def form_recaptcha_toggle(hashid):
form = Form.get_with_hashid(hashid)
if not valid_domain_request(request):
return jsonify(
error=
'The request you made is not valid.<br />Please visit your dashboard and try again.'
), 400
if form.owner_id != current_user.id and form not in current_user.forms:
return jsonify(
error=
'You aren\'t the owner of that form.<br />Please log in as the form owner and try again.'
), 400
if not form:
return jsonify(
error=
'That form does not exist. Please check the link and try again.'
), 400
else:
form.captcha_disabled = not form.captcha_disabled
DB.session.add(form)
DB.session.commit()
if form.captcha_disabled:
return jsonify(disabled=True,
message='CAPTCHA successfully disabled')
else:
return jsonify(disabled=False,
message='CAPTCHA successfully enabled')
def form_toggle(hashid):
form = Form.get_with_hashid(hashid)
# check that this request came from user dashboard to prevent XSS and CSRF
if not valid_domain_request(request):
return render_template('error.html',
title='Improper Request',
text='The request you made is not valid.<br />Please visit your dashboard and try again.'), 400
if form.owner_id != current_user.id:
if form not in current_user.forms: #accounts for bug when form isn't assigned owner_id bc it was not created from dashboard
return render_template('error.html',
title='Wrong user',
text='You aren\'t the owner of that form.<br />Please log in as the form owner and try again.'), 400
if not form:
return render_template('error.html',
title='Not a valid form',
text='That form does not exist.<br />Please check the link and try again.'), 400
else:
form.disabled = not form.disabled
DB.session.add(form)
DB.session.commit()
if form.disabled:
flash(u'Form successfully disabled', 'success')
else:
flash(u'Form successfully enabled', 'success')
return redirect(url_for('dashboard'))
def form_toggle(hashid):
form = Form.get_with_hashid(hashid)
# check that this request came from user dashboard to prevent XSS and CSRF
if not valid_domain_request(request):
return render_template('error.html',
title='Improper Request',
text='The request you made is not valid.<br />Please visit your dashboard and try again.'), 400
if form.owner_id != current_user.id:
if form not in current_user.forms: #accounts for bug when form isn't assigned owner_id bc it was not created from dashboard
return render_template('error.html',
title='Wrong user',
text='You aren\'t the owner of that form.<br />Please log in as the form owner and try again.'), 400
if not form:
return render_template('error.html',
title='Not a valid form',
text='That form does not exist.<br />Please check the link and try again.'), 400
else:
form.disabled = not form.disabled
DB.session.add(form)
DB.session.commit()
if form.disabled:
flash(u'Form successfully disabled', 'success')
else:
flash(u'Form successfully enabled', 'success')
return redirect(url_for('dashboard'))
def form_recaptcha_toggle(hashid):
form = Form.get_with_hashid(hashid)
if not valid_domain_request(request):
return jsonify(error='The request you made is not valid.<br />Please visit your dashboard and try again.'), 400
if form.owner_id != current_user.id and form not in current_user.forms:
return jsonify(error='You aren\'t the owner of that form.<br />Please log in as the form owner and try again.'), 400
if not form:
return jsonify(error='That form does not exist. Please check the link and try again.'), 400
else:
form.captcha_disabled = not form.captcha_disabled
DB.session.add(form)
DB.session.commit()
if form.captcha_disabled:
return jsonify(disabled=True, message='CAPTCHA successfully disabled')
else:
return jsonify(disabled=False, message='CAPTCHA successfully enabled')