def add_comment(campaign_id):
name = request.form.get("name")
comment = request.form.get("comment")
#spawn anonymous user
user_obj = users.User()
user_obj.first_name = name;
users.save(user_obj)
id = comments.comment(user_obj, comment, campaign_id, campaigns.Campaign.coll_name())
return "Saved comment: %s" % (str(id))
def commentFun():
if request.method == 'POST':
comments = request.form["comments"]
placeId = request.form["placeId"]
if 'fn' in login_session:
name = login_session['fn'] + " " + login_session['ln']
else:
name = "anon"
newComment = comment(name=name, comment=comments, placeId=placeId)
db.session.add(newComment)
db.session.commit()
return redirect(url_for('gallery'))
def message(id):
if request.method == "GET":
mes = messages.mes_id(id)
list = comments.get_list(id)
count = likes.get_likes_message(id)
blocking = mes["posted_by"]
allow = messages.blockcheck(blocking)
return render_template("message.html", message=mes, comments=list, count=count, allow=allow)
if request.method == "POST":
content = request.form["content"]
if len(content) > 5000:
return render_template("error.html", cause="Your comment has too many characters.")
mes = messages.mes_id(id)
if comments.comment(content, mes):
return redirect("/message/"+str(id))
else:
return render_template("error.html", cause="Your comment was not sent properly.")
def POST(self):
messages = []
success = False
comment_hashcodes = get_comment_hashcodes()
setup()
i = web.input("item_id", "text", by="Anonymous", link="", t=0)
item_id = i.item_id
(item, item_type) = load_item_by_id(item_id)
item_comments = load_comments(item_id, item_type)
new_comment = comments.comment()
new_comment.id = int(comments.get_max_id(item_comments)) + 1
import re, urllib, cgi
text = re.sub("<([^a])", lambda x: "<" + x.group(1), i.text).replace("</a", "</a")
test = text.split("<a")
for j in range(1, len(test)):
item = test[j]
if (
item.find(">") < 0
): # or item.find('>') > item.find('</a') or item.find('</a>') < 0 or item.find('javascript'):
test[j] = "<a" + item
else:
test[j] = "<a" + item
new_comment.text = "".join(test)
new_comment.by = cgi.escape(i.by)
new_comment.link = urllib.parse.quote(i.link)
new_comment.item_id = i.item_id
valid = True
# lame-o spam protection. Probably have to make this more complex later.
rightnow = int(time.time())
if rightnow - int(i.t) > 86400:
valid = False
# disallow blank comments
p = re.compile("\S")
if not p.match(new_comment.text):
valid = False
if valid:
item_comments.append(new_comment)
save_comments(item_id, item_type, item_comments)
comment_hashcodes.append(new_comment.hashcode)
web.setcookie("comments", ",".join([c for c in comment_hashcodes]), expires="")
if options["update_email"]:
SENDMAIL = "/usr/sbin/sendmail" # sendmail location
p = os.popen("%s -t" % SENDMAIL, "w")
p.write("To: " + options["update_email"] + "\n")
p.write("Subject: comment added to " + options["base_url"] + "\n\n")
comment_urladdress = "#item_" + item_id + "_comment_" + str(new_comment.id)
email_text = """
%(submitter)s posted a comment to item "%(item_id)s".
View it here:
%(link)s
or read it below:
%(text)s
""" % {
"submitter": new_comment.by + " " + new_comment.link,
"item_id": item_id,
"link": get_item_url(item_type, item_id) + comment_urladdress,
"text": new_comment.text,
}
p.write(email_text)
sts = p.close()
success = True
web.header("Content-Type", options["json_mime_type"] + "; charset=utf-8")
print(
simplejson.dumps(
{
"success": str(success).lower(),
"new_comment_id": new_comment.id,
"messages": messages,
"comment_html": new_comment.render(),
}
)
)
# a full feed lists all comments, a paragraph feed only comments to # one paragraph sql = "SELECT id, postid, postlink, postername, posteremail, posterurl, commentdate, commenttext FROM pycs_comments WHERE is_spam=0 AND usernum=%d" sqlargs = [usernum] if fullfeed: if fullfeed < 3: sql += " AND commentdate > (NOW() - INTERVAL '14 days')" sql += " ORDER BY commentdate DESC" else: sql += " AND postid=%s" sqlargs.append(formatter.p) #print sql, sqlargs notes = [] for cid, postid, clink, pname, pemail, plink, cdate, ctext in set.pdb.execute(sql, tuple(sqlargs)): notes.append(comments.comment(cid, usernum, postid, pname, plink, pemail, cdate, ctext)) if clink: formatter.link = clink s += formatter.startTable() # Display comment table if notes: for cmtObj in notes: # a fullfeed has to pass in the paragraph to the # formatter, while a paragraph related feed does # not if fullfeed: s += formatter.comment( cmtObj, paragraph=cmtObj.postid, level=fullfeed ) else: s += formatter.comment( cmtObj )
