Exemplo n.º 1
0
    def post(self):

        if(self.request.cookies.get('user') and self.check_secure_val(self.request.cookies.get('user'))):

            frontPage = self.request.POST['frontPage']
            sidebar = self.request.POST['sidebar']
            frontPage = util.htmlify(frontPage)
            sidebar = util.htmlify(sidebar)
            # if not frontPage:
            #     frontPage = ""

            # if not sidebar:
            #     sidebar = ""

            front = databases.frontPage.all()
            if(front.count() > 0):
                for i in front:
                    i.delete()

            newFront = databases.frontPage(text = frontPage)
            newFront.put()

            side = databases.sidebar.all()
            if(side.count() > 0):
                for i in side:
                    i.delete()

            newSide = databases.sidebar(text = sidebar)
            newSide.put()
Exemplo n.º 2
0
def help_func(args,u413):
	params=args.split(' ',1)
	if args.strip()=="":
		helpout=''
		u413.type("The following commands are available:")
		helpout='<br/><table>'
		for cmd in command.cmds:
			if u413.user.level>=u413.cmds[cmd].level and not u413.cmds[cmd].hidden:
				c=u413.cmds[cmd]
				helpout+='<tr><td style="width:2em;"></td><td>'+cmd+'</td><td style="padding-left:1em;">'+command.cmds[cmd].description+"</td></tr>"
		helpout+='</table><br/>[] - optional parameter<br/>&lt;&gt; - required parameter<br/>SHIFT+ENTER to drop down to a new line.<br/>Type HELP --BBCODE for bbcode help'
		u413.donttype(helpout)
	elif params[0].upper()=="--BBCODE":
		u413.type("The following BBCodes are available:")
		out='<br/><table>'
		for code in bbcodes:
			if bbcodes[code][0]:
				out+='<tr><td style="width:2em;"></td><td>%s</td></tr>'%bbcodes[code][1]
			else:
				out+='<tr><td style="width:2em;">*</td><td>%s</td></tr>'%bbcodes[code][1]
		out+='</table><br/>(* = available on the wall)'
		u413.donttype(out)
	else:
		cmd=args.split()[0].upper()
		if cmd in command.cmds and int(command.cmds[cmd].level)<=int(u413.user.level):
			c=command.cmds[cmd]
			#change this to something that shows a more detailed help
			u413.type(cmd+' - '+c.description)
			u413.donttype("Usage: "+cmd+" "+util.htmlify (c.usage))
			for a in c.args:
				u413.donttype('<span class="tab"></span>'+a+' - '+c.args[a])
		else:
			u413.type('"%s" is not a command.'%cmd)
Exemplo n.º 3
0
def topic_func(args, u413):
    params = args.split(' ', 2)
    if len(params) == 0 or not util.isint(params[0]):
        u413.type("Invalid topic ID.")
        return
    topic = int(params[0])
    if len(params) == 1:
        page = 1
        output_page(topic, 1, u413)
    elif len(params) == 2:
        if params[1].upper() == "REPLY":
            u413.j["Command"] = "REPLY"
            u413.cmddata["topic"] = topic
            u413.continue_cmd()
        else:
            page = 1
            if util.isint(params[1]):
                page = int(params[1])
            elif params[1].upper() == 'LAST':
                page = db.count_posts(topic)
                if page == 0:
                    page = 1
                else:
                    page = math.ceil(page / 10.0)
            output_page(topic, page, u413)
    elif params[1].upper() == "REPLY":
        db.query(
            "INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"
            % (topic, u413.user.userid, db.escape(util.htmlify(params[3]))))
        u413.type("Reply made successfully.")
Exemplo n.º 4
0
 def post(self):
     if(self.request.cookies.get('user') and self.check_secure_val(self.request.cookies.get('user'))):
         user = databases.User.get_by_id(int(self.request.cookies.get('user').split('|')[0]))
         content = util.htmlify(util.escape(self.request.POST['content']))
         logging.debug(content)
         postid = self.request.get('id')
         post = databases.Post.get_by_id(int(postid))
         if post:
             comment = databases.Comment.addComment(post, user, content)
             self.render('comments.html', comment = comment, post = post, user = user)       
         else:
             self.write('ERROR')
Exemplo n.º 5
0
def whois_func(args,u413):
	args=args.split(' ')[0]
	if len(args)==0:
		u413.cmds["WHO"].callback('',u413)
	else:
		u=db.query("SELECT * FROM users WHERE UCASE(username)='%s';"%db.escape(args.upper()))
		if len(u)==0:
			u413.type('"%s" is not a u413 member.'%util.htmlify(args.upper()))
		else:
			u=u[0]
			s=db.query("SELECT user FROM sessions WHERE user='******';"%db.escape(u["id"]))
			if len(s)==0:
				s=False
			else:
				s=True
			u413.donttype('Username: '******'User ID: '+u["id"])
			u413.donttype('User access: '+user.userlvl(int(u["access"]))+' ('+u["access"]+')')
			u413.donttype('Logged in: '+str(s))
Exemplo n.º 6
0
def help_func(args, u413):
    params = args.split(' ', 1)
    if args.strip() == "":
        helpout = ''
        u413.type("The following commands are available:")
        helpout = '<br/><table>'
        for cmd in command.cmds:
            if u413.user.level >= u413.cmds[cmd].level and not u413.cmds[
                    cmd].hidden:
                c = u413.cmds[cmd]
                helpout += '<tr><td style="width:2em;"></td><td>' + cmd + '</td><td style="padding-left:1em;">' + command.cmds[
