drawcode · December 10, 2015 01:19
diff --git a/gistfile1.txt b/gistfile1.txt
  def set_action(self, profile_id, game_id, game_profile, profile_version, type_id):    
    obj = ProfileGame()
    
    count_obj = self.get_count_filter(game_id, game_profile)
    if count_obj == 0:
      obj = self.fill_object_common(obj, profile_id)
      obj = self.fill_object_custom(obj, profile_id, game_id, game_profile, profile_version, type_id)
      self.set_object_filter(obj)
    else :
      obj = self.get_object_filter(profile_id, game_id)
      obj = self.fill_object_custom(obj, profile_id, game_id, game_profile, profile_version, type_id)
      
      
    return obj    
diff --git a/gistfile2.txt b/gistfile2.txt
 class SearchFilter(object) :
    
  def __init__(self):
    self.page = 1
    self.page_size = 10
    self.sort = 'date_modified'
    self.filter = ' AND 1=1 '
  
  def get_filter_default(self, filters):
    return ' AND 1=1 ' + filters
    
  def get_sort(self, sort_by, sort_direction):
    order = 'ASC'
    if(sort_direction == 'DESC'):
      order = 'DESC'
    if sort_by != '':
      return ' ORDER BY ' + sort_by + ' ' + order
    return ''
    
  def get_date_range(self, date_start, date_end):
    q = ''
    if(date_start or date_end):
      q = ' AND '
    if(date_start and date_end):
      q = ' date_modified BETWEEN ' + date_start + ' AND ' + date_end
    elif(date_start):
      q = ' date_modified > ' + date_start
    elif(date_end):
      q = ' date_modified < ' + date_end
    return ''
    
  def get_filter_sort(self, sort_by, sort_direction, filters):
    return self.get_filter_sort(sort_by, sort_direction)
  
  def get_filter_date_range(self, date_start, date_end, filters):
    return self.get_date_range(date_start, date_end)    
      
  def get_filter_range(self, date_start, date_end, filters):
    filters = self.get_filter_default(filters)
    filters = self.get_filter_date_range(date_start, date_end, filters)
    
  def is_sql_safe(s):
    check = lower(s)
    if check.find("select") > -1 and check.find("from") > -1:
        return False
    if check.find("delete") > -1 and check.find("from") > -1:
        return False
    if check.find("update") > -1 and check.find("from") > -1:
        return False
    if check.find("insert") > -1 and check.find("from") > -1:
        return False
    if check.find("create") > -1 and check.find("database") > -1:
        return False
    if check.find("create") > -1 and check.find("table") > -1:
        return False
    if check.find("create") > -1 and check.find("procedure") > -1:
        return False
    if check.find("create") > -1 and check.find("function") > -1:
        return False
    if check.find("drop") > -1 and check.find("database") > -1:
        return False
    if check.find("drop") > -1 and check.find("table") > -1:
        return False
    if check.find("drop") > -1 and check.find("procedure") > -1:
        return False
    if check.find("drop") > -1 and check.find("function") > -1:
        return False
    return True
  
  def get_filter_param(self, key, value, str_type):
    filters = ""
    if(self.is_sql_safe(value)):
      if(str_type):
        filters = key + " = '" + key + "'"
      else:
        filters = key + " = " + key + ""
    return filters
  
  def get_filter_param_query(self, key, value, str_type, condition):
    filters = ""
    if(condition == "OR"):
      filters += " " + condition + " "
    if(condition == "BETWEEN"):
      filters += " " + condition + " "
    else:
      filters += " " + condition + " "
    return filters
    
  def get_filter_query_and_str(self, key, value, filters):  
    return self.get_filter_param_query(key, value, True, "AND")
  
  def get_filter_query_or_str(self, key, value, filters):  
    return self.get_filter_param_query(key, value, True, "OR")
    
  def get_filter_query_and_nonstr(self, key, value, filters):  
    return self.get_filter_param_query(key, value, False, "AND")
  
