def userAdmin(request, userId2):
WEB_FILES, LIVE_SITE, totalNumberOfGames, sendBackUrl, startOffset, \
user, userId, message, topHits, topRated = initialVars(request)
#log(request, 'USERADMINPAGE', 'just landed', sendBackUrl)
# need to convert to strings otherwise methods are unhappy.
# (should look into why this is.... TODO)
userId = str(userId)
userId2 = str(userId2)
# set sendBackUrl to their userPage if they logout
sendBackUrl = "/user/" + userId
# This will see if the user who's page is queried exists.
try:
userAdmin = User.objects.get(id__exact=userId)
except ObjectDoesNotExist:
request.session['message'] = "Something is amiss with your session.\
Please log in again!"
return HttpResponseRedirect('/')
if user == None:
request.session['message'] = "Something is amiss with your session.\
Please log in again."
return HttpResponseRedirect('/')
elif user != userAdmin:
request.session['message'] = "You aren't allowed on that page!"
return HttpResponseRedirect('/')
elif int(userId) != int(userId2):
# just another paranoid check
request.session['message'] = "You aren't allowed on that page!"
return HttpResponseRedirect('/')
if request.method == 'GET':
# forms to change password and description
try:
userDescription = UserProfile.objects.get(user=user)
except ObjectDoesNotExist:
userDescription = None
passwordForm = ChangePassword(initial={'username': user.username})
descriptionForm = UserDescription(initial={
'userId': userId,
'description': userDescription
})
elif request.method == 'POST':
whichform = request.POST.get('descriptionName', '')
if whichform:
# Form is description form
descriptionForm = UserDescription(request.POST)
if descriptionForm.is_valid():
userFromProfile = descriptionForm.cleaned_data['userId']
description = descriptionForm.cleaned_data['description']
try:
userDescription = UserProfile.objects.get(user=user)
except ObjectDoesNotExist:
userDescription = None
if userDescription == None:
userDescription = UserProfile(user=user,
description=description)
else:
userDescription.description = description
userDescription.save()
#log(request, 'USERADMINPAGE', 'modified description', sendBackUrl)
message = "The description has been changed. Perhaps to something\
more meaningful. Perhaps to less. Tough to say."
else:
# need to reload to User Admin Page with all variables
message = "Dude, something went wrong. Why you trying to hack our\
system?"
#log(request, 'USERADMINPAGEERROR', 'failed to modify description', sendBackUrl)
# passwordForm = ChangePassword(initial={'username': user.username})
# return render_to_response('useradmin.html' , locals())
passwordForm = ChangePassword(initial={'username': user.username})
return render_to_response('useradmin.html', locals())
else:
# Password form is submitted, POST
# First reinitialize the description form.
try:
userDescription = UserProfile.objects.get(user=user)
except ObjectDoesNotExist:
userDescription = None
descriptionForm = UserDescription(initial={
'userId': userId,
'description': userDescription
})
passwordForm = ChangePassword(request.POST)
if passwordForm.is_valid():
username = passwordForm.cleaned_data['username']
passwordOld = passwordForm.cleaned_data['passwordOld']
passwordNew1 = passwordForm.cleaned_data['passwordNew1']
passwordNew2 = passwordForm.cleaned_data['passwordNew2']
else:
# need to reload to User Admin Page with all variables
#log(request, 'USERADMINPAGEERROR', 'Password Form not valid', sendBackUrl)
return render_to_response('useradmin.html', locals())
if passwordNew1 != passwordNew2:
#log(request, 'USERADMINPAGEERROR', 'Passwords do not match', sendBackUrl)
message = "Passwords do not match!"
return render_to_response('useradmin.html', locals())
try:
#Check username from hidden field against user.username from session
if user.username != username:
message = "User Names don't match. Something Funny's going on."
return render_to_response('useradmin.html', locals())
# get user again based upon username just to be sure.
u = User.objects.get(username__exact=username)
if u:
verifyOldPassword = u.check_password(passwordOld)
if verifyOldPassword:
u.set_password(passwordNew1)
u.save()
#log(request, 'USERADMINPAGE', 'Successfully Changed passwords', sendBackUrl)
else:
message = "Old Password did not match!"