                    cmd].description + "</td></tr>"
        helpout += '</table><br/>[] - optional parameter<br/>&lt;&gt; - required parameter<br/>SHIFT+ENTER to drop down to a new line.<br/>Type HELP --BBCODE for bbcode help'
        u413.donttype(helpout)
    elif params[0].upper() == "--BBCODE":
        u413.type("The following BBCodes are available:")
        out = '<br/><table>'
        for code in bbcodes:
            if bbcodes[code][0]:
                out += '<tr><td style="width:2em;"></td><td>%s</td></tr>' % bbcodes[
                    code][1]
            else:
                out += '<tr><td style="width:2em;">*</td><td>%s</td></tr>' % bbcodes[
                    code][1]
        out += '</table><br/>(* = available on the wall)'
        u413.donttype(out)
    else:
        cmd = args.split()[0].upper()
        if cmd in command.cmds and int(command.cmds[cmd].level) <= int(
                u413.user.level):
            c = command.cmds[cmd]
            #change this to something that shows a more detailed help
            u413.type(cmd + ' - ' + c.description)
            u413.donttype("Usage: " + cmd + " " + util.htmlify(c.usage))
            for a in c.args:
                u413.donttype('<span class="tab"></span>' + a + ' - ' +
                              c.args[a])
        else:
            u413.type('"%s" is not a command.' % cmd)
Exemplo n.º 7
0
def whois_func(args, u413):
    args = args.split(' ')[0]
    if len(args) == 0:
        u413.cmds["WHO"].callback('', u413)
    else:
        u = db.query("SELECT * FROM users WHERE UCASE(username)='%s';" %
                     db.escape(args.upper()))
        if len(u) == 0:
            u413.type('"%s" is not a u413 member.' %
                      util.htmlify(args.upper()))
        else:
            u = u[0]
            s = db.query("SELECT user FROM sessions WHERE user='******';" %
                         db.escape(u["id"]))
            if len(s) == 0:
                s = False
            else:
                s = True
            u413.donttype('Username: '******'User ID: ' + u["id"])
            u413.donttype('User access: ' + user.userlvl(int(u["access"])) +
                          ' (' + u["access"] + ')')
            u413.donttype('Logged in: ' + str(s))
Exemplo n.º 8
0
def wall_func(args, u413):
    r = db.query("SELECT * FROM wall ORDER BY posted;")
    if args.strip() == '':
        if len(r) == 0:
            u413.type("There are no notes on the wall.")
        else:
            u413.type("Welcome to the wall!")
            out = '<br/><table style="padding-right:8px;">'
            for entry in r:
                u = db.query("SELECT username FROM users WHERE id=%i" %
                             int(entry["user"]))
                out += '<tr><td>{{<span class="transmit" data-transmit="WHOIS {0}">{0}</span>}}</td><td style="padding-left:1em;">{1} <span class="dim">{2}</span></td></tr>'.format(
                    u[0]["username"], bbcodify(entry["text"]),
                    util.ago(entry["posted"]))
            u413.donttype(out + '</table>')
            u413.set_context("WALL")
            u413.clear_screen()
    else:
        if len(r) >= 256:
            db.query("DELETE FROM wall ORDER BY posted LIMIT 1;")
        db.query("INSERT INTO wall(user,text) VALUES(%i,'%s');" %
                 (u413.user.userid, db.escape(util.htmlify(args))))
        wall_func('', u413)
Exemplo n.º 9
0
 def post(self):
     if(self.request.cookies.get('user') and self.check_secure_val(self.request.cookies.get('user'))):
         user = databases.User.get_by_id(int(self.request.cookies.get('user').split('|')[0]))
         content = util.htmlify(self.request.POST['content'])
         post = databases.Post.addPost(user, content)
         self.render("post.html", post = post, user = user)
Exemplo n.º 10
0
def register_func(args,u413):
	#check for special cases
	if u413.user.name!="Guest":
		u413.type("You need to be logged out to register.")
		return
	params=args.split()
	#REGISTER has already requested continuation
	if "step" in u413.cmddata:
		if args=="":
			u413.type("Action cancelled.")
			u413.set_context("")
			return
		#Note: For all, ignore extra arguments
		#USERNAME>
		if u413.cmddata["step"]==1:
			if is_taken(params[0]):
				u413.type("Username already in use.")
				u413.set_context("")
			else:
				u413.cmddata["username"]=params[0]
				u413.cmddata["step"]=2
				u413.type("Enter a password:"******"PASSWORD")
				u413.continue_cmd()
				u413.use_password()
		#PASSWORD>
		elif u413.cmddata["step"]==2:
			if is_stupid(u413.cmddata["username"],params[0]):
				u413.type("That's a stupid password. Pick another one.")
			else:
				u413.cmddata["password"]=params[0]
				u413.cmddata["step"]=3
				u413.type("Confirm your password:"******"CONFIRM PASSWORD")
			u413.continue_cmd()
			u413.use_password()
		#CONFIRM PASSWORD>
		elif u413.cmddata["step"]==3:
			if u413.cmddata["password"]==params[0]:
				db.query("INSERT INTO users(username,password,access,alias) VALUES('%s','%s',%i,'[]');"%(db.escape(util.htmlify(util.stripctrl(u413.cmddata["username"]))),user.sha256(params[0]),user.User.member))
				u413.type("You are now registered.")
			else:
				u413.type("Passwords do not match.")
