import os,re,glob
from tornado import escape,web,ioloop,httpserver,httpclient
import pymongo, urllib
-from datetime import datetime
+from datetime import datetime,timedelta
import json
from bson.objectid import ObjectId #don't remove
from linebot.api import LineBotApi
if self.bool is True and self.current_user != b'admin':
self.render('modules/info.htm',position=self.pos,records=self.rec,data=params,db=dbname,error='')
else:
- self.render('modules/index.htm',position=self.pos,records=self.rec,data=params,username=self.na,
- comment='',db=dbname,aikotoba=self.rule,error='')
+ self.render_admin(dbname)
+
+ def render_admin(self,dbname,title='',com='',er='',img='',ch='checked'):
+ t = self.get_argument('img','')
+ params = self.application.db['params'].find_one({'app':'bbs'})
+ if self.current_user == b'admin':
+ s = '<label><p>URL </p><input name="img" placeholder="src=http://~" value=' + t + '></label>'
+ else:
+ s = '<input type=hidden>'
+ self.render('modules/index.htm',position=self.pos,records=self.rec,data=params,username=self.na,title=title,
+ comment=com,db=dbname,aikotoba=self.rule,error=er+img,check=ch,admin=s)
class LoginHandler(BaseHandler):
def get(self):
def get(self):
if 'params' not in self.application.mylist():
item = {"mentenance":False,"out_words":[u"阿保",u"馬鹿",u"死ね"],"password":"admin",
- "title2":"<h1 style=color:gray;text-align:center>pybbs</h1>",
- "bad_words":["<style","<link","<script","<img"],"count":30,
- "title":"pybbs","info name":"info",'app':'bbs'}
+ "title2":"<h1 style=color:maroon;font-style:italic;text-align:center>とるね~ど号</h1>",
+ "bad_words":["<style","<link","<script","<img","<a"],"count":30,
+ "title":u"とるね~ど号","info name":"info",'app':'bbs'}
self.application.db['params'].insert(item)
self.application.db['info'].find()
table = self.application.db['params'].find_one({'app':'bbs'})
class RegistHandler(IndexHandler):
def post(self,dbname):
self.main(dbname,'0')
- params = self.application.db['params'].find_one({'app':'bbs'})
- if dbname not in self.application.coll() and dbname != params['info name']:
+ if dbname not in self.application.coll(info=True):
raise web.HTTPError(404)
+ params = self.application.db['params'].find_one({'app':'bbs'})
words = params['bad_words']
out = params['out_words']
rule = self.get_argument('aikotoba')
i = 0
url = []
error = ''
- if rule != u'げんき':
- error = u'合言葉未入力.<br>'
- for word in out:
- if word in com:
- error += u'禁止ワード.<br>'
- break
+ kinsi = False
for line in com.splitlines():
- if error:
- break
+ if kinsi is False:
+ for word in out:
+ if word in line:
+ error += u'禁止ワード.<br>'
+ kinsi = True
+ break
for word in words:
if word in line.lower():
- error += u'タグ違反.('+word+')<br>'
+ tag = escape.xhtml_escape(word)
+ error += u'タグ違反.('+tag+')<br>'
i += len(line)
- obj = re.finditer('http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+', line)
+ obj = re.finditer('http[s]?://(?:[a-zA-Z]|[0-9]|(?:%[0-9a-fA-F][0-9a-fA-F]))+', line)
for x in obj:
if x.group() not in url:
url.append(x.group())
text += '<p><br>\n</p>'
else:
text += '<p>'+self.link(line,dbname)+'\n</p>'
+ if rule != u'げんき':
+ error += u'合言葉未入力.<br>'
s = ''
for x in url:
s = s+'<tr><td><a href={0} class=livepreview target=_blank>{0}</a></td></tr>'.format(x)
if i > 1000:
error += u'文字数が1,000をこえました.<br>'
if na == '':
- na = u'誰かさん'
+ if self.current_user == b'admin':
+ na = u'管理人'
+ else:
+ na = u'誰かさん'
if sub == '':
sub = u'タイトルなし.'
article = self.application.db[dbname]
items = article.find()
item = items.sort('number')[article.count()-1]
no = item['number']+1
+ s = datetime.now()
+ k = '%Y%m%d%H%M%S'
+ if self.get_argument('show', 'false') == 'true':
+ ch = 'checked'
+ else:
+ ch = ''
+ t = self.get_cookie('time')
+ if t and s - datetime.strptime(escape.url_unescape(t),k) < timedelta(seconds=10):
+ error += u'二重送信.'
+ img = self.get_argument('img','')
+ if img:
+ img = '<div style=text-align:center><img src="' + escape.url_unescape(img) + '"/></div>'
if error == '':
- self.set_cookie('aikotoba',escape.url_escape(rule))
- s = datetime.now()
- reg = {'number':no,'name':na,'title':sub,'comment':text,'raw':com,'password':pw,'date':s.strftime('%Y/%m/%d %H:%M')}
- article.insert(reg)
- self.set_cookie('username',escape.url_escape(na))
- self.redirect('/'+dbname+'#article')
+ if ch == 'checked':
+ error = '<p style=font-size:2.5em;color:blue>↓↓プレビュー↓↓</p>\n' + text
+ ch = ''
+ else:
+ com += img
+ text += img
+ reg = {'number': no, 'name': na, 'title': sub, 'comment': text, 'raw': com, 'password': pw,
+ 'date': s.strftime('%Y/%m/%d %H:%M')}
+ article.insert(reg)
+ self.set_cookie('aikotoba', escape.url_escape(rule))
+ self.set_cookie('username', escape.url_escape(na))
+ self.set_cookie('time',escape.url_escape(s.strftime(k)))
+ self.redirect('/' + dbname + '#article')
+ return
else:
- error = '<p style=color:red>'+error+'</p>'
- self.render('modules/index.htm',position=0,records=self.rec,data=params,
- username=na,comment=com,db=dbname,aikotoba=rule,error=error)
-
+ error = '<p style=color:red>' + error + '</p>'
+ self.na = na
+ self.rule = rule
+ self.pos = 0
+ self.render_admin(dbname,title=sub,com=com,er=error,ch=ch,img=img)
+
def link(self,command,database):
i = 0
text = ''
self.render('modules/search.htm',records=rec,word1=arg,db=dbname)
def get(self,dbname=''):
- if dbname not in self.application.coll() and dbname != '':
+ if dbname not in self.application.coll(info=True) and dbname != '':
raise web.HTTPError(404)
self.render('modules/search.htm',records=[],word1='',db=dbname)
def mylist(self):
return self.db.list_collection_names()[:]
- def coll(self):
+ def coll(self,info=False):
name = self.mylist()
item = self.db['params'].find_one({'app':'bbs'})
target = ['objectlabs-system', 'objectlabs-system.admin.collections', 'system.indexes',
- 'params', 'master', 'temp', item['info name']]
+ 'params', 'master', 'temp']
+ if info is False:
+ target.append(item['info name'])
for x in target:
name.remove(x)
for x in name: