def game_edit_request(request, game_id): g = Game.objects.get(pk=game_id) ayah_html = ayah.get_publisher_html() if not request.user.is_authenticated(): return HttpResponseRedirect('/login/') if request.method == 'POST': form = GameRegistrationForm(request.POST, request.FILES) if form.is_valid(): secret = request.POST['session_secret'] passed = ayah.score_result(secret) if passed: try: g.concept_only=form.cleaned_data['concept_only'] except Error: pass g.name=form.cleaned_data['name'] g.short_desc = form.cleaned_data['short_desc'] g.description = form.cleaned_data['description'] g.team = form.cleaned_data['team'] g.save() return HttpResponseRedirect('/members/profile/') else: context = {'form':form, 'ayah_html':ayah_html} else: context = {'form':form,'ayah_html':ayah_html} else: form = GameRegistrationForm(instance=g) context = {'form':form,'ayah_html':ayah_html} return render_to_response( 'runs/edit_game.html', context, context_instance=RequestContext(request))
def game_registration_request(request): ayah_html = ayah.get_publisher_html() if not request.user.is_authenticated(): return HttpResponseRedirect('/login/') if request.method == 'POST': form = GameRegistrationForm(request.POST, request.FILES) if form.is_valid(): secret = request.POST['session_secret'] passed = ayah.score_result(secret) if passed: g = form.save(commit=False) g.added_date = timezone.now() g.description = sanitizeHtml(request.POST['description']) g.run = get_object_or_404(Run, current_run = True) g.leader = request.user g.save() return HttpResponseRedirect('/members/profile/') else: context = {'form':form, 'ayah_html':ayah_html} else: context = {'form':form,'ayah_html':ayah_html} else: form = GameRegistrationForm() context = {'form':form,'ayah_html':ayah_html} return render_to_response( 'runs/register_game.html', context, context_instance=RequestContext(request))
def POST(self): data = web.input() ishuman = False if data.__contains__('session-secret'): ishuman = ayah.score_result(data['session-secret']) if ishuman and data.__contains__('subject') and data.__contains__('message') and data.__contains__('senderemail'): # good web.sendmail('*****@*****.**', '*****@*****.**', data['subject'], data['message'])
def POST(self): data = web.input() ishuman = False if data.__contains__('session-secret'): ishuman = ayah.score_result(data['session-secret']) if ishuman and data.__contains__('subject') and data.__contains__( 'message') and data.__contains__('senderemail'): # good web.sendmail('*****@*****.**', '*****@*****.**', data['subject'], data['message'])
def add_article(request): ayah.configure(settings.AYAH_PUBLISHER_KEY, settings.AYAH_SCORING_KEY) if request.method == "POST": form = ArticleForm(request.POST) if form.is_valid(): #subject = form.cleaned_data['subject'] #message = form.cleaned_data['message'] #sender = form.cleaned_data['sender'] #cc_myself = form.cleaned_data['cc_myself'] ayah_form_secret = form.data.get('session_secret') if not settings.DEBUG and not ayah.score_result(ayah_form_secret): return HttpResponseRedirect('/') recipients = [settings.DEFAULT_FROM_EMAIL] message = 'Url - %s Tags: %s' % (form.cleaned_data['link'], form.cleaned_data['tags']) test = form.save(commit=False) # Add user test.added_by = request.user test.save() article_id = Article.objects.get(id=test.id) for tag in form.cleaned_data['tags']: # Add the tags to the article Article_Tags(article=article_id, tag=tag).save() from django.core.mail import send_mail send_mail('New article: %s' % form.cleaned_data['link'], message, '*****@*****.**', recipients) return HttpResponseRedirect('/') else: form = ArticleForm() return render_to_response('article/add_article.html', { 'form':form, 'ayah': ayah.get_publisher_html() }, context_instance=RequestContext(request) )
def member_registration(request): ''' This view controls User registration. ''' ayah_html = ayah.get_publisher_html() if request.user.is_authenticated(): return HttpResponseRedirect('/members/profile/') if request.method == 'POST': form = UserRegistrationForm(request.POST, request.FILES) if form.is_valid(): secret = request.POST['session_secret'] passed = ayah.score_result(secret) if passed: user = User.objects.create_user( username=form.cleaned_data['username'], email = form.cleaned_data['email'], password = form.cleaned_data['password'], ) user.first_name = form.cleaned_data['first_name'] user.last_name = form.cleaned_data['last_name'] user.save() profile = user.get_profile() profile.about = form.cleaned_data['about'] profile.save() member = authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['password']) login(request, member) return HttpResponseRedirect('/members/profile/') else: context = {'form':form, 'ayah_html':ayah_html} else: context = {'form':form, 'ayah_html':ayah_html} else: form = UserRegistrationForm() context = {'form':form, 'ayah_html':ayah_html} return render_to_response( 'members/register_member.html', context, context_instance=RequestContext(request))
def member_registration(request): ''' This view controls User registration. ''' ayah_html = ayah.get_publisher_html() if request.user.is_authenticated(): return HttpResponseRedirect('/members/profile/') if request.method == 'POST': form = UserRegistrationForm(request.POST, request.FILES) if form.is_valid(): secret = request.POST['session_secret'] passed = ayah.score_result(secret) if passed: user = User.objects.create_user( username=form.cleaned_data['username'], email=form.cleaned_data['email'], password=form.cleaned_data['password'], ) user.first_name = form.cleaned_data['first_name'] user.last_name = form.cleaned_data['last_name'] user.save() profile = user.get_profile() profile.about = form.cleaned_data['about'] profile.save() member = authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['password']) login(request, member) return HttpResponseRedirect('/members/profile/') else: context = {'form': form, 'ayah_html': ayah_html} else: context = {'form': form, 'ayah_html': ayah_html} else: form = UserRegistrationForm() context = {'form': form, 'ayah_html': ayah_html} return render_to_response('members/register_member.html', context, context_instance=RequestContext(request))
def handle_remove_event(): """ Validate secret code and remove event, flash and redirect to frontpage """ # TODO Aikaperusteinen hidaste avainten brute force -spämmäyksen estoon if request.method == 'GET': flash(u'Käytä lomaketta') return redirect(url_for('handle_list_events')) # Get data from form remove_short_name = request.form['short_name'].strip().lower() remove_secret = request.form['secret'].strip().lower() ayah_session_secret = strip_tags(request.form['session_secret'].strip()) # Setup Are You A Human check ayah.configure(app.config['ARE_YOU_HUMAN_PUBLISHER_KEY'], app.config['ARE_YOU_HUMAN_SCORING_KEY']) # Validation if is_valid_short_name(remove_short_name) != True: flash(u'Lyhytnimi tai salainen avain ei täsmää. Tarkista tiedot ja yritä uudelleen.') return redirect(url_for('handle_list_events')) if is_valid_secret_key(remove_secret, app.config['SECRET_KEY_CHARACTERS']) != True: flash(u'Lyhytnimi tai salainen avain ei täsmää. Tarkista tiedot ja yritä uudelleen.') return redirect(url_for('handle_list_events')) if event_exists(remove_short_name) != True: flash(u'Lyhytnimi tai salainen avain ei täsmää. Tarkista tiedot ja yritä uudelleen.') return redirect(url_for('handle_list_events')) # Call Are You A Human scoring service if ayah.score_result(ayah_session_secret) == False: flash(u'Spämmitarkistus epäonnistui. Tarkista että et ole spämmirobotti ja/tai yritä uudelleen.') return redirect(url_for('handle_list_events')) if not remove_event_with_secret(remove_short_name, remove_secret): flash(u'Lyhytnimi tai salainen avain ei täsmää. Tarkista tiedot ja yritä uudelleen.') return redirect(url_for('handle_list_events')) else: flash(u'Tapahtuma poistettu onnistuneesti.') return redirect(url_for('handle_list_events'))
def handle_add_event(): """ Validate and add event, flash and redirect to frontpage """ # TODO Aikaperusteinen hidaste tapahtumien lisäyksen spämmäämiseen if request.method == 'GET': flash(u'Käytä lomaketta') return redirect(url_for('handle_list_events')) # Get data from form add_short_name = strip_tags(request.form['short_name'].strip()) add_name = strip_tags(request.form['name'].strip()) add_url = request.form['url'].strip().lower() add_start_time = strip_tags(request.form['start_time'].strip()) add_end_time = strip_tags(request.form['end_time'].strip()) ayah_session_secret = strip_tags(request.form['session_secret'].strip()) # Setup Are You A Human check ayah.configure(app.config['ARE_YOU_HUMAN_PUBLISHER_KEY'], app.config['ARE_YOU_HUMAN_SCORING_KEY']) # Validate short name if is_valid_short_name(add_short_name) != True: flash(u'Tapahtuman lyhytnimi ei ole kelvollinen. Tarkista tiedot ja yritä uudelleen.') return redirect(url_for('handle_list_events')) # Parse times and validate them add_start_time = parse_date(add_start_time) add_end_time = parse_date(add_end_time) if add_start_time == False: flash(u'Tapahtuman alkuaika ei ole kelvollinen. Tarkista tiedot ja yritä