def addcomment (self, body, slug):
# Verify user is logged in.
if (not pageutils.is_logged_in_p()):
raise cherrypy.HTTPRedirect ("/login")
# Remove any leading or trailing spaces from comment text.
body = string.strip(body)
user_id = pageutils.get_user_id()
if (user_id == None):
raise cherrypy.HTTPRedirect ("/login")
try:
# Connect to the database and insert the values.
dbconnection = pgdb.connect (database_connect_fields)
dbcursor = dbconnection.cursor()
dbcursor.execute ("SELECT * FROM articles WHERE slug=%s", [slug])
results = dbcursor.fetchone()
if (results == None):
return pageutils.generate_page ("Invalid Article Specified", "Unable to post comment.")
article_id = results[0] # article_id is the first column in the table.
dbcursor.execute ("INSERT INTO articles (author_id, body, display, refers_to, creation_date) " +
"VALUES (%s, %s, %s, %s, current_timestamp)",
[str(user_id), body, "1", str(article_id)])
dbconnection.commit()
# Close the database cursor and connection.
dbcursor.close()
dbconnection.close()
except:
return pageutils.generate_page ("Invalid SQL Query", "Unable to add comment.")
def processdelete (self, event_id=None):
# Verify user is logged-in admin.
if (not pageutils.is_admin_p()):
raise cherrypy.HTTPRedirect ("/")
# Verify we have an event_id
if (event_id == None):
return pageutils.generate_page ("No Event Id Specified", "Nothing to delete!")
try:
# Connect to the database and delete the given discussion.
dbconnection = pgdb.connect (database_connect_fields)
dbcursor = dbconnection.cursor()
dbcursor.execute ("DELETE FROM events WHERE event_id=%s",
[str(event_id)])
dbconnection.commit()
# Close the database cursor and connection.
dbcursor.close()
dbconnection.close()
except:
return pageutils.generate_page ("Database Error", "Deletion failed!")
return pageutils.generate_page ("Successful Deletion",
"The specified event has been deleted.")
def process (self, body=None, subject=None, refers_to=None):
# Verify user is logged in.
if (not pageutils.is_logged_in_p()):
raise cherrypy.HTTPRedirect ("/login/access")
# FIXME: Make sure we have all of the data we need in the form.
# Remove any leading or trailing spaces from comment text.
if (body <> None):
body = string.strip(body)
if (subject <> None):
subject = string.strip(subject)
# Make sure refers_to, if it exists, is an integer.
if (refers_to <> None):
try:
refers_to = str(int(refers_to))
except:
return pageutils.generate_page ("Invalid Reference",
"<div class=\"error\">Unable to add discussion element.</div>\n")
user_id = pageutils.get_user_id()
if (user_id == None):
raise cherrypy.HTTPRedirect ("/login/access")
# Insert the discussion / comment into the database.
try:
# Connect to the database and insert the values.
dbconnection = pgdb.connect (database_connect_fields)
dbcursor = dbconnection.cursor()
# Category value currently unused; default to 0.
# Is this a top-level discussion?
if (refers_to == None):
dbcursor.execute ("INSERT INTO discussions (category, author_id, subject, body, display, creation_date) " +
"VALUES (%s, %s, %s, %s, %s, current_timestamp)",
["0", str(user_id), subject, body, "1"])
# Or is this a reply?
else:
dbcursor.execute ("INSERT INTO discussions (refers_to, category, author_id, subject, body, display, creation_date) " +
"VALUES (%s, %s, %s, %s, %s, %s, current_timestamp)",
[str(refers_to), "0", str(user_id), subject, body, "1"])
dbconnection.commit()
# Close the database cursor and connection.
dbcursor.close()
dbconnection.close()
except:
return pageutils.generate_page ("Database Error",
"<div class=\"error\">Unable to add discussion element.</div>\n")
if (refers_to == None):
raise cherrypy.HTTPRedirect ("/discussions/")
else:
raise cherrypy.HTTPRedirect ("/discussions/" + str(refers_to))
def new (self, edit=False, title=None, slug=None, display=None, body=None, article_id=None):
# Verify user is logged-in admin.
if (not pageutils.is_admin_p()):
raise cherrypy.HTTPRedirect ("/")
# Form to create new article.
pagecontents = ""
if (edit):
pagecontents += "<form action=\"/admin/articles/processedit\" method=\"post\">"
else:
pagecontents += "<form action=\"/admin/articles/processnew\" method=\"post\">"
pagecontents += "<b>Title</b>:"
pagecontents += "<br>"
if (edit):
pagecontents += "<input type=\"text\" name=\"title\" value=\"" + str(title) + "\">"
else:
pagecontents += "<input type=\"text\" name=\"title\">"
pagecontents += "<br><br>\n"
pagecontents += "<b>Slug</b>:"
pagecontents += "<br>"
if (edit):
pagecontents += "<input type=\"text\" name=\"slug\" value=\"" + str(slug) + "\">"
else:
pagecontents += "<input type=\"text\" name=\"slug\">"
pagecontents += "<br><br>"
pagecontents += "<b>Display Mode</b>:"
pagecontents += "<br>"
pagecontents += "<select name=\"display\">\n"
pagecontents += "<option value=\"0\">Do not display</option>\n"
pagecontents += "<option value=\"1\">Display with no comments</option>\n"
pagecontents += "<option value=\"2\" selected=\"selected\">Display with comments (default)</option>\n"
pagecontents += "</select>\n"
pagecontents += "<br><br>"
pagecontents += "<b>Body</b>:"
pagecontents += "<br>"
if (edit):
pagecontents += "<textarea cols=80 rows=10 name=\"body\">" + str(body) +"</textarea>\n"
else:
pagecontents += "<textarea cols=80 rows=10 name=\"body\"></textarea>\n"
pagecontents += "<br><br>"
if (edit):
pagecontents += "<input type=\"hidden\" name=\"article_id\" value=\"" + str(article_id) + "\">"
if (edit):
pagecontents += "<input type=\"submit\" value=\"Submit Changes\">"
else:
pagecontents += "<input type=\"submit\" value=\"Create New Article\">"
pagecontents += "</form>"
if (edit):
return pageutils.generate_page ("Edit Article", pagecontents)
else:
return pageutils.generate_page ("Create New Article", pagecontents)
def index (self, accessviolation=None, errornotfound=False, errorbadpassword=False):
pagetext = ""
# Check to see if we've been redirected here from an access violation.
if (accessviolation <> None):
pagetext += "<div class=\"notice\"><h2>Notice</h2>You must be logged in to access that page.</div><br><br>\n"
# Check to see if we've been here before, with bad user input.
if (errornotfound or errorbadpassword):
pagetext += "<div class=\"error\"><h2>Error</h2><ul>\n"
if (errornotfound):
pagetext += "<li>Email address not found. Have you <a href=\"/register\">registered</a> yet?</li>\n"
if (errorbadpassword):
pagetext += "<li>Incorrect password provided.</li>\n"
pagetext += "</ul></div><br><br>\n"
# Build the login form.
pagetext += "<form action=\"/login/process\" method=\"post\">"
pagetext += "<b>Email Address</b>:"
pagetext += "<br>"
pagetext += "<input type=\"text\" name=\"email\">"
pagetext += "<br><br>"
pagetext += "<b>Password</b>:"
pagetext += "<br>"
pagetext += "<input type=\"password\" name=\"password\">"
pagetext += "<br><br>"
pagetext += "<input type=\"submit\" value=\"Log In\">"
pagetext += "</form>"
# FIXME: offer to send a new password to the user's email address.
return pageutils.generate_page ("Log In", pagetext)
def delete (self, event_id=None):
# Verify user is logged-in admin
if (not pageutils.is_admin_p()):
raise cherrypy.HTTPRedirect ("/")
pagetext = "<p><a href=\"/admin/events/processdelete/" + str(event_id) + "\">Confirm event deletion</a></p>\n"
return pageutils.generate_page ("Confirm Deletion", pagetext)
def process(
self,
title=None,
description=None,
start_month=None,
start_day=None,
start_year=None,
end_month=None,
end_day=None,
end_year=None,
):
# Verify user is logged in.
if not pageutils.is_logged_in_p():
raise cherrypy.HTTPRedirect("/login")
# Make sure the title and description are present.
if title == None or description == None:
return self.index(missing=True, title=title, description=description)
# Prepare start/end date strings.
start_date = start_year + "-" + start_month + "-" + start_day
end_date = None
if end_year <> "" and end_month <> "" and end_day <> "":
end_date = end_year + "-" + end_month + "-" + end_day
# Get the user_id.
user_id = str(pageutils.get_user_id())
# Insert the event into the database.
try:
# Connect to the database and insert the values.
dbconnection = pgdb.connect(database_connect_fields)
dbcursor = dbconnection.cursor()
# Category value currently unused; default to 0.
if end_date <> None:
dbcursor.execute(
"INSERT INTO events (category, author_id, creation_date, title, "
+ "description, start_date, end_date, display) "
+ "VALUES (%s, %s, current_timestamp, %s, %s, %s, %s, %s)",
["0", user_id, title, description, start_date, end_date, "1"],
)
else:
dbcursor.execute(
"INSERT INTO events (category, author_id, creation_date, title, "
+ "description, start_date, display) "
+ "VALUES (%s, %s, current_timestamp, %s, %s, %s, %s)",
["0", user_id, title, description, start_date, "1"],
)
dbconnection.commit()
# Close the database cursor and connection.
dbcursor.close()
dbconnection.close()
except:
return pageutils.generate_page("Database Error", '<div class="error">Unable to add event.</div>\n')
raise cherrypy.HTTPRedirect("/events/")
def processnew (self, title=None, slug=None, display=None, body=None, article_id=None,
edit=False):
# Verify user is logged-in admin.
if (not pageutils.is_admin_p()):
raise cherrypy.HTTPRedirect ("/")
# If we got to this page through the /admin/articles/new form, all fields
# should be filled in. If they aren't, something unexpected happened, and
# we shouldn't continue processing the form.
if (title == None or slug == None or display == None or body == None):
return pageutils.generate_page ("Invalid Input for New Article",
"Invalid Input for New Article!")
