diff web/templog.py @ 194:4fa8cbf31065

working kinda
author Matt Johnston <matt@ucc.asn.au>
date Tue, 11 Feb 2014 23:47:53 +0800
parents 8318d50d766d
children 6dd157a12035
line wrap: on
line diff
--- a/web/templog.py	Tue Feb 11 22:11:03 2014 +0800
+++ b/web/templog.py	Tue Feb 11 23:47:53 2014 +0800
@@ -50,12 +50,21 @@
     return log.graph_png(start_epoch, length_minutes * 60)
 
 @route('/set/update', method='post')
-def update():
+def set_update():
     post_json = json.loads(request.forms.data)
 
     csrf_blob = post_json['csrf_blob']
 
-    return str(post_json['params'])
+    if not secure.check_csrf_blob(csrf_blob):
+        bottle.response.status = 403
+        return "Bad csrf"
+
+    ret = log.update_params(post_json['params'])
+    if not ret is True:
+        bottle.response.status = 403
+        return ret
+        
+    return "Good"
 
 @route('/set')
 def set():
@@ -139,4 +148,3 @@
 if __name__ == '__main__':
     main()
     
-