def _save_user_prefs(self): _ = self._ form = self.request.form request = self.request if request.request_method != 'POST': return if not 'name' in request.user.auth_attribs: # Require non-empty name new_name = form.get('name', [request.user.name])[0] # Don't allow changing the name to an invalid one if not user.isValidName(request, new_name): return 'error', _("""Invalid user name {{{'%s'}}}. Name may contain any Unicode alpha numeric character, with optional one space between words. Group page name is not allowed.""", wiki=True) % wikiutil.escape(new_name) # Is this an existing user trying to change information or a new user? # Name required to be unique. Check if name belong to another user. existing_id = user.getUserId(request, new_name) if existing_id is not None and existing_id != request.user.id: return 'error', _("This user name already belongs to somebody else.") if not new_name: return 'error', _("Empty user name. Please enter a user name.") # done sanity checking the name, set it request.user.name = new_name if not 'email' in request.user.auth_attribs: # try to get the email new_email = wikiutil.clean_input(form.get('email', [request.user.email])[0]) new_email = new_email.strip() # Require email if not new_email and 'email' not in request.cfg.user_form_remove: return 'error', _("Please provide your email address. If you lose your" " login information, you can get it by email.") # Email should be unique - see also MoinMoin/script/accounts/moin_usercheck.py if new_email and request.cfg.user_email_unique: other = user.get_by_email_address(request, new_email) if other is not None and other.id != request.user.id: return 'error', _("This email already belongs to somebody else.") # done checking the email, set it request.user.email = new_email if not 'jid' in request.user.auth_attribs: # try to get the jid new_jid = wikiutil.clean_input(form.get('jid', [''])[0]).strip() jid_changed = request.user.jid != new_jid previous_jid = request.user.jid if new_jid and request.cfg.user_jid_unique: other = user.get_by_jabber_id(request, new_jid) if other is not None and other.id != request.user.id: return 'error', _("This jabber id already belongs to somebody else.") if jid_changed: set_event = events.JabberIDSetEvent(request, new_jid) unset_event = events.JabberIDUnsetEvent(request, previous_jid) events.send_event(unset_event) events.send_event(set_event) # done checking the JID, set it request.user.jid = new_jid if not 'aliasname' in request.user.auth_attribs: # aliasname request.user.aliasname = wikiutil.clean_input(form.get('aliasname', [''])[0]) # editor size request.user.edit_rows = util.web.getIntegerInput(request, 'edit_rows', request.user.edit_rows, 10, 60) # try to get the editor request.user.editor_default = form.get('editor_default', [self.cfg.editor_default])[0] request.user.editor_ui = form.get('editor_ui', [self.cfg.editor_ui])[0] # time zone request.user.tz_offset = util.web.getIntegerInput(request, 'tz_offset', request.user.tz_offset, -84600, 84600) # datetime format try: dt_d_combined = Settings._date_formats.get(form['datetime_fmt'][0], '') request.user.datetime_fmt, request.user.date_fmt = dt_d_combined.split(' & ') except (KeyError, ValueError): request.user.datetime_fmt = '' # default request.user.date_fmt = '' # default # try to get the (optional) theme theme_name = form.get('theme_name', [self.cfg.theme_default])[0] if theme_name != request.user.theme_name: # if the theme has changed, load the new theme # so the user has a direct feedback # WARNING: this should be refactored (i.e. theme load # after userform handling), cause currently the # already loaded theme is just replaced (works cause # nothing has been emitted yet) request.user.theme_name = theme_name if request.loadTheme(theme_name) > 0: theme_name = wikiutil.escape(theme_name) return 'error', _("The theme '%(theme_name)s' could not be loaded!") % locals() # try to get the (optional) preferred language request.user.language = form.get('language', [''])[0] if request.user.language == u'': # For language-statistics from MoinMoin import i18n request.user.real_language = i18n.get_browser_language(request) else: request.user.real_language = '' # I want to handle all inputs from user_form_fields, but # don't want to handle the cases that have already been coded # above. # This is a horribly fragile kludge that's begging to break. # Something that might work better would be to define a # handler for each form field, instead of stuffing them all in # one long and inextensible method. That would allow for # plugins to provide methods to validate their fields as well. already_handled = ['name', 'email', 'aliasname', 'edit_rows', 'editor_default', 'editor_ui', 'tz_offset', 'datetime_fmt', 'theme_name', 'language', 