def game_edit_request(request, game_id):
g = Game.objects.get(pk=game_id)
ayah_html = ayah.get_publisher_html()
if not request.user.is_authenticated():
return HttpResponseRedirect('/login/')
if request.method == 'POST':
form = GameRegistrationForm(request.POST, request.FILES)
if form.is_valid():
secret = request.POST['session_secret']
passed = ayah.score_result(secret)
if passed:
try:
g.concept_only=form.cleaned_data['concept_only']
except Error:
pass
g.name=form.cleaned_data['name']
g.short_desc = form.cleaned_data['short_desc']
g.description = form.cleaned_data['description']
g.team = form.cleaned_data['team']
g.save()
return HttpResponseRedirect('/members/profile/')
else:
context = {'form':form, 'ayah_html':ayah_html}
else:
context = {'form':form,'ayah_html':ayah_html}
else:
form = GameRegistrationForm(instance=g)
context = {'form':form,'ayah_html':ayah_html}
return render_to_response(
'runs/edit_game.html',
context,
context_instance=RequestContext(request))
def game_registration_request(request):
ayah_html = ayah.get_publisher_html()
if not request.user.is_authenticated():
return HttpResponseRedirect('/login/')
if request.method == 'POST':
form = GameRegistrationForm(request.POST, request.FILES)
if form.is_valid():
secret = request.POST['session_secret']
passed = ayah.score_result(secret)
if passed:
g = form.save(commit=False)
g.added_date = timezone.now()
g.description = sanitizeHtml(request.POST['description'])
g.run = get_object_or_404(Run, current_run = True)
g.leader = request.user
g.save()
return HttpResponseRedirect('/members/profile/')
else:
context = {'form':form, 'ayah_html':ayah_html}
else:
context = {'form':form,'ayah_html':ayah_html}
else:
form = GameRegistrationForm()
context = {'form':form,'ayah_html':ayah_html}
return render_to_response(
'runs/register_game.html',
context,
context_instance=RequestContext(request))
def POST(self):
data = web.input()
ishuman = False
if data.__contains__('session-secret'):
ishuman = ayah.score_result(data['session-secret'])
if ishuman and data.__contains__('subject') and data.__contains__('message') and data.__contains__('senderemail'):
# good
web.sendmail('*****@*****.**', '*****@*****.**', data['subject'], data['message'])
def POST(self):
data = web.input()
ishuman = False
if data.__contains__('session-secret'):
ishuman = ayah.score_result(data['session-secret'])
if ishuman and data.__contains__('subject') and data.__contains__(
'message') and data.__contains__('senderemail'):
# good
web.sendmail('*****@*****.**', '*****@*****.**',
data['subject'], data['message'])
def add_article(request):
ayah.configure(settings.AYAH_PUBLISHER_KEY, settings.AYAH_SCORING_KEY)
if request.method == "POST":
form = ArticleForm(request.POST)
if form.is_valid():
#subject = form.cleaned_data['subject']
#message = form.cleaned_data['message']
#sender = form.cleaned_data['sender']
#cc_myself = form.cleaned_data['cc_myself']
ayah_form_secret = form.data.get('session_secret')
if not settings.DEBUG and not ayah.score_result(ayah_form_secret):
return HttpResponseRedirect('/')
recipients = [settings.DEFAULT_FROM_EMAIL]
message = 'Url - %s Tags: %s' % (form.cleaned_data['link'], form.cleaned_data['tags'])
test = form.save(commit=False)
# Add user
test.added_by = request.user
test.save()
article_id = Article.objects.get(id=test.id)
for tag in form.cleaned_data['tags']:
# Add the tags to the article
Article_Tags(article=article_id, tag=tag).save()
from django.core.mail import send_mail
send_mail('New article: %s' % form.cleaned_data['link'], message, '*****@*****.**', recipients)
return HttpResponseRedirect('/')
else:
form = ArticleForm()
return render_to_response('article/add_article.html',
{
'form':form,
'ayah': ayah.get_publisher_html()
},
context_instance=RequestContext(request)
)
def member_registration(request):
'''
This view controls User registration.
'''
ayah_html = ayah.get_publisher_html()
if request.user.is_authenticated():
return HttpResponseRedirect('/members/profile/')
if request.method == 'POST':
form = UserRegistrationForm(request.POST, request.FILES)
if form.is_valid():
secret = request.POST['session_secret']
passed = ayah.score_result(secret)
if passed:
user = User.objects.create_user(
username=form.cleaned_data['username'],
email = form.cleaned_data['email'],
password = form.cleaned_data['password'],
)
user.first_name = form.cleaned_data['first_name']
user.last_name = form.cleaned_data['last_name']
user.save()
profile = user.get_profile()
profile.about = form.cleaned_data['about']
profile.save()
member = authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['password'])
login(request, member)
return HttpResponseRedirect('/members/profile/')
else:
context = {'form':form, 'ayah_html':ayah_html}
else:
context = {'form':form, 'ayah_html':ayah_html}
else:
form = UserRegistrationForm()
context = {'form':form, 'ayah_html':ayah_html}
return render_to_response(
'members/register_member.html',
context,
context_instance=RequestContext(request))
def member_registration(request):
'''
This view controls User registration.
'''
ayah_html = ayah.get_publisher_html()
if request.user.is_authenticated():
return HttpResponseRedirect('/members/profile/')
if request.method == 'POST':
form = UserRegistrationForm(request.POST, request.FILES)
if form.is_valid():
secret = request.POST['session_secret']
passed = ayah.score_result(secret)
if passed:
user = User.objects.create_user(
username=form.cleaned_data['username'],
email=form.cleaned_data['email'],
password=form.cleaned_data['password'],
)
user.first_name = form.cleaned_data['first_name']
user.last_name = form.cleaned_data['last_name']
user.save()
profile = user.get_profile()
profile.about = form.cleaned_data['about']
profile.save()
member = authenticate(username=form.cleaned_data['username'],
password=form.cleaned_data['password'])
login(request, member)
return HttpResponseRedirect('/members/profile/')
else:
context = {'form': form, 'ayah_html': ayah_html}
else:
context = {'form': form, 'ayah_html': ayah_html}
else:
form = UserRegistrationForm()
context = {'form': form, 'ayah_html': ayah_html}
return render_to_response('members/register_member.html',
context,
context_instance=RequestContext(request))
def handle_remove_event():
"""
Validate secret code and remove event, flash and redirect to frontpage
"""
# TODO Aikaperusteinen hidaste avainten brute force -spämmäyksen estoon
if request.method == 'GET':
flash(u'Käytä lomaketta')
return redirect(url_for('handle_list_events'))
# Get data from form
remove_short_name = request.form['short_name'].strip().lower()
remove_secret = request.form['secret'].strip().lower()
ayah_session_secret = strip_tags(request.form['session_secret'].strip())
# Setup Are You A Human check
ayah.configure(app.config['ARE_YOU_HUMAN_PUBLISHER_KEY'], app.config['ARE_YOU_HUMAN_SCORING_KEY'])
# Validation
if is_valid_short_name(remove_short_name) != True:
flash(u'Lyhytnimi tai salainen avain ei täsmää. Tarkista tiedot ja yritä uudelleen.')
return redirect(url_for('handle_list_events'))
if is_valid_secret_key(remove_secret, app.config['SECRET_KEY_CHARACTERS']) != True:
flash(u'Lyhytnimi tai salainen avain ei täsmää. Tarkista tiedot ja yritä uudelleen.')
return redirect(url_for('handle_list_events'))
if event_exists(remove_short_name) != True:
flash(u'Lyhytnimi tai salainen avain ei täsmää. Tarkista tiedot ja yritä uudelleen.')
return redirect(url_for('handle_list_events'))
# Call Are You A Human scoring service
if ayah.score_result(ayah_session_secret) == False:
flash(u'Spämmitarkistus epäonnistui. Tarkista että et ole spämmirobotti ja/tai yritä uudelleen.')
return redirect(url_for('handle_list_events'))
if not remove_event_with_secret(remove_short_name, remove_secret):
flash(u'Lyhytnimi tai salainen avain ei täsmää. Tarkista tiedot ja yritä uudelleen.')
return redirect(url_for('handle_list_events'))
else:
flash(u'Tapahtuma poistettu onnistuneesti.')
return redirect(url_for('handle_list_events'))
def handle_add_event():
"""
Validate and add event, flash and redirect to frontpage
"""
# TODO Aikaperusteinen hidaste tapahtumien lisäyksen spämmäämiseen
if request.method == 'GET':
flash(u'Käytä lomaketta')
return redirect(url_for('handle_list_events'))
# Get data from form
add_short_name = strip_tags(request.form['short_name'].strip())
add_name = strip_tags(request.form['name'].strip())
add_url = request.form['url'].strip().lower()
add_start_time = strip_tags(request.form['start_time'].strip())
add_end_time = strip_tags(request.form['end_time'].strip())
ayah_session_secret = strip_tags(request.form['session_secret'].strip())
# Setup Are You A Human check
ayah.configure(app.config['ARE_YOU_HUMAN_PUBLISHER_KEY'], app.config['ARE_YOU_HUMAN_SCORING_KEY'])
# Validate short name
if is_valid_short_name(add_short_name) != True:
flash(u'Tapahtuman lyhytnimi ei ole kelvollinen. Tarkista tiedot ja yritä uudelleen.')
return redirect(url_for('handle_list_events'))
# Parse times and validate them
add_start_time = parse_date(add_start_time)
add_end_time = parse_date(add_end_time)
if add_start_time == False:
flash(u'Tapahtuman alkuaika ei ole kelvollinen. Tarkista tiedot ja yritä uudelleen.')
