def contact(request):
if request.method == "POST":
contact_form = ContactForm(request.POST)
if contact_form.is_valid():
send_mail(
"Knight Book Market Support",
"From: %s\nReason: %s\n\n%s" % (request.POST["email"], request.POST["reason"], request.POST["message"]),
"settings.EMAIL_HOST_USER",
["*****@*****.**"],
)
return message_page(request, u"Thanks for contacting us!")
else:
contact_form = ContactForm()
return load_page(request, "contact-report.html", {"form": contact_form})
def new_sale(request):
"""View for handling the creation of new sales."""
form = SaleForm()
error = ""
facebook = get_facebook_graph(request) != None
if request.method == "POST":
data = request.POST.copy()
data["merchant"] = request.user.id
data["status"] = Sale.PENDING
form = SaleForm(data)
if form.is_valid():
sale = form.save(commit=False)
sale.expires = form.cleaned_data["expires"]
url = request.POST.get("image", "")
if url == "" or len(url) > 1000:
sale.image = File(open(os.path.join(STATIC_ROOT, "img/book_placeholder.gif")))
else:
req = urllib2.Request(url, headers={"User-Agent": "Magic Browser"})
img_temp = NamedTemporaryFile(delete=True)
image = urllib2.urlopen(req).read()
img_temp.write(image)
img_temp.flush()
try:
im = Image.open(StringIO.StringIO(image))
im.verify()
except Exception, e:
error = "Invalid image URL." + str(e)
return load_page(request, "new_sale.html", {"form": form, "error": error})
filename = data["image"] if "." in data["image"][-5:] else data["image"] + ".png"
sale.image.save(filename, File(img_temp))
sale.save()
message = "Thanks, your sale has been listed!"
try:
if request.POST["facebook"]:
share_sale(request, sale)
message += " A post has been added to your timeline."
except:
pass
return index(request, flash=message)
def signup(request):
"""View that handles user registration."""
if request.user.is_authenticated():
return HttpResponseRedirect("/")
if request.method == "GET":
form = SignupForm() # Create an empty form if the method is GET.
elif request.method == "POST":
form = SignupForm(request.POST) # Populate the form with POST data.
if form.is_valid():
# Get the form data.
username = form.cleaned_data["username"]
email = form.cleaned_data["email"]
password = form.cleaned_data["password"]
first_name = form.cleaned_data["first_name"]
last_name = form.cleaned_data["last_name"]
# Create a new user and profile.
user = User.objects.create_user(username, email, password)
user.first_name = first_name
user.last_name = last_name
user.save() # Save the user.
new_profile = UserProfile()
new_profile.new(user, form.cleaned_data["phone"], get_remote_ip(request))
# Send an email with the confirmation link
site = Site.objects.get_current()
subject = "%s User Activation" % site.name
body = (
"Hello, %s, and thanks for signing up for an account at %s!"
"\n\nTo activate your account, click this link within 48 hours:"
"\n\nhttp://%s/login/%s" % (user.username, site.domain, site.domain, new_profile.activation_key)
)
send_mail(subject, body, "settings.EMAIL_HOST_USER", [user.email])
# Redirect to a confirmation page.
return HttpResponseRedirect("/signup/confirmed/")
# Load signup.html on GET request and POST error.
return load_page(request, "signup.html", {"form": form})
def report(request, id=None):
if request.method == "POST":
report_form = ReportForm(request.POST)
if report_form.is_valid():
try:
sale = unicode(Sale.objects.get(id=id))
except:
sale = "Not found."
send_mail(
"Knight Book Market Report",
"From: %s\n"
"Reason: %s\n"
"Reported Sale: %s (ID: %s)\n\n"
"%s" % (request.POST["email"], request.POST["reason"], sale, id, request.POST["message"]),
"settings.EMAIL_HOST_USER",
["*****@*****.**"],
)
return message_page(request, u"Thanks for contacting us!")
else:
report_form = ReportForm()
return load_page(request, "contact-report.html", {"form": report_form, "report": True, "id": id})
def account(request):
user = request.user
try:
profile = UserProfile.objects.get(user=request.user)
except:
profile = UserProfile()
profile.new(user, ip_address=get_remote_ip(request))
profile.save()
form = AccountForm({"phone": profile.phone, "email": user.email})
error = ""
if request.method == "POST":
form = AccountForm(request.POST)
if form.is_valid():
# user.email = form.cleaned_data['email']
user.save()
profile.phone = form.cleaned_data["phone"]
profile.save()
return index(request, "Your account has successfully been edited.")
