def post(self): user = database.users.get_current_user() if user and database.get_current_li().verify_xsrf_token(self): item = database.Item() item.title = cgi.escape(database.quick_sanitize(self.request.get('title'))) item.description = cgi.escape(database.sanitizeHTML(self.request.get('description'))) if (len(item.description) > 40): item.summary = item.description[:40].rstrip() + "..." else: item.summary = item.description item.price = float('%.2f' % float(cgi.escape(self.request.get('price')))) item.created_by_id = user.user_id() item.is_active = True item.deactivated = False item.bidding_enabled = bool(self.request.get('bidding_enabled')) item.sponsored = bool(self.request.get('sponsored')) item.is_active = not bool(self.request.get('show_item')) if self.request.get('photo'): image = database.images.resize(self.request.get('photo'), 512, 512) item.image = db.Blob(image) item.expiration_date = database.datetime.date.today() + database.datetime.timedelta(weeks=4) #get 4 weeks of posting key = item.put() item = database.db.get(db.Key.from_path('Item', key.id())) webservices.send_new_item_notification(self, item) database.logging.info("Created a new item.\nTitle: %s\nDescription: %s\nPrice: %s\nCreatedBy: %s", item.title, item.description, item.price, item.created_by_id) self.redirect('/items/') else: self.redirect('/')
def post(self): user = database.users.get_current_user() if user and database.get_current_li().verify_xsrf_token(self): li = database.get_current_li() li.first_name = cgi.escape(database.quick_sanitize(self.request.get('first_name'))) li.last_name = cgi.escape(database.quick_sanitize(self.request.get('last_name'))) li.email = user.email() li.nickname = cgi.escape(database.quick_sanitize(self.request.get('nickname'))) li.private = bool(self.request.get('private')) li.desc = cgi.escape(database.sanitizeHTML(self.request.get('desc'))) li.external_user = False if(self.request.get('avatar')): li.avatar = database.db.Blob(database.images.resize(self.request.get('avatar'), 128, 128)) li.put() database.logging.info("Updating LoginInformation. Info: \nFirst name: %s\nLast Name: %s\nUserID: %s\n", li.first_name, li.last_name, li.user_id) self.redirect(self.request.referer) else: self.redirect('/')
def post(self): user = database.users.get_current_user() current_li = database.get_current_li() if user and current_li and current_li.verify_xsrf_token(self): item = db.get(db.Key.from_path('Item', int(cgi.escape(self.request.get('item_id'))))) if item.created_by_id == current_li.user_id: item.title = cgi.escape(database.quick_sanitize(self.request.get('title'))) item.description = cgi.escape(database.sanitizeHTML(self.request.get('description'))) item.bidding_enabled = bool(self.request.get('bidding_enabled')) if (len(item.description) > 40): item.summary = item.description[:40] + "..." else: item.summary = item.description item.price = float('%.2f' % float(cgi.escape(self.request.get('price')))) item.is_active = not bool(self.request.get('show_item')) item.sponsored = bool(self.request.get('sponsored')) if self.request.get('photo'): item.image = database.db.Blob(database.images.resize(self.request.get('photo'), 512, 512)) database.logging.info("Item #%s changed to:\nTitle: %s\nDescription: %s\nPrice: %f", item.key().id(), item.title, item.description, item.price) item.put() self.redirect('/items/my_items') else: self.redirect('/')
def post(self): user = database.users.get_current_user() li = database.db.GqlQuery("SELECT * FROM LoginInformation WHERE user_id = :1", user.user_id()) #check for duplicates if user and li.count() == 1: li = database.get_current_li() if li.verify_xsrf_token(self): li.first_name = cgi.escape(database.quick_sanitize(self.request.get('first_name'))) li.last_name = cgi.escape(database.quick_sanitize(self.request.get('last_name'))) li.nickname = cgi.escape(database.quick_sanitize(self.request.get("nickname"))) li.private = bool(self.request.get("private")) li.external_user = False li.is_active = True if user.email() == '*****@*****.**' or user.email() == '*****@*****.**': li.is_admin = True else: li.is_admin = database.users.is_current_user_admin() li.desc = cgi.escape(database.sanitizeHTML(self.request.get('desc'))) if(self.request.get('avatar')): li.avatar = database.db.Blob(database.images.resize(self.request.get('avatar'), 128, 128)) li.put() database.logging.info("Saving new LoginInformation. Info:\nFirst name: %s\nLast Name: %s\nUserID: %s\nAdmin: %s\n", li.first_name, li.last_name, li.user_id, li.is_admin) self.redirect('/')