123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460 |
- # -*- coding: UTF-8 -*-
- from django.http import HttpResponse,HttpResponseRedirect
- from django.conf import settings
- from django.shortcuts import render_to_response,RequestContext
- #from django_hosts.resolvers import reverse
- #from django.core.cache import get_cache
- from django.conf import settings
- from django.views.decorators.csrf import csrf_exempt
- from django.core.urlresolvers import reverse
- from django.contrib import messages
- from siteutil.DataConvert import str2int,CheckPOST,str2long,BigIntUniqueID,MakeSummary,TIIHASH
- from siteutil.CommonPaginator import SelfPaginator
- from siteutil.CommonFilter import CommonFilter,FilterCondition
- from siteutil.htmlutil import renderPichuMarkDown as renderMarkdownSafety
- from siteutil.redisconf import RedisConfigHandler
- from zlogin.common.JsonResponse import JsonResponse
- from zlogin.decorators import login_detect,login_required,PermNeed
- from zlogin import zlauth
- from zlogin.zlauth import GetUser,PermCheck
- from zlogin.captcha_app import CheckCaptcha,OutsiteCaptchaURL
- from pichublog.models import KVConf,BlogCategoty,BlogPost,BlogComment,LeaveMsg
- from pichublog.forms import BlogCategotyForm,EditPostForm,PostPermForm
- import time
- #cache = get_cache("pichublog")
- def strFastConfGet(key,default=""):
- r = RedisConfigHandler(settings.CFG_REDIS,"pichublog")
- return r.get_or_set(key,default)
- def boolFastConfGet(key,default=False):
- r = RedisConfigHandler(settings.CFG_REDIS,"pichublog")
- return r.get_or_set_bool(key,default)
- @PermNeed('pichublog','Admin')
- def PostABkList(request):
- bpo = BlogPost.objects.all()
- ctids = []
- ctals = []
- for i in BlogCategoty.objects.all().order_by('order'):
- ctids.append(i.id)
- ctals.append(i.title)
- fco = FilterCondition()
- fco.addTextContain("t","标题","title")
- fco.addTextContain("au","作者","author__name")
- fco.addDateRange("ct","创建时间","crttime")
- fco.addDateRange("pt","发布时间","pubtime")
- fco.addSingleChoice("hid","隐藏","hidden",[True,False],alias=["真","假"])
- fco.addSingleChoice("prv","私密","private",[True,False],alias=["真","假"])
- fco.addSingleChoice("fc","自由评论","freecomment",[True,False],alias=["真","假"])
- fco.addMultiChoice("cat","分类","category_id",ctids,alias=ctals)
- fList = CommonFilter(request,fco,bpo)
- #分页功能
- lpg = SelfPaginator(request,fList, 20)
- kwvars = {
- "request":request,
- "lPage":lpg,
- 'FilterHTML':fco.RenderHTML(request),
- "adminmode":True,
- }
- return render_to_response('home/post.bk.list.html',kwvars,RequestContext(request))
- @PermNeed('pichublog','Writer')
- def PostWBkList(request):
- bpo = BlogPost.objects.all()
- mList = bpo.filter(author=GetUser(request))
- ctids = []
- ctals = []
- for i in BlogCategoty.objects.all().order_by('order'):
- ctids.append(i.id)
- ctals.append(i.title)
- fco = FilterCondition()
- fco.addTextContain("t","标题","title")
- fco.addDateRange("ct","创建时间","crttime")
- fco.addDateRange("pt","发布时间","pubtime")
- fco.addSingleChoice("hid","隐藏","hidden",[True,False],alias=["真","假"])
- fco.addSingleChoice("prv","私密","private",[True,False],alias=["真","假"])
- fco.addSingleChoice("fc","自由评论","freecomment",[True,False],alias=["真","假"])
- fco.addMultiChoice("cat","分类","category_id",ctids,alias=ctals)
- fList = CommonFilter(request,fco,mList)
- #分页功能
- lpg = SelfPaginator(request,fList, 20)
- kwvars = {
- "request":request,
- "lPage":lpg,
- 'FilterHTML':fco.RenderHTML(request),
- "adminmode":False,
- }
- return render_to_response('home/post.bk.list.html',kwvars,RequestContext(request))
- def PostList(request,ctname):
- bpo = BlogPost.objects.all().filter(rendered=True,hidden=False)
- if ctname == "*":
- stcl = strFastConfGet('MainTopList',default="")
- ltcl = stcl.split(',')
- itcl = map(lambda x:str2int(x), ltcl)
- toplist = BlogPost.objects.filter(id__in=itcl)
- cttitle = "*"
- else:
- bpo = bpo.filter(category__engname=ctname)
- try:
- cto = BlogCategoty.objects.get(engname=ctname)
- cttitle = cto.title
- except:
- cttitle = "?"
