stacosys/app/interface/form.py

#!/usr/bin/env python
# -*- coding: utf-8 -*-

import logging
from datetime import datetime
from flask import request, abort, redirect
from core import app
from models.site import Site
from models.comment import Comment
from helpers.hashing import md5

logger = logging.getLogger(__name__)


@app.route("/newcomment", methods=["POST"])
def new_form_comment():

    try:
        data = request.form

        # add client IP if provided by HTTP proxy
        ip = ""
        if "X-Forwarded-For" in request.headers:
            ip = request.headers["X-Forwarded-For"]

        # log
        logger.info(data)

        # validate token: retrieve site entity
        token = data.get("token", "")
        site = Site.select().where(Site.token == token).get()
        if site is None:
            logger.warn("Unknown site %s" % token)
            abort(400)

        # honeypot for spammers
        captcha = data.get("captcha", "")
        if captcha:
            logger.warn("discard spam: data %s" % data)
            abort(400)

        url = data.get("url", "")
        author_name = data.get("author", "").strip()
        author_gravatar = data.get("email", "").strip()
        author_site = data.get("site", "").to_lower().strip()
        if author_site and author_site[:4] != "http":
            author_site = "http://" + author_site
        message = data.get("message", "")

        created = datetime.now().strftime("%Y-%m-%d %H:%M:%S")

        # add a row to Comment table
        comment = Comment(
            site=site,
            url=url,
            author_name=author_name,
            author_site=author_site,
            author_gravatar=author_gravatar,
            content=message,
            created=created,
            notified=None,
            published=None,
            ip=ip,
        )
        comment.save()

    except:
        logger.exception("new comment failure")
        abort(400)

    return redirect("/redirect/", code=302)
Add HTML form entry point 7 years ago			`#!/usr/bin/env python`
			`# -- coding: utf-8 --`

			`import logging`
minimalism 6 years ago			`from datetime import datetime`
			`from flask import request, abort, redirect`
Configuration moved to JSON and validated by JSON Schema 7 years ago			`from core import app`
			`from models.site import Site`
			`from models.comment import Comment`
			`from helpers.hashing import md5`
Add HTML form entry point 7 years ago
			`logger = logging.getLogger(__name__)`

minimalism 6 years ago
			`@app.route("/newcomment", methods=["POST"])`
Add HTML form entry point 7 years ago			`def new_form_comment():`

			`try:`
			`data = request.form`
anti-spam 7 years ago
			`# add client IP if provided by HTTP proxy`
minimalism 6 years ago			`ip = ""`
			`if "X-Forwarded-For" in request.headers:`
			`ip = request.headers["X-Forwarded-For"]`

			`# log`
Add HTML form entry point 7 years ago			`logger.info(data)`

			`# validate token: retrieve site entity`
minimalism 6 years ago			`token = data.get("token", "")`
Add HTML form entry point 7 years ago			`site = Site.select().where(Site.token == token).get()`
			`if site is None:`
minimalism 6 years ago			`logger.warn("Unknown site %s" % token)`
Add HTML form entry point 7 years ago			`abort(400)`

			`# honeypot for spammers`
minimalism 6 years ago			`captcha = data.get("captcha", "")`
Add HTML form entry point 7 years ago			`if captcha:`
minimalism 6 years ago			`logger.warn("discard spam: data %s" % data)`
Add HTML form entry point 7 years ago			`abort(400)`

minimalism 6 years ago			`url = data.get("url", "")`
			`author_name = data.get("author", "").strip()`
			`author_gravatar = data.get("email", "").strip()`
			`author_site = data.get("site", "").to_lower().strip()`
			`if author_site and author_site[:4] != "http":`
			`author_site = "http://" + author_site`
			`message = data.get("message", "")`

			`created = datetime.now().strftime("%Y-%m-%d %H:%M:%S")`

			`# add a row to Comment table`
			`comment = Comment(`
			`site=site,`
			`url=url,`
			`author_name=author_name,`
			`author_site=author_site,`
			`author_gravatar=author_gravatar,`
			`content=message,`
			`created=created,`
			`notified=None,`
			`published=None,`
			`ip=ip,`
			`)`
			`comment.save()`
Add HTML form entry point 7 years ago
			`except:`
			`logger.exception("new comment failure")`
			`abort(400)`

minimalism 6 years ago			`return redirect("/redirect/", code=302)`