def show_uploaded_file(key, secret): shared_file = SharedFile.get_or_404(key) if secret != shared_file.delete_key: abort(404) return render_template('show_uploaded_file.html', f=shared_file)
def show_delete_file(key, secret): shared_file = SharedFile.get_or_404(key) if secret != shared_file.delete_key: abort(404) if request.method == 'POST': # delete the file and redirect to the upload form shared_file.delete() flash(_('Your file have been deleted.')) return redirect(url_for('show_upload_form')) return render_template('show_delete_file.html', f=shared_file)
def action_clean(quiet): today = date.today() count = 0 deleted_files = [] for f in SharedFile.find_all(): if f.expire_date < today: f.delete(notify=False) count += 1 deleted_files.append(f) if not quiet and count > 0: print u'Files deleted: {0}'.format(count) for info in deleted_files: print u" - '{0}' - {1}".format(os.path.join(info.path, info.filename), filesizeformat(info.size, True))
def action_clean(quiet): today = date.today() count = 0 deleted_files = [] for f in SharedFile.find_all(): if f.expire_date < today: f.delete(notify=False) count += 1 deleted_files.append(f) if not quiet and count > 0: print u'Files deleted: {0}'.format(count) for info in deleted_files: print u" - '{0}' - {1}".format( os.path.join(info.path, info.filename), filesizeformat(info.size, True))
def get_file(key, filename): shared_file = SharedFile.get_or_404(key) if not shared_file.filename == filename: abort(404) filepath = os.path.join(app.config['FLASKUP_UPLOAD_FOLDER'], shared_file.path, filename) if not os.path.isfile(filepath): abort(404) # add the 'Content-Length' header # browsers can show a progress bar filesize = str(shared_file.size) response = make_response(send_file(filepath, as_attachment=True, attachment_filename=filename)) response.headers['Content-Length'] = filesize return response
def get_file(key, filename): shared_file = SharedFile.get_or_404(key) if not shared_file.filename == filename: abort(404) filepath = os.path.join(app.config['FLASKUP_UPLOAD_FOLDER'], shared_file.path, filename) if not os.path.isfile(filepath): abort(404) # add the 'Content-Length' header # browsers can show a progress bar filesize = str(shared_file.size) response = make_response( send_file(filepath, as_attachment=True, attachment_filename=filename)) response.headers['Content-Length'] = filesize return response
def upload_file(): if request.headers.getlist("X-Forwarded-For"): remote_ip = request.headers.getlist("X-Forwarded-For")[0] else: remote_ip = request.environ.get('REMOTE_ADDR', None) upload_file = None password_identifier = None passwords = app.config['FLASKUP_UPLOAD_PASSWORDS'] if passwords: # check if user provided a valid password mypassword = request.form.get('mypassword') check_password = app.config.get('FLASKUP_UPLOAD_PASSWORDS_CHECK') valid_password = False for hashed_password, info in passwords: try: if check_password(mypassword, hashed_password): password_identifier = info valid_password = True continue except: # An exception was raised when cheking the password. # Treat this as a password check failure, so do nothing # more. pass if not valid_password: message = _("Incorrect password") return jsonify(message=message), 400 if app.config['FLASKUP_NGINX_UPLOAD_MODULE_ENABLED']: # Nginx Upload Module if 'myfile.name' in request.form and 'myfile.path' in request.form: realpath = os.path.realpath(request.form['myfile.path']) storepath = app.config['FLASKUP_NGINX_UPLOAD_MODULE_STORE'] storepath = os.path.realpath(storepath) if realpath.startswith(storepath): upload_file = NginxUploadFile( filename=request.form['myfile.name'], path=request.form['myfile.path'] ) else: # the path given in `myfile.path` is outside the store path # this should not happen message = "'{0}' not in the Nginx upload-module store".format( request.form['myfile.path'] ) return jsonify(message=message), 400 else: # Werkzeug `FileStorage` (normal HTTP Post) if 'myfile' in request.files and request.files['myfile']: upload_file = request.files['myfile'] if upload_file is None: # no upload file message = _("The file is required.") if request.is_xhr: return jsonify(message=message), 400 else: return render_template('show_upload_form.html', error=message) shared_file = SharedFile() shared_file.upload_file = upload_file shared_file.remote_ip = remote_ip shared_file.password_identifier = password_identifier shared_file.save() # notify the user myemail = request.form.get('myemail', '').strip() if myemail: subject = render_template('emails/notify_me_subject.txt', f=shared_file, recipient=myemail) body = render_template('emails/notify_me_body.txt', f=shared_file, recipient=myemail) send_mail(subject, body, [myemail]) # notify contacts max_contacts = app.config['FLASKUP_MAX_CONTACTS'] if 'mycontacts' in request.form: mycontacts = request.form['mycontacts'] all_contacts = [c.strip() for c in mycontacts.splitlines()] for contact in all_contacts[:max_contacts]: if contact: subject = render_template('emails/notify_contact_subject.txt', f=shared_file, sender=myemail, recipient=contact) body = render_template('emails/notify_contact_body.txt', f=shared_file, sender=myemail, recipient=contact) send_mail(subject, body, [contact]) if request.is_xhr: return jsonify(url=url_for('show_uploaded_file', key=shared_file.key, secret=shared_file.delete_key)) else: return redirect(url_for('show_uploaded_file', key=shared_file.key, secret=shared_file.delete_key))
def show_get_file(key): shared_file = SharedFile.get_or_404(key) return render_template('show_get_file.html', f=shared_file)
def upload_file(): if request.headers.getlist("X-Forwarded-For"): remote_ip = request.headers.getlist("X-Forwarded-For")[0] else: remote_ip = request.environ.get('REMOTE_ADDR', None) upload_file = None password_identifier = None passwords = app.config['FLASKUP_UPLOAD_PASSWORDS'] if passwords: # check if user provided a valid password mypassword = request.form.get('mypassword') check_password = app.config.get('FLASKUP_UPLOAD_PASSWORDS_CHECK') valid_password = False for hashed_password, info in passwords: try: if check_password(mypassword, hashed_password): password_identifier = info valid_password = True continue except: # An exception was raised when cheking the password. # Treat this as a password check failure, so do nothing # more. pass if not valid_password: message = _("Incorrect password") return jsonify(message=message), 400 if app.config['FLASKUP_NGINX_UPLOAD_MODULE_ENABLED']: # Nginx Upload Module if 'myfile.name' in request.form and 'myfile.path' in request.form: realpath = os.path.realpath(request.form['myfile.path']) storepath = app.config['FLASKUP_NGINX_UPLOAD_MODULE_STORE'] storepath = os.path.realpath(storepath) if realpath.startswith(storepath): upload_file = NginxUploadFile( filename=request.form['myfile.name'], path=request.form['myfile.path']) else: # the path given in `myfile.path` is outside the store path # this should not happen message = "'{0}' not in the Nginx upload-module store".format( request.form['myfile.path']) return jsonify(message=message), 400 else: # Werkzeug `FileStorage` (normal HTTP Post) if 'myfile' in request.files and request.files['myfile']: upload_file = request.files['myfile'] if upload_file is None: # no upload file message = _("The file is required.") if request.is_xhr: return jsonify(message=message), 400 else: return render_template('show_upload_form.html', error=message) shared_file = SharedFile() shared_file.upload_file = upload_file shared_file.remote_ip = remote_ip shared_file.password_identifier = password_identifier shared_file.save() # notify the user myemail = request.form.get('myemail', '').strip() if myemail: subject = render_template('emails/notify_me_subject.txt', f=shared_file, recipient=myemail) body = render_template('emails/notify_me_body.txt', f=shared_file, recipient=myemail) send_mail(subject, body, [myemail]) # notify contacts max_contacts = app.config['FLASKUP_MAX_CONTACTS'] if 'mycontacts' in request.form: mycontacts = request.form['mycontacts'] all_contacts = [c.strip() for c in mycontacts.splitlines()] for contact in all_contacts[:max_contacts]: if contact: subject = render_template('emails/notify_contact_subject.txt', f=shared_file, sender=myemail, recipient=contact) body = render_template('emails/notify_contact_body.txt', f=shared_file, sender=myemail, recipient=contact) send_mail(subject, body, [contact]) if request.is_xhr: return jsonify(url=url_for('show_uploaded_file', key=shared_file.key, secret=shared_file.delete_key)) else: return redirect( url_for('show_uploaded_file', key=shared_file.key, secret=shared_file.delete_key))