Exemple #1
0
def SearchArticleList(ActionInfo):

    try:
        ActionInfo = CheckParamet(("uid","name","keyword"),ActionInfo,("page","eachpage","order","author"))
    except NoteError as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return ({"state":e.err})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"SearchArticleList","Info":ActionInfo,"Detial":traceback.format_exc()})
        return ({"state":"SearchArticleList UnKnowErr"})
        
    ActionInfo["keyword"] = ActionInfo["keyword"].strip()
    try:
        result = sqllib.SearchArticle (ActionInfo)
        for article in result:
            article["lastesttime"]=article["lastesttime"].strftime('%Y-%m-%d %H:%M:%S')
            article["pubtime"]=article["pubtime"].strftime('%Y-%m-%d %H:%M:%S')
            if article["name"]==PUBLICUSER:
                del article["name"]
        return({'state':'success','keyword':ActionInfo["keyword"],'articlelist':result})
    except (SqlError,PermissionError) as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return({'state':e.err,'keyword':ActionInfo["keyword"]})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"SearchArticleList","Info":ActionInfo,"Detial":traceback.format_exc()})
        return({'state':'SearchArticleList UnknowErr','keyword':ActionInfo["keyword"]})
Exemple #2
0
def ChangeUserPassword(ActionInfo):#更改密码,要求登录
    #ActionInfo should have name password newpassword
    try:
        ActionInfo = CheckParamet(["name","password","newpassword"],ActionInfo)
    except NoteError as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return ({'state':e.err})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"ChangeUserPassword","Info":ActionInfo,"Detial":traceback.format_exc()})
        return ({'state':"ChangeUserPassword UnKnowErr"})
        
    userinfo = CheckUser(ActionInfo)
    if userinfo["state"] == "success":
        try:
            info = sqllib.GetUserInfo (ActionInfo)
            info["password"] = ActionInfo["newpassword"]
            info = CreateSaltAndPassword(info)
            mail.Send(info["mail"],MAIL_TITLE_CGPASSWORD,MAIL_ARTICLE_CGPASSWORD)
            sqllib.ResetPassword (info)
            return {'state':"success"}
        except (SqlError,PermissionError,MailError) as e:
            return {'state':e.err}
        except Exception as e:
            logger.Record("ERROR",str(e),{"Function":"ChangeUserPassword","Info":ActionInfo,"Detial":traceback.format_exc()})
            return ({'state':"ChangeUserPassword UnKnowErr"})
    else:
        return {'state':userinfo["state"]}
Exemple #3
0
def GetArticleList(ActionInfo):

    try:
        ActionInfo = CheckParamet(["uid"],ActionInfo,["name","page","eachpage","order","author"])
    except NoteError as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return ({"state":e.err})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"GetArticleList","Info":ActionInfo,"Detial":traceback.format_exc()})
        return ({"state":"GetArticleList UnKnowErr"})

    try:
        res = sqllib.GetArticleList (ActionInfo)
        count = res["count"]
        result = res["result"]
    except (SqlError,PermissionError) as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return {'state':e.err}
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"GetArticleList","Info":ActionInfo,"Detial":traceback.format_exc()})
        return {'state':'GetArticleList UnKnowErr'}
    for article in result:
        article["lastesttime"]=article["lastesttime"].strftime('%Y-%m-%d %H:%M:%S')
        article["pubtime"]=article["pubtime"].strftime('%Y-%m-%d %H:%M:%S')
        if article["saltpassword"]==None:
            article["password"]=0
        else:
            article["password"]=1
        del article["saltpassword"]
    return {'state':'success','articlelist':result,'count':count}
Exemple #4
0
def EditArticle(ActionInfo):#修改文章
#ActionInfo=('title','name','essay','permission','password')
    try:
        ActionInfo = CheckParamet(["title","rawtitle","essay","type"],ActionInfo,["author","uid","name","password"])
    except NoteError as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return ({"state":e.err})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"EditArticle","Info":ActionInfo,"Detial":traceback.format_exc()})
        return ({"state":"EditArticle UnKnowErr"})
        
    if "password" in ActionInfo:
        if ActionInfo["password"]==str(RESETARTCALPASSWORD):#如果取消密码
            ActionInfo["saltpassword"]=None
            ActionInfo["salt"]=None
            del ActionInfo["password"]
        else:
            ActionInfo = CreateSaltAndPassword(ActionInfo)

    try:
        if sqllib.EditArticle(ActionInfo) is True:
            return ({"state":"success"})
    except (SqlError,PermissionError) as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return({"state": e.err})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"EditArticle","Info":ActionInfo,"Detial":traceback.format_exc()})
        return({"state": "EditArticle UnkonwErr"})
Exemple #5
0
def GetArticle(ActionInfo):#快速获取文章内容,用于主页展示和文章编辑
    pprint(ActionInfo)
    try:
        ActionInfo = CheckParamet(("title","mode"),ActionInfo,("author","name","password"))
    except NoteError as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return ({"title":"Paramet Error","essay":e.err,"state":"Failed"})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"GetArticle","Info":ActionInfo,"Detial":traceback.format_exc()})
        return ({"title":"GetArticle UnKnowErr","essay":"GetArticle UnKnowErr","state":"Failed"})

    #ActionInfo["title"] = CleanTitle(ActionInfo["title"])#id title共用关键字
    ActionInfo["id"] = 0
    if ActionInfo["title"].isdigit():
        ActionInfo["id"] = ActionInfo["title"]
        del ActionInfo["title"]

    try:
        article = sqllib.GetArticle(ActionInfo)
    except PermissionError as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return ({"title":"Permission Denied","essay":e.err,"state":"Failed"})
    except SqlError as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return ({"title":"No Such Title","essay":e.err,"state":"Failed"})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"GetArticle","Info":ActionInfo,"Detial":traceback.format_exc()})
        return ({"title":"GetArticle UnkonwErr","essay":"GetArticle UnkonwErr","state":"Failed"})
    
    if article["saltpassword"] is not None:#如果有密码
        article["havepassword"]=True
        if ActionInfo["mode"]=="edit":#如果有传入密码
            article["state"]="success"
        elif ActionInfo.get("password",None) is None:#如果没有传入密码
            return {"state":"Need Password","title":"Permission Denied","essay":"Need Password"}
        elif CheckArticlePassword({"saltpassword":article["saltpassword"],"salt":article["salt"],"password":ActionInfo.get("password","None")}):#如果有传入密码
            article["state"]="success"
        else:#传入密码错误
            return {"state":"Failed","title":"Get Title Error","essay":"Get Essay Error"}
    else:
        article["havepassword"]=False
        article["state"]="success"

    del article["saltpassword"]
    del article["salt"]
    del article["uid"]
    article["lastesttime"]=article["lastesttime"].strftime('%Y-%m-%d %H:%M:%S')
    article["pubtime"]=article["pubtime"].strftime('%Y-%m-%d %H:%M:%S')
    return article
Exemple #6
0
def DeleteArticleByNameTitle (ActionInfo):

    try:
        ActionInfo = CheckParamet(["uid","name","author","title"],ActionInfo)
    except NoteError as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return ({"state":e.err})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"EditArticle","Info":ActionInfo,"Detial":traceback.format_exc()})
        return ({"state":"EditArticle UnKnowErr"})

    try:
        sqllib.DeleteArticleByNameTitle(ActionInfo)
        return ({"state":"success"})
    except (SqlError,PermissionError) as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return({"state":e.err})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"DeleteArticleByNameTitle","Info":ActionInfo,"Detial":traceback.format_exc()})
        return({"state":"DeleteArticle Unknow Error"})
Exemple #7
0
def SubmitArticle(ActionInfo):
    try:
        ActionInfo = CheckParamet(["title","essay","type"],ActionInfo,["uid","name","author","articlepermissions","articlegroup"])
    except NoteError as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return ({"state":e.err})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"SubmitArticle","Info":ActionInfo,"Detial":traceback.format_exc()})
        return ({"state":"SubmitArticle UnKnowErr"})
    
    #检查文章种类
    try:
        sqllib.CreatArticle (ActionInfo)
        return({"state":"success"})
    except (SqlError,PermissionError) as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return ({"state":e.err})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"SubmitArticle","Info":ActionInfo,"Detial":traceback.format_exc()})
        return("未知错误")
Exemple #8
0
def CheckUser(uf):#检查用户能否登录

    try:
        uf = CheckParamet(["name","password"],uf)
    except NoteError as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return ({"state":e.err})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"CheckUser","Info":uf,"Detial":traceback.format_exc()})
        return ({"state":"CheckUser UnKnowErr"})
        
    try:
        userinfo = sqllib.GetLoginInfo ({'name':uf["name"]})
    except (SqlError,PermissionError) as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return ({"state":"Failed"})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"CheckUser","Info":ActionInfo,"Detial":traceback.format_exc()})
        return ({"state":"Failed"})