			u413.set_context("")
	#initial use of command
	else:
		#REGISTER
		if len(args)==0:
			u413.cmddata["step"]=1
			u413.type("Enter your desired username:"******"USERNAME")
			u413.continue_cmd()
		#REGISTER username
		elif len(params)==1:
			if is_taken(params[0]):
				u413.type("Username already in use.")
			else:
				u413.cmddata["username"]=params[0]
				u413.cmddata["step"]=2
				u413.type("Enter a password:"******"PASSWORD")
				u413.use_password()
				u413.continue_cmd()
		#REGISTER username password
		#Note: ignore anything after username/password
		else:
			if is_taken(params[0]):
				u413.type("Username already in use.")
			elif is_stupid(params[0],params[1]):
				u413.cmddata["username"]=params[0]
				u413.cmddata["step"]=2
				u413.type("That's a stupid password. Pick another one.")
				u413.continue_cmd()
				u413.use_password()
			else:
				u413.cmddata["username"]=params[0]
				u413.cmddata["password"]=params[1]
				u413.cmddata["step"]=3
				u413.type("Confirm your password:"******"CONFIRM PASSWORD")
				u413.continue_cmd()
				u413.use_password()
Exemplo n.º 11
0
def ping_func(args, u413):
    u413.type("PONG " + util.htmlify(args))
Exemplo n.º 12
0
def alias_func(args, u413):
    if "step" in u413.cmddata:
        if u413.cmddata["step"] == 1:
            u413.cmddata["step"] = 2
            u413.cmddata["to"] = args
            u413.type("Enter the pattern to be replaced:")
            u413.set_context("FROM")
            u413.continue_cmd()
        elif u413.cmddata["step"] == 2:
            u413.user.alias.append({"to": u413.cmddata["to"], "from": args})
            db.query("UPDATE users SET alias='%s' WHERE id=%i;" %
                     (db.escape(repr(u413.user.alias)), u413.user.userid))
            u413.type("Alias created successfully.")
            u413.set_context(u413.cmddata["context"])
        elif u413.cmddata["step"] == 3:
            x = None
            for a in range(len(u413.user.alias)):
                if args.upper() == u413.user.alias[a]["from"].upper():
                    x = a
            if x == None:
                u413.type('"%s" is not an alias.' % args)
            else:
                del u413.user.alias[x]
                db.query("UPDATE users SET alias='%s' WHERE id=%i;" %
                         (db.escape(repr(u413.user.alias)), u413.user.userid))
                u413.type("Alias deleted.")
                u413.set_context(u413.cmddata["context"])
    else:
        params = args.split(' ', 1)
        #ALIAS
        if len(args.split(' ', 1)[0]) == 0:
            aliases = eval(
                db.query("SELECT alias FROM users WHERE id=%i;" %
                         u413.user.userid)[0]["alias"])
            if len(aliases) == 0:
                u413.type("You have no aliases.")
            else:
                u413.type("Your aliases:")
                out = '<table>'
                for alias in aliases:
                    out += '<tr><td style="width:2em;"></td><td>%s -> %s</td></tr>' % (
                        util.htmlify(alias["from"]), util.htmlify(alias["to"]))
                u413.donttype(out + '</table>')
        #ALIAS to | --delete | --new
        elif len(params) == 1:
            if params[0].upper() == "--DELETE":
                u413.cmddata["step"] = 3
                u413.cmddata["context"] = u413.user.context
                u413.type("Enter the pattern to be deleted:")
                u413.set_context("PATTERN")
                u413.continue_cmd()
            elif params[0].upper() == "--NEW":
                u413.cmddata["step"] = 1
                u413.cmddata["context"] = u413.user.context
                u413.type("Enter the command to alias:")
                u413.set_context("TO")
                u413.continue_cmd()
            else:
                u413.cmddata["step"] = 2
                u413.cmddata["context"] = u413.user.context
                u413.cmddata["to"] = params[0]
                u413.type("Enter the pattern to be replaced:")
                u413.set_context("FROM")
                u413.continue_cmd()
        #ALIAS to from | --delete from
        else:
            if params[0].upper() == "--DELETE":
                x = None
                for a in range(len(u413.user.alias)):
                    if params[1].upper() == u413.user.alias[a]["from"].upper():
                        x = a
                if x == None:
                    u413.type('"%s" is not an alias.' % params[1])
                else:
                    del u413.user.alias[x]
                    db.query(
                        "UPDATE users SET alias='%s' WHERE id=%i;" %
                        (db.escape(repr(u413.user.alias)), u413.user.userid))
                    u413.type("Alias deleted.")
            else:
                u413.user.alias.append({"to": params[0], "from": params[1]})
                db.query("UPDATE users SET alias='%s' WHERE id=%i;" %
                         (db.escape(repr(u413.user.alias)), u413.user.userid))
                u413.type("Alias created successfully.")
Exemplo n.º 13
0
def topic_func(args,u413):
	params=args.split(' ',2)
	if len(params)==0 or not util.isint(params[0]):
		u413.type("Invalid topic ID.")
		return
	topic=int(params[0])
	if len(params)==1:
		page=1
		output_page(topic,1,u413)
	elif len(params)==2:
		if params[1].upper()=="REPLY":
			u413.j["Command"]="REPLY"
			u413.cmddata["topic"]=topic
			u413.continue_cmd()
		else:
			page=1
			if util.isint(params[1]):
				page=int(params[1])
			elif params[1].upper()=='LAST':
				page=db.count_posts(topic)
				if page==0:
					page=1
				else:
					page=math.ceil(page/10.0)
			output_page(topic,page,u413)
	elif params[1].upper()=="REPLY":
		db.query("INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"%(topic,u413.user.userid,db.escape(util.htmlify(params[3]))))
		u413.type("Reply made successfully.")
