or update an existing one
    now = d.get_time()
    address = d.get_address()

    try:
        d.engine.execute(
            "INSERT INTO forgotpassword (userid, token, set_time, address)"
            " VALUES (%(id)s, %(token)s, %(time)s, %(address)s)",
            id=user.userid, token=token, time=now, address=address)
    except IntegrityError:
        # An IntegrityError will probably indicate that a password reset request
        # already exists and that the existing row should be updated. If the update
        # doesn't find anything, though, the original error should be re-raised.
        result = d.engine.execute("""
            UPDATE forgotpassword SET
                token = %(token)s,
                set_time = %(time)s,
                address = %(address)s
            WHERE userid = %(id)s
        """, id=user.userid, token=token, time=now, address=address)

        if result.rowcount != 1:
            raise

    # Generate and send an email to the user containing a password reset link
    emailer.append([email], None, "Weasyl Password Recovery", d.render("email/reset_password.html", [token]))
Example #37
0
def submissions_(request):
    form = request.web_input(userid="", name="", backid=None, nextid=None, folderid=None)
    form.name = request.matchdict.get('name', form.name)
    form.userid = define.get_int(form.userid)

    config = define.get_config(request.userid)
    rating = define.get_rating(request.userid)
    otherid = profile.resolve(request.userid, form.userid, form.name)
    folderid = define.get_int(form.folderid) or None

    if not otherid:
        raise WeasylError("userRecordMissing")
    elif not request.userid and "h" in define.get_config(otherid):
        return Response(define.errorpage(request.userid, errorcode.no_guest_access))

    userprofile = profile.select_profile(otherid, images=True, viewer=request.userid)
    has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
    page_title = u"%s's submissions" % (userprofile['full_name'] if has_fullname else userprofile['username'],)
    page = define.common_page_start(request.userid, title=page_title)

    url_format = "/submissions/{username}?%s{folderquery}".format(
                 username=define.get_sysname(userprofile['username']),
                 folderquery="&folderid=%d" % folderid if folderid else "")
    result = pagination.PaginatedResult(
        submission.select_list, submission.select_count, 'submitid', url_format, request.userid, rating,
        60, otherid=otherid, folderid=folderid, backid=define.get_int(form.backid),
        nextid=define.get_int(form.nextid), config=config, profile_page_filter=not folderid)

    page.append(define.render('user/submissions.html', [
        # Profile information
        userprofile,
        # User information
        profile.select_userinfo(otherid, config=userprofile['config']),
        # Relationship
        profile.select_relation(request.userid, otherid),
        # Recent submissions
        result,
        # Folders
        folder.select_list(otherid, "sidebar/all"),
        # Current folder
        folderid,
    ]))

    return Response(define.common_page_end(request.userid, page))
Example #38
0
    def GET(self, journalid=""):
        form = web.input(journalid="", ignore="", anyway="")

        rating = define.get_rating(self.user_id)
        journalid = define.get_int(journalid) if journalid else define.get_int(
            form.journalid)

        try:
            item = journal.select_view(self.user_id,
                                       rating,
                                       journalid,
                                       ignore=define.text_bool(
                                           form.ignore, True),
                                       anyway=form.anyway)
        except WeasylError as we:
            if we.value in ("UserIgnored", "TagBlocked"):
                we.errorpage_kwargs['links'] = [
                    ("View Journal", "?ignore=false"),
                    ("Return to the Home Page", "/index"),
                ]
            raise

        canonical_url = "/journal/%d/%s" % (journalid, slug_for(item["title"]))

        page = define.common_page_start(self.user_id,
                                        options=["pager"],
                                        canonical_url=canonical_url,
                                        title=item["title"])
        page.append(
            define.render(
                template.detail_journal,
                [
                    # Myself
                    profile.select_myself(self.user_id),
                    # Journal detail
                    item,
                    # Violations
                    [
                        i for i in macro.MACRO_REPORT_VIOLATION
                        if 3000 <= i[0] < 4000
                    ],
                ]))

        return define.common_page_end(self.user_id, page)
Example #39
0
    def GET(self, name=""):
        form = web.input(userid="", name="", backid=None, nextid=None, folderid=None)
        form.name = name if name else form.name
        form.userid = define.get_int(form.userid)

        config = define.get_config(self.user_id)
        rating = define.get_rating(self.user_id)
        otherid = profile.resolve(self.user_id, form.userid, form.name)
        folderid = define.get_int(form.folderid) or None

        if not otherid:
            raise WeasylError("userRecordMissing")
        elif not self.user_id and "h" in define.get_config(otherid):
            return define.errorpage(self.user_id, errorcode.no_guest_access)

        userprofile = profile.select_profile(otherid, images=True, viewer=self.user_id)
        has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
        page_title = u"%s's submissions" % (userprofile['full_name'] if has_fullname else userprofile['username'],)
        page = define.common_page_start(self.user_id, title=page_title)

