def qcustcdtlistjson():
# Connect to database
if appdbtype == "IBMI":
db = DbIbmi(connstring)
else:
db = DbSqlite(appdbfile)
results = None #init query results
#Query filter parameters blank, show all (IE: No customer or name passed in)
cursor = db.query_qcustcdt("")
results = cursor.fetchall()
# Convert query to row arrays
# Numeric fields need to be converted to strings
rowarray_list = []
for row in results:
t = (str(row.CUSNUM), row.LSTNAM, row.INIT, row.STREET, row.CITY,
row.STATE, str(row.ZIPCOD), str(row.CDTLMT), str(row.CHGCOD),
str(row.BALDUE), str(row.CDTDUE))
rowarray_list.append(t)
#Use jsonify to convert array list to JSON list and return
return jsonify(rowarray_list)
#Dump JSON row array
#j = json.dumps(rowarray_list)
#return j
# Close connection
db.close_connection
def qcustcdtdetail():
# Connect to database
if appdbtype == "IBMI":
db = DbIbmi(connstring)
else:
db = DbSqlite(appdbfile)
results = None
#If the form was posted, do query
if request.method == 'GET':
#Get the org number and last name filters from form
icusnum = request.args.get('icusnum')
#If no org number parm. New Record, show empty form
if icusnum == None:
flash('New Customer')
# successful query display results
return render_template('qcustcdtdetail.html',
title='Customer Master Detail',
year=datetime.now().year,
message1='Enter information for a new Org',
appname=appname,
appcopyright=appcopyright,
results=results)
#Org number entered
elif icusnum != '':
cursor = db.query_qcustcdt("cusnum=" + icusnum, library1)
results = cursor.fetchall()
#If no results, redirect to customer list page
if not results:
flash('No results found!')
session.modified = True
return redirect('/qcustcdtlist')
else:
# successful query display results
return render_template(
'qcustcdtdetail.html',
title='Customer Master Detail',
year=datetime.now().year,
message1='This page contains customer detail information.',
appname=appname,
appcopyright=appcopyright,
results=results)
elif request.method == 'POST':
# display customer list results. No data
return render_template(
'qcustcdtdetail.html',
title='Customer Master Detail',
year=datetime.now().year,
message1='Customer Master Detail page. No results',
appname=appname,
appcopyright=appcopyright,
results=results)
# Close connection
db.close_connection
def tables():
# Connect to database
if appdbtype == "IBMI":
db = DbIbmi(connstring)
else:
db = DbSqlite(appdbfile)
results = None #init query results
#If the form was posted, do query
if request.method == 'POST':
#Get the customer number and last name filters from form
icusnum = request.form['icusnum']
ilstnam = request.form['ilstnam']
#Get a db cursor - not needed with sqlite class
#cursor = conn.cursor()
#Customer number entered
if icusnum != '':
# Query project table
cursor = db.query_qcustcdt("cusnum=" + icusnum)
results = cursor.fetchall()
#Custome last name entered
elif ilstnam != '':
cursor = db.query_qcustcdt("lstnam like '" + ilstnam + "'")
results = cursor.fetchall()
#Query filter parameters blank, show all (IE: No customer or name passed in)
else:
cursor = db.query_qcustcdt("")
results = cursor.fetchall()
#If no results, redirect to customer list page
if not results:
flash('No results found!')
return redirect('/tables')
else:
# successful query display results
return render_template('tables.html',
title='Customer Master DataTables Example',
year=datetime.now().year,
message1='',
appname=appname,
appcopyright=appcopyright,
results=results)
elif request.method == 'GET':
#query all records for data table
cursor = db.query_qcustcdt("")
results = cursor.fetchall()
# display customer list results.
return render_template('tables.html',
title='Customer Master DataTables Example',
year=datetime.now().year,
message1='',
appname=appname,
appcopyright=appcopyright,
results=results)
# Close connection
db.close_connection
import base64
import uuid
from tornado.escape import json_encode
from tornado.options import define, options
import play
import api
from dbsqlite import DbSqlite
# 先初始化播放器
global player
player = play.Play()
db = DbSqlite()
define("port", default=80, help="run on the given port", type=int)
NetEase = api.NetEase()
class Application(tornado.web.Application):
'''setting || main || router'''
def __init__(self):
handlers = [
#for html
(r"/", MainHandler),
(r"/index", IndexHandler),
(r"/shutdown", ShutdownHandler),
# (r"/song.html", GetSongHandler),
def qcustcdtupdate():
# Connect to database
if appdbtype == "IBMI":
db = DbIbmi(connstring)
else:
db = DbSqlite(appdbfile)
results = None
#If the form was posted, do insert or update to database
if request.method == 'POST':
#Get the data entry fields from the form
action = request.form['action']
cusnum = request.form['cusnum']
lstnam = request.form['lstnam']
init = request.form['init']
street = request.form['street']
city = request.form['city']
state = request.form['state']
zipcod = request.form['zipcod']
cdtlmt = request.form['cdtlmt']
chgcod = request.form['chgcod']
baldue = request.form['baldue']
cdtdue = request.form['cdtdue']
#Query to see if org exists
if cusnum != '':
reccount = db.getexists_qcusctcdt(cusnum)
#If no record, let's go ahead and insert
if action == 'Insert' and reccount < 1:
rtninsert = db.insert_qcustcdt(cusnum, lstnam, init, street, city,
state, zipcod, cdtlmt, chgcod,
baldue, cdtdue, library1)
if rtninsert:
flash('Customer %s inserted' % cusnum)
return redirect(url_for('qcustcdtlist'))
else:
flash('Customer %s NOT inserted' % cusnum)
return redirect(url_for('qcustcdtlist'))
elif action == 'Insert' and reccount >= 1:
flash(
'Customer number %s exists in %s records. Cannot be inserted.'
% (cusnum, reccount))
return redirect(url_for('qcustcdtlist'))
#Let user know if we found more than 1 matching record. Can't update or delete
elif reccount > 1:
flash(
'Customer number %s exists in %s records. Cannot be updated.' %
(cusnum, reccount))
return redirect(url_for('qcustcdtlist'))
#If record found, update or delete
elif reccount == 1:
#Update selected, so update the record
if action == "Update":
rtnupd = db.update_qcustcdt(cusnum, lstnam, init, street, city,
state, zipcod, cdtlmt, chgcod,
baldue, cdtdue, library1)
#flash('Org %s updated' % orguuid)
if rtnupd:
flash('Customer %s updated' % cusnum)
return redirect(url_for('qcustcdtlist'))
else:
flash('Customer %s NOT updated' % cusnum)
return redirect(url_for('qcustcdtlist'))
#Update selected, so update the record
elif action == "Delete":
#Delete the record now
rtndel = db.delete_qcustcdt(cusnum, library1)
if rtndel:
flash('Customer %s deleted' % cusnum)
return redirect(url_for('qcustcdtlist'))
else:
flash('Customer %s NOT deleted' % cusnum)
return redirect(url_for('qcustcdtlist'))
# Close connection
db.close_connection
def load_settings(settings):
"""Define global settings"""
if "db_file" not in settings:
print "Error: The database selected is not a valid file"
sys.exit()
settings['version'] = "1.1.0"
logging.basicConfig(
filename='fuzz.log',
level=logging.INFO,
format='%(asctime)s %(levelname)s %(module)s: %(message)s',
datefmt='%Y-%m-%d %H.%M.%S')
console = logging.StreamHandler()
console.setFormatter(
logging.Formatter('%(asctime)s %(levelname)s %(module)s: %(message)s'))
settings['logger'] = logging.getLogger('fuzzer')
settings['logger'].addHandler(console)
settings[
'soft_limit'] = 250 # maximum limit for the output of stdout & stderr
settings['soft_bypass'] = [
"canarytoken",
getpass.getuser(), "root", "/usr", "/bin", "PATH", "core dump",
"egmentation fault", "== "
] # exceptions for the soft_limit setting
settings[
'hard_limit'] = 1024 # maximum hard limit, regardless of the soft_limit & soft_bypass
#settings['hard_limit_lines'] = 1 # maximum line limit in the output
settings['tmp_prefix'] = "chkF_" # prefix for temporary files created
if sys.platform in ["darwin"]:
settings['tmp_dir'] = "/Volumes/ramdisk/"
settings[
'tmp_dir_howto'] = "diskutil erasevolume HFS+ 'ramdisk' `hdiutil attach -nomount ram://838860`"
elif sys.platform == "win32":
settings['tmp_dir'] = "X:\\"
settings[
'tmp_dir_howto'] = "imdisk -a -s 512M -m X: -p \"/fs:ntfs /q/y\"; notepad \"C:\Windows\System32\canaryfile.bat\": @echo off; echo canarytokencommand"
elif sys.platform == "linux2" or sys.platform == "freebsd11":
settings['tmp_dir'] = "/mnt/ramdisk/"
settings[
'tmp_dir_howto'] = "mkdir /mnt/ramdisk; mount -t tmpfs -o size=512m tmpfs /mnt/ramdisk; echo \"tmpfs /mnt/ramdisk tmpfs nodev,nosuid,noexec,nodiratime,size=512M 0 0\" >> /etc/fstab"
settings['webserver_port'] = random.randrange(
10000, 65535
) # dynamic web server port: crashes in the same port may interfere
# settings['webserver_port'] = 8000 # fixed value
settings['db'] = DbSqlite(settings, settings['db_file'])
if "db_tests" not in settings:
settings[
'db_tests'] = 100 # save the results in the database every X tests
if "software" not in settings:
settings['software'] = os.path.abspath(
"software.ini") # software definitions
if "timeout" not in settings:
settings['timeout'] = 10 # default timeout for threads in seconds
settings['kill_status'] = {
"not_killed":
settings['db'].get_constant_value("kill_status", "not killed"),
"requested":
settings['db'].get_constant_value("kill_status", "requested"),
"killed":
settings['db'].get_constant_value("kill_status", "killed"),
"not_found":
settings['db'].get_constant_value("kill_status", "not found")
}
settings['software'] = define_software(
settings) # load the software and find potential inconsistencies
settings['queue'] = Queue(
settings) # prepare the fuzzer and the webserver to interact
settings['monitor'] = Monitor(settings) # instantiate the monitor object
settings['dbaction'] = Dbaction(
settings) # instantiate the dbaction object
# Monitor
settings['canaryfile'] = "canaryfile"
settings[
'canaryfiletoken'] = "canarytokenfilelocal" # contents of settings['canaryfile']
settings['canaryexec'] = "canaryfile.bat"
settings[
'canaryexectoken'] = "canarytokencommand" # contents of settings['canaryexec']
settings['canaryhost'] = "127.0.0.1:" + str(settings['webserver_port'])
settings['canaryfileremote'] = "canarytokenfileremote"
# Analyze
settings['output_width'] = 130
return settings