def index(self, name=None, password = None, referer=None):
if name: # submitting
user = User.query.filter_by(username = name).first()
if user and user.password == userinfo.md5pass(password, user.password):
if user.auth == 1:
userinfo.set_login_sesion_info(user)
if referer:
controller.http_redirect(referer)
else:
controller.http_redirect(controller.base_url()+'/welcome/')
else:
return template.render("login.html"
, error_reason = "auth"
, referer = referer
)
else:
return template.render("login.html"
, error_reason = "failed"
, referer = referer
)
else:
referer = controller.get_header('Referer')
if not referer:
referer = controller.base_url()+"/welcome/"
return template.render("login.html"
, hide_login_register = True
, referer = referer
, error_reason = None)
def index(self, name = None, email = None, comment = None):
if not name:
return template.render("contact.html")
# server side input validation
if not email:
return "Email is missing"
if not comment or len(comment)<10:
return "Comment is missing"
if not userinfo.validateEmail(email):
return "Invalid email"
referer = controller.get_header('Referer')
if not referer or not referer.startswith(controller.base_url()):
return "Not Allowed"
contact_recipient = apt_portal.get_config("mail", "contact_recipient")
id = int(time.time())
template.sendmail('contact.mail'\
, sender = '"%s" <%s>' % (name, email)
, destination = contact_recipient
, comment = comment
, app_name = apt_portal.app_name
, id = id
)
return template.render("contact.html", contact_received=1)
