def logout(): if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) if userid: uniqid = syndbb.request.args.get('uniqid', '') if str(uniqid) == str(syndbb.session['logged_in']): check_session = d2_ip.query.filter_by( sessionid=uniqid).filter_by( ip=syndbb.request.remote_addr).first() if check_session: syndbb.db.session.delete(check_session) syndbb.db.session.commit() syndbb.session.pop('logged_in', None) syndbb.flash('You have been logged out.', 'warning') return syndbb.redirect(syndbb.url_for('home')) else: syndbb.flash('Invalid request.', 'warning') syndbb.session.pop('logged_in', None) return syndbb.redirect(syndbb.url_for('home')) else: syndbb.flash('Invalid session.', 'warning') syndbb.session.pop('logged_in', None) return syndbb.redirect(syndbb.url_for('home')) else: return syndbb.render_template('error_not_logged_in.html', title="Not logged in") else: return syndbb.render_template('error_not_logged_in.html', title="Not logged in")
def view_user_posts(user): if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) if userid: dynamic_css_header = ["css/bbcode_editor.css"] isInline = syndbb.request.args.get('inlinecontent', '') postcheck = d2_activity.query.filter_by(user_id=user).filter( d2_activity.replyto != 0).filter( d2_activity.anonymous != 1).order_by( d2_activity.time.desc()).all() usercheck = d2_user.query.filter_by(user_id=user).first() if usercheck: if postcheck: subheading = [] subheading.append('<a href="/user/' + usercheck.username + '">' + usercheck.username + '</a>') return syndbb.render_template('view_user_posts.html', isInline=isInline, posts=postcheck, title="All posts by " + usercheck.username, subheading=subheading) else: return syndbb.render_template( 'invalid.html', title=" • No posts found") else: return syndbb.render_template('invalid.html', title=" • No user found") else: return syndbb.render_template('error_not_logged_in.html', title="Not logged in")
def do_edit(): uniqid = syndbb.request.form['uniqid'] editing = syndbb.request.form['editing'] tpost = syndbb.request.form['post_content'] if tpost and editing and uniqid: userid = checkSession(uniqid) if userid: editcheck = d2_activity.query.filter_by(id=editing).first() if editcheck.title: postvars = editcheck else: postvars = d2_activity.query.filter_by( id=editcheck.replyto).first() forumcheck = d2_forums.query.filter_by( id=postvars.category).first() editor = d2_user.query.filter_by(user_id=userid).first() if (editor.rank >= 500) or (int(editcheck.user_id) == int(userid)): if editcheck: editcheck.content = tpost syndbb.db.session.commit() return "/" + forumcheck.short_name + "/" + str( postvars.id) + "#" + editing else: return 'Trying to edit a post which doesn\'t exist.' else: return "Trying to edit a post which isn't yours." else: return "Invalid Session" else: return "Invalid Request"
def remove_avatar(): avatar = syndbb.request.args.get('file', '') uniqid = syndbb.request.args.get('uniqid', '') if uniqid: userid = checkSession(uniqid) if userid: if avatar: avatar_original_source = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"/"+avatar+"-src.png" avatar_source = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"/"+avatar+".png" if syndbb.os.path.isfile(avatar_source): syndbb.os.remove(avatar_source) if syndbb.os.path.isfile(avatar_original_source): syndbb.os.remove(avatar_original_source) syndbb.flash('Avatar removed.', 'success') return syndbb.redirect(syndbb.url_for('change_avatar')) else: syndbb.flash('No such avatar exists.', 'danger') return syndbb.redirect(syndbb.url_for('change_avatar')) else: avatar_original_source = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"-src.png" avatar_source = syndbb.app.static_folder + "/data/avatars/"+str(userid)+".png" syndbb.os.remove(avatar_source) if syndbb.os.path.isfile(avatar_original_source): syndbb.os.remove(avatar_original_source) user = d2_user.query.filter_by(user_id=userid).first() user.avatar_date = 0 syndbb.db.session.commit() syndbb.flash('Avatar removed.', 'success') return syndbb.redirect(syndbb.url_for('change_avatar')) else: return "Invalid Session" else: return "Invalid Request"