else:
# Remove any leading or trailing spaces.
title = string.strip (title)
slug = string.strip (slug)
body = string.strip (body)
display = string.strip (display)
author_id = pageutils.get_user_id()
try:
# Connect to the database and insert the values.
dbconnection = pgdb.connect (database_connect_fields)
dbcursor = dbconnection.cursor()
if (edit):
if (article_id == None):
return pageutils.generate_page ("No Article Id Specified",
"No Article Id Specified")
dbcursor.execute ("UPDATE articles SET title=%s, slug=%s, body=%s, display=%d WHERE article_id=%d",
[title, slug, body, int(display), int(article_id)])
else:
dbcursor.execute ("INSERT INTO articles (title, author_id, slug, body, display, creation_date) " +
"VALUES (%s, %s, %s, %s, %s, current_timestamp)",
[title, author_id, slug, body, display])
dbconnection.commit()
# Close the database cursor and connection.
dbcursor.close()
dbconnection.close()
except:
return pageutils.generate_page ("Invalid SQL Query", "Invalid SQL Query!")
raise cherrypy.HTTPRedirect ("/admin/articles/")
def comment (self, article_slug=None):
# Verify user is logged in.
if (not pageutils.is_logged_in_p()):
raise cherrypy.HTTPRedirect ("/login")
if (article_slug == None):
return pageutils.generate_page ("No Article Specified", "Unable to add comment.")
# Form to add a comment.
pagecontents = ""
pagecontents += "<form action=\"/articles/addcomment\" method=\"post\">"
pagecontents += "<textarea cols=80 rows=10 name=\"body\"></textarea>\n"
pagecontents += "<br><br>"
pagecontents += "<input type=\"hidden\" name=\"slug\" value=\"" + str(article_slug) + "\">"
pagecontents += "<input type=\"submit\" value=\"Add Comment\">"
pagecontents += "</form>"
pagecontents += pageutils.generate_disclaimer()
return pageutils.generate_page ("Add a comment", pagecontents)
def reply (self, discussion_id=None):
# Verify user is logged in.
if (not pageutils.is_logged_in_p()):
raise cherrypy.HTTPRedirect ("/login")
# Verify a discussion_id was supplied, so we know where this comment goes.
if (discussion_id == None):
return pageutils.generate_page ("Discussion Reference Missing",
"<div class=\"error\"><p>Unable to add comment.</p></div>")
pagetext = ""
pagetitle = "Add a Reply"
pagetext += "<form action=\"/discussions/process\" method=\"post\">"
pagetext += "<textarea cols=80 rows=10 name=\"body\"></textarea>\n"
pagetext += "<br><br>"
pagetext += "<input type=\"hidden\" name=\"refers_to\" value=\"" + (str(discussion_id)) + "\">\n"
pagetext += "<input type=\"submit\" value=\"Add Comment\">"
pagetext += "</form>"
pagetext += pageutils.generate_disclaimer()
return pageutils.generate_page (pagetitle, pagetext)
def index (self):
# Verify user is logged-in admin.
if (not pageutils.is_admin_p()):
raise cherrypy.HTTPRedirect ("/")
description = None
results = None
# Try to connect to the database.
try:
dbconnection = pgdb.connect (database_connect_fields)
dbcursor = dbconnection.cursor()
dbcursor.execute ("SELECT * FROM articles")
# Get the cursor description and results from the query.
description = dbcursor.description
results = dbcursor.fetchall()
# Close the database cursor and connection.
dbcursor.close()
dbconnection.close()
except:
pass
pagecontents = "<p><a href=\"/admin/articles/new\">Create New Article</a></p>\n"
pagecontents += "<h3>Article Listing</h3>\n"
pagecontents += "<ul>\n"
if (results == []):
pagecontents += "<li>No articles found in database.</li>\n"
for result in results:
try:
title = result[sqlutils.getfieldindex ("title", description)]
slug = result[sqlutils.getfieldindex ("slug", description)]
article_id = result[sqlutils.getfieldindex ("article_id", description)]
pagecontents += "<li><a href=\"/admin/articles/edit/" + slug + "\">" + title + "</a>\n"
pagecontents += "[<a href=\"/admin/articles/delete/" + article_id + "\">Delete</a>]</li>\n"
except:
pass
pagecontents += "</ul>\n"
# Present listing of all articles.
return pageutils.generate_page ("Articles Administration", pagecontents)
def new (self):
