def get(self, randomID):
util.insertUsersideCookies(self)
randomID = randomID.replace("/", "")
sketch = Sketch.get_by_randomID(randomID)
# this big blot inserted by Davide Della Casa
self.session = True
user = UserInfo()
user.whoIs(self)
sketch.sourceCodeForTextArea = sourcecode_for_text_area(
sketch.sourceCode)
sketch.blogdate = ""
sketch.entrytype = ""
sketch.status = "published"
sketch.author_email = user.email
sketch.author_user_id = user.user_id
if user.user:
sketch.author_nickname = user.nickname
else:
sketch.author_nickname = "anonymous"
# this big blot inserted by Davide Della Casa
template_values = {
'sketch': sketch,
'action': "copyBlog",
'published': sketch.published,
'headerTitle': "Copy sketch",
}
self.generate('newSketchTemplate.html', template_values)
def post(self, randomID):
# Only an admin can upload full pictures
# Note that non-admins can still do lengthy posts to this address, which should ideally be avoided
self.session = True
user = UserInfo()
user.whoIs(self)
if ((user.is_current_user_admin)):
logging.info('you are an admin: OK')
else:
logging.info('you are an not an admin: not OK')
return
self.response.headers['Content-Type'] = "text/html"
logging.info('you are doing a get to the full picture uploader')
self.response.out.write("from page:")
logging.info("from page: <br>")
logging.info('randomID is: ' + randomID)
# In order to check who the user is, the flash applet needs to include the same
# session cookie that the browser uses to keep the identity of the user
# if users.get_current_user().email().lower() != "*****@*****.**":
# raise web.HTTPError(501)
# return
# for myModel in MyModel.all():
# myModel.delete()
file_contents = self.request.get("fullPicture")
# self.response.out.write(file_contents)
# in the local environment
logging.info('about to create the full picture object')
# self.response.out.write('<br> unescaped: <br>')
# self.response.out.write(urllib.unquote(file_contents).replace(chr(45),chr(43)))
# self.response.out.write('<br> over <br>')
# logging.info('<br> unescaped: <br>')
# logging.info(urllib.unquote(file_contents).replace(chr(45),chr(43)))
# logging.info('<br> over <br>')
fullPictureBinary = base64.standard_b64decode(
urllib.unquote(file_contents).replace(chr(45), chr(43)))
q0 = db.GqlQuery("SELECT * FROM FullPicture WHERE randomID = :1",
randomID).fetch(1)
if (q0):
logging.info('updated an existing full picture record')
q0[0].fullPicture = db.Blob(fullPictureBinary)
q0[0].put()
else:
logging.info('created a new full picture record')
fullPictureRecord = FullPicture()
fullPictureRecord.randomID = randomID
fullPictureRecord.fullPicture = db.Blob(fullPictureBinary)
fullPictureRecord.put()
self.response.out.write('<br> ...done <br>')
logging.info('created the full picture object and put it in datastore')
def get(self,randomID):
util.insertUsersideCookies(self)
randomID = randomID.replace("/","")
sketch = Sketch.get_by_randomID(randomID)
# this big blot inserted by Davide Della Casa
self.session = True
user = UserInfo()
user.whoIs(self)
sketch.sourceCodeForTextArea = sourcecode_for_text_area(sketch.sourceCode)
if ((sketch.author_user_id == user.user_id) or (user.is_current_user_admin)):
template_values = {
'sketch': sketch,
'published': sketch.published,
'action': "editBlog",
'headerTitle':"Edit sketch",
}
self.generate(self.template_path,template_values)
else:
if self.request.method == 'GET':
self.redirect("/403.html")
else:
self.error(403) # User didn't meet role.
def get(self, randomID):
util.insertUsersideCookies(self)
randomID = randomID.replace("/", "")
sketch = Sketch.get_by_randomID(randomID)
# this big blot inserted by Davide Della Casa
self.session = True
user = UserInfo()
user.whoIs(self)
sketch.sourceCodeForTextArea = sourcecode_for_text_area(
sketch.sourceCode)
if ((sketch.author_user_id == user.user_id)
or (user.is_current_user_admin)):
template_values = {
'sketch': sketch,
'published': sketch.published,
'action': "editBlog",
'headerTitle': "Edit sketch",
}
self.generate(self.template_path, template_values)
else:
if self.request.method == 'GET':
self.redirect("/403.html")
else:
self.error(403) # User didn't meet role.
def post(self,randomID):
# Only an admin can upload full pictures
# Note that non-admins can still do lengthy posts to this address, which should ideally be avoided
self.session = True
user = UserInfo()
user.whoIs(self)
if ((user.is_current_user_admin)):
logging.info('you are an admin: OK')
else:
logging.info('you are an not an admin: not OK')
return
self.response.headers['Content-Type'] = "text/html"
logging.info('you are doing a get to the full picture uploader')
self.response.out.write("from page:")
logging.info("from page: <br>")
logging.info('randomID is: ' + randomID)
# In order to check who the user is, the flash applet needs to include the same
# session cookie that the browser uses to keep the identity of the user
# if users.get_current_user().email().lower() != "*****@*****.**":
# raise web.HTTPError(501)
# return
# for myModel in MyModel.all():
# myModel.delete()
file_contents = self.request.get("fullPicture")
# self.response.out.write(file_contents)
# in the local environment
logging.info('about to create the full picture object')
# self.response.out.write('<br> unescaped: <br>')
# self.response.out.write(urllib.unquote(file_contents).replace(chr(45),chr(43)))
# self.response.out.write('<br> over <br>')
# logging.info('<br> unescaped: <br>')
# logging.info(urllib.unquote(file_contents).replace(chr(45),chr(43)))
# logging.info('<br> over <br>')
fullPictureBinary = base64.standard_b64decode(urllib.unquote(file_contents).replace(chr(45),chr(43)) )
q0 = db.GqlQuery("SELECT * FROM FullPicture WHERE randomID = :1", randomID).fetch(1)
if(q0):
logging.info('updated an existing full picture record')
q0[0].fullPicture = db.Blob(fullPictureBinary)
q0[0].put()
else:
logging.info('created a new full picture record')
fullPictureRecord = FullPicture()
fullPictureRecord.randomID = randomID
fullPictureRecord.fullPicture = db.Blob(fullPictureBinary)
fullPictureRecord.put()
self.response.out.write('<br> ...done <br>')
logging.info('created the full picture object and put it in datastore')
def get(self,randomID):
randomID = randomID.replace("/","")
sketch = Sketch.get_by_randomID(randomID)
if sketch is None: self.redirect("/403.html")
# this big blot inserted by Davide Della Casa
self.session = True
user = UserInfo()
user.whoIs(self)
if ((sketch.author_user_id == user.user_id) or (user.is_current_user_admin)):
q0 = db.GqlQuery("SELECT * FROM MySketchesSketch WHERE randomID = :1", randomID).fetch(1)
q1 = db.GqlQuery("SELECT * FROM AuthorSketchesSketch WHERE randomID = :1", randomID).fetch(1)
logging.info('key stuff: '+ str(sketch.key()))
logging.info('key stuff: '+ sketch.key().name())
q2 = GallerySketch.get_by_key_name(sketch.key().name())
DeletedSketch(key_name = 'sketchRandomID'+randomID).put()
if(q0) : q0[0].delete()
if(q1) : q1[0].delete()
if(q2) : q2.delete()
if(sketch): sketch.delete()
# deletion of comments is missing
self.redirect('/mySketches')
else:
if self.request.method == 'GET':
self.redirect("/403.html")
else:
self.error(403) # User didn't meet role.
