def callback(id):
"""
修改记录
"""
# 检查用户权限
_common_logic.check_user_power()
name = web_helper.get_form('name', '角色名称')
department_id = convert_helper.to_int0(
web_helper.get_form('department_id', '部门id'))
page_power = web_helper.get_form('page_power', '权限列表', is_check_null=False)
if page_power == ',':
page_power = ''
_positions_logic = positions_logic.PositionsLogic()
positions_result = _positions_logic.get_model_for_cache(id)
if department_id != positions_result.get('department_id'):
return web_helper.return_msg(-1, '该角色所属部门错误,请与管理员联系')
# 组合更新字段
fields = {
'name': string(name),
'page_power': string(page_power),
}
# 读取记录
result = _positions_logic.edit_model(id, fields)
if result:
# 直接输出json
return web_helper.return_msg(0, '提交成功', result)
else:
return web_helper.return_msg(-1, "提交失败")
def callback(id):
"""
修改记录
"""
# 检查用户权限
_common_logic.check_user_power()
name = web_helper.get_form('name', '部门名称')
parent_id = convert_helper.to_int0(web_helper.get_form('parent_id', '父id', is_check_null=False))
sort = convert_helper.to_int0(web_helper.get_form('sort', '排序', is_check_null=False))
is_leaf = web_helper.get_form('is_leaf', '是否最终节点', is_check_null=False)
_department_logic = department_logic.DepartmentLogic()
# 如果没有设置排序,则自动获取当前级别最大的序号加1
if sort == 0:
sort = _department_logic.get_max('parent_id', 'parent_id=' + str(parent_id)) + 1
# 组合更新字段
fields = {
'name': string(name),
'sort': sort,
'is_leaf': is_leaf,
}
# 修改记录
result = _department_logic.edit_model(id, fields)
if result:
return web_helper.return_msg(0, '提交成功', result)
else:
return web_helper.return_msg(-1, "提交查询失败")
def callback():
"""
修改记录
"""
# 检查用户权限
_common_logic.check_user_power()
front_cover_img = web_helper.get_form('front_cover_img', '图片')
content = web_helper.get_form('content', '内容', is_check_special_char=False)
# 防sql注入攻击处理
content = string_helper.filter_str(content, "'")
# 防xss攻击处理
content = string_helper.clear_xss(content)
fields = {
'front_cover_img': string(front_cover_img),
'content': string(content),
}
# 更新记录
_infomation_logic = infomation_logic.InfomationLogic()
result = _infomation_logic.edit_model(1, fields)
if result:
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, "提交失败")
def uploadArtical():
uid = web_helper.get_form('id', '主键(时间戳)')
tit = str(
base64.b64decode(web_helper.get_form('tit', '标题').replace(" ", "+")),
"utf-8")
txt = web_helper.get_form('txt', '内容').replace(" ", "+")
tip = str(
base64.b64decode(web_helper.get_form('tip', '标签').replace(" ", "+")),
"utf-8")
newArt = web_helper.get_form('new', '是否是新文章')
if ("n" == newArt):
insert = """
insert into "articaltable" ("id", "artical_name", "artical_type", "likesnum", "answernum", "readnum", "artical")
values (%s, %s, %s, 0, 0, 0, %s)
"""
data = (uid, tit, tip, txt)
beTip = db_helper.write(insert, data)
else:
updata = """
UPDATE "articaltable"
SET "artical_name"= %s, "artical_type"= %s, "artical" = %s
WHERE id=%s;
"""
data = (tit, tip, txt, uid)
beTip = db_helper.write(updata, data)
print(beTip, uid, tit, txt, tip)
return web_helper.return_msg(-1 if (beTip == "False") else 0, '上传成功')
def callback():
"""
新增记录
"""
# 检查用户权限
_common_logic.check_user_power()
name = web_helper.get_form('name', '角色名称')
department_id = convert_helper.to_int0(
web_helper.get_form('department_id', '部门id'))
page_power = web_helper.get_form('page_power', '权限列表', is_check_null=False)
_department_logic = department_logic.DepartmentLogic()
# 读取对应的部门记录
department_result = _department_logic.get_model_for_cache(department_id)
if not department_result:
return web_helper.return_msg(-1, "部门不存在")
_positions_logic = positions_logic.PositionsLogic()
