X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=geekigeeki.py;h=0ff2e7a007527f0d2fa2ce9e9212ceffd839e88e;hb=559fd0250c8103477eaaad02b38c2ccfdbdda9f7;hp=07b3307709e243518dfcebb9f4e54b1c2185765c;hpb=2dafdcc5717df0896b6a9c9843e36ea3de981422;p=geekigeeki.git diff --git a/geekigeeki.py b/geekigeeki.py index 07b3307..0ff2e7a 100755 --- a/geekigeeki.py +++ b/geekigeeki.py @@ -24,7 +24,6 @@ from time import clock start_time = clock() import cgi, sys, os, re, errno, stat -from os import path, environ # Regular expression defining a WikiWord # (but this definition is also assumed in other places) @@ -41,25 +40,25 @@ title_done = False # CGI stuff --------------------------------------------------------- def script_name(): - return environ.get('SCRIPT_NAME', '') + return os.environ.get('SCRIPT_NAME', '') def privileged_path(): return privileged_url or script_name() def remote_user(): - user = environ.get('REMOTE_USER', '') + user = os.environ.get('REMOTE_USER', '') if user is None or user == '' or user == 'anonymous': user = 'AnonymousCoward' return user def remote_host(): - return environ.get('REMOTE_ADDR', '') + return os.environ.get('REMOTE_ADDR', '') def get_hostname(addr): try: from socket import gethostbyaddr return gethostbyaddr(addr)[0] + ' (' + addr + ')' - except Exception, er: + except Exception: return addr def relative_url(pathname, privileged=False): @@ -85,7 +84,7 @@ def send_guru(msg_text, msg_type): print ' Software Failure. Press left mouse button to continue.\n' print msg_text if msg_type == 'error': - print ' Guru Meditation #DEADBEEF.ABADC0DE' + print '\n Guru Meditation #DEADBEEF.ABADC0DE' print '' # FIXME: This little JS snippet is harder to pass than ACID 3.0 print """ @@ -120,12 +119,15 @@ def send_title(name, text="Limbo", msg_text=None, msg_type='error', writable=Fal print ' "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">' print '' - site_name = globals().get('site_name', 'Unconfigured Site') print "
%d hits out of %d pages searched.
" % (hits, searched) def handle_raw(pagename): + if not file_re.match(pagename): + send_httperror("403 Forbidden", pagename) + return + Page(pagename).send_raw() def handle_edit(pagename): + if not file_re.match(pagename): + send_httperror("403 Forbidden", pagename) + return + pg = Page(pagename) if 'save' in form: if form['file'].value: - pg.save(form['file'].file.read()) + pg.save(form['file'].file.read(), form['changelog'].value) else: - pg.save(form['savetext'].value.replace('\r\n', '\n')) + pg.save(form['savetext'].value.replace('\r\n', '\n'), form['changelog'].value) pg.format() elif 'cancel' in form: pg.msg_text = 'Editing canceled' @@ -264,18 +279,21 @@ def make_index_key(): links = map(lambda ch: '%s' % (ch, ch), 'abcdefghijklmnopqrstuvwxyz') return '