def loginView(request):
if request.user.is_authenticated():
return redirect('website:catalogue')
if request.method == 'POST':
name = request.POST.get('login','')
pw = request.POST.get('password','')
#check if either is only whitespace
if isNoneOrEmptyOrBlankString(name) or isNoneOrEmptyOrBlankString(pw):
return HttpResponseBadRequest('username and/or password is empty')
user = authenticate(username=name,password=pw)
if user is not None:
if user.is_active:
login(request, user)
#go to next or url root(index)
return redirect(request.REQUEST.get('next','/'))
else:
messages.error(request, 'User not found')
return redirect('website:index')
elif request.method == 'GET':
nextPage = request.REQUEST.get('next','/')
if nextPage != '/':
messages.warning(request,"You need to be logged in to view this page")
return render(request, 'authenticate/login.html',{'next':nextPage})
def signup(request):
if request.method == 'POST':
name = request.POST.get('name','')
pw = request.POST.get('password','')
email = request.POST.get('email','')
if not verifyCaptcha(request.POST.get('g-recaptcha-response','')):
messages.error(request, "Captcha could not be validated")
return redirect('website:index')
#check if either is only whitespace
if isNoneOrEmptyOrBlankString(name) or isNoneOrEmptyOrBlankString(pw) or isNoneOrEmptyOrBlankString(email):
return HttpResponseBadRequest('username and/or password is empty')
if len(User.objects(username=name)) != 0:
messages.error(request, "Username" + name + "already taken")
return redirect('website:index')
if len(User.objects(email=email)) != 0:
messages.error(request, "Email" + email + "already taken")
return redirect('website:index')
maxLength = len("IraklisDimitriadis") #this should be a good maxLength
if len(name) > maxLength:
messages.error(request, "Your name is too long. Use less than "+maxLength+" letters.")
return redirect('website:index')
user = User.create_user(name,pw,email)
user.save()
UserExtension(user=user,karma=0).save()
#log user in after registrartion
user = authenticate(username=name,password=pw)
if user is not None:
if user.is_active:
login(request, user)
messages.success(request, 'Your account was created. Click OK to begin using Lemur.')
return redirect('website:catalogue')
elif request.method == 'GET':
return redirect('website:index')
messages.error(request, "The server let's you know, that something unexpected happened.")
return redirect('website:index')
def editComment(request,commentID):
if request.method == 'POST':
comment = CommentPost.objects.get(id=commentID)
if request.user == comment.author or request.user.is_superuser:
newText = request.POST.get('newText','')
if isNoneOrEmptyOrBlankString(newText):
return HttpResponseBadRequest('text field is empty')
newText = escape(newText) #escaping for sanitizing html code in text
#newText = markdown2.markdown(text) #render markdown syntax to html!
if (commentSpamDetection(newText)):
return HttpResponseBadRequest("spam detected.")
comment.rawText = newText
comment.isEdited = True
comment.lastEdit = datetime.datetime.now()
comment.save()
renderOneCommentText(comment.slide.id,comment.page,comment)
return redirect(request.POST.get('redirectURL','website:index'))
else:
return PermissionDenied('Illegal operation')
else:
raise Http404
def postComment(request):
if request.method == 'POST':
text = request.POST.get('commentText','')
if isNoneOrEmptyOrBlankString(text):
return HttpResponseBadRequest('text field is empty')
text = escape(text) #escaping for sanitizing html code in text
#text = markdown2.markdown(text) #render markdown syntax to html!
if (commentSpamDetection(text)):
return HttpResponseBadRequest("spam detected.")
hadTags = False
slideId = request.POST.get('slideId','')
pageNumber = request.POST.get('pageNumber',"1")
slide = Slide.objects.get(id=slideId)
isAnonymous = False
user = request.user
tagData = request.POST.get('TagData','')
tagList = None
if tagData is not '':
hadTags = True
tagList = []
tagNameList = []
tagDataDecoded = json.loads(tagData)
for tag in tagDataDecoded['items']:
tagName = tag['tagName']
#validate inputs
if( float(tag["relCoordLeft"]) > (1-float(tag["relWidth"])) or float(tag["relCoordLeft"]) < 0 or
float(tag["relCoordTop"]) > (1-float(tag["relHeight"])) or float(tag["relCoordTop"]) < 0 or
float(tag["relHeight"]) > 0.6 or float(tag["relHeight"]) < 0.03 or
float(tag['relWidth']) > 0.8 or float(tag['relWidth']) < 0.03 or
len(tagName) > 11 or len(tagName) < 3 or
isDuplicateTag(slideId,pageNumber,tagName)):
return HttpResponseBadRequest("illegal values")
if (tagName in tagNameList):
return HttpResponseBadRequest("duplicate Tag Name")
tagNameList.append(tagName)
relCoords = Coordinate(left=tag["relCoordLeft"],top=tag["relCoordTop"])
relDimensions = Dimensions(height=tag["relHeight"],width=tag['relWidth'])
newTag = SlideTag(tagName=tag['tagName'],color=tag['color'],relCoords=relCoords,relDimensions=relDimensions)
tagList.append(newTag)
if 'anonymous' in request.POST:
#user = None
isAnonymous = True
comment = CommentPost(rawText=text,renderedText=text,author=user,authorExtension=getUserExtension(user),
date=datetime.datetime.now(),authorUserSymbol=getCurrentUserSymbol(request),
rootID=request.POST.get('rootID','None'), isAnonymous=isAnonymous,attachedTags=tagList,
slide=slide, page=pageNumber).save()
comment.strID = str(comment.id) #this is because cancer django can't convert Objects to strings in templates
#handling of (optinal) slide tag
comment.save()
upvoteComment(user,comment) #upvote own comment to make user not able to upvote it afterwards
#render comments
if hadTags:
renderCommentTexts(slideId,pageNumber) #render all comments
else:
renderOneCommentText(slideId,pageNumber,comment)
#remove one Karma, so that posting comments does not increase it
userExtension = getUserExtension(user)
userExtension.karma = userExtension.karma - 1
userExtension.save()
return redirect(request.POST.get('redirectURL','website:index'))
else:
return render(request,'comments.html', generateContext(request,
currentPage=breadcrumbsStringGenerator([('website:catalogue','Catalogue')],'Comment Test'),
additional={'commentList':CommentPost.objects.order_by('-votes','-date')}))
