Пример #1
0
	def get(self):
		databaseOperations.connectToDatabase('astrodb')
		news = []
		news.extend(databaseOperations.fetchAllNews(10))#to convert from sqlite3 object to list
		
		#counts the webpage hits
		hitsLib.updateHits('hits.txt')
                        
		#modifyList adds a preview of the news to every new(new[3])
		def modifyList(new):
			path = '../news/' + str(new[0])
			newFile = open(path, 'r+')
			newContent = newFile.read()
			newFile.close()
			finalNew = []
			finalNew.extend(x for x in new[:3])
			finalNew.append(newContent)
			finalNew.extend(x for x in new[3:])
			return finalNew
	
		news = map(modifyList, news)
		
		self.render("../main.html", 
			userName=self.get_secure_cookie("user"), 
			isAdmin=databaseOperations.isAdmin(self.get_secure_cookie("user")),
			news=news)
		databaseOperations.closeConnectionToDatabase()
Пример #2
0
	def post(self):
		if not self.current_user:
			self.redirect("/")
			return
		else:
			username = self.get_secure_cookie("user")
			cpassword = self.get_argument("cpassword", None)
			npassword = self.get_argument("npassword", None)
			rnpassword = self.get_argument("rnpassword", None)

			databaseOperations.connectToDatabase('astrodb')
			errMsg = errorCheck.checkChangePassword(username, cpassword, npassword, rnpassword)
			if errMsg != None:
				databaseOperations.closeConnectionToDatabase()
				self.render("../controlpanel.html", userName=self.get_secure_cookie("user"), errMsg=errMsg)
				return
			hashedcPwd = hashlib.sha512(cpassword).hexdigest()
			hashednPwd = hashlib.sha512(npassword).hexdigest()
			hashedrnPwd = hashlib.sha512(rnpassword).hexdigest()
			try:
				databaseOperations.connectToDatabase('astrodb')
				databaseOperations.changePassword(username, hashednPwd)
				databaseOperations.closeConnectionToDatabase()
				self.render("../controlpanel.html", userName=self.get_secure_cookie("user"), errMsg = "Password successfully changed")
			except:
				self.render("../controlpanel.html", userName=self.get_secure_cookie("user"), errMsg = "Error changing password")
Пример #3
0
	def post(self):
		username = self.get_secure_cookie("user")
		databaseOperations.connectToDatabase('astrodb')
		if not databaseOperations.isAdmin(username) or databaseOperations.isBanned(username) or not databaseOperations.isVerified(username):
			databaseOperations.closeConnectionToDatabase()
			self.redirect("/")		
			return
		title = self.get_argument("title", None)
		code_type = self.get_argument("codeType", None)
		description = self.get_argument("description", None)

		codeFile = self.request.files['codeFile'][0]
		path = "../code/" + str(databaseOperations.getNextCodeID())
		codePath = open(path, "w")
		codePath.write(codeFile['body'])
		
		databaseOperations.insertCode(title, code_type, description)

		userList = []
		userList.extend(databaseOperations.fetchAllUsers())#to convert from sqlite3 object to list
		msgs = []
		msgs.extend(databaseOperations.fetchMsgs(2))#to convert from sqlite3 object to list

		databaseOperations.closeConnectionToDatabase()
		
		#Get hits
		hitsList = hitsLib.readHits('hits.txt')
		hitsList = map(lambda x:x.split(':')[1], hitsList)
		
		self.render("../admin.html", userName=self.get_secure_cookie("user"), userList=userList, hitsList = hitsList, msgs=msgs, errMsg = "Code uploaded succesfully!")
Пример #4
0
	def get(self, content_id):
		databaseOperations.connectToDatabase('astrodb')
		
		if self.current_user:
			sessionUserID = databaseOperations.getIDFromUser(self.get_secure_cookie("user"))[0]
		else:
			sessionUserID = -1
		
