def get(self, *args):
# 访问日志处理
dic_login_p = {}
dic_t = {}
txt_log = "" # 日志的文本内容
path_p = config.path_main + "data\\log\\z_log_web_index.csv"
file_file = inc_file.File_file()
dic_t["time_v"] = str_split(datetime.datetime.now()) # 访问时间
dic_t["ip"] = self.request.remote_ip # 获得IP
dic_t["id"] = 0
# 获得用户cookie资料
try:
str_t = self.get_secure_cookie("session_lqab_user")
str_t = str_t.decode('utf-8')
# 解密session字典
str_t = secret_lqab(str_t,
key_p=config.dic_config["secret_key"],
salt_p=config.dic_config["secret_salt"],
secret_if="no")
dic_login_p = eval(str_t)
if ("id" in dic_login_p):
dic_t["id"] = dic_login_p["id"]
except:
pass
#print ("日志参数",path_p,dic_t) # 调试用
# 将访问日志字典转化为csv格式
if (dic_t):
txt_log = str(
dic_t["id"]) + "," + dic_t["ip"] + "," + dic_t["time_v"] + "\n"
# 写入访问日志
try:
file_file.write_add(path_p=path_p, renew_if=0, content_p=txt_log)
except:
pass
# 渲染首页
self.render('index.html',
name_soft=config.dic_config["name_soft"],
type_soft=config.dic_config["type_soft"],
vol_soft=config.dic_config["vol_soft"],
authority_soft=config.dic_config["authority_soft"],
author_soft=config.dic_config["author_soft"],
qq_group=config.dic_config["qq_group"],
tel_lqab=config.dic_config["tel_lqab"],
url_lqab=config.dic_config["url_lqab"],
sys_time=str(datetime.datetime.now())) #渲染首页
def do_it(self, *args):
roles_p = "" # 权限值初始化
file_p = "" # 请求功能模块名
code_p = "" # 请求功能模块名
output = "" # 请求结果的输出方式
time_now_p = str_split(datetime.datetime.now()) # 请求时间
path_p = config.path_main + "data\\log\\"
dic_t = {}
str_log = ""
args_p = {}
# 取得web端提交参数
dic_t = self.request.arguments
for x in dic_t:
try:
args_p[x] = dic_t[x][0].decode('utf-8')
except:
pass
# 登录校验
pass_if, dic_login_p = self.admin_login_check(
time_alive_p=config.dic_config["time_alive"])
if (pass_if is False):
self.render(
'login_admin.html',
name_soft=config.dic_config["name_soft"],
type_soft=config.dic_config["type_soft"],
vol_soft=config.dic_config["vol_soft"],
)
# 参数处理
roles_p = dic_login_p["roles"]
try:
file_p = self.browser_argument(name_p="file")
code_p = self.browser_argument(name_p="code")
output = self.browser_argument(name_p="output")
except:
pass
print("脚本调用参数", roles_p, file_p, code_p, output) # 调试用
# 业务处理
args_p["roles"] = roles_p # 追加操作权限参数
if ("aid" in dic_login_p):
args_p["aid"] = str(dic_login_p["aid"]) # 追加管理员ID
content = self.content_get(roles_p=roles_p,
file_p=file_p,
code_p=code_p,
args_p=args_p)
# 写入操作日志
if (config.dic_config["log_if"] == "1"):
path_p += "z_log_script.csv"
args_p["time_run"] = str_split(
datetime.datetime.now()).encode('utf_8')
file_file = inc_file.File_file()
# 将访问日志字典转化为csv格式
txt_log = ""
#print ("基础参数字典",args_p) # 调试用
print("日志路径", path_p) # 调试用
if (args_p):
try:
txt_log = args_p["file"][0] + "," + args_p["code"][
0] + "," + args_p["output"][0] + "," + args_p[
"roles"] + "," + args_p["time_run"] + "\n"
file_file.write_add(path_p=path_p,
renew_if=0,
content_p=txt_log)
except:
pass
# 结果展示
if (output == "html"):
self.write(content) # 调试用
def file_do(self, roles_p=0):
file_p = "" # 请求功能模块名
code_p = "" # 请求功能模块名
output = "" # 请求结果的输出方式
time_now_p = str_split(datetime.datetime.now()) # 请求时间
