def new_venue_ajax_image(request,idnum):
try:
venue = Venue.objects.get(id=idnum)
form = VenueImageForm(request.POST,request.FILES)
if form.is_valid():
new = VenueImage()
new.image = form.cleaned_data["new_image"]
new.caption = form.cleaned_data["caption"]
new.venue = venue
new.user = request.user
new.save()
images = squares(new.image,new)
new.small_square.save(new.image.name,images[0],save=True)
new.square.save(new.image.name,images[1],save=True)
new.save()
info = { "status": "success",
"image" : new.small_square.url,
"id" : new.id,
"caption" : new.caption }
return HttpResponse(dumps(info),content_type="application/json")
else:
res = HttpResponse()
res.status_code = 203
print form.errors
return res
except Exception, e:
print e
res = HttpResponse()
res.status_code = 500
return res
def logout(request):
if request.method == "POST":
username = request.POST.get('username', None)
session_id = request.COOKIES.get('session_id')
try:
user = models.user.objects.get(username=username)
if user.session_id != session_id:
response = HttpResponse(json.dumps(
{'error': 'session expiration'}),
content_type='application/json')
response.status_code = 401
response.set_cookie('session_id', '')
user.session_id = ''
user.save()
return response
else:
user.session_id = ''
user.save()
response = HttpResponse(json.dumps({'message': 'ok'}),
content_type='application/json')
response.status_code = 200
response.set_cookie('session_id', '')
return response
except:
response = HttpResponse(json.dumps({"error": "no such a user"}),
content_type='application/json')
response.status_code = 401
return response
response = HttpResponse(json.dumps({"error": "require POST"}),
content_type='application/json')
response.status_code = 401
return response
def login(request):
if request.method == "POST":
username = request.POST.get('username', None)
password = request.POST.get('password', None)
try:
user = models.user.objects.get(username=username)
print(user)
if user.password == password:
temp = bytes(username, 'utf-8')
user.session_id = base64.b64encode(temp)
user.save()
response = HttpResponse(json.dumps({
'username': username,
'userid': user.userid
}),
content_type='application/json')
response.status_code = 200
response.set_cookie('session_id', user.session_id)
return response
else:
response = HttpResponse(json.dumps(
{"error": "password is wrong"}),
content_type='application/json')
response.status_code = 401
return response
except:
response = HttpResponse(json.dumps({"error": "no such a user"}),
content_type='application/json')
response.status_code = 401
return response
response = HttpResponse(json.dumps({"error": "require POST"}),
content_type='application/json')
response.status_code = 401
return response
def hub_upload_file(req):
res = {"status": "OK"}
obj = req.FILES.get('file', None)
if not obj:
res["status"] = "miss parameter file"
resp = HttpResponse(json.dumps(res), content_type="application/json")
resp.status_code = 415
return resp
if obj.name[-1] == "\"":
obj.name = obj.name[:-1]
new_file_path = os.path.join(BASE_DIR, 'image_build_files',
'tarFiles', obj.name)
if os.path.exists(new_file_path):
res["status"] = "file exits"
resp = HttpResponse(json.dumps(res), content_type="application/json")
resp.status_code = 415
return resp
f = open(new_file_path, 'wb')
for chunk in obj.chunks():
f.write(chunk)
f.close()
return HttpResponse(json.dumps(res), content_type="application/json")
def new_venue_image(request,idnum):
try:
venue = Venue.objects.get(id=idnum)
form = VenueImageForm(request.POST,request.FILES)
if form.is_valid():
new = VenueImage()
new.image = form.cleaned_data["new_image"]
new.caption = form.cleaned_data["caption"]
new.venue = venue
new.user = request.user
new.save()
images = squares(new.image,new)
new.small_square.save(new.image.name,images[0],save=True)
new.square.save(new.image.name,images[1],save=True)
new.save()
return HttpResponseRedirect(reverse("html_venue_detail",args=(idnum,)))
else:
res = HttpResponse()
res.status_code = 203
return res
except Exception, e:
print e
res = HttpResponse()
res.status_code = 500
return res
def toggle_subtask(request):
if request.method == "POST":
# Security check
try:
subtask = SubTask.objects.get(pk=int(request.POST.get("pk")))
if subtask.parent_task.creator != request.user:
raise PermissionDenied
except PermissionDenied:
response = HttpResponse(
json.dumps({"error": "Your access is denied"}))
response.status_code = 403 # To announce that the user isn't allowed to proceed
return response
except:
response = HttpResponse(
json.dumps({"error": "There was a server error"}))
response.status_code = 500 # Server error
return response
if subtask.done:
subtask.done = False
else:
subtask.done = True
subtask.save()
response_data = {}
try:
all_subtasks = SubTask.objects.filter(
parent_task=subtask.parent_task)
completed_tasks = SubTask.objects.filter(
parent_task=subtask.parent_task).filter(done=True).count()
percentage = int((completed_tasks / all_subtasks.count()) * 100)
print(percentage)
except ZeroDivisionError:
percentage = 0
response_data["percentage"] = percentage
return HttpResponse(json.dumps(response_data),
content_type="application/json")
else:
return HttpResponse(json.dumps(
{"nothing to see": "this isn't happening"}),
content_type="application/json")
def insert(request):
response = HttpResponse()
response.status_code = 200
if request.method == 'POST':
lat = request.POST.get('latitude')
lng = request.POST.get('longitude')
test_key = b'\x75\x37\x34\x72\x53\x76\x41\x6e\x4b\x46\x68\x55\x4e\x52\x55\x62' \
b'\x4c\x6f\x48\x69\x72\x31\x35\x71\x4d\x63\x45\x7a\x59\x7a\x6e\x51'
# test_iv = b'\x9E\x7B\x98\x04\x41\x6D\xF6\xC7\x0E\x1C\xF3\x4E\x9F\x75\x2D\x08'
iv = bytes.fromhex(request.POST.get('data')[:32])
cyph = AES.new(test_key, AES.MODE_CBC, iv)
decrypted = cyph.decrypt(bytes.fromhex(
request.POST.get('data')[32:])).decode("ascii")
data = json.loads(decrypted.replace(chr(0), ''))
timestamp = datetime.now()
item = DataItem(latitude=lat,
longitude=lng,
data=data['val'],
timestamp=timestamp,
sensor_id=data['id'])
item.save()
elif request.method == 'GET':
response.content = 'You must send POST queries!'
return response
def SettingsBackend(request):
if request.POST:
print request.POST['password']
user = authenticate(username=request.POST['password'])
print('user', user)
if user:
login(request, user)
#return JsonResponse({'success': True})
return HttpResponseRedirect('/')
else:
print 'here'
#return JsonResponse({'succes': False})
payload = {'status': 'error', 'message': 'ivalid password'}
response = HttpResponse(json.dumps(payload), content_type='application/json')
response.status_code = 200
return JsonResponse({'success': True})
#return JsonResponse({'succes': False})
#return HttpResponse('USer Not found')
#raise forms.ValidationError('Passwords do not match.')
#return user_not_found_bad_hash_message
else:
return render(request, 'registration/login.html')
def index(request):
re = HttpResponse('xxx')
print(re) #<HttpResponse status_code=200, "text/html; charset=utf-8">
re['name'] = 'gaodaao' #添加响应头键值对
re.status_code = 404 #修改状态码 不写默认是200
print(re) #[23/Nov/2020 20:41:09] "GET /index/ HTTP/1.1" 404 3
return re
def login(request):
if request.method == 'GET':
return render(request, 'login.html')
else:
# data = request.POST
# print(data) #<QueryDict: {'xname': ['yuantao'], 'pwd': ['666']}>
# print('>>>>>',request.body) #>>>>> b'xname=asdf&pwd=123'
data = request.body
data = data.decode()
import json
data = json.loads(data)
print(data, type(data))
#{'xname': 'asdf', 'pwd': '123'} <class 'dict'>
username = data.get('xname')
password = data.get('pwd')
if username == 'yuantao' and password == '666':
return HttpResponse('ok') # 200
# ret = render(request, 'login.html', {'error':'用户名或者密码有误!!', 'username':username,'password':password})
ret = HttpResponse('not ok')
ret.status_code = 400
return ret
def index(request):
re = HttpResponse('xxx')
# re = render('xxx')
# ret = redirect('/home/')
re['name'] = 'gaodaao' # 添加响应头键值对
re.status_code = 404 # 修改状态码
return re #返回字符串
def list(request):
# if request.session.get('is_login',None):
# cookies = request.COOKIES
# is_login = cookies.get("is_login")
# if is_login:
module_list = Instance.objects.all().values('module__mcode',
'module__mname', 'year',
'semester', 'professor__pid',
'professor__pname')
the_list = []
for module in module_list:
item = {
'module_code': module['module__mcode'],
'module_name': module['module__mname'],
'academic_years': module['year'],
'semester': module['semester'],
'pid': module['professor__pid'],
'pname': module['professor__pname']
}
the_list.append(item)
payload = {'module_list': the_list}
http_response = HttpResponse(json.dumps(payload))
http_response['Content-Type'] = 'application/json'
http_response.status_code = 200
http_response.reason_pharse = 'OK'
return http_response
def response_index(req):
response = HttpResponse()
response.content = "content"
response.write("write")
response.flush()
response.status_code = 404
return response
def scan_rfid(request):
rfid_uid = RfidReader().read_tag(blocking=False)
if rfid_uid:
return HttpResponse(rfid_uid)
else:
response = HttpResponse('No RFID tag detected')
response.status_code = 400
return response
def handler404(_, template_name='404.html'):
"""
Responds to pages that cannot be located on the server.