		news = databaseOperations.fetchNews(content_id)
		if news:
			path = '../news/' + str(news[0])
			newsFile = open(path, 'r+')
			newsContent = newsFile.read()
			newsFile.close()
		else:
			newsContent = None
		
		self.render("../shownews.html", 
			userName=self.get_secure_cookie("user"),
			news=news,
			newsContent = newsContent,
			sessionUserID = sessionUserID,
			isAdmin=databaseOperations.isAdmin(self.get_secure_cookie("user")),
			commentNum=databaseOperations.fetchCommentNum(content_id), 
			comments=databaseOperations.fetchComments(content_id), 
			contentID=content_id )
		databaseOperations.closeConnectionToDatabase()
Пример #5
0
	def get(self, content_id):
		databaseOperations.connectToDatabase('astrodb')
		
		if self.current_user:
			sessionUserID = databaseOperations.getIDFromUser(self.get_secure_cookie("user"))[0]
		else:
			sessionUserID = -1
		
		code=databaseOperations.fetchCode(content_id)
		if code:
			path = '../code/' + str(code[0])
			codeFile = open(path, 'r+')
			codeContent = codeFile.read()
			codeFile.close()
		else:
			codeContent = None
		
		self.render("../showcode.html", 
			userName=self.get_secure_cookie("user"),
			code=code, 
			codeContent = codeContent, 
			sessionUserID = sessionUserID,
			isAdmin=databaseOperations.isAdmin(self.get_secure_cookie("user")),
			commentNum=databaseOperations.fetchCommentNum(content_id), 
			comments=databaseOperations.fetchComments(content_id), 
			contentID=content_id)
		databaseOperations.closeConnectionToDatabase()
Пример #6
0
	def post(self):
		try:
			unbannedUser = self.get_argument("unbannedUser")
			user = self.get_secure_cookie("user")
			databaseOperations.connectToDatabase('astrodb')
			if not databaseOperations.isAdmin(user):
				self.redirect("/")
				return
			databaseOperations.unban(unbannedUser)
			userList = []
			userList.extend(databaseOperations.fetchAllUsers())#to convert from sqlite3 object to list
			msgs = []
			msgs.extend(databaseOperations.fetchMsgs(2))#to convert from sqlite3 object to list
			
			#Get hits
			hitsList = hitsLib.readHits('hits.txt')
			hitsList = map(lambda x:x.split(':')[1], hitsList)
			
			self.render("../admin.html", userName=user, userList = userList, hitsList = hitsList, msgs=msgs, errMsg = "User " + unbannedUser + " succesfully unbanned")
			databaseOperations.closeConnectionToDatabase()
		except:
			userList = []
			userList.extend(databaseOperations.fetchAllUsers())#to convert from sqlite3 object to list
			msgs = []
			msgs.extend(databaseOperations.fetchMsgs(2))#to convert from sqlite3 object to list
			
			unbannedUser = self.get_argument("unbannedUser")
			self.render("../admin.html", userName=self.get_secure_cookie("user"), userList = userList, msgs=msgs, errMsg = "Error unbanning user " + unbannedUser)
Пример #7
0
	def post(self):
		username = self.get_secure_cookie("user")
		databaseOperations.connectToDatabase('astrodb')
		if not databaseOperations.isAdmin(username) or databaseOperations.isBanned(username) or not databaseOperations.isVerified(username):
			databaseOperations.closeConnectionToDatabase()
			self.redirect("/")
			return
		title = self.get_argument("title", None)
		date = time.strftime("%d %b %G %H:%M", time.localtime(time.time()))

		newsFile = self.request.files['newsFile'][0]
		path = "../news/" + str(databaseOperations.getNextNewsID())
		newsPath = open(path, "w")
		newsPath.write(newsFile['body'])
		
		newsimg = self.request.files['newsimg'][0]
		path = "../imgs/news/" + str(databaseOperations.getNextNewsID()) + ".jpg"
		imgPath = open(path, "w")
		imgPath.write(newsimg['body'])
		
		databaseOperations.insertNews(title, date)

		userList = []
		userList.extend(databaseOperations.fetchAllUsers())#to convert from sqlite3 object to list
		msgs = []
		msgs.extend(databaseOperations.fetchMsgs(2))#to convert from sqlite3 object to list

		databaseOperations.closeConnectionToDatabase()