# 组合更新字段
fields = {
'name': string(name),
'department_id': department_id,
'department_code': string(department_result.get('code', '')),
'department_name': string(department_result.get('name', '')),
'page_power': string(page_power),
}
# 读取记录
result = _positions_logic.add_model(fields)
if result:
# 直接输出json
return web_helper.return_msg(0, '提交成功')
else:
return web_helper.return_msg(-1, "提交失败")
def callback(id):
"""
修改记录
"""
name = web_helper.get_form('name', '产品名称')
code = web_helper.get_form('code', '产品编码')
product_class_id = convert_helper.to_int0(web_helper.get_form('product_class_id', '产品分类'))
standard = web_helper.get_form('standard', '产品规格')
quality_guarantee_period = web_helper.get_form('quality_guarantee_period', '保质期')
place_of_origin = web_helper.get_form('place_of_origin', '产地')
front_cover_img = web_helper.get_form('front_cover_img', '封面图片')
content = web_helper.get_form('content', '产品描述', is_check_special_char=False)
# 防sql注入攻击处理
content = string_helper.filter_str(content, "'")
# 防xss攻击处理
content = string_helper.clear_xss(content)
is_enable = convert_helper.to_int0(web_helper.get_form('is_enable', '是否启用'))
# 编辑记录
sql = """
update product
set name=%s, code=%s, product_class_id=%s, standard=%s, quality_guarantee_period=%s,
place_of_origin=%s, front_cover_img=%s, content=%s, is_enable=%s
where id=%s returning id"""
vars = (name, code, product_class_id, standard, quality_guarantee_period, place_of_origin, front_cover_img, content,
is_enable, id)
# 写入数据库
result = db_helper.write(sql, vars)
# 判断是否提交成功
if result and result[0].get('id'):
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, "提交失败")
def callback():
"""
新增记录
"""
name = web_helper.get_form('name', '产品名称')
code = web_helper.get_form('code', '产品编码')
product_class_id = convert_helper.to_int0(web_helper.get_form('product_class_id', '产品分类'))
standard = web_helper.get_form('standard', '产品规格')
quality_guarantee_period = web_helper.get_form('quality_guarantee_period', '保质期')
place_of_origin = web_helper.get_form('place_of_origin', '产地')
front_cover_img = web_helper.get_form('front_cover_img', '封面图片')
content = web_helper.get_form('content', '产品描述', is_check_special_char=False)
# 防sql注入攻击处理
content = string_helper.filter_str(content, "'")
# 防xss攻击处理
content = string_helper.clear_xss(content)
is_enable = convert_helper.to_int0(web_helper.get_form('is_enable', '是否启用'))
# 添加记录(使用returning这个函数能返回指定的字段值,这里要求返回新添加记录的自增id值)
sql = """insert into product (name, code, product_class_id, standard, quality_guarantee_period,
place_of_origin, front_cover_img, content, is_enable)
values (%s, %s, %s, %s, %s, %s, %s, %s, %s) returning id"""
vars = (name, code, product_class_id, standard, quality_guarantee_period, place_of_origin, front_cover_img, content, is_enable)
# 写入数据库
result = db_helper.write(sql, vars)
# 判断是否提交成功
if result and result[0].get('id'):
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, "提交失败")
def record():
name = web_helper.get_form('name', '姓名为空', False)
cardno = web_helper.get_form('cardno', '准考证号为空', False)
ip = web_helper.get_ip()
print(name, cardno, ip)
sql = '''insert into searchrecord (name,cardno,ip) VALUES (%(name)s,%(cardno)s,%(ip)s) returning id'''
par = {'name': name, 'cardno': cardno, 'ip': ip}
result = db_helper.write(sql, par)
if result:
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, '失败')
def callback(id):
name = web_helper.get_form('name', '', False)
is_enable = convert_helper.to_int_default(
web_helper.get_form('is_enable', '', False), 0)
sql = '''update product_class set name=%(name)s ,is_enable=%(is_enable)s where id=%(id)s returning id'''