# Verify user is logged in.
if (not pageutils.is_logged_in_p()):
raise cherrypy.HTTPRedirect ("/login/access")
pagetext = ""
pagetitle = "Start a New Discussion"
pagetext += "<form action=\"/discussions/process\" method=\"post\">"
pagetext += "<b>Subject</b>:"
pagetext += "<br>"
pagetext += "<input type=\"text\" name=\"subject\">\n"
pagetext += "<br><br>"
pagetext += "<b>Message</b>:\n<br>\n"
pagetext += "<textarea cols=80 rows=10 name=\"body\"></textarea>\n"
pagetext += "<br><br>"
pagetext += "<input type=\"submit\" value=\"Start New Discussion\">"
pagetext += "</form>"
pagetext += pageutils.generate_disclaimer()
return pageutils.generate_page (pagetitle, pagetext)
def process (self, name=None, email=None, password=None, passwordverify=None, url=None):
# If we got to this page through the /register form, all fields should be filled
# in, with the possible exception of URL, which is optional. If they aren't all
# filled in, then something unexpected happened, and we shouldn't continue processing
# the form.
if (name == None or email == None or password == None or passwordverify == None):
return self.index (errormissing = True, name=name, email=email,
password=password, passwordverify=passwordverify,
url=url)
else:
# Store original values as given in case we need to represent the form.
originalname = name
originalemail = email
originalpassword = password
originalpasswordverify = passwordverify
originalurl = url
# Remove any leading/trailing spaces.
name = string.strip(name)
email = string.strip(email)
password = string.strip(password)
passwordverify = string.strip(passwordverify)
url = string.strip(url)
level = "1" # default level for regular user.
# Verify all required fields are filled in.
if (name == '' or email == '' or password == '' or passwordverify == ''):
return self.index (errormissing = True, name=originalname, email=originalemail,
password=originalpassword, passwordverify=originalpasswordverify,
url=originalurl)
# Verify email address is plausibly valid.
if (re.match (pageutils.emailregex, email) == None):
return self.index (erroremail = True, name=originalname, email=originalemail,
password=originalpassword, passwordverify=originalpasswordverify,
url=originalurl)
# Verify passwords match.
if (password <> passwordverify):
return self.index (errorverify = True, name=originalname, email=originalemail,
password=originalpassword, passwordverify=originalpasswordverify,
url=originalurl)
# Encypt the password. Once we do this, we can't get the original
# password back out of the database, so we can't send the original
# password back to the user if they lose it. We can generate a new
# password and send them that.
password = crypt.crypt (password, "23")
# Add http:// to the URL if needed.
if (url[0:7] =="http://" or url == ""):
pass
else:
url = "http://" + url
# Ensure that email address hasn't already been used in database.
try:
dbconnection = pgdb.connect (database_connect_fields)
dbcursor = dbconnection.cursor()
dbcursor.execute ("SELECT * FROM users WHERE email=%s", [email])
results = dbcursor.fetchone()
# Close the database cursor and connection.
dbcursor.close()
dbconnection.close()
if (results <> None):
return self.index (errorduplicate=True, name=originalname, email=originalemail,
password=originalpassword, passwordverify=originalpasswordverify,
url=originalurl)
except:
return pageutils.generate_page ("Database Error", "Database Error")
try:
# Connect to the database and insert the values.
dbconnection = pgdb.connect (database_connect_fields)
dbcursor = dbconnection.cursor()
dbcursor.execute ("INSERT INTO users (name, email, password, url, level) " +
"VALUES (%s, %s, %s, %s, %s)",
[name, email, password, url, level])
dbconnection.commit()
# Now fetch the user_id so we can automatically log the user in.
dbcursor.execute ("SELECT * FROM users WHERE email=%s", [email])
description = dbcursor.description
results = dbcursor.fetchone()
user_id = None
user_level = 0
try:
user_id = results[sqlutils.getfieldindex ("user_id", description)]
user_level = results[sqlutils.getfieldindex ("level", description)]
except:
pass
pageutils.set_logged_in (user_id, (user_level > 1))
# Close the database cursor and connection.
dbcursor.close()
dbconnection.close()
except:
# FIXME: this is a public user page; provide more interesting feedback in this event.
return pageutils.generate_page ("Invalid SQL Query", "Invalid SQL Query!")
raise cherrypy.HTTPRedirect ("/register/thanks")
def index (self, errormissing=False, errorverify=False, errorduplicate=False, erroremail=False,
name=None, email=None, password=None, passwordverify=None, url=None):
pagetext = ""
# Handle error cases from previous attempts.
if (errormissing or errorverify or errorduplicate or erroremail):
pagetext += "<div class=\"error\"><h2>Error</h2>\n"
pagetext += "<ul>\n"
if (errormissing):
pagetext += "<li>Please complete all required fields.</li>\n"
if (errorverify):
pagetext += "<li>Both Password entries must match, to ensure password is stored correctly.</li>\n"
if (errorduplicate):
pagetext += "<li>Email address provided already on record; perhaps you already have an account and just need to <a href=\"/login\">log in</a>?</li>\n"
if (erroremail):
pagetext += "<li>Please enter a valid email address, in the form: [email protected]</li>\n"
pagetext += "</ul></div>\n"
pagetext += """
<p>
In order to participate in this web site's discussion forums
and post your comments on articles, we ask that you register as
a user on the site.
</p>
<p>
Registration is free, and we only require
you to give us your name (as you want it to appear on the site),
your email address (which will not appear on the site), and select
a password to use for logging in.
</p>
<p>
You may also provide us with the address of your website, if you
have one. This information is optional.
</p>"""
pagetext += "<form action=\"/register/process\" method=\"post\">"
pagetext += "<b>Name</b>:"
pagetext += "<br>"
if (name):
pagetext += "<input type=\"text\" name=\"name\" value=\"" + name + "\">"
else:
pagetext += "<input type=\"text\" name=\"name\">"
pagetext += "<br><br>"
pagetext += "<b>Email Address</b>:"
pagetext += "<br>"
if (email):
pagetext += "<input type=\"text\" name=\"email\" value=\"" + email + "\">"
else:
pagetext += "<input type=\"text\" name=\"email\">"
pagetext += "<br><br>"
pagetext += "<b>Password</b>:"
pagetext += "<br>"
if (password):
pagetext += "<input type=\"password\" name=\"password\" value=\"" + password + "\">"
else:
pagetext += "<input type=\"password\" name=\"password\">"
pagetext += "<br><br>"
pagetext += "<b>Password</b> (enter again to verify):"
pagetext += "<br>"
if (passwordverify):
pagetext += "<input type=\"password\" name=\"passwordverify\" value=\"" + passwordverify + "\">"
else:
pagetext += "<input type=\"password\" name=\"passwordverify\">"
pagetext += "<br><br>"
pagetext += "<b>Website</b>: (optional)"
pagetext += "<br>"
if (url):
pagetext += "<input type=\"text\" name=\"url\" value=\"" + url + "\">"
else:
pagetext += "<input type=\"text\" name=\"url\">"
pagetext += "<br><br>"
pagetext += "<input type=\"submit\" value=\"Register!\">"
pagetext += "</form>"
return pageutils.generate_page ("Register as a New User", pagetext)
def index (self, article_slug=None):
# If article_slug is None, display main article table of contents.
# Else, display specified article.
# Available to all, logged in or not.
if (article_slug == None):
article_slug = "map"
description = None
results = None
comments_description = None
comments_results = None
author_results = []
author_description = None
# Get article, comment, and comment-author data from database.
try:
# Try to connect to the database.
dbconnection = pgdb.connect (database_connect_fields)
dbcursor = dbconnection.cursor()
dbcursor.execute ("SELECT * FROM articles WHERE slug=%s", [article_slug])
# Get the cursor description and results from the query.
description = dbcursor.description
results = dbcursor.fetchone()
# Get any comments for the article.
if (results <> None):
dbcursor.execute ("SELECT * FROM articles WHERE refers_to=%s",
[str(results[sqlutils.getfieldindex ("article_id", description)])])
comments_description = dbcursor.description
comments_results = dbcursor.fetchall()
# Store the user info for the author of the comment, for use when we display the comment.
for result in comments_results:
dbcursor.execute ("SELECT * FROM users WHERE user_id=%s",
[str(result[sqlutils.getfieldindex ("author_id", comments_description)])])
author_description = dbcursor.description
author_results.append (dbcursor.fetchone())
# Close the database cursor and connection.
dbcursor.close()
dbconnection.close()
except:
pass
if (results == None):
# The "welcome" article is the main front page. We need to have this page.
if (article_slug == "welcome"):
return pageutils.generate_page ("Welcome",
"You will need to create an article with the slug: welcome")
# We also need a "map" page.
elif (article_slug == "map"):
return pageutils.generate_page ("Map",
"You will need to create an article with the slug: map")
else:
raise cherrypy.HTTPRedirect ("/404")
# Obtain the article title from the database results.
pagetitle = ""
try:
pagetitle += results[sqlutils.getfieldindex ("title", description)]
except:
pagetitle = "Database Error."
# Obtain the article body from the database results.
pagetext = ""
try:
pagetext += results[sqlutils.getfieldindex ("body", description)]
except:
pagetext += "<p>Database Error.</p>"
# Do we want to show comments on this page?
try:
if (int(results[sqlutils.getfieldindex ("display", description)]) > 1):
pagetext += "<hr><h3>User Comments</h3>"
# Do we have any comments to show?
if (comments_results <> None):
for result in comments_results:
pagetext += "<p>"
pagetext += result[sqlutils.getfieldindex ("body", comments_description)]
for author in author_results:
if author == None:
continue
# Find the author info to display.
if author[0] == result[sqlutils.getfieldindex ("author_id", comments_description)]:
pagetext += "<p><i>posted by " + author[sqlutils.getfieldindex ("name", author_description)]
pagetext += " on " + result[sqlutils.getfieldindex ("creation_date", comments_description)] + "</i></p>\n"
break
# If the user is admin, post link to delete the comment.
if (pageutils.is_admin_p()):
pagetext += ("<p>[<a href=\"/admin/articles/delete/" +
str(result[sqlutils.getfieldindex ("article_id", comments_description)]) +
"\">Delete Comment</a>]</p>\n")
pagetext += "</p>"
pagetext += "<hr width=50%>\n"