		#Get hits
		hitsList = hitsLib.readHits('hits.txt')
		hitsList = map(lambda x:x.split(':')[1], hitsList)
		
		self.render("../admin.html", userName=self.get_secure_cookie("user"), userList=userList, hitsList = hitsList, msgs=msgs, errMsg = "News posted succesfully!")
Пример #8
0
	def post(self):
		(name, message) = (self.get_argument("name", None), self.get_argument("message", None))
		date = time.strftime("%d %b %G %H:%M", time.localtime(time.time()))
		ip_address = self.request.remote_ip
		
		errMsg = errorCheck.checkSendMessage(name, message)
		if errMsg != None:
			self.render("../message.html", userName=self.get_secure_cookie("user"), message=errMsg)
			return
		databaseOperations.connectToDatabase('astrodb')
		databaseOperations.insertMessage(name, message, date, ip_address)
		databaseOperations.closeConnectionToDatabase()
		self.render("../message.html", userName=self.get_secure_cookie("user"), message="Message successfully sent")
Пример #9
0
	def post(self):
		(username, password) = (self.get_argument("user", None), self.get_argument("pwd", None))

		#Check for empty fields, wrong login, not verified, banned users
		databaseOperations.connectToDatabase('astrodb')
		errMsg = errorCheck.checkLogin(username, password)
		if errMsg != None:
			databaseOperations.closeConnectionToDatabase()
			self.render("../login.html", userName=self.get_secure_cookie("user"), errMsg=errMsg)
			return
			
		databaseOperations.closeConnectionToDatabase()
		self.set_secure_cookie("user", username)
		self.redirect("/")
Пример #10
0
	def get(self, content_id):
		databaseOperations.connectToDatabase('astrodb')
		
		if self.current_user:
			sessionUserID = databaseOperations.getIDFromUser(self.get_secure_cookie("user"))[0]
		else:
			sessionUserID = -1
		
		self.render("../showart.html", 
			userName=self.get_secure_cookie("user"),
			art=databaseOperations.fetchArt(content_id), 
			sessionUserID = sessionUserID,
			isAdmin=databaseOperations.isAdmin(self.get_secure_cookie("user")),
			commentNum=databaseOperations.fetchCommentNum(content_id), 
			comments=databaseOperations.fetchComments(content_id), 
			contentID=content_id)
		databaseOperations.closeConnectionToDatabase()
Пример #11
0
	def post(self):
		if not self.current_user:
			self.redirect("/")
			return
		else:
			username = self.get_secure_cookie("user")
			email = self.get_argument("email", "notvalid")
			if not errorCheck.checkEmail(email):
				self.render("../controlpanel.html", userName=self.get_secure_cookie("user"), errMsg = "This is not a valid email address")
				return
			try:
				databaseOperations.connectToDatabase('astrodb')
				databaseOperations.changeEmailAddress(username, email)
				databaseOperations.closeConnectionToDatabase()
				self.render("../controlpanel.html", userName=self.get_secure_cookie("user"), errMsg = "Email address successfully changed")
			except:
				self.render("../controlpanel.html", userName=self.get_secure_cookie("user"), errMsg = "Error changing email address")
Пример #12
0
	def get(self):
		databaseOperations.connectToDatabase('astrodb')
		username = self.get_secure_cookie("user")
		if not databaseOperations.isAdmin(username) or databaseOperations.isBanned(username) or not databaseOperations.isVerified(username):
			databaseOperations.closeConnectionToDatabase()
			self.redirect("/")
			return
		else:
			#Get hits
			hitsList = hitsLib.readHits('hits.txt')
			hitsList = map(lambda x:x.split(':')[1], hitsList)
			userList = []
			userList.extend(databaseOperations.fetchAllUsers())#to convert from sqlite3 object to list
			msgs = []
			msgs.extend(databaseOperations.fetchMsgs(2))#to convert from sqlite3 object to list
			databaseOperations.closeConnectionToDatabase()
			self.render("../admin.html", userName=self.get_secure_cookie("user"), userList=userList, hitsList=hitsList, msgs=msgs, errMsg = None)
Пример #13
0
	def get(self, news_id):
		try:
			if not self.current_user:
				self.redirect("/login")
				return
			databaseOperations.connectToDatabase('astrodb')
			if not databaseOperations.isAdmin( self.get_secure_cookie("user") ):
				databaseOperations.closeConnectionToDatabase()
				self.redirect("/")
				return

			databaseOperations.deleteNews(news_id)
	
			databaseOperations.closeConnectionToDatabase()
			self.redirect("/")
			
		except:
			print "Error deleting news with news id", news_id
Пример #14
0
	def post(self):
		try:
			(email, username, password) = (self.get_argument("email", None), self.get_argument("username", None), self.get_argument("password", None))
		
			#Check for empty fields & already existing users
			databaseOperations.connectToDatabase('astrodb')
			errMsg = errorCheck.checkRegister(email, username, password)
			databaseOperations.closeConnectionToDatabase()
			if errMsg != None:
				self.render("../register.html", userName=self.get_secure_cookie("user"), errMsg=errMsg)
				return
				
			hashedPwd = hashlib.sha512(password).hexdigest()
			ip_address = self.request.remote_ip
			databaseOperations.connectToDatabase('astrodb')
			databaseOperations.register(email, username, hashedPwd, ip_address)
			#Create reset code
			chars = string.ascii_lowercase + string.ascii_uppercase + string.digits
			resetCode =  ''.join( random.choice(chars) for r in range(15) )
			databaseOperations.changeResetCode(username, resetCode)
			databaseOperations.closeConnectionToDatabase()
			
			#Construct the verification code
			r = str(random.randint(0,1000))
			verificationCode = hashlib.sha512(username + hashedPwd + r).hexdigest()[:35]
			#Construct the URL and EMAIL CONTENTS
			url = "http://www.astrocamel.com/verify?u=%s&c=%s&r=%s" %(username, verificationCode, r)
		
			to = email
			gmail_user = '******'
			gmail_pwd = 'x'
			smtpserver = smtplib.SMTP("smtp.gmail.com",587)
			smtpserver.ehlo()
			smtpserver.starttls()
			smtpserver.ehlo
			smtpserver.login(gmail_user, gmail_pwd)
			header = 'To:' + to + '\n' + 'From: ' + gmail_user + '\n' + 'Subject:Registration at AstroCamel \n'
			msg = header + "\n You have successfully registers at AstroCamel.com. Visit " + url + " to verify your registration. \n\n"
			smtpserver.sendmail(gmail_user, to, msg)
			smtpserver.close()			
			self.render("../message.html", userName=self.get_secure_cookie("user"), message="Registration complete. Check your email for the verification code. You may need to check your junk mail")
		except:
			self.render("../message.html", userName=self.get_secure_cookie("user"), message="Registration could not be complete due to an error")
Пример #15
0
	def post(self, content_id):
		username = self.get_secure_cookie("user")
		databaseOperations.connectToDatabase('astrodb')
		if not self.current_user or databaseOperations.isBanned(username) or not databaseOperations.isVerified(username):
			self.redirect("/login")
			return
		(comment, user) = (self.get_argument("comment", None), self.current_user)
		date = time.strftime("%d %b %G %H:%M", time.localtime(time.time()))
		user_id = databaseOperations.getIDFromUser(user)[0]
		content_type = databaseOperations.getContentTypeFromID(content_id)[0]
		print content_type
		
		if not comment:
			self.redirect( "/show%s/%s" %(content_type, str(content_id)) )
			return
			
		databaseOperations.insertComment(content_id, user_id, comment, date)
		databaseOperations.closeConnectionToDatabase()
		self.redirect( "/show%s/%s" %(content_type, str(content_id)) )
Пример #16
0
	def post(self):
		try:
			username = self.get_argument("user", None)
		
