def new_user(): data = json.loads(redisdb.get(request.cookies["token"])) otpkey = data["OTP_key"] user_id = request.form["s_id"] user_auth = request.form["auth"] otp_passwd = request.form["otppassword"] otp_checker = pyotp.TOTP(otpkey) if otp_checker.verify(otp_passwd): user_otp_key = pyotp.random_base32() user_salt = str(uuid.uuid4()) md5 = hashlib.md5() new_random_password = random_password() md5.update(f"{new_random_password}{user_salt}".encode("utf-8")) md5_passwd = md5.hexdigest() try: sql = f"INSERT INTO admin values (%s,%s,%s,{int(user_auth)},%s)" mysqldb.execute(sql, (user_id, md5_passwd, user_salt, user_otp_key)) mysqlconn.commit() return json.dumps({ "state": "success", "password": new_random_password }) except Exception as e: print(e) return json.dumps({"state": "fail", "message": "该用户已存在"}) return json.dumps({"state": "fail", "message": "动态密码错误或超时"})
def send_private_message(): operator = json.loads(redisdb.get(request.cookies["token"])) qid = request.form["qid"] message = request.form["message"] #print(qid,message) sql = "SELECT * FROM message WHERE sender=%s" data = mysqldb.execute(sql, (qid)) if data > 0: sql = "SELECT * FROM message WHERE sender=%s and res='none'" state = mysqldb.execute(sql, (qid)) #print(state) if state > 0: sql = "UPDATE message SET res='ignore',res_time=NOW(),res_user_id=%s WHERE res='none' and sender=%s" mysqldb.execute(sql, (operator["id"], qid)) sql = "UPDATE message SET res=%s WHERE sender=%s ORDER BY send_time DESC LIMIT 1" mysqldb.execute(sql, (message, qid)) else: uid = str(uuid.uuid4()) sql = "INSERT INTO message values(%s,%s,NOW(),'Dialogue_Detail_None',%s,%s,NOW())" mysqldb.execute(sql, (uid, qid, message, operator["id"])) data = {"qid": qid, "message": message} res = requests.post( "http://127.0.0.1:5000/API/send_private_message.json", data).json() #print(res) if res["state"] == "success": mysqlconn.commit() return json.dumps({"state": "success", "message": ""}) else: return json.dumps({"state": "fail", "message": "系统出错"}) else: return json.dumps({"state": "fail", "message": "无留言可以回复"})
def reset_by_admin(): target_id = request.form["s_id"] newpassword = request.form["newpassword"] otppassword = request.form["otppassword"] data = json.loads(redisdb.get(request.cookies["token"])) otp_key = data["OTP_key"] sql = "SELECT * FROM admin where id = %s" mysqldb.execute(sql, (target_id)) user_data = mysqldb.fetchall()[0] otp_checker = pyotp.TOTP(otp_key) #print(otp_checker.now(),otppassword) if otp_checker.verify(otppassword): md5 = hashlib.md5() md5.update(f"{newpassword}{user_data[2]}".encode("utf-8")) md5_passwd = md5.hexdigest() try: sql = "UPDATE admin SET password=%s WHERE id=%s" mysqldb.execute(sql, (md5_passwd, target_id)) mysqlconn.commit() return "success" except Exception as e: print(e) return "fail" else: return "fail"
def handle(context, bot): message = context["message"] qid = context["sender"]["user_id"] if not (qid in white_list): message_id = str(uuid.uuid4()) sql = "INSERT INTO message(message_id, sender, send_time, detail, res)values (%s,%s,NOW(),%s,'none')" mysqldb.execute(sql, (message_id, qid, message)) mysqlconn.commit()
def group_add(): group_id = request.form["group_id"] bname = request.form["bname"] #print(group_id,bname) sql = "INSERT INTO `group` VALUES (%s,%s)" try: mysqldb.execute(sql, (group_id, bname)) mysqlconn.commit() except Exception as e: return json.dumps({"state": "fail", "message": "error"}) return json.dumps({"state": "success", "info": "成功"})
def group(context): mysqlconn.ping(reconnect=True) sql = "INSERT INTO service_log (time, type, target) VALUES (NOW(),'groupMessage',%s)" mysqldb.execute( sql, (f"group:{context['group_id']};person:{context['sender']['user_id']}")) mysqlconn.commit() try: respond_group(groupMessageHandles, groupMessageHandle_init_data, context, bot) except Exception as e: traceback.print_exc() error_data = traceback.format_exc() sql = "INSERT INTO error_log (time, error_detail) VALUES (NOW(),%s)" mysqldb.execute(sql, (pymysql.escape_string(error_data))) mysqlconn.commit()
