def post(self): nextmove = self.get_request("nextmove","") id=self.get_int_request("commentID",0) email=self.get_request("reply_email","unknown") author=self.get_request("reply_author","unknown") url=self.get_request("reply_url","") content=self.get_request("reply_content","") act=self.get_request("act","") ids=self.get_arguments("ids","") error="0" if act == "delete": if not Comment().removeAllByArray(ids): error="2" if act == 'edit': r=Comment().getByID(id) if r: error="0" if not r.user: r.email=email r.author=author r.url=url r.content=content if r.save() <=0: error="1" else: error="1" self.redirect(self.webroot_url("admin/replies/?error="+error+"&"+nextmove))
def post(self, id): reply_author = self.get_request("reply_author","") reply_email = self.get_request("reply_email","") reply_url = self.get_request("reply_url","") reply = self.get_request("reply_content","") reply_content = pyUtility.reply_purify(reply) crsf = self.get_request("_xsrf","") ip =self.request.remote_ip user_crsf = self.get_cookie("_xsrf","unknown") self.clear_cookie("_xsrf") if crsf != user_crsf or user_crsf =="unknown": self.redirect(self.get_webroot_url()+"topic/show/"+id+"/?error=1") return if id==0 or reply_author=="" or reply_email=="": self.redirect(self.get_webroot_url()+"topic/show/"+id+"/?error=1") return if not pyUtility.isEmail(reply_email): self.redirect(self.get_webroot_url()+"topic/show/"+id+"/?error=1") return if reply_url !="" and not pyUtility.isURL(reply_url): self.redirect(self.get_webroot_url()+"topic/show/"+id+"/?error=1") return # totalComments = Comment().getCountByPostID(id) r=Post().getPostShortInfo(id) if not r: self.redirect(self.get_webroot_url()+"topic/show/"+id+"/?error=2") return if r.comment_status == 'close': self.redirect(self.get_webroot_url()+"topic/show/"+id+"/?error=3") return if 'User-Agent' in self.request.headers: agent = self.request.headers['User-Agent'] else: agent ="unknown" comment = Comment() comment.post_id = id comment.IP = ip comment.author = reply_author comment.content = reply_content comment.email = reply_email comment.agent = agent comment.url = reply_url comment.user_id = self.userID # current Logiin ID, guest id 0 comment.save() self.redirect(self.get_webroot_url()+"topic/show/"+id)