From 5ea3aac8025334d9a2ecb509d674eea1a1e36b4c Mon Sep 17 00:00:00 2001 From: zsloan Date: Fri, 14 Feb 2020 13:47:34 -0600 Subject: Made change that should hopefully fix the vandalization issue --- wqflask/wqflask/docs.py | 19 +++++++++++-------- wqflask/wqflask/views.py | 25 ++++++++++++++++--------- 2 files changed, 27 insertions(+), 17 deletions(-) diff --git a/wqflask/wqflask/docs.py b/wqflask/wqflask/docs.py index afa1fec8..0187f32e 100644 --- a/wqflask/wqflask/docs.py +++ b/wqflask/wqflask/docs.py @@ -24,17 +24,20 @@ class Docs(object): self.editable = "false" # ZS: Removing option to edit to see if text still gets vandalized - # try: - # if g.user_session.record['user_email_address'] == "zachary.a.sloan@gmail.com" or g.user_session.record['user_email_address'] == "labwilliams@gmail.com": - # self.editable = "true" - # except: - # pass + try: + if g.user_session.record['user_email_address'] == "zachary.a.sloan@gmail.com" or g.user_session.record['user_email_address'] == "labwilliams@gmail.com": + self.editable = "true" + except: + pass def update_text(start_vars): content = start_vars['ckcontent'] content = content.replace('%', '%%').replace('"', '\\"').replace("'", "\\'") - sql = "UPDATE Docs SET content='{0}' WHERE entry='{1}';".format(content, start_vars['entry_type']) - - g.db.execute(sql) \ No newline at end of file + try: + if g.user_session.record['user_email_address'] == "zachary.a.sloan@gmail.com" or g.user_session.record['user_email_address'] == "labwilliams@gmail.com": + sql = "UPDATE Docs SET content='{0}' WHERE entry='{1}';".format(content, start_vars['entry_type']) + g.db.execute(sql) + except: + pass \ No newline at end of file diff --git a/wqflask/wqflask/views.py b/wqflask/wqflask/views.py index b443286d..7826c98f 100644 --- a/wqflask/wqflask/views.py +++ b/wqflask/wqflask/views.py @@ -220,8 +220,15 @@ def gsearch_updating(): @app.route("/docedit") def docedit(): logger.info(request.url) - doc = docs.Docs(request.args['entry'], request.args) - return render_template("docedit.html", **doc.__dict__) + try: + if g.user_session.record['user_email_address'] == "zachary.a.sloan@gmail.com" or g.user_session.record['user_email_address'] == "labwilliams@gmail.com": + doc = docs.Docs(request.args['entry'], request.args) + return render_template("docedit.html", **doc.__dict__) + else: + return "You shouldn't be here!" + except: + return "You shouldn't be here!" + @app.route('/generated/') def generated_file(filename): @@ -272,8 +279,8 @@ def news(): @app.route("/references") def references(): doc = docs.Docs("references", request.args) - # return render_template("docs.html", **doc.__dict__) - return render_template("reference.html") + return render_template("docs.html", **doc.__dict__) + #return render_template("reference.html") @app.route("/intro") def intro(): @@ -283,20 +290,20 @@ def intro(): @app.route("/policies") def policies(): doc = docs.Docs("policies", request.args) - return render_template("policies.html") - # return render_template("docs.html", **doc.__dict__) + #return render_template("policies.html") + return render_template("docs.html", **doc.__dict__) @app.route("/links") def links(): - #doc = docs.Docs("links") + #doc = docs.Docs("links", request.args) #return render_template("docs.html", **doc.__dict__) return render_template("links.html") @app.route("/environments") def environments(): doc = docs.Docs("environments", request.args) - # return render_template("docs.html", **doc.__dict__) - return render_template("environments.html", **doc.__dict__) + return render_template("docs.html", **doc.__dict__) + #return render_template("environments.html", **doc.__dict__) @app.route("/update_text", methods=('POST',)) def update_page(): -- cgit v1.2.3