def get(self,randomID):
util.insertUsersideCookies(self)
randomID = randomID.replace("/","")
sketch = Sketch.get_by_randomID(randomID)
# this big blot inserted by Davide Della Casa
self.session = True
user = UserInfo()
user.whoIs(self)
sketch.sourceCodeForTextArea = sourcecode_for_text_area(sketch.sourceCode)
sketch.blogdate = "";
sketch.entrytype="";
sketch.status="published";
sketch.author_email = user.email
sketch.author_user_id = user.user_id
if user.user:
sketch.author_nickname = user.nickname
else:
sketch.author_nickname = "anonymous"
# this big blot inserted by Davide Della Casa
template_values = {
'sketch': sketch,
'action': "copyBlog",
'published': sketch.published,
'headerTitle':"Copy sketch",
}
self.generate('newSketchTemplate.html',template_values)
def get(self, randomID):
NUMBER_OF_COMMENTS_PREVIEWED = 3
logging.info('you are doing a get to the latest comments downloader')
"""
if not authorized.checkIfUserIsInWhiteList():
self.redirect(authorized.getLoginPage())
"""
self.session = True
user = UserInfo()
user.whoIs(self)
startKey = Key.from_path('SketchComment',
"-" + randomID + "sketch00000000000000000000")
endKey = Key.from_path('SketchComment',
"-" + randomID + "sketch99999999999999999999")
# in the local environment
myModels = db.GqlQuery(
"SELECT * FROM SketchComment WHERE __key__ >= :1 AND __key__ < :2",
startKey, endKey).fetch(NUMBER_OF_COMMENTS_PREVIEWED + 1)
more = False
if len(myModels) == 4:
more = True
myModels = myModels[:3]
if len(myModels) == 0:
self.response.out.write("<br>no comments yet")
return
for myModel in myModels:
self.response.out.write('<div class="usercomments">')
self.response.out.write(
"<br /><strong><A class=timestamp-link href=\"/byUploader/" +
myModel.author_nickname + "-" + myModel.author_string_user_id +
"/\">" + myModel.author_nickname +
"</A> comment: </strong> <br />")
self.response.out.write(myModel.body.replace('\n', "<br>"))
self.response.out.write('<div class="commentdelete">')
# also check that the user is not anonymous before providing the delete link
if ((user.user)
and (myModel.author_user_id == user.user_id
or user.is_current_user_admin
or myModel.sketch_author_user_id == user.user_id)):
self.response.out.write(
'<A href=\"/deleteComment/' + myModel.key().name() +
'/?backTo=/view/' + randomID +
'/\"><img src="/imgs/delete.gif" alt="delete" height="25px" /> Delete</A>'
)
self.response.out.write('</div>')
self.response.out.write("</div><br />")
if more:
self.response.out.write(
"<p><A class=timestamp-link href=\"/comments/" + randomID +
"/\">more...</A></p>")
return
def get(self):
next = None
PAGESIZE = 30
util.insertUsersideCookies(self)
self.session = True
user = UserInfo()
user.whoIs(self)
bookmark = self.request.get("bookmark")
if bookmark:
bookmark = Key(self.request.get("bookmark"))
else:
if user.user:
bookmark = Key.from_path('MySketchesSketch','-%023d' % (int(user.user_id)) + SKETCH_ZEROS)
else:
bookmark = Key.from_path('MySketchesSketch','-%023d' % (0) + SKETCH_ZEROS)
if user.user:
endKey = Key.from_path('MySketchesSketch','-%023d' % (int(user.user_id) + 1) + SKETCH_ZEROS)
else:
endKey = Key.from_path('MySketchesSketch','-%023d' % (1) + SKETCH_ZEROS)
logging.info('starting key ' + str(bookmark))
logging.info('starting key name' + bookmark.name())
q = db.GqlQuery("SELECT * FROM MySketchesSketch WHERE __key__ >= :1 AND __key__ < :2",bookmark,endKey)
sketches = q.fetch(PAGESIZE+1)
if len(sketches) == PAGESIZE + 1:
next = str(sketches[-1].key())
sketches = sketches[:PAGESIZE]
logging.info('next key ' + next)
logging.info('next key name ' + sketches[-1].key().name())
if next is None:
next = ""
for sketch in sketches:
sketch.stringtags = util.shorten(" ".join(sketch.tags),18)
template_values = {
'sketches':sketches,
'bookmark':bookmark,
'next':next,
'action':"mySketches",
'headerTitle':"My sketches",
}
self.generate('galleryTemplate.html',template_values)
def get(self):
next = None
PAGESIZE = 30
util.insertUsersideCookies(self)
user = UserInfo()
user.whoIs(self)
if user.email == '*****@*****.**':
self.generate('limboPage.html')
return;
bookmark = self.request.get("bookmark")
if bookmark:
bookmark = Key(self.request.get("bookmark"))
else:
bookmark = Key.from_path('GallerySketch',SKETCH_ZEROS)
logging.info('starting key ' + str(bookmark))
logging.info('starting key name' + bookmark.name())
q = db.GqlQuery("SELECT * FROM GallerySketch WHERE __key__ >= :1", bookmark)
sketches = q.fetch(PAGESIZE+1)
if len(sketches) == PAGESIZE + 1:
next = str(sketches[-1].key())
sketches = sketches[:PAGESIZE]
logging.info('next key ' + next)
logging.info('next key name ' + sketches[-1].key().name())
if next is None:
next = ""
for sketch in sketches:
sketch.stringtags = util.shorten(" ".join(sketch.tags),18)
template_values = {
'sketches':sketches,
'bookmark':bookmark,
'next':next,
'action':"gallery",
'headerTitle':"Gallery",
}
self.generate('galleryTemplate.html',template_values)
def get(self,randomID):
next = None
PAGESIZE = 5
"""
if not authorized.checkIfUserIsInWhiteList():
self.redirect(authorized.getLoginPage())
"""
util.insertUsersideCookies(self)
self.session = True
user = UserInfo()
user.whoIs(self)
bookmark = self.request.get("bookmark")
if bookmark:
bookmark = Key(self.request.get("bookmark"))
else:
bookmark = Key.from_path('SketchComment',"-" + randomID + 'sketch00000000000000000000')
endKey = Key.from_path('SketchComment',"-" + randomID + 'sketch99999999999999999999')
q = db.GqlQuery("SELECT * FROM SketchComment WHERE __key__ >= :1 AND __key__ < :2", bookmark, endKey)
sketchComments = q.fetch(PAGESIZE+1)
if len(sketchComments) == PAGESIZE + 1:
next = str(sketchComments[-1].key())
sketchComments = sketchComments[:PAGESIZE]
if next is None:
next = ""
for sketchComment in sketchComments:
sketchComment.keyname = sketchComment.key().name()
template_values = {
'sketchComments':sketchComments,
'bookmark':bookmark,
'next':next,
'randomID':randomID,
}
self.generate('commentsTemplate.html',template_values)
def get(self,randomID):
NUMBER_OF_COMMENTS_PREVIEWED = 3
logging.info('you are doing a get to the latest comments downloader')
"""
if not authorized.checkIfUserIsInWhiteList():
self.redirect(authorized.getLoginPage())
"""
self.session = True
user = UserInfo()
user.whoIs(self)
startKey = Key.from_path('SketchComment' , "-" + randomID + "sketch00000000000000000000")
endKey = Key.from_path('SketchComment' , "-" + randomID + "sketch99999999999999999999")
# in the local environment
myModels = db.GqlQuery("SELECT * FROM SketchComment WHERE __key__ >= :1 AND __key__ < :2", startKey, endKey).fetch(NUMBER_OF_COMMENTS_PREVIEWED+1)
more = False
if len(myModels) == 4:
more = True
myModels = myModels[:3]
if len(myModels) == 0:
self.response.out.write("<br>no comments yet")
return
for myModel in myModels:
self.response.out.write('<div class="usercomments">')
self.response.out.write("<br /><strong><A class=timestamp-link href=\"/byUploader/" + myModel.author_nickname+"-"+ myModel.author_string_user_id+"/\">"+myModel.author_nickname+"</A> comment: </strong> <br />")
self.response.out.write(myModel.body.replace('\n', "<br>"))
self.response.out.write('<div class="commentdelete">')
# also check that the user is not anonymous before providing the delete link
if ((user.user)and(myModel.author_user_id == user.user_id or user.is_current_user_admin or myModel.sketch_author_user_id == user.user_id)) :
