Example #1
0
def main():
    # get the form data
    form = cgi.FieldStorage()
    cookie = Cookie.SimpleCookie()
    cookie.load(os.environ.get('HTTP_COOKIE'))
    # check the file type
    if form['file'].filename.split('.')[-1].lower() in ['jpg', 'gif', 'png']:
        user = cookie['user'].value
        file_path = ""
        # get the user's avatar from mysql
        try:
            mysql_connect = MySQLdb.connect(host=my_conf.mysql_server,
                    user=my_conf.mysql_user,
                    passwd=my_conf.mysql_password,
                    db=my_conf.mysql_database)
            cursor = mysql_connect.cursor()
            cursor.execute("""select * from UserPath where UserID = %d;""" %
                            int(cookie['userid'].value))
            result = cursor.fetchone()
            if result[1]:
                os.remove(os.path.join(my_conf.http_doc_path + '/data/',
                            result[1]))
            filename = sha.new(cookie['user'].value).hexdigest()
            file_path = os.path.join(my_conf.http_doc_path + '/data/',
                                    filename)
            with open(file_path, 'w+b') as fp:
                fp.write(form['file'].file.read())
            cur_datetime = datetime.datetime.today()
            cursor.execute("""update UserPath set Path = '%s',
                            UpdateTime = '%s'
                            where UserID = %d;""" % (
                            filename,
                            cur_datetime,
                            int(cookie['userid'].value))
                        )
            mysql_connect.commit()
            cursor.close()
            print my_cgifunc.content_type()
            print my_cgifunc.html_header("upload success")
            print '<h1>upload your new avatar successful!!!</h1>'
            print """<form method=get action=showPage.py>
                    <input type=submit value="Back">
                    </form>"""
            print my_cgifunc.html_tail()
        except Exception, e:
            print my_cgifunc.content_type()
            print my_cgifunc.html_header('Upload error')
            print '<h1>%s</h1>' % file_path
            print '<h3>Error : %s</h3>' % repr(e)
            print """<form method=get action=showPage.py>
                    <input type=submit value="Back">
                    </form>"""
            print my_cgifunc.html_tail()
        finally:
Example #2
0
def main():
    form = cgi.FieldStorage()
    cookie = Cookie.SimpleCookie()
    cookie.load(os.environ.get('HTTP_COOKIE'))
    if cookie.get('userid') == "":
        my_cgifunc.output_error(message="user error, please login in again.",
                        back_page="index.py")
        return
    if 'old_password' in form and \
        'new_password' in form and \
        'password_again' in form and \
        form['new_password'].value == form['password_again'].value:
        try:
            # get password from database and check the identity
            mysql_connect = MySQLdb.connect(host=my_conf.mysql_server,
                    user=my_conf.mysql_user,
                    passwd=my_conf.mysql_password,
                    db=my_conf.mysql_database)
            cursor = mysql_connect.cursor()
            cursor.execute("""select * from UserInfo where UserID = %d;""" %
                            int(cookie['userid'].value))
            result = cursor.fetchone()
            salt = result[5]
            old_password = sha.new(form['old_password'].value + salt).hexdigest()
            new_password = sha.new(form['new_password'].value + salt).hexdigest()
            if result and result[2] == old_password:
                cursor.execute("""update UserInfo set Password = '******'
                                  where UserID = %d;""" % (
                            new_password, int(cookie['userid'].value)))
                cursor.execute("""update Cache set Password = '******'
                                  where UserID = %d;""" % (
                            new_password, int(cookie['userid'].value)))
                mysql_connect.commit()
                print my_cgifunc.content_type()
                print my_cgifunc.html_header("Reset success")
                print "<h1>Reset user(%s) password successful!</h1>" % \
                        cookie['user'].value
                print """<FORM METHOD=GET ACTION=showPage.py>
                        <INPUT TYPE=SUBMIT VALUE="Back">
                        </FORM>"""
                print my_cgifunc.html_tail()
            else:
                if not result:
                    raise Exception("fetch user information from database error!")
                elif result[2] != old_password:
                    raise Exception("old password is not right!")
                else:
                    raise Exception("something error")
        except Exception, e:
            my_cgifunc.output_error(message = repr(e),
                            back_page="/reset_password.html")
        finally:
Example #3
0
def main():
    form = cgi.FieldStorage()
    if 'new_password' in form and \
        'password_again' in form and \
        form['new_password'].value == form['password_again'].value:
        try:
            mysql_connect = MySQLdb.connect(host=my_conf.mysql_server,
                    user=my_conf.mysql_user,
                    passwd=my_conf.mysql_password,
                    db=my_conf.mysql_database)
            cursor = mysql_connect.cursor()
            cursor.execute("""select * from UserInfo
                        where UserID = %d;""" % int(form['UserID'].value))
            result = cursor.fetchone()
            if not result:
                raise Exception("Connect to database error!")
            if result[2] == form['Finger'].value:
                salt = result[5]
                password = sha.new(form['new_password'].value+salt).hexdigest()
                cursor.execute("""update UserInfo set Password = '******'
                                where UserID = %d;""" % (
                                password,
                                int(form['UserID'].value)
                                )
                            )
                cursor.execute("""update Cache set Password = '******'
                                where UserID = %d;""" % (
                                password,
                                int(form['UserID'].value)
                                )
                            )
            else:
                raise Exception("Findger is not right, contact the admin!")
            cursor.close()
            mysql_connect.commit()
            print my_cgifunc.content_type()
            print my_cgifunc.html_header('Reset password success')
            print """<H1>Reset password ok</h1>
                     <form method=get action=/index.html>
                        <input type=submit value="首页">
                     </form>
                  """
            print my_cgifunc.html_tail()
        except Exception, e:
            my_cgifunc.output_error(
                message=repr(e),
                back_page="/index.html"
            )
        finally:
Example #4
0
                            where UserID = %d;""" %
                            (form['mail'].value, int(result[0])))
                mysql_connect.commit()
                cursor.close()
            else:
                raise Exception("connect to database error")
        except Exception, e:
            my_cgifunc.output_error(
                message=repr(e),
                back_page="/reset_mail.html"
                )
            return
        finally:
            mysql_connect.close()
        print cookie
        print my_cgifunc.content_type()
        print my_cgifunc.html_header('Reset email')
        print "<h1>Reset User:%s 's e-mail successful</h1>" % cookie['user'].value
        print "<form method=get action=showPage.py>"
        print '<input type=submit value="Back">'
        print "</form>"
        print my_cgifunc.html_tail()
    else:
        my_cgifunc.output_error(
            message="form data is not right!",
            back_page="/reset_mail.html"
            )

