Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def collections_process():
""" Process URLs that were passed through the collection form """
urls = request.forms.get('urls')
if urls is None:
return "no URLs given"
urls = list(set([url.strip() for url in urls.strip().split('\n')]))
batch = Batch.process_urls(
urls,
base_dir=request.app.config['artex.directory'],
max_procs=int(request.app.config['artex.processes']))
bottle.redirect('/batches/%s' % batch.id)
def update_blacklist():
"""
Writes the blacklist textarea on /settings to the database.
This function expects a multi-line string, transmitted over the textarea form.
:return: redirect to settings page
"""
# get new blacklist
words = bottle.request.forms.get("blacklist")
# get user_id
user_id = get_user_id(bottle.request.get_cookie("account", secret=secret))
# write new goodlist to db
db.cur.execute("UPDATE trigger_bad SET words = ? WHERE user_id = ?;", (words, user_id, ))
db.conn.commit()
return bottle.redirect("/settings")
def login_post(db):
# check login
if db.authenticate(request.forms.get('email', ''),
request.forms.get('pass', '')):
return redirect('/settings')
return dict(error='Authentication failed.')
def forgot():
res = ops.verifyLogin(request.cookies.email, request.cookies.sessionkey)
if res["loggedin"]:
return redirect("/")
return template("forgotpwd.tpl", **{"siteconfig": siteconfig, "redirectUrl": "/"})
def _reload_settings(self):
settings.reload()
self.messages.append(
"Settings reloaded from %s." % settings.SETTINGS_FILE)
return bottle.redirect(self.get_url('home'))
def remove_item_from_notebook(self, iden, line_id):
"""
Remove an item from a notebook.
:param iden: Notebook identifier.
:param line_id: Identifier of the loc.
"""
uid, token = _get_cred()
ntb_type = _get_ntb_type()
self.api.delete_item_of_notebook(uid, token, ntb_type, iden, line_id)
bottle.redirect('/' + ntb_type + '/' + iden)
def journal_all():
"A list of all the entries in this realization."
bottle.redirect(request.app.get_url('journal', account_name=''))
oauth_tokens = request.session['oauth_tokens']
oauth_tokens = oauth.fetch_access_token(request.session['oauth_tokens'], request)
request.session['oauth_tokens'] = oauth_tokens
try:
user_request = oauth.get(oauth_tokens, utils.remote_url + 'api/0.6/user/details')
if user_request:
request.session['user'] = xmldict.xml_to_dict(user_request)
except Exception as e:
pass
if 'user' not in request.session:
request.session['user'] = None
except:
pass
finally:
request.session.save()
redirect('map')
if parts.ext not in NBCONFIG.extensions + ['.html'] and not isdir:
return static_file(parts.rootname[1:],NBCONFIG.source)
if not isdir and original_ext != '.html': # Forward to the .html version
redirect(utils.join('/',parts.rootbasename + '.html'))
#########################################################################
##### I think this is no longer used since a newtype is not appended
##### like nav=new&newtype=dir. Now it is nav=newdir.
##### - [ ] Investigate cutting this
newtype = request.query.get('newtype',default=None)
if newtype is not None:
page = request.query.get('page',default='')
page = page[1:] if page.startswith('/') else page
page = utils.join(parts.rootbasename,page)
redirect('/_new?newtype={newtype}&page={page}'.format(\
page=page,newtype=newtype))
#########################################################################
## Get the db
db = db_conn()
## Get the content and return
if isdir:
### Blog
if parts.rootname == '/' and len(NBCONFIG.blog_dirs) > 0 and not map_view:
blog_items,is_end = get_blog_page(blog_num,db,drafts=is_edit_user)
if len(blog_items) == 0:
abort(404)
blog_html = utils.combine_html(blog_items,annotate=False,add_date=True)
def _view(*args, **kwargs):
# In case of setup, no login methods can be accessed
if SETUP is not None:
redirect("/setup")
s = request.environ.get('beaker.session')
api = get_user_api(s)
if api is not None:
if perm:
if api.user.hasPermission(perm):
if request.headers.get('X-Requested-With') == 'XMLHttpRequest':
return HTTPError(403, "Forbidden")
else:
return redirect("/nopermission")
kwargs["api"] = api
return func(*args, **kwargs)
else:
if request.headers.get('X-Requested-With') == 'XMLHttpRequest':
return HTTPError(403, "Forbidden")
else:
return redirect("/login")