#log(request, 'USERADMINPAGEERROR', 'Old Password did not match', sendBackUrl)
return render_to_response('useradmin.html', locals())
request.session[
'message'] = "Password has been changed. Now go do something productive!"
return HttpResponseRedirect("/useradmin/" + userId)
#return render_to_response('useradmin.html' , locals())
else: # No user id?! Just return the user to the home page.
return HttpResponseRedirect('/')
except:
# TODO log that there was an invalid POST
#log(request, 'USERADMINPAGEERROR', 'invalid form POST', sendBackUrl)
return HttpResponseRedirect('/')
return render_to_response('useradmin.html', locals())
def userAdmin(request, userId2):
WEB_FILES, LIVE_SITE, totalNumberOfGames, sendBackUrl, startOffset, \
user, userId, message, topHits, topRated = initialVars(request)
#log(request, 'USERADMINPAGE', 'just landed', sendBackUrl)
# need to convert to strings otherwise methods are unhappy.
# (should look into why this is.... TODO)
userId = str(userId)
userId2 = str(userId2)
# set sendBackUrl to their userPage if they logout
sendBackUrl = "/user/" + userId
# This will see if the user who's page is queried exists.
try:
userAdmin = User.objects.get(id__exact=userId)
except ObjectDoesNotExist:
request.session['message'] = "Something is amiss with your session.\
Please log in again!"
return HttpResponseRedirect('/')
if user == None:
request.session['message'] = "Something is amiss with your session.\
Please log in again."
return HttpResponseRedirect('/')
elif user != userAdmin:
request.session['message'] = "You aren't allowed on that page!"
return HttpResponseRedirect('/')
elif int(userId) != int(userId2):
# just another paranoid check
request.session['message'] = "You aren't allowed on that page!"
return HttpResponseRedirect('/')
if request.method == 'GET':
# forms to change password and description
try:
userDescription = UserProfile.objects.get(user=user)
except ObjectDoesNotExist:
userDescription = None
passwordForm = ChangePassword(initial={'username': user.username})
descriptionForm = UserDescription(initial={
'userId': userId,
'description': userDescription
})
elif request.method == 'POST':
whichform = request.POST.get('descriptionName', '')
if whichform:
# Form is description form
descriptionForm = UserDescription(request.POST)
if descriptionForm.is_valid():
userFromProfile = descriptionForm.cleaned_data['userId']
description = descriptionForm.cleaned_data['description']
try:
userDescription = UserProfile.objects.get(user=user)
except ObjectDoesNotExist:
userDescription = None
if userDescription == None:
userDescription = UserProfile(user=user, description=description)
else:
userDescription.description = description
userDescription.save()
#log(request, 'USERADMINPAGE', 'modified description', sendBackUrl)
message = "The description has been changed. Perhaps to something\
more meaningful. Perhaps to less. Tough to say."
else:
# need to reload to User Admin Page with all variables
message = "Dude, something went wrong. Why you trying to hack our\
system?"
#log(request, 'USERADMINPAGEERROR', 'failed to modify description', sendBackUrl)
# passwordForm = ChangePassword(initial={'username': user.username})
# return render_to_response('useradmin.html' , locals())
passwordForm = ChangePassword(initial={'username': user.username})
return render_to_response('useradmin.html' , locals())
else:
# Password form is submitted, POST
# First reinitialize the description form.
try:
userDescription = UserProfile.objects.get(user=user)
except ObjectDoesNotExist:
userDescription = None
descriptionForm = UserDescription(initial={
'userId': userId,
'description': userDescription
})
passwordForm = ChangePassword(request.POST)
if passwordForm.is_valid():
username = passwordForm.cleaned_data['username']
passwordOld = passwordForm.cleaned_data['passwordOld']
passwordNew1 = passwordForm.cleaned_data['passwordNew1']
passwordNew2 = passwordForm.cleaned_data['passwordNew2']
else:
# need to reload to User Admin Page with all variables
#log(request, 'USERADMINPAGEERROR', 'Password Form not valid', sendBackUrl)
return render_to_response('useradmin.html' , locals())
if passwordNew1 != passwordNew2:
#log(request, 'USERADMINPAGEERROR', 'Passwords do not match', sendBackUrl)
message = "Passwords do not match!"
return render_to_response('useradmin.html' , locals())
try:
#Check username from hidden field against user.username from session
if user.username != username:
message = "User Names don't match. Something Funny's going on."
return render_to_response('useradmin.html' , locals())
# get user again based upon username just to be sure.
u = User.objects.get(username__exact=username)
if u:
verifyOldPassword = u.check_password(passwordOld)
if verifyOldPassword:
u.set_password(passwordNew1)
u.save()
#log(request, 'USERADMINPAGE', 'Successfully Changed passwords', sendBackUrl)
else:
message = "Old Password did not match!"
#log(request, 'USERADMINPAGEERROR', 'Old Password did not match', sendBackUrl)
return render_to_response('useradmin.html' , locals())
request.session['message'] = "Password has been changed. Now go do something productive!"
return HttpResponseRedirect("/useradmin/" + userId)
#return render_to_response('useradmin.html' , locals())
else: # No user id?! Just return the user to the home page.
return HttpResponseRedirect('/')
except:
# TODO log that there was an invalid POST
#log(request, 'USERADMINPAGEERROR', 'invalid form POST', sendBackUrl)
return HttpResponseRedirect('/')
return render_to_response('useradmin.html', locals())
