def new_edit(itemid, description, userid, ip):
if userid == 0:
userid = None
username = users.user_by_uid(userid)
try:
date = datetime.datetime.utcnow().strftime("%Y-%m-%d %H:%M:%S")
sql = "insert into itemedits (date, itemid, userid, ip, body) values (%(date)s, %(itemid)s, %(userid)s, %(ip)s, %(body)s);"
doquery(
sql, {
'date': date,
'itemid': itemid,
'userid': userid,
'ip': ip_uid(ip),
'body': description
})
sql = "select uid from itemedits where date=%(date)s and itemid=%(itemid)s and ip=%(ip)s;"
edit = doquery(sql, {
'date': date,
'itemid': itemid,
'ip': ip_uid(ip)
})[0][0]
sql = "update items set description = %(edit)s, modified = %(modified)s where uid = %(uid)s;"
doquery(sql, {"uid": itemid, "edit": edit, "modified": date})
logger.info('item {} edited by {} / {} '.format(itemid, username, ip))
return edit
except MySQLdb.OperationalError, Warning:
logger.info('Error editing item {} by {} ({})'.format(
itemid, username, ip))
#FIXME: raise something else
raise NoItem(itemid)
def history(self):
"""
Get the edit history for an item.
:return: A list of objects with the following attributes:
* uid - The edit's uid, zero filled
* itemid - The item id
* date - Date of the edit
* userid - Editing user
* ip - IP address of the editor
"""
sql = """select itemedits.uid, itemedits.itemid, itemedits.date, itemedits.userid, ip.ip
from itemedits
join ip on itemedits.ip=ip.uid
where itemid = %(uid)s
order by uid desc;"""
edits = doquery(sql, { 'uid': self.uid })
ret = list()
for edit in edits:
editobject = ItemHist(edit[0])
editobject.uid = str(editobject.uid).zfill(8)
editobject.itemid = edit[1]
editobject.date = edit[2]
editobject.userid = edit[3]
editobject.ip = edit[4]
editobject.user = users.user_by_uid(editobject.userid)
ret.append(editobject)
return ret
def __init__(self, messageid):
super(self.__class__, self).__init__(messageid)
self.tradeitemstatus = tradeitemstatus
self.tradestatus = tradestatus
self.items = []
sql = 'select * from tradelist where messageid = %(uid)s;'
result = doquery(sql, {"uid": messageid})
complete = True
for item in result:
ti = TradeItem(item[0])
ti.itemid = item[1]
ti.messageid = item[2]
ti.userid = item[3]
ti.acceptstatus = item[4]
ti.item = items.SiteItem.create(ti.itemid)
ti.user = users.SiteUser.create(users.user_by_uid(ti.userid))
self.items.append(ti)
if (ti.acceptstatus != tradeitemstatus['accepted']):
complete = False
if complete == True and self.status < tradestatus['settled_trade']:
self.status = tradestatus['complete_trade']
def new_img(f, title, parent, userid, ip):
raw = f.read()
username = users.user_by_uid(userid)
if not imghdr.what(None, raw):
logger.info('failed to add image to {} by {} / {} '.format(
parent, username, ip))
return
image = base64.b64encode(raw)
title = title.strip()[:64]
sql = "insert into images (tag, parent, userid, image, ip) values (%(tag)s, %(parent)s, %(userid)s, %(image)s, %(ip)s);"
doquery(
sql, {
'tag': title,
'userid': userid,
'ip': utility.ip_uid(ip),
'parent': parent,
'image': image
})
# there is a potential race condition with last_insert_id()
sql = "select last_insert_id();"
imgid = doquery(sql)[0][0]
sql = "insert into imgmods (userid, imgid) values (%(userid)s, %(imgid)s);"
doquery(sql, {'userid': userid, 'imgid': imgid})
