def change_password():
if request.method != 'POST':
return render_template('usercontrol/change_password.html')
email = escape(session['email'])
origin = request.form.get('passwd0')
passwd = request.form.get('passwd')
passwd2 = request.form.get('passwd2')
user = users.query.filter(users.email == email).first()
if (hash_string(origin) != user.password):
logging.info(hash_string(origin))
logging.info(user.password)
return render_template("usercontrol/change_password.html",
msg="输入的当前密码不正确!")
if len(passwd) < 6 or len(passwd) > 24:
return render_template('usercontrol/change_password.html',
q=email,
msg=u"密码长度必须在6至24位之间")
if len(passwd) != len(passwd2):
return render_template('usercontrol/change_password.html',
q=email,
msg=u"两次输入的密码不相同!")
user.password = hash_string(passwd)
db_session.commit()
del session['username']
del session['email']
return redirect(url_for('usercontrol.signin', msg=u"修改密码成功,请登录"))
def signin():
#检查缓存,如果有直接走缓存的设置
if 'username' in session:
return redirect(url_for("index.index"))
if request.method == 'POST':
username = request.form.get('username')
passwd = request.form.get('passwd')
current = users.query.filter_by(email=username).first()
logging.info(username)
if not current:
return render_template('usercontrol/login.html',
msg="账号不存在,请重新输入!")
if username == current.email and hash_string(
passwd) == current.password:
session['username'] = current.name
session['email'] = username
session['userid'] = current.id
session['head_pic'] = current.head_pic
session['level'] = current.level
try:
del session[username]
except:
pass
return redirect(url_for("index.index"))
else:
return render_template('usercontrol/login.html',
msg="输入的账号或密码不正确!")
return render_template('usercontrol/login.html', msg='')
def signup():
if 'username' in session:
return redirect(url_for("index.index"))
if request.method == 'POST':
username = request.form.get('username')
passwd = request.form.get('passwd')
passwd2 = request.form.get('passwd2')
auth_code = request.form.get('input_auth_code')
current = users.query.filter_by(email=username).first()
if current:
return render_template('usercontrol/signup.html',
msg="该邮箱已被注册,请重新输入!")
if passwd != passwd2:
return render_template('usercontrol/signup.html',
msg="两次输入的密码不相同!")
#创建一个用户数据类
try:
code = escape(session[username])
except:
code = None
if auth_code != code:
return render_template('usercontrol/signup.html', msg="验证码错误!")
#默认昵称为邮箱名去掉@xxx.com
default_name = username.split('@')[0]
#默认头像图片
default_pic = '/static/images/defaultpic.jpg'
new = users(username,
hash_string(passwd),
name=default_name,
head_pic=default_pic)
#提交到数据库
db_session.add(new)
db_session.commit()
session['username'] = default_name
session['email'] = username
session['userid'] = new.id
session['level'] = 9
session['head_pic'] = default_pic
logging.info(new.id)
try:
#删除写入session的注册验证码
del session[username]
except:
pass
return redirect(url_for("index.index"))
return render_template('usercontrol/signup.html', msg='')
def upload_file(folder):
if request.method == 'POST':
#request。files中的存储上传文件类的key对应表单中input的name属性
f = request.files['fileUpload']
logging.info(type(f))
try:
sf = secure_filename(f.filename)
hashString = hash_string(f.read())
#存储名字重新生成
#=文件的sha1值+原有后缀
newName = hashString + '.' + sf.split('.')[-1]
f.seek(0)
f.save('uploads/{}/{}'.format(folder, newName))
return '/uploads/{}/{}'.format(folder, newName)
except Exception, e:
logging.error(e)
return ''
def upload_file():
file_path = 'D:/resource/videos/{}'
if request.method == 'POST':
#request。files中的存储上传文件类的key对应表单中input的name属性
f = request.files['fileUpload']
logging.info(type(f))
try:
sf = secure_filename(f.filename)
hashString = hash_string(f.read())
#存储名字重新生成
#=文件的sha1值+原有后缀
newName = hashString + '.' + sf.split('.')[-1]
f.seek(0)
f.save(file_path.format(newName))
print file_path.format(newName)
return '//video.lyl.com/{}'.format(newName)
except Exception,e:
logging.error(e)
return ''
def get_auth_code():
confirm = getattr(g, 'mail_server', None)
if not confirm:
mail_server = sitemail()
mail_server.mail_server()
g.mail_server = mail_server
if request.method == 'GET':
mail_to = request.args.get('username')
title = '代号010教育网站注册验证码'
code = get_random_texts(5)
content = '欢迎注册代号010教育网站,你的验证码为:{}'.format(code)
status = g.mail_server.send(mail_to, title, content)
if status:
#在session写一个key为邮箱,值为验证码值
#后面验证直接用session
session[mail_to] = code
logging.info('g verify code: %s mail is: %s',
getattr(g, mail_to, None), mail_to)
return hash_string(code)
def find_reset():
email = session['find_confirm']
passwd = request.form.get('passwd')
passwd2 = request.form.get('passwd2')
if len(passwd) < 6 or len(passwd) > 24:
return render_template('usercontrol/set_password.html',
q=email,
msg=u"密码长度必须在6至24位之间")
if len(passwd) != len(passwd2):
return render_template('usercontrol/set_password.html',
q=email,
msg=u"两次输入的密码不相同!")
user = users.query.filter(users.email == email).first()
user.password = hash_string(passwd)
db_session.commit()
del session['find_confirm']
return redirect(url_for('usercontrol.signin', msg=u"修改密码成功,请登录"))