def view_post(post): isInline = syndbb.request.args.get('inlinecontent', '') postcheck = d2_activity.query.filter_by(id=post).first() if postcheck: if postcheck.title: thread_title = ( postcheck.title[:75] + '...') if len(postcheck.title) > 75 else postcheck.title postvars = postcheck else: threadcheck = d2_activity.query.filter_by( id=postcheck.replyto).first() thread_title = ( threadcheck.title[:75] + '...') if len(threadcheck.title) > 75 else threadcheck.title postvars = threadcheck forumcheck = d2_forums.query.filter_by(id=postvars.category).first() if ('logged_in' in syndbb.session and checkSession( str(syndbb.session['logged_in']))) or not forumcheck.auth: return syndbb.render_template( 'view_post.html', isInline=isInline, post=postcheck, title="#" + forumcheck.short_name + " • " + thread_title + " • " + forumcheck.name, forumtitle="<a href='/" + forumcheck.short_name + "/" + str(postvars.id) + "'>" + thread_title + "</a>") else: return syndbb.render_template('error_not_logged_in.html', title="Not logged in") else: return syndbb.render_template('invalid.html', title=" • No post found")
def do_change_password(): oldpassword = d2_hash(syndbb.request.form['oldpassword']) newpassword = d2_hash(syndbb.request.form['newpassword']) uniqid = syndbb.request.form['uniqid'] if oldpassword and newpassword and uniqid: userid = checkSession(uniqid) if userid: user = d2_user.query.filter_by(user_id=userid).first() if user.password == oldpassword: user.password = newpassword syndbb.db.session.commit() check_session = d2_ip.query.filter_by( user_id=user.user_id).filter_by(login=1).all() for usession in check_session: syndbb.db.session.delete(usession) syndbb.db.session.commit() syndbb.session.pop('logged_in', None) syndbb.flash( 'You have been logged out due to a password change.', 'danger') return "Password change successful." else: return "Invalid old password." else: return "Invalid Session" else: return "Invalid Request"
def delete_file(): ufile = syndbb.request.args.get('file', '') uniqid = syndbb.request.args.get('uniqid', '') uploader = syndbb.request.args.get('uploader', '') if 'logged_in' in syndbb.session: userid = checkSession(str(uniqid)) if userid: user = d2_user.query.filter_by(user_id=userid).first() if uploader == "upload_anon": uploaded_file = syndbb.app.static_folder + "/data/uploads/" + d2_hash( user.username + user.password)[:10] + "/" + ufile else: uploaded_file = syndbb.app.static_folder + "/data/uploads/" + user.username + "/" + ufile if syndbb.os.path.isfile(uploaded_file): syndbb.os.system("shred -u " + uploaded_file) syndbb.flash('File deleted successfully.', 'success') syndbb.cache.delete_memoized( syndbb.views.upload.get_user_files) return syndbb.redirect(syndbb.url_for(uploader)) else: syndbb.flash('No such file exists.', 'danger') return syndbb.redirect(syndbb.url_for(uploader)) else: return syndbb.render_template('error_not_logged_in.html', title="Upload") else: return syndbb.render_template('error_not_logged_in.html', title="Upload")
