def EditList(request): if request.is_ajax(): if request.method == "POST": form = NewListForm(request.POST, error_class=TextErrorList) if form.is_valid(): if str(request.POST['id']) == str(int(request.POST['id'])): try: listobj = List.objects.get(id=request.POST['id']) except List.DoesNotExist: raise Http404 if 'listsession' in request.POST.keys(): if request.POST['listsession']: p = request.POST['listsession'].split('$') if request.POST['listsession'] != passHash(request.user.username + listobj.password, p[1]): raise Http404 else: listsession = '' else: raise Http404 referer = request.META['HTTP_REFERER'] if referer[referer[:-1].rfind('/')+1:] != listobj.url: raise Http404 if listobj.visibility == 0: #Public if listobj.perm != 1 and request.user != listobj.user: raise Http404 else: #Private if request.user.is_authenticated(): if listobj.emails: if request.user.email not in listobj.emails.split(',') and request.user != listobj.user: raise Http404 elif request.user != listobj.user: raise Http404 else: raise Http404 listobj.name = form.cleaned_data['name'] listobj.description = form.cleaned_data['description'] listobj.url = form.cleaned_data['url'] listobj.visibility = form.cleaned_data['visibility'] listobj.perm = form.cleaned_data['perm'] listobj.emails = form.cleaned_data['emails'] try: listobj.save() except IntegrityError as error: return HttpResponse(json.dumps({'errors':[error]})) return HttpResponse(json.dumps({'errors':''})) else: raise Http404 else: return HttpResponse(json.dumps({'errors':[form.non_field_errors(), ["%s: %s" % (field, error) for field, error in form.errors.items()]]})) else: raise Http404 else: raise Http404
def NewList(request): if request.method == "POST" and request.is_ajax(): form = NewListForm(request.POST, error_class=TextErrorList) if form.is_valid(): referer = request.META['HTTP_REFERER'] if referer[referer[:-1].rfind('/')+1:] != 'dashboard/': raise Http404 if form.cleaned_data['url'] != '': try: List.objects.get(url=form.cleaned_data['url']) return HttpResponse(json.dumps({'errors':["The URL you chose was already taken."]})) except List.DoesNotExist: pass listobj = List() listobj.user = request.user listobj.name = form.cleaned_data['name'] listobj.description = form.cleaned_data['description'] listobj.url = form.cleaned_data['url'] listobj.password = form.cleaned_data['password'] listobj.visibility = form.cleaned_data['visibility'] if 'perm' in form.cleaned_data.keys(): perm = form.cleaned_data['perm'] if perm == "on": listobj.perm = 1 else: listobj.perm = 0 listobj.emails = form.cleaned_data['emails'] try: listobj.save() print listobj.password except IntegrityError as error: return HttpResponse(json.dumps({'errors':[error.__str__()]})) return HttpResponse(json.dumps({'errors':'', 'url':listobj.url, 'id':listobj.id})) else: return HttpResponse(json.dumps({'errors':[form.non_field_errors(), ["%s: %s" % (field, error) for field, error in form.errors.items()]]})) else: raise Http404