par = {'name': name, 'is_enable': is_enable, 'id': id}
result = db_helper.write(sql, par)
if result:
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, '失败')
def callback():
name = web_helper.get_form('name', '', False)
is_enable = convert_helper.to_int_default(
web_helper.get_form('is_enable', '', False), 0)
sql = '''insert into product_class (name,is_enable) VALUES (%(name)s,%(is_enable)s) returning id'''
par = {'name': name, 'is_enable': is_enable}
result = db_helper.write(sql, par)
if result:
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, '失败')
def uploadImage():
"""保存文章上传的图片"""
upload_image = str(web_helper.get_form('image', '图片')).replace(" ", "+")
upload_time = web_helper.get_form('times', '时间戳')
save_path = "./static/images/mduploadImg/" + upload_time + ".png"
imgdata = base64.b64decode(upload_image)
file = open(save_path, 'wb')
file.write(imgdata)
file.close()
return web_helper.return_msg(0, '登录成功')
def callback(id):
"""
修改记录
"""
name = web_helper.get_form('name', '分类名称')
is_enable = convert_helper.to_int0(web_helper.get_form('is_enable', '是否启用'))
# 编辑记录
sql = """update product_class set name=%s, is_enable=%s where id=%s returning id"""
vars = (name, is_enable, id)
# 写入数据库
result = db_helper.write(sql, vars)
# 判断是否提交成功
if result and result[0].get('id'):
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, "提交失败")
def callback():
"""
新增记录
"""
name = web_helper.get_form('name', '分类名称')
is_enable = convert_helper.to_int0(web_helper.get_form('is_enable', '是否启用'))
# 添加记录(使用returning这个函数能返回指定的字段值,这里要求返回新添加记录的自增id值)
sql = """insert into product_class (name, is_enable) values (%s, %s) returning id"""
vars = (name, is_enable)
# 写入数据库
result = db_helper.write(sql, vars)
# 判断是否提交成功
if result and result[0].get('id'):
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, "提交失败")
def callback():
"""
新增记录
"""
# 检查用户权限
_common_logic.check_user_power()
name = web_helper.get_form('name', '菜单名称')
icon = web_helper.get_form('icon', '菜单小图标', True, 10, False, is_check_special_char=False)
icon = icon.replace('\'', '').replace('|', '').replace('%', '')
page_url = web_helper.get_form('page_url', '页面URL', is_check_null=False)
interface_url = web_helper.get_form('interface_url', '接口url', is_check_null=False, is_check_special_char=False)
# 替换编码
interface_url = interface_url.replace('@', '').replace('\'', '').replace('|', '').replace('%', '')
parent_id = convert_helper.to_int0(web_helper.get_form('parent_id', '父id', is_check_null=False))
sort = convert_helper.to_int0(web_helper.get_form('sort', '排序', is_check_null=False))
is_leaf = web_helper.get_form('is_leaf', '是否最终节点', is_check_null=False)
is_show = web_helper.get_form('is_show', '是否显示', is_check_null=False)
is_enabled = web_helper.get_form('is_enabled', '是否启用', is_check_null=False)
_menu_info_logic = menu_info_logic.MenuInfoLogic()
# 计算深度级别,即当前菜单在哪一级
if parent_id == 0:
level = 0
else:
level = _menu_info_logic.get_value_for_cache(parent_id, 'level') + 1
# 如果没有设置排序,则自动获取当前级别最大的序号加1
if sort == 0:
sort = _menu_info_logic.get_max('sort', 'parent_id=' + str(parent_id)) + 1
# 组合更新字段
fields = {
'name': string(name),
'icon': string(icon),
'page_url': string(page_url),
'interface_url': string(interface_url),
'parent_id': parent_id,
'sort': sort,
'level': level,
'is_leaf': is_leaf,
'is_show': is_show,
'is_enabled': is_enabled,
}
# 新增记录
result = _menu_info_logic.add_model(fields)
if result:
return web_helper.return_msg(0, '提交成功')
else:
return web_helper.return_msg(-1, "提交失败")
def callback():
"""
新增记录
"""
# 检查用户权限
_common_logic.check_user_power()
name = web_helper.get_form('name', '部门名称')