        url_format = "/submissions/{username}?%s{folderquery}".format(
                     username=define.get_sysname(userprofile['username']),
                     folderquery="&folderid=%d" % folderid if folderid else "")
        result = pagination.PaginatedResult(
            submission.select_list, submission.select_count, 'submitid', url_format, self.user_id, rating,
            60, otherid=otherid, folderid=folderid, backid=define.get_int(form.backid),
            nextid=define.get_int(form.nextid), config=config, profile_page_filter=not folderid)

        page.append(define.render(template.user_submissions, [
            # Profile information
            userprofile,
            # User information
            profile.select_userinfo(otherid, config=userprofile['config']),
            # Relationship
            profile.select_relation(self.user_id, otherid),
            # Recent submissions
            result,
            # Folders
            folder.select_list(otherid, "sidebar/all"),
            # Current folder
            folderid,
        ]))

        return define.common_page_end(self.user_id, page)
Example #40
0
def request(email):
    token = security.generate_key(25,
                                  key_characters=string.digits +
                                  string.ascii_lowercase)
    token_sha256 = _hash_token(token)
    email = emailer.normalize_address(email)

    if email is None:
        raise WeasylError("emailInvalid")

    d.engine.execute(
        "INSERT INTO forgotpassword (email, token_sha256)"
        " VALUES (%(email)s, %(token_sha256)s)",
        email=email,
        token_sha256=bytearray(token_sha256))

    # Generate and send an email to the user containing a password reset link
    emailer.send(email, "Weasyl Account Recovery",
                 d.render("email/reset_password.html", [token]))
Example #41
0
    def GET(self, name=None):
        form = web.input(userid="")
        otherid = profile.resolve(self.user_id, define.get_int(form.userid),
                                  name)
        if not otherid:
            raise WeasylError("userRecordMissing")

        userprofile = profile.select_profile(otherid,
                                             images=True,
                                             viewer=self.user_id)
        has_fullname = userprofile[
            'full_name'] is not None and userprofile['full_name'].strip() != ''
        page_title = u"%s's staff notes" % (userprofile['full_name']
                                            if has_fullname else
                                            userprofile['username'], )
        page = define.common_page_start(self.user_id, title=page_title)

        userinfo = profile.select_userinfo(otherid,
                                           config=userprofile['config'])
        reportstats = profile.select_report_stats(otherid)
        userinfo['reportstats'] = reportstats
        userinfo['reporttotal'] = sum(reportstats.values())

        page.append(
            define.render(
                template.user_shouts,
                [
                    # Profile information
                    userprofile,
                    # User information
                    userinfo,
                    # Relationship
                    profile.select_relation(self.user_id, otherid),
                    # Myself
                    profile.select_myself(self.user_id),
                    # Comments
                    shout.select(
                        self.user_id, ownerid=otherid, staffnotes=True),
                    # Feature
                    "staffnotes",
                ]))

        return define.common_page_end(self.user_id, page, now=time.time())
Example #42
0
    def GET(self, name=""):
        now = time.time()

        form = web.input(userid="", name="", backid=None, nextid=None)
        form.name = name if name else form.name
        form.userid = define.get_int(form.userid)

        otherid = profile.resolve(self.user_id, form.userid, form.name)

        if not otherid:
            raise WeasylError("userRecordMissing")
        elif not self.user_id and "h" in define.get_config(otherid):
            return define.errorpage(self.user_id, errorcode.no_guest_access)

        userprofile = profile.select_profile(otherid,
                                             images=True,
                                             viewer=self.user_id)
        has_fullname = userprofile[
            'full_name'] is not None and userprofile['full_name'].strip() != ''
        page_title = u"%s's shouts" % (userprofile['full_name'] if has_fullname
                                       else userprofile['username'], )
        page = define.common_page_start(self.user_id, title=page_title)

        page.append(
            define.render(
                template.user_shouts,
                [
                    # Profile information
                    userprofile,
                    # User information
                    profile.select_userinfo(otherid,
                                            config=userprofile['config']),
                    # Relationship
                    profile.select_relation(self.user_id, otherid),
                    # Myself
                    profile.select_myself(self.user_id),
                    # Comments
                    shout.select(self.user_id, ownerid=otherid),
                    # Feature
                    "shouts",
                ]))

        return define.common_page_end(self.user_id, page, now=now)
Example #43
0
def request(form):
    token = security.generate_key(100)
    email = emailer.normalize_address(form.email)
    username = d.get_sysname(form.username)

    # Determine the user associated with `username`; if the user is not found,
    # raise an exception
    user = d.engine.execute(
        "SELECT userid, email FROM login WHERE login_name = %(username)s",
        username=username).first()

    if not user:
        raise WeasylError("loginRecordMissing")

    # Check the user's email address against the provided e-mail address,
    # raising an exception if there is a mismatch
    if email != emailer.normalize_address(user.email):
        raise WeasylError("emailInvalid")

    # Insert a record into the forgotpassword table for the user,
    # or update an existing one
    now = d.get_time()
    address = d.get_address()

    d.engine.execute("""
        INSERT INTO forgotpassword (userid, token, set_time, address)
        VALUES (%(id)s, %(token)s, %(time)s, %(address)s)
        ON CONFLICT (userid) DO UPDATE SET
            token = %(token)s,
            set_time = %(time)s,
            address = %(address)s
    """,
                     id=user.userid,
                     token=token,
                     time=now,
                     address=address)

    # Generate and send an email to the user containing a password reset link
    emailer.append([email], None, "Weasyl Password Recovery",
                   d.render("email/reset_password.html", [token]))
Example #44
0
    def GET(self, name=""):

        form = web.input(userid="", name="", backid=None, nextid=None)
        form.name = name if name else form.name
        form.userid = define.get_int(form.userid)

        config = define.get_config(self.user_id)
        rating = define.get_rating(self.user_id)
        otherid = profile.resolve(self.user_id, form.userid, form.name)

        if not otherid:
            raise WeasylError("userRecordMissing")
        elif not self.user_id and "h" in define.get_config(otherid):
            return define.errorpage(self.user_id, errorcode.no_guest_access)

        userprofile = profile.select_profile(otherid, images=True, viewer=self.user_id)
        has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
        page_title = u"%s's characters" % (userprofile['full_name'] if has_fullname else userprofile['username'],)
        page = define.common_page_start(self.user_id, title=page_title)

        url_format = "/characters?userid={userid}&%s".format(userid=userprofile['userid'])
        result = pagination.PaginatedResult(
            character.select_list, character.select_count,
            'charid', url_format, self.user_id, rating, 60,
            otherid=otherid, backid=define.get_int(form.backid),
            nextid=define.get_int(form.nextid), config=config)

        page.append(define.render(template.user_characters, [
            # Profile information
            userprofile,
            # User information
            profile.select_userinfo(otherid, config=userprofile['config']),
            # Relationship
            profile.select_relation(self.user_id, otherid),
            # Characters list
            result,
        ]))

        return define.common_page_end(self.user_id, page)
Example #45
0
def collections_(request):
    form = request.web_input(userid="", name="", backid=None, nextid=None,
                             folderid=None)
    form.name = request.matchdict.get('name', form.name)
    form.userid = define.get_int(form.userid)

    config = define.get_config(request.userid)
    rating = define.get_rating(request.userid)
    otherid = profile.resolve(request.userid, form.userid, form.name)

    if not otherid:
        raise WeasylError("userRecordMissing")
    elif not request.userid and "h" in define.get_config(otherid):
        return Response(define.errorpage(request.userid, errorcode.no_guest_access))

    userprofile = profile.select_profile(otherid, images=True, viewer=request.userid)
    has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
    page_title = u"%s's collections" % (userprofile['full_name'] if has_fullname else userprofile['username'],)
    page = define.common_page_start(request.userid, title=page_title)

    url_format = "/collections?userid={userid}&%s".format(userid=userprofile['userid'])
    result = pagination.PaginatedResult(
        collection.select_list, collection.select_count, 'submitid', url_format, request.userid, rating, 66,
        otherid=otherid, backid=define.get_int(form.backid), nextid=define.get_int(form.nextid), config=config)

    page.append(define.render('user/collections.html', [
        # Profile information
        userprofile,
        # User information
        profile.select_userinfo(otherid, config=userprofile['config']),
        # Relationship
        profile.select_relation(request.userid, otherid),
        # Collections
        result,
    ]))

    return Response(define.common_page_end(request.userid, page))
Example #46
0
def create(form):
    # Normalize form data
    username = clean_display_name(form.username)
    sysname = d.get_sysname(username)

    email = emailer.normalize_address(form.email)
    emailcheck = emailer.normalize_address(form.emailcheck)

    password = form.password
    passcheck = form.passcheck
    if form.day and form.month and form.year:
        try:
            birthday = arrow.Arrow(int(form.year), int(form.month), int(form.day))
        except ValueError:
            raise WeasylError("birthdayInvalid")
    else:
        birthday = None

    # Check mismatched form data
    if password != passcheck:
        raise WeasylError("passwordMismatch")
    if email != emailcheck:
        raise WeasylError("emailMismatch")

    # Check invalid form data
    if birthday is None or d.age_in_years(birthday) < 13:
        raise WeasylError("birthdayInvalid")
    if not password_secure(password):
        raise WeasylError("passwordInsecure")
    if not email:
        raise WeasylError("emailInvalid")
    if is_email_blacklisted(email):
        raise WeasylError("emailBlacklisted")
    if username_exists(sysname):
        raise WeasylError("usernameExists")

    # Account verification token
    token = security.generate_key(40)

    # Only attempt to create the account if the email is unused (as defined by the function)
    if not email_exists(email):
        # Create pending account
        d.engine.execute(d.meta.tables["logincreate"].insert(), {
            "token": token,
            "username": username,
            "login_name": sysname,
            "hashpass": passhash(password),
            "email": email,
            "birthday": birthday,
        })

        # Send verification email
        emailer.send(email, "Weasyl Account Creation", d.render(
            "email/verify_account.html", [token, sysname]))
        d.metric('increment', 'createdusers')
    else:
        # Store a dummy record to support plausible deniability of email addresses
        # So "reserve" the username, but mark the record invalid, and use the token to satisfy the uniqueness
        #  constraint for the email field (e.g., if there is already a valid, pending row in the table).
        d.engine.execute(d.meta.tables["logincreate"].insert(), {
            "token": token,
            "username": username,
            "login_name": sysname,
            "hashpass": passhash(password),
            "email": token,
            "birthday": arrow.now(),
            "invalid": True,
            # So we have a way for admins to determine which email address collided in the View Pending Accounts Page
            "invalid_email_addr": email,
        })
        # The email address in question is already in use in either `login` or `logincreate`;
        #   let the already registered user know this via email (perhaps they forgot their username/password)
        query_username_login = d.engine.scalar("SELECT login_name FROM login WHERE email = %(email)s", email=email)
        query_username_logincreate = d.engine.scalar("SELECT login_name FROM logincreate WHERE email = %(email)s", email=email)
        emailer.send(email, "Weasyl Account Creation - Account Already Exists", d.render(
            "email/email_in_use_account_creation.html", [query_username_login or query_username_logincreate]))
Example #47
0
def search_(request):
    rating = define.get_rating(request.userid)

    form = request.web_input(q="", find="", within="", rated=[], cat="", subcat="", backid="", nextid="")

    page = define.common_page_start(request.userid, title="Browse and search")

    if form.q:
        find = form.find

        if find not in ("submit", "char", "journal", "user"):
            find = "submit"

        q = form.q.strip()
        search_query = search.Query.parse(q, find)

        meta = {
            "q": q,
            "find": search_query.find,
            "within": form.within,
            "rated": set('gap') & set(form.rated),
            "cat": int(form.cat) if form.cat else None,
            "subcat": int(form.subcat) if form.subcat else None,
            "backid": int(form.backid) if form.backid else None,
            "nextid": int(form.nextid) if form.nextid else None,
        }

        if search_query.find == "user":
            query = search.select_users(q)
            next_count = back_count = 0
        else:
            search_query.ratings.update(ratings.CHARACTER_MAP[rating_code].code for rating_code in meta["rated"])

            query, next_count, back_count = search.select(
                userid=request.userid,
                rating=rating,
                limit=63,
                search=search_query,
                within=meta["within"],
                cat=meta["cat"],
                subcat=meta["subcat"],
                backid=meta["backid"],
                nextid=meta["nextid"])

        page.append(define.render("etc/search.html", [
            # Search method
            {"method": "search"},
            # Search metadata
            meta,
            # Search results
            query,
            next_count,
            back_count,
            # Submission subcategories
            macro.MACRO_SUBCAT_LIST,
            search.COUNT_LIMIT,
        ]))
    elif form.find:
        query = search.browse(request.userid, rating, 66, form)

        meta = {
            "find": form.find,
            "cat": int(form.cat) if form.cat else None,
        }

        page.append(define.render("etc/search.html", [
            # Search method
            {"method": "browse"},
            # Search metadata
            meta,
            # Search results
            query,
            0,
            0,
        ]))
    else:
        page.append(define.render("etc/search.html", [
            # Search method
            {"method": "summary"},
            # Search metadata
            None,
            # Search results
            {
                "submit": search.browse(request.userid, rating, 22, form, find="submit"),
                "char": search.browse(request.userid, rating, 22, form, find="char"),
                "journal": search.browse(request.userid, rating, 22, form, find="journal"),
            },
        ]))

    return Response(define.common_page_end(request.userid, page, options={'search'}))
Example #48
0
def index_(request):
    page = define.common_page_start(request.userid, options=["homepage"], title="Home")
    page.append(define.render("etc/index.html", index.template_fields(request.userid)))
    return Response(define.common_page_end(request.userid, page))
Example #49
0
    def GET(self, name=""):
        now = time.time()

        form = web.input(userid="", name="")
        form.name = name if name else form.name
        form.userid = define.get_int(form.userid)

        config = define.get_config(self.user_id)
        rating = define.get_rating(self.user_id)
        otherid = profile.resolve(self.user_id, form.userid, form.name)

        if not otherid:
            raise WeasylError("userRecordMissing")

        userprofile = profile.select_profile(otherid, images=True, viewer=self.user_id)
        extras = {
            "canonical_url": "/~" + define.get_sysname(form.name)
        }

        if define.user_is_twitterbot():
            extras['twitter_card'] = profile.twitter_card(otherid)
            extras['options'] = ['nocache']

        if not self.user_id and "h" in userprofile['config']:
            return define.errorpage(
                self.user_id,
                "You cannot view this page because the owner does not allow guests to view their profile.",
                **extras)

        has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
        extras['title'] = u"%s's profile" % (userprofile['full_name'] if has_fullname else userprofile['username'],)

        page = define.common_page_start(self.user_id, **extras)
        define.common_view_content(self.user_id, otherid, "profile")

        if 'O' in userprofile['config']:
            submissions = collection.select_list(
                self.user_id, rating, 11, otherid=otherid, options=["cover"], config=config)
            more_submissions = 'collections'
            featured = None
        elif 'A' in userprofile['config']:
            submissions = character.select_list(
                self.user_id, rating, 11, otherid=otherid, options=["cover"], config=config)
            more_submissions = 'characters'
            featured = None
        else:
            submissions = submission.select_list(
                self.user_id, rating, 11, otherid=otherid, options=["cover"], config=config,
                profile_page_filter=True)
            more_submissions = 'submissions'
            featured = submission.select_featured(self.user_id, otherid, rating)

        if userprofile['show_favorites_bar']:
            favorites = favorite.select_submit(self.user_id, rating, 11, otherid=otherid, config=config)
        else:
            favorites = None

        page.append(define.render(template.user_profile, [
            # Profile information
            userprofile,
            # User information
            profile.select_userinfo(otherid, config=userprofile['config']),
            macro.SOCIAL_SITES,
            # Relationship
            profile.select_relation(self.user_id, otherid),
            # Myself
            profile.select_myself(self.user_id),
            # Recent submissions
            submissions, more_submissions,
            favorites,
            featured,
            # Folders preview
            folder.select_preview(self.user_id, otherid, rating, 3),
            # Latest journal
            journal.select_latest(self.user_id, rating, otherid=otherid, config=config),
            # Recent shouts
            shout.select(self.user_id, ownerid=otherid, limit=8),
            # Statistics information
            profile.select_statistics(otherid),
            # Commission information
            commishinfo.select_list(otherid),
            # Friends
            frienduser.select(self.user_id, otherid, 5, choose=None),
            # Following
            followuser.select_following(self.user_id, otherid, choose=5),
            # Followed
            followuser.select_followed(self.user_id, otherid, choose=5),
        ]))

        return define.common_page_end(self.user_id, page, now=now)
Example #50
0
def favorites_(request):
    name = request.matchdict.get('name', request.params.get('name', ''))
    userid = define.get_int(request.params.get('userid'))

    rating = define.get_rating(request.userid)
    otherid = profile.resolve(request.userid, userid, name)

    backid = request.params.get('backid')
    nextid = request.params.get('nextid')

    feature = request.params.get('feature', False)

    # TODO(hyena): Why aren't more of these WeasylErrors?
    if not otherid:
        raise WeasylError("userRecordMissing")
    elif not request.userid and "h" in define.get_config(otherid):
        raise WeasylError('noGuests')
    elif request.userid != otherid and 'v' in define.get_config(otherid):
        raise WeasylError('hiddenFavorites')

    userprofile = profile.select_profile(otherid, viewer=request.userid)
    has_fullname = userprofile[
        'full_name'] is not None and userprofile['full_name'].strip() != ''
    page_title = u"%s's favorites" % (userprofile['full_name'] if has_fullname
                                      else userprofile['username'], )
    page = define.common_page_start(request.userid, title=page_title)

    if feature:
        nextid = define.get_int(nextid)
        backid = define.get_int(backid)
        url_format = ("/favorites?userid={userid}&feature={feature}&%s".format(
            userid=otherid, feature=feature))
        id_field = feature + "id"

        count_function = None
        if feature == "submit":
            select_function = favorite.select_submit
            count_function = favorite.select_submit_count
        elif feature == "char":
            select_function = favorite.select_char
        elif feature == "journal":
            select_function = favorite.select_journal
        else:
            raise httpexceptions.HTTPNotFound()

        faves = pagination.PaginatedResult(select_function,
                                           count_function,
                                           id_field,
                                           url_format,
                                           request.userid,
                                           rating,
                                           limit=60,
                                           otherid=otherid,
                                           backid=backid,
                                           nextid=nextid)
    else:
        faves = {
            "submit":
            favorite.select_submit(request.userid, rating, 22,
                                   otherid=otherid),
            "char":
            favorite.select_char(request.userid, rating, 22, otherid=otherid),
            "journal":
            favorite.select_journal(request.userid,
                                    rating,
                                    22,
                                    otherid=otherid),
        }

    page.append(
        define.render(
            'user/favorites.html',
            [
                # Profile information
                userprofile,
                # User information
                profile.select_userinfo(otherid, config=userprofile['config']),
                # Relationship
                profile.select_relation(request.userid, otherid),
                # Feature
                feature,
                # Favorites
                faves,
            ]))

    return Response(define.common_page_end(request.userid, page))
Example #51
0
def favorites_(request):
    def _FEATURE(target):
        if target == "submit":
            return 10
        elif target == "char":
            return 20
        elif target == "journal":
            return 30
        else:
            return 0

    form = request.web_input(userid="", name="", feature="", backid=None, nextid=None)
    form.name = request.matchdict.get('name', form.name)
    form.userid = define.get_int(form.userid)

    config = define.get_config(request.userid)
    rating = define.get_rating(request.userid)
    otherid = profile.resolve(request.userid, form.userid, form.name)

    # TODO(hyena): Why aren't more of these WeasylErrors?
    if not otherid:
        raise WeasylError("userRecordMissing")
    elif not request.userid and "h" in define.get_config(otherid):
        return Response(define.errorpage(request.userid, errorcode.no_guest_access))
    elif request.userid != otherid and 'v' in define.get_config(otherid):
        return Response(define.errorpage(
            request.userid,
            "You cannot view this page because the owner does not allow anyone to see their favorites."))

    userprofile = profile.select_profile(otherid, images=True, viewer=request.userid)
    has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
    page_title = u"%s's favorites" % (userprofile['full_name'] if has_fullname else userprofile['username'],)
    page = define.common_page_start(request.userid, title=page_title)

    if form.feature:
        nextid = define.get_int(form.nextid)
        backid = define.get_int(form.backid)
        url_format = (
            "/favorites?userid={userid}&feature={feature}&%s".format(userid=userprofile['userid'], feature=form.feature))
        id_field = form.feature + "id"

        count_function = None
        if form.feature == "submit":
            select_function = favorite.select_submit
            count_function = favorite.select_submit_count
        elif form.feature == "char":
            select_function = favorite.select_char
        elif form.feature == "journal":
            select_function = favorite.select_journal
        else:
            raise httpexceptions.HTTPNotFound()

        faves = pagination.PaginatedResult(
            select_function, count_function,
            id_field, url_format, request.userid, rating, 60,
            otherid=otherid, backid=backid, nextid=nextid, config=config)
    else:
        faves = {
            "submit": favorite.select_submit(request.userid, rating, 22, otherid=otherid, config=config),
            "char": favorite.select_char(request.userid, rating, 22, otherid=otherid, config=config),
            "journal": favorite.select_journal(request.userid, rating, 22, otherid=otherid, config=config),
        }

    page.append(define.render('user/favorites.html', [
        # Profile information
        userprofile,
        # User information
        profile.select_userinfo(otherid, config=userprofile['config']),
        # Relationship
        profile.select_relation(request.userid, otherid),
        # Feature
        form.feature,
        # Favorites
        faves,
    ]))

    return Response(define.common_page_end(request.userid, page))
Example #52
0
def profile_(request):
    form = request.web_input(userid="", name="")

    form.name = request.matchdict.get('name', form.name)
    form.userid = define.get_int(form.userid)

    config = define.get_config(request.userid)
    rating = define.get_rating(request.userid)
    otherid = profile.resolve(request.userid, form.userid, form.name)

    if not otherid:
        raise WeasylError("userRecordMissing")

    userprofile = profile.select_profile(otherid, images=True, viewer=request.userid)
    extras = {
        "canonical_url": "/~" + define.get_sysname(form.name)
    }

    if not request.userid:
        # Only generate the Twitter/OGP meta headers if not authenticated (the UA viewing is likely automated).
        twit_card = profile.twitter_card(otherid)
        if define.user_is_twitterbot():
            extras['twitter_card'] = twit_card
        # The "og:" prefix is specified in page_start.html, and og:image is required by the OGP spec, so something must be in there.
        extras['ogp'] = {
            'title': twit_card['title'],
            'site_name': "Weasyl",
            'type': "website",
            'url': twit_card['url'],
            'description': twit_card['description'],
            'image': twit_card['image:src'] if 'image:src' in twit_card else define.cdnify_url('/static/images/logo-mark-light.svg'),
        }

    if not request.userid and "h" in userprofile['config']:
        return Response(define.errorpage(
            request.userid,
            "You cannot view this page because the owner does not allow guests to view their profile.",
            **extras))

    has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
    extras['title'] = u"%s's profile" % (userprofile['full_name'] if has_fullname else userprofile['username'],)

    page = define.common_page_start(request.userid, **extras)
    define.common_view_content(request.userid, otherid, "profile")

    if 'O' in userprofile['config']:
        submissions = collection.select_list(
            request.userid, rating, 11, otherid=otherid, options=["cover"], config=config)
        more_submissions = 'collections'
        featured = None
    elif 'A' in userprofile['config']:
        submissions = character.select_list(
            request.userid, rating, 11, otherid=otherid, options=["cover"], config=config)
        more_submissions = 'characters'
        featured = None
    else:
        submissions = submission.select_list(
            request.userid, rating, 11, otherid=otherid, options=["cover"], config=config,
            profile_page_filter=True)
        more_submissions = 'submissions'
        featured = submission.select_featured(request.userid, otherid, rating)

    if userprofile['show_favorites_bar']:
        favorites = favorite.select_submit(request.userid, rating, 11, otherid=otherid, config=config)
    else:
        favorites = None

    statistics, show_statistics = profile.select_statistics(otherid)

    page.append(define.render('user/profile.html', [
        # Profile information
        userprofile,
        # User information
        profile.select_userinfo(otherid, config=userprofile['config']),
        macro.SOCIAL_SITES,
        # Relationship
        profile.select_relation(request.userid, otherid),
        # Myself
        profile.select_myself(request.userid),
        # Recent submissions
        submissions, more_submissions,
        favorites,
        featured,
        # Folders preview
        folder.select_preview(request.userid, otherid, rating, 3),
        # Latest journal
        journal.select_latest(request.userid, rating, otherid=otherid, config=config),
        # Recent shouts
        shout.select(request.userid, ownerid=otherid, limit=8),
        # Statistics information
        statistics,
        show_statistics,
        # Commission information
        commishinfo.select_list(otherid),
        # Friends
        lambda: frienduser.has_friends(otherid),
    ]))

    return Response(define.common_page_end(request.userid, page))
Example #53
0
    def GET(self, name=""):
        def _FEATURE(target):
            if target == "submit":
                return 10
            elif target == "char":
                return 20
            elif target == "journal":
                return 30
            else:
                return 0

        form = web.input(userid="", name="", feature="", backid=None, nextid=None)
        form.name = name if name else form.name
        form.userid = define.get_int(form.userid)

        config = define.get_config(self.user_id)
        rating = define.get_rating(self.user_id)
        otherid = profile.resolve(self.user_id, form.userid, form.name)

        if not otherid:
            raise WeasylError("userRecordMissing")
        elif not self.user_id and "h" in define.get_config(otherid):
            return define.errorpage(self.user_id, errorcode.no_guest_access)
        elif self.user_id != otherid and 'v' in define.get_config(otherid):
            return define.errorpage(
                self.user_id,
                "You cannot view this page because the owner does not allow anyone to see their favorites.")

        userprofile = profile.select_profile(otherid, images=True, viewer=self.user_id)
        has_fullname = userprofile['full_name'] is not None and userprofile['full_name'].strip() != ''
        page_title = u"%s's favorites" % (userprofile['full_name'] if has_fullname else userprofile['username'],)
        page = define.common_page_start(self.user_id, title=page_title)

        if form.feature:
            nextid = define.get_int(form.nextid)
            backid = define.get_int(form.backid)
            url_format = (
                "/favorites?userid={userid}&feature={feature}&%s".format(userid=userprofile['userid'], feature=form.feature))
            id_field = form.feature + "id"

            count_function = None
            if form.feature == "submit":
                select_function = favorite.select_submit
                count_function = favorite.select_submit_count
            elif form.feature == "char":
                select_function = favorite.select_char
            elif form.feature == "journal":
                select_function = favorite.select_journal

            faves = pagination.PaginatedResult(
                select_function, count_function,
                id_field, url_format, self.user_id, rating, 60,
                otherid=otherid, backid=backid, nextid=nextid, config=config)
        else:
            faves = {
                "submit": favorite.select_submit(self.user_id, rating, 22, otherid=otherid, config=config),
                "char": favorite.select_char(self.user_id, rating, 22, otherid=otherid, config=config),
                "journal": favorite.select_journal(self.user_id, rating, 22, otherid=otherid, config=config),
            }

        page.append(define.render(template.user_favorites, [
            # Profile information
            userprofile,
            # User information
            profile.select_userinfo(otherid, config=userprofile['config']),
            # Relationship
            profile.select_relation(self.user_id, otherid),
            # Feature
            form.feature,
            # Favorites
            faves,
        ]))

        return define.common_page_end(self.user_id, page)
Example #54
0
 def GET(self):
     now = time.time()
     page = define.common_page_start(self.user_id, options=["homepage"], title="Home")
     page.append(define.render("etc/index.html", index.template_fields(self.user_id)))
     return define.common_page_end(self.user_id, page, now=now)
Example #55
0
def create(form):
    # Normalize form data
    username = d.plaintext(form.username[:_USERNAME])
    sysname = d.get_sysname(username)

    email = emailer.normalize_address(form.email)
    emailcheck = emailer.normalize_address(form.emailcheck)

    password = form.password
    passcheck = form.passcheck

    if form.day and form.month and form.year:
        try:
            birthday = arrow.Arrow(int(form.year), int(form.month), int(form.day))
        except ValueError:
            raise WeasylError("birthdayInvalid")
    else:
        birthday = None

    # Check mismatched form data
    if password != passcheck:
        raise WeasylError("passwordMismatch")
    if email != emailcheck:
        raise WeasylError("emailMismatch")

