def addcomment (self, body, slug): # Verify user is logged in. if (not pageutils.is_logged_in_p()): raise cherrypy.HTTPRedirect ("/login") # Remove any leading or trailing spaces from comment text. body = string.strip(body) user_id = pageutils.get_user_id() if (user_id == None): raise cherrypy.HTTPRedirect ("/login") try: # Connect to the database and insert the values. dbconnection = pgdb.connect (database_connect_fields) dbcursor = dbconnection.cursor() dbcursor.execute ("SELECT * FROM articles WHERE slug=%s", [slug]) results = dbcursor.fetchone() if (results == None): return pageutils.generate_page ("Invalid Article Specified", "Unable to post comment.") article_id = results[0] # article_id is the first column in the table. dbcursor.execute ("INSERT INTO articles (author_id, body, display, refers_to, creation_date) " + "VALUES (%s, %s, %s, %s, current_timestamp)", [str(user_id), body, "1", str(article_id)]) dbconnection.commit() # Close the database cursor and connection. dbcursor.close() dbconnection.close() except: return pageutils.generate_page ("Invalid SQL Query", "Unable to add comment.")
def process( self, title=None, description=None, start_month=None, start_day=None, start_year=None, end_month=None, end_day=None, end_year=None, ): # Verify user is logged in. if not pageutils.is_logged_in_p(): raise cherrypy.HTTPRedirect("/login") # Make sure the title and description are present. if title == None or description == None: return self.index(missing=True, title=title, description=description) # Prepare start/end date strings. start_date = start_year + "-" + start_month + "-" + start_day end_date = None if end_year <> "" and end_month <> "" and end_day <> "": end_date = end_year + "-" + end_month + "-" + end_day # Get the user_id. user_id = str(pageutils.get_user_id()) # Insert the event into the database. try: # Connect to the database and insert the values. dbconnection = pgdb.connect(database_connect_fields) dbcursor = dbconnection.cursor() # Category value currently unused; default to 0. if end_date <> None: dbcursor.execute( "INSERT INTO events (category, author_id, creation_date, title, " + "description, start_date, end_date, display) " + "VALUES (%s, %s, current_timestamp, %s, %s, %s, %s, %s)", ["0", user_id, title, description, start_date, end_date, "1"], ) else: dbcursor.execute( "INSERT INTO events (category, author_id, creation_date, title, " + "description, start_date, display) " + "VALUES (%s, %s, current_timestamp, %s, %s, %s, %s)", ["0", user_id, title, description, start_date, "1"], ) dbconnection.commit() # Close the database cursor and connection. dbcursor.close() dbconnection.close() except: return pageutils.generate_page("Database Error", '<div class="error">Unable to add event.</div>\n') raise cherrypy.HTTPRedirect("/events/")
def process (self, body=None, subject=None, refers_to=None): # Verify user is logged in. if (not pageutils.is_logged_in_p()): raise cherrypy.HTTPRedirect ("/login/access") # FIXME: Make sure we have all of the data we need in the form. # Remove any leading or trailing spaces from comment text. if (body <> None): body = string.strip(body) if (subject <> None): subject = string.strip(subject) # Make sure refers_to, if it exists, is an integer. if (refers_to <> None): try: refers_to = str(int(refers_to)) except: return pageutils.generate_page ("Invalid Reference", "<div class=\"error\">Unable to add discussion element.