parent_id = convert_helper.to_int0(web_helper.get_form('parent_id', '父id', is_check_null=False))
sort = convert_helper.to_int0(web_helper.get_form('sort', '排序', is_check_null=False))
is_leaf = web_helper.get_form('is_leaf', '是否最终节点', is_check_null=False)
_department_logic = department_logic.DepartmentLogic()
# 计算深度级别,即当前部门在哪一级;并生成部门编码
if parent_id == 0:
level = 0
code = _department_logic.create_code('')
else:
model = _department_logic.get_model_for_cache(parent_id)
if not model:
return web_helper.return_msg(-1, "您选择的部门不存在")
level = model.get('level', 0) + 1
code = _department_logic.create_code(model.get('code', ''))
# 如果没有设置排序,则自动获取当前级别最大的序号加1
if sort == 0:
sort = _department_logic.get_max('parent_id', 'parent_id=' + str(parent_id)) + 1
# 组合更新字段
fields = {
'name': string(name),
'code': string(code),
'parent_id': parent_id,
'sort': sort,
'level': level,
'is_leaf': is_leaf,
}
# 新增记录
result = _department_logic.add_model(fields)
if result:
return web_helper.return_msg(0, '提交成功')
else:
return web_helper.return_msg(-1, "提交失败")
def callback():
"""
新增记录
"""
# 检查用户权限
_common_logic.check_user_power()
name = web_helper.get_form('name', '产品名称')
code = web_helper.get_form('code', '产品编码')
product_class_id = convert_helper.to_int0(
web_helper.get_form('product_class_id', '产品分类'))
standard = web_helper.get_form('standard', '产品规格')
quality_guarantee_period = web_helper.get_form('quality_guarantee_period',
'保质期')
place_of_origin = web_helper.get_form('place_of_origin', '产地')
front_cover_img = web_helper.get_form('front_cover_img', '封面图片')
content = web_helper.get_form('content',
'产品描述',
is_check_special_char=False)
# 防sql注入攻击处理
content = string_helper.filter_str(content, "'")
# 防xss攻击处理
content = string_helper.clear_xss(content)
is_enable = convert_helper.to_int0(web_helper.get_form(
'is_enable', '是否启用'))
# 设置新增参数
fields = {
'name': string(name),
'code': string(code),
'product_class_id': product_class_id,
'standard': string(standard),
'quality_guarantee_period': string(quality_guarantee_period),
'place_of_origin': string(place_of_origin),
'front_cover_img': string(front_cover_img),
'content': string(content),
'is_enable': is_enable,
}
# 实例化product表操作类ProductLogic
_product_logic = product_logic.ProductLogic()
# 新增记录
result = _product_logic.add_model(fields)
# 判断是否提交成功
if result:
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, "提交失败")
def validate():
"""使用勾子处理接口访问事件"""
r = request
# 获取路径
path_info = request.environ.get('PATH_INFO')
# 记录参数
# 图标等不用处理 直接返回
if path_info in ['/favicon.ico', '/', '/api/verify/']:
return
request_log = 'url:' + path_info + ';ip:' + web_helper.get_ip()
try:
if request.json:
request_log = request_log + ';params(json):' + urllib.parse.unquote(
str(request.json))
except:
pass
try:
if request.query_string:
request_log = request_log + ';params(get):' + request.query_string
if request.method == 'POST':
request_log = request_log + ';params(post):' + urllib.parse.unquote(
str(request.params.__dict__))
log_helper.info(request_log)
print(request_log)
except:
pass
# put等方法特殊处理
if request.method == 'POST':
_method = web_helper.get_form('_method', False)
if _method:
# if request.POST.get('_method'):
request.environ[
'REQUEST_METHOD'] = _method #request.POST.get('_method', '')
print('_method:' + _method + '|')
# elif request.json.get()
# 登录验证
url_list = ["/api/login/", "/api/logout/"]
if path_info in url_list:
return
else:
s = str(api.__dict__)
session = web_helper.get_session()
# 获取用户id
manager_id = session.get('id', 0)
login_name = session.get('login_name', 0)
print('manager_id:' + str(manager_id) + 'login_name:' +
str(login_name))