self.response.out.write('<A href=\"/deleteComment/'+myModel.key().name()+'/?backTo=/view/'+randomID+'/\"><img src="/imgs/delete.gif" alt="delete" height="25px" /> Delete</A>')
self.response.out.write('</div>')
self.response.out.write("</div><br />")
if more:
self.response.out.write("<p><A class=timestamp-link href=\"/comments/" + randomID+"/\">more...</A></p>")
return
def get(self, randomID):
randomID = randomID.replace("/", "")
sketch = Sketch.get_by_randomID(randomID)
if sketch is None: self.redirect("/403.html")
# this big blot inserted by Davide Della Casa
self.session = True
user = UserInfo()
user.whoIs(self)
if ((sketch.author_user_id == user.user_id)
or (user.is_current_user_admin)):
q0 = db.GqlQuery(
"SELECT * FROM MySketchesSketch WHERE randomID = :1",
randomID).fetch(1)
q1 = db.GqlQuery(
"SELECT * FROM AuthorSketchesSketch WHERE randomID = :1",
randomID).fetch(1)
logging.info('key stuff: ' + str(sketch.key()))
logging.info('key stuff: ' + sketch.key().name())
q2 = GallerySketch.get_by_key_name(sketch.key().name())
DeletedSketch(key_name='sketchRandomID' + randomID).put()
if (q0): q0[0].delete()
if (q1): q1[0].delete()
if (q2): q2.delete()
if (sketch): sketch.delete()
# deletion of comments is missing
self.redirect('/mySketches')
else:
if self.request.method == 'GET':
self.redirect("/403.html")
else:
self.error(403) # User didn't meet role.
def generate(self, template_name, template_values={}):
self.session = True
user = UserInfo()
user.whoIs(self)
if user.user:
values = {
'usernickname': user.nickname,
'useremail': user.email,
'usersiscurrentuseradmin' : user.is_current_user_admin,
'userid': user.user_id,
}
else:
values = {
'usernickname': "anonymous",
'useremail': None,
'usersiscurrentuseradmin' : False,
'userid': "anonymous",
}
values.update(template_values)
directory = os.path.dirname(__file__)
view.ViewPage(cache_time=0).render(self, template_name,values)
def get(self):
util.insertUsersideCookies(self)
user = UserInfo()
user.whoIs(self)
if user.email == '*****@*****.**':
self.generate('limboPage.html')
return
q = db.GqlQuery("SELECT * FROM GallerySketch")
sketches = q.fetch(28)
counter = 28
for sketch in sketches:
sketch.stringtags = util.shorten(" ".join(sketch.tags), 18)
sketch.counter = counter
counter = counter + 1
template_values = {
'sketches': sketches,
}
self.generate('frontPageTemplate.html', template_values)
def get(self):
util.insertUsersideCookies(self)
user = UserInfo()
user.whoIs(self)
if user.email == '*****@*****.**':
self.generate('limboPage.html')
return;
q = db.GqlQuery("SELECT * FROM GallerySketch")
sketches = q.fetch(28)
counter = 28
for sketch in sketches:
sketch.stringtags = util.shorten(" ".join(sketch.tags),18)
sketch.counter = counter
counter = counter + 1
template_values = {
'sketches':sketches,
}
self.generate('frontPageTemplate.html',template_values)
def post(self, randomID):
logging.info('editing the sketch')
randomID = randomID.replace("/", "")
sketch = Sketch.get_by_randomID(randomID)
# this big blot inserted by Davide Della Casa
self.session = True
user = UserInfo()
user.whoIs(self)
if ((sketch.author_user_id == user.user_id)
or (user.is_current_user_admin)):
if (sketch is None):
self.redirect('/index.html')
################################################################################
################################################################################
# and now for some serious tiptapping. On top of the sketch table, there are other
# tables to change.
# first, if the published flag changes, then the entries in the gallery and in the by_author
# table need to either be inserted or be deleted
# that said, also if the title or the tags change, then you need to modify the entries
# in all the three tables (unless you just deleted or added them)
AuthorSketchesSketch_add = False
AuthorSketchesSketch_change = False
AuthorSketchesSketch_delete = False
GallerySketch_add = False
GallerySketch_change = False
GallerySketch_delete = False
if 'published' in self.request.arguments():
logging.info(
'editing a sketch and the published field has been sent')
# check if the edited sketch has become suspicious
sketch_title = self.request.get('title_input')
sketch_tags_commas = self.request.get('tags')
suspiciousContent = False
if is_suspicious(sketch_title, sketch_tags_commas):
suspiciousContent = True
if util.doesItContainProfanity(sketch_title):
suspiciousContent = True
logging.info('this sketch is dirrrrrrrty')
# Anonymous users can't create unpublished sketches,
# so we override the flag of the form if the case
if suspiciousContent == True:
logging.info(
'forcing the sketch to unpublishing because it is so dirty'
)
shouldItBePublished = False
elif user.user:
shouldItBePublished = ('published' in self.request.arguments())
else:
shouldItBePublished = True
# first, check if the title or the tags changed
# if so, then you modify the MySketchesSketch table right away
# and you mark the AuthorSketchesSketch and the GallerySketch table as
# *potentially* to be modified ( *potentially* because you might have to just add those
# entries anew or delete them, depending on whether the published flag has changed)
if ((sketch.title != sketch_title)
or (sketch.tags_commas != self.request.get('tags'))):
q0 = db.GqlQuery(
"SELECT * FROM MySketchesSketch WHERE randomID = :1",
randomID).fetch(1)
q0[0].title = sketch_title
q0[0].tags_commas = self.request.get('tags')
q0[0].published = (shouldItBePublished)
q0[0].put()
#
AuthorSketchesSketch_change = True
GallerySketch_change = True
# now you check how the published flag changes to see if the entries
# in the other two tables need to be added or deleted
if ((sketch.published == True) and (shouldItBePublished == False)):
logging.info('unpublishing a sketch')
AuthorSketchesSketch_delete = True
GallerySketch_delete = True
if ((sketch.published == False) and (shouldItBePublished == True)):
logging.info('making a sketch public')
AuthorSketchesSketch_add = True
GallerySketch_add = True
# if you have to add, add, and set the "change" flag to false so that
# you don't blindly change this record soon after you've added it
if AuthorSketchesSketch_add:
authorSketchesSketch = AuthorSketchesSketch(
key_name='-%023d' % int(user.user_id) +
sketch.key().name())
authorSketchesSketch.title = self.request.get('title_input')
authorSketchesSketch.published = shouldItBePublished
authorSketchesSketch.randomID = sketch.randomID
authorSketchesSketch.tags_commas = self.request.get('tags')
authorSketchesSketch.put()
AuthorSketchesSketch_change = False
if GallerySketch_add:
gallerySketch = GallerySketch(key_name=sketch.key().name())
if user.user:
gallerySketch.author_nickname = user.nickname
else:
gallerySketch.author_nickname = "anonymous"
gallerySketch.title = self.request.get('title_input')
gallerySketch.published = shouldItBePublished
gallerySketch.randomID = sketch.randomID
gallerySketch.tags_commas = self.request.get('tags')
gallerySketch.put()
GallerySketch_change = False
# if you have to delete, delete, and set the "change" flag to false so that
# you don't blindly change those entries soon after you've added
if AuthorSketchesSketch_delete:
q1 = db.GqlQuery(
"SELECT * FROM AuthorSketchesSketch WHERE randomID = :1",
randomID).fetch(1)
q1[0].delete()
AuthorSketchesSketch_change = False
if GallerySketch_delete:
q2 = GallerySketch.get_by_key_name(sketch.key().name())
q2.delete()
GallerySketch_change = False
# any change to the AuthorSketches or GallerySketch tables only happens if the sketch is public,
# cause otherwise those two sketch records aren't just going to be there in the first place!
if (sketch.published):
# ok now check the "change" flags. If they are still on, it means that the title or
# tag have changed, and the published flag hasn't changed (so it's not like you just
# added or deleted the records), so you have to effectively
# go and fish the records out of the database and change them
if AuthorSketchesSketch_change:
# need to fetch the other tables (gallery, my page and by author) and change them
q3 = db.GqlQuery(
"SELECT * FROM AuthorSketchesSketch WHERE randomID = :1",
randomID).fetch(1)
q3[0].title = self.request.get('title_input')
q3[0].tags_commas = self.request.get('tags')
q3[0].put()
if GallerySketch_change:
q4 = GallerySketch.get_by_key_name(sketch.key().name())
q4.title = self.request.get('title_input')
q4.tags_commas = self.request.get('tags')
q4.put()
################################################################################
################################################################################
sketch.set_title(self.request.get('title_input'))
sketch.description = util.Sanitize(self.request.get('text_input'))
sketch.published = (shouldItBePublished)
sketch.sourceCode = self.request.get(
'text_input2').rstrip().lstrip()
sketch.sourceCode = sketch.sourceCode.replace('&', '&')
sketch.sourceCode = sketch.sourceCode.replace('<', '<')
sketch.sourceCode = sketch.sourceCode.replace(' ', ' ')
sketch.sourceCode = sketch.sourceCode.replace('\r\n', '<br>')
sketch.sourceCode = sketch.sourceCode.replace('\n', '<br>')
sketch.sourceCode = sketch.sourceCode.replace('\r', '<br>')
sketch.sourceCode = sketch.sourceCode.replace(
'\t', ' ')
sketch.sourceCode = sketch.sourceCode.replace('"', '"')
sketch.sourceCode = sketch.sourceCode.replace("'", ''')
sketch.tags_commas = self.request.get('tags')
sketch.update()
## now, finally, this uploads the thumbnail
thumbnailData = self.request.get('thumbnailData')
#logging.info('thumbnail data: ' + thumbnailData)
if thumbnailData != "":
logging.info(
'thumbnail data not empty - adding/overwriting thumbnail')
thumbnailUploaderObject = thumbnailUploaderClass()
thumbnailUploaderObject.doTheUpload(sketch.randomID,
thumbnailData)
else:
logging.info('no thumbnail data')
# note that we don't tell anonymous users what happened - this is to make
# bots' life a tiny little bit more complicated
if user.user and suspiciousContent and (
'published' in self.request.arguments()):
self.redirect("/sketchNotMadePublicNotice.html?sketchID=" +
sketch.randomID)
else:
self.redirect(sketch.full_permalink())
else:
if self.request.method == 'GET':
self.redirect("/403.html")
else:
self.error(403) # User didn't meet role.
def post(self):
self.session = True
user = UserInfo()
user.whoIs(self)
if 'published' in self.request.arguments():
logging.info(
'adding a sketch and the published field has been sent')
preview = self.request.get('preview')
submitted = self.request.get('submitted')
published = ('published' in self.request.arguments())
theKey = Sketch.generateKey()
sketch = Sketch(key_name=theKey)
sketch.sourceCode = self.request.get('text_input2').rstrip().lstrip()
sketch.description = util.Sanitize(self.request.get('text_input'))
# minimal protection against spammers, redirect to root if the program contains too many urls
#logging.info('occurrences of http ' + str(sketch.sourceCode.count("http")))
sketch_sourceCode_count_http = sketch.sourceCode.count("http://")
sketch_sourceCode_count_url_http = sketch.sourceCode.count(
"[url=http://")
sketch_description_count_http = sketch.description.count("http://")
if sketch_sourceCode_count_http > 10:
self.redirect("/")
return
if sketch_sourceCode_count_url_http > 0:
self.redirect("/")
return
if sketch_description_count_http > 7:
self.redirect("/")
return
if sketch_description_count_http + sketch_sourceCode_count_http > 12:
self.redirect("/")
return
sketch_title = self.request.get('title_input')
# now let's check in some other ways if the content is suspicious
suspiciousContent = False
sketch_title = self.request.get('title_input')
sketch_tags_commas = self.request.get('tags')
suspiciousContent = False
if is_suspicious(sketch_title, sketch_tags_commas):
suspiciousContent = True
if any(util.doesItContainProfanity(text)\
for text in(sketch_title,
sketch.sourceCode,
sketch.description)
):
suspiciousContent = True
gallerySketch = GallerySketch(
key_name=theKey
) # the gallery must be ordered by time, most recent first
if user.user:
#authorSketchesSketch = AuthorSketchesSketch(key_name = "-"+util.convDecToBase(string._long(user.user_id),62) + theKey)
#mySketchesSketch = MySketchesSketch(key_name = "-"+util.convDecToBase(string._long(user.user_id),62) + theKey)
user_id_in_fixed_digits = '-%023d' % (int(user.user_id))
authorSketchesSketch = AuthorSketchesSketch(
key_name=user_id_in_fixed_digits + theKey)
mySketchesSketch = MySketchesSketch(
key_name=user_id_in_fixed_digits + theKey)
authorSketchesSketch.user_id_string = util.convDecToBase(
string._long(user.user_id), 62)
mySketchesSketch.user_id_string = util.convDecToBase(
string._long(user.user_id), 62)
else:
authorSketchesSketch = AuthorSketchesSketch(key_name='-%023d' %
(0) + theKey)
mySketchesSketch = MySketchesSketch(key_name='-%023d' % (0) +
theKey)
authorSketchesSketch.user_id_string = "anonymous"
mySketchesSketch.user_id_string = "anonymous"
# propagate the "suspicious" flag in all the records that we are adding
sketch.suspiciousContent = suspiciousContent
gallerySketch.suspiciousContent = suspiciousContent
authorSketchesSketch.suspiciousContent = suspiciousContent
mySketchesSketch.suspiciousContent = suspiciousContent
sketch.set_title(sketch_title)
gallerySketch.title = sketch.title
authorSketchesSketch.title = sketch.title
mySketchesSketch.title = sketch.title
if suspiciousContent == True:
sketch.published = False
authorSketchesSketch.published = False
mySketchesSketch.published = False
elif user.user:
sketch.published = published
authorSketchesSketch.published = published
mySketchesSketch.published = published
else:
sketch.published = True
authorSketchesSketch.published = True
mySketchesSketch.published = True
sketch.sourceCode = clean_sourcecode(sketch.sourceCode)
#sketch.author_user = user.user
sketch.author_email = user.email
sketch.author_user_id = user.user_id
if user.user:
sketch.author_string_user_id = util.convDecToBase(
string._long(user.user_id), 62)
sketch.author_nickname = user.nickname
else:
sketch.author_string_user_id = "anonymous"
sketch.author_nickname = "anonymous"
if user.user:
gallerySketch.author_nickname = user.nickname
else:
gallerySketch.author_nickname = "anonymous"
sketch.tags_commas = self.request.get('tags')
gallerySketch.tags_commas = self.request.get('tags')
authorSketchesSketch.tags_commas = self.request.get('tags')
mySketchesSketch.tags_commas = self.request.get('tags')
template_values = {
'sketch': sketch,
'published': sketch.published,
'preview': preview,
'submitted': submitted,
'action': "addBlog",
'tags': self.request.get('tags'),
}
sketch.set_randomID()
sketch.parentSketchRandomID = self.request.get('parentSketchRandomID')
if sketch.parentSketchRandomID is None:
sketch.parentSketchRandomID = ''
if sketch.parentSketchRandomID == '':
sketch.oldestParentSketchRandomID = sketch.randomID
else:
sketch.oldestParentSketchRandomID = self.request.get(
'oldestParentSketchRandomID')
sketch.set_parents(self.request.get('parent_idList'),
self.request.get('parent_nicknamesList'))
gallerySketch.randomID = sketch.randomID
authorSketchesSketch.randomID = sketch.randomID
mySketchesSketch.randomID = sketch.randomID
sketch.save()
# if this is an anonymous user adding a sketch, we have forced this flag to True
if sketch.published:
authorSketchesSketch.save()
gallerySketch.save()
mySketchesSketch.save()
## now, finally, this uploads the thumbnail
thumbnailData = self.request.get('thumbnailData')
#logging.info('add blog, thumbnail data: ' + thumbnailData)
if thumbnailData != "":
logging.info(
'add blog, thumbnail data not empty - adding/overwriting thumbnail'
)
thumbnailUploaderObject = thumbnailUploaderClass()
thumbnailUploaderObject.doTheUpload(sketch.randomID, thumbnailData)
else:
logging.info('add blog, no thumbnail data')
if user.user and suspiciousContent and ('published'
in self.request.arguments()):
self.redirect("/sketchNotMadePublicNotice.html?sketchID=" +
sketch.randomID)
else:
self.redirect(sketch.full_permalink())
def post(self,randomID):
logging.info('editing the sketch')
randomID = randomID.replace("/","")
sketch = Sketch.get_by_randomID(randomID)
# this big blot inserted by Davide Della Casa
self.session = True
user = UserInfo()
user.whoIs(self)
if ((sketch.author_user_id == user.user_id) or (user.is_current_user_admin)):
if(sketch is None):
self.redirect('/index.html')
################################################################################
################################################################################
# and now for some serious tiptapping. On top of the sketch table, there are other
# tables to change.
# first, if the published flag changes, then the entries in the gallery and in the by_author
# table need to either be inserted or be deleted
# that said, also if the title or the tags change, then you need to modify the entries
# in all the three tables (unless you just deleted or added them)
AuthorSketchesSketch_add = False
AuthorSketchesSketch_change = False
AuthorSketchesSketch_delete = False
GallerySketch_add = False
GallerySketch_change = False
GallerySketch_delete = False
if 'published' in self.request.arguments():
logging.info('editing a sketch and the published field has been sent')
# check if the edited sketch has become suspicious
sketch_title = self.request.get('title_input')
sketch_tags_commas = self.request.get('tags')
suspiciousContent = False
if is_suspicious(sketch_title,sketch_tags_commas):
suspiciousContent = True
if util.doesItContainProfanity(sketch_title):
suspiciousContent = True
logging.info('this sketch is dirrrrrrrty')
# Anonymous users can't create unpublished sketches,
# so we override the flag of the form if the case
if suspiciousContent == True:
logging.info('forcing the sketch to unpublishing because it is so dirty')
shouldItBePublished = False
elif user.user:
shouldItBePublished = ('published' in self.request.arguments())
else:
shouldItBePublished = True
# first, check if the title or the tags changed
# if so, then you modify the MySketchesSketch table right away
# and you mark the AuthorSketchesSketch and the GallerySketch table as
# *potentially* to be modified ( *potentially* because you might have to just add those
# entries anew or delete them, depending on whether the published flag has changed)
if ((sketch.title != sketch_title) or (sketch.tags_commas != self.request.get('tags'))):
q0 = db.GqlQuery("SELECT * FROM MySketchesSketch WHERE randomID = :1", randomID).fetch(1)
q0[0].title = sketch_title
q0[0].tags_commas = self.request.get('tags')
q0[0].published = (shouldItBePublished)
q0[0].put()
#
AuthorSketchesSketch_change = True
GallerySketch_change = True
# now you check how the published flag changes to see if the entries
# in the other two tables need to be added or deleted
if ((sketch.published == True) and (shouldItBePublished==False)):
logging.info('unpublishing a sketch')
AuthorSketchesSketch_delete = True
GallerySketch_delete = True
if ((sketch.published == False) and (shouldItBePublished==True)):
logging.info('making a sketch public')
AuthorSketchesSketch_add = True
GallerySketch_add = True
# if you have to add, add, and set the "change" flag to false so that
# you don't blindly change this record soon after you've added it
if AuthorSketchesSketch_add :
authorSketchesSketch = AuthorSketchesSketch(key_name = '-%023d' % int(user.user_id) + sketch.key().name())
authorSketchesSketch.title = self.request.get('title_input')
authorSketchesSketch.published = shouldItBePublished
authorSketchesSketch.randomID = sketch.randomID
authorSketchesSketch.tags_commas = self.request.get('tags')
authorSketchesSketch.put()
AuthorSketchesSketch_change = False
if GallerySketch_add :
gallerySketch = GallerySketch(key_name = sketch.key().name())
if user.user:
gallerySketch.author_nickname = user.nickname
else:
gallerySketch.author_nickname = "anonymous"
gallerySketch.title = self.request.get('title_input')
gallerySketch.published = shouldItBePublished
gallerySketch.randomID = sketch.randomID
gallerySketch.tags_commas = self.request.get('tags')
gallerySketch.put()
GallerySketch_change = False
# if you have to delete, delete, and set the "change" flag to false so that
# you don't blindly change those entries soon after you've added
if AuthorSketchesSketch_delete :
q1 = db.GqlQuery("SELECT * FROM AuthorSketchesSketch WHERE randomID = :1", randomID).fetch(1)
q1[0].delete()
AuthorSketchesSketch_change = False
if GallerySketch_delete :
q2 = GallerySketch.get_by_key_name(sketch.key().name())
q2.delete()
