コード例 #1
1
ファイル: task.py プロジェクト: voikko/joukahainen
def save(req):
	(uid, uname, editable) = jotools.get_login_user(req)
	if not editable:
		joheaders.error_page(req, _(u'You are not allowed to edit data'))
		return '\n'
	if req.method != 'POST':
		joheaders.error_page(req, _(u'Only POST requests are allowed'))
		return '\n'
	tid = jotools.toint(jotools.get_param(req, "tid", "0"))
	if tid == 0:
		joheaders.error_page(req, _(u'Parameter %s is required') % u'tid')
		return '\n'
	db = jodb.connect()
	for field in req.form.list:
		if field.name.startswith('checked'):
			wid = jotools.toint(field.name[7:])
			if wid == 0: continue
			db.query("INSERT INTO task_word(tid, wid, uid) VALUES(%i, %i, %i)" %
			         (tid, wid, uid))
	joheaders.redirect_header(req, u"show?tid=%i" % tid)
コード例 #2
0
ファイル: jooutput.py プロジェクト: voikko/joukahainen
def _html(req, db, query):
	offset_s = `jotools.toint(jotools.get_param(req, 'offset', u'0'))`
	limit_s = `jotools.toint(jotools.get_param(req, 'limit', u'200'))`
	if limit_s == u'0': limit_s = u'ALL'
	
	param_s = u''
	for field in req.form.list:
		if not field.name in ['limit', 'offset'] and jotools.checkid(field.name):
			param_s = param_s + field.name + u'=' + jotools.get_param(req, field.name, u'') + u'&'
	
	results = db.query("%s LIMIT %s OFFSET %s" % (query, limit_s, offset_s))
	if results.ntuples() == 0:
		joheaders.error_page(req, _(u'No matching words were found'))
		return "\n"
	elif results.ntuples() == 1:
		joheaders.redirect_header(req, _config.WWW_ROOT_DIR + "/word/edit?wid=%i" \
		                               % results.getresult()[0][0])
		return "\n"
	else:
		(uid, uname, editable) = jotools.get_login_user(req)
		joheaders.page_header_navbar_level1(req, _('Search results'), uid, uname)
		jotools.write(req, u'<table><tr><th>%s</th><th>%s</th></tr>\n' \
		                   % (_("Word"), _("Word class")))
		for result in results.getresult():
			jotools.write(req, _print_html_line(db, result[0],
			              unicode(result[1], 'UTF-8'),
				    unicode(result[2], 'UTF-8')))
		jotools.write(req, u"</table>\n")
		if not limit_s == u'ALL' and results.ntuples() == jotools.toint(limit_s):
			jotools.write(req, (u'<p><a href="wlist?%soffset=%i&limit=%s">' +
			              u"%s ...</a></p>\n") % (param_s, int(offset_s)+int(limit_s),
				    limit_s, _(u'More results')))	
	joheaders.page_footer_plain(req)
	return '\n'
コード例 #3
0
ファイル: user.py プロジェクト: voikko/joukahainen
def logout(req, wid = None):
	if req.method != 'POST':
		joheaders.error_page(req, _(u'Only POST requests are allowed'))
		return '\n'
	session = jotools.get_session(req)
	if session != '':
		db = jodb.connect_private()
		db.query(("update appuser set session_key = NULL, session_exp = NULL " +
		          "where session_key = '%s'") % session)
	req.headers_out['Set-Cookie'] = 'session=; path=%s; expires=Thu, 01-Jan-1970 00:00:01 GMT' \
	                                % _config.WWW_ROOT_DIR
	if wid == None: wid_n = 0
	else: wid_n = jotools.toint(wid)
	if wid_n == 0: joheaders.redirect_header(req, _config.WWW_ROOT_DIR + u"/")
	else: joheaders.redirect_header(req, _config.WWW_ROOT_DIR + u"/word/edit?wid=%i" % wid_n)
	return "</html>"
コード例 #4
0
ファイル: user.py プロジェクト: voikko/joukahainen
def login(req, wid = None):
	if req.method != 'POST':
		joheaders.error_page(req, _(u'Only POST requests are allowed'))
		return '\n'
	
	password = jotools.get_param(req, 'password', None) 
	username = jotools.get_param(req, 'username', None)
	if username == None or password == None or not jotools.checkuname(username):
		joheaders.error_page(req,
		                 _(u"Missing or incorrect username or password"))
		return '\n'
	
	pwhash = sha.new((_config.PW_SALT + password).encode('UTF-8')).hexdigest()
	db = jodb.connect_private()
	results = db.query(("select uid, isadmin from appuser where uname = '%s' and pwhash = '%s' " +
	                    "and disabled = FALSE") % (username.encode('UTF-8'), pwhash))
	if results.ntuples() == 0:
		joheaders.error_page(req, _(u"Incorrect username or password"))
		return '\n'
	