# 判断用户是否登录
# if not manager_id or not login_name:
# web_helper.return_raise(web_helper.return_msg(-404, "您的登录已失效,请重新登录"))
print(4)
def callback():
"""
修改记录
"""
front_cover_img = web_helper.get_form('front_cover_img', '图片')
content = web_helper.get_form('content', '内容', is_check_special_char=False)
# 防sql注入攻击处理
content = string_helper.filter_str(content, "'")
# 防xss攻击处理
content = string_helper.clear_xss(content)
# 更新记录
sql = """update infomation set front_cover_img=%s, content=%s where id=1"""
vars = (
front_cover_img,
content,
)
# 写入数据库
db_helper.write(sql, vars)
# 直接输出json
return web_helper.return_msg(0, '成功')
def callback():
"""
修改记录
"""
front_cover_img = web_helper.get_form('front_cover_img', '图片')
content = web_helper.get_form('content', '内容', is_check_special_char=False)
# 防sql注入攻击处理
content = string_helper.filter_str(content, "'")
# 防xss攻击处理
content = string_helper.clear_xss(content)
# 更新记录
sql = """update infomation set front_cover_img=%s, content=%s where id=1 returning id"""
vars = (
front_cover_img,
content,
)
# 写入数据库
result = db_helper.write(sql, vars)
if result and result[0].get('id'):
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, "提交失败")
def callback1():
"""
修改记录
"""
front_cover_img = web_helper.get_form('front_cover_img', '图片')
content = web_helper.get_form('content', '内容', is_check_special_char=False)
# 防sql注入攻击处理
content = string_helper.filter_str(content, "'")
# 防xss攻击处理
content = string_helper.clear_xss(content)
# 更新记录
sql = """update infomation set front_cover_img=%s, content=%s where id=1"""
vars = (
front_cover_img,
content,
)
# 写入数据库
with db_helper.PgHelper(db_config.DB, db_config.IS_OUTPUT_SQL) as db:
db.execute(sql, vars)
db.commit()
# 直接输出json
return web_helper.return_msg(0, '成功')
def deleteArtical():
uid = web_helper.get_form('uid', '主键(时间戳)')
deleteArtical = """
delete from "articaltable" where id = %s
"""
data = (uid, )
beTip = db_helper.write(deleteArtical, data)
if beTip == "False":
return web_helper.return_msg(
-1,
'删除失败',
)
else:
selectArticalList = """
select "id", "artical_name", "artical_type", "likesnum", "answernum", "readnum" from "articaltable"
"""
recode_result = db_helper.read(selectArticalList)
return web_helper.return_msg(0, '删除成功', recode_result)
def post_login():
"""用户登陆验证"""
##############################################################
# 获取并验证客户端提交的参数
##############################################################
username = web_helper.get_form('username', '帐号')
password = web_helper.get_form('password', '密码')
verify = web_helper.get_form('verify', '验证码')
ip = web_helper.get_ip()
##############################################################
# 从session中读取验证码信息
##############################################################
s = web_helper.get_session()
verify_code = s.get('verify_code')
# 删除session中的验证码(验证码每提交一次就失效)
if 'verify_code' in s:
del s['verify_code']
s.save()
# 判断用户提交的验证码和存储在session中的验证码是否相同
if verify.upper() != verify_code:
return web_helper.return_msg(-1, '验证码错误')
##############################################################
### 判断用户登录失败次数,超出次做登录限制 ###
# 获取管理员登录密码错误限制次数,0=无限制,x次/小时
limit_login_count = 10
# 获取操作出错限制值
is_ok, msg, operation_times_key, error_count = security_helper.check_operation_times('login_error_count', limit_login_count, web_helper.get_ip(), False)
# 判断操作的出错次数是否已超出了限制
if not is_ok:
return web_helper.return_msg(-1, msg)
##############################################################
### 获取登录用户记录,并进行登录验证 ###
##############################################################
# 初始化操作日志记录类
_manager_operation_log_logic = manager_operation_log_logic.ManagerOperationLogLogic()
