def requesthandler(self):
guid = self.request.get('guid')
cl = self.request.get('cl')
comment = clean(self.request.get('comment'))
if len(cl) < 1 and len(comment) > 4:
cl = TestLanguage.language(text=comment)
remote_addr = self.request.remote_addr
ip = self.request.get('ip')
if len(ip) > 0:
remote_addr = ip
username = self.request.get('username')
pw = self.request.get('pw')
session=''
location = geo.get(remote_addr)
if type(location) is dict:
try:
city = location['city']
state= location['state']
country= location['country']
except:
city = ''
state = ''
country = ''
try:
latitude=location['latitude']
longitude=location['longitude']
except:
latitude = None
longitude = None
if len(comment) > 5 and len(guid) > 7:
emptyform=False
else:
emptyform=True
if not emptyform:
spamchecked = False
akismetkey = Settings.get('akismet')
root_url = Settings.get('root_url')
if len(root_url) > 0 and string.count(root_url, 'http://') < 1:
root_url = 'http://' + root_url
a = Akismet()
a.setAPIKey(akismetkey, blog_url = root_url)
if a.verify_key():
data = dict()
data['user_ip']=remote_addr
data['user_agent']=self.request.headers['User-Agent']
if a.comment_check(comment, data):
spam=True
else:
spam=False
spamchecked=True
else:
spam=False
spamchecked=False
result = False
if len(username) > 0:
session = Users.auth(username=username, pw=pw, session='')
if len(session) < 8:
username=''
if not spam:
tdb = db.Query(Translation)
tdb.filter('guid = ', guid)
item = tdb.get()
if item is not None:
md5hash = item.md5hash
sl = item.sl
tl = item.tl
st = item.st
tt = item.tt
domain = item.domain
url = item.url
professional = item.professional
author = item.username
cdb = db.Query(Comment)
cdb.filter('guid = ', guid)
cdb.filter('remote_addr = ', remote_addr)
item = cdb.get()
if item is None:
item = Comment()
item.guid = guid
item.md5hash = md5hash
item.tl = tl
item.cl = cl
item.comment = comment
item.username = username
item.spamchecked = spamchecked
item.spam = spam
item.remote_addr = remote_addr
timestamp = datetime.datetime.now()
item.minute = timestamp.minute
item.hour = timestamp.hour
item.day = timestamp.day
item.month = timestamp.month
item.year = timestamp.year
item.domain = domain
item.url = url
item.city = city
item.state = state
item.country = country
try:
item.latitude = latitude
item.longitude = longitude
except:
pass
item.put()
if professional and len(author) > 0:
LSP.comment(guid, comment, lsp=author, username=username, remote_addr=remote_addr)
result = True
self.response.headers['Content-Type']='text/plain'
if result:
self.response.out.write('ok')
else:
self.error(500)
self.response.out.write('error')
else:
tdb = db.Query(Translation)
tdb.order('-date')
item = tdb.get()
if item is not None:
guid = item.guid
else:
guid = ''
t = '<table><form action=/comments/submit method=post accept-charset=utf-8>'
t = t + '<tr><td>GUID of Translation (guid)</td><td><input type=text name=guid value="' + guid + '"></td></tr>'
t = t + '<tr><td>Comment (comment)</td<td><input type=text name=comment></td></tr>'
t = t + '<tr><td>Username (username, optional)</td><td><input type=text name=username></td></tr>'
t = t + '<tr><td>Password (pw, optional)</td><td><input type=text name=pw></td></tr>'
t = t + '<tr><td colspan=2><input type=submit value=SUBMIT></td></tr></table></form>'
www.serve(self,t,sidebar=self.__doc__, title = '/comments/submit')
def requesthandler(self):
""" Combined GET and POST request handler."""
doc = self.request.get('doc')
if user_service == 'google':
if doc =='y':
www.serve(self,self.__doc__, title = '/users/auth')
else:
user = users.get_current_user()
if user is None:
self.redirect(users.create_login_url(self.request.uri))
else:
self.redirect('/')
else:
cookies = Cookies(self,max_age=3600)
try:
session = cookies['session']
except:
session = self.request.get('session')
username = clean(self.request.get('username'))
pw = self.request.get('pw')
callback = self.request.get('callback')
remote_addr = self.request.remote_addr
proxyurl = self.request.get('proxyurl')
username_field = self.request.get('username_field')
pw_field = self.request.get('pw_field')
success_msg = self.request.get('success_msg')
error_msg = self.request.get('error_msg')
location = geo.get(remote_addr)
city = location.get('city','')
state = location.get('state', '')
country = location.get('country', '')
try:
latitude = location['latitude']
longitude = location['longitude']
except:
latitude = None
longitude = None
if len(username) > 2 or len(session) > 2:
if len(proxyurl) > 0 and len(username_field) > 0 and len(pw_field) > 0:
form=dict()
form[username_field]=username
form[pw_field]=pw
form['user_ip']=remote_addr
form_data = urllib.urlencode(form)
result = urlfetch.fetch(url=proxyurl,
payload=form_data,
method=urlfetch.POST,
headers={'Content-Type' : 'application/x-www-form-urlencoded','Accept-Charset' : 'utf-8'})
if result.status_code == 200:
text = clean(result.content)
if string.count(text,success_msg) > 0:
m = md5.new()
m.update(username)
m.update(str(datetime.datetime.now()))
session = str(m.hexdigest())
sessioninfo = dict()
sessioninfo['username'] = username
sessioninfo['session'] = session
memcache.set('sessions|' + session, sessioninfo, 1800)
else:
session = None
else:
session=None
else:
sessioninfo = Users.auth(username, pw, session, remote_addr, city=city, state=state, country=country, latitude=latitude, longitude=longitude)
if sessioninfo is not None:
cookies['session'] = sessioninfo.get('session','')
self.response.headers['Content-Type']='text/plain'
if len(callback) > 0:
self.redirect(callback)
else:
if type(sessioninfo) is dict:
self.response.out.write(sessioninfo.get('session',''))
else:
self.response.out.write('')
else:
t = '<form action=/users/auth method=post accept-charset=utf-8>'
t = t + '<table><tr><td>Username</td><td><input type=text name=username></td></tr>'
t = t + '<tr><td>Password</td><td><input type=password name=pw></td></tr>'
t = t + '<tr><td>Proxy URL (External Auth Server)</td><td><input type=text name=proxyurl value=http://www.worldwidelexicon.org/users/proxy></td></tr>'
t = t + '<tr><td>Username Field</td><td><input type=text name=username_field value=username></td></tr>'
t = t + '<tr><td>Password Field</td><td><input type=text name=pw_field value=pw></td></tr>'
t = t + '<tr><td>Success Message / String</td><td><input type=text name=success_msg value=welcome></td></tr>'
t = t + '<tr><td>Error Message / String</td><td><input type=text name=error_msg value=invalid></td></tr>'
t = t + '<tr><td colspan=2><input type=submit value=LOGIN></td></tr>'
t = t + '</table></form>'
www.serve(self,t, sidebar = self.__doc__, title = '/users/auth')
