def execute(pagename, request): _ = request.getText actname = __name__.split('.')[-1] page = PageEditor(pagename, request) msg = '' oldtext = page.get_raw_body() everything_is_okay = 0 # kinda lame spam protection, but it should work pghash = hash(pagename.lower()) # be extra paranoid if (actname in config.excluded_actions or not request.user.may.edit(page) or # bot checks request.form.has_key('button_dont1_%s' % pghash) or request.form.has_key('button_dont2_%s' % pghash) or request.form.has_key('button_dont3_%s' % pghash) or request.form.has_key('button_dont4_%s' % pghash) or request.form.has_key('comment_dont_%s' % pghash) or not request.isPOST() ): msg = _('You are not allowed to edit this page. ' '(An account is needed in most cases)') # check whether page exists at all elif not page.exists(): msg = _('This page does not exist.') # check whether the user clicked the delete button elif request.form.has_key('button_do_%s' % pghash) and \ request.form.has_key('comment_text_%s' % pghash): # check whether this is a valid renaming request (make outside # attacks harder by requiring two full HTTP transactions) comment_text = request.form.get('comment_text_%s' % pghash)[0] if request.user.anonymous: userId = request.user.ip else: if config.user_page_prefix: userId = '["%s%s"]' % (config.user_page_prefix, request.user.propercased_name) else: userId = '["%s"]' % request.user.propercased_name now = time.time() now_formatted = request.user.getFormattedDateTime( now, global_time=True) formatted_comment_text = comment_text + " --" + userId newtext = (oldtext + "------" + "\n" + "''" + ''.join(now_formatted) + "'' [[nbsp]] " + formatted_comment_text) page.saveText(newtext, '0', comment="Comment added.", action="COMMENT_MACRO") msg = _('Your comment has been added.') return page.send_page(msg)
def execute(pagename, request): _ = request.getText actname = __name__.split('.')[-1] page = PageEditor(pagename, request) msg = '' oldtext = page.get_raw_body() everything_is_okay = 0 # kinda lame spam protection, but it should work pghash = hash(pagename.lower()) # be extra paranoid if (actname in config.excluded_actions or not request.user.may.edit(page) or # bot checks request.form.has_key('button_dont1_%s' % pghash) or request.form.has_key('button_dont2_%s' % pghash) or request.form.has_key('button_dont3_%s' % pghash) or request.form.has_key('button_dont4_%s' % pghash) or request.form.has_key('comment_dont_%s' % pghash) or not request.isPOST()): msg = _('You are not allowed to edit this page. ' '(An account is needed in most cases)') # check whether page exists at all elif not page.exists(): msg = _('This page does not exist.') # check whether the user clicked the delete button elif request.form.has_key('button_do_%s' % pghash) and \ request.form.has_key('comment_text_%s' % pghash): # check whether this is a valid renaming request (make outside # attacks harder by requiring two full HTTP transactions) comment_text = request.form.get('comment_text_%s' % pghash)[0] if request.user.anonymous: userId = request.user.ip else: if config.user_page_prefix: userId = '["%s%s"]' % (config.user_page_prefix, request.user.propercased_name) else: userId = '["%s"]' % request.user.propercased_name now = time.time() now_formatted = request.user.getFormattedDateTime(now, global_time=True) formatted_comment_text = comment_text + " --" + userId newtext = (oldtext + "------" + "\n" + "''" + ''.join(now_formatted) + "'' [[nbsp]] " + formatted_comment_text) page.saveText(newtext, '0', comment="Comment added.", action="COMMENT_MACRO") msg = _('Your comment has been added.') return page.send_page(msg)
def _addLocalWords(request): import types from Sycamore.PageEditor import PageEditor # get the new words as a string (if any are marked at all) try: newwords = request.form['newwords'] except KeyError: # no new words checked return newwords = ' '.join(newwords) # get the page contents lsw_page = PageEditor(request.config.page_local_spelling_words, request) words = lsw_page.get_raw_body() # add the words to the page and save it if words and words[-1] != '\n': words = words + '\n' lsw_page.saveText(words + '\n' + newwords, '0')
def execute(pagename, request): _ = request.getText actname = __name__.split('.')[-1] page = PageEditor(pagename, request) pagetext = page.get_raw_body() msg = '' # be extra paranoid in dangerous actions if (actname in config.excluded_actions or not request.user.may.edit(page) or not request.user.may.delete(page)): msg = _('You are not allowed to rename pages in this wiki!') # check whether page exists at all elif not page.exists(): msg = _('This page is already deleted or was never created!') # check whether the user clicked the delete button elif (request.form.has_key('button') and request.form.has_key('newpagename') and request.form.has_key('ticket')): # check whether this is a valid renaming request (make outside # attacks harder by requiring two full HTTP transactions) if not _checkTicket(request.form['ticket'][0]): msg = _('Please use the interactive user ' 'interface to rename pages!') else: renamecomment = request.form.get('comment', [''])[0] # strip to ensure naming consistency newpagename = request.form.get('newpagename')[0].strip() if newpagename == pagename: return Page(pagename, request).send_page( msg="You can't rename a page to the name it already has!") try: newpage = PageEditor(newpagename, request) except Page.ExcessiveLength, msg: return Page(pagename, request).send_page(msg=msg) if len(renamecomment) > wikiaction.MAX_COMMENT_LENGTH: msg = _('Comments must be less than %s characters long.' % wikiaction.MAX_COMMENT_LENGTH) elif len(newpagename) > MAX_PAGENAME_LENGTH: msg = _('Page names must be less than %s characters long.' % MAX_PAGENAME_LENGTH) # check whether a page with the new name already exists elif (newpage.exists() and not (newpagename.lower() == pagename.lower())): msg = _('A page with the name "%s" already exists!') % ( newpagename) elif not wikiaction.isValidPageName(newpagename): msg = _('Invalid pagename: Only the characters A-Z, a-z, 0-9, ' '"$", "&", ",", ".", "!", "\'", ":", ";", " ", "/", ' '"-", "(", ")" are allowed in page names.') # we actually do a rename! else: if renamecomment: renamecomment = " (" + renamecomment + ")" if newpagename.lower() != pagename.lower(): page.saveText("#redirect %s" % newpagename, '0', comment='Renamed to "%s"' % newpagename, action='RENAME', force_save=True) # copy images over copy_files(pagename, newpagename, request) newpage.saveText(pagetext, '0', comment='Renamed from "%s"%s' % (pagename, renamecomment), action="RENAME", proper_name=newpagename) msg = _('Page "%s" was successfully renamed to "%s"!') % ( pagename, newpagename) if newpagename.lower() != pagename.lower(): # check favorites because the redirect will # process before the bookmarks get updated if request.user.valid: request.user.checkFavorites(page) request.http_redirect( '%s/%s?action=show&redirect=%s' % (request.getScriptname(), wikiutil.quoteWikiname(newpagename), urllib.quote_plus(pagename.encode(config.charset), ''))) request.req_cache['pagenames'][( newpagename.lower(), request.config.wiki_name)] = newpagename # we clear so the new page name appears caching.CacheEntry(newpagename.lower(), request).clear() return else: request.req_cache['pagenames'][( newpagename.lower(), request.config.wiki_name)] = newpagename # we clear so the new page name appears caching.CacheEntry(newpagename.lower(), request).clear() return newpage.send_page(msg)
def execute(pagename, request): _ = request.getText actname = __name__.split('.')[-1] page = PageEditor(pagename, request) pagetext = page.get_raw_body() msg = '' # be extra paranoid in dangerous actions if (actname in config.excluded_actions or not request.user.may.edit(page) or not request.user.may.delete(page)): msg = _('You are not allowed to rename pages in this wiki!') # check whether page exists at all elif not page.exists(): msg = _('This page is already deleted or was never created!') # check whether the user clicked the delete button elif (request.form.has_key('button') and request.form.has_key('newpagename') and request.form.has_key('ticket')): # check whether this is a valid renaming request (make outside # attacks harder by requiring two full HTTP transactions) if not _checkTicket(request.form['ticket'][0]): msg = _('Please use the interactive user ' 'interface to rename pages!') else: renamecomment = request.form.get('comment', [''])[0] # strip to ensure naming consistency newpagename = request.form.get('newpagename')[0].strip() if newpagename == pagename: return Page(pagename, request).send_page( msg="You can't rename a page to the name it already has!") try: newpage = PageEditor(newpagename, request) except Page.ExcessiveLength, msg: return Page(pagename, request).send_page(msg=msg) if len(renamecomment) > wikiaction.MAX_COMMENT_LENGTH: msg = _('Comments must be less than %s characters long.' % wikiaction.MAX_COMMENT_LENGTH) elif len(newpagename) > MAX_PAGENAME_LENGTH: msg = _('Page names must be less than %s characters long.' % MAX_PAGENAME_LENGTH) # check whether a page with the new name already exists elif (newpage.exists() and not (newpagename.lower() == pagename.lower())): msg = _('A page with the name "%s" already exists!') % ( newpagename) elif not wikiaction.isValidPageName(newpagename): msg = _('Invalid pagename: Only the characters A-Z, a-z, 0-9, ' '"$", "&", ",", ".", "!", "\'", ":", ";", " ", "/", ' '"-", "(", ")" are allowed in page names.') # we actually do a rename! else: if renamecomment: renamecomment = " (" + renamecomment + ")" if newpagename.lower() != pagename.lower(): page.saveText("#redirect %s" % newpagename, '0', comment='Renamed to "%s"' % newpagename, action='RENAME', force_save=True) # copy images over copy_files(pagename, newpagename, request) newpage.saveText(pagetext, '0', comment='Renamed from "%s"%s' % (pagename, renamecomment), action="RENAME", proper_name=newpagename) msg = _('Page "%s" was successfully renamed to "%s"!') % ( pagename,newpagename) if newpagename.lower() != pagename.lower(): # check favorites because the redirect will # process before the bookmarks get updated if request.user.valid: request.user.checkFavorites(page) request.http_redirect('%s/%s?action=show&redirect=%s' % ( request.getScriptname(), wikiutil.quoteWikiname(newpagename), urllib.quote_plus(pagename.encode(config.charset), ''))) request.req_cache['pagenames'][ (newpagename.lower(), request.config.wiki_name)] = newpagename # we clear so the new page name appears caching.CacheEntry(newpagename.lower(), request).clear() return else: request.req_cache['pagenames'][ (newpagename.lower(), request.config.wiki_name)] = newpagename # we clear so the new page name appears caching.CacheEntry(newpagename.lower(), request).clear() return newpage.send_page(msg)