GallerySketch_change = False
# any change to the AuthorSketches or GallerySketch tables only happens if the sketch is public,
# cause otherwise those two sketch records aren't just going to be there in the first place!
if (sketch.published) :
# ok now check the "change" flags. If they are still on, it means that the title or
# tag have changed, and the published flag hasn't changed (so it's not like you just
# added or deleted the records), so you have to effectively
# go and fish the records out of the database and change them
if AuthorSketchesSketch_change :
# need to fetch the other tables (gallery, my page and by author) and change them
q3 = db.GqlQuery("SELECT * FROM AuthorSketchesSketch WHERE randomID = :1", randomID).fetch(1)
q3[0].title = self.request.get('title_input')
q3[0].tags_commas = self.request.get('tags')
q3[0].put()
if GallerySketch_change :
q4 = GallerySketch.get_by_key_name(sketch.key().name())
q4.title = self.request.get('title_input')
q4.tags_commas = self.request.get('tags')
q4.put()
################################################################################
################################################################################
sketch.set_title(self.request.get('title_input'))
sketch.description = util.Sanitize(self.request.get('text_input'))
sketch.published = (shouldItBePublished)
sketch.sourceCode = self.request.get('text_input2').rstrip().lstrip()
sketch.sourceCode = sketch.sourceCode.replace('&','&')
sketch.sourceCode = sketch.sourceCode.replace('<','<')
sketch.sourceCode = sketch.sourceCode.replace(' ',' ')
sketch.sourceCode = sketch.sourceCode.replace('\r\n','<br>')
sketch.sourceCode = sketch.sourceCode.replace('\n','<br>')
sketch.sourceCode = sketch.sourceCode.replace('\r','<br>')
sketch.sourceCode = sketch.sourceCode.replace('\t',' ')
sketch.sourceCode = sketch.sourceCode.replace('"','"')
sketch.sourceCode = sketch.sourceCode.replace("'", ''')
sketch.tags_commas = self.request.get('tags')
sketch.update()
## now, finally, this uploads the thumbnail
thumbnailData = self.request.get('thumbnailData')
#logging.info('thumbnail data: ' + thumbnailData)
if thumbnailData != "":
logging.info('thumbnail data not empty - adding/overwriting thumbnail')
thumbnailUploaderObject = thumbnailUploaderClass()
thumbnailUploaderObject.doTheUpload(sketch.randomID,thumbnailData)
else:
logging.info('no thumbnail data')
# note that we don't tell anonymous users what happened - this is to make
# bots' life a tiny little bit more complicated
if user.user and suspiciousContent and ('published' in self.request.arguments()):
self.redirect("/sketchNotMadePublicNotice.html?sketchID="+sketch.randomID)
else:
self.redirect(sketch.full_permalink())
else:
if self.request.method == 'GET':
self.redirect("/403.html")
else:
self.error(403) # User didn't meet role.
def get(self):
originaluserIDasString = "anonymous"
# this big blot inserted by Davide Della Casa
self.session = True
user = UserInfo()
user.whoIs(self)
if not user.is_current_user_admin:
self.redirect('/index.html')
next = None
PAGESIZE = 30
util.insertUsersideCookies(self)
# we get it in the form davidedc-2jaidlbSQRSE and we only want 2jaidlbSQRSE
userIDasString = "anonymous"
userIDasString = '%023d' % (0)
logging.info('searching for anonymous sketches, user id is 23 zeroes')
self.session = True
user = UserInfo()
user.whoIs(self)
# we'll be using this variable later and it better not be null
if user.user_id == None:
user.user_id = "0";
logging.info('comparing ' + ('%023d' % int(user.user_id)) + " to " + userIDasString)
logging.info('admin looking at anonymous sketches')
# note that we can fetch the sketches from the AuthorSketchesSketch table
# because all anonymous sketches are public.
bookmark = self.request.get("bookmark")
if self.request.get("bookmark"):
bookmark = Key(self.request.get("bookmark"))
else:
bookmark = Key.from_path('AuthorSketchesSketch',"-"+userIDasString + ZERO_FILL)
endKey = Key.from_path('AuthorSketchesSketch','-%023d' % (int(userIDasString) + 1) + ZERO_FILL)
q = db.GqlQuery("SELECT * FROM AuthorSketchesSketch WHERE __key__ >= :1 AND __key__ < :2",bookmark,endKey)
logging.info('starting key ' + str(bookmark))
logging.info('end key ' + str(endKey))
ANONYMOUSSKETCHESFETCHSIZE = 1000
sketches = q.fetch(ANONYMOUSSKETCHESFETCHSIZE+1)
logging.info('number of sketches found: ' + str(len(sketches)))
if len(sketches) == ANONYMOUSSKETCHESFETCHSIZE + 1:
next = str(sketches[-1].key())
sketches = sketches[:ANONYMOUSSKETCHESFETCHSIZE]
if next is None:
next = ""
for sketch in sketches:
sketch.stringtags = util.shorten(" ".join(sketch.tags),18)
template_values = {
'sketches':sketches,
'bookmark':bookmark,
'next':next,
'action':"sketchesByUploader",
'userIDasString':originaluserIDasString,
'headerTitle':"By submitter",
}
self.generate('allAnonymousSketchesTemplate.html',template_values)
def get(self,originaluserIDasString):
next = None
PAGESIZE = 30
util.insertUsersideCookies(self)
# we get it in the form davidedc-2jaidlbSQRSE and we only want 2jaidlbSQRSE
userIDasString = originaluserIDasString.partition('-')[2]
logging.info('most weird: sometimes this ends with justcorners.js : ' + userIDasString)
userIDasString = userIDasString.partition('/')[0]
if userIDasString != "anonymous":
userIDasString = '%023d' % (util.toBase10(userIDasString,62))
logging.info('coverting to 23 digits: ' + userIDasString)
logging.info('after cleanup, query starts from ' + "-"+userIDasString + ZERO_FILL)
logging.info('query ends at ' + '-%023d' % (int(userIDasString) + 1) + ZERO_FILL)
else:
userIDasString = '%023d' % (0)
logging.info('searching for anonymous sketches, user id is 23 zeroes')
self.session = True
user = UserInfo()
user.whoIs(self)
# we'll be using this variable later and it better not be null
if user.user_id == None:
user.user_id = "0";
logging.info('comparing ' + ('%023d' % int(user.user_id)) + " to " + userIDasString)
if ('%023d' % int(user.user_id)) != userIDasString:
logging.info('user is looking at someone else\'s sketches, showing only public sketches from AuthorSketchesSketch table')
bookmark = self.request.get("bookmark")
if self.request.get("bookmark"):
bookmark = Key(self.request.get("bookmark"))
else:
bookmark = Key.from_path('AuthorSketchesSketch',"-"+userIDasString + ZERO_FILL)
endKey = Key.from_path('AuthorSketchesSketch','-%023d' % (int(userIDasString) + 1) + ZERO_FILL)
q = db.GqlQuery("SELECT * FROM AuthorSketchesSketch WHERE __key__ >= :1 AND __key__ < :2",bookmark,endKey)
else:
logging.info('user is looking at his own sketches, showing private and public sketches from MySketchesSketch table')
if self.request.get("bookmark"):
bookmark = Key(self.request.get("bookmark"))
else:
bookmark = Key.from_path('MySketchesSketch','-%023d' % (int(user.user_id)) + SKETCH_ZEROS)
endKey = Key.from_path('MySketchesSketch','-%023d' % (int(user.user_id) + 1) + SKETCH_ZEROS)
q = db.GqlQuery("SELECT * FROM MySketchesSketch WHERE __key__ >= :1 AND __key__ < :2",bookmark,endKey)
logging.info('starting key ' + str(bookmark))
logging.info('end key ' + str(endKey))
sketches = q.fetch(PAGESIZE+1)
logging.info('number of sketches found: ' + str(len(sketches)))
if len(sketches) == PAGESIZE + 1:
next = str(sketches[-1].key())
sketches = sketches[:PAGESIZE]
if next is None:
next = ""
for sketch in sketches:
sketch.stringtags = util.shorten(" ".join(sketch.tags),18)
template_values = {
'sketches':sketches,
'bookmark':bookmark,
'next':next,
'action':"sketchesByUploader",
'userIDasString':originaluserIDasString,
'headerTitle':"By submitter",
}
self.generate('galleryTemplate.html',template_values)