	(uid, isadmin) = results.getresult()[0]
	if isadmin == 'f' and _config.ONLY_ADMIN_LOGIN_ALLOWED:
		joheaders.error_page(req, _(u"Only administrator logins are allowed at the moment"))
		return '\n'
	
	# Generate session key
	sesssha = sha.new()
	sesssha.update(username)
	sesssha.update(pwhash)
	if hasattr(os, 'urandom'): # this is only available in Python >= 2.4
		sesssha.update(os.urandom(15))
	else:
		sesssha.update(`time.time()`)
		sesssha.update(`random.random()`)
		sesssha.update(`os.times()`)
	sesskey = sesssha.hexdigest()
	
	db.query(("update appuser set session_key = '%s', session_exp = CURRENT_TIMESTAMP + " +
	          "interval '%i seconds' where uid = %i") % (sesskey, _config.SESSION_TIMEOUT, uid))
	if _config.WWW_ROOT_DIR == '': cookiepath = '/'
	else: cookiepath = _config.WWW_ROOT_DIR
	req.headers_out['Set-Cookie'] = 'session=%s; path=%s' % (sesskey, cookiepath)
	if wid == None: wid_n = 0
	else: wid_n = jotools.toint(wid)
	if wid_n != 0:
		joheaders.redirect_header(req, _config.WWW_ROOT_DIR + u"/word/edit?wid=%i" % wid_n)
	elif jotools.get_param(req, 'redir', None) != None:
		joheaders.redirect_header(req, _config.WWW_ROOT_DIR +
		                               jotools.get_param(req, 'redir', u''))
	else: joheaders.redirect_header(req, _config.WWW_ROOT_DIR + u"/")
	return "</html>"
コード例 #5
0
ファイル: word.py プロジェクト: voikko/joukahainen
def change(req, wid = None):
	if req.method != 'POST':
		joheaders.error_page(req, _(u'Only POST requests are allowed'))
		return '\n'
	(uid, uname, editable) = jotools.get_login_user(req)
	if not editable:
		joheaders.error_page(req, _(u'You are not allowed to edit data'))
		return '\n'
	if (wid == None):
		joheaders.error_page(req, _(u'Parameter %s is required') % u'wid')
		return '\n'
	
	wid_n = jotools.toint(wid)
	db = jodb.connect()
	db.query("begin")
	wclass_results = db.query("select class from word where wid = %i" % wid_n)
	if wclass_results.ntuples() == 0:
		joheaders.error_page(req, _(u'Word %i does not exist') % wid_n)
		db.query("rollback")
		return '\n'
	wclass = wclass_results.getresult()[0][0]
	edfield_results = db.query(("select a.type, a.aid, a.descr from attribute a, attribute_class ac " +
	                            "where a.aid = ac.aid and ac.classid = %i and a.editable = TRUE") % wclass)
	eid = db.query("select nextval('event_eid_seq')").getresult()[0][0]
	event_inserted = False
	messages = []
	
	for attribute in edfield_results.getresult():
		if attribute[0] == 1: # string attribute
			html_att = 'string%i' % attribute[1]
			newval = jotools.get_param(req, html_att, None)
			if newval == None: continue
			
			vresults = db.query(("select s.value from string_attribute_value s where " +
			                     "s.wid = %i and s.aid = %i") % (wid_n, attribute[1]))
			if vresults.ntuples() == 0: oldval = u""
			else: oldval = unicode(vresults.getresult()[0][0], 'UTF-8')
			if oldval == newval: continue
			if not event_inserted:
				db.query("insert into event(eid, eword, euser) values(%i, %i, %i)" % \
				         (eid, wid_n, uid))
				event_inserted = True
			if newval == u'':
				db.query(("delete from string_attribute_value where wid = %i " +
				          "and aid = %i") % (wid_n, attribute[1]))
			elif oldval == u'':
				db.query(("insert into string_attribute_value(wid, aid, value, eevent) " +
				          "values(%i, %i, '%s', %i)") % (wid_n, attribute[1],
					                        jotools.escape_sql_string(newval), eid))
			else:
				db.query(("update string_attribute_value set value='%s', eevent=%i " +
				          "where wid=%i and aid=%i") %
					(jotools.escape_sql_string(newval), eid, wid_n, attribute[1]))
			messages.append(u"%s: '%s' -> '%s'" % (unicode(attribute[2], 'UTF-8'),
			                oldval, newval))
		if attribute[0] == 3: # integer attribute
			html_att = 'int%i' % attribute[1]
			newval_s = jotools.get_param(req, html_att, None)
			if newval_s == None: continue
			newval_s = newval_s.strip()
			if newval_s == u'':
				newval = None
			else:
				try: newval = int(newval_s)
				except ValueError: continue
				# Limit value range to prevent troubles with storing the
				# value into the database
				if newval < -1000000 or newval > 1000000: continue
			