# 初始化管理员逻辑类
_manager_logic = manager_logic.ManagerLogic()
# 从数据库中读取用户信息
manager_result = _manager_logic.get_model_for_cache_of_where('login_name=' + string(username))
# 判断用户记录是否存在
if not manager_result:
return web_helper.return_msg(-1, '账户不存在')
# 获取管理员id
manager_id = manager_result.get('id', 0)
# 获取管理员姓名
manager_name = manager_result.get('name', '')
##############################################################
### 验证用户登录密码与状态 ###
##############################################################
# 对客户端提交上来的验证进行md5加密将转为大写(为了密码的保密性,这里进行双重md5加密,加密时从第一次加密后的密串中提取一段字符串出来进行再次加密,提取的串大家可以自由设定)
# pwd = encrypt_helper.md5(encrypt_helper.md5(password)[1:30]).upper()
# 对客户端提交上来的验证进行md5加密将转为大写(只加密一次)
pwd = encrypt_helper.md5(password).upper()
# 检查登录密码输入是否正确
if pwd != manager_result.get('login_password').upper():
# 记录出错次数
security_helper.add_operation_times(operation_times_key)
# 记录日志
_manager_operation_log_logic.add_operation_log(manager_id, manager_name, ip, '【' + manager_name + '】输入的登录密码错误')
return web_helper.return_msg(-1, '密码错误')
# 检查该账号虽否禁用了
if not manager_result.get('is_enabled'):
# 记录出错次数
security_helper.add_operation_times(operation_times_key)
# 记录日志
_manager_operation_log_logic.add_operation_log(manager_id, manager_name, ip, '【' + manager_name + '】账号已被禁用,不能登录系统')
return web_helper.return_msg(-1, '账号已被禁用')
# 登录成功,清除登录错误记录
security_helper.del_operation_times(operation_times_key)
##############################################################
### 把用户信息保存到session中 ###
##############################################################
manager_id = manager_result.get('id')
s['id'] = manager_id
s['login_name'] = username
s['name'] = manager_result.get('name')
s['positions_id'] = manager_result.get('positions_id')
s.save()
##############################################################
### 更新用户信息到数据库 ###
##############################################################
# 更新当前管理员最后登录时间、Ip与登录次数(字段说明,请看数据字典)
fields = {
'last_login_time': 'now()',
'last_login_ip': string(ip),
'login_count': 'login_count+1',
}
# 写入数据库
_manager_logic.edit_model(manager_id, fields)
# 记录日志
_manager_operation_log_logic.add_operation_log(manager_id, manager_name, ip, '【' + manager_name + '】登陆成功')
return web_helper.return_msg(0, '登录成功')
def post_login():
"""用户登陆验证"""
##############################################################
# 获取并验证客户端提交的参数
##############################################################
username = web_helper.get_form('username', '帐号')
password = web_helper.get_form('password', '密码')
verify = web_helper.get_form('verify', '验证码')
ip = web_helper.get_ip()
##############################################################
# 从session中读取验证码信息
##############################################################
s = web_helper.get_session()
verify_code = s.get('verify_code')
print(verify, s)
# 删除session中的验证码(验证码每提交一次就失效)
if 'verify_code' in s:
del s['verify_code']
s.save()
# 判断用户提交的验证码和存储在session中的验证码是否相同
if verify.upper() != verify_code:
return web_helper.return_msg(-1, '验证码错误')
##############################################################
### 获取登录用户记录,并进行登录验证 ###
##############################################################
sql = """select * from manager where login_name='%s'""" % (username, )
# 从数据库中读取用户信息
manager_result = db_helper.read(sql)
# 判断用户记录是否存在
if not manager_result:
return web_helper.return_msg(-1, '账户不存在')
##############################################################
### 验证用户登录密码与状态 ###
##############################################################
# 对客户端提交上来的验证进行md5加密将转为大写(为了密码的保密性,这里进行双重md5加密,加密时从第一次加密后的密串中提取一段字符串出来进行再次加密,提取的串大家可以自由设定)
# pwd = encrypt_helper.md5(encrypt_helper.md5(password)[1:30]).upper()
# 对客户端提交上来的验证进行md5加密将转为大写(只加密一次)
pwd = encrypt_helper.md5(password).upper()
