def upload_file(request):
"""Reads a file from POST data and stores it in the db.
Args:
request: The request object
Returns:
A http redirect to the edit form for the parent page
"""
if not request.POST or not 'page_id' in request.POST:
return utility.page_not_found(request)
page_id = request.POST['page_id']
page = models.Page.get_by_id(int(page_id))
if not page:
logging.warning('admin.upload_file was passed an invalid page id %r',
page_id)
return utility.page_not_found(request)
if not page.user_can_write(request.profile):
return utility.forbidden(request)
file_data = None
file_name = None
url = None
if request.FILES and 'attachment' in request.FILES:
file_name = request.FILES['attachment']['filename']
file_data = request.FILES['attachment']['content']
elif 'url' in request.POST:
url = request.POST['url']
file_name = url.split('/')[-1]
else:
return utility.page_not_found(request)
if not url and not file_name:
url = 'invalid URL'
if url:
try:
validators.isValidURL(url, None)
except validators.ValidationError, excption:
return utility.page_not_found(request, excption.messages[0])
def isValidURL(self, field_data, all_data):
try:
validators.isValidURL(field_data, all_data)
except validators.ValidationError as e:
raise validators.CriticalValidationError(e.messages)
def isBadwareURL(field_data, all_data):
import urllib2
try:
try:
validators.isValidURL(field_data,all_data)
except validators.ValidationError:
raise validators.ValidationError(_("A valid URL is required."))
req = urllib2.Request("http://thejaswi.info/badware_check/"
"?badware_url=%s" %(field_data),
None,
{"User-Agent":settings.URL_VALIDATOR_USER_AGENT})
u = urllib2.urlopen(req)
output = u.read().strip()
if output == "None":
return
elif output == "M":
raise validators.ValidationError(_("""For Malware Detection:"""
"""\n-----------------------\n"""
"""This page appears to contain """
"""malicious code that could be """
"""downloaded to your computer """
"""without your consent. """
"""You can learn more about """
"""harmful web content including """
"""viruses and other malicious """
"""code and how to protect your """
"""computer at StopBadware.org.\n\n"""
"""Advisory Provided by Google: """
"""Check """
"""http://code.google.com/support"""
"""/bin/answer.py?answer=70015\n"""
"""------------------------------"""
"""------------------------------"""
"""---------------------------------"""
"""\nGoogle works to provide the most """
"""accurate and up-to-date phishing """
"""and malware information.However, """
"""it cannot guarantee that its """
"""information is comprehensive and """
"""error-free: some risky sites may """
"""not be identified, and some safe """
"""sites may be identified in error."""))
else:
raise validators.ValidationError(_("""For Blacklist Detection:\n-------"""
"""------------------\nThis page may """
"""be a forgery or imitation of another """
"""website, designed to trick users """
"""into sharing personal or financial """
"""information. Entering any personal """
"""information on this page may result """
"""in identity theft or other abuse. """
"""You can find out more about phishing """
"""from www.antiphishing.org.\n\nAdvisory """
"""Provided by Google: Check http://code."""
"""google.com/support/bin/answer.py?answer"""
"""=70015\n-------------------------------"""
"""---------------------------------------"""
"""-----------------------\nGoogle works """
"""to provide the most accurate and up-to-"""
"""date phishing and malware information."""
"""However, it cannot guarantee that its """
"""information is comprehensive and error-"""
"""free: some risky sites may not be """
"""identified, and some safe sites may """
"""be identified in error."""))
except urllib2.URLError:
return -1
def isValidURL(self, field_data, all_data):
try:
validators.isValidURL(field_data, all_data)
except validators.ValidationError, e:
raise validators.CriticalValidationError, e.messages
def isBadwareURL(field_data, all_data):
import urllib2
try:
try:
validators.isValidURL(field_data, all_data)
except validators.ValidationError:
raise validators.ValidationError(_("A valid URL is required."))
req = urllib2.Request(
"http://thejaswi.info/badware_check/"
"?badware_url=%s" % (field_data), None,
{"User-Agent": settings.URL_VALIDATOR_USER_AGENT})
u = urllib2.urlopen(req)
output = u.read().strip()
if output == "None":
return
elif output == "M":
raise validators.ValidationError(
_("""For Malware Detection:"""
"""\n-----------------------\n"""
"""This page appears to contain """
"""malicious code that could be """
"""downloaded to your computer """
"""without your consent. """
"""You can learn more about """
"""harmful web content including """
"""viruses and other malicious """
"""code and how to protect your """
"""computer at StopBadware.org.\n\n"""
"""Advisory Provided by Google: """
"""Check """
"""http://code.google.com/support"""
"""/bin/answer.py?answer=70015\n"""
"""------------------------------"""
"""------------------------------"""
"""---------------------------------"""
"""\nGoogle works to provide the most """
"""accurate and up-to-date phishing """
"""and malware information.However, """
"""it cannot guarantee that its """
"""information is comprehensive and """
"""error-free: some risky sites may """
"""not be identified, and some safe """
"""sites may be identified in error."""))
else:
raise validators.ValidationError(
_("""For Blacklist Detection:\n-------"""
"""------------------\nThis page may """
"""be a forgery or imitation of another """
"""website, designed to trick users """
"""into sharing personal or financial """
"""information. Entering any personal """
"""information on this page may result """
"""in identity theft or other abuse. """
"""You can find out more about phishing """
"""from www.antiphishing.org.\n\nAdvisory """
"""Provided by Google: Check http://code."""
"""google.com/support/bin/answer.py?answer"""
"""=70015\n-------------------------------"""
"""---------------------------------------"""
"""-----------------------\nGoogle works """
"""to provide the most accurate and up-to-"""
"""date phishing and malware information."""
"""However, it cannot guarantee that its """
"""information is comprehensive and error-"""
"""free: some risky sites may not be """
"""identified, and some safe sites may """
"""be identified in error."""))
except urllib2.URLError:
return -1
