Mercurial > p > roundup > code
view roundup/cgi/timestamp.py @ 7859:9a74dfeb8620
feat: can use escaped tokens inside quotes including quotes.
Change tokenizer to support:
cmd with arg "string with embedded \" double quote"
works for single quotes too. Mixed quotes can skip the \" or \'
escaping.
Also:
quoted cmds args "can include \n newline, \t tab and \r return"
Added a doc example, also tests for new feature.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sat, 06 Apr 2024 20:37:45 -0400 |
| parents | 216662fbaaee |
| children |
line wrap: on
line source
'''Set of functions of adding/checking timestamp to be used to limit form submission for cgi actions. ''' import base64 import binascii import struct import time from roundup.cgi.exceptions import FormError from roundup.i18n import _ from roundup.anypy.strings import b2s, s2b def pack_timestamp(): return b2s(base64.b64encode(struct.pack("i", int(time.time()))).strip()) def unpack_timestamp(s): try: timestamp = struct.unpack("i", base64.b64decode(s2b(s)))[0] except (struct.error, binascii.Error, TypeError): raise FormError(_("Form is corrupted.")) return timestamp class Timestamped: def timecheck(self, field, delay): try: created = unpack_timestamp(self.form[field].value) except KeyError: raise FormError(_("Form is corrupted, missing: %s.") % field) if time.time() - created < delay: raise FormError(_("Responding to form too quickly.")) return True