- try:
- cato = BlogCategoty.objects.get(engname=ctname)
- stcl = cato.topli
- ltcl = stcl.split(',')
- itcl = map(lambda x:str2int(x), ltcl)
- toplist = BlogPost.objects.filter(id__in=itcl)
- except:
- stcl = strFastConfGet('MainTopList',default="")
- ltcl = stcl.split(',')
- itcl = map(lambda x:str2int(x), ltcl)
- toplist = BlogPost.objects.filter(id__in=itcl)
- fco = FilterCondition()
- fco.addTextContain("t","标题","title")
- fco.addTextContain("au","作者用户名","author__name")
- fco.addTextContain("an","作者昵称","author__nick")
- fco.addDateRange("ct","创建时间","crttime")
- fco.addDateRange("pt","发布时间","pubtime")
- fList = CommonFilter(request,fco,bpo)
- #分页功能
- lpg = SelfPaginator(request,fList, 20)
- kwvars = {
- "request":request,
- "ctname":ctname,
- "cttitle":cttitle,
- "TopList":toplist,
- "lPage":lpg,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- 'FilterHTML':fco.RenderHTML(request),
- }
- return render_to_response('home/post.list.html',kwvars,RequestContext(request))
- @PermNeed('pichublog','Writer')
- def PostAdd(request):
- bpo = BlogPost.objects.create(
- title = time.strftime("[草稿]%Y-%b-%d %H:%M:%S"),
- author = GetUser(request),
- rendered = False,
- hidden = True,
- private = False,
- passwdlck = False,
- freecomment = True,
- )
- return HttpResponseRedirect(reverse('pichublog_postedit',args=(bpo.id,)))
- def PostPasswordForm(request,ID):
- kwvars = {
- "request":request,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- "pid":ID,
- }
- return render_to_response('home/post.pswd.form.html',kwvars,RequestContext(request))
- def PostView(request,ID):
- thisuser = GetUser(request)
- try:
- bpo = BlogPost.objects.get(id=ID)
- except BlogPost.DoesNotExist:
- kwvars = {
- "request":request,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- }
- return render_to_response('home/post.err.html',kwvars,RequestContext(request))
- if not bpo.rendered:
- kwvars = {
- "request":request,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- }
- return render_to_response('home/post.err.html',kwvars,RequestContext(request))
- if bpo.hidden:
- if not bpo.author == thisuser:
- if not PermCheck(request.auth,'pichublog','Admin'):
- kwvars = {
- "request":request,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- }
- return render_to_response('home/post.err.html',kwvars,RequestContext(request))
- if bpo.private:
- if bpo.passwdlck:
- if request.method == "POST":
- if not request.POST.get('ppppppppaaaaaassssssssssssswwwwwooorrrrrdddd') == bpo.passwd:
- messages.error(request,u"<b>密码错误!</b>")
- return HttpResponseRedirect(reverse('pichublog_postpwdf',args=(bpo.id,)))
- else:
- return HttpResponseRedirect(reverse('pichublog_postpwdf',args=(bpo.id,)))
- else:
- pmh = False
- for hgp in thisuser.group:
- if hgp in bpo.readgrp:
- if not thisuser in bpo.readuex:
- pmh = True
- break
- if not pmh:
- if thisuser in bpo.readuin:
- pmh = True
- if not pmh:
- kwvars = {
- "request":request,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- }
- return render_to_response('home/post.err.html',kwvars,RequestContext(request))
- if bpo.freecomment:
- pmhc = True
- else:
- pmhc = False
- for hgp in thisuser.group:
- if hgp in bpo.commentgrp:
- if not thisuser in bpo.commentuex:
- pmhc = True
- break
- if not pmhc:
- if thisuser in bpo.commentuin:
- pmhc = True
- kwvars = {
- "request":request,
- "bpo":bpo,
- "bkmode":False,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- "crws":boolFastConfGet('CommentsReviewSwitch',default=True),
- "allowcmt":pmhc,
- }
- return render_to_response('home/post.view.html',kwvars,RequestContext(request))
- @PermNeed('pichublog','Writer')
- def PostPreview(request,ID):
- try:
- bpo = BlogPost.objects.get(id=ID)
- except BlogPost.DoesNotExist:
- kwvars = {