if __name__ == '__main__':
    main()
Example #5
0
                        where UserID = %d;""" % int(form['userid'].value))
            result = cursor.fetchone()
            cursor.close()
            if not result or result[2] != form['finger'].value:
                raise Exception
        except Exception, e:
            my_cgifunc.output_error(
                    message="link error, please contact the admin again",
                    back_page="/index.html"
                    )
            return
        finally:
            mysql_connect.close()

        print my_cgifunc.content_type()
        print my_cgifunc.html_header('Reset password')
        print """
            <FORM METHOD=POST ACTION=reset_withoutpass.py>
                <INPUT TYPE=HIDDEN VALUE="%s" NAME="UserID">
                <INPUT TYPE=HIDDEN VALUE="%s" NAME="Finger">
                <B>输入新密码:</B>
                <INPUT TYPE=PASSWORD NAME="new_password">
                <br/>
                <B>再次输入新密码:</B>
                <INPUT TYPE=PASSWORD NAME="password_again">
                <br/>
                <INPUT TYPE=SUBMIT VALUE="提交">
                <INPUT TYPE=RESET VALUE="重置">
            </FORM>
              """ % (form['userid'].value, form['finger'].value)
        print my_cgifunc.html_tail()
Example #6
0
            print my_cgifunc.html_header("upload success")
            print '<h1>upload your new avatar successful!!!</h1>'
            print """<form method=get action=showPage.py>
                    <input type=submit value="Back">
                    </form>"""
            print my_cgifunc.html_tail()
        except Exception, e:
            print my_cgifunc.content_type()
            print my_cgifunc.html_header('Upload error')
            print '<h1>%s</h1>' % file_path
            print '<h3>Error : %s</h3>' % repr(e)
            print """<form method=get action=showPage.py>
                    <input type=submit value="Back">
                    </form>"""
            print my_cgifunc.html_tail()
        finally:
            mysql_connect.close()


    else:
        print my_cgifunc.content_type()
        print my_cgifunc.html_header('Upload error')
        print '<h2>The file is not a (.jpg, .gif, .png) file</h2>'
        print """<form method=get action=showPage.py>
                <input type=submit value="Back">
                </form>"""
        print my_cgifunc.html_tail()

if __name__ == '__main__':
    main()
Example #7
0
            http://%s:%s/cgi-bin/findout.py?userid=%d&finger=%s

    Please delete this e-mail after reset your password as soon as possible.
    If you have any question about Yagra, please send mail to '%s' to contact administrator %s.
                  """ % (
                user,
                os.environ.get('SERVER_NAME'),
                os.environ.get('SERVER_PORT'),
                userid,
                finger,
                my_conf.AdminEMail,
                my_conf.AdminName
                )
        if send_mail(tolist, subject, content):
            print my_cgifunc.content_type()
            print my_cgifunc.html_header('Success')
            print """已发送找回密码的邮件到您的邮箱,请尽快查收"""
            print """<form method=get action=/index.html>
                        <input type=submit value="首页">
                    </form>"""
            print my_cgifunc.html_tail()
        else:
            my_cgifunc.output_error(
                    message="Send mail failed!",
                    back_page="/findout.html"
                    )
    else:
        my_cgifunc.output_error(
                message="Mail information is not right!",
                back_page="/findout.html"
                )