Exemplo n.º 14
0
def reply_func(args, u413):
    #already used REPLY
    if "step" in u413.cmddata:
        if args.strip() == '':
            u413.type("Action cancelled.")
            u413.set_context("")
        #ID>
        elif u413.cmddata["step"] == 1:
            if util.isint(args):
                u413.cmddata["step"] = 2
                u413.cmddata["topic"] = int(args)
                u413.type("Enter your reply:")
                u413.set_context("REPLY")
                u413.continue_cmd()
            else:
                u413.type("Invalid topic ID.")
                u413.set_context("")
        #REPLY>
        elif u413.cmddata["step"] == 2:
            db.query(
                "INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"
                % (u413.cmddata["topic"], u413.user.userid,
                   db.escape(util.htmlify(args))))
            reload_topic(u413.cmddata["topic"], u413.cmddata["page"], u413)
    #first use of REPLY
    else:
        params = args.split(' ', 1)
        context = u413.user.context.split(' ')
        #REPLY
        if args.strip() == '':
            if "TOPIC" in u413.user.context:
                u413.cmddata["step"] = 2
                u413.cmddata["topic"] = int(u413.user.context.split(' ')[1])
                u413.type("Enter your reply:")
                u413.set_context("REPLY")
                u413.continue_cmd()
            else:
                u413.cmddata["step"] = 1
                u413.type("Enter the topic ID:")
                u413.set_context("TOPIC ID")
                u413.continue_cmd()
        #REPLY [id]
        elif len(params) == 1:
            if util.isint(params[0]):
                u413.cmddata["step"] = 2
                u413.cmddata["topic"] = int(params[0])
                u413.type("Enter your reply:")
                u413.continue_cmd()
            elif "TOPIC" in u413.user.context:
                topic = int(u413.user.context.split(' ')[1])
                db.query(
                    "INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"
                    % (topic, u413.user.userid, db.escape(util.htmlify(args))))
                page = 1
                if len(context) > 2:
                    page = int(context[2])
                reload_topic(int(context[1]), page, u413)
            else:
                u413.type("Invalid topic ID.")
        #REPLY [[id] message]
        else:
            if util.isint(params[0]):
                if len(params) == 2:
                    db.query(
                        "INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"
                        % (int(params[0]), u413.user.userid,
                           db.escape(util.htmlify(params[1]))))
                    page = 1
                    if len(context) > 2:
                        page = int(context[2])
                    u413.type("Reply added successfully.")
                else:
                    u413.cmddata["step"] = 2
                    u413.cmddata["topic"] = int(params[0])
                    u413.type("Enter your reply:")
                    u413.set_context("REPLY")
                    u413.continue_cmd()
            elif "TOPIC" in u413.user.context:
                topic = int(u413.user.context.split(' ')[1])
                db.query(
                    "INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"
                    % (topic, u413.user.userid, db.escape(util.htmlify(args))))
                page = 1
                if len(context) > 2:
                    page = int(context[2])
                reload_topic(topic, page, u413)
            else:
                u413.type("Topic ID required.")
        u413.cmddata["page"] = 1
        if len(context) > 2:
            u413.cmddata["page"] = int(context[2])
Exemplo n.º 15
0
def register_func(args, u413):
    #check for special cases
    if u413.user.name != "Guest":
        u413.type("You need to be logged out to register.")
        return
    params = args.split()
    #REGISTER has already requested continuation
    if "step" in u413.cmddata:
        if args == "":
            u413.type("Action cancelled.")
            u413.set_context("")
            return
        #Note: For all, ignore extra arguments
        #USERNAME>
        if u413.cmddata["step"] == 1:
            if is_taken(params[0]):
                u413.type("Username already in use.")
                u413.set_context("")
            else:
                u413.cmddata["username"] = params[0]
                u413.cmddata["step"] = 2
                u413.type("Enter a password:"******"PASSWORD")
                u413.continue_cmd()
                u413.use_password()
        #PASSWORD>
        elif u413.cmddata["step"] == 2:
            if is_stupid(u413.cmddata["username"], params[0]):
                u413.type("That's a stupid password. Pick another one.")
            else:
                u413.cmddata["password"] = params[0]
                u413.cmddata["step"] = 3
                u413.type("Confirm your password:"******"CONFIRM PASSWORD")
            u413.continue_cmd()
            u413.use_password()
        #CONFIRM PASSWORD>
        elif u413.cmddata["step"] == 3:
            if u413.cmddata["password"] == params[0]:
                if is_taken(u413.cmddata["username"]):
                    u413.type("Username already in use.")
                else:
                    db.query(
                        "INSERT INTO users(username,password,access,alias) VALUES('%s','%s',%i,'[]');"
                        % (db.escape(
                            util.htmlify(
                                util.stripctrl(u413.cmddata["username"]))),
                           user.sha256(params[0]), user.User.member))
                u413.type("You are now registered.")
            else:
                u413.type("The passwords do not match.")
            u413.set_context("")
    #initial use of command
    else:
        #REGISTER
        if len(args) == 0:
            u413.cmddata["step"] = 1
            u413.type("Enter your desired username:"******"USERNAME")
            u413.continue_cmd()
        #REGISTER username
        elif len(params) == 1:
            if is_taken(params[0]):
                u413.type("Username already in use.")