else:
error = form.errors
return load_page(request, "account.html", {"form": form, "error": error})
def index(request, flash=None):
"""View that handles the guest index page and user home."""
flash = request.GET.get("flash", flash) # Get flash message.
selling = []
sold = []
buying = []
bought = []
if request.user.is_authenticated():
try:
profile = UserProfile.objects.get(user=request.user)
if profile.first_login:
# if facebook_connected(request):
# flash = ('Welcome to the Book Market! If you\'d like, you '
# 'can set your phone number in the Account page. '
# 'For convenience, it will automatically be sent '
# 'to users to whom you choose to sell your books.')
# else:
flash = "Welcome to the Book Market!"
profile.first_login = False
profile.save()
except:
error = "There was an error loading your user profile!"
# Sort sales into "selling" and "sold" accordingly
for sale in Sale.objects.filter(merchant=request.user):
offers = Offer.objects.filter(sale=sale)
highest = offers.aggregate(Max("price"))["price__max"]
this_sale = {
"id": sale.id,
"title": sale.title,
"image": sale.image,
"offers": len(offers.filter(status=Offer.PENDING)),
"highest": highest,
}
if sale.status == Sale.PENDING:
selling.append(this_sale)
elif sale.status == Sale.SOLD:
offer = Offer.objects.get(sale=sale, status=Offer.ACCEPTED)
buyer = "%s %s" % (offer.buyer.first_name, offer.buyer.last_name)
this_sale["price"] = offer.price
this_sale["buyer"] = buyer
sold.append(this_sale)
selling.sort(key=lambda sale: sale["title"].lower())
sold.sort(key=lambda sale: sale["title"].lower())
for offer in Offer.objects.filter(buyer=request.user):
offer.highest = Offer.objects.filter(sale=offer.sale).aggregate(Max("price"))["price__max"]
if offer.sale.status == Sale.PENDING and offer.status == Offer.PENDING:
buying.append(offer)
elif offer.sale.status == Sale.SOLD and offer.status == Offer.ACCEPTED:
bought.append(offer)
buying.sort(key=lambda offer: offer.sale.title.lower())
bought.sort(key=lambda offer: offer.sale.title.lower())
return load_page(
request, "index.html", {"flash": flash, "selling": selling, "sold": sold, "buying": buying, "bought": bought}
)
def browse(request, id=-1):
if id is not -1: # Browse book interface.
try:
sale = Sale.objects.get(id=id, status=Sale.PENDING)
except:
return error_page(request, "A sale with the id %d could not be " "found." % int(id))
viewer = "guest"
if request.user == sale.merchant:
viewer = "merchant"
elif request.user.is_authenticated():
if len(Offer.objects.filter(sale=sale, status=Sale.PENDING, buyer=request.user)) > 0:
viewer = "made_offer"
else:
viewer = "no_offer"
offers = Offer.objects.filter(sale=sale, status=Offer.PENDING).order_by("-price", "buyer__first_name")
return load_page(request, "sale_details.html", {"viewer": viewer, "sale": sale, "offers": offers})
else:
if request.user.is_authenticated():
sales = Sale.objects.exclude(merchant=request.user).filter(status=Sale.PENDING)
else:
sales = Sale.objects.filter(status=Sale.PENDING)
sales = sales.order_by("price", "title", "merchant__last_name")
error = ""
title = ""
isbn = ""
course = ""
form = SearchForm(request.GET)
if form.is_valid():
title = form.cleaned_data["title"] or ""
isbn = form.cleaned_data["isbn"] or ""
course = form.cleaned_data["course"] or ""
if title != "":
sales = sales.filter(title__icontains=title)
if isbn != "":
sales = sales.filter(isbn__exact=isbn)
if course != "":
sales = sales.filter(course__exact=course)
my_sales = []
for sale in sales:
offers = Offer.objects.filter(sale=sale)
this_sale = {
"id": sale.id,
"image": sale.image,
"title": sale.title,
"course": sale.course,
"price": sale.price,
"merchant": sale.merchant,
"offers": len(offers.filter(status=Offer.PENDING)),
"expires": sale.expires,
"expires_soon": (sale.expires - date.today()) <= timedelta(1),
}
my_sales.append(this_sale)
sales = my_sales
per_page = 5
pages = int(ceil(len(sales) / float(per_page)))
page = int(request.GET.get("page", 1))
if pages <= 0:
pages = 1
if page <= 0:
page = 1
if page > pages:
page = pages
prev = "?title=%s&isbn=%s&course%s=&page=%s" % (title or "", isbn or "", course or "", (page - 1))
next = "?title=%s&isbn=%s&course=%s&page=%s" % (title or "", isbn or "", course or "", (page + 1))
