def goPartRefeshmenu(self):
referer = self.objHandle.headers.get('referer')
if not referer:
referer = 'admin?viewid=home'
menu1, menu2, menu3 = self.dl.getSysMenu(self.dl.usr_id)
if self.dl.usr_id in user_menu:
user_menu[self.dl.usr_id] = {
'menu1': menu1,
'menu2': menu2,
'menu3': menu3
}
else:
user_menu.update({
self.dl.usr_id: {
'menu1': menu1,
'menu2': menu2,
'menu3': menu3
}
})
s = self.redirect(referer)
return s
def goPartDologin(self):
dR = {'code': '1', 'MSG': ''}
login_id = self.dl.GP('inputname', '')
password = self.dl.GP('inputPassword', '')
try:
login_ip = self.objHandle.headers["X-Real-IP"]
except:
login_ip = self.objHandle.remote_addr
if login_id == '' or password == '':
dR['MSG'] = '用户名或密码不能为空'
return self.jsons(dR)
lT = self.dl.login(login_id, password)
if lT:
usr_id = lT[0][0]
login_lock = lT[0][3]
if str(login_lock) == '1':
dR['MSG'] = '您的帐号已被锁定,请联系管理员!'
return self.jsons(dR)
result = self.dl.cookie.isetcookie("__session", usr_id)
self.dl.checkuser(usr_id)
menu1, menu2, menu3 = self.dl.getSysMenu(usr_id)
if usr_id in user_menu:
user_menu[usr_id] = {
'menu1': menu1,
'menu2': menu2,
'menu3': menu3
}
else:
user_menu.update(
{usr_id: {
'menu1': menu1,
'menu2': menu2,
'menu3': menu3
}})
sql = "UPDATE users SET last_login=%s,last_ip=%s WHERE usr_id=%s"
self.dl.db.query(sql, [self.dl.getToday(7), login_ip, usr_id])
self.login_log(login_status='成功',
usr_id=usr_id,
login_id=login_id,
login_type='PC',
login_ip=login_ip)
dR['MSG'] = '登录成功!'
dR['code'] = '0'
else:
self.login_log(login_status='失败',
usr_id='0',
login_id=login_id,
login_type='PC',
login_ip=login_ip)
dR['MSG'] = '用户名或密码错误!'
return self.jsons(dR)
def goPartQrlogin(self):
dR = {'code': '0', 'MSG': '登录成功,跳转到首页'}
qrcode = self.dl.GP('qrcode', '')
if qrcode == '':
dR = {'code': '1', 'MSG': '微信验证码不能为空'}
return self.jsons(dR)
try:
login_ip = self.objHandle.headers["X-Real-IP"]
except:
login_ip = self.objHandle.remote_addr
sql = """
select id,openid from wx_msg
where coalesce(state,0)=0 and passwd=%s
and to_char(end_time,'YYYY-MM-DD HH24:MI') >to_char(now(),'YYYY-MM-DD HH24:MI')
order by id desc limit 1;
"""
lT, iN = self.dl.db.select(sql, [qrcode])
if iN == 0:
dR = {'code': '1', 'MSG': '微信验证码有误或超时'}
return self.jsons(dR)
sid, openid = lT[0]
self.dl.db.query("update wx_msg set state=1,utime=now() where id=%s", sid)
sql = """select usr_id,convert_from(decrypt(login_id::bytea,%s, 'aes'),'SQL_ASCII')
from users where wx_openid=%s"""
l, t = self.dl.db.select(sql, [self.dl.md5code,openid])
if t==0:#不存在需要注册
dR = {'code': '1', 'MSG': '您还没有注册,请注册后再登录'}
return self.jsons(dR)
#已注册直接跳转
usr_id,login_id = l[0]
result = self.dl.cookie.isetcookie("__session", usr_id)
self.dl.checkuser(usr_id)
self.dl.oUSERS_OSS.update(usr_id)
menu1, menu2, menu3 = self.dl.getSysMenu(usr_id)
if usr_id in user_menu:
user_menu[usr_id] = {
'menu1': menu1, 'menu2': menu2, 'menu3': menu3
}
else:
user_menu.update({usr_id: {
'menu1': menu1, 'menu2': menu2, 'menu3': menu3
}})
sql = "UPDATE users SET last_login=%s,last_ip=%s WHERE usr_id=%s"
self.dl.db.query(sql, [self.dl.getToday(7), login_ip, usr_id])
login_status = '成功'
self.login_log(login_status=login_status, usr_id=usr_id, login_id=login_id, login_type='PC',
login_ip=login_ip)
return self.jsons(dR)
def __init__(self, objHandle):
# if objHandle.method == 'POST':
# self.RQ = objHandle.form
# else:
# self.RQ = objHandle.args
self.REQUEST = objHandle.values
self.PEM_ROOTR = PEM_ROOTR
self.objHandle = objHandle
self.db = db
self.cookie = set_cookie(self.objHandle, CLIENT_NAME)
self.dActiveUser = {}
self.account = {}
session_user = self.cookie.igetcookie("__session")
self.usr_id = 0
self.dept_id = 0
self.usr_id_p = 0
