def GET(self, path): path = xutils.unquote(path) path = xutils.get_real_path(path) path = u(path) if not self.is_path_allowed(path): xauth.check_login("admin") data_prefix = u(xconfig.DATA_DIR) if not path.startswith("static"): newpath = os.path.join(data_prefix, path) else: newpath = path # 兼容static目录数据 if not os.path.exists(newpath): # len("static/") = 7 newpath = os.path.join(data_prefix, newpath[7:]) path = newpath if not os.path.isfile(path): # 静态文件不允许访问文件夹 web.ctx.status = "404 Not Found" return "Not Readable %s" % path return self.handle_get(path)
def handle(self, input): # 输入框的行数 self.rows = 0 self.show_pagenation = True self.page_max = 0 pagesize = 16 * 30 path = xutils.get_argument("path", "") page = xutils.get_argument("page", 1, type=int) offset = max(page - 1, 0) * pagesize self.page_url = "?path=%s&page=" % path if path == "": return path = xutils.get_real_path(path) hex_text = "" char_text = "" if not os.path.isfile(path): return "`%s` IS NOT A FILE!" % path else: filesize = xutils.get_file_size(path, format=False) line_fmt = "%05x" step = 16 self.page_max = math.ceil(filesize / pagesize) padding = ' ' * 4 with open(path, 'rb') as fp: fp.seek(offset) for i in range(0, pagesize, step): bytes = fp.read(step) if len(bytes) == 0: break hex_text += line_fmt % (offset + i) hex_text += padding + bytes_hex(bytes).ljust(step * 3) hex_text += padding + bytes_chars(bytes) + '\n' self.writetemplate(HTML, path=path, hex_text=hex_text)
def GET(self): template_name = "code/view_source.html" path = xutils.get_argument("path", "") key = xutils.get_argument("key", "") readonly = False if path == "": return xtemplate.render(template_name, error="path is empty") else: error = "" warn = "" try: path = xutils.get_real_path(path) max_file_size = xconfig.MAX_TEXT_SIZE if xutils.get_file_size(path, format=False) >= max_file_size: warn = "文件过大,只显示部分内容" readonly = True content = xutils.readfile(path, limit=max_file_size) # 使用JavaScript来处理搜索关键字高亮问题 # if key != "": # content = xutils.html_escape(content) # key = xhtml_escape(key) # content = textutil.replace(content, key, htmlutil.span("?", "search-key"), ignore_case=True, use_template=True) return xtemplate.render(template_name, readonly=readonly, error=error, warn=warn, pathlist=xutils.splitpath(path), name=os.path.basename(path), path=path, content=content, lines=content.count("\n") + 1) except Exception as e: xutils.print_exc() error = e return xtemplate.render(template_name, name="", readonly=readonly, error=error, lines=0, content="")
def POST(self): user_name = xauth.current_name() part_file = True chunksize = 5 * 1024 * 1024 chunk = xutils.get_argument("chunk", 0, type=int) chunks = xutils.get_argument("chunks", 1, type=int) file = xutils.get_argument("file", {}) prefix = xutils.get_argument("prefix", "") dirname = xutils.get_argument("dirname", xconfig.DATA_DIR) dirname = dirname.replace("$DATA", xconfig.DATA_DIR) note_id = xutils.get_argument("note_id") # 不能访问上级目录 if ".." in dirname: return dict(code="fail", message="can not access parent directory") filename = None webpath = "" origin_name = "" # print(web.ctx.env) if hasattr(file, "filename"): origin_name = file.filename xutils.trace("UploadFile", file.filename) filename = os.path.basename(file.filename) filename = get_safe_file_name(filename) filename = xutils.get_real_path(filename) if dirname == "auto": filename = generate_filename(filename, prefix) filepath, webpath = xutils.get_upload_file_path( user_name, filename, replace_exists=True) dirname = os.path.dirname(filepath) filename = os.path.basename(filepath) else: # TODO check permission. filepath = os.path.join(dirname, filename) if chunk == 0: lock = try_lock_file(filepath) if os.path.exists(filepath): # return dict(code = "fail", message = "文件已存在") web.ctx.status = "500 Server Error" return dict(code="fail", message="文件已存在") if part_file: tmp_name = "%s_%d.part" % (filename, chunk) seek = 0 else: tmp_name = filename seek = chunk * chunksize xutils.makedirs(dirname) tmp_path = os.path.join(dirname, tmp_name) with open(tmp_path, "wb") as fp: fp.seek(seek) if seek != 0: xutils.log("seek to {}", seek) for file_chunk in file.file: fp.write(file_chunk) else: return dict(code="fail", message=u"请选择文件") if part_file and chunk + 1 == chunks: self.merge_files(dirname, filename, chunks) try_touch_note(note_id) if note_id != None and note_id != "": xutils.call("note.touch", note_id) return dict(code="success", webpath=webpath, link=get_link(origin_name, webpath))
def resolve_path(self, path, type=''): if type == "script": path = os.path.join(xconfig.SCRIPTS_DIR, path) path = os.path.abspath(path) return xutils.get_real_path(path)