def image_link(image_id=None, image_id_36=None, thumbnail=True, extension=True, cursor=None):
if not image_id and not image_id_36:
return ""
elif image_id:
image_id_36 = web.to36(image_id)
if extension:
cursor.execute("""
SELECT mimetype FROM image WHERE image_id = %s
""", (image_id or int(image_id_36, 36),))
mime = cursor.fetchone()[0]
if mime == "image/png": suffix=".png"
elif mime == "image/jpeg": suffix=".jpg"
elif mime == "image/gif": suffix=".gif"
else: suffix=""
else:
suffix=""
if thumbnail:
return """<span class="image"><a href="/i/%s">
<img alt="image" src="/it/%s"/>
</a><a href="/view/%s" class="viewlink">More</a>
</span>"""%(image_id_36+suffix, image_id_36+suffix, image_id_36)
else:
return """<a href="/i/%s">
<img alt="image" src="/i/%s"/>
</a>
</span>"""%(image_id_36+suffix, image_id_36+suffix)
def set_msg_id(self, msg_id, petition=False):
#set msg id to trace the responses
#msg_id should let's know whether msg is sent through petition signatures or /writerep
#set msg_id to odd if msg is from signatures, even if msg is from /writerep
msg_id = 2 * msg_id
if petition: msg_id += 1
self.msg_id = web.to36(msg_id)
def create_url():
def safe36(s):
for c in '0o1li':
if c in s:
return False
return True
s = '0'
while not safe36(s):
s = web.to36(random.randrange(50000, 60000000))
return s
def send(frm, to, subj, msg, user_details, source_id=None, env={}):
"""
Sends the given `msg` to `to`, with the `user_details` and saves it in DB.
uses `env` if `to` has captcha.
"""
msgid = messages.save_msg(frm, to, subj, msg, source_id)
user_details.email = '*****@*****.**' % web.to36(msgid)
user_details.full_msg = compose_msg(to, msg)
user_details.subject = user_details.ptitle
status = writerep(to, user_details, env)
if status: messages.update_msg_status(msgid, status)
return msgid
def send(frm, to, subj, msg, user_details, source_id=None, env={}):
"""
Sends the given `msg` to `to`, with the `user_details` and saves it in DB.
uses `env` if `to` has captcha.
"""
msgid = messages.save_msg(frm, to, subj, msg, source_id)
user_details.email = '*****@*****.**' % web.to36(msgid)
user_details.full_msg = compose_msg(to, msg)
user_details.subject = user_details.ptitle
status = writerep(to, user_details, env)
if status: messages.update_msg_status(msgid, status)
return msgid
def _make_token(user, timestamp):
ts_b36 = web.to36(timestamp)
# By hashing on the internal state of the user and using state
# that is sure to change (the password hash and the last_login)
# we produce a hash that will be invalid as soon as it --or the old
# password-- is used.
# By hashing also a secret key the system cannot be subverted
# even if the database is compromised.
items = [web.config.session_parameters.secret_key,
unicode(user.user_id),
u'@', user.user_password,
unicode(user.user_last_login),
unicode(timestamp)]
hash_code = sha(''.join(items)).hexdigest()
return "%s$%s" % (ts_b36, hash_code)
def _make_token(user, timestamp):
ts_b36 = web.to36(timestamp)
# By hashing on the internal state of the user and using state
# that is sure to change (the password hash and the last_login)
# we produce a hash that will be invalid as soon as it --or the old
# password-- is used.
# By hashing also a secret key the system cannot be subverted
# even if the database is compromised.
items = [
web.config.session_parameters.secret_key,
unicode(user.user_id), u'@', user.user_password,
unicode(user.user_last_login),
unicode(timestamp)
]
hash_code = sha(''.join(items)).hexdigest()
return "%s$%s" % (ts_b36, hash_code)
def POST(self, path):
# Handle cookies
cookies = web.cookies()
clientId = cookies.get('clientId')
if not clientId:
clientId = web.to36(random.randint(1, 4294967295))
web.setcookie('clientId', clientId, self.sessionTimeo)
clientMap[clientId] = {}
clientMap[clientId]['date'] = int(time.time())
myPage = page.Page()
myPage.setTitle(u'Appliance Webgui - Login')
myPage.setCSS('/static/styles.css')
myPage.setBody(self._top())
myPage.setBody(u'<div id="login">')
input = web.input(_method='post')
myPage.setBody(u'Username: %s<br>' % input.username)
myPage.setBody(u'Password: %s<br>' % input.password)
myPage.setBody(u'<a href="/">Go to the main page</a>')
myPage.setBody(u'</div>')
web.output(myPage.output())
def unique_name():
review_count = len(list(edition.get('reviews', [])))
id = web.to36(review_count + 1)
return '%s/review/%s' % (edition.name, id)
def unique_name():
review_count = len(list(edition.get('reviews', [])))
id = web.to36(review_count + 1)
return '%s/review/%s' % (edition.name, id)