self.md5code=md5code
self.debug = [] # 输出str信息
self.usr_name = ''
self.usrPic = ''
self.LANG = {}
self.lang = ''
self.localurl = localurl
self.usr_name = ''
# 获取网址请求过来的常用参数
self.viewid = self.GP('viewid', 'home')
self.initMenuData()# 初始当前菜单的数据
# *****************************************************************
self.part = self.GP('part', 'list')
self.backUrl = self.REQUEST.get('backUrl', '')
self.qqid = self.GP('qqid', '')
self.pk = self.GP('pk','')
self.pageNo = self.GP('pageNo', '')
if self.pageNo == '':
self.pageNo = '1'
self.pageNo = int(self.pageNo)
# *********************************************************获取网址请求过来的常用参数
self.system_menu = {}
self.lR = ['', '', '', '']
self.access = True
self.modifyUrl = False
if session_user and self.viewid not in ['login']:
self.usr_id = int(session_user['value'])
if not dActiveUser or not dActiveUser.get(self.usr_id):
f = self.checkuser(self.usr_id)
self.dActiveUser = dActiveUser.get(self.usr_id, {})
self.usr_name = self.dActiveUser.get('usr_name', '')
self.usr_id_p = self.dActiveUser.get('usr_id_p', '')
self.dept_id = self.dActiveUser.get('dept_id', '')
if not 'roles' in self.dActiveUser:
result = self.cookie.clearcookie("__session")
if 1 in self.dActiveUser['roles'].keys():
self.bIsmanage = 1
else:
self.bIsmanage = 0
# lR 的 顺序是 增,删 ,改,查。用来控制框架的几个基本权限。
# 增 lR[0] == '' 时有权限,能控制增加按钮的显示
# 删 lR[1] == '' 时有权限,能控制删除按钮的显示
# 改 lR[2] == '' 时有权限,能控制修改按钮的显示
# 查 lR[3] == '' 时有权限,能控制是否显示列表信息,以及查询框
if user_menu.get(self.usr_id, {}):
self.system_menu = user_menu.get(self.usr_id, {})
else:
menu1, menu2, menu3 = self.getSysMenu(self.usr_id)
if self.usr_id in user_menu:
user_menu[self.usr_id] = {
'menu1': menu1, 'menu2': menu2, 'menu3': menu3
}
else:
user_menu.update({self.usr_id: {
'menu1': menu1, 'menu2': menu2, 'menu3': menu3
}})
self.system_menu = user_menu.get(self.usr_id, {})
roleData = None
if self.bIsmanage == 0:
if self.sub1id != -1:
roleData = self.dActiveUser.get('menu_role').get(self.sub1id)
elif self.mnuid != -1:
roleData = self.dActiveUser.get('menu_role').get(self.mnuid)
# else:
if roleData:
n = 0
for r in roleData:
if r == 0:
self.lR[n] = '1'
n = n + 1
elif self.viewid not in access_allow:
self.lR = ['1', '1', '1', '1']
self.access = False
else:
self.lR = ['', '', '', '']
self.cur_random_no = "%s%s%s" % (time.time(), self.usr_id, random.random())
#####################################################################
self.specialinit()
self.init_data()
self.myInit()
self.oSHOP = oSHOP
self.oUSER = oUSER
self.oMALL = oMALL
self.oQINIU=oQINIU
self.oGOODS=oGOODS
self.oGOODS_D=oGOODS_D
self.oORDER_SET=oORDER_SET
self.oGOODS_N=oGOODS_N
self.oGOODS_G=oGOODS_G
self.oOPENID=oOPENID
self.oSHOP_T=oSHOP_T
self.oCATEGORY=oCATEGORY
self.oGOODS_SELL = oGOODS_SELL
self.oGOODS_PT = oGOODS_PT
self.oGOODS_DPT = oGOODS_DPT
self.oPT_GOODS = oPT_GOODS
self.oUSERS_OSS = oUSERS_OSS
self.oGOODS_H=oGOODS_H
# #####################################################################
########OSS用户自有调用
self.oss_ctype = self.oQINIU.get(self.usr_id_p).get('ctype', '')
self.oss_access_key = self.oQINIU.get(self.usr_id_p).get('access_key', '')
self.oss_secret_key = self.oQINIU.get(self.usr_id_p).get('secret_key', '')
self.oss_bucket_name = self.oQINIU.get(self.usr_id_p).get('cname', '')
self.oss_domain = self.oQINIU.get(self.usr_id_p).get('domain_url', '')
self.oss_endpoint = self.oQINIU.get(self.usr_id_p).get('endpoint', '')
########OSS公共调用
self.oss_ctype_all = self.oQINIU.get(1).get('ctype', '')
self.oss_access_key_all = self.oQINIU.get(1).get('access_key', '')
self.oss_secret_key_all = self.oQINIU.get(1).get('secret_key', '')
self.oss_bucket_name_all = self.oQINIU.get(1).get('cname', '')
