def main(): header = u"Content-Type: text/html\n" content = [] blog = Blog() field_storage = FieldStorage() post_datas = {} for k in ("author", "password", "hash", "title", "content", "post"): post_datas[k] = get_value(field_storage, k) mode = get_value(field_storage, "mode", "add") captcha_code = get_value(field_storage, "captcha_content") captcha_path = get_value(field_storage, "captcha_path") post_id = get_value(field_storage, "post") user, power = blog.is_user(post_datas["author"], post_datas["password"], post_datas["hash"]) if (blog.get_captcha_code(captcha_path) != captcha_code.strip(" ") and not user): content.append(protocol.error(_(u"Invalid captcha"))) elif mode in ("edit", "del", "retrieve") and not (post_id and raw_post_id.isdigit()): content.append(protocol.error(_(u"Need an id"))) elif mode == "add": if not (post_datas["author"] and post_datas["content"]): content.append(protocol.error(_(u"You have to write as least your" " name and a comment."))) elif not post_datas["post"]: content.append(protocol.error(_(u"Internal : no post ??"))) else: post_datas["date"] = time() post_datas["moderated"] = True if blog.config.getboolean("comment", "auto_moderated") else False new_id = blog.add_comment(Comment(**post_datas)) content.append(protocol.success(_(u"Comment added"))) blog.clean_captchas(captcha_path) elif mode == "del": if user: blog.del_comment(int(post_id)) content.append(protocol.succes(_(u"Comment deleted"))) else: content.append(protocol.error(_(u"You don't have the permission for" " doing this."))) elif mode == "edit": content.append(error(_("Not implemented"))) elif mode == "retrieve": comment = blog.get_comment_by_id(int(post_id)) if comment: content.append(protocol.succes(protocol.format_comment(comment))) else: content.append(protocol.error(_(u"No id %s") % post_id)) else: content.append(protocol.error(_(u"You're doing it wrong."))) if post_datas["post"]: content.append(XHTML.tags.A(blog.rewrite(post=post_datas["post"]), _("Back to the post")).tostr()) print header print u"\n".join(content).encode("utf-8", "replace")
def main(): header = u"Content-Type: text/html\n" content = [] blog = Blog() post_datas = FieldStorage() mode = get_value(post_datas, "mode", "add") user = get_value(post_datas, "user") password = get_value(post_datas, "password") hash = get_value(post_datas, "hash") user, power = blog.is_user(user, password, hash) post_id = get_value(post_datas, "post") target = get_value(post_datas, "target") target_password = get_value(post_datas, "target_password") power = get_value(post_datas, "power") power_exists = (power and power.isdigit() and int(power) < VOICE) if not user: content.append(protocol.error(_(u"Wrong username/password"))) elif not (blog.has_power(user, OP if mode == "add" else ROOT) or user == post[0]["author"]): content.append(protocol.error(_(u"You don't have the permission to do" " that."))) elif not (target and (power_exists and password and mode == "add") or ((power_exists or password) and mode == "edit") or mode == "del"): content.append(protocol.error(_(u"Post datas are not set"))) # It's ok. elif mode == "add": if not (target_password and power): content.append(protocol.error(_(u"Please set a password and" " permissions."))) else: ret = blog.add_user(target, target_password, power) content.append(protocol.success(ret) if ret else protocol.error(_(u"User exists"))) elif mode == "edit": blog.set_user(target, target_password if target_password else None, power if power else None) content.append(protocol.success()) elif mode == "del": blog.del_user(target) content.append(protocol.success()) else: content.append(protocol.error(_(u"Wrong mode."))) print header print u"\n".join(content).encode("utf-8", "replace")
def main(): header = u"Content-Type: text/html\n" content = [] blog = Blog() post_datas = FieldStorage() mode = get_value(post_datas, "mode", "retrieve") user = get_value(post_datas, "user") password = get_value(post_datas, "password") hash = get_value(post_datas, "hash") user, power = blog.is_user(user, password, hash) post_id = get_value(post_datas, "post", "") if mode in ("retrieve", "edit", "del") and not (post_id and post_id.isdigit()): content.append(protocol.error(_(u"Variable 'post' is not set."))) elif mode == "retrieve": post = blog.get_posts(post_id=int(post_id)) if post: content.append(protocol.success(protocol.format_post(post))) else: content.append(protocol.error(_(u"No id %s." % post_id))) elif mode == "add": if user and blog.has_power(user, VOICE): datas = {"author": user, "date": time()} for k, d in (("title", u"No title"), ("tags", u""), ("content", u"")): datas[k] = get_value(post_datas, k, d) new_id = blog.add_post(Post(**datas)) content.append(protocol.success(unicode(new_id))) else: content.append(protocol.error(_(u"Wrong username/password."))) elif mode == "edit": post_id = get_value(post_datas, "post", "") datas = {"author": user, "date": time(), "id": int(post_id)} for k, d in (("title", u"No title"), ("tags", u""), ("content", u"")): datas[k] = get_value(post_datas, k, d) post = blog.get_posts(post_id=int(post_id)) if post: if user == post["author"] or blog.has_power(user, HOP): blog.edit_post(Post(**datas)) content.append(protocol.success(unicode(datas["id"]))) else: content.append(protocol.error(_(u"You don't have the permission" " to do that."))) else: content.append(protocol.error(_(u"No id %s.")) % post_id) elif mode == "del": post_id = get_value(post_datas, "post", "") post = blog.get_posts(post_id=int(post_id)) if user == post["author"] or blog.has_power(user, HOP): if blog.del_post(post_id): content.append(protocol.error(_(u"(internal)"))) else: content.append(protocol.success()) else: content.append(protocol.error(_(u"You don't have the permission to" " do that."))) else: content.append(protocol.error(_(u"Wrong mode."))) print header print u"\n".join(content).encode("utf-8", "replace")