def upload_file(): if syndbb.request.method == 'POST': image_types = [".jpg", ".jpeg", ".jpe"] if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) uploader = syndbb.request.form['uploader'] if 'anonymous' in syndbb.request.form: anonymous = 1 else: anonymous = 0 if 'timedelete' in syndbb.request.form: timedelete = 1 else: timedelete = 0 if userid: user = d2_user.query.filter_by(user_id=userid).first() if anonymous: uploadfolder = syndbb.app.static_folder + "/data/uploads/" + d2_hash( user.username + user.password)[:10] + "/" else: uploadfolder = syndbb.app.static_folder + "/data/uploads/" + user.username + "/" if not syndbb.os.path.exists(uploadfolder): syndbb.os.makedirs(uploadfolder) if 'file' not in syndbb.request.files: syndbb.flash('No file selected.', 'danger') return syndbb.redirect(syndbb.url_for(uploader)) file = syndbb.request.files['file'] if file.filename == '': syndbb.flash('No file selected.', 'danger') return syndbb.redirect(syndbb.url_for(uploader)) if file: filename = secure_filename(file.filename) extension = syndbb.os.path.splitext(filename)[1] newname = ''.join( random.sample( "-_" + string.ascii_uppercase + string.ascii_lowercase + string.digits, 20)) + extension file.save(syndbb.os.path.join(uploadfolder, newname)) if extension in image_types: piexif.remove(uploadfolder + newname) if uploader == 'upload_simple': return "/upload/simple/?file=" + newname else: syndbb.flash('File uploaded successfully.', 'success') syndbb.cache.delete_memoized( syndbb.views.upload.get_user_files) if anonymous: fpath = d2_hash(user.username + user.password)[:10] + "/" + newname else: fpath = user.username + "/" + newname return syndbb.redirect('/upload/view?file=' + fpath)
def upload_anon(): page = syndbb.request.args.get('page', type=int, default=1) per_page = syndbb.request.args.get('amount', type=int, default=25) dynamic_css_header = ["js/datatables.min.css"] dynamic_js_footer = [ "js/bootstrap-filestyle.min.js", "js/bootbox.min.js", "js/delete.js", "js/lazyload.transpiled.min.js" ] if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) if userid: cached_list = get_user_files(userid, anon=1) file_list = cached_list['file_list'] page_count = math.ceil(len(file_list) / per_page) pagination = Pagination(page=page, per_page=per_page, css_framework='bootstrap3', total=len(file_list)) amount_options = ["25", "50", "100", "500", "1000", "1500", "2000"] countselector = '' for amount in amount_options: if str(per_page) == amount: countselector += '<option value="' + amount + '" selected>' + amount + '</option>' else: countselector += '<option value="' + amount + '">' + amount + '</option>' start_index = (page * per_page) - per_page end_index = start_index + per_page if end_index > len(file_list): end_index = len(file_list) file_list = file_list[start_index:end_index] return syndbb.render_template( 'upload_anon.html', uploadurl=cached_list['uploadurl'], filecount=cached_list['file_count'], file_list=file_list, pagination=pagination, countselector=countselector, total_size=cached_list['total_size'], uploader_name=cached_list['user_name'], dynamic_js_footer=dynamic_js_footer, dynamic_css_header=dynamic_css_header, title="Anonymous", subheading=['<a href="/upload/">Upload</a>']) else: return syndbb.render_template( 'error_not_logged_in.html', title="Anonymous", subheading=['<a href="/upload/">Upload</a>']) else: return syndbb.render_template('error_not_logged_in.html', title="Upload", subheading=[""])
def pastebin(): if 'logged_in' in syndbb.session: dynamic_js_footer = ["js/bootbox.min.js", "js/delete.js"] userid = checkSession(str(syndbb.session['logged_in'])) if userid: getPastes = d2_paste.query.filter(d2_paste.user_id == userid).order_by(syndbb.db.desc(d2_paste.time)).all() return syndbb.render_template('pastebin.html', dynamic_js_footer=dynamic_js_footer, paste_list=getPastes, title="Pastebin", subheading=[""]) else: return syndbb.render_template('error_not_logged_in.html', title="Pastebin", subheading=[""]) else: return syndbb.render_template('error_not_logged_in.html', title="Pastebin", subheading=[""])