</div>\n") user_id = pageutils.get_user_id() if (user_id == None): raise cherrypy.HTTPRedirect ("/login/access") # Insert the discussion / comment into the database. try: # Connect to the database and insert the values. dbconnection = pgdb.connect (database_connect_fields) dbcursor = dbconnection.cursor() # Category value currently unused; default to 0. # Is this a top-level discussion? if (refers_to == None): dbcursor.execute ("INSERT INTO discussions (category, author_id, subject, body, display, creation_date) " + "VALUES (%s, %s, %s, %s, %s, current_timestamp)", ["0", str(user_id), subject, body, "1"]) # Or is this a reply? else: dbcursor.execute ("INSERT INTO discussions (refers_to, category, author_id, subject, body, display, creation_date) " + "VALUES (%s, %s, %s, %s, %s, %s, current_timestamp)", [str(refers_to), "0", str(user_id), subject, body, "1"]) dbconnection.commit() # Close the database cursor and connection. dbcursor.close() dbconnection.close() except: return pageutils.generate_page ("Database Error", "<div class=\"error\">Unable to add discussion element.</div>\n") if (refers_to == None): raise cherrypy.HTTPRedirect ("/discussions/") else: raise cherrypy.HTTPRedirect ("/discussions/" + str(refers_to))
def comment (self, article_slug=None): # Verify user is logged in. if (not pageutils.is_logged_in_p()): raise cherrypy.HTTPRedirect ("/login") if (article_slug == None): return pageutils.generate_page ("No Article Specified", "Unable to add comment.") # Form to add a comment. pagecontents = "" pagecontents += "<form action=\"/articles/addcomment\" method=\"post\">" pagecontents += "<textarea cols=80 rows=10 name=\"body\"></textarea>\n" pagecontents += "<br><br>" pagecontents += "<input type=\"hidden\" name=\"slug\" value=\"" + str(article_slug) + "\">" pagecontents += "<input type=\"submit\" value=\"Add Comment\">" pagecontents += "</form>" pagecontents += pageutils.generate_disclaimer() return pageutils.generate_page ("Add a comment", pagecontents)
def new (self): # Verify user is logged in. if (not pageutils.is_logged_in_p()): raise cherrypy.HTTPRedirect ("/login/access") pagetext = "" pagetitle = "Start a New Discussion" pagetext += "<form action=\"/discussions/process\" method=\"post\">" pagetext += "<b>Subject</b>:" pagetext += "<br>" pagetext += "<input type=\"text\" name=\"subject\">\n" pagetext += "<br><br>" pagetext += "<b>Message</b>:\n<br>\n" pagetext += "<textarea cols=80 rows=10 name=\"body\"></textarea>\n" pagetext += "<br><br>" pagetext += "<input type=\"submit\" value=\"Start New Discussion\">" pagetext += "</form>" pagetext += pageutils.generate_disclaimer() return pageutils.generate_page (pagetitle, pagetext)
def reply (self, discussion_id=None): # Verify user is logged in. if (not pageutils.is_logged_in_p()): raise cherrypy.HTTPRedirect ("/login") # Verify a discussion_id was supplied, so we know where this comment goes. if (discussion_id == None): return pageutils.generate_page ("Discussion Reference Missing", "<div class=\"error\"><p>Unable to add comment.</p></div>") pagetext = "" pagetitle = "Add a Reply" pagetext += "<form action=\"/discussions/process\" method=\"post\">" pagetext += "<textarea cols=80 rows=10 name=\"body\"></textarea>\n" pagetext += "<br><br>" pagetext += "<input type=\"hidden\" name=\"refers_to\" value=\"" + (str(discussion_id)) + "\">\n" pagetext += "<input type=\"submit\" value=\"Add Comment\">" pagetext += "</form>" pagetext += pageutils.generate_disclaimer() return pageutils.generate_page (pagetitle, pagetext)
def index (self, discussion_id=None): # If discussion_id is None, display main discussion table of contents. # Else, display specified discussion. # Available to all, logged in or not. # Toplevel index. if (discussion_id == None): description = None results = None author_description = None author_results = [] # Get discussion listing from database try: # Try to connect to the database. dbconnection = pgdb.connect (database_connect_fields) dbcursor = dbconnection.cursor() dbcursor.execute ("SELECT * FROM discussions WHERE refers_to IS null ORDER BY creation_date") # Get the cursor description and results from the query. description = dbcursor.description results = dbcursor.fetchall() # Get and store the user (author) data. for result in results: dbcursor.execute ("SELECT * FROM users WHERE user_id=%s", [str(result[sqlutils.getfieldindex("author_id", description)])]) if (dbcursor.description <> None): author_description = dbcursor.description author_results.append (dbcursor.fetchone()) # Close the database cursor and connection. dbcursor.close() dbconnection.close() except: return pageutils.generate_page ("Database Error", "<div class=\"error\">Can't get discussion data.