def search_topics(): session = bottle.request.environ.get('beaker.session') #@UndefinedVariable query = bottle.request.query #Here we use pop because we want to remove the value from the query limit = query.pop('limit',-1) order_by = query.pop('orderby','id') ascending = query.pop('asc','FALSE').upper()=='TRUE' #To make sure this is a boolean #This is a trick to get the list of variables that #exist within the Topic class. allowed_query = Topics.Topic().__dict__.keys() new_query = dict(query) for item in new_query: #remove any unwanted query fields if not query.get(item) in allowed_query: query.pop(item) topics = Topics.getFiltered(query, limit=limit, order_by=order_by, ascending=ascending) #We're returning json bottle.response.content_type = 'application/json' #We don't want to send back a json array, it must start with a key-value #This is due to a subtle json vulnerability, read more on: # http://haacked.com/archive/2009/06/25/json-hijacking.aspx/ # http://haacked.com/archive/2008/11/20/anatomy-of-a-subtle-json-vulnerability.aspx/ res = {'results':[]} if topics: for i in topics: i = i.__dict__ res['results'].append(i) return json.dumps(res)
def disliked(): session = bottle.request.environ.get('beaker.session') #@UndefinedVariable return bottle.template('page-home', topics=Topics.getFiltered(limit=25, order_by='dislikes', ascending=False), alert=session.pop('alert', ''))
def dislike_topic(topic_id=''): session = bottle.request.environ.get('beaker.session') #@UndefinedVariable topic = Topics.get(int(topic_id)) if topic: topic.dislikes = topic.dislikes + 1 if not topic.save(): session['alert'] = 'Failed to dislike Topic' bottle.redirect('/topic/' + str(topic.id)) session['alert'] = "Failed to dislike Topic, doesn't exist" bottle.redirect('/')
def popular(): session = bottle.request.environ.get('beaker.session') #@UndefinedVariable results = {} topics = Topics.getAll() for topic in topics: results[topic] = Messages.getCount({'topic':topic.id})+topic.likes+topic.dislikes sortedresults = sorted(results,key=results.get, reverse=True) return bottle.template('page-home', topics=sortedresults, alert=session.pop('alert',''))
def add_topic(): session = bottle.request.environ.get('beaker.session') #@UndefinedVariable form = bottle.request.forms required = ['username', 'subject', 'description'] for r in required: if not r in form or len(form.get(r)) == 0: session['alert'] = 'Failed to add Topic. Missing ' + r bottle.redirect('/') topic = Topics.Topic(username=form.get('username'), subject=form.get('subject'), description=form.get('description')) if topic.save(): session['alert'] = 'Successfully added Topic' bottle.redirect('/topic/' + str(topic.id)) session['alert'] = 'Failed to add Topic' bottle.redirect('/')
def add_message(): session = bottle.request.environ.get('beaker.session') #@UndefinedVariable form = bottle.request.forms required = ['username', 'message', 'topic'] for r in required: if not r in form or len(form.get(r)) == 0: session['alert'] = 'Failed to add Topic. Missing ' + r bottle.redirect('/') topic = Topics.get(id=int(form.get('topic'))) if topic: message = Messages.Message(username=form.get('username'), message=form.get('message'), reply_to=form.get('reply_to', None), topic=topic.id) if message.save(): session['alert'] = 'Successfully added Reply' bottle.redirect('/topic/' + str(topic.id)) session['alert'] = 'Failed to add Message' bottle.redirect('/')
def topic(topic_id=''): session = bottle.request.environ.get('beaker.session') #@UndefinedVariable return bottle.template('page-topic', topic=Topics.get(int(topic_id)), alert=session.pop('alert', ''))
def getTopic(self): if self.topic: return Topics.get(self.topic) return None