def post(self):
self.session = True
user = UserInfo()
user.whoIs(self)
if 'published' in self.request.arguments():
logging.info('adding a sketch and the published field has been sent')
preview = self.request.get('preview')
submitted = self.request.get('submitted')
published = ('published' in self.request.arguments())
theKey = Sketch.generateKey()
sketch = Sketch(key_name = theKey)
sketch.sourceCode = self.request.get('text_input2').rstrip().lstrip()
sketch.description = util.Sanitize(self.request.get('text_input'))
# minimal protection against spammers, redirect to root if the program contains too many urls
#logging.info('occurrences of http ' + str(sketch.sourceCode.count("http")))
sketch_sourceCode_count_http = sketch.sourceCode.count("http://")
sketch_sourceCode_count_url_http = sketch.sourceCode.count("[url=http://")
sketch_description_count_http = sketch.description.count("http://")
if sketch_sourceCode_count_http > 10:
self.redirect("/")
return
if sketch_sourceCode_count_url_http > 0:
self.redirect("/")
return
if sketch_description_count_http > 7:
self.redirect("/")
return
if sketch_description_count_http + sketch_sourceCode_count_http > 12:
self.redirect("/")
return
sketch_title = self.request.get('title_input')
# now let's check in some other ways if the content is suspicious
suspiciousContent = False
sketch_title = self.request.get('title_input')
sketch_tags_commas = self.request.get('tags')
suspiciousContent = False
if is_suspicious(sketch_title,sketch_tags_commas):
suspiciousContent = True
if any(util.doesItContainProfanity(text)\
for text in(sketch_title,
sketch.sourceCode,
sketch.description)
):
suspiciousContent = True
gallerySketch = GallerySketch(key_name = theKey) # the gallery must be ordered by time, most recent first
if user.user:
#authorSketchesSketch = AuthorSketchesSketch(key_name = "-"+util.convDecToBase(string._long(user.user_id),62) + theKey)
#mySketchesSketch = MySketchesSketch(key_name = "-"+util.convDecToBase(string._long(user.user_id),62) + theKey)
user_id_in_fixed_digits = '-%023d' % (int(user.user_id))
authorSketchesSketch = AuthorSketchesSketch(key_name = user_id_in_fixed_digits + theKey)
mySketchesSketch = MySketchesSketch(key_name = user_id_in_fixed_digits + theKey)
authorSketchesSketch.user_id_string = util.convDecToBase(string._long(user.user_id),62)
mySketchesSketch.user_id_string = util.convDecToBase(string._long(user.user_id),62)
else:
authorSketchesSketch = AuthorSketchesSketch(key_name = '-%023d' % (0) + theKey)
mySketchesSketch = MySketchesSketch(key_name = '-%023d' % (0) + theKey)
authorSketchesSketch.user_id_string = "anonymous"
mySketchesSketch.user_id_string = "anonymous"
# propagate the "suspicious" flag in all the records that we are adding
sketch.suspiciousContent = suspiciousContent
gallerySketch.suspiciousContent = suspiciousContent
authorSketchesSketch.suspiciousContent = suspiciousContent
mySketchesSketch.suspiciousContent = suspiciousContent
sketch.set_title(sketch_title)
gallerySketch.title = sketch.title
authorSketchesSketch.title = sketch.title
mySketchesSketch.title = sketch.title
if suspiciousContent == True:
sketch.published = False
authorSketchesSketch.published = False
mySketchesSketch.published = False
elif user.user:
sketch.published = published
authorSketchesSketch.published = published
mySketchesSketch.published = published
else:
sketch.published = True
authorSketchesSketch.published = True
mySketchesSketch.published = True
sketch.sourceCode = clean_sourcecode(sketch.sourceCode)
#sketch.author_user = user.user
sketch.author_email = user.email
sketch.author_user_id = user.user_id
if user.user:
sketch.author_string_user_id = util.convDecToBase(string._long(user.user_id),62)
sketch.author_nickname = user.nickname
else:
sketch.author_string_user_id = "anonymous"
sketch.author_nickname = "anonymous"
if user.user:
gallerySketch.author_nickname = user.nickname
else:
gallerySketch.author_nickname = "anonymous"
sketch.tags_commas = self.request.get('tags')
gallerySketch.tags_commas = self.request.get('tags')
authorSketchesSketch.tags_commas = self.request.get('tags')
mySketchesSketch.tags_commas = self.request.get('tags')
template_values = {
'sketch': sketch,
'published': sketch.published,
'preview': preview,
'submitted': submitted,
'action': "addBlog",
'tags': self.request.get('tags'),
}
sketch.set_randomID()
sketch.parentSketchRandomID = self.request.get('parentSketchRandomID')
if sketch.parentSketchRandomID is None:
sketch.parentSketchRandomID = ''
if sketch.parentSketchRandomID == '':
sketch.oldestParentSketchRandomID = sketch.randomID;
else:
sketch.oldestParentSketchRandomID = self.request.get('oldestParentSketchRandomID')
sketch.set_parents(self.request.get('parent_idList'),self.request.get('parent_nicknamesList'))
gallerySketch.randomID = sketch.randomID
authorSketchesSketch.randomID = sketch.randomID
mySketchesSketch.randomID = sketch.randomID
sketch.save()
# if this is an anonymous user adding a sketch, we have forced this flag to True
if sketch.published:
authorSketchesSketch.save()
gallerySketch.save()
mySketchesSketch.save()
## now, finally, this uploads the thumbnail
thumbnailData = self.request.get('thumbnailData')
#logging.info('add blog, thumbnail data: ' + thumbnailData)
if thumbnailData != "":
logging.info('add blog, thumbnail data not empty - adding/overwriting thumbnail')
thumbnailUploaderObject = thumbnailUploaderClass()
thumbnailUploaderObject.doTheUpload(sketch.randomID,thumbnailData)
else:
logging.info('add blog, no thumbnail data')
if user.user and suspiciousContent and ('published' in self.request.arguments()):
self.redirect("/sketchNotMadePublicNotice.html?sketchID="+sketch.randomID)
else:
self.redirect(sketch.full_permalink())
def insertUsersideCookies(requester):
"""
firstLogin = requester.request.cookies.get('firstLogin', '')
"""
#
firstLogin = False
#
if not firstLogin:
"""
if not users.get_current_user():
requester.redirect(authorized.getLoginPage())
return
logging.info('firstLogin' + str(users.get_current_user()))
requester.response.headers.add_header('Set-Cookie', 'user.is_current_user_admin=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % users.is_current_user_admin())
requester.response.headers.add_header('Set-Cookie', 'user.user=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % str(users.get_current_user()))
requester.response.headers.add_header('Set-Cookie', 'user.user_id=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % users.get_current_user().user_id())
requester.response.headers.add_header('Set-Cookie', 'firstLogin=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % "True")
requester.response.headers.add_header('Set-Cookie', 'user.nickname=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % (users.get_current_user().nickname()).partition("@"))[0].replace(".","_")
"""
#
user = UserInfo()
user.whoIs(requester)
if user.user:
requester.response.headers.add_header(
'Set-Cookie',
'user.is_current_user_admin=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% str(user.is_current_user_admin))
requester.response.headers.add_header(
'Set-Cookie',
'user.user=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' %
str(user.user))
requester.response.headers.add_header(
'Set-Cookie',
'user.user_id=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% str(user.user_id))
requester.response.headers.add_header(
'Set-Cookie',
'firstLogin=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% "True")
requester.response.headers.add_header(
'Set-Cookie',
