def get(self, randomID): util.insertUsersideCookies(self) randomID = randomID.replace("/", "") sketch = Sketch.get_by_randomID(randomID) # this big blot inserted by Davide Della Casa self.session = True user = UserInfo() user.whoIs(self) sketch.sourceCodeForTextArea = sourcecode_for_text_area( sketch.sourceCode) sketch.blogdate = "" sketch.entrytype = "" sketch.status = "published" sketch.author_email = user.email sketch.author_user_id = user.user_id if user.user: sketch.author_nickname = user.nickname else: sketch.author_nickname = "anonymous" # this big blot inserted by Davide Della Casa template_values = { 'sketch': sketch, 'action': "copyBlog", 'published': sketch.published, 'headerTitle': "Copy sketch", } self.generate('newSketchTemplate.html', template_values)
def get(self, randomID): util.insertUsersideCookies(self) randomID = randomID.replace("/", "") sketch = Sketch.get_by_randomID(randomID) # this big blot inserted by Davide Della Casa self.session = True user = UserInfo() user.whoIs(self) sketch.sourceCodeForTextArea = sourcecode_for_text_area( sketch.sourceCode) if ((sketch.author_user_id == user.user_id) or (user.is_current_user_admin)): template_values = { 'sketch': sketch, 'published': sketch.published, 'action': "editBlog", 'headerTitle': "Edit sketch", } self.generate(self.template_path, template_values) else: if self.request.method == 'GET': self.redirect("/403.html") else: self.error(403) # User didn't meet role.
def get(self,randomID): util.insertUsersideCookies(self) randomID = randomID.replace("/","") sketch = Sketch.get_by_randomID(randomID) # this big blot inserted by Davide Della Casa self.session = True user = UserInfo() user.whoIs(self) sketch.sourceCodeForTextArea = sourcecode_for_text_area(sketch.sourceCode) if ((sketch.author_user_id == user.user_id) or (user.is_current_user_admin)): template_values = { 'sketch': sketch, 'published': sketch.published, 'action': "editBlog", 'headerTitle':"Edit sketch", } self.generate(self.template_path,template_values) else: if self.request.method == 'GET': self.redirect("/403.html") else: self.error(403) # User didn't meet role.
def get(self,randomID): util.insertUsersideCookies(self) randomID = randomID.replace("/","") sketch = Sketch.get_by_randomID(randomID) # this big blot inserted by Davide Della Casa self.session = True user = UserInfo() user.whoIs(self) sketch.sourceCodeForTextArea = sourcecode_for_text_area(sketch.sourceCode) sketch.blogdate = ""; sketch.entrytype=""; sketch.status="published"; sketch.author_email = user.email sketch.author_user_id = user.user_id if user.user: sketch.author_nickname = user.nickname else: sketch.author_nickname = "anonymous" # this big blot inserted by Davide Della Casa template_values = { 'sketch': sketch, 'action': "copyBlog", 'published': sketch.published, 'headerTitle':"Copy sketch", } self.generate('newSketchTemplate.html',template_values)
def get(self,randomID): randomID = randomID.replace("/","") sketch = Sketch.get_by_randomID(randomID) if sketch is None: self.redirect("/403.html") # this big blot inserted by Davide Della Casa self.session = True user = UserInfo() user.whoIs(self) if ((sketch.author_user_id == user.user_id) or (user.is_current_user_admin)): q0 = db.GqlQuery("SELECT * FROM MySketchesSketch WHERE randomID = :1", randomID).fetch(1) q1 = db.GqlQuery("SELECT * FROM AuthorSketchesSketch WHERE randomID = :1", randomID).fetch(1) logging.info('key stuff: '+ str(sketch.key())) logging.info('key stuff: '+ sketch.key().name()) q2 = GallerySketch.get_by_key_name(sketch.key().name()) DeletedSketch(key_name = 'sketchRandomID'+randomID).put() if(q0) : q0[0].delete() if(q1) : q1[0].delete() if(q2) : q2.delete() if(sketch): sketch.delete() # deletion of comments is missing self.redirect('/mySketches') else: if self.request.method == 'GET': self.redirect("/403.html") else: self.error(403) # User didn't meet role.
def get(self, randomID): randomID = randomID.replace("/", "") sketch = Sketch.get_by_randomID(randomID) if sketch is None: self.redirect("/403.html") # this big blot inserted by Davide Della Casa self.session = True user = UserInfo() user.whoIs(self) if ((sketch.author_user_id == user.user_id) or (user.is_current_user_admin)): q0 = db.GqlQuery( "SELECT * FROM MySketchesSketch WHERE randomID = :1", randomID).fetch(1) q1 = db.GqlQuery( "SELECT * FROM AuthorSketchesSketch WHERE randomID = :1", randomID).fetch(1) logging.info('key stuff: ' + str(sketch.key())) logging.info('key stuff: ' + sketch.key().name()) q2 = GallerySketch.get_by_key_name(sketch.key().name()) DeletedSketch(key_name='sketchRandomID' + randomID).put() if (q0): q0[0].delete() if (q1): q1[0].delete() if (q2): q2.delete() if (sketch): sketch.delete() # deletion of comments is missing self.redirect('/mySketches') else: if self.request.method == 'GET': self.redirect("/403.html") else: self.error(403) # User didn't meet role.
def post(self, randomID): logging.info('editing the sketch') randomID = randomID.replace("/", "") sketch = Sketch.get_by_randomID(randomID) # this big blot inserted by Davide Della Casa self.session = True user = UserInfo() user.whoIs(self) if ((sketch.author_user_id == user.user_id) or (user.is_current_user_admin)): if (sketch is None): self.redirect('/index.html') ################################################################################ ################################################################################ # and now for some serious tiptapping. On top of the sketch table, there are other # tables to change. # first, if the published flag changes, then the entries in the gallery and in the by_author # table need to either be inserted or be deleted # that said, also if the title or the tags change, then you need to modify the entries # in all the three tables (unless you just deleted or added them) AuthorSketchesSketch_add = False AuthorSketchesSketch_change = False AuthorSketchesSketch_delete = False GallerySketch_add = False GallerySketch_change = False GallerySketch_delete = False if 'published' in self.request.arguments(): logging.info( 'editing a sketch and the published field has been sent') # check if the edited sketch has become suspicious sketch_title = self.request.get('title_input') sketch_tags_commas = self.request.get('tags') suspiciousContent = False if is_suspicious(sketch_title, sketch_tags_commas): suspiciousContent = True if util.doesItContainProfanity(sketch_title): suspiciousContent = True logging.info('this sketch is dirrrrrrrty') # Anonymous users can't create unpublished sketches, # so we override the flag of the form if the case if suspiciousContent == True: logging.info( 'forcing the sketch to unpublishing because it is so dirty' ) shouldItBePublished = False elif user.user: shouldItBePublished = ('published' in self.request.arguments()) else: shouldItBePublished = True # first, check if the title or the tags changed # if so, then you modify the MySketchesSketch table right away # and you mark the AuthorSketchesSketch and the GallerySketch table as # *potentially* to be modified ( *potentially* because you might have to just add those # entries anew or delete them, depending on whether the published flag has changed) if ((sketch.title != sketch_title) or (sketch.tags_commas != self.request.get('tags'))): q0 = db.GqlQuery( "SELECT * FROM MySketchesSketch WHERE randomID = :1", randomID).fetch(1) q0[0].title = sketch_title q0[0].tags_commas = self.request.get('tags') q0[0].published = (shouldItBePublished) q0[0].put() # AuthorSketchesSketch_change = True GallerySketch_change = True # now you check how the published flag changes to see if the entries # in the other two tables need to be added or deleted if ((sketch.published == True) and (shouldItBePublished == False)): logging.info('unpublishing a sketch') AuthorSketchesSketch_delete = True GallerySketch_delete = True if ((sketch.published == False) and (shouldItBePublished == True)): logging.info('making a sketch public') AuthorSketchesSketch_add = True GallerySketch_add = True # if you have to add, add, and set the "change" flag to