			#Check for empty field
			if not username:
				self.render("../message.html", userName=self.get_secure_cookie("user"), message="Username was left blank")			
				return
				
			databaseOperations.connectToDatabase('astrodb')
			email = databaseOperations.getEmailFromUsername(username)
			
			if not email:
				self.render("../message.html", userName=self.get_secure_cookie("user"), message="Cannot reset password for this user")
				return
			else:
				email = email[0]
				
			#Create reset code
			chars = string.ascii_lowercase + string.ascii_uppercase + string.digits
			resetCode =  ''.join( random.choice(chars) for r in range(15) )
			databaseOperations.changeResetCode(username, resetCode)
			databaseOperations.closeConnectionToDatabase()
		
			#Construct the URL
			url = "http://www.astrocamel.com/resetpassword?u=%s&c=%s" %(username, resetCode)

			to = email
			gmail_user = '******'
			gmail_pwd = 'x'
			smtpserver = smtplib.SMTP("smtp.gmail.com",587)
			smtpserver.ehlo()
			smtpserver.starttls()
			smtpserver.ehlo
			smtpserver.login(gmail_user, gmail_pwd)
			header = 'To:' + to + '\n' + 'From: ' + gmail_user + '\n' + 'Subject:Lost Password - AstroCamel \n'
			msg = header + "\n You have requested a password reset. Please follow the link: " + url + " to reset your password. \n\n"
			smtpserver.sendmail(gmail_user, to, msg)
			smtpserver.close()
			self.render("../message.html", userName=self.get_secure_cookie("user"), message="An email has been sent to your address with further instructions on how to reset your password. You may need to check your junk mail")
		except:
			self.render("../message.html", userName=self.get_secure_cookie("user"), message="Cannot reset password for this user")
Пример #17
0
	def get(self):
		u = str(self.get_argument("u", None))
		c = str(self.get_argument("c", None))
		r = str(self.get_argument("r", None))
		
		databaseOperations.connectToDatabase('astrodb')
		verified = databaseOperations.isVerified(u)
		databaseOperations.closeConnectionToDatabase()
		if verified:
			self.render("../message.html", userName=self.get_secure_cookie("user"), message=u + " is already verified")
			return
		try:
			databaseOperations.connectToDatabase('astrodb')
			password = databaseOperations.getPasswordFromUser(u)[0]
			databaseOperations.closeConnectionToDatabase()
		except:
			self.render("../message.html", userName=self.get_secure_cookie("user"), message="Could not validate username " + u)
			return
		
		correctValidationCode = hashlib.sha512(u + password + r).hexdigest()[:35]

		if c == correctValidationCode:
			databaseOperations.connectToDatabase('astrodb')
			databaseOperations.verify(u)
			databaseOperations.closeConnectionToDatabase()
			message="Verification complete. You can now log in"
		else:
			message="Could not validate username" + u
		
		self.render("../message.html", userName=self.get_secure_cookie("user"), message=message)
Пример #18
0
	def get(self, comment_id):
		try:
			if not self.current_user:
				self.redirect("/login")
				return
				
			databaseOperations.connectToDatabase('astrodb')
			
			content_id = databaseOperations.getContentIDFromCommentID(comment_id)[0]
			content_type = databaseOperations.getContentTypeFromID(content_id)[0]
			contentPath = "/show%s/%s" %(content_type, str(content_id))
			user = databaseOperations.getUserFromCommentID(comment_id)[0]