</div>\n") # Build the page. pagetext = "" if (pageutils.is_logged_in_p()): pagetext += "<a href=\"/discussions/new\">Start New Discussion</a>\n" else: pagetext += "<a href=\"/login\">Log In</a> to start a new discussion</a>\n" pagetext += "<ul>\n" for result in results: pagetext += "<li>\n" pagetext += ("<a href=\"/discussions/" + str(result[sqlutils.getfieldindex ("discussion_id", description)]) + "\">" + result[sqlutils.getfieldindex ("subject", description)] + "</a> (posted by ") for author in author_results: if author == None: continue if author[0] == result[sqlutils.getfieldindex ("author_id", description)]: pagetext += author[sqlutils.getfieldindex ("name", author_description)] pagetext += " on " + result[sqlutils.getfieldindex ("creation_date", description)] + ")\n" pagetext += "</li>\n" pagetext += "</ul>\n" return pageutils.generate_page ("Discussions", pagetext) # Display a specific discussion. else: # Make sure we have a potentially-valid discussion id. try: discussion_id = str(int(discussion_id)) except: return pageutils.generate_page ("Invalid Discussion", "<div class=\"error\">Can't present the requested discussion.</div>\n") description = None results = None reply_results = [] author_description = None author_results = [] # Get discussion listing from database try: # Try to connect to the database. dbconnection = pgdb.connect (database_connect_fields) dbcursor = dbconnection.cursor() dbcursor.execute ("SELECT * FROM discussions WHERE discussion_id=%s", [discussion_id]) description = dbcursor.description results = dbcursor.fetchone() # Get the user (author) data for the main discussion. dbcursor.execute ("SELECT * FROM users WHERE user_id=%s", [str(results[sqlutils.getfieldindex("author_id", description)])]) author_description = dbcursor.description author_results.append (dbcursor.fetchone()) # Get any comments/replies for this discussion thread. dbcursor.execute ("SELECT * FROM discussions WHERE refers_to=%s", [discussion_id]) reply_results = dbcursor.fetchall() # Get and store the user (author) data. for result in reply_results: dbcursor.execute ("SELECT * FROM users WHERE user_id=%s", [str(result[sqlutils.getfieldindex("author_id", description)])]) author_results.append (dbcursor.fetchone()) # Close the database cursor and connection. dbcursor.close() dbconnection.close() except: return pageutils.generate_page ("Database Error", "<div class=\"error\">Can't get discussion data.</div>\n") # Build page. pagetitle = results[sqlutils.getfieldindex("subject", description)] pagetext = "<p>" + results[sqlutils.getfieldindex("body", description)] + "</p>\n" for author in author_results: if author == None: continue # Find the author info to display. if author[0] == results[sqlutils.getfieldindex ("author_id", description)]: pagetext += "<p><i>posted by " + author[sqlutils.getfieldindex ("name", author_description)] pagetext += (" on " + results[sqlutils.getfieldindex ("creation_date", description)] + "</i></p>\n") break if (pageutils.is_admin_p()): pagetext += ("<p>[<a href=\"/admin/discussions/delete/" + str(results[sqlutils.getfieldindex("discussion_id", description)]) + "\">Delete Discussion</a>]</p>") pagetext += "<hr width=\"50%\">\n" pagetext += "<h3>Replies</h3>\n" # Do we have any replies to show? if (reply_results <> None): for result in reply_results: pagetext += "<p>" pagetext += result[sqlutils.getfieldindex ("body", description)] for author in