def private(context): mysqlconn.ping(reconnect=True) #logger sql = "INSERT INTO service_log (time, type, target) VALUES (NOW(),'privateMessage',%s)" mysqldb.execute(sql, (f"person:{context['sender']['user_id']}")) mysqlconn.commit() try: state = respond_private(privateMessageHandles, context, bot) if not state: take_message_handle(context, bot) except Exception as e: bot.send(context, "服务器发生内部错误,请稍后重试") traceback.print_exc() error_data = traceback.format_exc() sql = "INSERT INTO error_log (time, error_detail) VALUES (NOW(),%s)" mysqldb.execute(sql, (pymysql.escape_string(error_data))) mysqlconn.commit() redisdb.delete(context["sender"]["user_id"])
def private_group_state(): gid = request.form["group_id"] if gid == "all": gid = "*" plugin_name = request.form["plugin_name"] state = int(request.form["state"]) if state == 0: bstate = "启用" elif state == 1: bstate = "停用" #print(gid,plugin_name,state) if gid == "*" and state == 0: #print("a") sql = "DELETE FROM group_message_plugin_activate WHERE plugin_name = %s" mysqldb.execute(sql, (plugin_name)) sql = "INSERT INTO group_message_plugin_activate values(%s,%s)" mysqldb.execute(sql, (gid, plugin_name)) mysqlconn.commit() return json.dumps({"state": "success", "bstate": bstate}) elif gid == "*" and state == 1: #print("b") sql = "DELETE FROM group_message_plugin_activate WHERE plugin_name = %s" mysqldb.execute(sql, (plugin_name)) mysqlconn.commit() return json.dumps({"state": "success", "bstate": bstate}) elif state == 0: sql = 'SELECT * FROM group_message_plugin_activate WHERE (plugin_name = %s and g_id = "*")' exist = mysqldb.execute(sql, (plugin_name)) if exist > 0: #print("c") return json.dumps({"state": "success", "bstate": "已全局打开"}) else: #print("d") sql = 'SELECT * FROM group_message_plugin_activate WHERE (plugin_name = %s and g_id = %s)' exist = mysqldb.execute(sql, (plugin_name, gid)) if exist > 0: return json.dumps({"state": "success", "bstate": bstate}) sql = "INSERT INTO group_message_plugin_activate values(%s,%s)" mysqldb.execute(sql, (gid, plugin_name)) mysqlconn.commit() return json.dumps({"state": "success", "bstate": bstate}) else: sql = 'SELECT * FROM group_message_plugin_activate WHERE (plugin_name = %s and g_id = "*")' exist = mysqldb.execute(sql, (plugin_name)) if exist > 0: #print("e") return json.dumps({"state": "success", "bstate": "已全局打开,请在全局中设置"}) else: #print("f") sql = "DELETE FROM group_message_plugin_activate WHERE (plugin_name = %s and g_id = %s) " mysqldb.execute(sql, (plugin_name, gid)) mysqlconn.commit() return json.dumps({"state": "success", "bstate": bstate})
def reset_by_user(): oldpassword = request.form["oldpassword"] newpassword = request.form["newpassword"] data = json.loads(redisdb.get(request.cookies["token"])) user_id = data["id"] sql = "SELECT * FROM admin where id = %s" mysqldb.execute(sql, (user_id)) user_data = mysqldb.fetchall()[0] if check(user_data, oldpassword): md5 = hashlib.md5() md5.update(f"{newpassword}{user_data[2]}".encode("utf-8")) md5_passwd = md5.hexdigest() try: sql = "UPDATE admin SET password=%s WHERE id=%s" mysqldb.execute(sql, (md5_passwd, user_id)) mysqlconn.commit() return json.dumps({"state": "success", "message": "修改成功"}) except Exception as e: return json.dumps({"state": "fail", "message": "服务器异常"}) else: return json.dumps({"state": "fail", "message": "密码有误"})
def private_plugin_state(): plugin_name = request.form["plugin_name"] state = int(request.form["state"]) if state == 0: bstate = "启用" elif state == 1: bstate = "临时停用" else: bstate = "永久停用" #print(plugin_name,state) sql = f"UPDATE private_message_plugin SET active={int(state)} WHERE plugin_name=%s" try: #print(sql) state = mysqldb.execute(sql, (plugin_name)) if state == 1: mysqlconn.commit() else: return json.dumps({"state": "fail", "message": "无内容修改"}) except Exception as e: return json.dumps({"state": "fail", "message": "服务器异常"}) return json.dumps({"state": "success", "bstate": bstate})
def handle_group_increase(context): mysqlconn.ping(reconnect=True) sql = 'INSERT INTO service_log (time, type, target) VALUES (NOW(),"groupMumReq",%s)' mysqldb.execute( sql, (f'group:{context["user_id"]};person:{context["group_id"]}')) mysqlconn.commit()
def handle_request(context): mysqlconn.ping(reconnect=True) sql = 'INSERT INTO service_log (time, type, target) VALUES (NOW(),"groupMumAdd",%s)' mysqldb.execute(sql, (f'group:{context["group_id"]}')) mysqlconn.commit()
def handle_request(context): mysqlconn.ping(reconnect=True) sql = 'INSERT INTO service_log (time, type, target) VALUES (NOW(),"friendAdd",%s)' mysqldb.execute(sql, (f'person:{context["user_id"]}')) mysqlconn.commit() return {"approve": True}