Commit db726ac4 authored by Jean Michel Rouly's avatar Jean Michel Rouly
Browse files

Delete securely removes a URL registered by the logged in user.

parent 91685638
from cgi import parse_qs, escape
import site
site.addsitedir('/srv/http/go/wsgi')
......@@ -20,80 +21,21 @@ def application(environ, start_response):
body = []
# Grab user data, cut off non-relevant fields.
data = environ['wsgi.input']
data = library.parse_data( data )
# Grab user data.
data = parse_qs(environ['QUERY_STRING'])
short_url = data.get("u", [''])[0]
short_url = escape(short_url)
# Store parsed user data in these handy variables.
short_url = data["short_url"]
expiration = data["expiration"]
try:
short_url = data["short-url"]
except KeyError:
pass
if len(short_url) == 0:
short_url = library.generate_short_url( long_url )
while library.short_url_exists( short_url ):
short_url = library.generate_short_url( long_url )
# Prepend the long_url with a protocol if it doesn't have one.
if not (long_url.startswith("http") or long_url.startswith("ftp")):
long_url = "http://" + long_url
# Un-quote the url for storage, if it's quoted.
long_url = urllib.unquote( long_url )
short_url = urllib.unquote( short_url )
# Parse the expiration date.
today = int(time.time())
if expiration is None:
end_stamp = today
elif expiration == "never":
end_stamp = 0
elif expiration == "month":
end_stamp = today + 2629740
elif expiration == "week":
end_stamp = today + 604800
elif expiration == "day":
end_stamp = today + 86400
else:
end_stamp = today
# Add error messages if any are found.
if re.match(url_regex, long_url) is None:
error.append("<p>You entered an invalid long url!</p>")
if len( short_url ) < goconfig.min_url_len:
error.append("<p>The identifier must be at least ")
error.append(str(goconfig.min_url_len) + " characters.</p>")
if re.match(short_regex, short_url) == None:
error.append("<p>The identifier can contain only letters and numbers.</p>")
if library.short_url_exists( short_url ):
error.append("<p>The identifier already exists in the database!</p>")
if len(error) > 0: # at least one error found
body = ["<h3>~Error~</h3>"]
body.extend( error )
body.append('<input type="submit" value="BACK" ')
body.append('onclick="history.back()" /><br /><br />')
else: # no error found
# insert the longurl-shorturl pairing in the database.
library.register_url( long_url, short_url, end_stamp, environ )
display_short = goconfig.domain + "/" + short_url
body = ["<h3>~Success~</h3>"]
body.append(
'<p><em>Original URL:</em> <a href="%s">%s</a></p>' %
(long_url, long_url))
body.append(
'<p><em>Shortened URL:</em> <a href="/%s">%s</a></p>' %
(short_url, display_short))
username = library.get_username( environ )
links = library.get_links( username )
if links is not None:
for link in links:
(link_id, _, link_short_url, _, _, _) = link
if short_url == link_short_url:
library.delete_url( link_id )
status = '303 See other'
response_headers = [('Location', '/mylinks')]
start_response(status, response_headers)
return ['Redirecting to index . . .']
return ['Redirecting to mylinks . . .']
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment