def process_tripcode(name, tripkey='!'):
match = re.match(TRIP_RE % re.escape(tripkey), name)
if not match:
return (str_format.clean_string(str_format.decode_string(name)), '')
trip = ''
namepart, marker, trippart = match.groups()
namepart = str_format.clean_string(str_format.decode_string(namepart))
# do we want secure trips, and is there one?
if config.SECRET:
regexp = re.compile(SECURE_TRIP_RE.replace("%s", re.escape(marker)))
smatch = regexp.match(trippart)
if smatch:
trippart = regexp.sub('', trippart)
maxlen = 255 - len(config.SECRET)
string = smatch.group(1)[:maxlen]
trip = tripkey * 2 + hide_data(smatch.group(1), 6, "trip",
config.SECRET, True)
if not trippart: # return directly if there's no normal tripcode
return (namepart, trip)
# 2ch trips are processed as Shift_JIS whenever possible
trippart = trippart.encode("shiftjis", "xmlcharrefreplace")
trippar = str_format.clean_string(trippart)
salt = (trippart + "H..")[1:3]
salt = SALT_CLEAN_RE.sub('.', salt)
for old, new in map(None, ':;<=>?@[\\]^_`', 'ABCDEFGabcdef'):
salt = salt.replace(old, new)
trip = tripkey + crypt.crypt(trippart, salt)[-10:] + trip
return (namepart, trip)
def process_tripcode(name, tripkey='!'):
match = re.match(TRIP_RE % re.escape(tripkey), name)
if not match:
return (str_format.clean_string(str_format.decode_string(name)), '')
trip = ''
namepart, marker, trippart = match.groups()
namepart = str_format.clean_string(str_format.decode_string(namepart))
# do we want secure trips, and is there one?
if config.SECRET:
regexp = re.compile(SECURE_TRIP_RE.replace("%s", re.escape(marker)))
smatch = regexp.match(trippart)
if smatch:
trippart = regexp.sub('', trippart)
maxlen = 255 - len(config.SECRET)
string = smatch.group(1)[:maxlen]
trip = tripkey * 2 + hide_data(smatch.group(1), 6, "trip",
config.SECRET, True)
if not trippart: # return directly if there's no normal tripcode
return (namepart, trip)
# 2ch trips are processed as Shift_JIS whenever possible
trippart = trippart.encode("shiftjis", "xmlcharrefreplace")
trippar = str_format.clean_string(trippart)
salt = (trippart + "H..")[1:3]
salt = SALT_CLEAN_RE.sub('.', salt)
for old, new in map(None, ':;<=>?@[\\]^_`', 'ABCDEFGabcdef'):
salt = salt.replace(old, new)
trip = tripkey + crypt.crypt(trippart, salt)[-10:] + trip
return (namepart, trip)
def clean_fields(self, editing, admin_mode, options):
'''Modifies fields to clean them'''
# kill the name if anonymous posting is being enforced
if options['FORCED_ANON']:
self.name = ''
self.trip = ''
if self.email.lower() == 'sage':
self.email = 'sage'
else:
self.email = ''
# fix up the email/link, if it is not a generic URI already.
if self.email and not re.search(r"(?:^\w+:)|(?:\:\/\/)", self.email):
self.email = "mailto:" + self.email
# clean up the inputs
self.subject = str_format.clean_string(
str_format.decode_string(self.subject))
# format comment
if not self.req_no_format:
self.comment = str_format.format_comment(str_format.clean_string(
str_format.decode_string(self.comment)))
# insert default values for empty fields
if not (self.name or self.trip):
self.name = options['S_ANONAME']
self.subject = self.subject or options['S_ANOTITLE']
self.comment = self.comment or options['S_ANOTEXT']
def clean_fields(self, editing, admin_mode, options):
'''Modifies fields to clean them'''
# kill the name if anonymous posting is being enforced
if options['FORCED_ANON']:
self.name = ''
self.trip = ''
if self.email.lower() == 'sage':
self.email = 'sage'
else:
self.email = ''
# fix up the email/link, if it is not a generic URI already.
if self.email and not re.search(r"(?:^\w+:)|(?:\:\/\/)", self.email):
self.email = "mailto:" + self.email
# clean up the inputs
self.subject = str_format.clean_string(
str_format.decode_string(self.subject))
# format comment
if not self.req_no_format:
self.comment = str_format.format_comment(
str_format.clean_string(str_format.decode_string(
self.comment)))
# insert default values for empty fields
if not (self.name or self.trip):
self.name = options['S_ANONAME']
self.subject = self.subject or options['S_ANOTITLE']
self.comment = self.comment or options['S_ANOTEXT']
def spam_engine(trap_fields, spam_files):
def spam_screen():
raise util.WakaError(strings.SPAM)
request = local.request
for field in trap_fields:
if request.values.get("request", None) is not None:
spam_screen()
spam_checker = compile_spam_checker(spam_files)
fields = request.values.keys()
fulltext = "\n".join([str_format.decode_string(request.values[x]) for x in fields])
if spam_checker(fulltext):
spam_screen()
def spam_engine(trap_fields, spam_files):
def spam_screen():
raise util.WakaError(strings.SPAM)
request = local.request
for field in trap_fields:
if request.values.get('request', None) is not None:
spam_screen()
spam_checker = compile_spam_checker(spam_files)
fields = request.values.keys()
fulltext = '\n'.join(
[str_format.decode_string(request.values[x]) for x in fields])
if spam_checker(fulltext):
spam_screen()
def add_admin_entry(task_data,
option,
comment,
ip='',
mask='255.255.255.255',
sval1='',
total='',
expiration=0,
caller=''):
session = model.Session()
table = model.admin
ival1 = ival2 = 0
if not comment:
raise WakaError(strings.COMMENT_A_MUST)
if option in ('ipban', 'whitelist'):
if not ip:
raise WakaError('IP address required.')