    shapassword = hashlib.sha256()
    shapassword.update((str(uf["password"])+userinfo['salt']).encode('utf-8'))
    t = time.mktime(userinfo["now"].timetuple())-time.mktime(userinfo["lastfailedtime"].timetuple())
    t = (t/3600)
    waitetime=WAITETIME*(WAITENUM**(userinfo["lgnfailedtimes"]-LOGINFAILEDTIMES+1))
    if userinfo["lgnfailedtimes"]>=LOGINFAILEDTIMES and t<waitetime:
        return ({"state":"Login Failed Too Many Times Try After %s Hour"%(float('%0.3f'%(waitetime-t)))})
    elif shapassword.hexdigest()==userinfo['saltpassword']:
        sqllib.CleanFailedTimes ({'name':uf["name"]})
        res = {}
        res["name"] = userinfo["name"]
        res["uid"] = userinfo["uid"]
        res["group"] = userinfo["group"]
        res["permission"] = userinfo["permission"]
        res["permissions"] = userinfo["permissions"]
        res["state"] = "success"
        return (res)
    else:
        sqllib.LoginFailed ({'name':uf["name"]})
        return ({"state":"Failed"})
Exemple #9
0
def ReCreateUserPassword(ActionInfo):#重置密码用户名
    import uuid
    #ActionInfo should have ('uid','name','mail','salt','saltpassword')
    try:
        ActionInfo = CheckParamet(["name","mail"],ActionInfo)
    except NoteError as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return ({'state':e.err})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"ChangeUserPassword","Info":ActionInfo,"Detial":traceback.format_exc()})
        return ({'state':"ChangeUserPassword UnKnowErr"})

    try:
        info = sqllib.GetUserInfo(ActionInfo)
    except (SqlError,PermissionError,MailError) as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return {'state':e.err}
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"ReCreateUserPassword","Info":ActionInfo,"Detial":traceback.format_exc()})
        return ({'state':"ReCreateUserPassword UnKnowErr"})
        
    if ActionInfo["mail"] == info["mail"]:
        newpassword = str(uuid.uuid3(uuid.uuid1(), ActionInfo['mail']))
        info["password"] = newpassword
        info = CreateSaltAndPassword(info)
        try:
            mail.Send(ActionInfo["mail"],MAIL_TITLE_RSPASSWORD,MAIL_ARTICLE_RSPASSWORD%(newpassword))
            sqllib.ResetPassword (info)#重置密码
            sqllib.CleanFailedTimes (info)#清空登录计数
            return {'state':"success"}
        except (SqlError,PermissionError,MailError) as e:
            return {'state':e.err}
        except Exception as e:
            logger.Record("ERROR",str(e),{"Function":"ReCreateUserPassword","Info":ActionInfo,"Detial":traceback.format_exc()})
            return ({'state':"ReCreateUserPassword UnKnowErr"})
    else:
        return {'state':"Mail Not Match"}
Exemple #10
0
def CreateUser(ActionInfo):#生成用户,生成uid,生成盐
    import uuid
    
    try:
        ActionInfo = CheckParamet(["name","mail","password","group"],ActionInfo)
    except NoteError as e:
        logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
        return ({'state':e.err})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"SearchArticleList","Info":ActionInfo,"Detial":traceback.format_exc()})
        return ({'state':"SearchArticleList UnKnowErr"})
    
    t = str(int(time.time()))
    #生成salt
    salt = hashlib.sha256()
    salt.update((ActionInfo['password'][0:5]+t+ActionInfo['name'][0:4]).encode('utf-8'))
    ActionInfo["salt"] = salt.hexdigest()
    #生成hash256password
    hash256password = hashlib.sha256()
    hash256password.update((ActionInfo['password']).encode('utf-8'))
    ActionInfo['hash256password'] = hash256password.hexdigest()
    #生成saltpassword
    saltpassword = hashlib.sha256()
    saltpassword.update((ActionInfo['hash256password']+ActionInfo["salt"]).encode('utf-8'))
    ActionInfo['saltpassword'] = saltpassword.hexdigest()
    #生成uid
    ActionInfo['uid'] = str(uuid.uuid3(uuid.uuid1(), ActionInfo['mail']))
    try:
        mail.Send(ActionInfo["mail"],MAIL_TITLE_SIGNIN,MAIL_ARTICLE_SIGNIN)
        info = sqllib.CreateUser(ActionInfo)
        return ({'state':"success"})
    except (SqlError,PermissionError,MailError) as e:
        return ({'state':e.err})
    except Exception as e:
        logger.Record("ERROR",str(e),{"Function":"CreateUser","Info":ActionInfo,"Detial":traceback.format_exc()})
        return ({'state':"CreateUser UnkonwErr"})