logger.info('new image added to {} by {} / {} '.format(
parent, username, ip))
return imgid
def __init__(self, messageid):
super(self.__class__, self).__init__(messageid)
self.tradeitemstatus = tradeitemstatus
self.tradestatus = tradestatus
self.items = []
sql = 'select * from tradelist where messageid = %(uid)s;'
result = doquery(sql, {"uid": messageid})
complete = True
for item in result:
ti = TradeItem(item[0])
ti.itemid = item[1]
ti.messageid = item[2]
ti.userid = item[3]
ti.acceptstatus = item[4]
ti.item = items.SiteItem.create(ti.itemid)
ti.user = users.SiteUser.create(users.user_by_uid(ti.userid))
self.items.append(ti)
if (ti.acceptstatus != tradeitemstatus['accepted']):
complete = False
if complete == True and self.status < tradestatus['settled_trade']:
self.status = tradestatus['complete_trade']
def send_pm(fromuserid, touserid, subject, message, status, parent):
# FIXME: parent id validation
sent = datetime.datetime.utcnow().strftime("%Y-%m-%d %H:%M:%S")
sql = "insert into messages (fromuserid, touserid, subject, message, parent, sent, status) values (%(fromuserid)s, %(touserid)s, %(subject)s, %(message)s, %(parent)s, %(sent)s, %(status)s);"
doquery(sql, { 'fromuserid': fromuserid, 'touserid': touserid, 'subject': subject, 'message': message, 'parent': parent, 'sent': sent, 'status': status })
sql = "select uid from messages where fromuserid=%(fromuserid)s and touserid=%(touserid)s and sent=%(sent)s;"
messageid = doquery(sql, { 'fromuserid': fromuserid, 'touserid': touserid, 'sent': sent })[0][0]
email_user = users.SiteUser.create(users.user_by_uid(touserid))
from_user = users.SiteUser.create(users.user_by_uid(fromuserid))
message = render_template('email/pm_notify.html', to_user=email_user, email=email_user.email, from_user=from_user, message=message, status=status, parent=parent, messageid=obfuscate(messageid))
subject = '[Scarfage] (PM) ' + subject
send_mail(recipient=email_user.email, subject=subject, message=message)
return messageid
def send_pm(fromuserid, touserid, subject, message, status, parent):
# FIXME: parent id validation
sent = datetime.datetime.utcnow().strftime("%Y-%m-%d %H:%M:%S")
sql = "insert into messages (fromuserid, touserid, subject, message, parent, sent, status) values (%(fromuserid)s, %(touserid)s, %(subject)s, %(message)s, %(parent)s, %(sent)s, %(status)s);"
doquery(
sql, {
'fromuserid': fromuserid,
'touserid': touserid,
'subject': subject,
'message': message,
'parent': parent,
'sent': sent,
'status': status
})
sql = "select uid from messages where fromuserid=%(fromuserid)s and touserid=%(touserid)s and sent=%(sent)s;"
messageid = doquery(sql, {
'fromuserid': fromuserid,
'touserid': touserid,
'sent': sent
})[0][0]
email_user = users.SiteUser.create(users.user_by_uid(touserid))
from_user = users.SiteUser.create(users.user_by_uid(fromuserid))
message = render_template('email/pm_notify.html',
to_user=email_user,
email=email_user.email,
from_user=from_user,
message=message,
status=status,
parent=parent,
messageid=obfuscate(messageid))
if status:
subject = '[Scarfage] (Trade) ' + subject
else:
subject = '[Scarfage] (PM) ' + subject
send_mail(recipient=email_user.email, subject=subject, message=message)
return messageid
def __init__(self, messageid):
