def main(): try: if os.environ['REQUEST_METHOD'] != 'POST': # Forbidden raise Forbidden user = users.get_current_user() if user == None: raise Forbidden form = cgi.FieldStorage() r_id = form.getfirst("id") r_token = form.getfirst("token") r_action = form.getfirst("action") if r_action != 'del': raise Forbidden page = models.Page.get_by_key_name('K' + r_id) if page is None or page.public < 0: raise NotFound if not users.is_current_user_admin() and page.owner != user: raise Forbidden if r_token != tools.token(page, user): raise Forbidden page.public = -1 page.put() tools.redirect('/my') except Forbidden: tools.printError( "Forbidden", "You've just tried to do some evil thing. We didn't expect that of you." ) except NotFound: tools.printError("Not found", "We think you are playing unfair.")
def main(): try: args = cgi.FieldStorage() r_id = args.getfirst("id") cookies = Cookie.SimpleCookie(os.environ['HTTP_COOKIE']) r_token = cookies['anonymous_token'].value user = users.get_current_user() if not user: raise Forbidden page = models.Page.get_by_key_name('K' + r_id) if page is None: raise NotFound(id) if page.public != 0: raise Forbidden if not isAnonymous(page.owner): raise Forbidden if r_token != tools.token(page, page.owner): raise Forbidden page.public = 1 page.owner = user page.put() tools.redirect('/' + page.key().name()[1:]) except Forbidden: tools.printError( "Forbidden", "You've just tried to do some evil thing. We didn't expect that of you." ) except NotFound: tools.printError("Not found", "We think you are playing unfair.")
def main(): try: args = cgi.FieldStorage() r_id = args.getfirst("id") cookies = Cookie.SimpleCookie(os.environ['HTTP_COOKIE']) r_token = cookies['anonymous_token'].value user = users.get_current_user() if not user: raise Forbidden page = models.Page.get_by_key_name('K'+r_id) if page is None: raise NotFound(id) if page.public != 0: raise Forbidden if not isAnonymous(page.owner): raise Forbidden if r_token != tools.token(page, page.owner): raise Forbidden page.public = 1 page.owner = user page.put() tools.redirect('/'+page.key().name()[1:]) except Forbidden: tools.printError("Forbidden", "You've just tried to do some evil thing. We didn't expect that of you.") except NotFound: tools.printError("Not found", "We think you are playing unfair.")
def main(): try: if os.environ['REQUEST_METHOD'] != 'POST': # Forbidden raise Forbidden if users.get_current_user() == None: raise Forbidden form = cgi.FieldStorage() r_id = form.getfirst("id") r_token = form.getfirst("token") r_action = form.getfirst("action") if r_action != 'del': raise Forbidden page = models.Page.get_by_key_name('K'+r_id) if page is None or page.public < 0: raise NotFound if not users.is_current_user_admin() and page.owner != users.get_current_user(): raise Forbidden if r_token != tools.token(page): raise Forbidden page.public = -1 page.put() tools.redirect('/my') except Forbidden: tools.printError("Forbidden", "You've just tried to do some evil thing. We didn't expect that of you.") except NotFound: tools.printError("Not found", "We think you are playing unfair.")
