def set_friend_status(params, request): friend_id = params.get('friend_id') assert friend_id status = params.get('status') if status != 'friend': status = 'deleted' res = { 'friend_status': status } user = auth.MyUser(request, force=True) if user.set_sid: res['sid'] = user.set_sid db = mydb.MyDB() db.SqlQueryRecord(db.sql('sport/friend_set_status'), { 'member_id': user.get_user_id(), 'friend_id': friend_id, 'status': status }) return res
def comments_mod(request): """ Модерирование комментариев """ db = mydb.MyDB() context = get_default_context(request) user = auth.MyUser(request) if not user.is_editor(): return render(request, 'app/static/403.html', context) _sql = db.sql('mod_comments') sql = _sql.format(cols='count(*) cnt', orderby='') context['COUNT_COMMENTS'] = db.SqlQueryScalar(sql) sql = _sql.format(cols='*', orderby='ORDER BY m.time DESC LIMIT 30') rs = db.SqlQuery(sql) comments = [] for r in rs: m = get_message_text(request, r, is_comment=True) m['parent'] = get_url_comment(r['id']) comments.append(m) context['comments'] = comments return render(request, 'app/mod/comments.html', context)
def get_message(params, request): """ Получение сообщения для формы редактирования сообщения """ mid = int(params['id']) user = auth.MyUser(request) db = mydb.MyDB() if not user.is_editor(): raise Exception('У вас нет прав изменять это сообщение.') rs = db.SqlQuery(db.sql('message_get'), {'id': mid}) if len(rs) != 1: raise Exception('Сообщение не найдено') m = rs[0] m['text'] = m['text'].replace('[br]', '\n') m['can_delete'] = user.is_editor() m['is_comment'] = m['id_parent'] is not None and m['id_parent'] != 0 m['is_news'] = not m['is_comment'] m['is_board_theme'] = False m['is_blog_post'] = m['is_blog_post'] return m
def delete_message(params, request): user = auth.MyUser(request) mid = int(params['id']) if not user.is_editor(): raise Exception('Недостаточно прав чтобы удалить сообщение') db = mydb.MyDB() db.SqlQuery(db.sql('message_delete'), {'id': mid}, True) return {'result': True, 'message_id': mid}
def delete_teacher(params, request): user = auth.MyUser(request) if not user.is_editor(): raise Exception('Недостаточно прав чтобы удалить сообщение') db = mydb.MyDB() db.SqlQuery(db.sql('teachers_delete'), {'id': int(params['id'])}, True) return {'result': True}
def teachers_mod(request): db = mydb.MyDB() context = get_default_context(request) user = auth.MyUser(request) if not user.is_editor(): return render(request, 'app/static/403.html', context) context['teachers'] = db.SqlQuery(db.sql('mod_teachers')) return render(request, 'app/mod/teachers.html', context)
def calendar_challenge(request, challenge_id=None): """ Challenge page Args: challenge_id: int, chelenge id """ user = auth.MyUser(request) context = get_default_context(request, user=user) add_calendar_context(context, user) if challenge_id: context['CALENDAR_CHALLENGE_ID'] = challenge_id return render(request, 'app/calendar/main.html', context)
def calendar_user(request, member_id=None): """ User page Args: member_id: int, user id """ user = auth.MyUser(request) context = get_default_context(request, user=user) add_calendar_context(context, user) if member_id: context['CALENDAR_MEMBER_ID'] = member_id return render(request, 'app/calendar/main.html', context)
