def get_payment_grade(): db = conn.db() cursor = db.cursor() sql = "SELECT * FROM Payment" cursor.execute(sql) data = (cursor.fetchall()) return jsonify(data)
def edit_user(): """ User update API email, name, password :return: json type message """ request_data = request.get_json() # Get user data email = request_data.get("email") name = request_data.get("name") # SHA256 hashing with SALT password = request_data.get("password") + SALT password = hashlib.sha256(password.encode()).hexdigest() db = conn.db() cursor = db.cursor() sql = "update User set name = %s, password = %s where email = %s" cursor.execute(sql, (name, password, email)) db.commit() return jsonify({"message": "수정이 완료되었습니다."})
def sign_in(): """ User Login API emain, password :return: json type message """ request_data = request.get_json() # Get user data email = request_data.get("email") # SHA256 hashing with SALT password = request_data.get("password") + SALT password = hashlib.sha256(password.encode()).hexdigest() cursor = conn.db().cursor() sql = "select * from User where email = %s and password = %s" cursor.execute(sql, (email, password)) # Get one user result = cursor.fetchone() # If email or password does not match if isinstance(result, type(None)): return jsonify({"result": "false", "message": "회원정보를 다시 확인해주세요."}) result["result"] = "true" return jsonify(result)
def sign_up(): """ User signUp API email, name, password, auth :return: json type message """ request_data = request.get_json() # Get user data email = request_data.get("email") name = request_data.get("name") auth = request_data.get("auth") # SHA256 hashing with SALT password = request_data.get("password") + SALT password = hashlib.sha256(password.encode()).hexdigest() db = conn.db() cursor = db.cursor() sql = "insert into User (email, name, password, auth,grade) values (%s, %s, %s, %s,'basic')" # User email existed check try: cursor.execute(sql, (email, name, password, auth)) except pymysql.err.IntegrityError as e: return jsonify({"message": "중복된 계정입니다."}) db.commit() return jsonify({"message": "가입완료."})
def chrome_get_site(): cursor = conn.db().cursor() sql = "select url from RequestList where analysis_check = 1" cursor.execute(sql) result = cursor.fetchall() return jsonify(result)
def get_user_payment_history(): email = request.form.get("email") db = conn.db() cursor = db.cursor() sql = "SELECT grade, date_format(payment_date, '%%Y년%%m월%%d일 %%H시 %%i분') as payment_date, date_format(expire_date, '%%Y년%%m월%%d일 %%H시 %%i분') as expire_date FROM User_Payment WHERE email=%s ORDER BY expire_date DESC" cursor.execute(sql, email) data = (cursor.fetchall()) return jsonify(data)
def post_price(): """ post grade :return: price of grade """ grade = request.form.get("grade") cursor = conn.db().cursor() sql = "select price from Payment where grade= %s" cursor.execute(sql, grade) res = cursor.fetchall() return jsonify(res)
def get_user_payment(): email = request.form.get("email") db = conn.db() cursor = db.cursor() sql = "SELECT (CASE WHEN expire_date > now() THEN grade ELSE 'basic' END) as grade, \ date_format(payment_date, '%%Y년%%m월%%d일 %%H시 %%i분') as payment_date, date_format(expire_date, '%%Y년%%m월%%d일 %%H시 %%i분') as expire_date \ FROM User_Payment WHERE email= %s ORDER BY expire_date desc limit 1" cursor.execute(sql, email) data = (cursor.fetchall()) return jsonify(data)
def get_phishing_list(): """ Get phishing site list API :return: json type phishing site list """ cursor = conn.db().cursor() sql = "select url from RequestList where analysis_check=1" cursor.execute(sql) result = cursor.fetchall() return jsonify(result)
def get_payment_list(): """ Get payments list API :return: json type payments list """ cursor = conn.db().cursor() sql = "select email, grade, date_format(payment_date, '%Y-%m-%d %r') as payment_date," \ "date_format(expire_date, '%Y-%m-%d %r') as expire_date from User_Payment" cursor.execute(sql) result = cursor.fetchall() return jsonify(result)
def chrome_phishing_check(): url = request.get_data().decode("UTF-8") url = url.replace("http://", "").replace("https://", "") cursor = conn.db().cursor() sql = "select * from RequestList where url = %s and analysis_check = 1" cursor.execute(sql, url) result = cursor.fetchone() if result == None: return jsonify({"phishingFlag": False}) return jsonify({"phishingFlag": True})