def list_pages(self, args, **kwargs): args.update(kwargs) user, pages = args.get('user'), args.get('pages') if pages: self.write(u'<table>\n<colgroup><col class="link"/><col class="date"/><col class="del"/></colgroup>\n') for p in pages: self.line_template( id=p.key().name()[1:], url=cgi.escape(p.url, True), token=tools.token(p), date=p.date.strftime('%d %b %Y %H:%M'), **kwargs) self.write('</table>'); else: self.write(u"<p>You have no saved pages on peeep.</p>");
def list_pages(self, args, **kwargs): args.update(kwargs) user, pages = args.get('user'), args.get('pages') if pages: self.write( u'<table>\n<colgroup><col class="link"/><col class="date"/><col class="del"/></colgroup>\n' ) for p in pages: self.line_template(id=p.key().name()[1:], url=cgi.escape(p.url, True), token=tools.token(p, user), date=p.date.strftime('%d %b %Y %H:%M'), **kwargs) self.write('</table>') else: self.write(u"<p>You have no saved pages on peeep.</p>")
def createControls(html, page, cache): id = page.key().name().encode('utf-8')[1:] user = users.get_current_user() url = ADDRESS2 + id date2 = ' <div class="peeep_date">%s</div>' % cache.date.strftime( '%d %b %Y %H:%M') mailshare = 'mailto:?subject=%5Bpeeep%5D%20Get%20a%20link&body=Hi!%0A%0AYour%20friend%20shared%20this%20link%20with%20you:%0A' + urllib.quote( url ) + '%0A%0A%0A--%0Apeeep%2C%20more%20than%20a%20url%20shortener%0Ahttp://www.peeep.us/' twittershare = "http://twitter.com/home?status=" + urllib.quote(url) gmailshare = "https://mail.google.com/mail/?view=cm&fs=1&tf=1&to=&su=" + "%5Bpeeep%5D%20Get%20a%20link" + "&body=" + 'Hi!%0A%0AYour%20friend%20shared%20this%20link%20with%20you:%0A' + urllib.quote( url ) + '%0A%0A%0A--%0Apeeep%2C%20more%20than%20a%20url%20shortener%0Ahttp://www.peeep.us/' + "&zx=BITLY&shva=1&disablechatbrowsercheck=1&ui=1" fbshare = 'http://www.facebook.com/sharer.php?u=' + urllib.quote( url) + "&t=" + '%5Bpeeep%5D' analytics = '''<script type="text/javascript">var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-836471-6"); pageTracker._trackPageview(); } catch(err) {}</script>''' delete = '''<div style="width: 16px; float: right;"> <form method="post" action="%(peeep)supdate.php"> <input type="hidden" name="id" value="%(id)s"/><input type="hidden" name="token" value="%(token)s"/> <input type="hidden" name="action" value="del"/> <input type="image" src="%(peeep)sassets/del.png" alt="delete" title="remove page from peeep" onclick="return confirm('Are you sure to remove the page from peeep?');"/> </form> </div>''' if users.is_current_user_admin() or ( page.owner == user and page.owner is not None) else '' controls = '''<!--PEEEP--><style type="text/css"> html { position: absolute; left: 0; top: 23px; width: 100%%; } body { _margin: 0; } #peeep_toolbar, #peeep_toolbar div, #peeep_toolbar input, #peeep_toolbar form { display: block; overflow: hidden; margin: 0; padding: 0; text-align: left; zoom: 1; visibility: visible; line-height: 16px; width: auto; height: auto; } #peeep_toolbar, #peeep_toolbar div, #peeep_toolbar input, #peeep_toolbar a, #peeep_toolbar span { outline: 0; border: 0; color: #999; vertical-align: baseline; text-transform: none; white-space: normal; background: none; font: normal 12px Arial, sans-serif; } #peeep_toolbar .peeep_wrapper { padding: 3px 10px; border-bottom: 1px solid #cb5; overflow: hidden; zoom: 1; } #peeep_toolbar img { border: 0; } #peeep_toolbar a:link, #peeep_toolbar a:hover, #peeep_toolbar a:visited, #peeep_toolbar