  def get_filter_query_or_nonstr(self, key, value, filters):  
    return self.get_filter_param_query(key, value, False, "OR")
	def set_action(self, profile_id, game_id, game_profile, profile_version, type_id):
	obj = ProfileGame()

	count_obj = self.get_count_filter(game_id, game_profile)
	if count_obj == 0:
	obj = self.fill_object_common(obj, profile_id)
	obj = self.fill_object_custom(obj, profile_id, game_id, game_profile, profile_version, type_id)
	self.set_object_filter(obj)
	else :
	obj = self.get_object_filter(profile_id, game_id)
	obj = self.fill_object_custom(obj, profile_id, game_id, game_profile, profile_version, type_id)


	return obj
	class SearchFilter(object) :

	def __init__(self):
	self.page = 1
	self.page_size = 10
	self.sort = 'date_modified'
	self.filter = ' AND 1=1 '

	def get_filter_default(self, filters):
	return ' AND 1=1 ' + filters

	def get_sort(self, sort_by, sort_direction):
	order = 'ASC'
	if(sort_direction == 'DESC'):
	order = 'DESC'
	if sort_by != '':
	return ' ORDER BY ' + sort_by + ' ' + order
	return ''

	def get_date_range(self, date_start, date_end):
	q = ''
	if(date_start or date_end):
	q = ' AND '
	if(date_start and date_end):
	q = ' date_modified BETWEEN ' + date_start + ' AND ' + date_end
	elif(date_start):
	q = ' date_modified > ' + date_start
	elif(date_end):
	q = ' date_modified < ' + date_end
	return ''

	def get_filter_sort(self, sort_by, sort_direction, filters):
	return self.get_filter_sort(sort_by, sort_direction)

	def get_filter_date_range(self, date_start, date_end, filters):
	return self.get_date_range(date_start, date_end)

	def get_filter_range(self, date_start, date_end, filters):
	filters = self.get_filter_default(filters)
	filters = self.get_filter_date_range(date_start, date_end, filters)

	def is_sql_safe(s):
	check = lower(s)
	if check.find("select") > -1 and check.find("from") > -1:
	return False
	if check.find("delete") > -1 and check.find("from") > -1:
	return False
	if check.find("update") > -1 and check.find("from") > -1:
	return False
	if check.find("insert") > -1 and check.find("from") > -1:
	return False
	if check.find("create") > -1 and check.find("database") > -1:
	return False
	if check.find("create") > -1 and check.find("table") > -1:
	return False
	if check.find("create") > -1 and check.find("procedure") > -1:
	return False
	if check.find("create") > -1 and check.find("function") > -1:
	return False
	if check.find("drop") > -1 and check.find("database") > -1:
	return False
	if check.find("drop") > -1 and check.find("table") > -1:
	return False
	if check.find("drop") > -1 and check.find("procedure") > -1:
	return False
	if check.find("drop") > -1 and check.find("function") > -1:
	return False
	return True

	def get_filter_param(self, key, value, str_type):
	filters = ""
	if(self.is_sql_safe(value)):
	if(str_type):
	filters = key + " = '" + key + "'"
	else:
	filters = key + " = " + key + ""
	return filters

	def get_filter_param_query(self, key, value, str_type, condition):
	filters = ""
	if(condition == "OR"):
	filters += " " + condition + " "
	if(condition == "BETWEEN"):
	filters += " " + condition + " "
	else:
	filters += " " + condition + " "
	return filters

	def get_filter_query_and_str(self, key, value, filters):
	return self.get_filter_param_query(key, value, True, "AND")

	def get_filter_query_or_str(self, key, value, filters):
	return self.get_filter_param_query(key, value, True, "OR")

	def get_filter_query_and_nonstr(self, key, value, filters):
	return self.get_filter_param_query(key, value, False, "AND")

	def get_filter_query_or_nonstr(self, key, value, filters):
	return self.get_filter_param_query(key, value, False, "OR")