'user.nickname=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% str(user.nickname))
else:
requester.response.headers.add_header(
'Set-Cookie',
'groupLoginCode=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% "None")
requester.response.headers.add_header(
'Set-Cookie',
'user.user_id=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% "None")
requester.response.headers.add_header(
'Set-Cookie',
'user.is_current_user_admin=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% "None")
requester.response.headers.add_header(
'Set-Cookie',
'user.user=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' %
"None")
requester.response.headers.add_header(
'Set-Cookie',
'user.nickname=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% "Anonymous")
#
else:
requester.session = True
user = UserInfo(requester.session)
user.whoIs(requester)
# if the user is logged in, then have him to remember his userID on the client side
# this is so the page can independently format themselves on the client side
# depending on who the user is. We validate his permissions on the server side too,
# but we delegate the presentation details to the client so we don't have to generate
# different pages, we can keep one in cache and we are happy.
if user.user:
user_id = requester.request.cookies.get('user.user_id', '')
if not user_id:
logging.info('user.user_id: ' + str(user.user_id))
requester.response.headers.add_header(
'Set-Cookie',
'user.user_id=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% str(user.user_id))
is_current_user_admin = requester.request.cookies.get(
'user.is_current_user_admin', '')
if not is_current_user_admin:
logging.info('user.is_current_user_admin: ' +
str(user.is_current_user_admin))
requester.response.headers.add_header(
'Set-Cookie',
'user.is_current_user_admin=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% str(user.is_current_user_admin))
useruser = requester.request.cookies.get('user.user', '')
if not useruser:
logging.info('user.user: '******'Set-Cookie',
'user.user=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% str(user.user))
usernickname = requester.request.cookies.get('user.nickname', '')
if not usernickname:
logging.info('user.nickname: ' + str(user.user))
requester.response.headers.add_header(
'Set-Cookie',
'user.nickname=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% str(user.nickname))
else:
requester.response.headers.add_header(
'Set-Cookie',
'user.user_id=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% "None")
requester.response.headers.add_header(
'Set-Cookie',
'user.is_current_user_admin=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% "None")
requester.response.headers.add_header(
'Set-Cookie',
'user.user=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' %
"None")
requester.response.headers.add_header(
'Set-Cookie',
'user.nickname=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/'
% "Anonymous")
def insertUsersideCookies(requester):
"""
firstLogin = requester.request.cookies.get('firstLogin', '')
"""
#
firstLogin = False
#
if not firstLogin:
"""
if not users.get_current_user():
requester.redirect(authorized.getLoginPage())
return
logging.info('firstLogin' + str(users.get_current_user()))
requester.response.headers.add_header('Set-Cookie', 'user.is_current_user_admin=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % users.is_current_user_admin())
requester.response.headers.add_header('Set-Cookie', 'user.user=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % str(users.get_current_user()))
requester.response.headers.add_header('Set-Cookie', 'user.user_id=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % users.get_current_user().user_id())
requester.response.headers.add_header('Set-Cookie', 'firstLogin=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % "True")
requester.response.headers.add_header('Set-Cookie', 'user.nickname=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % (users.get_current_user().nickname()).partition("@"))[0].replace(".","_")
"""
#
user = UserInfo()
user.whoIs(requester)
if user.user:
requester.response.headers.add_header('Set-Cookie', 'user.is_current_user_admin=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % str(user.is_current_user_admin))
requester.response.headers.add_header('Set-Cookie', 'user.user=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % str(user.user))
requester.response.headers.add_header('Set-Cookie', 'user.user_id=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % str(user.user_id))
requester.response.headers.add_header('Set-Cookie', 'firstLogin=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % "True")
requester.response.headers.add_header('Set-Cookie', 'user.nickname=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % str(user.nickname))
else:
requester.response.headers.add_header('Set-Cookie', 'groupLoginCode=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % "None")
requester.response.headers.add_header('Set-Cookie', 'user.user_id=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % "None")
requester.response.headers.add_header('Set-Cookie', 'user.is_current_user_admin=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % "None")
requester.response.headers.add_header('Set-Cookie', 'user.user=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % "None")
requester.response.headers.add_header('Set-Cookie', 'user.nickname=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % "Anonymous")
#
else:
requester.session = True
user = UserInfo(requester.session)
user.whoIs(requester)
# if the user is logged in, then have him to remember his userID on the client side
# this is so the page can independently format themselves on the client side
# depending on who the user is. We validate his permissions on the server side too,
# but we delegate the presentation details to the client so we don't have to generate
# different pages, we can keep one in cache and we are happy.
if user.user:
user_id = requester.request.cookies.get('user.user_id', '')
if not user_id:
logging.info('user.user_id: '+ str(user.user_id))
requester.response.headers.add_header('Set-Cookie', 'user.user_id=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % str(user.user_id))
is_current_user_admin = requester.request.cookies.get('user.is_current_user_admin', '')
if not is_current_user_admin:
logging.info('user.is_current_user_admin: '+ str(user.is_current_user_admin))
requester.response.headers.add_header('Set-Cookie', 'user.is_current_user_admin=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % str(user.is_current_user_admin))
useruser = requester.request.cookies.get('user.user', '')
if not useruser:
logging.info('user.user: '******'Set-Cookie', 'user.user=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % str(user.user))
usernickname = requester.request.cookies.get('user.nickname', '')
if not usernickname:
logging.info('user.nickname: '+str(user.user))
requester.response.headers.add_header('Set-Cookie', 'user.nickname=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % str(user.nickname))
else:
requester.response.headers.add_header('Set-Cookie', 'user.user_id=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % "None")
requester.response.headers.add_header('Set-Cookie', 'user.is_current_user_admin=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % "None")
requester.response.headers.add_header('Set-Cookie', 'user.user=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % "None")
requester.response.headers.add_header('Set-Cookie', 'user.nickname=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % "Anonymous")