            else:
                u413.cmddata["username"] = params[0]
                u413.cmddata["step"] = 2
                u413.type("Enter a password:"******"PASSWORD")
                u413.use_password()
                u413.continue_cmd()
        #REGISTER username password
        #Note: ignore anything after username/password
        else:
            if is_taken(params[0]):
                u413.type("Username already in use.")
            elif is_stupid(params[0], params[1]):
                u413.cmddata["username"] = params[0]
                u413.cmddata["step"] = 2
                u413.type("That's a stupid password. Pick another one.")
                u413.continue_cmd()
                u413.use_password()
            else:
                u413.cmddata["username"] = params[0]
                if is_taken(u413.cmddata["username"]):
                    u413.type("Username already in use.")
                else:
                    u413.cmddata["password"] = params[1]
                    u413.cmddata["step"] = 3
                    u413.type("Confirm your password:"******"CONFIRM PASSWORD")
                    u413.continue_cmd()
                    u413.use_password()
Exemplo n.º 16
0
def reply_func(args,u413):
	#already used REPLY
	if "step" in u413.cmddata:
		if args.strip()=='':
			u413.type("Action cancelled.")
			u413.set_context("")
		#ID>
		elif u413.cmddata["step"]==1:
			if util.isint(args):
				u413.cmddata["step"]=2
				u413.cmddata["topic"]=int(args)
				u413.type("Enter your reply:")
				u413.set_context("REPLY")
				u413.continue_cmd()
			else:
				u413.type("Invalid topic ID.")
				u413.set_context("")
		#REPLY>
		elif u413.cmddata["step"]==2:
			db.query("INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"%(u413.cmddata["topic"],u413.user.userid,db.escape(util.htmlify(args))))
			reload_topic(u413.cmddata["topic"],u413.cmddata["page"],u413)
	#first use of REPLY
	else:
		params=args.split(' ',1)
		context=u413.user.context.split(' ')
		#REPLY
		if args.strip()=='':
			if "TOPIC" in u413.user.context:
				u413.cmddata["step"]=2
				u413.cmddata["topic"]=int(u413.user.context.split(' ')[1])
				u413.type("Enter your reply:")
				u413.set_context("REPLY")
				u413.continue_cmd()
			else:
				u413.cmddata["step"]=1
				u413.type("Enter the topic ID:")
				u413.set_context("TOPIC ID")
				u413.continue_cmd()
		#REPLY [id]
		elif len(params)==1:
			if util.isint(params[0]):
				u413.cmddata["step"]=2
				u413.cmddata["topic"]=int(params[0])
				u413.type("Enter your reply:")
				u413.continue_cmd()
			elif "TOPIC" in u413.user.context:
				topic=int(u413.user.context.split(' ')[1])
				db.query("INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"%(topic,u413.user.userid,db.escape(util.htmlify(args))))
				page=1
				if len(context)>2:
					page=int(context[2])
				reload_topic(int(context[1]),page,u413)
			else:
				u413.type("Invalid topic ID.")
		#REPLY [[id] message]
		else:
			if util.isint(params[0]):
				if len(params)==2:
					db.query("INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"%(int(params[0]),u413.user.userid,db.escape(util.htmlify(params[1]))))
					page=1
					if len(context)>2:
						page=int(context[2])
					u413.type("Reply added successfully.")
				else:
					u413.cmddata["step"]=2
					u413.cmddata["topic"]=int(params[0])
					u413.type("Enter your reply:")
					u413.set_context("REPLY")
					u413.continue_cmd()
			elif "TOPIC" in u413.user.context:
				topic=int(u413.user.context.split(' ')[1])
				db.query("INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(FALSE,'',%i,%i,0,'%s',FALSE,NULL,NOW());"%(topic,u413.user.userid,db.escape(util.htmlify(args))))
				page=1
				if len(context)>2:
					page=int(context[2])
				reload_topic(topic,page,u413)
			else:
				u413.type("Topic ID required.")
		u413.cmddata["page"]=1
		if len(context)>2:
			u413.cmddata["page"]=int(context[2])
Exemplo n.º 17
0
def ping_func(args, u413):
    u413.type("PONG " + util.htmlify(args))
Exemplo n.º 18
0
	def login(self,username,password):
		password=sha256(password)
		r=db.query("SELECT * FROM users WHERE LCASE(username)='%s' AND password='******';"%(db.escape(util.htmlify(username.lower())),password))
		if len(r)==0:
			return False
		r=r[0]
		self.name=r["username"]
		self.level=int(r["access"])
		self.userid=int(r["id"])
		self.mute=bool(ord(r["muted"]))
		db.query("UPDATE sessions SET username='******',user=%i,access=%i WHERE id='%s';"%(self.name,self.userid,self.level,self.session))
		return True
Exemplo n.º 19
0
def wall_func(args,u413):
	r=db.query("SELECT * FROM wall ORDER BY posted;")
	if args.strip()=='':
		if len(r)==0:
			u413.type("There are no notes on the wall.")
		else:
			u413.type("Welcome to the wall!")
			out='<br/><table style="padding-right:8px;">'
			for entry in r:
				u=db.query("SELECT username FROM users WHERE id=%i"%int(entry["user"]))
				out+='<tr><td>{{<span class="transmit" data-transmit="WHOIS {0}">{0}</span>}}</td><td style="padding-left:1em;">{1} <span class="dim">{2}</span></td></tr>'.format(u[0]["username"],bbcodify(entry["text"]),util.ago(entry["posted"]))
			u413.donttype(out+'</table>')
			u413.set_context("WALL")
			u413.clear_screen()
	else:
		if len(r)>=256:
			db.query("DELETE FROM wall ORDER BY posted LIMIT 1;")
		db.query("INSERT INTO wall(user,text) VALUES(%i,'%s');"%(u413.user.userid,db.escape(util.htmlify(args))))
		wall_func('',u413)
Exemplo n.º 20
0
def edit_func(args, u413):
    # EDIT already requested continuation
    if "step" in u413.cmddata:
        # ID>
        if u413.cmddata["step"] == 1:
            u413.donttype('"' + args + '"')
            if util.isint(args):
                u413.cmddata["id"] = int(args)
                u413.cmddata["step"] = 2
                u413.set_context("NEW BODY")
                u413.type("Enter the new post body:")
                u413.edit_text(util.dehtmlify(db.query("SELECT post FROM posts WHERE id=%i;" % int(args))[0]["post"]))
                u413.continue_cmd()
            else:
                u413.type("Invalid post ID.")
                u413.set_context("")
                # NEW BODY>
        elif u413.cmddata["step"] == 2:
            post = int(db.query("SELECT owner FROM posts WHERE id=%i;" % u413.cmddata["id"])[0]["owner"])
            owner = int(db.query("SELECT access FROM users WHERE id=%i;" % post)[0]["access"])
            if post != u413.user.userid:
                if u413.user.level < user.User.halfmod or u413.user.level <= owner:
                    u413.type("You do not have permission to edit other user's posts.")
                    return
            db.query(
                "UPDATE posts SET post='%s',editor=%i,edited=NOW() WHERE id=%i;"
                % (db.escape(util.htmlify(args)), u413.user.userid, u413.cmddata["id"])
            )
            u413.type("Post edited successfully.")
            u413.set_context(u413.cmddata["context"])
            # EDIT used for the first time
    else:
        params = args.split(" ", 1)
        # EDIT
        if len(args) == 0:
            u413.cmddata["step"] = 1
            u413.cmddata["context"] = u413.user.context
            u413.type("Enter the post's ID:")
            u413.set_context("Post ID")
            u413.continue_cmd()
            # EDIT id
        elif len(params) == 1:
            if util.isint(args):
                u413.cmddata["step"] = 2
                u413.cmddata["context"] = u413.user.context
                u413.cmddata["id"] = int(args)
                u413.type("Enter the new post body:")
                u413.set_context("NEW BODY")
                u413.edit_text(util.dehtmlify(db.query("SELECT post FROM posts WHERE id=%i;" % int(args))[0]["post"]))
                u413.continue_cmd()
            else:
                u413.type("Invalid post ID.")
                # EDIT id body
        else:
            if util.isint(params[0]):
                post = int(db.query("SELECT owner FROM posts WHERE id=%i;" % int(params[0]))[0]["owner"])
                owner = int(db.query("SELECT access FROM users WHERE id=%i;" % post)[0]["access"])
                if post != u413.user.userid:
                    if u413.user.level < user.User.halfmod or u413.user.level <= owner:
                        u413.type("You do not have permission to edit other user's posts.")
                        return
                db.query(
                    "UPDATE posts SET post='%s',editor=%i,edited=NOW() WHERE id=%i;"
                    % (db.escape(util.htmlify(params[1])), u413.user.userid, int(params[0]))
                )
                u413.type("Post edited successfully.")
                u413.set_context("")
            else:
                u413.type("Invalid post ID.")
Exemplo n.º 21
0
def newtopic_func(args,u413):
	params=args.split(' ',1)
	#continued NEWTOPIC
	if "step" in u413.cmddata:
		if args=='':
			u413.type("Action cancelled.")
			u413.set_context("")
			return
		#BOARD>
		if u413.cmddata["step"]==1:
			if isint(args) and int(params[0])!=0:
				u413.cmddata["step"]=2
				u413.cmddata["board"]=args
				u413.type("Enter the topic's title:")
				u413.set_context("TITLE")
				u413.continue_cmd()
			else:
				u413.type('Invalid board ID.')
				u413.set_context("")
		#TITLE>
		elif u413.cmddata["step"]==2:
			u413.cmddata["step"]=3
			u413.cmddata["title"]=args
			u413.type("Enter the topic's body:")
			u413.set_context("BODY")
			u413.continue_cmd()
		#BODY>
		elif u413.cmddata["step"]==3:
			db.query("INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(TRUE,'%s',%i,%i,0,'%s',FALSE,NULL,NOW());"%(db.escape(u413.cmddata["title"]),int(u413.cmddata["board"]),u413.user.userid,db.escape(util.htmlify(args))))
			topic=int(db.query("SELECT id FROM posts ORDER BY id DESC LIMIT 1;")[0]["id"])
			u413.type("Topic %i was created successfully."%topic)
			u413.set_context("")
	#first use
	else:
		#NEWTOPIC
		if args.strip()=='':
			if "BOARD" in u413.user.context:
				u413.cmddata["step"]=2
				u413.cmddata["board"]=int(u413.user.context[6:])
				u413.type("Enter the topic's title:")
				u413.set_context("TITLE")
			else:
				u413.cmddata["step"]=1
				u413.type("Enter the board ID:")
				u413.set_context("BOARD")
			u413.continue_cmd()
		#NEWTOPIC board
		elif len(params)==1:
			if isint(params[0]) and int(params[0])!=0:
				u413.cmddata["step"]=2
				u413.cmddata["board"]=int(params[0])
				u413.type("Enter the topic's title:")
				u413.set_context("TITLE")
				u413.continue_cmd()
			else:
				u413.type('Invalid board ID')
		#NEWTOPIC board topic
		else:
			if isint(params[0]) and int(params[0])!=0:
				u413.cmddata["step"]=3
				u413.cmddata["board"]=int(params[0])
				u413.cmddata["topic"]=params[1]
				u413.type("Enter the topic's body:")
				u413.set_context("BODY")
				u413.continue_cmd()
			else:
				u413.donttype('<span class="error">Invalid board ID</span>')
Exemplo n.º 22
0
def echo_func(args,u413):
	u413.type(util.htmlify(args))
Exemplo n.º 23
0
def newtopic_func(args, u413):
    params = args.split(' ', 1)
    #continued NEWTOPIC
    if "step" in u413.cmddata:
        if args == '':
            u413.type("Action cancelled.")