			if user == self.get_secure_cookie("user") or databaseOperations.isAdmin(self.get_secure_cookie("user")):
			#if user is the author of the comment, or if admin
				databaseOperations.deleteComment(comment_id)
	
			databaseOperations.closeConnectionToDatabase()
			self.redirect( contentPath )
			
		except:
			print "Error deleting comment with comment id", comment_id
Пример #19
0
	def post(self):
		username = self.get_secure_cookie("user")
		databaseOperations.connectToDatabase('astrodb')
		if not databaseOperations.isAdmin(username) or databaseOperations.isBanned(username) or not databaseOperations.isVerified(username):
			databaseOperations.closeConnectionToDatabase()
			self.redirect("/")		
			return
		description = self.get_argument("description", None)
		nextArtID = str(databaseOperations.getNextArtID())
		#upload gfx
		gfxFile = self.request.files['gfxFile'][0]
		path = "../imgs/art/gfx/" + nextArtID + ".jpg"
		gfxPath = open(path, "w")
		gfxPath.write(gfxFile['body'])
		
		#resize gfx and put in directory
		size = 250, 80
		bigImage = Image.open(path)
		try:
			bigImage.load()
		except:
			bigImage = bigImage.rotate(30)
		bigImage.save("../imgs/art/" + nextArtID + "small.jpg", "JPEG")
		
		#insert gfx into db
		databaseOperations.insertGfx(description)

		userList = []
		userList.extend(databaseOperations.fetchAllUsers())#to convert from sqlite3 object to list
		msgs = []
		msgs.extend(databaseOperations.fetchMsgs(2))#to convert from sqlite3 object to list

		databaseOperations.closeConnectionToDatabase()

		#Get hits
		hitsList = hitsLib.readHits('hits.txt')
		hitsList = map(lambda x:x.split(':')[1], hitsList)
			
		self.render("../admin.html", userName=self.get_secure_cookie("user"), userList=userList, hitsList = hitsList, msgs=msgs, errMsg = "GFX uploaded succesfully!")
Пример #20
0
	def get(self):
		#try:
		u = self.get_argument("u", None)
		c = self.get_argument("c", None)
	
		databaseOperations.connectToDatabase('astrodb')
		resetCode = databaseOperations.getResetCodeFromUsername(u)
		
		if not resetCode:
			self.render("../message.html", userName=self.get_secure_cookie("user"), message="Cannot reset password for this user")			
			return
		else:
			resetCode = resetCode[0]
			
		#Reset code
		if resetCode == c:
			hashedPwd = hashlib.sha512(u).hexdigest()
			databaseOperations.ResetPassword(u, hashedPwd)
			databaseOperations.closeConnectionToDatabase()
			self.render("../message.html", userName=self.get_secure_cookie("user"), message="Your password has been reset to: %s" %u)
			return
		else:
			databaseOperations.closeConnectionToDatabase()
			self.render("../message.html", userName=self.get_secure_cookie("user"), message="Cannot reset password for this user")
Пример #21
0
	def get(self, art_id):
		databaseOperations.connectToDatabase('astrodb')
		content_id = databaseOperations.getContentIDFromArtID(art_id)
		databaseOperations.closeConnectionToDatabase()
		self.render("../website.html", userName=self.get_secure_cookie("user"), art_id=art_id, content_id=content_id[0])
Пример #22
0
	def get(self):
		databaseOperations.connectToDatabase('astrodb')
		self.render("../gallery.html", userName=self.get_secure_cookie("user"), gfxs=databaseOperations.fetchGfxs(2), webs=databaseOperations.fetchWebs(2))
		databaseOperations.closeConnectionToDatabase()
Пример #23
0
	def get(self):
		databaseOperations.connectToDatabase('astrodb')
		self.render("../code.html", userName=self.get_secure_cookie("user"), codes=databaseOperations.fetchCodes(2))
		databaseOperations.closeConnectionToDatabase()