if not mask:
mask = '255.255.255.255'
# Convert to decimal.
(ival1, ival2) = (misc.dot_to_dec(ip), misc.dot_to_dec(mask))
sql = table.select().where(table.c.type == option)
query = session.execute(sql)
for row in query:
try:
if int(row.ival1) & int(row.ival2) == ival1 & ival2:
raise WakaError('IP address and mask match ban #%d.' % \
(row.num))
except ValueError:
raise WakaError("Entry #%s on ban table is inconsistent. "
"This shouldn't happen." % row.num)
# Add info to task data.
content = ip + (' (' + mask + ')' if mask else '')
if total == 'yes':
add_htaccess_entry(ip)
content += ' (no browse)'
content += ' "' + comment + '"'
task_data.contents.append(content)
else:
if not sval1:
raise WakaError(strings.STRINGFIELDMISSING)
sql = table.select().where(
and_(table.c.sval1 == sval1, table.c.type == option))
row = session.execute(sql).fetchone()
if row:
raise WakaError('Duplicate String in ban #%d.' % (row.num))
# Add ifno to task data.
task_data.contents.append(sval1)
comment = str_format.clean_string(\
str_format.decode_string(comment, config.CHARSET))
expiration = int(expiration) if expiration else 0
if expiration:
expiration = expiration + time.time()
sql = table.insert().values(type=option,
comment=comment,
ival1=int(ival1),
ival2=int(ival2),
sval1=sval1,
total=total,
expiration=expiration)
result = session.execute(sql)
task_data.admin_id = result.inserted_primary_key[0]
# Add specific action name to task data.
task_data.action = option
board = local.environ['waka.board']
forward_url = misc.make_script_url(task='bans', board=board.name)
if caller == 'window':
return Template('edit_successful')
return util.make_http_forward(forward_url, config.ALTERNATE_REDIRECT)
def add_admin_entry(task_data, option, comment, ip='', mask='255.255.255.255',
sval1='', total='', expiration=0,
caller=''):
session = model.Session()
table = model.admin
ival1 = ival2 = 0
if not comment:
raise WakaError(strings.COMMENT_A_MUST)
if option in ('ipban', 'whitelist'):
if not ip:
raise WakaError('IP address required.')
if not mask:
mask = '255.255.255.255'
# Convert to decimal.
(ival1, ival2) = (misc.dot_to_dec(ip), misc.dot_to_dec(mask))
sql = table.select().where(table.c.type == option)
query = session.execute(sql)
for row in query:
try:
if int(row.ival1) & int(row.ival2) == ival1 & ival2:
raise WakaError('IP address and mask match ban #%d.' % \
(row.num))
except ValueError:
raise WakaError("Entry #%s on ban table is inconsistent. "
"This shouldn't happen." % row.num)
# Add info to task data.
content = ip + (' (' + mask + ')' if mask else '')
if total == 'yes':
add_htaccess_entry(ip)
content += ' (no browse)'
content += ' "' + comment + '"'
task_data.contents.append(content)
else:
if not sval1:
raise WakaError(strings.STRINGFIELDMISSING)
sql = table.select().where(and_(table.c.sval1 == sval1,
table.c.type == option))
row = session.execute(sql).fetchone()
if row:
raise WakaError('Duplicate String in ban #%d.' % (row.num))
# Add ifno to task data.
task_data.contents.append(sval1)
comment = str_format.clean_string(\
str_format.decode_string(comment, config.CHARSET))
expiration = int(expiration) if expiration else 0
if expiration:
expiration = expiration + time.time()
sql = table.insert().values(type=option, comment=comment, ival1=int(ival1),
ival2=int(ival2), sval1=sval1, total=total,
expiration=expiration)
result = session.execute(sql)
task_data.admin_id = result.inserted_primary_key[0]
# Add specific action name to task data.
task_data.action = option
board = local.environ['waka.board']
forward_url = misc.make_script_url(task='bans', board=board.name)
if caller == 'window':
return Template('edit_successful')
return util.make_http_forward(forward_url, config.ALTERNATE_REDIRECT)