'real_language', 'jid'] for field in self.cfg.user_form_fields: key = field[0] if ((key in self.cfg.user_form_disable) or (key in already_handled)): continue default = self.cfg.user_form_defaults[key] value = form.get(key, [default])[0] setattr(request.user, key, value) # checkbox options for key, label in self.cfg.user_checkbox_fields: if key not in self.cfg.user_checkbox_disable and key not in self.cfg.user_checkbox_remove: value = form.get(key, ["0"])[0] try: value = int(value) except ValueError: pass else: setattr(request.user, key, value) # quicklinks for navibar request.user.quicklinks = self._decode_pagelist('quicklinks') # save data request.user.save() if request.user.disabled: # set valid to false so the current request won't # show the user as logged-in any more request.user.valid = False result = _("User preferences saved!") if _debug: result = result + util.dumpFormData(form) return result
if not theuser.email and 'email' not in request.cfg.user_form_remove: return _("Please provide your email address. If you lose your" " login information, you can get it by email.") # Email should be unique - see also MoinMoin/script/accounts/moin_usercheck.py if theuser.email and request.cfg.user_email_unique: if user.get_by_email_address(request, theuser.email): return _("This email already belongs to somebody else.") # save data theuser.save() result = _( "User account created! You can use this account to login now...") if _debug: result = result + util.dumpFormData(form) return result def _create_form(request): _ = request.getText url = request.page.url(request) ret = html.FORM(action=url) ret.append( html.INPUT(type='hidden', name='action', value='CreateNewAccount')) lang_attr = request.theme.ui_lang_attr() ret.append(html.Raw('<div class="userpref"%s>' % lang_attr)) tbl = html.TABLE(border="0") ret.append(tbl) ret.append(html.Raw('</div>'))
def execute(pagename, request): """ dump the form data we received in this request for debugging """ data = util.dumpFormData(request.form) request.emit_http_headers() request.write("<html><body>%s</body></html>" % data)
def do_dumpform(pagename, request): data = util.dumpFormData(request.form) request.http_headers() request.write("<html><body>%s</body></html>" % data) raise MoinMoinNoFooter
def handleData(self): _ = self._ form = self.request.form if form.has_key('logout'): # clear the cookie in the browser and locally. Does not # check if we have a valid user logged, just make sure we # don't have one after this call. self.request.deleteCookie() return _("Cookie deleted. You are now logged out.") if form.has_key('login_sendmail'): if not self.cfg.mail_smarthost: return _("""This wiki is not enabled for mail processing. Contact the owner of the wiki, who can enable email.""") try: email = form['email'][0].lower() except KeyError: return _("Please provide a valid email address!") text = '' users = user.getUserList(self.request) for uid in users: theuser = user.User(self.request, uid) if theuser.valid and theuser.email.lower() == email: text = "%s\n\nID: %s\nName: %s\nPassword: %s\nLogin URL: %s/?action=userform&uid=%s" % ( text, theuser.id, theuser.name, theuser.enc_password, self.request.getBaseURL(), theuser.id) if not text: return _("Found no account matching the given email address '%(email)s'!") % {'email': wikiutil.escape(email)} mailok, msg = util.mail.sendmail(self.request, [email], 'Your wiki account data', text, mail_from=self.cfg.mail_from) return wikiutil.escape(msg) if form.has_key('login'): # Trying to login with a user name and a password # Require valid user name name = form.get('username', [''])[0] if not user.isValidName(self.request, name): return _("""Invalid user name {{{'%s'}}}. Name may contain any Unicode alpha numeric character, with optional one space between words. Group page name is not allowed.""") % wikiutil.escape(name) # Check that user exists if not user.getUserId(self.request, name): return _('Unknown user name: {{{"%s"}}}. Please enter' ' user name and password.') % name # Require password password = form.get('password',[None])[0] if not password: return _("Missing password. Please enter user name and" " password.") # Load the user data and check for validness theuser = user.User(self.request, name=name, password=password) if not theuser.valid: return _("Sorry, wrong password.") # Save the user and send a cookie self.request.user = theuser self.request.setCookie() elif form.has_key('uid'): # Trying to login with the login URL, soon to be removed! try: uid = form['uid'][0] except KeyError: return _("Bad relogin URL.") # Load the user data and check for validness theuser = user.User(self.request, uid) if not theuser.valid: return _("Unknown user.") # Save the user and send a cookie self.request.user = theuser self.request.setCookie() else: # Save user profile theuser = user.User(self.request) # Require non-empty name try: theuser.name = form['username'][0] except KeyError: return _("Empty user name. Please enter a user name.") # Don't allow users with invalid names if not user.isValidName(self.request, theuser.name): return _("""Invalid user name {{{'%s'}}}. Name may contain any Unicode alpha numeric character, with optional one space between words. Group page name is not allowed.""") % wikiutil.escape(theuser.name) # Is this an existing user trying to change information or a new user? # Name required to be unique. Check if name belong to another user. newuser = 1 if user.getUserId(self.request, theuser.name): if theuser.name != self.request.user.name: return _("This user name already belongs to somebody else.") else: newuser = 0 # try to get the password and pw repeat password = form.get('password', [''])[0] password2 = form.get('password2',[''])[0] # Check if password is given and matches with password repeat if password != password2: return _("Passwords don't match!") if not password and newuser: return _("Please specify a password!") # Encode password if password and not password.startswith('{SHA}'): try: theuser.enc_password = user.encodePassword(password) except UnicodeError, err: # Should never happen return "Can't encode password: %s" % str(err) # try to get the (optional) email email = form.get('email', [''])[0] theuser.email = email.strip() # Require email if acl is enabled if not theuser.email and self.cfg.acl_enabled: return _("Please provide your email address. If you loose your" " login information, you can get it by email.") # Email required to be unique # See also MoinMoin/scripts/moin_usercheck.py if theuser.email: users = user.getUserList(self.request) for uid in users: if uid == theuser.id: continue thisuser = user.User(self.request, uid) if thisuser.email == theuser.email: return _("This email already belongs to somebody else.") # editor size theuser.edit_rows = util.web.getIntegerInput(self.request, 'edit_rows', theuser.edit_rows, 10, 60) # time zone theuser.tz_offset = util.web.getIntegerInput(self.request, 'tz_offset', theuser.tz_offset, -84600, 84600) # datetime format try: dt_d_combined = UserSettings._date_formats.get(form['datetime_fmt'][0], '') theuser.datetime_fmt, theuser.date_fmt = dt_d_combined.split(' & ') except (KeyError, ValueError): pass # try to get the (optional) theme theme_name = form.get('theme_name', [self.cfg.theme_default])[0] if theme_name != theuser.theme_name: # if the theme has changed, load the new theme # so the user has a direct feedback # WARNING: this should be refactored (i.e. theme load # after userform handling), cause currently the # already loaded theme is just replaced (works cause # nothing has been emitted yet) theuser.theme_name = theme_name if self.request.loadTheme(theuser.theme_name) > 0: theme_name = wikiutil.escape(theme_name) return _("The theme '%(theme_name)s' could not be loaded!") % locals() # User CSS URL theuser.css_url = form.get('css_url', [''])[0] # try to get the (optional) preferred language theuser.language = form.get('language', [''])[0] # checkbox options if not newuser: for key, label in user.User._checkbox_fields: value = form.get(key, ["0"])[0] try: value = int(value) except ValueError: pass else: setattr(theuser, key, value) # quicklinks for navibar theuser.quicklinks = self.decodePageList('quicklinks') # subscription for page change notification theuser.subscribed_pages = self.decodePageList('subscribed_pages') # save data and send cookie theuser.save() self.request.user = theuser self.request.setCookie() result = _("User preferences saved!") if _debug: result = result + util.dumpFormData(form) return result
theuser.email = email.strip() if not theuser.email and 'email' not in request.cfg.user_form_remove: return _("Please provide your email address. If you lose your" " login information, you can get it by email.") # Email should be unique - see also MoinMoin/script/accounts/moin_usercheck.py if theuser.email and request.cfg.user_email_unique: if user.get_by_email_address(request, theuser.email): return _("This email already belongs to somebody else.") # save data theuser.save() result = _("User account created! You can use this account to login now...") if _debug: result = result + util.dumpFormData(form) return result def _create_form(request): _ = request.getText url = request.page.url(request) ret = html.FORM(action=url) ret.append(html.INPUT(type='hidden', name='action', value='newaccount')) lang_attr = request.theme.ui_lang_attr() ret.append(html.Raw('<div class="userpref"%s>' % lang_attr)) tbl = html.TABLE(border="0") ret.append(tbl) ret.append(html.Raw('</div>')) row = html.TR()