            u413.set_context("")
            return
        #BOARD>
        if u413.cmddata["step"] == 1:
            if isint(args) and int(params[0]) != 0:
                u413.cmddata["step"] = 2
                u413.cmddata["board"] = args
                u413.type("Enter the topic's title:")
                u413.set_context("TITLE")
                u413.continue_cmd()
            else:
                u413.type('Invalid board ID.')
                u413.set_context("")
        #TITLE>
        elif u413.cmddata["step"] == 2:
            u413.cmddata["step"] = 3
            u413.cmddata["title"] = args
            u413.type("Enter the topic's body:")
            u413.set_context("BODY")
            u413.continue_cmd()
        #BODY>
        elif u413.cmddata["step"] == 3:
            db.query(
                "INSERT INTO posts (topic,title,parent,owner,editor,post,locked,edited,posted) VALUES(TRUE,'%s',%i,%i,0,'%s',FALSE,NULL,NOW());"
                %
                (db.escape(u413.cmddata["title"]), int(u413.cmddata["board"]),
                 u413.user.userid, db.escape(util.htmlify(args))))
            topic = int(
                db.query("SELECT id FROM posts ORDER BY id DESC LIMIT 1;")[0]
                ["id"])
            u413.type("Topic %i was created successfully." % topic)
            u413.set_context("")
    #first use
    else:
        #NEWTOPIC
        if args.strip() == '':
            if "BOARD" in u413.user.context:
                u413.cmddata["step"] = 2
                u413.cmddata["board"] = int(u413.user.context[6:])
                u413.type("Enter the topic's title:")
                u413.set_context("TITLE")
            else:
                u413.cmddata["step"] = 1
                u413.type("Enter the board ID:")
                u413.set_context("BOARD")
            u413.continue_cmd()
        #NEWTOPIC board
        elif len(params) == 1:
            if isint(params[0]) and int(params[0]) != 0:
                u413.cmddata["step"] = 2
                u413.cmddata["board"] = int(params[0])
                u413.type("Enter the topic's title:")
                u413.set_context("TITLE")
                u413.continue_cmd()
            else:
                u413.type('Invalid board ID')
        #NEWTOPIC board topic
        else:
            if isint(params[0]) and int(params[0]) != 0:
                u413.cmddata["step"] = 3
                u413.cmddata["board"] = int(params[0])
                u413.cmddata["topic"] = params[1]
                u413.type("Enter the topic's body:")
                u413.set_context("BODY")
                u413.continue_cmd()
            else:
                u413.donttype('<span class="error">Invalid board ID</span>')
Exemplo n.º 24
0
def echo_func(args, u413):
    u413.type(util.htmlify(args))
Exemplo n.º 25
0
def edit_func(args, u413):
    #EDIT already requested continuation
    if "step" in u413.cmddata:
        #ID>
        if u413.cmddata["step"] == 1:
            u413.donttype('"' + args + '"')
            if util.isint(args):
                u413.cmddata["id"] = int(args)
                u413.cmddata["step"] = 2
                u413.set_context("NEW BODY")
                u413.type("Enter the new post body:")
                u413.edit_text(
                    util.dehtmlify(
                        db.query("SELECT post FROM posts WHERE id=%i;" %
                                 int(args))[0]["post"]))
                u413.continue_cmd()
            else:
                u413.type("Invalid post ID.")
                u413.set_context("")
        #NEW BODY>
        elif u413.cmddata["step"] == 2:
            post = int(
                db.query("SELECT owner FROM posts WHERE id=%i;" %
                         u413.cmddata["id"])[0]["owner"])
            owner = int(
                db.query("SELECT access FROM users WHERE id=%i;" %
                         post)[0]["access"])
            if post != u413.user.userid:
                if u413.user.level < user.User.halfmod or u413.user.level <= owner:
                    u413.type(
                        "You do not have permission to edit other user's posts."
                    )
                    return
            db.query(
                "UPDATE posts SET post='%s',editor=%i,edited=NOW() WHERE id=%i;"
                % (db.escape(
                    util.htmlify(args)), u413.user.userid, u413.cmddata["id"]))
            u413.type("Post edited successfully.")
            u413.set_context(u413.cmddata["context"])
    #EDIT used for the first time
    else:
        params = args.split(' ', 1)
        #EDIT
        if len(args) == 0:
            u413.cmddata["step"] = 1
            u413.cmddata["context"] = u413.user.context
            u413.type("Enter the post's ID:")
            u413.set_context("Post ID")
            u413.continue_cmd()
        #EDIT id
        elif len(params) == 1:
            if util.isint(args):
                u413.cmddata["step"] = 2
                u413.cmddata["context"] = u413.user.context
                u413.cmddata["id"] = int(args)
                u413.type("Enter the new post body:")
                u413.set_context("NEW BODY")
                u413.edit_text(
                    util.dehtmlify(
                        db.query("SELECT post FROM posts WHERE id=%i;" %
                                 int(args))[0]["post"]))
                u413.continue_cmd()
            else:
                u413.type("Invalid post ID.")