"""
template = loader.get_template(template_name)
response = HttpResponse(template.render({}))
response.status_code = 404
return response
def html_get_replies(request, cidnum):
try:
context = get_replies(request,cidnum)
return render(request,'venues/ajax-replies.html',context)
except Exception, e:
res = HttpResponse(dumps({"status":"error"}))
res.status_code = 500
return res
def scan_rfid(request):
rfid_uid = RfidReader().read_tag(blocking=False)
if rfid_uid:
return HttpResponse(rfid_uid)
else:
response = HttpResponse('No RFID tag detected')
response.status_code = 400
return response
def handler404(_, template_name='404.html'):
"""
Responds to pages that cannot be located on the server.
"""
template = loader.get_template(template_name)
response = HttpResponse(template.render({}))
response.status_code = 404
return response
def comment_thread(request, id):
try:
obj = Comment.objects.get(id=id)
except:
raise Http404
if not obj.user == request.user:
response = HttpResponse("You do not have permission to do this!")
response.status_code = 403
return response
content_object = obj.content_object
content_id = obj.content_object.id
if not obj.is_parent:
obj = obj.parent
initial_data = {
"content_type":obj.content_type,
"object_id": obj.object_id
}
form = CommentForm(request.POST or None, initial=initial_data)
if form.is_valid() and request.user.is_authenticated():
c_type = form.cleaned_data.get("content_type")
content_type = ContentType.objects.get(model=c_type)
obj_id = form.cleaned_data.get("object_id")
content_data = form.cleaned_data.get("content")
parent_obj = None
try:
parent_id = int(request.POST.get('parent_id'))
except:
parent_id = None
if parent_id:
parent_qs = Comment.objects.filter(id=parent_id)
if parent_qs.exists():
parent_obj = parent_qs.first()
new_comment, created = Comment.objects.get_or_create(
user=request.user,
content_type=content_type,
object_id=obj_id,
content=content_data,
parent=parent_obj,
)
return HttpResponseRedirect(new_comment.content_object.get_absolute_url())
context = {
"comment": obj,
"form": form,
}
return render(request, "comments/comment_thread.html", context)
def deleteStock(request):
if request.method == 'POST':
response = HttpResponse()
item_id = request.POST['item_id']
stock_item = get_object_or_404(StockItem, pk=item_id)
stock_item.delete()
response.status_code = 200
return response
else:
Http404("Why are you here?")
def register(request):
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
email = request.POST.get('email')
response = HttpResponse(json.dumps({"error": "require POST"}),
content_type='application/json')
response.status_code = 401
return response
def scan_fingerprint_1x(request):
fps = FingerprintScanner(debug=False)
template = fps.make_template(tries=2)
fps.backlight_off()
if template:
template = base64.b64encode(template)
return HttpResponse(template)
else:
response = HttpResponse("No finger detected")
response.status_code = 400
return response
def add_subscription(request):
body = json.loads(request.body)
author = get_object_or_404(User, id=int(body['id']))
user = get_object_or_404(User, id=request.user.id)
if user.id != author.id:
Follow.objects.get_or_create(user=user, author=author)
return JsonResponse({"success": True})
response = HttpResponse()
response.status_code = 400
return response
def make_response(status=200, content_type='text/plain', content=None):
""" Construct a response to a request.
Also, content-type is text/plain by default since IE9 and below chokes
on application/json.