- "request":request,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- }
- return render_to_response('home/post.err.html',kwvars,RequestContext(request))
- if not PermCheck(request.auth,'pichublog','Admin'):
- if not thisuser == bpo.author:
- kwvars = {
- "request":request,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- }
- return render_to_response('home/post.err.html',kwvars,RequestContext(request))
- kwvars = {
- "request":request,
- "bpo":bpo,
- "bkmode":True,
- }
- return render_to_response('home/post.view.html',kwvars,RequestContext(request))
- @PermNeed('pichublog','Admin')
- def PostEdit(request,ID):
- try:
- bpo = BlogPost.objects.get(id=ID)
- except BlogPost.DoesNotExist:
- kwvars = {
- "request":request,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- "randposts":BlogPost.objects.all().order_by('?')[:5],
- }
- return render_to_response('home/post.err.html',kwvars,RequestContext(request))
- if request.method == "POST":
- form = EditPostForm(request.POST,instance=bpo)
- if form.is_valid():
- nbp = form.save(commit=False)
- nbp.html = renderMarkdownSafety(nbp.markdown)
- nbp.rendered = True
- nbp.save()
- form.save_m2m()
- if request.REQUEST.get("rfm") == "w":
- return HttpResponseRedirect(reverse('pichublog_postwbklist'))
- else:
- return HttpResponseRedirect(reverse('pichublog_postabklist'))
- else:
- form = EditPostForm(instance=bpo)
- kwvars = {
- "request":request,
- 'form':form,
- 'rfm':request.REQUEST.get("rfm"),
- }
- return render_to_response('home/post.edit.html',kwvars,RequestContext(request))
- @PermNeed('pichublog','Admin')
- def PostGrant(request,ID):
- try:
- bpo = BlogPost.objects.get(id=ID)
- except BlogPost.DoesNotExist:
- kwvars = {
- "request":request,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- "randposts":BlogPost.objects.all().order_by('?')[:5],
- }
- return render_to_response('home/post.err.html',kwvars,RequestContext(request))
- if request.method == "POST":
- form = PostPermForm(request.POST,instance=bpo)
- if form.is_valid():
- form.save()
- if request.REQUEST.get("rfm") == "w":
- return HttpResponseRedirect(reverse('pichublog_postwbklist'))
- else:
- return HttpResponseRedirect(reverse('pichublog_postabklist'))
- else:
- form = PostPermForm(instance=bpo)
- kwvars = {
- "request":request,
- 'form':form,
- 'rfm':request.REQUEST.get("rfm"),
- }
- return render_to_response('home/post.grant.html',kwvars,RequestContext(request))
- @PermNeed('pichublog','Admin')
- def PostHidden(request,ID):
- try:
- bpo = BlogPost.objects.get(id=ID)
- except BlogPost.DoesNotExist:
- kwvars = {
- "request":request,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- "randposts":BlogPost.objects.all().order_by('?')[:5],
- }
- return render_to_response('home/post.err.html',kwvars,RequestContext(request))
- if not "val" in request.GET.keys():
- return HttpResponse("Err Request Arguments")
- bset = (request.GET['val']=="true")
- bpo.hidden = bset
- bpo.save()
- if request.REQUEST.get("rfm") == "w":
- return HttpResponseRedirect(reverse('pichublog_postwbklist'))
- else:
- return HttpResponseRedirect(reverse('pichublog_postabklist'))
- @PermNeed('pichublog','Admin')
- def PostDel(request,ID):
- try:
- bpo = BlogPost.objects.get(id=ID)
- except BlogPost.DoesNotExist:
- kwvars = {
- "request":request,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- "randposts":BlogPost.objects.all().order_by('?')[:5],
- }
- return render_to_response('home/post.err.html',kwvars,RequestContext(request))
- if request.GET.get('veryfycode') == unicode(hash(bpo.title)):
- bpo.delete()
- else:
- messages.error(request,"<b>删除失败:</b>请求参数校验不成功,为了安全起见,该删除请求被服务器拒绝。")
- if request.REQUEST.get("rfm") == "w":
- return HttpResponseRedirect(reverse('pichublog_postwbklist'))