# Calculate the page number. Don't forget any leftovers on the last page.
# page_number = min(page, ceil(len(sales) / float(per_page)))
# Calculate the display indices from the page number.
first = int((page - 1) * per_page)
last = int(page * per_page)
sales = sales[first:last]
return load_page(
request,
"browse.html",
{"sales": sales, "form": form, "error": error, "prev": prev, "next": next, "page": page, "pages": pages},
)
def login_view(request, activation_key=""):
"""View that handles logging in. Verifies activation keys too."""
# Default variable values.
error = u""
username = ""
noverify = False
# Logging in
if request.method == "POST":
# Get login information from the POST data
username = request.POST["username"]
password = request.POST["password"]
# Create a new user and authenticate it
user = authenticate(username=username, password=password)
if user is not None: # User exists
try:
profile = UserProfile.objects.get(user=user)
if profile.is_verified:
if user.is_active:
if profile.is_disabled:
# Profile deactivated by user.
profile.is_disabled = False
profile.last_login_date = datetime.today()
profile.last_login_ip = get_remote_ip(request)
profile.save()
login(request, user)
return index(request, "Welcome back!")
# Profile is active and enabled.
profile.last_login_date = datetime.today()
profile.last_login_ip = get_remote_ip(request)
profile.save()
login(request, user)
else:
# Profile disabled.
error = (
u"Sorry, your user account has been "
u"disabled by an administrator for "
u"misconduct and/or violating the terms of "
u"service agreement."
)
else:
# If the user is not verified, try verifying.
if not activation_key:
error = (
u"Your account has not been verified. Please " u"check your email for a verification link."
)
noverify = True
else:
try:
profile = get_object_or_404(UserProfile, activation_key=activation_key)
user = profile.user
except:
error = "Invalid verification key."
noverify = True
# Error if the activation key expired.
if profile.key_expires < datetime.today():
error = u"Your activation key has expired. Please " u"request a new one with the link below."
noverify = True
elif not noverify:
profile.is_verified = True
profile.last_login_date = datetime.today()
profile.last_login_ip = get_remote_ip(request)
profile.save()
login(request, user)
except:
if user.is_staff:
login(request, user)
else:
error = (
u"Error: your user profile could not be loaded. "
u"Please contact an administrator or create a "
u"new account. We are sorry for any "
u"inconvenience."
)
raise
else:
error = u"Invalid username and password."
# GET and POST with errors
# Display page
if request.user.is_active: # User is logged in.
if request.user.is_staff: # User is an admin.
return HttpResponseRedirect("/admin") # Redirect to admin page.
elif request.POST.get("next", None): # User is not an admin
return HttpResponseRedirect(request.POST["next"])
else:
return HttpResponseRedirect("/") # Redirect home.
else: # User is not logged in.
next = request.GET.get("next", "")
return load_page(
request,
"login.html",
{"error": error, "username": username, "key": activation_key, "noverify": noverify, "next": next},
)
filename = data["image"] if "." in data["image"][-5:] else data["image"] + ".png"
sale.image.save(filename, File(img_temp))
sale.save()
message = "Thanks, your sale has been listed!"
try:
if request.POST["facebook"]:
share_sale(request, sale)
message += " A post has been added to your timeline."
except:
pass
return index(request, flash=message)
return load_page(request, "new_sale.html", {"form": form, "error": error, "facebook": facebook})
@login_required
def cancel_sale(request, id=-1):
id = int(id)
try:
sale = Sale.objects.get(id=id, merchant=request.user)
except:
return error_page(request, "A sale with the ID %d could not be found." % id)
if sale.status != Sale.PENDING:
return error_page(request, "That sale has already been cancelled.")
sale.cancel()
return HttpResponseRedirect("/")
