def password_settings_post():
app_session = request.environ.get('beaker.session')
db_params=read_settings(app_session['account_id'])
params={'account_name':db_params['account_name']}
request_params_key=['current_password','password',]
for key in request_params_key:
params[key]=unicode(request.forms.get(key,''),'utf-8')
is_ok = is_password_ok(params['current_password'], app_session['account_id'], db_params['password'])
if not is_ok:
params['status']='error'
params['error_msg']='パスワードに誤りがあります。'
return template('./views/password_settings.html', params)
#ハッシュ化したパスワードをsqlite3に保存
hash_password=getdigest(params['password'],app_session['account_id'])
conn = sqlite3.connect(FILENAME)
db=conn.cursor()
db.execute('''UPDATE users
SET password = ?
WHERE account_id=?''',
(hash_password,app_session['account_id'],))
conn.commit()
db.close()
#更新成功したのでパスワードを初期化
for key in request_params_key:
del params[key]
params['status']='success'
return template('./views/password_settings.html',params)
def signup_post():
params={}
#登録処理
request_params_key=['account_name','password','email','serial','birthday']
# リクエストパラメータの値を取得
for key in request_params_key:
params[key]=unicode(request.forms.get(key,''),'utf-8')
#ファイルデータを取得
photo=request.files.get('photo')
if photo and photo.filename and photo.filename != '':
name,ext = os.path.splitext(photo.filename)
if ext not in ( '.png', '.jpg', '.jpeg','.gif' ):
params['status']='error'
params['error_msg']='画像ファイルを認識できませんでした。'
return template('./views/signup.html', params)
photo.save('./upload',overwrite=True)
params['user_photo']='./upload/'+photo.filename
else:
params['user_photo']=''
#リクエストパラメータの変数名と値をsqlite3に保存
conn = sqlite3.connect(FILENAME)
db=conn.cursor()
db.execute('''INSERT INTO users
(account_name
,user_photo
,password
,email
,serial
,birthday )
VALUES(?,?,?,?,?,?)''',
(params['account_name'], params['user_photo']
,params['password'], params['email'], params['serial']
,params['birthday'],))
conn.commit()
# ハッシュパスワードへUPDATEするため、新規発行したaccount_id取得
row=db.execute('SELECT * from users where email=? and password=?',
(params['email'],params['password'],)).fetchone()
#UPDATE実行
db.execute('''UPDATE users SET password = ?
WHERE account_id=?''',
( getdigest(params['password'],row[0]),row[0],))
conn.commit()
db.close()
return template('./views/welcome.html',
account_name=params['account_name'])
def password_settings_post():
app_session = request.environ.get('beaker.session')
db_params = read_settings(app_session['account_id'])
params = {'account_name': db_params['account_name']}
request_params_key = [
'current_password',
'password',
]
for key in request_params_key:
params[key] = unicode(request.forms.get(key, ''), 'utf-8')
is_ok = is_password_ok(params['current_password'],
app_session['account_id'], db_params['password'])
if not is_ok:
params['status'] = 'error'
params['error_msg'] = 'パスワードに誤りがあります。'
return template('./views/password_settings.html', params)
#ハッシュ化したパスワードをsqlite3に保存
hash_password = getdigest(params['password'], app_session['account_id'])
conn = sqlite3.connect(FILENAME)
db = conn.cursor()
db.execute('''UPDATE users
SET password = ?
WHERE account_id=?''', (
hash_password,
app_session['account_id'],
))
conn.commit()
db.close()
#更新成功したのでパスワードを初期化
for key in request_params_key:
del params[key]
params['status'] = 'success'
return template('./views/password_settings.html', params)
def signup_post():
params = {}
#登録処理
request_params_key = [
'account_name', 'password', 'email', 'serial', 'birthday'
]
# リクエストパラメータの値を取得
for key in request_params_key:
params[key] = unicode(request.forms.get(key, ''), 'utf-8')
#ファイルデータを取得
photo = request.files.get('photo')
if photo and photo.filename and photo.filename != '':
name, ext = os.path.splitext(photo.filename)
if ext not in ('.png', '.jpg', '.jpeg', '.gif'):
params['status'] = 'error'
params['error_msg'] = '画像ファイルを認識できませんでした。'
return template('./views/signup.html', params)
photo.save('./upload', overwrite=True)
params['user_photo'] = './upload/' + photo.filename
else:
params['user_photo'] = ''
#リクエストパラメータの変数名と値をsqlite3に保存
conn = sqlite3.connect(FILENAME)
db = conn.cursor()
db.execute(
'''INSERT INTO users
(account_name
,user_photo
,password
,email
,serial
,birthday )
VALUES(?,?,?,?,?,?)''', (
params['account_name'],
params['user_photo'],
params['password'],
params['email'],
params['serial'],
params['birthday'],
))
conn.commit()
# ハッシュパスワードへUPDATEするため、新規発行したaccount_id取得
row = db.execute('SELECT * from users where email=? and password=?', (
params['email'],
params['password'],
)).fetchone()
#UPDATE実行
db.execute('''UPDATE users SET password = ?
WHERE account_id=?''', (
getdigest(params['password'], row[0]),
row[0],
))
conn.commit()
db.close()
return template('./views/welcome.html',
account_name=params['account_name'])