def post_change_Analysis_Result(): """ Post change analysisResult :return: json type change analysisResult """ db = conn.db() url = request.form.get("url") cursor = db.cursor() sql = "update RequestList set analysis_check=NOT analysis_check where url=%s" cursor.execute(sql, url) db.commit() return jsonify()
def get_user_list(): """ Get user list :return: json type user list """ cursor = conn.db().cursor() sql = "select u.*, count(r.email) as requestCount from User u LEFT OUTER JOIN RequestList r on r.email = u.email group by email" cursor.execute(sql) result = cursor.fetchall() return jsonify(result)
def get_today_request(): """ Get today request list API :return: json type request list """ # Calculate today YYYY-MM-DD today = get_today() cursor = conn.db().cursor() sql = "select email, url, analysis_check as analysisResult from RequestList where request_date = %s" cursor.execute(sql, today) result = cursor.fetchall() return jsonify(result)
def get_all_count(): """ Get user, request, payments, phishing site count API :return: Json type each count """ # Calculate today YYYY-MM-DD today = get_today() cursor = conn.db().cursor() # Get user, request, payments, phishing site count sql = "select (select count(*) from User) as userCount, (select count(*) from User u, RequestList r where r.request_date = %s and u.email = r.email) as todayCount, (select count(*) from User_Payment) as paymentCount, (select count(*) from RequestList where analysis_check=1) as siteCount" cursor.execute(sql, today) result = cursor.fetchall() return jsonify(result)
def chrome_xss_check(): page_data = request.get_data().decode("UTF-8") cursor = conn.db().cursor() sql = "select * from XssList" cursor.execute(sql) result = cursor.fetchall() xss_flag = False for xss in result: if xss["gadget"] in page_data: xss_flag = True break return jsonify({"xssFlag": xss_flag})
def get_one_user_request(): """ Get one user request API :return: json type one user requests """ email = request.form.get("email") cursor = conn.db().cursor() sql = "select url, date_format(request_date, '%%Y-%%m-%%d') as request_date, analysis_check as result\ from RequestList \ where email = %s order by request_date desc" cursor.execute(sql, email) result = cursor.fetchall() return jsonify(result)
def add_pay(): """ post pay history :return: """ approved_time = request.form.get("approved_time") approved_time = approved_time.split("T") time = approved_time[0] + " " + approved_time[1] grade = request.form.get("grade") email = request.form.get("email") db = conn.db() cursor = db.cursor() sql = "insert into User_Payment values(%s,%s,%s,date_add(%s, interval 1 month)); " usersql = "update User set grade=%s where email=%s" cursor.execute(sql, (email, grade, time, time)) cursor.execute(usersql, (grade, email)) db.commit() return jsonify()
def delete_user(): """ Delete User API :return: json type message """ request_data = request.get_json() # Get user data email = request_data.get("email") db = conn.db() cursor = db.cursor() sql = "delete from User where email = %s" cursor.execute(sql, email) db.commit() return jsonify({"message": "탈퇴가 완료되었습니다."})
def chrome_user_site_request(): request_data = request.form current_date = get_today() url = request_data.get("url") url = url.replace("http://", "").replace("https://", "") email = request_data.get("email") if '.' not in url: return jsonify({"message": "해당 사이트가 이미 전달되었거나 올바르지 않은 url입니다."}) db = conn.db() cursor = db.cursor() sql = "insert into RequestList (url, request_date, email, analysis_check) values(%s, %s, %s, 0)" try: cursor.execute(sql, (url, current_date, email)) db.commit() except pymysql.err.IntegrityError as e: return jsonify({"message": "해당 사이트가 이미 전달되었거나 올바르지 않은 url입니다."}) return jsonify({"message": "사이트를 전달하였습니다."})
def chrome_sign_in(): # Get user information request_data = request.form email = request_data.get("email") password = request_data.get("password") + SALT password = hashlib.sha256(password.encode()).hexdigest() cursor = conn.db().cursor() sql = "select email,grade from User where email = %s and password = %s" cursor.execute(sql, (email, password)) # Get one user result = cursor.fetchone() # If email or password does not match if isinstance(result, type(None)): return jsonify({"status": "failed", "message": "회원정보를 다시 확인해주세요."}) result['status'] = "success" result['grade'] = result['grade'] return jsonify(result)