sql = 'select * from messages where uid = %(uid)s;'
result = doquery(sql, {'uid': messageid})
try:
self.uid = result[0][0]
self.uid_obfuscated = obfuscate(result[0][0])
self.from_uid = result[0][1]
self.to_uid = result[0][2]
self.subject = result[0][3]
self.message = result[0][4]
self.status = result[0][5] # trade status, None for PMs
self.parentid = result[0][6]
self.parentid_obfuscated = obfuscate(result[0][6])
self.sent = result[0][7]
self.from_user = users.SiteUser.create(users.user_by_uid(self.from_uid)).username
self.to_user = users.SiteUser.create(users.user_by_uid(self.to_uid)).username
except IndexError:
raise NoItem(messageid)
def __init__(self, messageid):
sql = 'select * from messages where uid = %(uid)s;'
result = doquery(sql, {'uid': messageid})
try:
self.uid = result[0][0]
self.uid_obfuscated = obfuscate(result[0][0])
self.from_uid = result[0][1]
self.to_uid = result[0][2]
self.subject = result[0][3]
self.message = result[0][4]
self.status = result[0][5] # trade status, None for PMs
self.parentid = result[0][6]
self.parentid_obfuscated = obfuscate(result[0][6])
self.sent = result[0][7]
self.from_user = users.SiteUser.create(
users.user_by_uid(self.from_uid)).username
self.to_user = users.SiteUser.create(users.user_by_uid(
self.to_uid)).username
except IndexError:
raise NoItem(messageid)
def wantusers(self):
wantusers = list()
want = 0
sql = "select userid from ownwant where itemid = %(uid)s and want = 1 and hidden = 0"
res = doquery(sql, {"uid": self.uid})
for user in res:
want = want + 1
userinfo = users.SiteUser.create(users.user_by_uid(user[0]))
wantusers.append(userinfo)
return (want, wantusers)
def willtradeusers(self):
willtradeusers = list()
willtrade = 0
sql = "select userid from ownwant where itemid = %(uid)s and willtrade = 1"
res = doquery(sql, {"uid": self.uid})
for user in res:
willtrade = willtrade + 1
userinfo = users.SiteUser.create(users.user_by_uid(user[0]))
willtradeusers.append(userinfo)
return (willtrade, willtradeusers)
def haveusers(self):
haveusers = list()
have = 0
sql = "select userid,hidden from ownwant where itemid = %(uid)s and own = 1"
res = doquery(sql, {"uid": self.uid})
for user in res:
have = have + 1
if not user[1]:
userinfo = users.SiteUser.create(users.user_by_uid(user[0]))
haveusers.append(userinfo)
return (have, haveusers)
def willtradeusers(self):
"""
Get a list of users that have this item in their collection and available for trade.
:return: list of SiteUser objects
"""
willtradeusers = list()
willtrade = 0
sql = "select userid from ownwant where itemid = %(uid)s and willtrade = 1"
res = doquery(sql, {"uid": self.uid})
for user in res:
willtrade = willtrade + 1
userinfo = users.SiteUser.create(users.user_by_uid(user[0]))
willtradeusers.append(userinfo)
return (willtrade, willtradeusers)
def wantusers(self):
"""
Get a list of users that want this item.
:return: list of SiteUser objects
"""
wantusers = list()
want = 0
sql = "select userid from ownwant where itemid = %(uid)s and want = 1 and hidden = 0"
res = doquery(sql, {"uid": self.uid})
for user in res:
want = want + 1
userinfo = users.SiteUser.create(users.user_by_uid(user[0]))
wantusers.append(userinfo)
return (want, wantusers)
def haveusers(self):
"""
Get a list of users that have this item in their collections.
:return: list of SiteUser objects
"""
haveusers = list()
have = 0
sql = "select userid,hidden from ownwant where itemid = %(uid)s and own = 1"
res = doquery(sql, {"uid": self.uid})
for user in res:
have = have + 1
if not user[1]:
userinfo = users.SiteUser.create(users.user_by_uid(user[0]))
haveusers.append(userinfo)
return (have, haveusers)
def history(self):
sql = """select itemedits.uid, itemedits.itemid, itemedits.date, itemedits.userid, ip.ip
from itemedits
join ip on itemedits.ip=ip.uid
where itemid = %(uid)s
order by uid desc;"""
edits = doquery(sql, {'uid': self.uid})
ret = list()
for edit in edits:
editobject = ItemHist(edit[0])
editobject.uid = str(editobject.uid).zfill(8)
editobject.itemid = edit[1]
editobject.date = edit[2]
editobject.userid = edit[3]
editobject.ip = edit[4]
editobject.user = users.user_by_uid(editobject.userid)
ret.append(editobject)
return ret
def new_img(f, title, parent, userid, ip):
raw = f.read()
username = users.user_by_uid(userid)
if not imghdr.what(None, raw):
logger.info('failed to add image to {} by {} / {} '.format(parent, username, ip))
return
image = base64.b64encode(raw)
title = title.strip()[:64]
sql = "insert into images (tag, parent, userid, image, ip) values (%(tag)s, %(parent)s, %(userid)s, %(image)s, %(ip)s);"
doquery(sql, { 'tag': title, 'userid': userid, 'ip': utility.ip_uid(ip), 'parent': parent, 'image': image})
# there is a potential race condition with last_insert_id()
sql = "select last_insert_id();"
imgid = doquery(sql)[0][0]
sql = "insert into imgmods (userid, imgid) values (%(userid)s, %(imgid)s);"
doquery(sql, { 'userid': userid, 'imgid': imgid })
logger.info('new image added to {} by {} / {} '.format(parent, username, ip))
return imgid
def new_edit(itemid, description, userid, ip):
if userid == 0:
userid = None
username = users.user_by_uid(userid)
try:
date = datetime.datetime.utcnow().strftime("%Y-%m-%d %H:%M:%S")
sql = "insert into itemedits (date, itemid, userid, ip, body) values (%(date)s, %(itemid)s, %(userid)s, %(ip)s, %(body)s);"
doquery(sql, { 'date': date, 'itemid': itemid, 'userid': userid, 'ip': ip_uid(ip), 'body': description })
sql = "select uid from itemedits where date=%(date)s and itemid=%(itemid)s and ip=%(ip)s;"
edit = doquery(sql, { 'date': date, 'itemid': itemid, 'ip': ip_uid(ip) })[0][0]
sql = "update items set description = %(edit)s, modified = %(modified)s where uid = %(uid)s;"
doquery(sql, {"uid": itemid, "edit": edit, "modified": date })
logger.info('item {} edited by {} / {} '.format(itemid, username, ip))
return edit
except MySQLdb.OperationalError, Warning:
logger.info('Error editing item {} by {} ({})'.format(itemid, username, ip))
#FIXME: raise something else
raise NoItem(itemid)
def new_item(name, description, userid, ip):
name = name.strip()[:64]
try:
sql = "insert into items (name, description, added, modified) values (%(name)s, 0, %(now)s, %(now)s);"
doquery(sql, { 'now': datetime.datetime.utcnow().strftime("%Y-%m-%d %H:%M:%S"), 'name': name })
sql = "select uid from items where name=%(name)s and description=0;"
itemid = doquery(sql, { 'name': name })[0][0]
except MySQLdb.OperationalError, Warning:
logger.info('Error adding item {} by {} ({})'.format(name, userid, ip))
raise NoItem(0)
new_edit(itemid, description, userid, ip)
username = users.user_by_uid(userid)
logger.info('new item {} added by {} / {} '.format(name, username, ip))
return itemid
# TODO: remove this once reimplemented with JS. #81
@memoize_with_expiry(item_cache, long_cache_persist)
def latest_items(limit=0):
items = list()
try:
if limit > 0:
sql = "SELECT uid FROM items order by added desc limit %(limit)s;"
else:
sql = "SELECT uid FROM items;"
result = doquery(sql, { 'limit': limit })
doquery(
sql, {
'now':
datetime.datetime.utcnow().strftime("%Y-%m-%d %H:%M:%S"),
'name': name
})
sql = "select uid from items where name=%(name)s and description=0;"
itemid = doquery(sql, {'name': name})[0][0]
except MySQLdb.OperationalError, Warning:
logger.info('Error adding item {} by {} ({})'.format(name, userid, ip))
raise NoItem(0)
new_edit(itemid, description, userid, ip)
username = users.user_by_uid(userid)
logger.info('new item {} added by {} / {} '.format(name, username, ip))
return itemid
@memoize_with_expiry(item_cache, long_cache_persist)
def latest_items(limit=0):
items = list()
try:
if limit > 0:
sql = "SELECT uid FROM items order by added desc limit %(limit)s;"
else:
sql = "SELECT uid FROM items;"
result = doquery(sql, {'limit': limit})