			vresults = db.query(("select i.value from int_attribute_value i where " +
			                     "i.wid = %i and i.aid = %i") % (wid_n, attribute[1]))
			if vresults.ntuples() == 0: oldval = None
			else: oldval = vresults.getresult()[0][0]
			if oldval == newval: continue
			if not event_inserted:
				db.query("insert into event(eid, eword, euser) values(%i, %i, %i)" % \
				         (eid, wid_n, uid))
				event_inserted = True
			if newval == None:
				db.query(("delete from int_attribute_value where wid = %i " +
				          "and aid = %i") % (wid_n, attribute[1]))
			elif oldval == None:
				db.query(("insert into int_attribute_value(wid, aid, value, eevent) " +
				          "values(%i, %i, %i, %i)") % (wid_n, attribute[1],
					                             newval, eid))
			else:
				db.query(("update int_attribute_value set value=%i, eevent=%i " +
				          "where wid=%i and aid=%i") %
					(newval, eid, wid_n, attribute[1]))
			if oldval == None: oldval_s = _(u'(None)')
			else: oldval_s = `oldval`
			if newval == None: newval_s = _(u'(None)')
			else: newval_s = `newval`
			messages.append(u"%s: %s -> %s" % (unicode(attribute[2], 'UTF-8'),
			                oldval_s, newval_s))
	
	comment = jotools.get_param(req, 'comment', u'')
	
