def save(raws, backup=True):
# 先按文件分组
for file_path, raw_group in itertools.groupby(
raws, lambda item: item[0]['__abs_src']):
modifies = [item for item in loop_changes(raw_group)]
if len(modifies) > 0:
if backup:
file_name = os.path.basename(file_path)
file_name = u"{0}_{1}_backup.xlsx".format(
os.path.splitext(file_name)[0],
datetime.datetime.now().strftime('%Y%m%d%H%M%S'))
bk_file_path = os.path.join(
os.path.dirname(file_path), file_name)
shutil.copyfile(file_path, bk_file_path)
workbook = load_workbook(filename=file_path, data_only=True)
debug(u'更新文件:{0}'.format(file_path))
for meta, row_data, col_data in modifies:
# 按区域更新
name = meta['__src_sheet']
row = col_data['row']
col = col_data['col']
raw_value = stringify(col_data['raw_value'])
value = stringify(col_data['value'])
sheet = workbook.get_sheet_by_name(name)
sheet.cell(row=row, column=col).value = value
debug(u'更新{0}-[行{1}:列{2}]:{3} --> {4}'.format(
name, row, col, raw_value, value))
workbook.save(filename=file_path)
def _nice_tweet(tweet, q_toks, topic_ngrams):
s = ""
s += '<span class="text">'
hl_spec = dict((ng, ('<span class="topic_hl">','</span>')) for ng in topic_ngrams)
for qg in list(set(bigrams.bigrams(q_toks))) + list(set(bigrams.unigrams(q_toks))):
if len(qg)==1 and qg[0] in bigrams.super_stopwords: continue
if len(qg)==1 and any(qg[0] in ng for ng in topic_ngrams): continue
if len(qg)>=2 and any(kmp.isSubseq(qg, ng) for ng in topic_ngrams): continue
hl_spec[qg] = ('<span class="q_hl">','</span>')
text = highlighter.highlight(tweet['toks'], hl_spec)
text = linkify(text, klass='t')
#text = twokenize.Url_RE.subn(r'<a class=t target=_blank href="\1">\1</a>', text)[0]
#text = twokenize.AT_RE.subn(r'<a class=at target=_blank href="\1">\1</a>
text = At.gsub(text, r'<a class="at" target="_blank" href="http://twitter.com/\2">@\2</a>')
s += text
s += "</span>"
s += " "
s += '<span class="authors">'
if 'orig_tweets' in tweet:
s += "%d authors:" % len(tweet['orig_tweets'])
subtweets = tweet['orig_tweets']
else:
subtweets = (tweet,)
for subtweet in subtweets:
user = subtweet['from_user']
link = "http://twitter.com/%s/status/%s" % (user, subtweet['id'])
s += " "
# calling encode() here makes NO SENSE AT ALL why do we need it?
s += '<a class="m" target="_blank" href="%s">%s</a>' % (util.stringify(link), util.stringify(user))
s += '</span>'
return s
def loop_changes(raw_group):
for meta, unit_datas in raw_group:
for row_data in unit_datas:
for col_data in row_data['raw']:
if 'change' in col_data and col_data['change']:
if stringify(col_data['value']) != stringify(col_data[
'raw_value']):
yield meta, row_data, col_data
def summarize(self, run_name="optimization"):
a, b, c = self.opt.x0
params = {"a0": a,
"b0": b,
"c0": c}
with cd(run_name):
with cd("times_series_convergence"):
fn1 = "timeseries_" + stringify(**params) + ".png"
self.plot_time_series_convergence(file_name=fn1)
with cd("parameter_convergence"):
fn2 = "param_cnvg_" + stringify(**params) + ".png"
self.plot_parameter_convergence(file_name=fn2)
def get(self):
uri = self.get_argument('next', '..')
userID = util.stringify(self.get_secure_cookie("user"))
log.info("Explicit logout for user ID {0}".format(userID))
self.clear_cookie("user")
self.clear_cookie("admin")
self.redirect(uri)
def execute_padding_oracle_attack(oracle, ciphertext, iv):
""" Main execution logic for the padding oracle attack.
Args:
oracle (:obj): A padding oracle instance.
ciphertext (str): The ciphertext to be broken.
iv (str): The initializaton vector.
Returns:
broken_ciphertext (str): The broken ciphertext retrieved from the attack.
"""
ciphertext_numbers = numerify(ciphertext)
iv_numbers = numerify(iv)
blocks = blockify(ciphertext_numbers, oracle.block_size)
broken_ciphertext = []
# Solves two consecutive blocks each time.
for block_num, (previous_block, current_block) in enumerate(
zip([iv_numbers] + blocks, blocks)):
broken_block = crack_block(oracle, previous_block, current_block)
broken_ciphertext += broken_block
print "Cracked block {}. Value obtained is {}.".format(
block_num, broken_block)
return stringify(broken_ciphertext)
def crack_block(oracle, previous_block, current_block):
""" Solves two consecutive blocks.
Args:
oracle (:obj): A padding oracle instance.
previous_block (list): The previous block to be modified and used in the attack.
current_block (list): The block to be broken.
Returns:
broken_block (list): The broken block.
"""
# Recover the last byte of the broken current block.
last_byte = get_last_byte(oracle, previous_block, current_block)
# List to store broken bytes.
decoded_block = [0] * (oracle.block_size - 1) + [last_byte]
for i in range(oracle.block_size - 2, -1, -1):
# Pad value that is required for the decoded block.
pad_val = oracle.block_size - i
# The part of the previous block that is unmodified.
prefix = previous_block[:i]
# Modify the bytes of those we have broken to ensure they become the pad_value.
suffix = [
val ^ decoded_block[i + pos + 1] ^ pad_val
for (pos, val) in enumerate(previous_block[i + 1:])
]
'''
Bruteforce the current byte. Becase we xor the current byte with the guess and the pad _value, the
pad is only valid when guess == current byte as they cancel out, leaving only the pad_value.
'''
for guess in range(256):
evil_previous_block = prefix + [
previous_block[i] ^ guess ^ pad_val
] + suffix
if not oracle.aes_valid_padding(stringify(current_block),
stringify(evil_previous_block)):
continue
decoded_block[i] = guess
break
return decoded_block
def post(self):
email = self.get_argument('email', None)
password = self.get_argument('password', None)
uri = self.get_argument('next', '/')
if not email or not password or email == "" or password == "":
self.render("login.html",
message = "Please enter an email and password",
uri = uri)
return
with db.getCur() as cur:
cur.execute("SELECT Id, Password, PlayerId FROM Users WHERE Email = LOWER(?)", (email,))
row = cur.fetchone()
if row is not None:
userID = row[0]
passhash = row[1]
playerId = row[2]
if pbkdf2_sha256.verify(password, passhash):
self.set_secure_cookie("user", str(userID))
log.info("Successful login for {0} (ID = {1})".format(
email, userID))
cur.execute("SELECT EXISTS(SELECT * FROM Admins WHERE Id = ?)", (userID,))
if cur.fetchone()[0] == 1:
log.info("and {0} is an admin user".format(
email))
self.set_secure_cookie("admin", "1")
cur.execute("SELECT Value FROM Settings WHERE UserId = ? AND Setting = 'stylesheet';", (userID,))
stylesheet = cur.fetchone()
if stylesheet is not None and len(stylesheet) > 0:
self.set_secure_cookie("stylesheet", stylesheet[0])
if playerId is not None:
cur.execute("SELECT Id, Name FROM Players WHERE Id = ?;", (playerId,))
player = cur.fetchone()
if player is not None and len(player) > 0:
self.set_secure_cookie("playerId", util.stringify(player[0]))
self.set_secure_cookie("playerName", util.stringify(player[1]))
if userID != None:
self.redirect(uri)
return
log.info("Invalid login attempt for {0}".format(email))
self.render("login.html",
message = "Incorrect email and password", uri = uri)
def get_last_byte(oracle, previous_block, current_block):
""" Solves the last byte of two consecutive blocks.
Args:
oracle (:obj): A padding oracle instance.
previous_block (list): The previous block to be modified and used in the attack.
current_block (list): The block to be broken.
Returns:
broken_byte (int): The broken byte.
Raise:
ValueError: Unable to obtain the last byte of the current block.
"""
# The part of the previous block that is unmodified.
prefix = previous_block[:-1]
'''
Bruteforce the last byte. Becase we xor the last byte with the guess and the 1, the
pad is only valid when guess == current byte as they cancel out, leaving only the pad_value.
'''
for guess in range(256):
evil_previous_block = prefix + [previous_block[-1] ^ guess ^ 1]
if not oracle.aes_valid_padding(stringify(current_block),
stringify(evil_previous_block)):
continue
'''
Note that our guess might not be correct. This is because there can be other cases for having
a valid pad e.g. \x02\x02 or \x03\x03\x03 etc. We avoid these cases by changing the second last
byte to something else and see if it decrypts correctly. If it does, we know that the last byte
is the padded value of \x01.
'''
evil_previous_block[-2] = evil_previous_block[-2] ^ 1
if not oracle.aes_valid_padding(stringify(current_block),
stringify(evil_previous_block)):
continue
return guess
raise ValueError('Unable to obtain last byte')
def _nice_tweet(tweet, q_toks, topic_ngrams):
s = ""
s += '<span class="text">'
hl_spec = dict(
(ng, ('<span class="topic_hl">', '</span>')) for ng in topic_ngrams)
for qg in list(set(bigrams.bigrams(q_toks))) + list(
set(bigrams.unigrams(q_toks))):
if len(qg) == 1 and qg[0] in bigrams.super_stopwords: continue
if len(qg) == 1 and any(qg[0] in ng for ng in topic_ngrams): continue
if len(qg) >= 2 and any(kmp.isSubseq(qg, ng) for ng in topic_ngrams):
continue
hl_spec[qg] = ('<span class="q_hl">', '</span>')
text = highlighter.highlight(tweet['toks'], hl_spec)
text = linkify(text, klass='t')
#text = twokenize.Url_RE.subn(r'<a class=t target=_blank href="\1">\1</a>', text)[0]
#text = twokenize.AT_RE.subn(r'<a class=at target=_blank href="\1">\1</a>
text = At.gsub(
text,
r'<a class="at" target="_blank" href="http://twitter.com/\2">@\2</a>')
s += text
s += "</span>"
s += " "
s += '<span class="authors">'
if 'orig_tweets' in tweet:
s += "%d authors:" % len(tweet['orig_tweets'])
subtweets = tweet['orig_tweets']
else:
subtweets = (tweet, )
for subtweet in subtweets:
user = subtweet['from_user']
link = "http://twitter.com/%s/status/%s" % (user, subtweet['id'])
s += " "
# calling encode() here makes NO SENSE AT ALL why do we need it?
s += '<a class="m" target="_blank" href="%s">%s</a>' % (
util.stringify(link), util.stringify(user))
s += '</span>'
return s
def solve(self, filename):
with open(filename, 'r') as content_file:
content = content_file.read()
root = GrammarTransformer().transform(content)
results = {}
results['satisfiable'] = False
self.dfs(root, results)
if results['satisfiable'] == True:
print(filename, 'SATISFIABLE', stringify(results['example']))
else:
print(filename, 'NON SATISFIABLE')
def exec_sample_validation(row_datas, samples):
errors = []
for sample in samples:
fields = sample['type'].strip().split(',')
for sample_data in sample['datas']:
is_found = False
for row_data in row_datas:
if is_found:
break
values = []
for attr_label in fields:
col_data = get_col_data_by_attr_name(row_data, attr_label)
values.append(stringify(col_data['value']).strip() if col_data and 'value' in col_data else '')
if ','.join(values) == sample_data.strip():
is_found = True
if not is_found:
errors.append(u'未找到({}):{}'.format(sample['type'], sample_data))
return errors
def app_stringify(iter):
for x in iter:
yield util.stringify(x, 'utf8', 'xmlcharrefreplace')
def make_url(q, max_topics):
q = urllib.quote(util.stringify(q))
return BACKEND_URL + "/?q=%s&max_topics=%s&format=json" % (
(q), util.stringify(max_topics))
def get_current_player_name(self):
return stringify(self.get_secure_cookie("playerName"))
def urlencode(dct): dct = dict( (k, util.stringify(v)) for k,v in dct.iteritems()) return urllib.urlencode(dct)
def get_is_admin(self):
if settings.DEVELOPERMODE or os.path.exists('DEVELOPERMODE'):
return True
else:
return util.stringify(self.get_secure_cookie("admin")) == "1"
def urlencode(dct):
dct = dict((k, util.stringify(v)) for k, v in dct.iteritems())
return urllib.urlencode(dct)
def group_fn(row_data):
key = '|'.join([stringify(item['value']) for item in row_data['raw'] if item['key'] in group_keys])
return key
def count_key(row_data):
values = []
for attr_label in fields:
col_data = get_col_data_by_attr_name(row_data, attr_label)
values.append(stringify(col_data['value']).strip() if col_data and 'value' in col_data else '')
return ','.join(values)
def get_current_player(self):
return stringify(self.get_secure_cookie("playerId"))
def get_is_admin(self):
if settings.DEVELOPERMODE:
return True
else:
return stringify(self.get_secure_cookie("admin")) == "1"
def get_current_user(self):
if settings.DEVELOPERMODE:
return "1"
else:
return stringify(self.get_secure_cookie("user"))
def __str__(self):
return util.stringify(self)
def get_current_user(self):
if settings.DEVELOPERMODE or os.path.exists('DEVELOPERMODE'):
return "1"
else:
return util.stringify(self.get_secure_cookie("user"))
def app_stringify(iter):
for x in iter:
yield util.stringify(x, 'utf8', 'xmlcharrefreplace')
def get_stylesheet(self):
return util.stringify(self.get_secure_cookie("stylesheet"))
def parse_item(item):
val = stringify(item[1])
if val == '':
val = ' '
return (item[0], val)
def make_url(q, max_topics): q = urllib.quote( util.stringify(q) ) return BACKEND_URL + "/?q=%s&max_topics=%s&format=json" % ((q), util.stringify(max_topics))
def group_fn(row_data):
return '|'.join([stringify(item['value']).strip() for item in row_data['raw'] if item['key'] in duplicate_keys])