# If user is logged in, post link to add a comment.
if (pageutils.is_logged_in_p()):
pagetext += "<p><a href=\"/articles/comment/" + article_slug + "\">Add a comment</a></p>\n"
else:
pagetext += "<p><a href=\"/login\">Log in</a> to add a comment</a></p>\n"
except:
pass
# Build the whole page and return it.
return pageutils.generate_page (pagetitle, pagetext)
def edit (self, article_slug = None):
# Verify user is logged-in admin.
if (not pageutils.is_admin_p()):
raise cherrypy.HTTPRedirect ("/")
# Verify we have an article to work with.
if (article_slug == None):
raise cherrypy.HTTPRedirect ("/articles/")
description = None
results = None
# Try to connect to the database.
try:
dbconnection = pgdb.connect (database_connect_fields)
dbcursor = dbconnection.cursor()
dbcursor.execute ("SELECT * FROM articles WHERE slug=%s", [article_slug])
# Get the cursor description and results from the query.
description = dbcursor.description
results = dbcursor.fetchone()
# Close the database cursor and connection.
dbcursor.close()
dbconnection.close()
except:
pass
if (results == None):
return pageutils.generate_page ("Invalid Article Specified", "Invalid Article Specified")
# Obtain the article title from the database results.
title = ""
try:
title = results[sqlutils.getfieldindex ("title", description)]
except:
pass
# Obtain the article body from the database results.
body = ""
try:
body = results[sqlutils.getfieldindex ("body", description)]
except:
pass
# Obtain the article display value.
display = ""
try:
display = str(results[sqlutils.getfieldindex ("display", description)])
except:
pass
# Obtain the article_id.
article_id = ""
try:
article_id = str(results[sqlutils.getfieldindex ("article_id", description)])
except:
pass
slug = article_slug
return self.new (edit=True, title=title, body=body, display=display, slug=slug, article_id=article_id)
def new(self, missing=False, title=None, description=None):
# Create new event, available to logged in users.
# Verify user is logged in.
if not pageutils.is_logged_in_p():
raise cherrypy.HTTPRedirect("/login")
# Form to create new event.
pagecontents = ""
if missing:
pagecontents += '<div class="error"><h2>Error</h2>Be sure to fill in both the '
pagecontents += "title and description fields.</div>\n"
pagecontents += '<form action="/events/process" method="post">'
pagecontents += "<b>Title</b>:"
pagecontents += "<br>"
pagecontents += '<input type="text" '
if title <> None:
pagecontents += 'value="' + title + '" '
pagecontents += 'name="title">'
pagecontents += "<br><br>\n"
pagecontents += "<b>Description</b>:"
pagecontents += "<br>"
pagecontents += '<textarea cols=80 rows=10 name="description">'
if description <> None:
pagecontents += description
pagecontents += "</textarea>\n"
pagecontents += "<br><br>"
pagecontents += "<b>Start Date</b>:"
pagecontents += "<br>"
pagecontents += '<select name="start_month">\n'
for month in [
["01", "January"],
["02", "February"],
["03", "March"],
["04", "April"],
["05", "May"],
["06", "June"],
["07", "July"],
["08", "August"],
["09", "September"],
["10", "October"],
["11", "November"],
["12", "December"],
]:
pagecontents += '<option value="' + month[0] + '">' + month[1] + "</option>\n"
pagecontents += "</select>\n"
pagecontents += '<select name="start_day">\n'
for day in [
"01",
"02",
"03",
"04",
"05",
"06",
"07",
"08",
"09",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
]:
pagecontents += '<option value="' + day + '">' + day + "</option>\n"
pagecontents += "</select>\n"
pagecontents += '<select name="start_year">\n'
for year in ["2009", "2010", "2011", "2012"]:
pagecontents += '<option value="' + year + '">' + year + "</option>\n"
pagecontents += "</select>\n"
pagecontents += "<br><br>\n"
pagecontents += "<b>End Date</b>: (<i>Leave blank for one-day events</i>)"
pagecontents += "<br>"
pagecontents += '<select name="end_month">\n'
for month in [
["", ""],
["01", "January"],
["02", "February"],
["03", "March"],
["04", "April"],
["05", "May"],
["06", "June"],
["07", "July"],
["08", "August"],
["09", "September"],
["10", "October"],
["11", "November"],
["12", "December"],
]:
pagecontents += '<option value="' + month[0] + '">' + month[1] + "</option>\n"
pagecontents += "</select>\n"
pagecontents += '<select name="end_day">\n'
for day in [
"",
"01",
"02",
"03",
"04",
"05",
"06",
"07",
"08",
"09",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
]:
pagecontents += '<option value="' + day + '">' + day + "</option>\n"
pagecontents += "</select>\n"
pagecontents += '<select name="end_year">\n'
for year in ["", "2009", "2010", "2011", "2012"]:
pagecontents += '<option value="' + year + '">' + year + "</option>\n"
pagecontents += "</select>\n"
pagecontents += "<br><br>\n"
pagecontents += '<input type="submit" value="Create New Event">'
pagecontents += "</form>"
pagecontents += pageutils.generate_disclaimer()
return pageutils.generate_page("Create New Event", pagecontents)
def index(self, event_id=None):
# If event_id is None, display main event table of contents.
# Else, display specified event details.
# Available to all, logged in or not.
# Build table of contents.
if event_id == None:
description = None
results = None
# Get event listing from database
try:
# Try to connect to the database.
dbconnection = pgdb.connect(database_connect_fields)
dbcursor = dbconnection.cursor()
dbcursor.execute("SELECT * FROM events ORDER BY start_date")
# Get the cursor description and results from the query.
description = dbcursor.description
results = dbcursor.fetchall()
# Close the database cursor and connection.
dbcursor.close()
dbconnection.close()
except:
return pageutils.generate_page("Database Error", '<div class="error">Can\'t get event data.</div>\n')
# Build the page.
pagetext = ""
if pageutils.is_logged_in_p():
pagetext += '<a href="/events/new">Add New Event</a>\n'
else:
pagetext += '<a href="/login">Log In</a> to add a new event</a>\n'
pagetext += "<ul>\n"
most_recent_month = None
most_recent_year = None
for result in results:
start_date = result[sqlutils.getfieldindex("start_date", description)]
end_date = result[sqlutils.getfieldindex("end_date", description)]
if most_recent_year <> pageutils.get_year(start_date):
most_recent_year = pageutils.get_year(start_date)
pagetext += "</ul><h2>" + str(most_recent_year) + "</h2><ul>\n"
if most_recent_month <> pageutils.get_month(start_date):
most_recent_month = pageutils.get_month(start_date)
pagetext += "</ul><h3>" + most_recent_month + "</h3><ul>\n"
pagetext += (
"<li>"
+ '<a href="/events/'
+ str(result[sqlutils.getfieldindex("event_id", description)])
+ '">'
+ result[sqlutils.getfieldindex("title", description)]
+ "</a> ("
+ str(pageutils.get_month(start_date))
+ " "
+ str(pageutils.get_day(start_date))
)
if result[sqlutils.getfieldindex("end_date", description)] <> None:
pagetext += " - " + pageutils.get_month(end_date) + " " + str(pageutils.get_day(end_date))
pagetext += ")</li>\n"
pagetext += "</ul>\n"
return pageutils.generate_page("Events", pagetext)
# Show specific event.
else:
description = None
result = None
# Get event listing from database
try:
# Try to connect to the database.
dbconnection = pgdb.connect(database_connect_fields)
dbcursor = dbconnection.cursor()
dbcursor.execute("SELECT * FROM events WHERE event_id=%s", [str(event_id)])
# Get the cursor description and results from the query.
description = dbcursor.description
result = dbcursor.fetchone()
# Close the database cursor and connection.
dbcursor.close()
dbconnection.close()
except:
return pageutils.generate_page("Database Error", '<div class="error">Can\'t get event data.</div>\n')
# Build the page.
pagetext = ""
start_date = result[sqlutils.getfieldindex("start_date", description)]
end_date = result[sqlutils.getfieldindex("end_date", description)]
pagetext += "<h3>" + pageutils.get_month(start_date) + " " + str(pageutils.get_day(start_date))
if end_date <> None:
pagetext += " - " + pageutils.get_month(end_date) + " " + str(pageutils.get_day(end_date))
pagetext += ", " + pageutils.get_year(end_date)
else:
pagetext += ", " + pageutils.get_year(start_date)
pagetext += "</h3>\n"
pagetext += "<p>" + result[sqlutils.getfieldindex("description", description)]
pagetitle = result[sqlutils.getfieldindex("title", description)]
if pageutils.is_admin_p():
pagetext += (
'<p>[<a href="/admin/events/delete/'
+ str(result[sqlutils.getfieldindex("event_id", description)])
+ '">Delete Event</a>]</p>'
)
return pageutils.generate_page(pagetitle, pagetext)
def index (self, discussion_id=None):
# If discussion_id is None, display main discussion table of contents.
# Else, display specified discussion.
# Available to all, logged in or not.
# Toplevel index.
if (discussion_id == None):
description = None
results = None
author_description = None
author_results = []
# Get discussion listing from database
try:
# Try to connect to the database.
dbconnection = pgdb.connect (database_connect_fields)
dbcursor = dbconnection.cursor()
dbcursor.execute ("SELECT * FROM discussions WHERE refers_to IS null ORDER BY creation_date")
# Get the cursor description and results from the query.
description = dbcursor.description
results = dbcursor.fetchall()
# Get and store the user (author) data.
for result in results:
dbcursor.execute ("SELECT * FROM users WHERE user_id=%s",
[str(result[sqlutils.getfieldindex("author_id", description)])])
if (dbcursor.description <> None):
author_description = dbcursor.description
author_results.append (dbcursor.fetchone())
# Close the database cursor and connection.
dbcursor.close()
dbconnection.close()
except:
return pageutils.generate_page ("Database Error",
"<div class=\"error\">Can't get discussion data.</div>\n")