	if comment != u'':
		if not event_inserted:
			db.query("insert into event(eid, eword, euser) values(%i, %i, %i)" % \
			         (eid, wid_n, uid))
			event_inserted = True
		db.query("update event set comment = '%s' where eid = %i" \
		         % (jotools.escape_sql_string(comment), eid))
	if event_inserted and len(messages) > 0:
		mess_str = jotools.escape_sql_string(reduce(lambda x, y: x + u"\n" + y, messages, u""))
		db.query("update event set message = '%s' where eid = %i" % (mess_str, eid))
	db.query("commit")
	joheaders.redirect_header(req, u'edit?wid=%i' % wid_n)
	return '\n'
コード例 #6
0
ファイル: word.py プロジェクト: voikko/joukahainen
def add(req):
	(uid, uname, editable) = jotools.get_login_user(req)
	if not editable:
		joheaders.error_page(req, _(u'You are not allowed to edit data'))
		return '\n'
	db = jodb.connect()
	if req.method != 'POST':
		joheaders.error_page(req, _(u'Only POST requests are allowed'))
		return '\n'
	db.query("BEGIN")
	if jotools.get_param(req, 'confirm', u'') == u'on': confirm = True
	else: confirm = False
	nwordlist = []
	added_count = 0
	need_confirm_count = 0
	i = -1
	while True:
		i = i + 1
		nword = jotools.get_param(req, 'word%i' % i, u'')
		if nword == u'': break
		word = {'word': nword, 'try_again': True, 'confirmed': False, 'wid': None}
		word['oword'] = jotools.get_param(req, 'origword%i' % i, None)
		nclass = jotools.get_param(req, 'class%i' % i, None)
		if not nclass in [None, u'']: nclass = jotools.toint(nclass)
		else: nclass = None
		word['cid'] = nclass
		if confirm and nclass != 0 and jotools.get_param(req, 'confirm%i' % i, u'') != u'on':
			word['error'] = _(u'Word was not added')
			word['try_again'] = False
		if jotools.get_param(req, 'confirm%i' % i, u'') == u'on': word['confirmed'] = True
		stored_word = _store_word(db, word, uid)
		if stored_word['wid'] != None: added_count = added_count + 1
		if stored_word['try_again']: need_confirm_count = need_confirm_count + 1
		nwordlist.append(stored_word)
	db.query("COMMIT")
	if added_count == 1 and len(nwordlist) == 1:
		# No confirmation screen if exactly 1 word was successfully added
		joheaders.redirect_header(req, "edit?wid=%i" % nwordlist[0]['wid'])
		return '\n'
	joheaders.page_header_navbar_level1(req, _(u"Add words"), uid, uname)
	if need_confirm_count > 0:
		jotools.write(req, u'<p>' + _(u'''Adding some words failed or requires confirmation.
Make the required changes and mark the words that you still want to add.''') + u'</p>')
		jotools.write(req, u'<form method="post" action="add">\n')
		jotools.write(req,
		  u'<table class="border"><tr><th>%s</th><th>%s</th><th>%s</th><th>%s</th></tr>\n' \
		  % (_(u'Word'), _(u'Word class'), _(u'Confirm addition'), _(u'Notes')))
		_add_entry_fields(req, db, nwordlist, None)
		jotools.write(req, u'</table>\n<p>' +
		                   u'<input type="hidden" name="confirm" value="on">' +
		                   u'<input type="submit" value="%s"></p></form>\n' % _(u'Continue'))
		joheaders.page_footer_plain(req)
		return '\n'
	else:
		jotools.write(req, u'<p>%s:</p>' % _(u'The following changes were made'))
		jotools.write(req,
		  u'<table class="border"><tr><th>%s</th><th>%s</th><th>%s</th></tr>\n' \
		  % (_(u'Word'), _(u'Word class'), _(u'Notes')))
		_add_entry_fields(req, db, nwordlist, None)
		jotools.write(req, u'</table>\n')
		jotools.write(req, u'<p><a href="../">%s ...</a></p>\n' \
		                   % _(u'Back to main page'))
		joheaders.page_footer_plain(req)
		return '\n'
コード例 #7
0
ファイル: word.py プロジェクト: voikko/joukahainen
def rwords(req, wid = None):
	(uid, uname, editable) = jotools.get_login_user(req)
	if not editable:
		joheaders.error_page(req, _(u'You are not allowed to edit data'))
		return '\n'
	if wid == None:
		joheaders.error_page(req, _(u'Parameter %s is required') % u'wid')
		return '\n'
	wid_n = jotools.toint(wid)
	db = jodb.connect()
	results = db.query("select word, class from word where wid = %i" % wid_n)
	if results.ntuples() == 0:
		joheaders.error_page(req, _(u'Word %i does not exist') % wid_n)
		return '\n'
	wordinfo = results.getresult()[0]
	if req.method == 'GET': # show editor
		word = unicode(wordinfo[0], 'UTF-8')
		classid = wordinfo[1]
		title1 = _(u'Word') + u': ' + word
		link1 = u'edit?wid=%i' % wid_n
		title2 = _(u'related words')
		joheaders.page_header_navbar_level2(req, title1, link1, title2, uid, uname, wid_n)
		jotools.write(req, u'<p>%s</p>\n' % joeditors.call(db, u'word_class', [classid]))
		jotools.write(req, joeditors.call(db, u'rwords_edit_form', [wid_n]))
		joheaders.page_footer_plain(req)
		return '\n'
	if req.method != 'POST':
		joheaders.error_page(req, _(u'Only GET and POST requests are allowed'))
		return '\n'
	db.query("begin")
	rword_results = db.query("SELECT rwid, related_word FROM related_word WHERE wid = %i" % wid_n)
	rword_res = rword_results.getresult()
	eid = db.query("select nextval('event_eid_seq')").getresult()[0][0]
	event_inserted = False
	messages = []
	
	for attribute in rword_res:
		html_att = 'rword%i' % attribute[0]
		if jotools.get_param(req, html_att, u'') == u'on': remove = True
		else: remove = False
		
		if not remove: continue
		if not event_inserted:
			db.query("insert into event(eid, eword, euser) values(%i, %i, %i)" % \
			         (eid, wid_n, uid))
			event_inserted = True
		db.query("delete from related_word where wid = %i and rwid = %i" \
		         % (wid_n, attribute[0]))
		messages.append(_(u"Alternative spelling removed: '%s'") \
		                % jotools.escape_html(unicode(attribute[1], 'UTF-8')))
	
	newwords = jotools.get_param(req, 'add', u'')
	for word in jotools.unique(newwords.split()):
		if not jotools.checkword(word): continue
		already_listed = False
		for attribute in rword_res:
			if word == unicode(attribute[1], 'UTF-8'): 
				already_listed = True
				break
		if already_listed: continue
		if not event_inserted:
			db.query("insert into event(eid, eword, euser) values(%i, %i, %i)" % \
			         (eid, wid_n, uid))
			event_inserted = True
		db.query("insert into related_word(wid, eevent, related_word) values(%i, %i, '%s')" \
		         % (wid_n, eid, jotools.escape_sql_string(word)))
		messages.append(_(u"Alternative spelling added: '%s'") % jotools.escape_html(word))
	
