Left: | ||
Right: |
LEFT | RIGHT |
---|---|
1 # coding: utf-8 | 1 # coding: utf-8 |
2 | 2 |
3 # This file is part of the Adblock Plus web scripts, | 3 # This file is part of the Adblock Plus web scripts, |
4 # Copyright (C) 2006-2015 Eyeo GmbH | 4 # Copyright (C) 2006-2015 Eyeo GmbH |
5 # | 5 # |
6 # Adblock Plus is free software: you can redistribute it and/or modify | 6 # Adblock Plus is free software: you can redistribute it and/or modify |
7 # it under the terms of the GNU General Public License version 3 as | 7 # it under the terms of the GNU General Public License version 3 as |
8 # published by the Free Software Foundation. | 8 # published by the Free Software Foundation. |
9 # | 9 # |
10 # Adblock Plus is distributed in the hope that it will be useful, | 10 # Adblock Plus is distributed in the hope that it will be useful, |
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of | 11 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
13 # GNU General Public License for more details. | 13 # GNU General Public License for more details. |
14 # | 14 # |
15 # You should have received a copy of the GNU General Public License | 15 # You should have received a copy of the GNU General Public License |
16 # along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>. | 16 # along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>. |
17 | 17 |
18 import json | |
18 import os | 19 import os |
20 import traceback | |
21 from urlparse import parse_qsl | |
22 | |
19 import MySQLdb | 23 import MySQLdb |
20 import json | |
21 from urlparse import parse_qsl | |
22 | 24 |
23 from sitescripts.web import url_handler | 25 from sitescripts.web import url_handler |
24 from sitescripts.utils import cached, setupStderr | 26 from sitescripts.utils import cached, setupStderr |
25 from sitescripts.filterhits import common, db | 27 from sitescripts.filterhits import db |
28 from sitescripts.filterhits.web import common | |
26 | 29 |
27 def query(domain=None, filter=None, skip=0, take=20, order="DESC", order_by="hit s", **_): | 30 def query(domain=None, filter=None, skip=0, take=20, order="DESC", order_by="fre quency", **_): |
28 """ | 31 """ |
29 Returns the SQL and parameters needed to perform a query of the filterhits dat a. | 32 Returns the SQL and parameters needed to perform a query of the filterhits dat a. |
30 """ | 33 """ |
31 sql = """SELECT SQL_CALC_FOUND_ROWS domain, filter, hits | 34 sql = """SELECT SQL_CALC_FOUND_ROWS domain, filter, frequency |
32 FROM frequencies as freq | 35 FROM frequencies as freq |
33 LEFT JOIN filters as f ON f.sha1=freq.filter_sha1 | 36 LEFT JOIN filters as f ON f.sha1=freq.filter_sha1 |
34 %s | 37 %s |
35 ORDER BY %s | 38 ORDER BY %s |
36 LIMIT %%s, %%s""" | 39 LIMIT %%s, %%s""" |
37 | 40 |
38 where_fields = [(s, "%" + p + "%") for s, p in (("domain", domain), | 41 where = zip(*[("%s LIKE %%s" % s, "%%%s%%" % p) for s, p in (("domain", domain ), |
39 ("filter", filter)) if p] | 42 ("filter", filter )) if p]) |
40 where = " AND ".join([f[0] + " LIKE %s" for f in where_fields]) | 43 if where: |
41 where_sql = "WHERE " + where if where else "" | 44 where_fields, params = where |
Wladimir Palant
2015/03/27 16:29:06
This is confusing, why the intermediate step?
whe
kzar
2015/03/27 22:15:00
You're right this code was confusing, I hadn't loo
| |
45 where_sql = "WHERE " + " AND ".join(where_fields) | |
46 else: | |
47 where_sql = "" | |
48 params = [] | |
42 | 49 |
43 order = order.upper() if order.upper() in ("ASC", "DESC") else "ASC" | 50 order = order.upper() if order.upper() in ("ASC", "DESC") else "ASC" |
44 order_by_sql = "`%s` %s" % (MySQLdb.escape_string(order_by), order) | 51 if order_by not in ["filter", "domain", "frequency"]: |
Wladimir Palant
2015/03/27 16:29:06
How about you only allow certain values for order_
kzar
2015/03/27 22:15:00
Done.
| |
52 order_by = "frequency" | |
53 order_by_sql = "`%s` %s" % (order_by, order) | |
45 | 54 |
46 params = [f[1] for f in where_fields] + [int(skip), int(take)] | 55 params = list(params) + [int(skip), int(take)] |
47 return [sql % (where_sql, order_by_sql)] + params | 56 return [sql % (where_sql, order_by_sql)] + params |
48 | 57 |
49 @url_handler("/query") | 58 @url_handler("/query") |
50 def query_handler(environ, start_response): | 59 def query_handler(environ, start_response): |
51 setupStderr(environ["wsgi.errors"]) | 60 setupStderr(environ["wsgi.errors"]) |
52 params = dict(parse_qsl(environ.get('QUERY_STRING', ''))) | 61 params = dict(parse_qsl(environ.get("QUERY_STRING", ""))) |
53 | 62 |
54 try: | 63 try: |
55 db_connection = db.connect() | 64 db_connection = db.connect() |
56 try: | 65 try: |
57 results = db.query(db_connection, *query(**params), dict_result=True) | 66 results = db.query(db_connection, *query(**params), dict_result=True) |
58 total = db.query(db_connection, "SELECT FOUND_ROWS()")[0][0] | 67 total = db.query(db_connection, "SELECT FOUND_ROWS()")[0][0] |
59 finally: | 68 finally: |
60 db_connection.close() | 69 db_connection.close() |
61 except MySQLdb.Error: | 70 except MySQLdb.Error: |
71 traceback.print_exc() | |
62 return common.show_error("Failed to query database!", start_response, | 72 return common.show_error("Failed to query database!", start_response, |
63 "500 Database error") | 73 "500 Database error") |
kzar
2015/03/27 22:15:00
Done.
| |
64 | 74 |
65 try: | 75 try: |
66 echo = int(params["echo"]) | 76 echo = int(params["echo"]) |
67 except (ValueError, KeyError): | 77 except (ValueError, KeyError): |
68 echo = 0 | 78 echo = 0 |
69 | 79 |
70 response_headers = [("Content-type", "application/json")] | 80 response_headers = [("Content-type", "application/json; charset=utf-8")] |
Wladimir Palant
2015/03/27 16:29:06
"application/json; charset=utf-8" please.
| |
71 start_response("200 OK", response_headers) | 81 start_response("200 OK", response_headers) |
72 return [json.dumps({"results": results, "echo": echo, | 82 return [json.dumps({"results": results, "echo": echo, |
73 "total": total, "count": len(results)})] | 83 "total": total, "count": len(results)}, |
Wladimir Palant
2015/03/27 16:29:06
This should be json.dumps(..., ensure_ascii=False)
kzar
2015/03/27 22:15:00
Done.
| |
84 ensure_ascii=False).encode("utf-8")] | |
LEFT | RIGHT |