# Build the page.
pagetext = ""
if (pageutils.is_logged_in_p()):
pagetext += "<a href=\"/discussions/new\">Start New Discussion</a>\n"
else:
pagetext += "<a href=\"/login\">Log In</a> to start a new discussion</a>\n"
pagetext += "<ul>\n"
for result in results:
pagetext += "<li>\n"
pagetext += ("<a href=\"/discussions/" +
str(result[sqlutils.getfieldindex ("discussion_id", description)]) +
"\">" + result[sqlutils.getfieldindex ("subject", description)] + "</a> (posted by ")
for author in author_results:
if author == None:
continue
if author[0] == result[sqlutils.getfieldindex ("author_id", description)]:
pagetext += author[sqlutils.getfieldindex ("name", author_description)]
pagetext += " on " + result[sqlutils.getfieldindex ("creation_date", description)] + ")\n"
pagetext += "</li>\n"
pagetext += "</ul>\n"
return pageutils.generate_page ("Discussions", pagetext)
# Display a specific discussion.
else:
# Make sure we have a potentially-valid discussion id.
try:
discussion_id = str(int(discussion_id))
except:
return pageutils.generate_page ("Invalid Discussion",
"<div class=\"error\">Can't present the requested discussion.</div>\n")
description = None
results = None
reply_results = []
author_description = None
author_results = []
# Get discussion listing from database
try:
# Try to connect to the database.
dbconnection = pgdb.connect (database_connect_fields)
dbcursor = dbconnection.cursor()
dbcursor.execute ("SELECT * FROM discussions WHERE discussion_id=%s", [discussion_id])
description = dbcursor.description
results = dbcursor.fetchone()
# Get the user (author) data for the main discussion.
dbcursor.execute ("SELECT * FROM users WHERE user_id=%s",
[str(results[sqlutils.getfieldindex("author_id", description)])])
author_description = dbcursor.description
author_results.append (dbcursor.fetchone())
# Get any comments/replies for this discussion thread.
dbcursor.execute ("SELECT * FROM discussions WHERE refers_to=%s", [discussion_id])
reply_results = dbcursor.fetchall()
# Get and store the user (author) data.
for result in reply_results:
dbcursor.execute ("SELECT * FROM users WHERE user_id=%s",
[str(result[sqlutils.getfieldindex("author_id", description)])])
author_results.append (dbcursor.fetchone())
# Close the database cursor and connection.
dbcursor.close()
dbconnection.close()
except:
return pageutils.generate_page ("Database Error",
"<div class=\"error\">Can't get discussion data.</div>\n")
# Build page.
pagetitle = results[sqlutils.getfieldindex("subject", description)]
pagetext = "<p>" + results[sqlutils.getfieldindex("body", description)] + "</p>\n"
for author in author_results:
if author == None:
continue
# Find the author info to display.
if author[0] == results[sqlutils.getfieldindex ("author_id", description)]:
pagetext += "<p><i>posted by " + author[sqlutils.getfieldindex ("name", author_description)]
pagetext += (" on " + results[sqlutils.getfieldindex ("creation_date", description)] +
"</i></p>\n")
break
if (pageutils.is_admin_p()):
pagetext += ("<p>[<a href=\"/admin/discussions/delete/" +
str(results[sqlutils.getfieldindex("discussion_id", description)]) +
"\">Delete Discussion</a>]</p>")
pagetext += "<hr width=\"50%\">\n"
pagetext += "<h3>Replies</h3>\n"
# Do we have any replies to show?
if (reply_results <> None):
for result in reply_results:
pagetext += "<p>"
pagetext += result[sqlutils.getfieldindex ("body", description)]
for author in author_results:
if author == None:
continue
# Find the author info to display.
if author[0] == result[sqlutils.getfieldindex ("author_id", description)]:
pagetext += "<p><i>posted by " + author[sqlutils.getfieldindex ("name", author_description)]
pagetext += (" on " +
result[sqlutils.getfieldindex ("creation_date", description)] +
"</i></p>\n")
break
pagetext += "</p>\n"
# If the user is admin, post link to delete the reply.
if (pageutils.is_admin_p()):
pagetext += ("<p>[<a href=\"/admin/discussions/delete/" +
str(result[sqlutils.getfieldindex ("discussion_id", description)]) +
"\">Delete Reply</a>]</p>\n")
pagetext += "<hr width=50%>\n"
# If user is logged in, post link to add a reply.
if (pageutils.is_logged_in_p()):
pagetext += "<p><a href=\"/discussions/reply/" + discussion_id + "\">Add a reply</a></p>\n"
else:
pagetext += "<p><a href=\"/login\">Log in</a> to add a reply</a></p>\n"
# Generate page
return pageutils.generate_page (pagetitle, pagetext)
def complete (self):
return pageutils.generate_page ("Logged Out",
"You are now logged out. Thanks for using CedarRapidsOnline!")
def thanks (self):
if (pageutils.is_logged_in_p()):
return pageutils.generate_page ("Thanks for Registering!",
"<div class=\"notice\">Your account is active!</div>\n")
else:
raise cherrypy.HTTPRedirect ("/register")
def default (self, parameter=None):
if (parameter == "404"):
return pageutils.generate_page ("Page Not Found", "Page Not Found")
