def detail(request): aid = cgi.escape(request.GET.get('aid')) url = request.get_host() detail = [] if C.isset(aid): detail = Article.objects.get(article_id=aid) detail.author = User.objects.get(user_id=detail.author).username detail.content = detail.content.replace('\t', '').replace('\n', '').replace(' ', '') navList = C.getNavList() userInfo = request.session.get('uInfo', '') commentHtml = commentTree(commentList, 0, False) commentList = Comment.objects.filter(article_id=aid) del commentList upArticle = Article.objects.get(article_id=aid) upArticle.look_count = upArticle.look_count+1 upArticle.save() context = { 'userinfo' : userInfo, 'detail' : detail, 'navList' : navList, 'url' : url, 'aid' : aid, 'commentHtml' : commentHtml, 'themeHeader' : C.getThemePath() + '/Public/header.html', 'themeFooter' : C.getThemePath() + '/Public/footer.html' } return render(request, C.getThemePath() + 'detail.html', context)
def index(request): url = request.get_host() cid = request.GET.get('cid') if C.isset(cid) == 0: cid = 0 navList = C.getNavList() if request.method == 'POST': articleList = Article.objects.filter(title__icontains=cgi.escape(request.POST.get('word'))).order_by('-article_id') elif cid == 0: articleList = Article.objects.all().order_by('-article_id') else: sql = 'SELECT * FROM "' + Meta.db_table + '_article" AS article LEFT JOIN "' + Meta.db_table sql += '_relation" AS relation ON article.article_id=relation.aid WHERE relation.cid=' + cgi.escape(cid) #sql += " AND article.title LIKE '%%" + request.POST.get('word') + "%%'" sql += ' ORDER BY article_id DESC' articleList = Article.objects.raw(sql) articleList = list(articleList) paginator = Paginator(articleList, 5) page = int(request.GET.get('page', 1)) try: pagebar = paginator.page(page) except PageNotAnInteger: pagebar = paginator.page(1) except EmptyPage: pagebar = paginator.page(paginator.num_pages) categoryList = C.getCategoryList() userInfo = request.session.get('uInfo', '') contentDateList = Article.objects.order_by('created').values('created').distinct() context = { 'url' : url, 'pagebar' : pagebar, 'navList' : navList, 'userinfo' : userInfo, 'cid' : int(cid), 'articleList' : articleList, 'categoryList' : categoryList, 'webInfo' : C.getWebInfo(), 'contentDateList' : contentDateList, 'themeHeader' : C.getThemePath() + '/Public/header.html', 'themeFooter' : C.getThemePath() + '/Public/footer.html' } return render(request, C.getThemePath() + 'index.html', context)
def logout(request): if request.session.get('uInfo', False) != False: del request.session['uInfo'] context = { 'themeHeader' : C.getThemePath() + '/Public/header.html', 'themeFooter' : C.getThemePath() + '/Public/footer.html' } return render(request, C.getThemePath() + 'logout.html', context)
def theme_edit(request): if C.checkLoginAdmin(request.session.get('uInfo', False)) == False: return HttpResponseRedirect('/signin/') else: if request.GET.get('file'): fileName = cgi.escape(request.GET.get('file').replace('..', '').replace('/', '').replace('%', '')) else: fileName = 'index.html' if request.GET.get('theme'): themeDir = 'themes/' + cgi.escape(request.GET.get('theme').replace('.', '')) + '/' else: themeDir = C.getThemePath() fileList = [] for filename in glob.glob(os.path.split(os.path.realpath(__file__))[0] + '/templates/' + themeDir + '*.*ml'): p,f=os.path.split(filename); fileList.append(f) file_object = open(os.path.split(os.path.realpath(__file__))[0] + '/templates/' + themeDir + fileName) try: content = file_object.read() finally: file_object.close() context = { 'content' : content, 'fileList' : fileList, 'fileName' : fileName, 'themeDir' : themeDir } return render(request, manageThemeDir + 'theme_edit.html', context)
def signup(request): form = None context = { 'themeHeader' : C.getThemePath() + '/Public/header.html', 'themeFooter' : C.getThemePath() + '/Public/footer.html' } if request.method == 'POST': _code = request.POST.get('code') or '' if not _code: return render(C.getThemePath() + 'signup.html',locals()) ca = Captcha(request) if not ca.check(_code): return render(request, C.getThemePath() + 'signup.html', {'error':'验证码错误'}) context['form'] = SignupForm(request.POST) if context['form'].is_valid(): exists = User.objects.filter(username=cgi.escape(request.POST.get('username'))).count() if exists > 0: return render(request, 'signup.html', {'error':'用户名已存在'}) User.objects.create( status = 1 group = 'subscriber', email = cgi.escape(request.POST.get('email')), username = cgi.escape(request.POST.get('username').lower()), password = make_password(cgi.escape(request.POST.get('upwd')), None, 'pbkdf2_sha256'), ) return HttpResponse('Success') else: return render(request, C.getThemePath() + 'signup.html', context) else: return render(request, C.getThemePath() + 'signup.html', context)
return HttpResponse('Success') else: return render(request, C.getThemePath() + 'signup.html', context) else: return render(request, C.getThemePath() + 'signup.html', context) def signin(request): navList = C.getNavList() url = request.get_host() context = {} context['themeHeader'] = C.getThemePath() + '/Public/header.html' context['themeFooter'] = C.getThemePath() + '/Public/footer.html' if request.method == 'POST': form = SigninForm(request.POST) if not form.is_valid(): context['form'] = form return render(request, C.getThemePath() + 'signin.html', context) try: userinfo = User.objects.get(username=username) password = cgi.escape(request.POST.get('upwd')) status = check_password(password, userinfo.password) username = cgi.escape(request.POST.get('username').lower()) except: