def get(self):
token = self.get_argument('csrf_token', None)
db = Database()
user, mod = db.get_username(token)
if user:
self.render('chat.html', {'host': self.request.host, 'user': user, 'csrf_token': token, 'mod': mod})
else:
self.write("User could not be verified <br/>")
if token == 'banned':
self.write('You are banned!')
def get(self):
token = self.get_argument('csrf_token', None)
db = Database()
user, mod = db.get_username(token)
print self.request.host
if user:
self.render('chat.html', {'host': self.request.host, 'user': user, 'csrf_token': token, 'mod': mod})
else:
self.write("User could not be verified <br/>")
if token == 'banned':
self.write('You are banned!')
def get(self):
token = self.get_argument('csrf_token', None)
db = Database()
user, mod = db.get_username(token)
rm = self.get_argument('rm', None)
if mod and rm is not None:
db.remove_banned_user(rm)
if mod:
bans = db.get_banned_users()
self.render('bans.html',{'bans': bans, 'token': token})
else:
self.write("You are not a moderator!")
def get(self):
token = self.get_argument('csrf_token', None)
db = Database()
user, mod = db.get_username(token)
rm = self.get_argument('rm', None)
if mod and rm is not None:
db.remove_banned_user(rm)
if mod:
bans = db.get_banned_users()
self.render('bans.html', {'bans': bans, 'token': token})
else:
self.write("You are not a moderator!")
def post(self, *args, **kwargs):
value = self.get_argument('val', None)
action = self.get_argument('action', None)
csrf_token = self.get_argument('csrf_token', None)
# Sanitize Input
if value is not None:
restricted_words = ['<script>', '<p>', '</p>']
for x in restricted_words:
value = value.replace(x, '')
if value == '':
value = None
if value is not None and action is not None and csrf_token is not None:
db = Database()
user, mod = db.get_username(csrf_token)
if user is not None and not db.is_banned(user):
# Add message
if action == 'add':
line_id, date = db.save_message(user, value)
response = {'user': user, 'action': action, 'val': value, 'line': line_id,
'online': len(SOCKETS)}
data = json.dumps(response)
for socket in SOCKETS:
socket.write_message(data)
self.write('Added')
# Add private message
if action == 'pvt_msg':
username = self.get_argument('username', None)
line_id, date = db.save_pvt_message(user, username, value)
response = {'user': user, 'action': action, 'val': value, 'username': username, 'line': line_id,
'online': len(SOCKETS)}
data = json.dumps(response)
for socket in SOCKETS:
socket.write_message(data)
self.write('Added')
#Remove message
if action == 'remove':
response = {'user': user, 'action': action, 'val': value, 'online': len(SOCKETS)}
data = json.dumps(response)
if int(mod) == 1:
db.remove_message(value)
for socket in SOCKETS:
socket.write_message(data)
self.write('Remove command issued')
else:
self.write('Permission denied')
# Remove all messages
if action == 'remove_all':
response = {'user': user, 'action': action, 'val': value, 'online': len(SOCKETS)}
data = json.dumps(response)
if int(mod) == 1:
db.remove_all_messages(value)
for socket in SOCKETS:
socket.write_message(data)
self.write('Removed all messages')
else:
self.write('Permission denied')
# Ban user
if action == 'ban':
response = {'user': user, 'action': action, 'val': value, 'online': len(SOCKETS)}
data = json.dumps(response)
if int(mod) == 1:
db.ban_user(value)
for socket in SOCKETS:
socket.write_message(data)
self.write('Removed all messages')
else:
self.write('Permission denied')
else:
self.write('Invalid Value')
else:
self.write('No user found')
def post(self, *args, **kwargs):
value = self.get_argument('val', None)
action = self.get_argument('action', None)
csrf_token = self.get_argument('csrf_token', None)
# Sanitize Input
if value is not None:
restricted_words = ['<script>', '<p>', '</p>']
for x in restricted_words:
value = value.replace(x, '')
if value == '':
value = None
if value is not None and action is not None and csrf_token is not None:
db = Database()
user, mod = db.get_username(csrf_token)
if user is not None and not db.is_banned(user):
# Add message
if action == 'add':
line_id, date = db.save_message(user, value)
response = {'user': user, 'action': action, 'val': value, 'line': line_id,
'online': len(SOCKETS)}
data = json.dumps(response)
for socket in SOCKETS:
socket.write_message(data)
self.write('Added')
# Add private message
if action == 'pvt_msg':
username = self.get_argument('username', None)
line_id, date = db.save_pvt_message(user, username, value)
response = {'user': user, 'action': action, 'val': value, 'username': username, 'line': line_id,
'online': len(SOCKETS)}
data = json.dumps(response)
for socket in SOCKETS:
socket.write_message(data)
self.write('Added')
#Remove message
if action == 'remove':
response = {'user': user, 'action': action, 'val': value, 'online': len(SOCKETS)}
data = json.dumps(response)
if int(mod) == 1:
db.remove_message(value)
for socket in SOCKETS:
socket.write_message(data)
self.write('Remove command issued')
else:
self.write('Permission denied')
# Remove all messages
if action == 'remove_all':
response = {'user': user, 'action': action, 'val': value, 'online': len(SOCKETS)}
data = json.dumps(response)
if int(mod) == 1:
db.remove_all_messages(value)
for socket in SOCKETS:
socket.write_message(data)
self.write('Removed all messages')
else:
self.write('Permission denied')
# Ban user
if action == 'ban':
response = {'user': user, 'action': action, 'val': value, 'online': len(SOCKETS)}
data = json.dumps(response)
if int(mod) == 1:
db.ban_user(value)
for socket in SOCKETS:
socket.write_message(data)
self.write('Removed all messages')
else:
self.write('Permission denied')
else:
self.write('Invalid Value')
else:
self.write('No user found')