a:active, #peeep_toolbar a:focus { color: #00f; } #peeep_toolbar { position:fixed; z-index: 32768; left:0; top: 0px; width:100%%; height: 23px; background: #ffc; } #peeep_toolbar .peeep_date { font-size: .8em; color: #cb5; margin: 2px 1em 0 0; float: left; } #peeep_toolbar.peeep_verified { background-color: #efd; } #peeep_toolbar.peeep_verified .peeep_wrapper { border-bottom: 1px solid #ab9; } #peeep_toolbar.peeep_verified .shares:hover, #peeep_toolbar.peeep_verified .shares.hover { background-color: #dfc; } #peeep_toolbar.peeep_verified .peeep_date { color: #6a4; } #peeep_toolbar .peeep_logo { float: left; margin-right: 1em; margin-bottom: -1em; } #peeep_toolbar .original_link { font-size: .9em; color: #999; height: 16px; overflow: hidden; } #peeep_toolbar .original_link a { color: #999; } #peeep_toolbar .original_link a:visited { color: #bbb; } #peeep_toolbar .shares { float: right; line-height: 10px;/*?see Chrome*/ margin: -3px 20px -6px 2em; padding: 3px 3px; } #peeep_toolbar .shares img { margin: 0; padding: 0; } #peeep_toolbar .shares .share { display: none; margin: 0 0 0 3px; } #peeep_toolbar .shares:hover, #peeep_toolbar .shares.hover { background: #eec; } #peeep_toolbar .shares:hover .grip, #peeep_toolbar .shares.hover .grip { display: none; } #peeep_toolbar .shares:hover .share, #peeep_toolbar .shares.hover .share { display: inline; } </style> <div id="peeep_toolbar" class="%(toolbar_class)s"><div class="peeep_wrapper"> <a href="%(peeep)s" class="peeep_logo"><img src="%(peeep)sassets/peeep.png" alt="peeep" title="peeep url shortener" width="16" height="16" /></a> %(delete)s <div class="shares" onmouseover="this.className='shares hover'" onmouseout="this.className='shares'"> <a class="share" href="%(mailshare)s"><img src="%(peeep)sassets/mail.png" alt="mail" title="Email this link" width="16" height="16" /></a> <a class="share" href="%(gmailshare)s" target="_blank"><img src="%(peeep)sassets/gmail.png" alt="gmail" title="Send this link with GMail" width="16" height="16" /></a> <a class="share" href="%(fbshare)s" target="_blank"><img src="%(peeep)sassets/facebook.png" alt="facebook" title="Share on Facebook" width="16" height="16" /></a> <a class="share" href="%(twittershare)s" target="_blank"><img src="%(peeep)sassets/twitter.png" alt="twitter" title="Share on Twitter" width="16" height="16" /></a> <span class="grip"><img src="%(peeep)sassets/share.png" alt="Share..." width="16" height="16" /></span> </div> %(date2)s <div class="original_link"><a href="%(url)s">%(url)s</a></div> </div></div> %(analytics)s <!--/PEEEP-->''' ctx = { 'peeep': getEffectiveAddress(), 'id': id, 'date2': date2, 'mailshare': mailshare, 'twittershare': twittershare, 'gmailshare': gmailshare, 'fbshare': fbshare, 'analytics': analytics, 'url': cgi.escape(page.url.encode('utf-8'), True), 'token': tools.token(page, user), 'toolbar_class': 'peeep_verified' if cache.verified else '', } ctx['delete'] = delete % ctx controls = controls % ctx offs = 0 m = re.match( r'''(?isLx)((?: \s+ | # just white-space <!DOCTYPE\b[^>]*> | <html\b[^>]*> | </?head\b[^>]*> | </?base\b[^>]*> | </?command\b[^>]*> | </?link\b[^>]*> | </?meta\b[^>]*> | </?noscript\b[^>]*> | <script\b[^>]*>.*?</script> | # using non-greedy .*? <style\b[^>]*>.*?</style> | <title\b[^>]*>.*?</title> | <body\b[^>]*> | <!--.*?--> | <!.*?> # comments/DTDs/IE conditionals )*)''', html) if m: # skip any heading tags before body offs = m.end(0) html = html[:offs] + controls + html[offs:] return html