false so that # you don't blindly change this record soon after you've added it if AuthorSketchesSketch_add: authorSketchesSketch = AuthorSketchesSketch( key_name='-%023d' % int(user.user_id) + sketch.key().name()) authorSketchesSketch.title = self.request.get('title_input') authorSketchesSketch.published = shouldItBePublished authorSketchesSketch.randomID = sketch.randomID authorSketchesSketch.tags_commas = self.request.get('tags') authorSketchesSketch.put() AuthorSketchesSketch_change = False if GallerySketch_add: gallerySketch = GallerySketch(key_name=sketch.key().name()) if user.user: gallerySketch.author_nickname = user.nickname else: gallerySketch.author_nickname = "anonymous" gallerySketch.title = self.request.get('title_input') gallerySketch.published = shouldItBePublished gallerySketch.randomID = sketch.randomID gallerySketch.tags_commas = self.request.get('tags') gallerySketch.put() GallerySketch_change = False # if you have to delete, delete, and set the "change" flag to false so that # you don't blindly change those entries soon after you've added if AuthorSketchesSketch_delete: q1 = db.GqlQuery( "SELECT * FROM AuthorSketchesSketch WHERE randomID = :1", randomID).fetch(1) q1[0].delete() AuthorSketchesSketch_change = False if GallerySketch_delete: q2 = GallerySketch.get_by_key_name(sketch.key().name()) q2.delete() GallerySketch_change = False # any change to the AuthorSketches or GallerySketch tables only happens if the sketch is public, # cause otherwise those two sketch records aren't just going to be there in the first place! if (sketch.published): # ok now check the "change" flags. If they are still on, it means that the title or # tag have changed, and the published flag hasn't changed (so it's not like you just # added or deleted the records), so you have to effectively # go and fish the records out of the database and change them if AuthorSketchesSketch_change: # need to fetch the other tables (gallery, my page and by author) and change them q3 = db.GqlQuery( "SELECT * FROM AuthorSketchesSketch WHERE randomID = :1", randomID).fetch(1) q3[0].title = self.request.get('title_input') q3[0].tags_commas = self.request.get('tags') q3[0].put() if GallerySketch_change: q4 = GallerySketch.get_by_key_name(sketch.key().name()) q4.title = self.request.get('title_input') q4.tags_commas = self.request.get('tags') q4.put() ################################################################################ ################################################################################ sketch.set_title(self.request.get('title_input')) sketch.description = util.Sanitize(self.request.get('text_input')) sketch.published = (shouldItBePublished) sketch.sourceCode = self.request.get( 'text_input2').rstrip().lstrip() sketch.sourceCode = sketch.sourceCode.replace('&', '&') sketch.sourceCode = sketch.sourceCode.replace('<', '<') sketch.sourceCode = sketch.sourceCode.replace(' ', ' ') sketch.sourceCode = sketch.sourceCode.replace('\r\n', '<br>') sketch.sourceCode = sketch.sourceCode.replace('\n', '<br>') sketch.sourceCode = sketch.sourceCode.replace('\r', '<br>') sketch.sourceCode = sketch.sourceCode.replace( '\t', ' ') sketch.sourceCode = sketch.sourceCode.replace('"', '"') sketch.sourceCode = sketch.sourceCode.replace("'", ''') sketch.tags_commas = self.request.get('tags') sketch.update() ## now, finally, this uploads the thumbnail thumbnailData = self.request.get('thumbnailData') #logging.info('thumbnail data: ' + thumbnailData) if thumbnailData != "": logging.info( 'thumbnail data not empty - adding/overwriting thumbnail') thumbnailUploaderObject = thumbnailUploaderClass() thumbnailUploaderObject.doTheUpload(sketch.randomID, thumbnailData) else: logging.info('no thumbnail data') # note that we don't tell anonymous users what happened - this is to make # bots' life a tiny little bit more complicated if user.user and suspiciousContent and ( 'published' in self.request.arguments()): self.redirect("/sketchNotMadePublicNotice.html?sketchID=" + sketch.randomID) else: self.redirect(sketch.full_permalink()) else: if self.request.method == 'GET': self.redirect("/403.html") else: self.error(403) # User didn't meet role.
def post(self,randomID): logging.info('editing the sketch') randomID = randomID.replace("/","") sketch = Sketch.get_by_randomID(randomID) # this big blot inserted by Davide Della Casa self.session = True user = UserInfo() user.whoIs(self) if ((sketch.author_user_id == user.user_id) or (user.is_current_user_admin)): if(sketch is None): self.redirect('/index.html') ################################################################################ ################################################################################ # and now for some serious tiptapping. On top of the sketch table, there are other # tables to change. # first, if the published flag changes, then the entries in the gallery and in the by_author # table need to either be inserted or be deleted # that said, also if the title or the tags change, then you need to modify the entries # in all the three tables (unless you just deleted or added them) AuthorSketchesSketch_add = False AuthorSketchesSketch_change = False AuthorSketchesSketch_delete = False GallerySketch_add = False GallerySketch_change = False GallerySketch_delete = False if 'published' in self.request.arguments(): logging.info('editing a sketch and the published field has been sent') # check if the edited sketch has become suspicious sketch_title = self.request.get('title_input') sketch_tags_commas = self.request.get('tags') suspiciousContent = False if is_suspicious(sketch_title,sketch_tags_commas): suspiciousContent = True if util.doesItContainProfanity(sketch_title): suspiciousContent = True logging.info('this sketch is dirrrrrrrty') # Anonymous users can't create unpublished sketches, # so we override the flag of the form if the case if suspiciousContent == True: logging.info('forcing the sketch to unpublishing because it is so dirty') shouldItBePublished = False elif user.user: shouldItBePublished = ('published' in self.request.arguments()) else: shouldItBePublished = True # first, check if the title or the tags changed # if so, then you modify the MySketchesSketch table right away # and you mark the AuthorSketchesSketch and the GallerySketch table as # *potentially* to be modified ( *potentially* because you might have to just add those # entries anew or delete them, depending on whether the published flag has changed) if ((sketch.title != sketch_title) or (sketch.tags_commas != self.request.get('tags'))): q0 = db.GqlQuery("SELECT * FROM MySketchesSketch WHERE randomID = :1", randomID).fetch(1) q0[0].title = sketch_title q0[0].tags_commas = self.request.get('tags') q0[0].published = (shouldItBePublished) q0[0].put() # AuthorSketchesSketch_change = True GallerySketch_change = True # now you check how the published flag changes to see if the entries # in the other two tables need to be added or deleted if ((sketch.published == True) and (shouldItBePublished==False)): logging.info('unpublishing a sketch') AuthorSketchesSketch_delete = True GallerySketch_delete = True if ((sketch.published == False) and (shouldItBePublished==True)): logging.info('making a sketch public') AuthorSketchesSketch_add = True GallerySketch_add = True # if you have to add, add, and set the "change" flag to false so that # you don't blindly change this record soon after you've added it if AuthorSketchesSketch_add : authorSketchesSketch = AuthorSketchesSketch(key_name = '-%023d' % int(user.user_id) + sketch.key().name()) authorSketchesSketch.title = self.request.get('title_input') authorSketchesSketch.published = shouldItBePublished authorSketchesSketch.randomID = sketch.randomID authorSketchesSketch.tags_commas = self.request.get('tags') authorSketchesSketch.put() AuthorSketchesSketch_change = False if GallerySketch_add : gallerySketch = GallerySketch(key_name = sketch.key().name()) if user.user: gallerySketch.author_nickname = user.nickname else: gallerySketch.author_nickname = "anonymous" gallerySketch.title = self.request.get('title_input') gallerySketch.published = shouldItBePublished gallerySketch.randomID = sketch.randomID gallerySketch.tags_commas = self.request.get('tags') gallerySketch.put() GallerySketch_change = False # if you have to delete, delete, and set the "change" flag to false so that # you don't blindly change those entries soon after you've added if AuthorSketchesSketch_delete : q1 = db.GqlQuery("SELECT * FROM AuthorSketchesSketch WHERE randomID = :1", randomID).fetch(1) q1[0].delete() AuthorSketchesSketch_change = False if GallerySketch_delete : q2 = GallerySketch.get_by_key_name(sketch.key().name()) q2.delete() GallerySketch_change = False # any change to the AuthorSketches or GallerySketch tables only happens if the sketch is public, # cause otherwise those two sketch records aren't