author_results: if author == None: continue # Find the author info to display. if author[0] == result[sqlutils.getfieldindex ("author_id", description)]: pagetext += "<p><i>posted by " + author[sqlutils.getfieldindex ("name", author_description)] pagetext += (" on " + result[sqlutils.getfieldindex ("creation_date", description)] + "</i></p>\n") break pagetext += "</p>\n" # If the user is admin, post link to delete the reply. if (pageutils.is_admin_p()): pagetext += ("<p>[<a href=\"/admin/discussions/delete/" + str(result[sqlutils.getfieldindex ("discussion_id", description)]) + "\">Delete Reply</a>]</p>\n") pagetext += "<hr width=50%>\n" # If user is logged in, post link to add a reply. if (pageutils.is_logged_in_p()): pagetext += "<p><a href=\"/discussions/reply/" + discussion_id + "\">Add a reply</a></p>\n" else: pagetext += "<p><a href=\"/login\">Log in</a> to add a reply</a></p>\n" # Generate page return pageutils.generate_page (pagetitle, pagetext)
def index(self, event_id=None): # If event_id is None, display main event table of contents. # Else, display specified event details. # Available to all, logged in or not. # Build table of contents. if event_id == None: description = None results = None # Get event listing from database try: # Try to connect to the database. dbconnection = pgdb.connect(database_connect_fields) dbcursor = dbconnection.cursor() dbcursor.execute("SELECT * FROM events ORDER BY start_date") # Get the cursor description and results from the query. description = dbcursor.description results = dbcursor.fetchall() # Close the database cursor and connection. dbcursor.close() dbconnection.close() except: return pageutils.generate_page("Database Error", '<div class="error">Can\'t get event data.</div>\n') # Build the page. pagetext = "" if pageutils.is_logged_in_p(): pagetext += '<a href="/events/new">Add New Event</a>\n' else: pagetext += '<a href="/login">Log In</a> to add a new event</a>\n' pagetext += "<ul>\n" most_recent_month = None most_recent_year = None for result in results: start_date = result[sqlutils.getfieldindex("start_date", description)] end_date = result[sqlutils.getfieldindex("end_date", description)] if most_recent_year <> pageutils.get_year(start_date): most_recent_year = pageutils.get_year(start_date) pagetext += "</ul><h2>" + str(most_recent_year) + "</h2><ul>\n" if most_recent_month <> pageutils.get_month(start_date): most_recent_month = pageutils.get_month(start_date) pagetext += "</ul><h3>" + most_recent_month + "</h3><ul>\n" pagetext += ( "<li>" + '<a href="/events/' + str(result[sqlutils.getfieldindex("event_id", description)]) + '">' + result[sqlutils.getfieldindex("title", description)] + "</a> (" + str(pageutils.get_month(start_date)) + " " + str(pageutils.get_day(start_date)) ) if result[sqlutils.getfieldindex("end_date", description)] <> None: pagetext += " - " + pageutils.get_month(end_date) + " " + str(pageutils.get_day(end_date)) pagetext += ")</li>\n" pagetext += "</ul>\n" return pageutils.generate_page("Events", pagetext) # Show specific event. else: description = None result = None # Get event listing from database try: # Try to connect to the database. dbconnection = pgdb.connect(database_connect_fields) dbcursor = dbconnection.cursor() dbcursor.execute("SELECT * FROM events WHERE event_id=%s", [str(event_id)]) # Get the cursor description and results from the query. description = dbcursor.description result = dbcursor.fetchone() # Close the database cursor and connection. dbcursor.close() dbconnection.close() except: return pageutils.generate_page("Database Error", '<div class="error">Can\'t get event data.