# 检查登录密码输入是否正确
if pwd != manager_result[0].get('login_password', ''):
return web_helper.return_msg(-1, '密码错误')
# 检查该账号虽否禁用了
if manager_result[0].get('is_enable', 0) == 0:
return web_helper.return_msg(-1, '账号已被禁用')
##############################################################
### 把用户信息保存到session中 ###
##############################################################
manager_id = manager_result[0].get('id', 0)
s['id'] = manager_id
s['login_name'] = username
s.save()
##############################################################
### 更新用户信息到数据库 ###
##############################################################
# 更新当前管理员最后登录时间、Ip与登录次数(字段说明,请看数据字典)
sql = """update manager set last_login_time=%s, last_login_ip=%s, login_count=login_count+1 where id=%s"""
# 组合更新值
vars = (
'now()',
ip,
manager_id,
)
# 写入数据库
db_helper.write(sql, vars)
data = [{'a': 1, 'b': 2, 'c': 3, 'd': 4, 'e': 5}]
return web_helper.return_msg(0, '登录成功', data)
def callback():
"""
新增记录
"""
# 检查用户权限
_common_logic.check_user_power()
name = web_helper.get_form('name', '管理员名称')
sex = web_helper.get_form('sex', '性别', is_check_null=False)
if sex != '男':
sex = '女'
mobile = web_helper.get_form('mobile', '手机号码', is_check_null=False)
if mobile and not string_helper.is_mobile(mobile):
return web_helper.return_msg(-1, '手机号码格式不正确')
birthday = web_helper.get_form('birthday', '出生日期', is_check_null=False)
if birthday:
birthday = convert_helper.to_date(birthday)
email = web_helper.get_form('email', 'email', is_check_null=False)
if email and not string_helper.is_email(email):
return web_helper.return_msg(-1, 'Email格式不正确')
remark = web_helper.get_form('remark', '备注', is_check_null=False)
department_id = convert_helper.to_int0(
web_helper.get_form('department_id', '所属部门'))
positions_id = convert_helper.to_int0(
web_helper.get_form('positions_id', '所属职位'))
is_work = convert_helper.to_int0(web_helper.get_form('is_work', '工作状态'))
is_enabled = web_helper.get_form('is_enabled', '是否启用', is_check_null=False)
login_name = web_helper.get_form('login_name', '登录账号')
login_password = web_helper.get_form('login_password1',
'登录密码',
is_check_special_char=False)
if len(login_password) < 6:
return web_helper.return_msg(-1, '登录密码长度必须大于等于6位')
login_password = encrypt_helper.md5(
encrypt_helper.md5(login_password)[2:24])
# 判断提交的部门id是否正确
_department_logic = department_logic.DepartmentLogic()
department_result = _department_logic.get_model_for_cache(department_id)
if not department_result:
return web_helper.return_msg(-1, '所属部门不存在')
# 判断提交的职位id是否正确
_positions_logic = positions_logic.PositionsLogic()
positions_result = _positions_logic.get_model_for_cache(positions_id)
if not positions_result or positions_result.get(
'department_id') != department_id:
return web_helper.return_msg(-1, '所属职位不存在')
_manager_logic = manager_logic.ManagerLogic()
# 组合更新字段
fields = {
'name': string(name),
'sex': string(sex),
'mobile': string(mobile),
'email': string(email),
'remark': string(remark),
'department_id': department_id,
'department_code': string(department_result.get('code', '')),
'department_name': string(department_result.get('name', '')),
'positions_id': positions_id,
'positions_name': string(positions_result.get('name', '')),
'is_work': is_work,
'is_enabled': is_enabled,
'login_name': string(login_name),
'login_password': string(login_password),
}
if birthday:
fields['birthday'] = string(str(birthday))
# 添加记录
result = _manager_logic.add_model(fields)
if result:
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, "提交失败")
