Fixes

paramecio/libraries/db/formsutils.py

@@ -3,7 +3,7 @@
 from paramecio.libraries.db import corefields
 from paramecio.libraries.db.coreforms import PasswordForm
 from paramecio.libraries.i18n import I18n
-from paramecio.libraries.sessions import get_session
+from paramecio.libraries.sessionplugin import get_session
 from paramecio.libraries.keyutils import create_key_encrypt
 from bottle import request
 
@@ -123,9 +123,9 @@ def csrf_token(token_id='csrf_token'):
     
     s=get_session()
     
-    if not 'csrf_token' in s:    
-        s['csrf_token']=create_key_encrypt()
-        s.save()
+    #if not 'csrf_token' in s:    
+    s['csrf_token']=create_key_encrypt()
+        #s.save()
     
     return '<input type="hidden" name="csrf_token" class="csrf_token" id="'+token_id+'" value="'+s['csrf_token']+'" />'
     
@@ -135,7 +135,7 @@ def generate_csrf():
     
     if not 'csrf_token' in s:    
         s['csrf_token']=create_key_encrypt()
-        s.save()
+        #s.save()
 
     return s['csrf_token']
 

paramecio/libraries/db/simplequery.py

@@ -0,0 +1,44 @@
+
+# A more simple set for make queries 
+
+def insert(model, db, dict_values):
+    
+    final_values={}
+    
+    for k in model.fields.keys():
+        final_values[k]=model.fields[k].check(dict_values.get(k, ''))
+    
+    del final_values[model.name_field_id]
+    
+    str_fields="`"+"`, `".join(final_values.keys())+"`"
+    
+    str_query='insert into {} ({}) VALUES ({})'.format(model.name, str_fields, ", ".join(['%s']*len(final_values)))
+    
+    success=False
+    
+    with db.query(str_query, list(final_values.values())) as cursor:
+        
+        if cursor.rowcount>0:
+            
+            model.last_id=cursor.lastrowid
+            success=True
+    
+    return success
+    
+
+def select(model, db, dict_fields=[], where_sql='', limit='', dict_values=[]):
+    
+    if len(dict_fields)==0:
+        dict_fields=['`'+field+'`' for field in model.fields.keys()]
+    
+    str_fields=", ".join(dict_fields)
+    
+    str_query='select {} from {} {} limit 1'.format(str_fields, model.name, where_sql)
+    
+    arr_result=[]
+    
+    with db.query(str_query, dict_values) as cursor:
+        
+        arr_result=cursor.fetchall()
+        
+    return arr_result

paramecio/libraries/httputils.py

@@ -2,7 +2,7 @@
 
 import json, re
 from bottle import request, response
-from paramecio.libraries.sessions import get_session
+from paramecio.libraries.sessionplugin import get_session
 from paramecio.libraries.keyutils import create_key_encrypt
 from bottle import HTTPResponse
 
@@ -100,7 +100,7 @@ class GetPostFiles:
             self.post[post]=self.post.get(post, '')
         
         s=get_session()
-        
+        #print('s', s)
         if ignore_csrf_token==False and no_csrf==False:
             
             if 'csrf_token' in s:
@@ -113,7 +113,7 @@ class GetPostFiles:
                     
                     del s['csrf_token']
                         
-                    s.save()
+                    #s.save()
                     
                     #raise NameError('Error: you need a valid csrf_token')
                     raise HTTPResponse(body=json.dumps({'error_csrf': 1, 'error': 1, 'token_invalid': 1}), status=200, headers={'Content-type': 'application/json'})
@@ -124,7 +124,7 @@ class GetPostFiles:
                     
                         del s['csrf_token']
                         
-                        s.save()
+                        #s.save()
                     
 
             else:
@@ -160,8 +160,8 @@ def check_csrf(post):
             
                 del s['csrf_token']
                 
-                s.save()
+                #s.save()
             
     else:
         #raise NameError('Error: you don\'t send any valid csrf_token')
-        raise HTTPResponse(body=json.dumps({'error_csrf': 1, 'error': 1, 'token_invalid': 0}), status=200, headers={'Content-type': 'application/json'})    
+        raise HTTPResponse(body=json.dumps({'error_csrf': 1, 'error': 1, 'message': 'Error: csrf token invalid', 'token_invalid': 0}), status=200, headers={'Content-type': 'application/json'})    

paramecio/libraries/i18n.py

@@ -20,7 +20,7 @@ along with this program.  If not, see <https://www.gnu.org/licenses/>.
 """
 
 from importlib import import_module
-from paramecio.libraries.sessions import get_session
+from paramecio.libraries.sessionplugin import get_session
 import json
 from bottle import request
 import gettext

paramecio/libraries/mtemplates.py

@@ -31,6 +31,7 @@ from paramecio.libraries.js import make_js_url
 from settings import config
 from os import path
 from collections import OrderedDict
+from paramecio.wsgiapp import app
 
 # Preparing envs for views of modules, and views of 
 
@@ -85,13 +86,17 @@ def preload_templates(template_files, env):
             
     return templates
 
+def url_for(name):
+    
+    return app.get_url(name)
+
 class PTemplate:
     """A class used how shortcuts for Mako template functions.
     """
     
     templates_loaded={}
     
-    def __init__(self, environment, app=None):
+    def __init__(self, environment):
         
         """A class used how shortcuts for Mako template functions.
         
@@ -188,7 +193,7 @@ class PTemplate:
         
         module_env=self.env.directories[1].replace('/templates', '')
         
-        self.l=PGetText(module_env+'/index.py')
+        self.l=PGetText(module_env+'/app.py')
 
         self.add_filter(self._)
         
@@ -198,6 +203,12 @@ class PTemplate:
         
         self.add_filter(self.i18n.tlang)
         
+        #self.url_for=lambda name: app.get_url(name)
+        #x = lambda a : a + 10
+        #print(self.url_for)
+        
+        self.add_filter(url_for)
+
     def _(self, text):
     
         return self.l.gettext(text)

paramecio/libraries/sessionplugin.py

@@ -16,6 +16,10 @@ class Session(dict):
         super(Session, self).__setitem__(item, value)
         self.changed=True
 
+def get_session():
+    
+    return request.environ.get('session', {})
+
 class SessionPlugin(object):
 
     name = 'session'
@@ -52,32 +56,37 @@ class SessionPlugin(object):
             
             cookie=request.get_cookie(config.cookie_name)
             
-            s=None
+            safe=None
             
             if not cookie:
                 session=Session()
             else:
                 
-                s=URLSafeTimedSerializer(config.key_encrypt)
+                safe=URLSafeTimedSerializer(config.key_encrypt)
+                try:
+                    session=Session(safe.loads(cookie))
                     
-                session=Session(s.loads(cookie))
+                    if type(session).__name__!='Session':
+                        session=Session()
                     
-                if type(session).__name__!='Session':
+                except:
                     session=Session()
             
-                #except:
-                #    session=Session()
-            
             kwargs['session']=session
             
+            #For compatibility with old sessions server-side style. 
+            
+            request.environ['session']=session
+            
             rv=callback(*args, **kwargs)
             
             if session.changed:
-                #print('changed')
-                if not s:
-                    s=URLSafeTimedSerializer(config.key_encrypt)
-                #print(session)
-                response.set_cookie(config.cookie_name, s.dumps(session))
+                print('changed')
+                if not safe:
+                    safe=URLSafeTimedSerializer(config.key_encrypt)
+                
+                #if not max_age:
+                response.set_cookie(config.cookie_name, safe.dumps(session), path=config.session_opts['session.path'], httponly=True)
                 
             return rv