</div>\n') # Build the page. pagetext = "" start_date = result[sqlutils.getfieldindex("start_date", description)] end_date = result[sqlutils.getfieldindex("end_date", description)] pagetext += "<h3>" + pageutils.get_month(start_date) + " " + str(pageutils.get_day(start_date)) if end_date <> None: pagetext += " - " + pageutils.get_month(end_date) + " " + str(pageutils.get_day(end_date)) pagetext += ", " + pageutils.get_year(end_date) else: pagetext += ", " + pageutils.get_year(start_date) pagetext += "</h3>\n" pagetext += "<p>" + result[sqlutils.getfieldindex("description", description)] pagetitle = result[sqlutils.getfieldindex("title", description)] if pageutils.is_admin_p(): pagetext += ( '<p>[<a href="/admin/events/delete/' + str(result[sqlutils.getfieldindex("event_id", description)]) + '">Delete Event</a>]</p>' ) return pageutils.generate_page(pagetitle, pagetext)
def new(self, missing=False, title=None, description=None): # Create new event, available to logged in users. # Verify user is logged in. if not pageutils.is_logged_in_p(): raise cherrypy.HTTPRedirect("/login") # Form to create new event. pagecontents = "" if missing: pagecontents += '<div class="error"><h2>Error</h2>Be sure to fill in both the ' pagecontents += "title and description fields.</div>\n" pagecontents += '<form action="/events/process" method="post">' pagecontents += "<b>Title</b>:" pagecontents += "<br>" pagecontents += '<input type="text" ' if title <> None: pagecontents += 'value="' + title + '" ' pagecontents += 'name="title">' pagecontents += "<br><br>\n" pagecontents += "<b>Description</b>:" pagecontents += "<br>" pagecontents += '<textarea cols=80 rows=10 name="description">' if description <> None: pagecontents += description pagecontents += "</textarea>\n" pagecontents += "<br><br>" pagecontents += "<b>Start Date</b>:" pagecontents += "<br>" pagecontents += '<select name="start_month">\n' for month in [ ["01", "January"], ["02", "February"], ["03", "March"], ["04", "April"], ["05", "May"], ["06", "June"], ["07", "July"], ["08", "August"], ["09", "September"], ["10", "October"], ["11", "November"], ["12", "December"], ]: pagecontents += '<option value="' + month[0] + '">' + month[1] + "</option>\n" pagecontents += "</select>\n" pagecontents += '<select name="start_day">\n' for day in [ "01", "02", "03", "04", "05", "06", "07", "08", "09", "10", "11", "12", "13", "14", "15", "16", "17", "18", "19", "20", "21", "22", "23", "24", "25", "26", "27", "28", "29", "30", "31", ]: pagecontents += '<option value="' + day + '">' + day + "</option>\n" pagecontents += "</select>\n" pagecontents += '<select name="start_year">\n' for year in ["2009", "2010", "2011", "2012"]: pagecontents += '<option value="' + year + '">' + year + "</option>\n" pagecontents += "</select>\n" pagecontents += "<br><br>\n" pagecontents += "<b>End Date</b>: (<i>Leave blank for one-day events</i>)" pagecontents += "<br>" pagecontents += '<select name="end_month">\n' for month in [ ["", ""], ["01", "January"], ["02", "February"], ["03", "March"], ["04", "April"], ["05", "May"], ["06", "June"], ["07", "July"], ["08", "August"], ["09", "September"], ["10", "October"], ["11", "November"], ["12", "December"], ]: pagecontents += '<option value="' + month[0] + '">' + month[1] + "</option>\n" pagecontents += "</select>\n" pagecontents += '<select name="end_day">\n' for day in [ "", "01", "02", "03", "04", "05", "06", "07", "08", "09", "10", "11", "12", "13", "14", "15", "16", "17", "18", "19", "20", "21", "22", "23", "24", "25", "26", "27", "28", "29", "30", "31", ]: pagecontents += '<option value="' + day + '">' + day + "</option>\n" pagecontents += "</select>\n" pagecontents += '<select name="end_year">\n' for year in ["", "2009", "2010", "2011", "2012"]: pagecontents += '<option value="' + year + '">' + year + "</option>\n" pagecontents += "</select>\n" pagecontents += "<br><br>\n" pagecontents += '<input type="submit" value="Create New Event">' pagecontents += "</form>" pagecontents += pageutils.generate_disclaimer() return pageutils.generate_page("Create New Event", pagecontents)
