def post(self, page_title): uname = self.request.cookies.get("uname") # this is vulnerable to fake cookies if not uname or uname == '': self.redirect("/login") content = self.request.get("content") page = Page(title=page_title, body=content) q = page.all() q.filter("title =", page_title) for q_page in q: # delete all the fuckers q_page.delete() page.put() sleep(1) # ugly hack, otherwise the WikiPage cannot find the page in db self.redirect(page_title)
def get(self, page_title): uname = self.request.cookies.get("uname") # this is vulnerable to fake cookies if not uname or uname == '': self.redirect("/login") page_content = '' q = Page.all() q.filter("title =", page_title) if q.count() > 0: page_content = q.get().body self.render("page.html", username=uname, logged_in=True, edit_box=True, page_content=page_content, submit_url=self.request.url, view_url=page_title)
def get(self, page_title): uname = self.request.cookies.get("uname") # this is vulnerable to fake cookies logged_in, page_content = uname is not None and uname != '', '' q = Page.all() q.filter("title =", page_title) if q.count() > 0: page_content = q.get().body self.render("page.html", username=uname, logged_in=logged_in, edit_box=False, page_content=page_content, edit_url="/_edit" + page_title) else: self.redirect("/" + "_edit" + self.request.path)