"""
response = HttpResponse()
response.status_code = status
response['Content-Type'] = content_type
response.content = content
return response
def scan_fingerprint_1x(request):
fps = FingerprintScanner(debug=False)
template = fps.make_template(tries=2)
fps.backlight_off()
if template:
template = base64.b64encode(template)
return HttpResponse(template)
else:
response = HttpResponse("No finger detected")
response.status_code = 400
return response
def delete_user(request):
uid = int(request.POST['id'])
if request.user.id == uid:
messages.add_message(request, messages.ERROR, "You cannot delete yourself!")
response = HttpResponse('Invalid action')
response.status_code = 400
return response
else:
User.objects.filter(id = uid).delete()
return HttpResponse("Successful.")
def paidOrder(request):
if request.method == 'POST':
response = HttpResponse()
order_id = request.POST['order_id']
order = get_object_or_404(Order, pk=order_id)
order.is_paid = True
order.save()
response.status_code = 200
return response
else:
Http404("Why are you here?")
def delete_user(request):
uid = int(request.POST['id'])
if request.user.id == uid:
messages.add_message(request, messages.ERROR,
"You cannot delete yourself!")
response = HttpResponse('Invalid action')
response.status_code = 400
return response
else:
User.objects.filter(id=uid).delete()
return HttpResponse("Successful.")
def new(request):
sign = request.GET.get(SIGN)
url = PASSPORT_URL.format(sign)
try:
res = requests.get(url=url, headers=QR_CODE_HEADER, timeout=2)
except requests.exceptions.Timeout:
f**k = HttpResponse("你没扫码你点尼玛的扫码成功呢?")
f**k.status_code = 404
return f**k
res = res.text[1:-2]
data = json.loads(res)
data = json.loads(data[CHANNEL_V])
v = data['v']
url3 = LOGIN_URL.format(v)
response = requests.get(url3, timeout=2)
bduss = response.cookies[BDUSS]
if not bduss:
f**k = HttpResponse("你没扫码你点尼玛的扫码成功呢?")
f**k.status_code = 404
return f**k
User.objects.new(bduss)
return HttpResponse('ok')
def new_reply(request,cidnum):
try:
comment = Comment.objects.get(id=cidnum)
text = request.POST.get("text")
if comment and text:
new = Reply()
new.comment = comment
new.text = request.POST.get("text")
new.user = request.user
new.save()
except Exception, e:
res = HttpResponse(dumps({"status":"error"}))
res.status_code = 403
def scan_fingerprint_3x(request):
fps = FingerprintScanner(debug=True)
stage = int(request.POST['stage'])
ret = fps.enroll(stage=stage)
if ret is False:
response = HttpResponse('No finger detected')
response.status_code = 400
return response
elif stage == 3:
template = base64.b64encode(ret)
return HttpResponse(template)
else:
return HttpResponse('')
def user_toggle_active(request):
uid = int(request.POST['id'])
if request.user.id == uid:
messages.add_message(request, messages.ERROR, "You cannot deactivate yourself!")
response = HttpResponse('Invalid action')
response.status_code = 400
return response
else:
user = User.objects.get(id=uid)
user.is_active = not user.is_active
user.save()
return HttpResponse("Successful.")
def comment_rate(request,vidnum,cidnum,sentiment):
try:
comment = get_object_or_404(Comment,id=cidnum)
rating_type = CommentRating
good = SENTIMENTS[sentiment]
user = request.user
obj, created = rating_type.objects.get_or_create(user=user,comment=comment,is_good=good)
if created:
old = get_or_none(rating_type,user=user,comment=comment,is_good=(not good))
if old: old.delete()
data = comment.good_bad_counts()
return HttpResponse(dumps({"good":data[0],"bad":data[1]}))
else:
res = HttpResponse(dumps({"status":"duplicate"}))
res.status_code = 405
return res
except Exception, e:
res = HttpResponse(dumps({"status":"error"}))
res.status_code = 403
return res
def scan_fingerprint_3x(request):
fps = FingerprintScanner(debug=True)
stage = int(request.POST['stage'])
ret = fps.enroll(stage=stage)
if ret is False:
response = HttpResponse('No finger detected')
response.status_code = 400
return response
elif stage == 3:
template = base64.b64encode(ret)
return HttpResponse(template)
else:
return HttpResponse('')
def cancelOrder(request):
if request.method == 'POST':
response = HttpResponse()
order_id = request.POST['order_id']
order = get_object_or_404(Order, pk=order_id)
stock_item = order.item
stock_item.item_count += order.item_quantity
stock_item.save()
order.delete()
response.status_code = 200
return response
else:
Http404("Why are you here?")