def teacher_write(params, request): db = mydb.MyDB() user = auth.MyUser(request) teacher_id = int(params['id']) if params.get('id') else None data = { 'name': params['name'], 'id_chair': params['id_chair'], 'subject': params['subject'], 'information': params['information'], 'fotos': params['photos'] } data['fotos'] = data['fotos'] or '' data['information'] = data['information'] or '' if teacher_id is None: allow = 'yes' if user.is_editor() else 'no' data['id'] = get_id() data['allow'] = allow db.SqlQuery(db.sql('teachers_insert'), data, True) return { 'result': True, 'teacher_msg': 'Преподаватель добавится после проверки модератором.', 'state': 'inserted' } else: # TODO: Если нет прав на редактирвоание - выходл - ошибка if not user.is_editor(): return { 'result': False, 'teacher_msg': 'Нет прав изменять данные преподователя.' } data['id'] = teacher_id db.SqlQuery(db.sql('teachers_update'), data, True) return { 'result': True, 'teacher_msg': 'Данные преподавателя изменены.', 'state': 'updated' }
def calendar(request): """ Main page """ # if we get 'code' from vk authorization - we generate sid for this user sid = None vk_code = request.GET.get('code') if vk_code: sid = auth_by_vk(vk_code) or None user = auth.MyUser(request, sid=sid) context = get_default_context(request, user=user) add_calendar_context(context, user) # send sid to HTML, then set cookies with JS context['SET_COOKIE_TOKEN'] = sid return render(request, 'app/calendar/main.html', context)
def get_member_info(params, request): member_id = params.get('member_id') db = mydb.MyDB() user = auth.MyUser(request) user_page = db.SqlQueryRecord(db.sql('sport/user_info'), {'member_id': member_id}) friends = get_friends_list(user.get_user_id()) friend_status = None if member_id in friends: friend_status = 'friend' return { 'user_info': { 'id': member_id, 'name': user_page['vk_name'], 'photo': user_page['vk_photo'], 'friend_status': friend_status } }
def news_mod(request): db = mydb.MyDB() context = get_default_context(request) user = auth.MyUser(request) if not user.is_editor(): return render(request, 'app/static/403.html', context) sql = db.sql('mod_news') rs = db.SqlQuery(sql) news = [] for r in rs: m = get_message_text(request, r) if m['category']: m['category_path'] = get_path_ID(int(m['category'])) else: m['category_path'] = '[Не выбран раздел]' news.append(m) context['news'] = news return render(request, 'app/mod/news.html', context)
def message_highload(request, page=1): """ Построение ленты блога """ db = mydb.MyDB() context = get_default_context(request) user = auth.MyUser(request) page = int(page) start = (page - 1) * consts.COUNT_MESSAGES_PAGE count_messages = rs = db.SqlQueryScalar(db.sql('blog_posts_count'), {'username': user.username}) rs = db.SqlQuery( db.sql('blog_posts'), { 'start': start, 'count': consts.COUNT_MESSAGES_PAGE, 'username': user.username }) posts = [] for r in rs: posts.append( get_message_text(request, r, is_comment=False, blog=True, preview=True)) context['posts'] = posts context['PAGE_SELECT'] = create_page_select(count_messages, consts.COUNT_MESSAGES_PAGE, page, 'page/') context['HIGHLOAD'] = True context['NAV_CAPTION'] = 'HighLoad.org' context['LEFT_MENU'] = False return render(request, 'app/highload/posts.html', context)
def get_files_for_edu_add_file(request): context = get_default_context(request) db = mydb.MyDB() user = auth.MyUser(request) bread_crumbs = [{ 'text': consts.NAV_CAPTION, 'link': '/' }, { 'text': 'Файлы для учёбы', 'link': '/files_for_edu/' }, { 'text': 'Добавить свой файл', 'last': True }] context['BREAD_CRUMBS'] = json_dumps(bread_crumbs) description = request.POST.get('ft_description', '') type_id2 = int(request.POST.get('fd_type', -1)) type2 = request.POST.get('ft_type', '') subject = int(request.POST.get('fd_subject', -1)) subject2 = request.POST.get('ft_subject', '') author = request.POST.get('ft_author', '') submit_upload = request.POST.get('submit_upload', None) settings = {} if not