try: if not r_content or not r_type: r_content, r_type, r_url = fetch(r_url) verified = True except DownloadFail, e: tools.printError('Download error', 'Sorry, we couldn\'t access to address you provided. Please try again in a few seconds.') tools.logException() exit() id = tools.md5(ID_SALT+r_url+unicode(time.time()))[:8] page = models.Page(key_name='K'+id, url=r_url, owner=owner, public=public) page.put() if tools.isHtml(r_type): r_content = preprocessHtml(r_content, r_url) content = bz2.compress(r_content) cache = models.Cache(page=page, url=tools.md5(unicode(page.url)), content=content, contentType=r_type, verified=verified) cache.put() if user: tools.redirect('/'+id) else: cookies = {'anonymous_token': tools.token(page, owner)} headers = [ tools.formatCookie(cookies, 60*60*24) ] tools.redirect(users.create_login_url('/confirm.php?id=%s' % id), headers) if __name__ == "__main__": main()
def createControls(html, page, cache): id = page.key().name().encode('utf-8')[1:] user = users.get_current_user() url = ADDRESS2+id date2 = ' <div class="peeep_date">%s</div>'%cache.date.strftime('%d %b %Y %H:%M') mailshare = 'mailto:?subject=%5Bpeeep%5D%20Get%20a%20link&body=Hi!%0A%0AYour%20friend%20shared%20this%20link%20with%20you:%0A'+urllib.quote(url)+'%0A%0A%0A--%0Apeeep%2C%20more%20than%20a%20url%20shortener%0Ahttp://www.peeep.us/' twittershare = "http://twitter.com/home?status="+urllib.quote(url); gmailshare = "https://mail.google.com/mail/?view=cm&fs=1&tf=1&to=&su=" + "%5Bpeeep%5D%20Get%20a%20link" + "&body=" + 'Hi!%0A%0AYour%20friend%20shared%20this%20link%20with%20you:%0A'+urllib.quote(url)+'%0A%0A%0A--%0Apeeep%2C%20more%20than%20a%20url%20shortener%0Ahttp://www.peeep.us/' + "&zx=BITLY&shva=1&disablechatbrowsercheck=1&ui=1" fbshare = 'http://www.facebook.com/sharer.php?u='+urllib.quote(url)+"&t="+'%5Bpeeep%5D' analytics = '''<script type="text/javascript">var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-836471-6"); pageTracker._trackPageview(); } catch(err) {}</script>''' delete = '''<div style="width: 16px; float: right;"> <form method="post" action="%(peeep)supdate.php"> <input type="hidden" name="id" value="%(id)s"/><input type="hidden" name="token" value="%(token)s"/> <input type="hidden" name="action" value="del"/> <input type="image" src="%(peeep)sassets/del.png" alt="delete" title="remove page from peeep" onclick="return confirm('Are you sure to remove the page from peeep?');"/> </form> </div>''' if users.is_current_user_admin() or (page.owner == user and page.owner is not None) else '' controls = '''<!--PEEEP--><style type="text/css"> html { position: absolute; left: 0; top: 23px; width: 100%%; } body { _margin: 0; } #peeep_toolbar, #peeep_toolbar div, #peeep_toolbar input, #peeep_toolbar form { display: block; overflow: hidden; margin: 0; padding: 0; text-align: left; zoom: 1; visibility: visible; line-height: 16px; width: auto; height: auto; } #peeep_toolbar, #peeep_toolbar div, #peeep_toolbar input, #peeep_toolbar a, #peeep_toolbar span { outline: 0; border: 0; color: #999; vertical-align: baseline; text-transform: none; white-space: normal; background: none; font: normal 12px Arial, sans-serif; } #peeep_toolbar .peeep_wrapper { padding: 3px 10px; border-bottom: 1px solid #cb5; overflow: hidden; zoom: 1; } #peeep_toolbar img { border: 0; } #peeep_toolbar a:link, #peeep_toolbar a:hover, #peeep_toolbar a:visited, #peeep_toolbar a:active, #peeep_toolbar