just going to be there in the first place! if (sketch.published) : # ok now check the "change" flags. If they are still on, it means that the title or # tag have changed, and the published flag hasn't changed (so it's not like you just # added or deleted the records), so you have to effectively # go and fish the records out of the database and change them if AuthorSketchesSketch_change : # need to fetch the other tables (gallery, my page and by author) and change them q3 = db.GqlQuery("SELECT * FROM AuthorSketchesSketch WHERE randomID = :1", randomID).fetch(1) q3[0].title = self.request.get('title_input') q3[0].tags_commas = self.request.get('tags') q3[0].put() if GallerySketch_change : q4 = GallerySketch.get_by_key_name(sketch.key().name()) q4.title = self.request.get('title_input') q4.tags_commas = self.request.get('tags') q4.put() ################################################################################ ################################################################################ sketch.set_title(self.request.get('title_input')) sketch.description = util.Sanitize(self.request.get('text_input')) sketch.published = (shouldItBePublished) sketch.sourceCode = self.request.get('text_input2').rstrip().lstrip() sketch.sourceCode = sketch.sourceCode.replace('&','&') sketch.sourceCode = sketch.sourceCode.replace('<','<') sketch.sourceCode = sketch.sourceCode.replace(' ',' ') sketch.sourceCode = sketch.sourceCode.replace('\r\n','<br>') sketch.sourceCode = sketch.sourceCode.replace('\n','<br>') sketch.sourceCode = sketch.sourceCode.replace('\r','<br>') sketch.sourceCode = sketch.sourceCode.replace('\t',' ') sketch.sourceCode = sketch.sourceCode.replace('"','"') sketch.sourceCode = sketch.sourceCode.replace("'", ''') sketch.tags_commas = self.request.get('tags') sketch.update() ## now, finally, this uploads the thumbnail thumbnailData = self.request.get('thumbnailData') #logging.info('thumbnail data: ' + thumbnailData) if thumbnailData != "": logging.info('thumbnail data not empty - adding/overwriting thumbnail') thumbnailUploaderObject = thumbnailUploaderClass() thumbnailUploaderObject.doTheUpload(sketch.randomID,thumbnailData) else: logging.info('no thumbnail data') # note that we don't tell anonymous users what happened - this is to make # bots' life a tiny little bit more complicated if user.user and suspiciousContent and ('published' in self.request.arguments()): self.redirect("/sketchNotMadePublicNotice.html?sketchID="+sketch.randomID) else: self.redirect(sketch.full_permalink()) else: if self.request.method == 'GET': self.redirect("/403.html") else: self.error(403) # User didn't meet role.
def post(self): self.session = True user = UserInfo() user.whoIs(self) if 'published' in self.request.arguments(): logging.info('adding a sketch and the published field has been sent') preview = self.request.get('preview') submitted = self.request.get('submitted') published = ('published' in self.request.arguments()) theKey = Sketch.generateKey() sketch = Sketch(key_name = theKey) sketch.sourceCode = self.request.get('text_input2').rstrip().lstrip() sketch.description = util.Sanitize(self.request.get('text_input')) # minimal protection against spammers, redirect to root if the program contains too many urls #logging.info('occurrences of http ' + str(sketch.sourceCode.count("http"))) sketch_sourceCode_count_http = sketch.sourceCode.count("http://") sketch_sourceCode_count_url_http = sketch.sourceCode.count("[url=http://") sketch_description_count_http = sketch.description.count("http://") if sketch_sourceCode_count_http > 10: self.redirect("/") return if sketch_sourceCode_count_url_http > 0: self.redirect("/") return if sketch_description_count_http > 7: self.redirect("/") return if sketch_description_count_http + sketch_sourceCode_count_http > 12: self.redirect("/") return sketch_title = self.request.get('title_input') # now let's check in some other ways if the content is suspicious suspiciousContent = False sketch_title = self.request.get('title_input') sketch_tags_commas = self.request.get('tags') suspiciousContent = False if is_suspicious(sketch_title,sketch_tags_commas): suspiciousContent = True if any(util.doesItContainProfanity(text)\ for text in(sketch_title, sketch.sourceCode, sketch.description) ): suspiciousContent = True gallerySketch = GallerySketch(key_name = theKey) # the gallery must be ordered by time, most recent first if user.user: #authorSketchesSketch = AuthorSketchesSketch(key_name = "-"+util.convDecToBase(string._long(user.user_id),62) + theKey) #mySketchesSketch = MySketchesSketch(key_name = "-"+util.convDecToBase(string._long(user.user_id),62) + theKey) user_id_in_fixed_digits = '-%023d' % (int(user.user_id)) authorSketchesSketch = AuthorSketchesSketch(key_name = user_id_in_fixed_digits + theKey) mySketchesSketch = MySketchesSketch(key_name = user_id_in_fixed_digits + theKey) authorSketchesSketch.user_id_string = util.convDecToBase(string._long(user.user_id),62) mySketchesSketch.user_id_string = util.convDecToBase(string._long(user.user_id),62) else: authorSketchesSketch = AuthorSketchesSketch(key_name = '-%023d' % (0) + theKey) mySketchesSketch = MySketchesSketch(key_name = '-%023d' % (0) + theKey) authorSketchesSketch.user_id_string = "anonymous" mySketchesSketch.user_id_string = "anonymous" # propagate the "suspicious" flag in all the records that we are adding sketch.suspiciousContent = suspiciousContent gallerySketch.suspiciousContent = suspiciousContent authorSketchesSketch.suspiciousContent = suspiciousContent mySketchesSketch.suspiciousContent = suspiciousContent sketch.set_title(sketch_title) gallerySketch.title = sketch.title authorSketchesSketch.title = sketch.title mySketchesSketch.title = sketch.title if suspiciousContent == True: sketch.published = False authorSketchesSketch.published = False mySketchesSketch.published = False elif user.user: sketch.published = published authorSketchesSketch.published = published mySketchesSketch.published = published else: sketch.published = True authorSketchesSketch.published = True mySketchesSketch.published = True sketch.sourceCode = clean_sourcecode(sketch.sourceCode) #sketch.author_user = user.user sketch.author_email = user.email sketch.author_user_id = user.user_id if user.user: sketch.author_string_user_id = util.convDecToBase(string._long(user.user_id),62) sketch.author_nickname = user.nickname else: sketch.author_string_user_id = "anonymous" sketch.author_nickname = "anonymous" if user.user: gallerySketch.author_nickname = user.nickname else: gallerySketch.author_nickname = "anonymous" sketch.tags_commas = self.request.get('tags') gallerySketch.tags_commas = self.request.get('tags') authorSketchesSketch.tags_commas = self.request.get('tags') mySketchesSketch.tags_commas = self.request.get('tags') template_values = { 'sketch': sketch, 'published': sketch.published, 'preview': preview, 'submitted': submitted, 'action': "addBlog", 'tags': self.request.get('tags'), } sketch.set_randomID() sketch.parentSketchRandomID = self.request.get('parentSketchRandomID') if sketch.parentSketchRandomID is None: sketch.parentSketchRandomID = '' if sketch.parentSketchRandomID == '': sketch.oldestParentSketchRandomID = sketch.randomID; else: sketch.oldestParentSketchRandomID = self.request.get('oldestParentSketchRandomID') sketch.set_parents(self.request.get('parent_idList'),self.request.get('parent_nicknamesList')) gallerySketch.randomID = sketch.randomID authorSketchesSketch.randomID = sketch.randomID mySketchesSketch.randomID = sketch.randomID sketch.save() # if this is an anonymous user adding a sketch, we have forced this flag to True if sketch.published: authorSketchesSketch.save() gallerySketch.save() mySketchesSketch.save() ## now, finally, this uploads the thumbnail thumbnailData = self.request.get('thumbnailData') #logging.info('add blog, thumbnail data: ' + thumbnailData) if thumbnailData != "": logging.info('add blog, thumbnail data not empty - adding/overwriting thumbnail') thumbnailUploaderObject = thumbnailUploaderClass() thumbnailUploaderObject.doTheUpload(sketch.randomID,thumbnailData) else: logging.info('add blog, no thumbnail data') if user.user and suspiciousContent and ('published' in self.request.arguments()): self.redirect("/sketchNotMadePublicNotice.html?sketchID="+sketch.randomID) else: self.redirect(sketch.full_permalink())
def post(self): self.session = True user = UserInfo() user.whoIs(self) if 'published' in self.request.arguments(): logging.info( 'adding a sketch and the published field has been sent') preview = self.request.get('preview') submitted = self.request.get('submitted') published = ('published' in self.request.arguments()) theKey = Sketch.generateKey() sketch = Sketch(key_name=theKey) sketch.sourceCode = self.request.get('text_input2').rstrip().lstrip() sketch.description = util.Sanitize(self.request.get('text_input')) # minimal protection against spammers, redirect to root if the program contains too many urls #logging.info('occurrences of http ' + str(sketch.sourceCode.count("http"))) sketch_sourceCode_count_http = sketch.sourceCode.count("http://") sketch_sourceCode_count_url_http = sketch.sourceCode.count( "[url=http://") sketch_description_count_http = sketch.description.count("http://") if sketch_sourceCode_count_http > 10: self.redirect("/") return if sketch_sourceCode_count_url_http > 0: self.redirect("/") return if sketch_description_count_http > 7: self.redirect("/") return if sketch_description_count_http + sketch_sourceCode_count_http > 12: self.redirect("/") return sketch_title = self.request.get('title_input') # now let's check in some other ways if the content is suspicious suspiciousContent = False sketch_title = self.request.get('title_input') sketch_tags_commas = self.request.get('tags') suspiciousContent = False if is_suspicious(sketch_title, sketch_tags_commas): suspiciousContent = True if any(util.doesItContainProfanity(text)\ for text in(sketch_title, sketch.sourceCode, sketch.description) ): suspiciousContent = True gallerySketch = GallerySketch( key_name=theKey ) # the gallery must be ordered by time, most recent first if user.user: #authorSketchesSketch = AuthorSketchesSketch(key_name = "-"+util.convDecToBase(string._long(user.user_id),62) + theKey) #mySketchesSketch = MySketchesSketch(key_name = "-"+util.convDecToBase(string._long(user.user_id),62) + theKey) user_id_in_fixed_digits = '-%023d' % (int(user.user_id)) authorSketchesSketch = AuthorSketchesSketch( key_name=user_id_in_fixed_digits + theKey) mySketchesSketch = MySketchesSketch( key_name=user_id_in_fixed_digits + theKey) authorSketchesSketch.user_id_string = util.convDecToBase( string._long(user.user_id), 62) mySketchesSketch.user_id_string = util.convDecToBase( string._long(user.user_id), 62) else: authorSketchesSketch = AuthorSketchesSketch(key_name='-%023d' % (0) + theKey) mySketchesSketch = MySketchesSketch(key_name='-%023d' % (0) + theKey) authorSketchesSketch.user_id_string = "anonymous" mySketchesSketch.user_id_string = "anonymous" # propagate the "suspicious" flag in all the records that we are adding sketch.suspiciousContent = suspiciousContent gallerySketch.suspiciousContent = suspiciousContent authorSketchesSketch.suspiciousContent = suspiciousContent mySketchesSketch.suspiciousContent = suspiciousContent sketch.set_title(sketch_title) gallerySketch.title = sketch.title authorSketchesSketch.title = sketch.title mySketchesSketch.title = sketch.title if suspiciousContent == True: sketch.published = False authorSketchesSketch.published = False mySketchesSketch.published = False elif user.user: sketch.published = published authorSketchesSketch.published = published mySketchesSketch.published = published else: sketch.published = True authorSketchesSketch.published = True mySketchesSketch.published = True sketch.sourceCode = clean_sourcecode(sketch.sourceCode) #sketch.author_user = user.user sketch.author_email = user.email sketch.author_user_id = user.user_id if user.user: sketch.author_string_user_id = util.convDecToBase( string._long(user.user_id), 62) sketch.author_nickname = user.nickname else: sketch.author_string_user_id = "anonymous" sketch.author_nickname = "anonymous" if user.user: gallerySketch.author_nickname = user.nickname else: gallerySketch.author_nickname = "anonymous" sketch.tags_commas = self.request.get('tags') gallerySketch.tags_commas = self.request.get('tags') authorSketchesSketch.tags_commas = self.request.get('tags') mySketchesSketch.tags_commas = self.request.get('tags') template_values = { 'sketch': sketch, 'published': sketch.published, 'preview': preview, 'submitted': submitted, 'action': "addBlog", 'tags': self.request.get('tags'), } sketch.set_randomID() sketch.parentSketchRandomID = self.request.get('parentSketchRandomID') if sketch.parentSketchRandomID is None: sketch.parentSketchRandomID = '' if sketch.parentSketchRandomID == '': sketch.oldestParentSketchRandomID = sketch.randomID else: sketch.oldestParentSketchRandomID = self.request.get( 'oldestParentSketchRandomID') sketch.set_parents(self.request.get('parent_idList'), self.request.get('parent_nicknamesList')) gallerySketch.randomID = sketch.randomID authorSketchesSketch.randomID = sketch.randomID mySketchesSketch.randomID = sketch.randomID sketch.save() # if this is an anonymous user adding a sketch, we have forced this flag to True if sketch.published: authorSketchesSketch.save() gallerySketch.save() mySketchesSketch.save() ## now, finally, this uploads the thumbnail thumbnailData = self.request.get('thumbnailData') #logging.info('add blog, thumbnail data: ' + thumbnailData) if thumbnailData != "": logging.info( 'add blog, thumbnail data not empty - adding/overwriting thumbnail' ) thumbnailUploaderObject = thumbnailUploaderClass() thumbnailUploaderObject.doTheUpload(sketch.randomID, thumbnailData) else: logging.info('add blog, no thumbnail data') if user.user and suspiciousContent and ('published' in self.request.arguments()): self.redirect("/sketchNotMadePublicNotice.html?sketchID=" + sketch.randomID) else: self.redirect(sketch.full_permalink())