    # Check invalid form data
    if birthday is None or d.age_in_years(birthday) < 13:
        raise WeasylError("birthdayInvalid")
    if not password_secure(password):
        raise WeasylError("passwordInsecure")
    if not email:
        raise WeasylError("emailInvalid")
    if is_email_blacklisted(email):
        raise WeasylError("emailBlacklisted")
    if not sysname or ";" in username:
        raise WeasylError("usernameInvalid")
    if sysname in ["admin", "administrator", "mod", "moderator", "weasyl",
                   "weasyladmin", "weasylmod", "staff", "security"]:
        raise WeasylError("usernameInvalid")
    if username_exists(sysname):
        raise WeasylError("usernameExists")

    # Account verification token
    token = security.generate_key(40)

    # Only attempt to create the account if the email is unused (as defined by the function)
    if not email_exists(email):
        # Create pending account
        d.engine.execute(d.meta.tables["logincreate"].insert(), {
            "token": token,
            "username": username,
            "login_name": sysname,
            "hashpass": passhash(password),
            "email": email,
            "birthday": birthday,
            "unixtime": arrow.now(),
        })

        # Queue verification email
        emailer.append([email], None, "Weasyl Account Creation", d.render(
            "email/verify_account.html", [token, sysname]))
        d.metric('increment', 'createdusers')
    else:
        # Store a dummy record to support plausible deniability of email addresses
        # So "reserve" the username, but mark the record invalid, and use the token to satisfy the uniqueness
        #  constraint for the email field (e.g., if there is already a valid, pending row in the table).
        d.engine.execute(d.meta.tables["logincreate"].insert(), {
            "token": token,
            "username": username,
            "login_name": sysname,
            "hashpass": passhash(password),
            "email": token,
            "birthday": arrow.now(),
            "unixtime": arrow.now(),
            "invalid": True,
        })
        # The email address in question is already in use in either `login` or `logincreate`;
        #   let the already registered user know this via email (perhaps they forgot their username/password)
        query_username_login = d.engine.scalar("SELECT login_name FROM login WHERE email = %(email)s", email=email)
        query_username_logincreate = d.engine.scalar("SELECT login_name FROM logincreate WHERE email = %(email)s", email=email)
        emailer.append([email], None, "Weasyl Account Creation - Account Already Exists", d.render(
            "email/email_in_use_account_creation.html", [query_username_login or query_username_logincreate]))
Example #56
0
def submission_(request):
    username = request.matchdict.get('name')
    submitid = request.matchdict.get('submitid')

    form = request.web_input(submitid="", ignore="", anyway="")

    rating = define.get_rating(request.userid)
    submitid = define.get_int(submitid) if submitid else define.get_int(form.submitid)

    extras = {}

    if not request.userid:
        # Only generate the Twitter/OGP meta headers if not authenticated (the UA viewing is likely automated).
        twit_card = submission.twitter_card(submitid)
        if define.user_is_twitterbot():
            extras['twitter_card'] = twit_card
        # The "og:" prefix is specified in page_start.html, and og:image is required by the OGP spec, so something must be in there.
        extras['ogp'] = {
            'title': twit_card['title'],
            'site_name': "Weasyl",
            'type': "website",
            'url': twit_card['url'],
            'description': twit_card['description'],
            # >> BUG AVOIDANCE: https://trello.com/c/mBx51jfZ/1285-any-image-link-with-in-it-wont-preview-up-it-wont-show-up-in-embeds-too
            #    Image URLs with '~' in it will not be displayed by Discord, so replace ~ with the URL encoded char code %7E
            'image': twit_card['image:src'].replace('~', '%7E') if 'image:src' in twit_card else define.cdnify_url(
                '/static/images/logo-mark-light.svg'),
        }

    try:
        item = submission.select_view(
            request.userid, submitid, rating,
            ignore=define.text_bool(form.ignore, True), anyway=form.anyway
        )
    except WeasylError as we:
        we.errorpage_kwargs = extras
        if we.value in ("UserIgnored", "TagBlocked"):
            extras['links'] = [
                ("View Submission", "?ignore=false"),
                ("Return to the Home Page", "/index"),
            ]
        raise

    login = define.get_sysname(item['username'])
    canonical_path = request.route_path('submission_detail_profile', name=login, submitid=submitid, slug=slug_for(item['title']))

    if request.GET.get('anyway'):
        canonical_path += '?anyway=true'

    if login != username:
        raise httpexceptions.HTTPMovedPermanently(location=canonical_path)
    extras["canonical_url"] = canonical_path
    extras["title"] = item["title"]

    submission_files = item["sub_media"].get("submission")
    submission_file = submission_files[0] if submission_files else None
    extras["pdf"] = bool(submission_file) and submission_file["file_type"] == "pdf"

    page = define.common_page_start(request.userid, **extras)
    page.append(define.render('detail/submission.html', [
        # Myself
        profile.select_myself(request.userid),
        # Submission detail
        item,
        # Subtypes
        macro.MACRO_SUBCAT_LIST,
        # Violations
        [i for i in macro.MACRO_REPORT_VIOLATION if 2000 <= i[0] < 3000],
    ]))

    return Response(define.common_page_end(request.userid, page))