def delete_reply(request,ridnum):
try:
user = request.user
reply = Reply.objects.get(id=ridnum)
cuser = reply.user
if cuser == user:
reply.delete()
return HttpResponse()
else:
raise Exception("user not correct")
except Exception, e:
res = HttpResponse(dumps({"status":"error"}))
res.status_code = 403
return res
def edit_door_name(request):
did = request.POST['id']
name = request.POST['value']
if is_valid_name(name, id=did):
door = Door.objects.get(id=did)
door.name = name
door.save()
return HttpResponse("Successful.")
else:
messages.add_message(request, messages.ERROR, 'Name must be unique and not blank.')
response = HttpResponse('Invalid name')
response.status_code = 400
return response
def receive_form(request):
if request.POST.get('action') == 'post':
players = request.POST.get('title')
selected_players = json.loads(request.POST.get('selected'))
print(selected_players)
# test for error
error = False
if error:
response = HttpResponse({"error": "there was an error"})
response.status_code = 500
return response
return HttpResponse('yes')
def html_venue_settings(request,idnum): venue = get_object_or_404(Venue,id=idnum) if venue.owner == request.user: if request.method == "GET": context = editing_venue_info(request,venue) return render(request, 'venues/settings/settings.html',context) else: result = update_venue(request,venue) context = editing_venue_info(request,get_object_or_404(Venue,id=idnum)) return render(request, 'venues/settings/settings.html', context) else: res = HttpResponse() res.status_code = 403 return res
def user_toggle_active(request):
uid = int(request.POST['id'])
if request.user.id == uid:
messages.add_message(request, messages.ERROR,
"You cannot deactivate yourself!")
response = HttpResponse('Invalid action')
response.status_code = 400
return response
else:
user = User.objects.get(id=uid)
user.is_active = not user.is_active
user.save()
return HttpResponse("Successful.")
def toggle_important_task(request):
if request.method == "POST":
pk = int(request.POST.get("pk"))
# Security check
try:
todo = ToDo.objects.get(pk=pk, creator=request.user)
if todo.creator != request.user:
raise PermissionDenied
except PermissionDenied:
response = HttpResponse(
json.dumps({"error": "Your access is denied"}))
response.status_code = 403 # To announce that the user isn't allowed to proceed
return response
except:
response = HttpResponse(
json.dumps({"error": "There was a server error"}))
response.status_code = 500 # Server error
return response
if todo.important:
todo.important = False
else:
todo.important = True
todo.save()
response_data = "success!"
return HttpResponse(json.dumps(response_data),
content_type="application/json")
else:
return HttpResponse(json.dumps(
{"nothing to see": "this isn't happening"}),
content_type="application/json")
def rank(req):
stu_type = int(req.GET.get('type'))
# stu_type = int(req.GET.get('type'))
# print('stu_type', stu_type)
connect = pymysql.Connect(
host='127.0.0.1',
port=3306,
user='******',
passwd='zhangzhao1996',
db='student',
charset='utf8'
)
cursor = connect.cursor()
sql = ''
if stu_type == 0:
sql = "SELECT grade FROM student WHERE type = 0 ORDER BY grade desc;"
elif stu_type == 1:
sql = "SELECT grade FROM student WHERE type = 1 ORDER BY grade desc;"
else:
resp = HttpResponse()
resp.status_code = 404
return resp
cursor.execute(sql)
grade_list = []
for item in cursor.fetchall():
grade_list.append(int(item[0]))
# print(grade_list)
cursor.close()
connect.close()
grade_set = np.unique(grade_list)
rank_list = []
# for grade in grade_set[::-1]:
# rank_list.append({'grade': str(grade), 'rank': str(grade_list.index(grade)+1)})
max_grade = 510
for i, grade in enumerate(grade_list):
if max_grade > grade:
max_grade = grade
rank_list.append({'grade': str(grade), 'rank': str(i+1)})
return HttpResponse(json.dumps(rank_list, ensure_ascii=False), content_type="application/json, charset=utf-8")
def edit_door_name(request):
did = request.POST['id']
name = request.POST['value']
if is_valid_name(name, id=did):
door = Door.objects.get(id=did)
door.name = name
door.save()
return HttpResponse("Successful.")