def index (self, article_slug=None): # If article_slug is None, display main article table of contents. # Else, display specified article. # Available to all, logged in or not. if (article_slug == None): article_slug = "map" description = None results = None comments_description = None comments_results = None author_results = [] author_description = None # Get article, comment, and comment-author data from database. try: # Try to connect to the database. dbconnection = pgdb.connect (database_connect_fields) dbcursor = dbconnection.cursor() dbcursor.execute ("SELECT * FROM articles WHERE slug=%s", [article_slug]) # Get the cursor description and results from the query. description = dbcursor.description results = dbcursor.fetchone() # Get any comments for the article. if (results <> None): dbcursor.execute ("SELECT * FROM articles WHERE refers_to=%s", [str(results[sqlutils.getfieldindex ("article_id", description)])]) comments_description = dbcursor.description comments_results = dbcursor.fetchall() # Store the user info for the author of the comment, for use when we display the comment. for result in comments_results: dbcursor.execute ("SELECT * FROM users WHERE user_id=%s", [str(result[sqlutils.getfieldindex ("author_id", comments_description)])]) author_description = dbcursor.description author_results.append (dbcursor.fetchone()) # Close the database cursor and connection. dbcursor.close() dbconnection.close() except: pass if (results == None): # The "welcome" article is the main front page. We need to have this page. if (article_slug == "welcome"): return pageutils.generate_page ("Welcome", "You will need to create an article with the slug: welcome") # We also need a "map" page. elif (article_slug == "map"): return pageutils.generate_page ("Map", "You will need to create an article with the slug: map") else: raise cherrypy.HTTPRedirect ("/404") # Obtain the article title from the database results. pagetitle = "" try: pagetitle += results[sqlutils.getfieldindex ("title", description)] except: pagetitle = "Database Error." # Obtain the article body from the database results. pagetext = "" try: pagetext += results[sqlutils.getfieldindex ("body", description)] except: pagetext += "<p>Database Error.</p>" # Do we want to show comments on this page? try: if (int(results[sqlutils.getfieldindex ("display", description)]) > 1): pagetext += "<hr><h3>User Comments</h3>" # Do we have any comments to show? if (comments_results <> None): for result in comments_results: pagetext += "<p>" pagetext += result[sqlutils.getfieldindex ("body", comments_description)] for author in author_results: if author == None: continue # Find the author info to display. if author[0] == result[sqlutils.getfieldindex ("author_id", comments_description)]: pagetext += "<p><i>posted by " + author[sqlutils.getfieldindex ("name", author_description)] pagetext += " on " + result[sqlutils.getfieldindex ("creation_date", comments_description)] + "</i></p>\n" break # If the user is admin, post link to delete the comment. if (pageutils.is_admin_p()): pagetext += ("<p>[<a href=\"/admin/articles/delete/" + str(result[sqlutils.getfieldindex ("article_id", comments_description)]) + "\">Delete Comment</a>]</p>\n") pagetext += "</p>" pagetext += "<hr width=50%>\n" # If user is logged in, post link to add a comment. if (pageutils.is_logged_in_p()): pagetext += "<p><a href=\"/articles/comment/" + article_slug + "\">Add a comment</a></p>\n" else: pagetext += "<p><a href=\"/login\">Log in</a> to add a comment</a></p>\n" except: pass # Build the whole page and return it. return pageutils.generate_page (pagetitle, pagetext)
def thanks (self): if (pageutils.is_logged_in_p()): return pageutils.generate_page ("Thanks for Registering!", "<div class=\"notice\">Your account is active!</div>\n") else: raise cherrypy.HTTPRedirect ("/register")