def preview(): # Get the form fields. form = get_comment_form(request.form) thread = sanitize_name(form["thread"]) # Trap fields. trap1 = request.form.get("website", "x") != "http://" trap2 = request.form.get("email", "x") != "" if trap1 or trap2: flash("Wanna try that again?") return redirect(url_for("index")) # Validate things. if len(form["message"]) == 0: flash("You must provide a message with your comment.") return redirect(form["url"]) # Gravatar? gravatar = Comment.gravatar(form["contact"]) # Are they submitting? if form["action"] == "submit": Comment.add_comment( thread=thread, uid=g.info["session"]["uid"], ip=remote_addr(), time=int(time.time()), image=gravatar, name=form["name"], subject=form["subject"], message=form["message"], url=form["url"], ) # Are we subscribing to the thread? if form["subscribe"] == "true": email = form["contact"] if "@" in email: Comment.add_subscriber(thread, email) flash( "You have been subscribed to future comments on this page." ) flash("Your comment has been added!") return redirect(form["url"]) # Gravatar. g.info["gravatar"] = gravatar g.info["preview"] = Comment.format_message(form["message"]) g.info["pretty_time"] = pretty_time(Config.comment.time_format, time.time()) g.info.update(form) return template("comment/preview.html")
def send(): """Submitting the contact form.""" name = request.form.get("name", "") or "Anonymous" email = request.form.get("email", "") subject = request.form.get("subject", "") or "[No Subject]" message = request.form.get("message", "") # Spam traps. trap1 = request.form.get("contact", "x") != "" trap2 = request.form.get("website", "x") != "http://" if trap1 or trap2: flash("Wanna try that again?") return redirect(url_for(".index")) # Message is required. if len(message) == 0: flash("The message is required.") return redirect(url_for(".index")) # Email looks valid? reply_to = None if "@" in email and "." in email: reply_to = email # Send the e-mail. send_email( to=Config.site.notify_address, reply_to=reply_to, subject="Contact Form on {}: {}".format(Config.site.site_name, subject), message="""A visitor to {site_name} has sent you a message! * IP Address: `{ip}` * User Agent: `{ua}` * Referrer: <{referer}> * Name: {name} * E-mail: <{email}> * Subject: {subject} {message}""".format( site_name=Config.site.site_name, ip=remote_addr(), ua=request.user_agent.string, referer=request.headers.get("Referer", ""), name=name, email=email, subject=subject, message=message, ) ) flash("Your message has been delivered.") return redirect(url_for("index"))
def preview(): # Get the form fields. form = get_comment_form(request.form) thread = sanitize_name(form["thread"]) # Trap fields. trap1 = request.form.get("website", "x") != "http://" trap2 = request.form.get("email", "x") != "" if trap1 or trap2: flash("Wanna try that again?") return redirect(url_for("index")) # Validate things. if len(form["message"]) == 0: flash("You must provide a message with your comment.") return redirect(form["url"]) # Gravatar? gravatar = Comment.gravatar(form["contact"]) # Are they submitting? if form["action"] == "submit": Comment.add_comment( thread=thread, uid=g.info["session"]["uid"], ip=remote_addr(), time=int(time.time()), image=gravatar, name=form["name"], subject=form["subject"], message=form["message"], url=form["url"], ) # Are we subscribing to the thread? if form["subscribe"] == "true": email = form["contact"] if "@" in email: Comment.add_subscriber(thread, email) flash("You have been subscribed to future comments on this page.") flash("Your comment has been added!") return redirect(form["url"]) # Gravatar. g.info["gravatar"] = gravatar g.info["preview"] = Comment.format_message(form["message"]) g.info["pretty_time"] = pretty_time(Config.comment.time_format, time.time()) g.info.update(form) return template("comment/preview.html")