def view_thread(category, thread): forumcheck = d2_forums.query.filter_by(short_name=category).first() forumlogo = "" if forumcheck: if ('logged_in' in syndbb.session and checkSession( str(syndbb.session['logged_in']))) or not forumcheck.auth: topbuttons = '<a href="/' + forumcheck.short_name + '/' + thread + '/gallery" title="Gallery View" style="float:right;"><i class="silk-icon icon_application_view_tile" aria-hidden="true"></i></a>' dynamic_css_header = ["css/bbcode_editor.css"] dynamic_js_footer = [ "js/bootstrap-filestyle.min.js", "js/jquery.rangyinputs.js", "js/bbcode_editor_forums.js", "js/posts.js", "js/post_ratings.js", "js/bootbox.min.js", "js/delete.js", "js/inline.js" ] # if forumcheck.short_name == "yiff": # dynamic_css_header.append("css/oify.css") if (forumcheck.nsfw) and ('nsfwAllow' not in syndbb.request.cookies): dynamic_js_footer.append("js/nsfwprompt.js") dynamic_css_header.append("css/nsfw_fill.css") logo_file = syndbb.app.static_folder + "/images/logos/" + forumcheck.short_name + ".png" if syndbb.os.path.isfile(logo_file): forumlogo = '<img src="' + cdn_path( ) + '/images/logos/' + forumcheck.short_name + '.png" alt="D2K5" class="sitelogo mask">' threadcheck = d2_activity.query.filter_by(id=thread).first() if threadcheck: subheading = [] subheading.append('<a href="/' + forumcheck.short_name + '">' + forumcheck.name + '</a>') thread_title = (threadcheck.title[:75] + '...') if len( threadcheck.title) > 75 else threadcheck.title replycheck = d2_activity.query.filter_by(replyto=thread).all() return syndbb.render_template( 'view_thread.html', forum=forumcheck, replies=replycheck, thread=threadcheck, forumlogo=forumlogo, dynamic_css_header=dynamic_css_header, dynamic_js_footer=dynamic_js_footer, title="#" + forumcheck.short_name + " • " + thread_title + " • " + forumcheck.name, forumtitle=thread_title, topbuttons=topbuttons, subheading=subheading) else: return syndbb.render_template('invalid.html', title="No thread found") else: return syndbb.render_template('error_not_logged_in.html', title="Not logged in") else: return syndbb.render_template('invalid.html', title="No page found")
def register(): if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) if userid: return syndbb.render_template('error_already_logged_in.html', title="Registration") dynamic_js_footer = [ "js/crypt.js", "js/auth/auth_regd.js", "js/bootbox.min.js" ] return syndbb.render_template('register.html', dynamic_js_footer=dynamic_js_footer, title="Registration")
def login_history(): if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) if userid: user = d2_user.query.filter_by(user_id=userid).first() logins = d2_ip.query.filter_by(user_id=userid).order_by(d2_ip.time.desc()).all() subheading = [] subheading.append("<a href='/user/" + user.username + "'>" + user.username + "</a>") return syndbb.render_template('login_info.html', logins=logins, title="Login History", subheading=subheading) else: return syndbb.render_template('error_not_logged_in.html', title="Login History") else: return syndbb.render_template('error_not_logged_in.html', title="Login History")
def change_password(): if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) if userid: user = d2_user.query.filter_by(user_id=userid).first() dynamic_js_footer = ["js/crypt.js", "js/auth/auth_chpw.js", "js/bootbox.min.js"] subheading = [] subheading.append("<a href='/user/" + user.username + "'>" + user.username + "</a>") return syndbb.render_template('change_password.html', dynamic_js_footer=dynamic_js_footer, title="Change Password", subheading=subheading) else: return syndbb.render_template('error_not_logged_in.html', title="Change Password") else: return syndbb.render_template('error_not_logged_in.html', title="Change Password")
