예제 #1
0
    def post(self):
        if self.user:
            if not self.check_state():
                logging.warning("Possible CSRF attack detected!")
                self.redirect("/")
                return

            input_delete_article = self.request.get('delete_article')

            if input_delete_article:
                Article.remove(input_delete_article)
                # Show message: Confirm deletion of article.
                self.render('message.html', message_delete_article = True)

            else:
                input_edit_article = self.request.get('edit_article')
                input_title = self.request.get('title')
                input_body = self.request.get('body')

                article = Article.by_id(input_edit_article)
                
                error_title=""
                error_body=""

                have_error = False

                if not valid_title(input_title):
                    # Show the error-message: not a valid title.
                    error_title = True
                    have_error = True
                if not valid_body(input_body):
                    # Show the error-message: not a valid body.
                    error_body = True
                    have_error = True

                if have_error:
                    state = self.make_state()
                    # Render page with error-messages.
                    self.render('edit_article.html',
                                user = self.user,
                                article = article,
                                error_title = error_title,
                                error_body = error_body,
                                title_form = input_title,
                                body_form = input_body,
                                state = state)
                else:
                    # Edit article-entity and commit to Article-DB.
                    article.title = input_title
                    article.body = input_body
                    article.put()
                    # Update memcache
                    Article.update_article_cache(article)
                    # Redirect to homepage
                    self.redirect("/")

        else:
            # Prompt user to login.
            self.render('message.html', message_new_article_1 = True)
예제 #2
0
    def post(self):
        if self.user:
            if not self.check_state():
                self.redirect("/")
                return

            # Deactivate account by deleting from User database and 
            # adding to the DeactAccounts database.
            d = DeactAccounts.create(self.user.key().id(), 
                                     self.user.name,
                                     self.user.email)

            # Delete user
            User.remove(self.user.key().id())

            # Genrate list of article-keys for the deleted user.
            article_key_list = Article.keys_by_author(self.user.key().id())

            for key in article_key_list:
                # Store article in DeletdArticle DB
                article = Article.by_id(key.id())
                del_art = DeletdArticle.create(article.title,
                                               article.body, 
                                               article.author)
                del_art.put()
                # Delete article from Article DB
                Article.remove(key.id())
            
            # Logout (delete coockie)
            self.logout()

            # Send email notification
            self.send_email(d.email, 
                            'email_subject.html', 
                            'email_account_deleted.html', 
                            subject_type = 'account_deleted')


            # Render page with message that account was deleted
            self.session.add_flash('message_delete_account_1', 
                                   key='homepage_flashes')
            self.session.add_flash(d.email, key='deleted_email')
            self.redirect("/")

        else:
            # Prompt user to login.
            self.session.add_flash('message_user_settings_1', 
                                   key='homepage_flashes')
            self.redirect("/")
예제 #3
0
    def post(self):
        if self.user:
            if not self.check_state():
                logging.warning("Possible CSRF attack detected!")
                self.redirect("/")
                return

            # Get user input
            input_password = self.request.get('password')

            # Check input and set error messages. 
            error_password=""

            have_error = False

            if not valid_pw(self.user.email, input_password, self.user.pw_hash):
                # Set the error-message: incorrect password.
                error_password = True
                have_error = True

            if have_error:
                state = self.make_state()
                # Render page with error-messages.
                self.render('delete_account.html',
                            user = self.user,
                            error_password = error_password,
                            state = state)
            else:
                # Deactivate account by deleting from User database and 
                # adding to the DeactAccounts database.
                d = DeactAccounts.create(self.user.key().id(), 
                                         self.user.name,
                                         self.user.email)
                d.put()

                # Delete user
                User.remove(self.user.key().id())

                # Genrate list of article-keys for the deleted user.
                article_key_list = Article.keys_by_author(self.user.key().id())

                for key in article_key_list:
                    # Store article in DeletdArticle DB
                    article = Article.by_id(key.id())
                    del_art = DeletdArticle.create(article.title,
                                                   article.body, 
                                                   article.author)
                    del_art.put()
                    # Delete article from Article DB
                    Article.remove(key.id())
                
                # Logout (delete coockie)
                self.logout()

                # Send email notification
                self.send_email(d.email, 
                                'email_subject.html', 
                                'email_account_deleted.html', 
                                subject_type = 'account_deleted')


                # Render page with message that account was deleted
                self.render('message.html', 
                            message_delete_account_1 = True, 
                            deleted_email = d.email)

        else:
            # Prompt user to login.
            self.render('message.html', message_user_settings_1 = True)