submit_upload: context['FILE_SETTINGS'] = json_dumps(settings) return render(request, 'app/files_for_edu/add_file.html', context) # upload_tmp_name = isset($_FILES["upload"]["tmp_name"]) ? $_FILES["upload"]["tmp_name"] : ""; # upload_name = isset($_FILES["upload"]["name"]) ? $_FILES["upload"]["name"] : ""; # upload_size = isset($_FILES["upload"]["size"]) ? (int)$_FILES["upload"]["size"] : 0; _file = request.FILES['upload'] # this is my file upload_tmp_name = '' upload_name = 'test.zip' upload_size = 100 upload_result = { 'was_add': False, 'was_upload': False, 'was_bad_ext': False, 'was_add_mod': False, 'no_subject': False, 'no_type': False, } inserted = False if is_uploaded_file(upload_tmp_name): upload_result['was_upload'] = True ext = get_ext(['.zip', '.rar'], upload_name) if ext == -1: upload_result['was_bad_ext'] = True else: subject_id = get_subject(subject, subject2) type_id = get_type(type_id2, type2) if subject_id is None: upload_result['no_subject'] = True if type_id is None: upload_result['no_type'] = True if not upload_result['no_subject'] and not upload_result['no_type']: ext = ext.lower() ID = get_id() path = consts.DOCS_PATH + ID + ext if copy(upload_tmp_name, path): ps = { 'id': ID, 'ext': ext, 'subject_id': subject_id, 'description': description, 'type_id': type_id, 'size': upload_size, 'author': author, 'uploader': user.username, 'allow': 'yes' if user.is_editor() else 'no', 'time': int(time.time()) } db.SqlQuery(db.sql('edu_files_insert'), ps, True) inserted = True upload_result['was_add'] = user.is_editor() upload_result['was_add_mod'] = not user.is_editor() if submit_upload: settings['upload_result'] = upload_result if not inserted: settings['description'] = description settings['author'] = author settings['subject_text'] = subject2 settings['type_text'] = type2 settings['subject_id'] = int(subject) settings['type_id'] = int(type_id2) context['FILE_SETTINGS'] = json_dumps(settings) return render(request, 'app/files_for_edu/add_file.html', context)
def message_write(request, message_id, captcha, id_parent, text, title='', attach=False, draft=False, board_theme=False): db = mydb.MyDB() user = auth.MyUser(request) if message_id is None and not verify_captcha(request, captcha): raise Exception('Неверно введенная капча') if message_id is not None and not user.is_editor(): raise Exception('Недостаточно прав чтобы редактировать сообщение') text = text.replace('\n', '[br]') text = text.replace('\r', '') attach_str = 'yes' if attach else 'no' draft = bool(draft) if message_id: db.SqlQuery( db.sql('message_update'), { 'id': message_id, 'text': text, 'title': title, 'attach': attach_str, 'draft': draft }, True) if board_theme: db.SqlQuery(db.sql('message_update_board'), { 'id': message_id, 'title': title }, True) else: dt_msg = int(time.time()) if board_theme: theme_id = get_id() id_parent = theme_id db.SqlQuery( db.sql('message_insert_board'), { 'id': theme_id, 'title': title, 'author': user.username, 'dt': dt_msg, 'dt_last_msg': dt_msg, 'ipb_id': None }, True) mid = get_id() db.SqlQuery( db.sql('message_insert'), { 'id': mid, 'id_parent': (0 if id_parent is None else int(id_parent)), 'title': title, 'time': dt_msg, 'text': text, 'author': user.username, 'category': (consts.USATU_NEWS_CATEGORY if id_parent is None else None), 'allow': ('yes' if user.is_editor() else 'no'), 'attach': attach_str, 'draft': draft, 'ip': get_client_ip(request) }, True) if id_parent: # Пробуем обновить дату последнего сообщения на форуме db.SqlQuery(db.sql('message_update_board_time'), { 'id': int(id_parent), 'dt_last_msg': dt_msg }, True) send_notification_mail(mid)