uudelleen.') return redirect(url_for('handle_list_events')) if add_end_time == False: flash(u'Tapahtuman päättymisaika ei ole kelvollinen. Tarkista tiedot ja yritä uudelleen.') return redirect(url_for('handle_list_events')) # Check that end time is later than start time if add_start_time >= add_end_time: flash(u'Tapahtuma ei voi päättyä ennen alkamistaan. Tarkista tiedot ja yritä uudelleen.') return redirect(url_for('handle_list_events')) # Check if event already exists with short name if event_exists(add_short_name): flash(u'Tapahtuman lyhytnimi on jo käytössä. Valitse toinen nimi tai poista olemassa oleva tapahtuma.') return redirect(url_for('handle_list_events')) # Call Are You A Human scoring service if ayah.score_result(ayah_session_secret) == False: flash(u'Spämmitarkistus epäonnistui. Tarkista että et ole spämmirobotti ja/tai yritä uudelleen.') return redirect(url_for('handle_list_events')) # Request URL and check it's valid add_url = validate_url(add_url) if add_url == False: flash(u'Tapahtuman URL-osoite ei ole kelvollinen. Tarkista tiedot ja yritä uudelleen.') return redirect(url_for('handle_list_events')) # TODO Spämmitarkistuksia lyhyt nimi, nimi ja URL. Domain/sanalistan mukaan pisteytys. # Add event to system if add_event(short_name=add_short_name, name=add_name, url=add_url, start_time=add_start_time, end_time=add_end_time) == False: flash( u'Tapahtuman lisäämisessä tapahtui mystinen virhe. Tarkista tiedot ja yritä uudelleen. Ongelman jatkuessa ota yhteyttä.') return redirect(url_for('handle_list_events')) else: secret_key = get_event_secret_key(add_short_name) flash( u'Tapahtuma lisättiin onnistuneesti. Tapahtuman salainen avain on %s. Pidä se tallessa esimerkiksi poistoa varten.' % secret_key) return redirect(url_for('handle_list_events'))
def clean(self, data): if not ayah.score_result(data): raise forms.ValidationError('Please solve the puzzle')
def register(): """ The register view. Renders the register form when requested and performs the registration process when submitted. """ ayah_html = ayah.get_publisher_html() if request.method == 'POST': form = request.form hashed_username = unicode(hash_username(form['username'])) secret = form['session_secret'] passed = ayah.score_result(secret) if passed: # check if the email exists already in the DB. try: email_user_object = None email_user_cursor = r.db(DB_EMAILS).table(T_EMAILS).get_all(form['email'], index="email").run() for d in email_user_cursor: email_user_object = d if len(form['email']) == 0: pass elif len(form['email']) > 0: if email_user_object is not None: if email_user_object['email'] == form['email']: form = RegisterForm(request.form) message = "Email already exists!" return render_template('register.html', form=form, ayah_html=ayah_html, message=message) else: pass except RqlRuntimeError: form = RegisterForm(request.form) message = "Email already exists!" return render_template('register.html', form=form, ayah_html=ayah_html, message=message) try: # if this runs, DB already exists with email and we continue on r.db_create(hashed_username).run() # this is where all graphs will be saved new_user = {} new_user['email'] = form['email'] # can be empty, but must be unique, as checked above. new_user['user_id'] = form['username'] new_user['username'] = form['username'] new_user['password'] = hash_password(form['username'], form['password']) new_user['site_id'] = hashed_username # just the username hashed new_user['date_registered'] = str(datetime.now()) r.db(DB_USERS).table_create(hashed_username).run() r.db(DB_USERS).table(hashed_username).insert(new_user).run() r.db(DB_USERS).table(hashed_username).index_create("site_id").run() # r.db(DB_USERS).table(hashed_username).index_wait("site_id").run() r.db(DB_USERS).table(hashed_username).index_create("email").run() # r.db(DB_USERS).table(hashed_username).index_wait("email").run() email_map_obj = { 'username': form['username'], 'email': form['email'] } r.db(DB_EMAILS).table(T_EMAILS).insert(email_map_obj).run() return redirect(url_for('login')) except RqlRuntimeError: form = RegisterForm(request.form) message = "Username already exists! Please try again." return render_template('register.html', form=form, ayah_html=ayah_html, message=message) else: form = RegisterForm(request.form) message = "You ain't no human! Please try again." return render_template('register.html', form=form, ayah_html=ayah_html, message=message) elif request.method == 'GET': form = RegisterForm(request.form) return render_template('register.html', form=form, ayah_html=ayah_html)