def difftags(old, new): # No amount of tinkering with strxfrm, strcoll, and locale settings helps. # The sort still blows up with UnicodeDecodeError, codec 'ascii'. # So, just safestr the sort keys. joint = [] for s in old: joint.append([slasti.safestr(s),s,'-']) for s in new: joint.append([slasti.safestr(s),s,'+']) joint.sort(key = lambda t: t[0]) prev = None for s in joint: if prev != None and prev[0] == s[0]: prev[2] = ' '; s[2] = ' '; prev = s minus = [] plus = [] for s in joint: if s[2] == '-': minus.append(s[1]) if s[2] == '+': plus.append(s[1]) return (minus, plus)
def __iter__(self): self.base.open() try: yield b'<?xml version="1.0" encoding="UTF-8"?>\n' yield b'<posts user="******" tag="">\n' for mark in self.base: yield slasti.safestr(mark.xml()) yield b'</posts>\n' finally: self.base.close()
def login_post(start_response, ctx): username = ctx.user['name'] userpath = ctx.prefix+'/'+username # pinput = "password=test&OK=Enter" and possibly a newline savedref = ctx.get_pinput_arg("savedref") if savedref: redihref = "%s/%s" % (userpath, quote(slasti.safestr(savedref))) else: redihref = "%s/" % userpath; redihref = slasti.to_str(redihref) password = ctx.get_pinput_arg("password") if not password: raise App400Error("bad password tag") # We do not require every user to have a password, in order to have # archive users or other pseudo-users. They cannot login, even if they # fake the login cookies. if 'salt' not in ctx.user: raise AppError("User with no salt: "+username) if 'pass' not in ctx.user: raise AppError("User with no password: "******"403 Not Permitted", [('Content-type', 'text/plain; charset=utf-8')]) template = ctx.j2env.get_template('simple.txt') result = template.render(output="403 Not Permitted: Bad Password\r\n") return [result.encode('utf-8')] csalt = slasti.to_str(base64.b64encode(os.urandom(6))) flags = "-" nowstr = "%d" % int(time.time()) opdata = csalt+","+flags+","+nowstr coohash = hashlib.sha256() coohash.update((ctx.user['pass']+opdata).encode('utf-8')) # We use hex instead of base64 because it's easy to test in shell. mdstr = coohash.hexdigest() response_headers = [('Content-type', 'text/html; charset=utf-8')] # Set an RFC 2901 cookie (not RFC 2965). response_headers.append(('Set-Cookie', "login=%s:%s" % (opdata, mdstr))) response_headers.append(('Location', redihref)) start_response("303 See Other", response_headers) jsondict = { "href_redir": redihref } template = ctx.j2env.get_template('redirect.html') result = template.render(**jsondict) return [result.encode('utf-8')]
def fetch_get(start_response, ctx): url = ctx.get_query_arg("url") if not url: raise App400Error("no query") body = fetch_body(url) title = fetch_parse(body) output = [b'%s\r\n' % slasti.safestr(title)] start_response("200 OK", [('Content-type', 'text/plain')]) return output
def redirect_to_login(start_response, ctx): userpath = ctx.prefix + '/' + ctx.user['name'] thisref = ctx.path login_loc = userpath + '/login?savedref=' + thisref response_headers = [('Content-type', 'text/html; charset=utf-8')] response_headers.append(('Location', slasti.safestr(login_loc))) start_response("303 See Other", response_headers) jsondict = { "href_redir": login_loc } return [template_html_redirect.substitute(jsondict)]
def redirect_to_login(start_response, ctx): userpath = ctx.prefix + '/' + ctx.user['name'] thisref = ctx.path login_loc = slasti.to_str( userpath + '/login?savedref=' + quote(slasti.safestr(thisref))) response_headers = [('Content-type', 'text/html; charset=utf-8')] response_headers.append(('Location', login_loc)) start_response("303 See Other", response_headers) jsondict = { "href_redir": login_loc } template = ctx.j2env.get_template('redirect.html') result = template.render(**jsondict) return [result.encode('utf-8')]
def edit_post(start_response, ctx): username = ctx.user['name'] userpath = ctx.prefix+'/'+username argd = find_post_args(ctx) tags = tagbase.split_marks(argd['tags']) stamp0 = int(time.time()) stamp1 = ctx.base.add1(stamp0, argd['title'], argd['href'], argd['extra'], tags) if stamp1 < 0: raise App404Error("Out of fix: %d" % stamp0) redihref = '%s/mark.%d.%02d' % (userpath, stamp0, stamp1) response_headers = [('Content-type', 'text/html; charset=utf-8')] response_headers.append(('Location', slasti.safestr(redihref))) start_response("303 See Other", response_headers) jsondict = { "href_redir": redihref } return [template_html_redirect.substitute(jsondict)]
def fs_encode(tag): return base64.b64encode(slasti.safestr(tag), b"+_").decode('ascii')
def fs_encode(tag): return base64.b64encode(slasti.safestr(tag), "+_")
def __str__(self): # There do not seem to be any exceptions raised with weird inputs. datestr = time.strftime("%Y-%m-%d", time.gmtime(self.stamp0)) return self.ourlist[self.ourindex]+'|'+datestr+'|'+\ slasti.safestr(self.title)+'|'+self.url+'|'+\ slasti.safestr(self.note)+"|"+slasti.safestr(self.tags)