a:focus { color: #00f; } #peeep_toolbar { position:fixed; z-index: 32768; left:0; top: 0px; width:100%%; height: 23px; background: #ffc; } #peeep_toolbar .peeep_date { font-size: .8em; color: #cb5; margin: 2px 1em 0 0; float: left; } #peeep_toolbar.peeep_verified { background-color: #efd; } #peeep_toolbar.peeep_verified .peeep_wrapper { border-bottom: 1px solid #ab9; } #peeep_toolbar.peeep_verified .shares:hover, #peeep_toolbar.peeep_verified .shares.hover { background-color: #dfc; } #peeep_toolbar.peeep_verified .peeep_date { color: #6a4; } #peeep_toolbar .peeep_logo { float: left; margin-right: 1em; margin-bottom: -1em; } #peeep_toolbar .original_link { font-size: .9em; color: #999; height: 16px; overflow: hidden; } #peeep_toolbar .original_link a { color: #999; } #peeep_toolbar .original_link a:visited { color: #bbb; } #peeep_toolbar .shares { float: right; line-height: 10px;/*?see Chrome*/ margin: -3px 20px -6px 2em; padding: 3px 3px; } #peeep_toolbar .shares img { margin: 0; padding: 0; } #peeep_toolbar .shares .share { display: none; margin: 0 0 0 3px; } #peeep_toolbar .shares:hover, #peeep_toolbar .shares.hover { background: #eec; } #peeep_toolbar .shares:hover .grip, #peeep_toolbar .shares.hover .grip { display: none; } #peeep_toolbar .shares:hover .share, #peeep_toolbar .shares.hover .share { display: inline; } </style> <div id="peeep_toolbar" class="%(toolbar_class)s"><div class="peeep_wrapper"> <a href="%(peeep)s" class="peeep_logo"><img src="%(peeep)sassets/peeep.png" alt="peeep" title="peeep url shortener" width="16" height="16" /></a> %(delete)s <div class="shares" onmouseover="this.className='shares hover'" onmouseout="this.className='shares'"> <a class="share" href="%(mailshare)s"><img src="%(peeep)sassets/mail.png" alt="mail" title="Email this link" width="16" height="16" /></a> <a class="share" href="%(gmailshare)s" target="_blank"><img src="%(peeep)sassets/gmail.png" alt="gmail" title="Send this link with GMail" width="16" height="16" /></a> <a class="share" href="%(fbshare)s" target="_blank"><img src="%(peeep)sassets/facebook.png" alt="facebook" title="Share on Facebook" width="16" height="16" /></a> <a class="share" href="%(twittershare)s" target="_blank"><img src="%(peeep)sassets/twitter.png" alt="twitter" title="Share on Twitter" width="16" height="16" /></a> <span class="grip"><img src="%(peeep)sassets/share.png" alt="Share..." width="16" height="16" /></span> </div> %(date2)s <div class="original_link"><a href="%(url)s">%(url)s</a></div> </div></div> %(analytics)s <!--/PEEEP-->''' ctx = { 'peeep': getEffectiveAddress(), 'id': id, 'date2': date2, 'mailshare': mailshare, 'twittershare': twittershare, 'gmailshare': gmailshare, 'fbshare': fbshare, 'analytics': analytics, 'url': cgi.escape(page.url.encode('utf-8'), True), 'token': tools.token(page, user), 'toolbar_class': 'peeep_verified' if cache.verified else '', } ctx['delete'] = delete % ctx controls = controls % ctx offs = 0 m = re.match(r'''(?isLx)((?: \s+ | # just white-space <!DOCTYPE\b[^>]*> | <html\b[^>]*> | </?head\b[^>]*> | </?base\b[^>]*> | </?command\b[^>]*> | </?link\b[^>]*> | </?meta\b[^>]*> | </?noscript\b[^>]*> | <script\b[^>]*>.*?</script> | # using non-greedy .*? <style\b[^>]*>.*?</style> | <title\b[^>]*>.*?</title> | <body\b[^>]*> | <!--.*?--> | <!.*?> # comments/DTDs/IE conditionals )*)''', html) if m: # skip any heading tags before body offs = m.end(0) html = html[:offs] + controls + html[offs:] return html