path_p = config.path_main + "data\\log\\"
dic_t = {}
str_log = ""
args_p = {}
result = "<center><br><br>N/A</center>"
content = ""
# 取得web端提交参数
dic_t = self.request.arguments
for x in dic_t:
try:
args_p[x] = dic_t[x][0].decode('utf-8')
except:
pass
# 登录校验
pass_if, dic_login_p = self.user_login_check(
time_alive_p=config.dic_config["time_alive"])
#print ("基础参数",pass_if,dic_login_p) # 调试用
# 追加参数字典
#print ("追加前的参数字典",args_p) # 调试用
args_p.update(dic_login_p)
if (pass_if is False):
result = "没有权限或登录超时"
return result
try:
file_p = self.browser_argument(name_p="file")
code_p = self.browser_argument(name_p="code")
output = self.browser_argument(name_p="output")
except:
pass
#print ("脚本调用参数",roles_p,file_p,code_p,output) # 调试用
# 业务处理
args_p["roles"] = roles_p # 追加操作权限参数
content = self.content_get(roles_p=roles_p,
file_p=file_p,
code_p=code_p,
args_p=args_p)
# print ("内容",content) # 调试用
# 写入操作日志
if (config.dic_config["log_if"] == "1"):
path_p += "z_log_script.csv"
args_p["time_run"] = str_split(datetime.datetime.now())
file_file = inc_file.File_file()
# 将访问日志字典转化为csv格式
txt_log = ""
if (args_p):
txt_logo = args_p["file"] + "," + args_p[
"code"] + "," + args_p["output"] + "," + str(
args_p["roles"]) + "," + args_p["time_run"] + "\n"
try:
file_file.write_add(path_p=path_p,
renew_if=0,
content_p=txt_log)
except:
pass
# 结果展示
if (output == "html"):
result = content # 调试用
return result
def admin_login_do(self, username_p="", password_p="", cookie_if=1):
pass_if_p = False
roles_p = ""
dic_t = {}
str_log = ""
aid_p = 0 # 管理员ID
str_t = ""
dic_t["username"] = username_p
dic_t["password"] = password_p
username_p = hash_make(hash_make(username_p)) #密文处理
password_p = hash_make(hash_make(password_p)) #密文处理
path_p = config.path_main + "data\\log\\admin\\"
#查询用户管理数据库
rs_sqlite_file = Conn_sqlite3(config.path_main +
config.dic_config["path_sqlite"],
0) # 生成文件数据库实例
sql = "select roles,id from user_main where username='******' and password = '******' order by id desc limit 0,1"
res_m, rows_m = rs_sqlite_file.read_sql(sql)
if (res_m > 0):
roles_p = rows_m[0][0]
dic_t["roles"] = rows_m[0][0]
dic_t["id"] = rows_m[0][1]
aid_p = rows_m[0][1]
dic_t["time_login"] = str_split(datetime.datetime.now())
dic_t["ip"] = self.request.remote_ip
str_log = str(dic_t)
# 日志操作
if (config.dic_config["log_if"] == "1"):
path_p += "z_admin_login_" + str(rows_m[0][1]) + ".csv"
file_file = inc_file.File_file()
# 加密session字典
str_t = secret_lqab(str_log,
key_p=config.dic_config["secret_key"],
salt_p=config.dic_config["secret_salt"],
secret_if="yes")
pass_if_p = True
if (pass_if_p == True):
#print ("加密的session字典",str_t) # 调试用
if (cookie_if == 1):
self.set_secure_cookie("session_lqab_admin", str_t)
txt_log = ""
# 将访问日志字典转化为csv格式
if (dic_t):
txt_log = str(
dic_t["id"]) + "," + dic_t["username"] + "," + dic_t[
"password"] + "," + dic_t["roles"] + "," + dic_t[
"time_login"] + "," + dic_t["ip"] + "\n"
try:
file_file.write_add(path_p=path_p,
renew_if=0,
content_p=txt_log)
except:
pass
rs_sqlite_file.close_cur() # 关闭数据库游标
rs_sqlite_file.close() # 关闭数据库连接
return pass_if_p, roles_p, aid_p