- else:
- return HttpResponseRedirect(reverse('pichublog_postabklist'))
- def AjaxShowComments(request,ID):
- try:
- bpo = BlogPost.objects.get(id=ID)
- except BlogPost.DoesNotExist:
- kwvars = {
- "request":request,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- }
- return render_to_response('home/post.err.html',kwvars,RequestContext(request))
- thisuser = GetUser(request)
- owner = PermCheck(request.auth,'pichublog','Admin')
- if not owner:
- if bpo.author == thisuser:
- owner = True
- if owner:
- cmt = BlogComment.objects.filter(post=bpo).order_by('-time')
- else:
- cmt = BlogComment.objects.filter(post=bpo,reviewed=True).order_by('-time')
- lPage = SelfPaginator(request,cmt,20)
- kwvars = {
- 'request':request,
- 'owner':owner,
- 'lPage':lPage,
- 'AjaxPaginatorID':'cmt',
- }
- return render_to_response('home/ajax.comment.html',kwvars,RequestContext(request))
- @PermNeed('pichublog','Admin')
- def DelComments(request,cmid):
- try:
- lmo = BlogComment.objects.get(cmid=cmid)
- except BlogComment.DoesNotExist:
- return JsonResponse({"stat":"err","type":"DoesNotExist"})
- if request.GET.get('veryfycode') == TIIHASH(lmo.fromuser,lmo.fromuser):
- lmo.delete()
- else:
- return JsonResponse({"stat":"err","type":"VerificationError"})
- return JsonResponse({"stat":"ok","type":"OK"})
- @PermNeed('pichublog','Admin')
- def SetCommentsReview(request,cmid):
- try:
- lmo = BlogComment.objects.get(cmid=cmid)
- except BlogComment.DoesNotExist:
- return JsonResponse({"stat":"err","type":"DoesNotExist"})
- logic = request.GET.get('val')
- bl = (logic == "true")
- lmo.reviewed = bl
- lmo.save()
- return JsonResponse({"stat":"ok","type":"OK"})
- def AddComments(request,ID):
- try:
- bpo = BlogPost.objects.get(id=ID)
- except BlogPost.DoesNotExist:
- kwvars = {
- "request":request,
- "ctlist":BlogCategoty.objects.all().order_by('order'),
- }
- return render_to_response('home/post.err.html',kwvars,RequestContext(request))
- if bpo.freecomment:
- pmhc = True
- else:
- pmhc = False
- for hgp in thisuser.group:
- if hgp in bpo.commentgrp:
- if not thisuser in bpo.commentuex:
- pmhc = True
- break
- if not pmhc:
- if thisuser in bpo.commentuin:
- pmhc = True
- if not pmhc:
- messages.error(request,u"<b>作者只允许指定身份的人评论本文,您不在此列。</b>")
- return HttpResponseRedirect(reverse('pichublog_postview',args=(ID,)))
- if request.method == "POST":
- if request.auth.islogin:
- chkpr=CheckPOST(['content'],request.POST.keys())
- if not chkpr == "" :
- return JsonResponse({"code":400,"msg":"Error Args."})
- else:
- chkpr=CheckPOST(['content','nick','website','mail','title'],request.POST.keys())
- if not chkpr == "" :
- return JsonResponse({"code":400,"msg":"Error Args."})
- if request.auth.islogin:
- content = request.POST.get('content')
- stk = request.auth.cookie.get('zl2_token')
- BlogComment.objects.create(post=bpo,cmid=BigIntUniqueID(),anonymou=False,stoken=stk,fromuser=request.auth.user,content=content,reviewed=True)
- return HttpResponseRedirect(reverse('pichublog_postview',args=(ID,)))
- else:
- capt = request.POST.get('captcha')
- if not CheckCaptcha(request,capt):
- messages.error(request,u"<b>验证码错误</b>")
- return HttpResponseRedirect(reverse('pichublog_postview',args=(ID,)))
- content = request.POST.get('content')
- nick = request.POST.get('nick')
- mail = request.POST.get('mail')
- web = request.POST.get('website')
- stk = request.auth.cookie.get('zl2_token')
- rws = not boolFastConfGet('CommentsReviewSwitch',default=True)
- LeaveMsg.objects.create(post=bpo,cmid=BigIntUniqueID(),anonymou=True,stoken=stk,fromuser=nick,mail=mail,website=web,content=content,reviewed=rws)
- return HttpResponseRedirect(reverse('pichublog_postview',args=(ID,)))
- else:
- return HttpResponse("405 Method Not Allowed")
|