def undopastes(): paste_id = syndbb.request.args.get('paste_id') uniqid = syndbb.request.args.get('uniqid') if paste_id and uniqid: userid = checkSession(uniqid) if userid: deletePaste = d2_paste.query.filter(d2_paste.user_id == userid).filter(d2_paste.paste_id == paste_id).order_by(syndbb.db.desc(d2_paste.time)).first() syndbb.db.session.delete(deletePaste) syndbb.db.session.commit() syndbb.flash('Paste deleted.', 'success') return syndbb.redirect(syndbb.url_for('pastebin')) else: return "Invalid Session" else: return "Invalid Request"
def edit_post(post): if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) if userid: isInline = syndbb.request.args.get('inlinecontent', '') postcheck = d2_activity.query.filter_by(id=post).first() if postcheck: if postcheck.title: thread_title = (postcheck.title[:75] + '...') if len( postcheck.title) > 75 else postcheck.title postvars = postcheck else: threadcheck = d2_activity.query.filter_by( id=postcheck.replyto).first() thread_title = (threadcheck.title[:75] + '...') if len( threadcheck.title) > 75 else threadcheck.title postvars = threadcheck forumcheck = d2_forums.query.filter_by( id=postvars.category).first() dynamic_css_header = ["css/bbcode_editor.css"] dynamic_js_footer = [ "js/jquery.rangyinputs.js", "js/bbcode_editor_forums.js", "js/editing.js", "js/bootbox.min.js" ] subheading = [] subheading.append("<a href='/" + forumcheck.short_name + "/'>" + forumcheck.name + "</a>") subheading.append("<a href='/" + forumcheck.short_name + "/" + str(postvars.id) + "'>" + thread_title + "</a>") return syndbb.render_template( 'edit_post.html', isInline=isInline, post=postcheck, dynamic_css_header=dynamic_css_header, dynamic_js_footer=dynamic_js_footer, title="#" + forumcheck.short_name + " • " + thread_title + " • " + forumcheck.name, forumtitle="Editing Post", subheading=subheading) else: return syndbb.render_template('invalid.html', title=" • No post found") else: return syndbb.render_template('error_not_logged_in.html', title="Not logged in")
def update_status(): status = syndbb.request.form['status'] uniqid = syndbb.request.form['uniqid'] if uniqid: userid = checkSession(uniqid) if userid: user = d2_user.query.filter_by(user_id=userid).first() user.status = status user.status_time = unix_time_current() syndbb.db.session.commit() syndbb.cache.delete_memoized(syndbb.models.users.get_all_status_updates) return syndbb.redirect(syndbb.url_for('home')) else: return "Invalid Session" else: return "Invalid Request"
def dopaste(): paste_title = syndbb.request.form['paste_title'] paste_content = syndbb.request.form['paste_content'] uniqid = syndbb.request.form['uniqid'] if paste_title and paste_content and uniqid: userid = checkSession(uniqid) if userid: pasteid = str(syndbb.uuid.uuid4().hex) new_paste = d2_paste(userid, pasteid, unix_time_current(), html_escape(paste_content), html_escape(paste_title)) syndbb.db.session.add(new_paste) syndbb.db.session.commit() syndbb.flash('Paste created successfully.', 'success') return syndbb.redirect(syndbb.url_for('pastebin')) else: return "Invalid Session" else: return "Invalid Request"
def view_forum_create(category): forumcheck = d2_forums.query.filter_by(short_name=category).first() forumlogo = "" if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) if userid: if forumcheck: dynamic_css_header = [ "css/bbcode_editor.css", "css/dropdown.css" ] dynamic_js_footer = [ "js/jquery.dd.min.js", "js/jquery.rangyinputs.js", "js/bbcode_editor_forums.js", "js/threads.js", "js/inline.js", "js/bootbox.min.js" ] # if forumcheck.short_name == "yiff": # dynamic_css_header.append("css/oify.css") subheading = [] subheading.append('<a href="/' + forumcheck.short_name + '">' + forumcheck.name + '</a>') logo_file = syndbb.app.static_folder + "/images/logos/" + forumcheck.short_name + ".png" if syndbb.os.path.isfile(logo_file): forumlogo = '<img src="' + cdn_path( ) + '/images/logos/' + forumcheck.short_name + '.png" alt="D2K5" class="sitelogo mask">' return syndbb.render_template( 'new_thread.html', forum=forumcheck, forumlogo=forumlogo, dynamic_css_header=dynamic_css_header, dynamic_js_footer=dynamic_js_footer, title="New Thread", subheading=subheading) else: return syndbb.render_template('invalid.html', title="No page found") else: return syndbb.render_template('error_not_logged_in.html', title="Not logged in") else: return syndbb.render_template('error_not_logged_in.html', title="Not logged in")
def get_submitted_emote(): emote_list = [] if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) if userid: user = d2_user.query.filter_by(user_id=userid).first() emotfolder = syndbb.app.static_folder + "/data/emoticons/" + user.username + "/" if not syndbb.os.path.exists(emotfolder): syndbb.os.makedirs(emotfolder) for emote in syndbb.os.listdir(emotfolder): filepath = emotfolder + "/" + emote if syndbb.os.path.isfile(filepath): addtime = int(syndbb.os.stat(filepath).st_mtime) code = ":" + syndbb.os.path.splitext(emote)[0] + ":" emote_list.append([emote, code]) emote_list.sort(reverse=False) return emote_list
def preferences(): if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) if userid: user = d2_user.query.filter_by(user_id=userid).first() possibleurls = ["local", "i.d2k5.com", "i.hardcats.net", "i.lulzsec.co.uk"] uploadurls = [] for uploadurl in possibleurls: if user.upload_url == uploadurl: uploadurls.append([uploadurl, " selected"]) else: uploadurls.append([uploadurl, " "]) subheading = [] subheading.append("<a href='/user/" + user.username + "'>" + user.username + "</a>") return syndbb.render_template('preferences.html', uploadurls=uploadurls, title="Preferences", subheading=subheading) else: return syndbb.render_template('error_not_logged_in.html', title="Preferences") else: return syndbb.render_template('error_not_logged_in.html', title="Preferences")
def my_invites(): if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) if userid: user = d2_user.query.filter_by(user_id=userid).first() invites = d2_invites.query.filter_by(user_id=userid).all() subheading = [] subheading.append("<a href='/user/" + user.username + "'>" + user.username + "</a>") return syndbb.render_template('invites.html', invite_list=invites, title="Invites", subheading=subheading) else: return syndbb.render_template('error_not_logged_in.html', title="Invites") else: return syndbb.render_template('error_not_logged_in.html', title="Invites")
def delete_emoticon(): emote = syndbb.request.args.get('file', '') uniqid = syndbb.request.args.get('uniqid', '') if uniqid: userid = checkSession(uniqid) if userid: user = d2_user.query.filter_by(user_id=userid).first() emotepath = syndbb.app.static_folder + "/data/emoticons/" + user.username + "/" + emote if syndbb.os.path.isfile(emotepath): syndbb.os.remove(emotepath) syndbb.flash('Emoticon deleted successfully.', 'success') return syndbb.redirect(syndbb.url_for('submit_emoticon')) else: syndbb.flash('No such emoticon exists.', 'danger') return syndbb.redirect(syndbb.url_for('submit_emoticon')) else: return "Invalid Session" else: return "Invalid Request"
def generate_invite(): uniqid = syndbb.request.args.get('uniqid', '') userid = checkSession(str(uniqid)) code = str(syndbb.uuid.uuid4().hex) if userid: user = d2_user.query.filter_by(user_id=userid).first() if user.rank >= 100: create_invite = d2_invites(code, userid, 0) syndbb.db.session.add(create_invite) syndbb.db.session.commit() syndbb.flash('An invite has been generated.', 'success') return syndbb.redirect(syndbb.url_for('my_invites')) else: syndbb.flash('You don\'t have the permission to do this.', 'danger') return syndbb.redirect(syndbb.url_for('my_invites')) else: return syndbb.render_template('error_not_logged_in.html', title="Not logged in")
