#!/usr/bin/env python3
import uuid
import database
import api
import encrypt
db = database.Database()
api = api.Api("json")
# Ensure the correct post keys were sent
if api.check_keys(
("member_id", "session_id", "name", "mobile", "emergency_ph")):
member_id = api.request["member_id"].value
session_id = api.request["session_id"].value
name = api.request["name"].value
mobile = api.request["mobile"].value
emergency_ph = api.request["emergency_ph"].value
# Ensure user is logged in
if db.check_session(member_id, session_id):
sql = ("UPDATE member SET " + "name = '" + name + "', " +
"mobile = '" + mobile + "', " + "emergency_ph = '" +
emergency_ph + "' " + "WHERE member_id = " + member_id + ";")
db.cur.execute(sql)
response = api.set_returncode(0)
else:
response = api.set_return_code(1)
else:
response = api.set_returncode(5)
#!/usr/bin/env python3
import uuid
import database
import api
import encrypt
db = database.Database()
api = api.Api("json")
# Ensure the correct post keys were sent
if api.check_keys(("email", "password", "student_num", "name", "dob", "mobile",
"emergency_ph", "full_part_time")):
student_num = api.request["student_num"].value
password = api.request["password"].value
name = api.request["name"].value
email = api.request["email"].value
dob = api.request["dob"].value
mobile = api.request["mobile"].value
emergency_ph = api.request["emergency_ph"].value
full_part_time = api.request["full_part_time"].value
# Generate salt and password hash
salt = str(uuid.uuid4().hex)
pass_hash = encrypt.generate_hash(password, salt)
sql = "SELECT email FROM member WHERE(email = '" + email + "');"
db.cur.execute(sql)
if db.cur.rowcount != 0:
response = api.set_returncode(3)
else:
#!/usr/bin/env python3
import uuid
import database
import api
import encrypt
db = database.Database()
api = api.Api("json")
# Ensure the correct post keys were sent
if api.check_keys(("email", "password")):
email = api.request["email"].value
password = api.request["password"].value
# Check user's password, and that they are verified
sql = "SELECT verified, pass_hash, salt, member_id FROM member WHERE( email = '" + email + "');"
db.cur.execute(sql)
if db.cur.rowcount == 1:
row = db.cur.fetchone()
if row[0] == 'N':
response = api.set_returncode(4)
else:
# Check the users password
pass_hash = row[1]
salt = row[2]
check_hash = encrypt.generate_hash(password, salt)
if pass_hash == check_hash:
# Clear any old session IDs before generating a new one
member_id = row[3]
#!/usr/bin/env python3
import database
from qrcode import *
import api
import uuid
import delete_qr # Deletes old QR codes
db = database.Database()
api = api.Api("json")
# Ensure the correct request keys were sent
if api.check_keys(("member_id", "session_id", "society_id")):
member_id = api.request["member_id"].value
session_id = api.request["session_id"].value
society_id = api.request["society_id"].value
# Ensure user is a committee member for the society
if db.check_session(member_id, session_id):
if db.check_committee(member_id, society_id):
token = str(uuid.uuid4().hex)
qrdata = "{ \"token\": \"" + token + "\", \"society_id\": \"" + society_id + "\"}"
# Generate qr code
qr = QRCode(version=None,
box_size=10,
error_correction=ERROR_CORRECT_L)
qr.add_data(qrdata)
qr.make(fit=True)
im = qr.make_image()
im.save("/var/www/html/img/" + token + ".png")
#!/usr/bin/env python3
import database
import api
db = database.Database()
api = api.Api("json")
# Ensure the correct post keys were sent
if api.check_keys(
("member_id", "session_id", "society_id", "committee_email")):
chair_id = api.request["member_id"].value
session_id = api.request["session_id"].value
society_id = api.request["society_id"].value
member_email = api.request["committee_email"].value
if db.check_session(chair_id, session_id):
if db.check_chair(chair_id, society_id):
sql = "SELECT member_id FROM member WHERE email LIKE '" + member_email + "'"
try:
db.cur.execute(sql)
api.set_returncode(0)
except:
api.set_returncode(6)
if db.cur.rowcount == 1:
row = db.cur.fetchone()
member_id = str(row[0])
# Add member as committee member
sql = "INSERT INTO committee_society(member_id, society_id) VALUES(" + member_id + ", " + society_id + ");"