	comment = jotools.get_param(req, 'comment', u'')
	
	if comment != u'':
		if not event_inserted:
			db.query("insert into event(eid, eword, euser) values(%i, %i, %i)" % \
			         (eid, wid_n, uid))
			event_inserted = True
		db.query("update event set comment = '%s' where eid = %i" \
		         % (jotools.escape_sql_string(comment), eid))
	if event_inserted and len(messages) > 0:
		mess_str = jotools.escape_sql_string(reduce(lambda x, y: x + u"\n" + y, messages, u""))
		db.query("update event set message = '%s' where eid = %i" % (mess_str, eid))
	db.query("commit")
	joheaders.redirect_header(req, u'edit?wid=%i' % wid_n)
	return '\n'
コード例 #8
0
ファイル: word.py プロジェクト: voikko/joukahainen
def flags(req, wid = None):
	(uid, uname, editable) = jotools.get_login_user(req)
	if not editable:
		joheaders.error_page(req, _(u'You are not allowed to edit data'))
		return '\n'
	if wid == None:
		joheaders.error_page(req, _(u'Parameter %s is required') % u'wid')
		return '\n'
	wid_n = jotools.toint(wid)
	db = jodb.connect()
	results = db.query("select word, class from word where wid = %i" % wid_n)
	if results.ntuples() == 0:
		joheaders.error_page(req, _(u'Word %i does not exist') % wid_n)
		return '\n'
	wordinfo = results.getresult()[0]
	if req.method == 'GET': # show editor
		word = unicode(wordinfo[0], 'UTF-8')
		classid = wordinfo[1]
		title1 = _(u'Word') + u': ' + word
		link1 = u'edit?wid=%i' % wid_n
		title2 = _(u'flags')
		joheaders.page_header_navbar_level2(req, title1, link1, title2, uid, uname, wid_n)
		jotools.write(req, u'<p>%s</p>\n' % joeditors.call(db, u'word_class', [classid]))
		jotools.write(req, joeditors.call(db, u'flag_edit_form', [wid_n, classid]))
		joheaders.page_footer_plain(req)
		return '\n'
	if req.method != 'POST':
		joheaders.error_page(req, _(u'Only GET and POST requests are allowed'))
		return '\n'
	db.query("begin")
	edfield_results = db.query(("SELECT a.aid, a.descr, CASE WHEN fav.wid IS NULL THEN 'f' ELSE 't' END " +
	                    "FROM attribute_class ac, attribute a " +
	                    "LEFT OUTER JOIN flag_attribute_value fav ON (a.aid = fav.aid and fav.wid = %i) " +
	                    "WHERE a.aid = ac.aid AND ac.classid = %i AND a.type = 2" +
	                    "ORDER BY a.descr") % (wid_n, wordinfo[1]))
	eid = db.query("select nextval('event_eid_seq')").getresult()[0][0]
	event_inserted = False
	messages = []
	
	for attribute in edfield_results.getresult():
		html_att = 'attr%i' % attribute[0]
		if jotools.get_param(req, html_att, u'') == u'on': newval = True
		else: newval = False
		
		if attribute[2] == 't': oldval = True
		else: oldval = False
		
		if oldval == newval: continue
		if not event_inserted:
			db.query("insert into event(eid, eword, euser) values(%i, %i, %i)" % \
			         (eid, wid_n, uid))
			event_inserted = True
		if newval == False:
			db.query(("delete from flag_attribute_value where wid = %i " +
			          "and aid = %i") % (wid_n, attribute[0]))
			messages.append(_(u"Flag removed: '%s'") % unicode(attribute[1], 'UTF-8'))
		if newval == True:
			db.query(("insert into flag_attribute_value(wid, aid, eevent) " +
			          "values(%i, %i, %i)") % (wid_n, attribute[0], eid))
			messages.append(_(u"Flag added: '%s'") % unicode(attribute[1], 'UTF-8'))
	
	comment = jotools.get_param(req, 'comment', u'')
	
	if comment != u'':
		if not event_inserted:
			db.query("insert into event(eid, eword, euser) values(%i, %i, %i)" % \
			         (eid, wid_n, uid))
			event_inserted = True
		db.query("update event set comment = '%s' where eid = %i" \
		         % (jotools.escape_sql_string(comment), eid))
	if event_inserted and len(messages) > 0:
		mess_str = jotools.escape_sql_string(reduce(lambda x, y: x + u"\n" + y, messages, u""))
		db.query("update event set message = '%s' where eid = %i" % (mess_str, eid))
	db.query("commit")
	joheaders.redirect_header(req, u'edit?wid=%i' % wid_n)
	return '\n'