def send(): """Submitting the contact form.""" name = request.form.get("name", "") or "Anonymous" email = request.form.get("email", "") subject = request.form.get("subject", "") or "[No Subject]" message = request.form.get("message", "") # Spam traps. trap1 = request.form.get("contact", "x") != "" trap2 = request.form.get("website", "x") != "http://" if trap1 or trap2: flash("Wanna try that again?") return redirect(url_for(".index")) # Message is required. if len(message) == 0: flash("The message is required.") return redirect(url_for(".index")) # Email looks valid? reply_to = None if "@" in email and "." in email: reply_to = email # Send the e-mail. send_email(to=Config.site.notify_address, reply_to=reply_to, subject="Contact Form on {}: {}".format(Config.site.site_name, subject), message="""A visitor to {site_name} has sent you a message! IP Address: {ip} User Agent: {ua} Referrer: {referer} Name: {name} E-mail: {email} Subject: {subject} {message}""".format( site_name=Config.site.site_name, ip=remote_addr(), ua=request.user_agent.string, referer=request.headers.get("Referer", ""), name=name, email=email, subject=subject, message=message, )) flash("Your message has been delivered.") return redirect(url_for("index"))
def process_photo(form, filename): """Formats an incoming photo.""" # Resize the photo to each of the various sizes and collect their names. sizes = dict() for size in PHOTO_SCALES.keys(): sizes[size] = resize_photo(filename, size) # Remove the temp file. os.unlink(filename) # What album are the photos going to? album = form.get("album", "") new_album = form.get("new-album", None) new_desc = form.get("new-description", None) if album == "" and new_album: album = new_album # Sanitize the name. album = sanitize_name(album) if album == "": logger.warning( "Album name didn't pass sanitization! Fall back to default album name." ) album = Config.photo.default_album # Make up a unique public key for this set of photos. key = random_hash() while photo_exists(key): key = random_hash() logger.debug("Photo set public key: {}".format(key)) # Get the album index to manipulate ordering. index = get_index() # Update the photo data. if not album in index["albums"]: index["albums"][album] = {} if not "settings" in index: index["settings"] = dict() if not album in index["settings"]: index["settings"][album] = { "format": "classic", "description": new_desc, } index["albums"][album][key] = dict(ip=remote_addr(), author=g.info["session"]["uid"], uploaded=int(time.time()), caption=form.get("caption", ""), description=form.get("description", ""), **sizes) # Maintain a photo map to album. index["map"][key] = album # Add this pic to the front of the album. if not album in index["photo-order"]: index["photo-order"][album] = [] index["photo-order"][album].insert(0, key) # If this is a new album, add it to the front of the album ordering. if not album in index["album-order"]: index["album-order"].insert(0, album) # Set the album cover for a new album. if not album in index["covers"] or len(index["covers"][album]) == 0: index["covers"][album] = key # Save changes to the index. write_index(index) return dict(success=True, photo=key)
def update(): """Post/edit a blog entry.""" # Get our available avatars. g.info["avatars"] = Blog.list_avatars() g.info["userpic"] = User.get_picture(uid=g.info["session"]["uid"]) # Default vars. g.info.update(dict( post_id="", fid="", author=g.info["session"]["uid"], subject="", body="", format="markdown", avatar="", categories="", privacy=Config.blog.default_privacy, sticky=False, emoticons=True, comments=Config.blog.allow_comments, preview=False, )) # Editing an existing post? post_id = request.args.get("id", request.form.get("id", None)) if post_id: post_id = Blog.resolve_id(post_id, drafts=True) if post_id: logger.info("Editing existing blog post {}".format(post_id)) post = Blog.get_entry(post_id) g.info["post_id"] = post_id g.info["post"] = post # Copy fields. for field in ["author", "fid", "subject", "time", "format", "body", "avatar", "categories", "privacy", "sticky", "emoticons", "comments"]: g.info[field] = post[field] # Are we SUBMITTING the form? if request.method == "POST": action = request.form.get("action") # Get all the fields from the posted params. g.info["post_id"] = request.form.get("id") for field in ["fid", "subject", "format", "body", "avatar", "categories", "privacy"]: g.info[field] = request.form.get(field) for boolean in ["sticky", "emoticons", "comments"]: g.info[boolean] = True if request.form.get(boolean, None) == "true" else False g.info["author"] = int(g.info["author"]) # What action are they doing? if action == "preview": g.info["preview"] = True # Render markdown? if g.info["format"] == "markdown": g.info["rendered_body"] = render_markdown(g.info["body"]) else: g.info["rendered_body"] = g.info["body"] # Render emoticons. if g.info["emoticons"]: g.info["rendered_body"] = Emoticons.render(g.info["rendered_body"]) elif action == "publish": # Publishing! Validate inputs first. invalid = False if len(g.info["body"]) == 0: invalid = True flash("You must enter a body for your blog post.") if len(g.info["subject"]) == 0: invalid = True flash("You must enter a subject for your blog post.") # Resetting the post's time stamp? if not request.form.get("id") or request.form.get("reset-time"): g.info["time"] = float(time.time()) else: g.info["time"] = float(request.form.get("time", time.time())) # Format the categories. tags = [] for tag in g.info["categories"].split(","): tags.append(tag.strip()) # Okay to update? if invalid is False: new_id, new_fid = Blog.post_entry( post_id = g.info["post_id"], epoch = g.info["time"], author = g.info["author"], subject = g.info["subject"], fid = g.info["fid"], avatar = g.info["avatar"], categories = tags, privacy = g.info["privacy"], ip = remote_addr(), emoticons = g.info["emoticons"], sticky = g.info["sticky"], comments = g.info["comments"], format = g.info["format"], body = g.info["body"], ) return redirect(url_for(".entry", fid=new_fid)) if type(g.info["categories"]) is list: g.info["categories"] = ", ".join(g.info["categories"]) return template("blog/update.html")
def update(): """Post/edit a blog entry.""" # Get our available avatars. g.info["avatars"] = Blog.list_avatars() g.info["userpic"] = User.get_picture(uid=g.info["session"]["uid"]) # Default vars. g.info.update(dict( post_id="", fid="", author=g.info["session"]["uid"], subject="", body="", format="markdown", avatar="", categories="", privacy=Config.blog.default_privacy, emoticons=True, comments=Config.blog.allow_comments, month="", day="", year="", hour="", min="", sec="", preview=False, )) # Editing an existing post? post_id = request.args.get("id", None) if post_id: post_id = Blog.resolve_id(post_id) if post_id: logger.info("Editing existing blog post {}".format(post_id)) post = Blog.get_entry(post_id) g.info["post_id"] = post_id g.info["post"] = post # Copy fields. for field in ["author", "fid", "subject", "format", "format", "body", "avatar", "categories", "privacy", "emoticons", "comments"]: g.info[field] = post[field] # Dissect the time. date = datetime.datetime.fromtimestamp(post["time"]) g.info.update(dict( month="{:02d}".format(date.month), day="{:02d}".format(date.day), year=date.year, hour="{:02d}".format(date.hour), min="{:02d}".format(date.minute), sec="{:02d}".format(date.second), )) # Are we SUBMITTING the form? if request.method == "POST": action = request.form.get("action") # Get all the fields from the posted params. g.info["post_id"] = request.form.get("id") for field in ["fid", "subject", "format", "body", "avatar", "categories", "privacy"]: g.info[field] = request.form.get(field) for boolean in ["emoticons", "comments"]: g.info[boolean] = True if request.form.get(boolean, None) == "true" else False for number in ["author", "month", "day", "year", "hour", "min", "sec"]: g.info[number] = int(request.form.get(number, 0)) # What action are they doing? if action == "preview": g.info["preview"] = True # Render markdown? if g.info["format"] == "markdown": g.info["rendered_body"] = render_markdown(g.info["body"]) else: g.info["rendered_body"] = g.info["body"] # Render emoticons. if g.info["emoticons"]: g.info["rendered_body"] = Emoticons.render(g.info["rendered_body"]) elif action == "publish": # Publishing! Validate inputs first. invalid = False if len(g.info["body"]) == 0: invalid = True flash("You must enter a body for your blog post.") if len(g.info["subject"]) == 0: invalid = True flash("You must enter a subject for your blog post.") # Make sure the times are valid. date = None try: date = datetime.datetime( g.info["year"], g.info["month"], g.info["day"], g.info["hour"], g.info["min"], g.info["sec"], ) except ValueError as e: invalid = True flash("Invalid date/time: " + str(e)) # Format the categories. tags = [] for tag in g.info["categories"].split(","): tags.append(tag.strip()) # Okay