def SetUserPassword(UserName, ExistingPassword, NewPassword, ConfirmPassword):
# Is the form empty? Return no error...
if not ExistingPassword and not NewPassword and not ConfirmPassword:
return ""
# Is the form partially filled?
elif not ExistingPassword:
return "Error: Missing existing password."
elif not NewPassword:
return "Error: Missing new password."
elif not ConfirmPassword:
return "Error: Missing confirmation password."
# Get existing user
ExistingUsers = Session.query(UsersTable).filter(UsersTable.UserName == UserName).all()
if len(ExistingUsers) <= 0:
return "Error: User name does not exist."
ExistingUser = ExistingUsers[0]
# Is the given password the active password?
ExistingHash = __GeneratePasswordHash(ExistingPassword)
if ExistingUser.UserPassword != ExistingHash:
return "Error: Old password is not correct."
# Check password lengths
if len(NewPassword) <= 5:
return "Error: New password is not long enough. Must be at least 6 characters long."
if len(NewPassword) > 32:
return "Error: New password is too long. May be at most 32 characters long."
# Validate against whitelist to make sure these are valid characters
if h.string_check_whitelist(NewPassword, h.string_whitelist_password) == False:
return "Error: New password contains invalid characters."
# Confirm the passwords are the same...
if NewPassword != ConfirmPassword:
return "Error: New passwords do not match."
# All good to go - commit password changes
ExistingUser.UserPassword = __GeneratePasswordHash(NewPassword)
Session.commit()
# Done!
return "Success: Password has changed!"
def SetUserPassword(UserName, ExistingPassword, NewPassword, ConfirmPassword): # Is the form empty? Return no error... if not ExistingPassword and not NewPassword and not ConfirmPassword: return "" # Is the form partially filled? elif not ExistingPassword: return "Error: Missing existing password." elif not NewPassword: return "Error: Missing new password." elif not ConfirmPassword: return "Error: Missing confirmation password." # Get existing user ExistingUsers = Session.query(UsersTable).filter(UsersTable.UserName == UserName).all() if len(ExistingUsers) <= 0: return "Error: User name does not exist." ExistingUser = ExistingUsers[0] # Is the given password the active password? ExistingHash = __GeneratePasswordHash(ExistingPassword) if ExistingUser.UserPassword != ExistingHash: return "Error: Old password is not correct." # Check password lengths if len(NewPassword) <= 5: return "Error: New password is not long enough. Must be at least 6 characters long." if len(NewPassword) > 32: return "Error: New password is too long. May be at most 32 characters long." # Validate against whitelist to make sure these are valid characters if h.string_check_whitelist(NewPassword, h.string_whitelist_password) == False: return "Error: New password contains invalid characters." # Confirm the passwords are the same... if NewPassword != ConfirmPassword: return "Error: New passwords do not match." # All good to go - commit password changes ExistingUser.UserPassword = __GeneratePasswordHash(NewPassword) Session.commit() # Done! return "Success: Password has changed!"
def UserRegister(UserName, UserEMail, UserPassword, UserPasswordConfirm):
# Check for cookies - are we already logged in?
if session.get("UserName"):
return "redirect"
# Did we get the entire form correctly?
if not UserName or not UserEMail or not UserPassword or not UserPasswordConfirm:
return "Error: Missing fields. Please fill out all fields completely."
# Check username lengths
if len(UserName) <= 5:
return "Error: User name is not long enough. Must be at least 6 characters long."
if len(UserName) > 32:
return "Error: User name is too long. May be at most 32 characters long."
# Check email lengths
if len(UserEMail) <= 5:
return "Error: User e-mail is not long enough. Must be at least 6 characters long."
if len(UserEMail) > 32:
return "Error: User e-mail is too long. May be at most 32 characters long."
# Check password lengths
if len(UserPassword) <= 5:
return "Error: User password is not long enough. Must be at least 6 characters long."
if len(UserPassword) > 32:
return "Error: User password is too long. May be at most 32 characters long."
# Validate against whitelist to make sure these are valid characters
if h.string_check_whitelist(UserName, h.string_whitelist) == False:
return "Error: User name contains invalid characters."
if h.string_check_whitelist(UserEMail, h.string_whitelist) == False:
return "Error: User e-mail contains invalid characters."
if h.string_check_whitelist(UserPassword, h.string_whitelist_password) == False:
return "Error: Password contains invalid characters."
# Confirm the passwords are the same...
if UserPassword != UserPasswordConfirm:
return "Error: Passwords do not match."
# Finally, make sure no other users with the same name exist..
ExistingUsers = Session.query(UsersTable).filter(UsersTable.UserName == UserName).all()
if len(ExistingUsers) > 0:
return "Error: User name already exists! Please select a new user name."
# Register this new user into the database
NewUser = UsersTable()
# Note that the user ID will auto-increment
NewUser.UserName = UserName
NewUser.UserEMail = UserEMail
NewUser.UserPoints = 0
NewUser.UserPassword = __GeneratePasswordHash(UserPassword)
NewUser.LogInCount = 0
NewUser.LastLogin = datetime.datetime.now()
NewUser.IsAdmin = False
NewUser.IconID = 0
# Commit to DB
Session.add(NewUser)
Session.commit()
# Special achivement earned by people who register now - alpha testers
UserAddAchievement(NewUser.UserID, 0)
# All done
return ""
def UserRegister(UserName, UserEMail, UserPassword, UserPasswordConfirm):
# Check for cookies - are we already logged in?
if session.get("UserName"):
return "redirect"
# Did we get the entire form correctly?
if not UserName or not UserEMail or not UserPassword or not UserPasswordConfirm:
return "Error: Missing fields. Please fill out all fields completely."
# Check username lengths
if len(UserName) <= 5:
return "Error: User name is not long enough. Must be at least 6 characters long."
if len(UserName) > 32:
return "Error: User name is too long. May be at most 32 characters long."
# Check email lengths
if len(UserEMail) <= 5:
return "Error: User e-mail is not long enough. Must be at least 6 characters long."
if len(UserEMail) > 32:
return "Error: User e-mail is too long. May be at most 32 characters long."
# Check password lengths
if len(UserPassword) <= 5:
return "Error: User password is not long enough. Must be at least 6 characters long."
if len(UserPassword) > 32:
return "Error: User password is too long. May be at most 32 characters long."
# Validate against whitelist to make sure these are valid characters
if h.string_check_whitelist(UserName, h.string_whitelist) == False:
return "Error: User name contains invalid characters."
if h.string_check_whitelist(UserEMail, h.string_whitelist) == False:
return "Error: User e-mail contains invalid characters."
if h.string_check_whitelist(UserPassword, h.string_whitelist_password) == False:
return "Error: Password contains invalid characters."
# Confirm the passwords are the same...
if UserPassword != UserPasswordConfirm:
return "Error: Passwords do not match."
# Finally, make sure no other users with the same name exist..
ExistingUsers = Session.query(UsersTable).filter(UsersTable.UserName == UserName).all()
if len(ExistingUsers) > 0:
return "Error: User name already exists! Please select a new user name."
# Register this new user into the database
NewUser = UsersTable()
# Note that the user ID will auto-increment
NewUser.UserName = UserName
NewUser.UserEMail = UserEMail
NewUser.UserPoints = 0
NewUser.UserPassword = __GeneratePasswordHash(UserPassword)
NewUser.LogInCount = 0
NewUser.LastLogin = datetime.datetime.now()
NewUser.IsAdmin = False
NewUser.IconID = 0
# Commit to DB
Session.add(NewUser)
Session.commit()
# Special achivement earned by people who register now - alpha testers
UserAddAchievement(NewUser.UserID, 0)
# All done
return ""