else:
messages.add_message(request, messages.ERROR,
'Name must be unique and not blank.')
response = HttpResponse('Invalid name')
response.status_code = 400
return response
def delete_comment(request,cidnum):
try:
user = request.user
comment = Comment.objects.get(id=cidnum)
cuser = comment.user
if cuser == user:
comment.reply_set.all().delete()
comment.delete()
return HttpResponse()
else:
raise Exception("user not correct")
except Exception, e:
res = HttpResponse(dumps({"status":"error"}))
res.status_code = 403
return res
def rate(request,idnum,type,sentiment):
try:
ratings = get_object_or_404(Venue,id=idnum).ratings
rating_type = TYPES[type]
good = SENTIMENTS[sentiment]
user = request.user
print user
obj, created = rating_type.objects.get_or_create(user=user,ratings=ratings,is_good=good)
if created:
old = get_or_none(rating_type,user=user,ratings=ratings,is_good=(not good))
if old: old.delete()
data = updated_stats(obj,ratings)
return HttpResponse(dumps(data))
else:
res = HttpResponse(dumps({"status":"duplicate"}))
res.status_code = 405
return res
except Exception, e:
res = HttpResponse(dumps({"status":"error"}))
res.status_code = 500
return res
def edit_keypair_fingerprint(request):
kid = request.POST['id']
fingerprint_template = request.POST['value']
keypair = Keypair.objects.get(id = kid)
if fingerprint_template == '' and not is_valid_keypair_fingerprint(kid):
messages.add_message(request, messages.ERROR, 'A fingerprint template OR an RFID card must be entered.')
response = HttpResponse("Error: A fingerprint template OR an RFID card must be entered.")
response.status_code = 400
return response
keypair.last_edited_by = request.user
keypair.fingerprint_template = fingerprint_template
keypair.save()
return HttpResponse("Successful.")
def edit_keypair_name(request):
kid = request.POST['id']
name = request.POST['value']
if is_valid_name(name, id=kid):
keypair = Keypair.objects.get(id=kid)
keypair.last_edited_by = request.user
keypair.name = name
keypair.save()
return HttpResponse("Successful.")
else:
messages.add_message(request, messages.ERROR, 'Name must be unique and not blank.')
response = HttpResponse('Invalid name')
response.status_code = 400
return response
def edit_keypair_pin(request):
pin = request.POST['value']
if is_valid_pin(pin):
keypair = Keypair.objects.get(id = request.POST['id'])
keypair.last_edited_by = request.user
keypair.pin = encrypt(pin)
keypair.hash_pin = hash_string(pin)
keypair.save()
return HttpResponse("Successful.")
else:
messages.add_message(request, messages.ERROR, 'PIN must be at least 4 numeric characters.')
response = HttpResponse("Invalid PIN: PIN must be at least 4 numeric characters.")
response.status_code = 400
return response
def delete_comment(request, id=None):
# if request.method == 'POST':
# comment = get_object_or_404(Comment, id=id)
try:
comment = Comment.objects.get(id=id)
except:
raise Http404
if comment.user != request.user:
response = HttpResponse("You do not have permission to view this.")
response.status_code = 403
return response
parent_url = comment.content_object.get_absolute_url()
comment.delete()
return HttpResponseRedirect(parent_url)
def permission_edit(request, second_id):
obj = models.Permission.objects.filter(pk=second_id)
url = memory_reverse(request, 'rbac:menu_list')
if not obj.first():
response = HttpResponse('角色不存在')
response.status_code = 404
return response
if request.method == 'GET':
form = PermissionModelForm(instance=obj.first())
return render(request, 'rbac/change.html', {'form': form})
form = PermissionModelForm(instance=obj.first(), data=request.POST)
if form.is_valid():
form.save()
return redirect(url)
return render(request, 'rbac/change.html', {'form': form})
def edit_comment(request, id=None):
if request.method == 'POST':
comment = get_object_or_404(Comment, id=id)
content = request.POST.get('content')
if comment.user != request.user:
response = HttpResponse("You do not have permission to view this.")
response.status_code = 403
return response
parent_url = comment.content_object.get_absolute_url()
comment.content = content
comment.save()
return HttpResponseRedirect(parent_url)
return HttpResponseRedirect(request.META.get('HTTP_REFERER'))
def test(request):
ret = {'status': True, 'data': None}
try:
n1 = request.POST.get('n1')
n2 = request.POST.get('n2')
content = int(n1) + int(n2)
ret['data'] = content
except Exception as ex:
ret['status'] = False
ret['error'] = str(ex)
response = HttpResponse(json.dumps(ret))
response.status_code = 200
return response
def login(request):
if request.method == 'GET':
return render(request, 'login.html')
else:
data = request.POST
print(data) #<QueryDict: {'xname': ['yuantao'], 'pwd': ['666']}>
username = data.get('xname')
password = data.get('pwd')
if username == 'yuantao' and password == '666':
return HttpResponse('ok') # 200
# ret = render(request, 'login.html', {'error':'用户名或者密码有误!!', 'username':username,'password':password})
ret = HttpResponse('not ok')
ret.status_code = 400 # 自定义状态码
return ret
def comment_delete(request, id):
instance=get_object_or_404(Comment,id=id)
if instance.user != request.user:
reponse=HttpResponse("You dont have Permissions to delete others comments")
reponse.status_code = 403
return reponse
if request.method== "POST":
parent_page=instance.content_object.get_absolute_url()
instance.delete()
return HttpResponseRedirect(parent_page)
content={
"object" : instance,
}
return render(request,"comment_delete.html",content)
def favorite_action(request,vidnum):
try:
venue = Venue.objects.get(id=vidnum)
old_favorite = get_or_none(Favorite,venue=venue, user=request.user)
status = 0
if old_favorite:
old_favorite.delete()
status = 0
else:
fav = Favorite()
fav.user = request.user
fav.venue = venue
fav.save()
status = 1
return HttpResponse(json.dumps({"is_fav": status}) ,content_type="applcation/json")
except Exception, e:
print e
res = HttpResponse()
res.status_code = 404
return res
def authenticate_credential(request):
kid = request.POST['id']
auth_val = request.POST['val']
auth_type = request.POST['type']
try:
if auth_type == 'pin':
# raises an error if not found
keypair = Keypair.objects.get(hash_pin=hash_string(auth_val), id=kid)
elif auth_type == 'rfid':
keypair = Keypair.objects.get(hash_rfid=hash_string(auth_val), id=kid)
elif auth_type == 'fingerprint':
keypair = Keypair.objects.get(id=kid)
template = keypair.fingerprint_template
if len(auth_val) != 664 or len(template) != 664:
raise ValueError("Template must be 664 characters long")
fps = FingerprintScanner(debug=False)
fps.delete_template(tid=0)
# raises an error if it contains invalid characters
template = base64.b64decode(bytes(template, 'utf-8'), validate=True)
fps.upload_template(tid=0, template=template)
# raises an error if it contains invalid characters
auth_val = base64.b64decode(bytes(auth_val, 'utf-8'), validate=True)
if fps.verify_template(tid=0, template=auth_val):
# templates match, verification ok
pass
else:
raise Exception("Templates do not match")
response_text = {'pin':decrypt(keypair.pin), 'rfid_uid':decrypt(keypair.rfid_uid), 'fingerprint_template':keypair.fingerprint_template}
return JsonResponse(response_text, safe=False)
except Exception as e:
response = HttpResponse("incorrect credentials")
response.status_code = 400
return response
def json_response(res, code=200):
res = HttpResponse(res, content_type="application/json", )
res.status_code = code
return res
def handler404(request, template_name='404.html'):
t = loader.get_template(template_name)
response = HttpResponse(t.render({}));
response.status_code = 404
return response
try:
user = request.user
comment = Comment.objects.get(id=cidnum)
cuser = comment.user
if cuser == user:
comment.reply_set.all().delete()
comment.delete()
return HttpResponse()
else:
raise Exception("user not correct")
except Exception, e:
res = HttpResponse(dumps({"status":"error"}))
res.status_code = 403
return res
res = HttpResponse()
res.status_code = 405
return res
@login_required_ajax
def delete_reply(request,ridnum):
try:
user = request.user
reply = Reply.objects.get(id=ridnum)
cuser = reply.user
if cuser == user:
reply.delete()
return HttpResponse()
else:
raise Exception("user not correct")
except Exception, e:
res = HttpResponse(dumps({"status":"error"}))
def mew(request):
response = HttpResponse('''
wow not found
''')
response.status_code = 404
return response