to update? if invalid is False: # Convert the date into a Unix time stamp. epoch = float(date.strftime("%s")) new_id, new_fid = Blog.post_entry( post_id = g.info["post_id"], epoch = epoch, author = g.info["author"], subject = g.info["subject"], fid = g.info["fid"], avatar = g.info["avatar"], categories = tags, privacy = g.info["privacy"], ip = remote_addr(), emoticons = g.info["emoticons"], comments = g.info["comments"], format = g.info["format"], body = g.info["body"], ) return redirect(url_for(".entry", fid=new_fid)) if type(g.info["categories"]) is list: g.info["categories"] = ", ".join(g.info["categories"]) return template("blog/update.html")
def process_photo(form, filename): """Formats an incoming photo.""" # Resize the photo to each of the various sizes and collect their names. sizes = dict() for size in PHOTO_SCALES.keys(): sizes[size] = resize_photo(filename, size) # Remove the temp file. os.unlink(filename) # What album are the photos going to? album = form.get("album", "") new_album = form.get("new-album", None) new_desc = form.get("new-description", None) if album == "" and new_album: album = new_album # Sanitize the name. album = sanitize_name(album) if album == "": logger.warning("Album name didn't pass sanitization! Fall back to default album name.") album = Config.photo.default_album # Make up a unique public key for this set of photos. key = random_hash() while photo_exists(key): key = random_hash() logger.debug("Photo set public key: {}".format(key)) # Get the album index to manipulate ordering. index = get_index() # Update the photo data. if not album in index["albums"]: index["albums"][album] = {} if not "settings" in index: index["settings"] = dict() if not album in index["settings"]: index["settings"][album] = { "format": "classic", "description": new_desc, } index["albums"][album][key] = dict( ip=remote_addr(), author=g.info["session"]["uid"], uploaded=int(time.time()), caption=form.get("caption", ""), description=form.get("description", ""), **sizes ) # Maintain a photo map to album. index["map"][key] = album # Add this pic to the front of the album. if not album in index["photo-order"]: index["photo-order"][album] = [] index["photo-order"][album].insert(0, key) # If this is a new album, add it to the front of the album ordering. if not album in index["album-order"]: index["album-order"].insert(0, album) # Set the album cover for a new album. if not album in index["covers"] or len(index["covers"][album]) == 0: index["covers"][album] = key # Save changes to the index. write_index(index) return dict(success=True, photo=key)
def track_visit(request, session): """Main logic to track and log visitor details.""" # Get their tracking cookie value. The value will either be their HTTP # referrer (if exists and valid) or else a "1". cookie = session.get("tracking") addr = remote_addr() values = dict() # Returnable traffic values # Log hit counts. We need four kinds: # - Unique today - Unique total # - Hits today - Hits total today = pretty_time("%Y-%m-%d", time.time()) files = { "unique/{}".format(today): "unique_today", "unique/total": "unique_total", "hits/{}".format(today): "hits_today", "hits/total": "hits_total", } # Go through the hit count files. Update them only if their tracking # cookie was not present. for file, key in files.items(): dbfile = "traffic/{}".format(file) if file.startswith("hits"): # Hit file is just a simple counter. db = dict(hits=0) if JsonDB.exists(dbfile): db = JsonDB.get(dbfile) if db is None: db = dict(hits=0) # Update it? if not cookie: db["hits"] += 1 JsonDB.commit(dbfile, db) # Store the copy. values[key] = db["hits"] else: # Unique file is a collection of IP addresses. db = dict() if JsonDB.exists(dbfile): db = JsonDB.get(dbfile) if db is None: db = dict() # Update with their IP? if not cookie and not addr in db: db[addr] = time.time() JsonDB.commit(dbfile, db) # Store the copy. values[key] = len(db.keys()) # Log their HTTP referrer. referrer = "1" if request.referrer: # Branch and check this. referrer = log_referrer(request, request.referrer) if not referrer: # Wasn't a valid referrer. referrer = "1" # Set their tracking cookie. if not cookie: cookie = referrer session["tracking"] = cookie return values