def addComment(request, conn=None):
global error
if request.method == "POST":
content = request.POST.get("content")
print request.POST.get("user_id", 0), "------"
user_id = int(
request.POST.get("user_id")) if request.POST.get("user_id") else 0
article_id = int(request.POST.get("article_id")) if request.POST.get(
"article_id") else 0
create_time = dates = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
if user_id:
if content:
sql = "insert into comment (content,user_id,article_id,create_time) values ('%s',%d,%d,'%s')" % (
content, user_id, article_id, create_time)
result = db_update(conn, sql)
else:
error = "请输入评论内容!"
else:
error = "请登录!"
request.session["error"] = error
return redirect("/articleDetail/%d" % article_id)
else:
pass
def delUser(request,conn=None,id=""):
isRole = isLogin(request);
if isRole:
id = int(id)
sql = "delete from user where id=%d"%id
result = db_update(conn,sql)
return redirect("/userList")
def updateUser(request,conn=None,id=""):
global error
if request.method == "GET":
sql = "select * from user where id=%d"%int(id)
result = db_query(conn,sql)
result = result["result"]
request.session["user"]["img_url"] = result[0]["img_url"]
return render(request,"register.html",{
"title":"修改信息",
"id":int(id),
"userInfo":result,
"error":error
})
else:
username = request.POST.get("username", "")
pwd = request.POST.get("password", "")
confirmPwd = request.POST.get("confirmPassword")
email = request.POST.get("email", "")
img_url = request.FILES.get("file",request.session["user"]["img_url"])
code = request.POST.get("code", "")
role = request.POST.get("role", "")
id = int(id)
if username and pwd and email and role:
if not re.match(r'(\w)+\@[a-zA-Z0-9_-]+\.([a-zA-Z]+)*', email):
error = "请输入正确的邮箱!"
return redirect("/updateUser/%d"%id)
if pwd != confirmPwd:
error = "两次输入密码不匹配!"
return redirect("/updateUser/%d"%id)
if str(code).lower() != request.session.get("code", ""):
error = "验证码输入有误!"
return redirect("/updateUser/%d"%id)
sql = "select * from user where email='%s' " % email
result = db_query(conn, sql)
result = result["result"]
print result
if len(result):
pwd = md5(pwd)
img_url = fileWrite(img_url)
sql = "update user set username='******', password='******', email='%s', img_url='%s', role=%d where id=%d" % (username, pwd, email, img_url, int(role),id)
result = db_update(conn, sql)
request.session["user"]["img_url"] = img_url
return redirect("/userList")
else:
error = "用户不存在!"
return redirect("/updateUser/%d" % id)
else:
error = "用户名 密码 邮箱 角色不能为空!"
return redirect("/updateUser/%d"%id)
def register(request,conn=None):
global error
if request.method == "GET":
return render(request,"register.html",{
"title":"注册",
"error": error
})
else:
username = request.POST.get("username","")
pwd = request.POST.get("password","")
confirmPwd = request.POST.get("confirmPassword","")
email = request.POST.get("email","")
img_url = request.FILES.get("file","/static/image/load.jpg")
code = request.POST.get("code","")
role = request.POST.get("role","")
if username and pwd and email and role:
if not re.match(r'(\w)+\@[a-zA-Z0-9_-]+\.([a-zA-Z]+)*',email):
error = "请输入正确的邮箱!"
return redirect("/register")
if pwd != confirmPwd:
error = "两次输入密码不匹配!"
return redirect("/register")
if str(code).lower() != request.session.get("code",""):
error = "验证码输入有误!"
return redirect("/register")
pwd = md5(pwd)
img_url = fileWrite(img_url)
# 注册语句
sql = "insert into user (username, password, email, img_url, role) VALUES ('%s','%s','%s','%s',%d)" % (username,pwd,email,img_url,int(role))
result = db_update(conn,sql)
# 查询当前注册帐号的id
sql = "select id from user where email='%s'"%email
result = db_query(conn,sql)
result = result["result"]
# 将用户注册信息保存在session中 删除code的session
del request.session["code"]
request.session["user"] = {
"username": username,
"email": email,
"img_url": img_url,
"role": role,
"id":result[0]["id"]
}
return redirect("/")
else:
error = "用户名 密码 邮箱 角色不能为空!"
return redirect("/register")
def verifyUser(request,conn=None,id=""):
isRole = isLogin(request)
if isRole:
if not id:
sql = "select * from user where role=2"
result = db_query(conn,sql)
return render(request,"verifyUser.html",{
"title":"审核用户",
"verifyUserList":result["result"]
})
else:
sql = "update user set role =3 where id=%d"%int(id)
result = db_update(conn,sql)
return redirect("/verifyUser")
else:
return redirect("/")