aboutsummaryrefslogtreecommitdiff
path: root/backend
diff options
context:
space:
mode:
authorcbdev <cb@cbcdn.com>2021-10-29 20:22:18 +0200
committercbdev <cb@cbcdn.com>2021-10-29 20:22:18 +0200
commitb87909c9dd7aabe7b8f8bd63138876dff5cd2200 (patch)
tree55479eea6f24c824f1aef4e3d312cad7023e5ceb /backend
parentdad7fcafa4d4b2ab3fd59edb01c57a12155f0375 (diff)
downloadcargohold-b87909c9dd7aabe7b8f8bd63138876dff5cd2200.tar.gz
cargohold-b87909c9dd7aabe7b8f8bd63138876dff5cd2200.tar.bz2
cargohold-b87909c9dd7aabe7b8f8bd63138876dff5cd2200.zip
Implement gallery view, add noscript notice, implement rudimentary overwrite protection
Diffstat (limited to 'backend')
-rw-r--r--backend/HTTP.py16
-rw-r--r--backend/main.py29
2 files changed, 18 insertions, 27 deletions
diff --git a/backend/HTTP.py b/backend/HTTP.py
deleted file mode 100644
index 4ba3d90..0000000
--- a/backend/HTTP.py
+++ /dev/null
@@ -1,16 +0,0 @@
-def cookies(data):
- cookies = {}
- for cookie in data.split(';'):
- data = cookie.strip().split('=', 1)
- if(len(data) == 2):
- cookies[data[0]] = data[1]
- return cookies
-
-def formdata(data):
- fields = {}
- for field in data.split('&'):
- data = field.strip().split('=', 1)
- if len(data) == 2:
- fields[data[0]] = data[1]
- # FIXME URLdecode the entries
- return fields
diff --git a/backend/main.py b/backend/main.py
index 592b7a3..bbb853d 100644
--- a/backend/main.py
+++ b/backend/main.py
@@ -26,27 +26,27 @@ def resolve_alias(alias):
session = None
db = sqlite3.connect(config.database, check_same_thread = False)
cursor = db.cursor()
- cursor.execute("SELECT user, real, access, storage FROM aliases WHERE alias=:alias", {"alias": alias})
+ cursor.execute("SELECT user, real, access, storage, display FROM aliases WHERE alias=:alias", {"alias": alias})
data = cursor.fetchone()
if data:
- session = {"user": data[0], "path": data[1], "access": data[2], "limit": data[3]}
+ session = {"user": data[0], "path": data[1], "access": data[2], "limit": data[3], "display": data[4]}
else:
print("Unknown alias " + alias)
db.close()
return session
def listing(session):
- listing = {"total": 0, "files": []}
- if 'r' not in session["access"]:
- return ["", [('Content-Type','text/html')], "403 No"]
+ listing = {"total": 0, "files": [], "access": session["access"], "display": session["display"]}
- directory = target_filename(session, None)
- files = os.listdir(directory)
+ if 'r' in session["access"]:
+ directory = target_filename(session, None)
+ files = os.listdir(directory)
- for filename in files:
- size = os.path.getsize(directory + filename)
- listing["files"].append({"name": filename, "size": size})
- listing["total"] += size
+ for filename in files:
+ if os.path.isfile(directory + filename):
+ size = os.path.getsize(directory + filename)
+ listing["files"].append({"name": filename, "size": size})
+ listing["total"] += size
return [json.dumps(listing), [('Content-Type','application/json')], "200 OK"]
@@ -55,6 +55,10 @@ def upload(session, post):
return ["", [('Content-Type','text/html')], "403 No"]
if post["file"].filename:
target = target_filename(session, os.path.basename(post["file"].filename))
+
+ while os.path.isfile(target):
+ target += "_dup"
+
try:
open(target, 'wb').write(post["file"].file.read())
print("Uploaded " + target)
@@ -85,6 +89,9 @@ def route(path, env, session, post):
print("/data/" + target_filename_internal(session, path[2]))
return playout("/data/" + target_filename_internal(session, path[2]), mimetypes.guess_type(path[2])[0])
+ if len(path) > 1 and path[1] == "preview" and session["display"] == "gallery":
+ return playout("/data/" + target_filename_internal(session, "preview/" + path[2]), mimetypes.guess_type(path[2])[0])
+
return playout("/interface/listing.htm")
def handle_request(env, response):