def index(req,page="README"): # make sure the html fetch operation doesn't timeout too early sess = Session(req) sess.set_timeout(20) sess.save() # use the README page as the course index if page == "index": page = "README" # fetch the markdown text from dropbox link = "%s%s"%(githubRoot,page) #req.write(link) try: if page.endswith('.md') or page == 'README': # this is an HTML page req.content_type = "text/html" # give the page a title req.write("<title>ACCAD 5102</title>") # grab the stylesheet req.write("<style>%s</style>"%urllib2.urlopen("%sscreen.css"%webRoot).read()) response = urllib2.urlopen(link) #req.write(response.read()) req.write(markdown.markdown(response.read(), ['tables'])) else: util.redirect(req, link) except: ## raise ## req.write("error") ## e = sys.exc_info()[0] ## req.write(e) req.write("<br>This page does not exist yet")
def index(req): session = Session(req, lock=False) # output directory for uploaded files used in _upload_limit.py session.lock() session['outdir'] = outdir session.save() session.unlock() return psp.PSP(req, 'test.html', vars={})
def login(req, **params): """ New login attempt. Clean out old session if present, and create new one. """ sess = Session(req) if not sess.is_new(): sess.delete() sess = Session(req) if not sess.is_new(): req.status = apache.HTTP_BAD_REQUEST return 'failed to create new session' if 'u' not in params or 'p' not in params: req.status = apache.HTTP_BAD_REQUEST return 'some parameters were not provided' ret = dict() if params['u'] != 'einstein' or params['p'] != 'fuckbin': ret['success'] = False ret['error'] = 'bad username or password' # note: session is not saved! else: ret['success'] = True # keep some stuff in session... sess['username'] = params['u'] sess['user_id'] = 1 sess.set_timeout(60 * 60 * 24 * 365 * 10) # 10 year sess.save() # grab the user's cookie, and save the seen leaks into the database seen_ranges = urllib.unquote(Cookie.get_cookie(req, '__CJ_seen').value) seen_ranges = json.loads(seen_ranges) values = [[sess['user_id'], i] for seen_range in seen_ranges for i in range(seen_range['start'], seen_range['end'] + 1)] db = Database.get() c = db.cursor() c.executemany( """ replace into user_seen (user_id, leak_id) values (%s, %s) """, values) db.commit() c.close() req.content_type = 'application/json' return json.dumps(ret, ensure_ascii=False)
def login(req, **params): """ New login attempt. Clean out old session if present, and create new one. """ sess = Session(req) if not sess.is_new(): sess.delete() sess = Session(req) if not sess.is_new(): req.status = apache.HTTP_BAD_REQUEST return 'failed to create new session' if 'u' not in params or 'p' not in params: req.status = apache.HTTP_BAD_REQUEST return 'some parameters were not provided' ret = dict() if params['u'] != 'einstein' or params['p'] != 'fuckbin': ret['success'] = False ret['error'] = 'bad username or password' # note: session is not saved! else: ret['success'] = True # keep some stuff in session... sess['username'] = params['u'] sess['user_id'] = 1 sess.set_timeout(60 * 60 * 24 * 365 * 10) # 10 year sess.save() # grab the user's cookie, and save the seen leaks into the database seen_ranges = urllib.unquote(Cookie.get_cookie(req, '__CJ_seen').value) seen_ranges = json.loads(seen_ranges) values = [[sess['user_id'], i] for seen_range in seen_ranges for i in range(seen_range['start'], seen_range['end'] + 1)] db = Database.get() c = db.cursor() c.executemany(""" replace into user_seen (user_id, leak_id) values (%s, %s) """, values) db.commit() c.close() req.content_type = 'application/json' return json.dumps(ret, ensure_ascii=False)
def retrieveSession(self, req): sessionSecret = self.getSessionSecret(req) sessionTimeout = self.getSessionTimeout(req) session = Session(req,secret=sessionSecret,timeout=sessionTimeout) session.save() return session
class session(object): session = None def __init__(self, core): self.request = core.request self.core = core try: self.cookie_name = core.config.apache_options['mod_python.session.cookie_name'] except: self.cookie_name = 'pysid' try: self.pysid = self.core.input.cookie(self.cookie_name) except: self.pysid = None self.core.log_message(1, '------------ Session Handler Initialised') def __init_session(self, pysid): self.session = Session(req=self.request, sid=pysid, lock=self.core.config.settings['session']['lock']) if self.session.is_new(): self.session.set_timeout(self.core.config.settings['session']['timeout']) self.session.save() def start(self): try: self.__init_session(self.pysid) except ValueError: self.__init_session(None) def get_id(self): if self.session == None: self.start() return self.session.id() def set(self, name, value): if self.session == None: self.start() self.session[name] = value self.session.save() def get(self, name = None): if not self.session: self.start() try: if not name: return self.session return self.session[name] except: return None def destroy(self): self.session.invalidate() self.session.delete()