def do_rate_post(): post_id = syndbb.request.args.get('post_id', '') ratingtype = syndbb.request.args.get('type', '') uniqid = syndbb.request.args.get('uniqid', '') if post_id and ratingtype and uniqid: if 'logged_in' in syndbb.session: userid = checkSession(str(uniqid)) if userid: postcheck = d2_activity.query.filter_by(id=post_id).first() if postcheck: ratingcheck = d2_post_ratings.query.filter_by( post_id=post_id).filter_by(user_id=userid).first() if ratingcheck: return "You've already rated this post." post_creator = d2_user.query.filter_by( user_id=postcheck.user_id).first() if ratingtype == "down": post_creator.karma_negative = post_creator.karma_negative + 1 syndbb.db.session.commit() ratingtype = -1 elif ratingtype == "up": post_creator.karma_positive = post_creator.karma_positive + 1 syndbb.db.session.commit() ratingtype = 1 postcheck.rating = int(postcheck.rating) + ratingtype syndbb.db.session.commit() submit_rating = d2_post_ratings(post_id, userid, ratingtype) syndbb.db.session.add(submit_rating) syndbb.db.session.commit() return str(postcheck.id) else: return "Trying to rate a post which doesnt exist." else: return "You are not logged in!" else: return "Invalid Request"
def create_quotes(): uniqid = syndbb.request.form['uniqid'] tpost = syndbb.request.form['post_content'] if tpost and uniqid: userid = checkSession(uniqid) if userid: lastquote = d2_quotes.query.filter_by(user_id=userid).order_by( d2_quotes.time.desc()).first() if lastquote and (unix_time_current() - lastquote.time) <= 1: return "Trying to submit quotes too quickly, wait a while before trying again." else: create_quote = d2_quotes(userid, unix_time_current(), tpost, 0, 0) syndbb.db.session.add(create_quote) syndbb.db.session.commit() syndbb.flash('Quote has been submitted.', 'success') return syndbb.redirect(syndbb.url_for('view_qdb')) else: return "Invalid Session" else: return "Invalid Request"
def upload_avatar(): if syndbb.request.method == 'POST': uploaded_avatar = syndbb.request.form['avatar'] uploaded_avatar = uploaded_avatar[uploaded_avatar.find(",")+1:] userid = checkSession(str(syndbb.session['logged_in'])) if userid: user = d2_user.query.filter_by(user_id=userid).first() avatar_original_folder = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"-src.png" avatar_original_history = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"/"+str(unix_time_current())+"-src.png" avatar_folder = syndbb.app.static_folder + "/data/avatars/"+str(userid)+".png" avatar_history = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"/"+str(unix_time_current())+".png" if 'avatar_source' not in syndbb.request.files: return "No avatar selected." avatar_source = syndbb.request.files['avatar_source'] if avatar_source.filename == '': return "No avatar selected." if avatar_source: filename = secure_filename(avatar_source.filename) avatar_source.save(avatar_original_folder) im = Image.open(avatar_original_folder) im.thumbnail((1024,1024)) im.save(avatar_original_folder, "PNG") shutil.copy2(avatar_original_folder, avatar_original_history) if 'avatar' not in syndbb.request.form: syndbb.flash('No avatar selected.', 'danger') return syndbb.redirect(syndbb.url_for('change_avatar')) else: with open(avatar_folder, "wb") as fh: fh.write(base64.b64decode(uploaded_avatar)) with open(avatar_history, "wb") as fh: fh.write(base64.b64decode(uploaded_avatar)) user.avatar_date = unix_time_current() syndbb.db.session.commit() syndbb.flash('Avatar uploaded successfully.', 'success') return syndbb.redirect(syndbb.url_for('change_avatar'))
def upload_emoticon(): if syndbb.request.method == 'POST': if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) if userid: user = d2_user.query.filter_by(user_id=userid).first() uploadfolder = syndbb.app.static_folder + "/data/emoticons/" + user.username + "/" if 'file' not in syndbb.request.files: syndbb.flash('No emoticon selected.', 'danger') return syndbb.redirect(syndbb.url_for('submit_emoticon')) file = syndbb.request.files['file'] file.seek(0, syndbb.os.SEEK_END) file_length = file.tell() extension = syndbb.os.path.splitext(file.filename)[1].lower() image_types = [".jpg", ".jpeg", ".jpe", ".gif", ".png"] if extension not in image_types: syndbb.flash('Uploaded file is not an image.', 'danger') return syndbb.redirect(syndbb.url_for('submit_emoticon')) if file_length > 65536: syndbb.flash('Image is over 64kb.', 'danger') return syndbb.redirect(syndbb.url_for('submit_emoticon')) img_res = Image.open(file) if img_res.size[0] > 100: syndbb.flash('Image width is over 100px.', 'danger') return syndbb.redirect(syndbb.url_for('submit_emoticon')) if img_res.size[1] > 32: syndbb.flash('Image height is over 32px.', 'danger') return syndbb.redirect(syndbb.url_for('submit_emoticon')) if file.filename == '': syndbb.flash('No emoticon selected.', 'danger') return syndbb.redirect(syndbb.url_for('submit_emoticon')) if file: file.seek(0) filename = secure_filename(file.filename) file.save(syndbb.os.path.join(uploadfolder, filename)) syndbb.flash('Emoticon uploaded successfully.', 'success') return syndbb.redirect(syndbb.url_for('submit_emoticon')) else: return "What are you doing?"
def dologin(): if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) if userid: return "You are already logged in!" username = syndbb.request.form['username'] password = d2_hash(syndbb.request.form['password']) user = d2_user.query.filter_by(username=username).first() my_ip = syndbb.request.remote_addr useragent = syndbb.request.headers.get('User-Agent') if user: session_id = str(syndbb.uuid.uuid1()) if user.password == password: login_ip = d2_ip(my_ip, useragent, user.user_id, unix_time_current(), 1, syndbb.request.path, session_id, d2_hash(my_ip)[:10]) syndbb.db.session.add(login_ip) syndbb.db.session.commit() syndbb.session['logged_in'] = session_id syndbb.session.permanent = True user.last_login = unix_time_current() return "Login successful." else: login_ip = d2_ip(my_ip, user.user_id, unix_time_current(), 0, syndbb.request.path) syndbb.db.session.add(login_ip) syndbb.db.session.commit() return "Invalid password." else: return "Invalid username."
def change_avatar(): if 'logged_in' in syndbb.session: userid = checkSession(str(syndbb.session['logged_in'])) if userid: user = d2_user.query.filter_by(user_id=userid).first() dynamic_js_footer = ["js/jquery.cropit.js", "js/bootbox.min.js", "js/delete.js"] avatar_list = [] avatar_sources = [] avatarfolder = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"/" if not syndbb.os.path.exists(avatarfolder): print("path does not exist, creating") syndbb.os.makedirs(avatarfolder) else: print(avatarfolder + " exists") for avatar in syndbb.os.listdir(avatarfolder): filepath = avatarfolder + "/" + avatar if syndbb.os.path.isfile(filepath): addtime = int(syndbb.os.stat(filepath).st_mtime) if "src" not in avatar: avatar_list.append([avatar.split(".")[0], addtime]) else: avatar_sources.append([avatar.split(".")[0], addtime]) avatar_list.sort(reverse=True) avatar_sources.sort(reverse=True) subheading = [] subheading.append("<a href='/user/" + user.username + "'>" + user.username + "</a>") return syndbb.render_template('change_avatar.html', avatar_list=avatar_list, avatar_sources=avatar_sources, dynamic_js_footer=dynamic_js_footer, title="Change Avatar", subheading=subheading) else: return syndbb.render_template('error_not_logged_in.html', title="Change Avatar") else: return syndbb.render_template('error_not_logged_in.html', title="Change Avatar")