        #EDIT id body
        else:
            if util.isint(params[0]):
                post = int(
                    db.query("SELECT owner FROM posts WHERE id=%i;" %
                             int(params[0]))[0]["owner"])
                owner = int(
                    db.query("SELECT access FROM users WHERE id=%i;" %
                             post)[0]["access"])
                if post != u413.user.userid:
                    if u413.user.level < user.User.halfmod or u413.user.level <= owner:
                        u413.type(
                            "You do not have permission to edit other user's posts."
                        )
                        return
                db.query(
                    "UPDATE posts SET post='%s',editor=%i,edited=NOW() WHERE id=%i;"
                    % (db.escape(util.htmlify(
                        params[1])), u413.user.userid, int(params[0])))
                u413.type("Post edited successfully.")
                u413.set_context("")
            else:
                u413.type("Invalid post ID.")
Exemplo n.º 26
0
def alias_func(args,u413):
	if "step" in u413.cmddata:
		if u413.cmddata["step"]==1:
			u413.cmddata["step"]=2
			u413.cmddata["to"]=args
			u413.type("Enter the pattern to be replaced:")
			u413.set_context("FROM")
			u413.continue_cmd()
		elif u413.cmddata["step"]==2:
			u413.user.alias.append({"to":u413.cmddata["to"],"from":args})
			db.query("UPDATE users SET alias='%s' WHERE id=%i;"%(db.escape(repr(u413.user.alias)),u413.user.userid))
			u413.type("Alias created successfully.")
			u413.set_context(u413.cmddata["context"])
		elif u413.cmddata["step"]==3:
			x=None
			for a in range(len(u413.user.alias)):
				if args.upper()==u413.user.alias[a]["from"].upper():
					x=a
			if x==None:
				u413.type('"%s" is not an alias.'%args)
			else:
				del u413.user.alias[x]
				db.query("UPDATE users SET alias='%s' WHERE id=%i;"%(db.escape(repr(u413.user.alias)),u413.user.userid))
				u413.type("Alias deleted.")
				u413.set_context(u413.cmddata["context"])
	else:
		params=args.split(' ',1)
		#ALIAS
		if len(args.split(' ',1)[0])==0:
			aliases=eval(db.query("SELECT alias FROM users WHERE id=%i;"%u413.user.userid)[0]["alias"])
			if len(aliases)==0:
				u413.type("You have no aliases.")
			else:
				u413.type("Your aliases:")
				out='<table>'
				for alias in aliases:
					out+='<tr><td style="width:2em;"></td><td>%s -> %s</td></tr>'%(util.htmlify(alias["from"]),util.htmlify(alias["to"]))
				u413.donttype(out+'</table>')
		#ALIAS to | --delete | --new
		elif len(params)==1:
			if params[0].upper()=="--DELETE":
				u413.cmddata["step"]=3
				u413.cmddata["context"]=u413.user.context
				u413.type("Enter the pattern to be deleted:")
				u413.set_context("PATTERN")
				u413.continue_cmd()
			elif params[0].upper()=="--NEW":
				u413.cmddata["step"]=1
				u413.cmddata["context"]=u413.user.context
				u413.type("Enter the command to alias:")
				u413.set_context("TO")
				u413.continue_cmd()
			else:
				u413.cmddata["step"]=2
				u413.cmddata["context"]=u413.user.context
				u413.cmddata["to"]=params[0]
				u413.type("Enter the pattern to be replaced:")
				u413.set_context("FROM")
				u413.continue_cmd()
		#ALIAS to from | --delete from
		else:
			if params[0].upper()=="--DELETE":
				x=None
				for a in range(len(u413.user.alias)):
					if params[1].upper()==u413.user.alias[a]["from"].upper():
						x=a
				if x==None:
					u413.type('"%s" is not an alias.'%params[1])
				else:
					del u413.user.alias[x]
					db.query("UPDATE users SET alias='%s' WHERE id=%i;"%(db.escape(repr(u413.user.alias)),u413.user.userid))
					u413.type("Alias deleted.")
			else:
				u413.user.alias.append({"to":params[0],"from":params[1]})
				db.query("UPDATE users SET alias='%s' WHERE id=%i;"%(db.escape(repr(u413.user.alias)),u413.user.userid))
				u413.type("Alias created successfully.")
Exemplo n.º 27
0
def nsfwall_func(args,u413):
	r=db.query("SELECT * FROM nsfwall ORDER BY posted;")
	if args.strip()=='':
		if len(r)==0:
			u413.type("There are no notes on the nsfwall.")
		else:
			u413.type("The wall for all your NSFW needs.")
			out='<br/><table style="padding-right:8px;">'
			for entry in r:
				u=db.query("SELECT username FROM users WHERE id=%i"%int(entry["user"]))
				out+='<tr><td>{%s}</td><td style="padding-left:1em;">%s <span class="dim">%s</span></td></tr>'%(u[0]["username"],bbcodify(entry["text"]),util.ago(entry["posted"]))
			u413.donttype(out+'</table>')
			u413.set_context("NSFWALL")
			u413.clear_screen()
	else:
		if len(r)>=256:
			db.query("DELETE FROM nsfwall ORDER BY posted LIMIT 1;")
		db.query("INSERT INTO nsfwall(user,text) VALUES(%i,'%s');"%(u413.user.userid,db.escape(util.htmlify(args))))
		nsfwall_func('',u413)