return redirect(url_for('handle_list_events'))
if add_end_time == False:
flash(u'Tapahtuman päättymisaika ei ole kelvollinen. Tarkista tiedot ja yritä uudelleen.')
return redirect(url_for('handle_list_events'))
# Check that end time is later than start time
if add_start_time >= add_end_time:
flash(u'Tapahtuma ei voi päättyä ennen alkamistaan. Tarkista tiedot ja yritä uudelleen.')
return redirect(url_for('handle_list_events'))
# Check if event already exists with short name
if event_exists(add_short_name):
flash(u'Tapahtuman lyhytnimi on jo käytössä. Valitse toinen nimi tai poista olemassa oleva tapahtuma.')
return redirect(url_for('handle_list_events'))
# Call Are You A Human scoring service
if ayah.score_result(ayah_session_secret) == False:
flash(u'Spämmitarkistus epäonnistui. Tarkista että et ole spämmirobotti ja/tai yritä uudelleen.')
return redirect(url_for('handle_list_events'))
# Request URL and check it's valid
add_url = validate_url(add_url)
if add_url == False:
flash(u'Tapahtuman URL-osoite ei ole kelvollinen. Tarkista tiedot ja yritä uudelleen.')
return redirect(url_for('handle_list_events'))
# TODO Spämmitarkistuksia lyhyt nimi, nimi ja URL. Domain/sanalistan mukaan pisteytys.
# Add event to system
if add_event(short_name=add_short_name, name=add_name, url=add_url, start_time=add_start_time,
end_time=add_end_time) == False:
flash(
u'Tapahtuman lisäämisessä tapahtui mystinen virhe. Tarkista tiedot ja yritä uudelleen. Ongelman jatkuessa ota yhteyttä.')
return redirect(url_for('handle_list_events'))
else:
secret_key = get_event_secret_key(add_short_name)
flash(
u'Tapahtuma lisättiin onnistuneesti. Tapahtuman salainen avain on %s. Pidä se tallessa esimerkiksi poistoa varten.' % secret_key)
return redirect(url_for('handle_list_events'))
def clean(self, data):
if not ayah.score_result(data):
raise forms.ValidationError('Please solve the puzzle')
def clean(self, data):
if not ayah.score_result(data):
raise forms.ValidationError('Please solve the puzzle')
def register():
"""
The register view. Renders the register form when requested
and performs the registration process when submitted.
"""
ayah_html = ayah.get_publisher_html()
if request.method == 'POST':
form = request.form
hashed_username = unicode(hash_username(form['username']))
secret = form['session_secret']
passed = ayah.score_result(secret)
if passed:
# check if the email exists already in the DB.
try:
email_user_object = None
email_user_cursor = r.db(DB_EMAILS).table(T_EMAILS).get_all(form['email'], index="email").run()
for d in email_user_cursor:
email_user_object = d
if len(form['email']) == 0:
pass
elif len(form['email']) > 0:
if email_user_object is not None:
if email_user_object['email'] == form['email']:
form = RegisterForm(request.form)
message = "Email already exists!"
return render_template('register.html', form=form, ayah_html=ayah_html, message=message)
else:
pass
except RqlRuntimeError:
form = RegisterForm(request.form)
message = "Email already exists!"
return render_template('register.html', form=form, ayah_html=ayah_html, message=message)
try:
# if this runs, DB already exists with email and we continue on
r.db_create(hashed_username).run() # this is where all graphs will be saved
new_user = {}
new_user['email'] = form['email'] # can be empty, but must be unique, as checked above.
new_user['user_id'] = form['username']
new_user['username'] = form['username']
new_user['password'] = hash_password(form['username'], form['password'])
new_user['site_id'] = hashed_username # just the username hashed
new_user['date_registered'] = str(datetime.now())
r.db(DB_USERS).table_create(hashed_username).run()
r.db(DB_USERS).table(hashed_username).insert(new_user).run()
r.db(DB_USERS).table(hashed_username).index_create("site_id").run()
# r.db(DB_USERS).table(hashed_username).index_wait("site_id").run()
r.db(DB_USERS).table(hashed_username).index_create("email").run()
# r.db(DB_USERS).table(hashed_username).index_wait("email").run()
email_map_obj = {
'username': form['username'],
'email': form['email']
}
r.db(DB_EMAILS).table(T_EMAILS).insert(email_map_obj).run()
return redirect(url_for('login'))
except RqlRuntimeError:
form = RegisterForm(request.form)
message = "Username already exists! Please try again."
return render_template('register.html', form=form, ayah_html=ayah_html, message=message)
else:
form = RegisterForm(request.form)
message = "You ain't no human! Please try again."
return render_template('register.html', form=form, ayah_html=ayah_html, message=message)
elif request.method == 'GET':
form = RegisterForm(request.form)
return render_template('register.html', form=form, ayah_html=ayah_html)