self.oss_domain_all = self.oQINIU.get(1).get('domain_url', '')
self.oss_endpoint_all = self.oQINIU.get(1).get('endpoint', '')
########计算处理
self.oss_all = self.oUSERS_OSS.get(self.usr_id_p).get('oss_all', 0)
self.oss_now = self.oUSERS_OSS.get(self.usr_id_p).get('oss_now', 0)
self.qiniu_flag = self.oUSERS_OSS.get(self.usr_id_p).get('qiniu_flag', 0)
self.oss_flag = self.oUSERS_OSS.get(self.usr_id_p).get('oss_flag', 0)
def __init__(self, objHandle):
# if objHandle.method == 'POST':
# self.RQ = objHandle.form
# else:
# self.RQ = objHandle.args
self.REQUEST = objHandle.values
self.PEM_ROOTR = PEM_ROOTR
self.objHandle = objHandle
self.db = db
self.cookie = set_cookie(self.objHandle, CLIENT_NAME)
self.dActiveUser = {}
self.account = {}
session_user = self.cookie.igetcookie("__session")
self.usr_id = 0
self.dept_id = 0
self.usr_id_p = 0
self.md5code = md5code
self.debug = [] # 输出str信息
self.usr_name = ''
self.usrPic = ''
self.LANG = {}
self.lang = ''
self.localurl = localurl
self.usr_name = ''
# 获取网址请求过来的常用参数
self.viewid = self.GP(
'viewid', 'home') #self.REQUEST.get('viewid', 'home') # viewid值
self.initMenuData() # 初始当前菜单的数据
# *****************************************************************
self.part = self.GP('part', 'list') #self.REQUEST.get('part', 'list')
self.mode = self.GP('mode', 'view') #self.REQUEST.get('mode', 'view')
self.backUrl = self.REQUEST.get('backUrl', '') # 登陆后跳转
self.qqid = self.GP(
'qqid', '') #self.REQUEST.get('qqid', '').replace("'", "''")
self.pk = self.GP('pk', '') #self.REQUEST.get('pk', '') # 表单参数
self.pageNo = self.GP('pageNo', '') #self.REQUEST.get('pageNo', '')
if self.pageNo == '': self.pageNo = '1'
self.pageNo = int(self.pageNo)
# *********************************************************获取网址请求过来的常用参数
self.src = self.viewid
self.system_menu = {}
self.lR = ['', '', '', '']
self.access = True
self.modifyUrl = False
if session_user and self.viewid not in ['login']:
self.usr_id = int(
session_user['value']) # self.REQUEST.SESSION.get('usr_id')
if not dActiveUser or not dActiveUser.get(self.usr_id):
# print 'load user'
f = self.checkuser(self.usr_id)
# 当前用户
self.dActiveUser = dActiveUser.get(self.usr_id, {})
self.usr_name = self.dActiveUser.get('usr_name', '')
self.usr_id_p = self.dActiveUser.get('usr_id_p', '')
self.dept_id = self.dActiveUser.get('dept_id', '')
# self.bIsAdmin 表示是否为系统管理员
if not 'roles' in self.dActiveUser: ###没有此key就跳转到login页重新登录,防止后面语句报错. zhili.lu 2015-01-17
result = self.cookie.clearcookie("__session")
if 1 in self.dActiveUser['roles'].keys():
self.bIsAdmin = 1
else:
self.bIsAdmin = 0
# lR 的 顺序是 增,删 ,改,查。用来控制框架的几个基本权限。
# 增 lR[0] == '' 时有权限,能控制增加按钮的显示
# 删 lR[1] == '' 时有权限,能控制删除按钮的显示
# 改 lR[2] == '' 时有权限,能控制修改按钮的显示
# 查 lR[3] == '' 时有权限,能控制是否显示列表信息,以及查询框
#####修改后
if user_menu.get(self.usr_id, {}):
self.system_menu = user_menu.get(self.usr_id, {})
else:
menu1, menu2, menu3 = self.getSysMenu(self.usr_id)
if self.usr_id in user_menu:
user_menu[self.usr_id] = {
'menu1': menu1,
'menu2': menu2,
'menu3': menu3
}
else:
user_menu.update({
self.usr_id: {
'menu1': menu1,
'menu2': menu2,
'menu3': menu3
}
})
self.system_menu = user_menu.get(self.usr_id, {})
roleData = None
if self.bIsAdmin == 0:
if self.sub1id != -1:
# self.lR=getUsrRight(self.dActiveUser.get('menu_role') , self.sub1id,self.sub2id,self.sub3id) #当前用户的权限list
roleData = self.dActiveUser.get('menu_role').get(
self.sub1id)
elif self.mnuid != -1:
roleData = self.dActiveUser.get('menu_role').get(
self.mnuid)
# else:
if roleData:
n = 0
for r in roleData:
if r == 0:
self.lR[n] = '1'
n = n + 1
elif self.viewid not in access_allow:
self.lR = ['1', '1', '1', '1']
self.access = False
else:
self.lR = ['', '', '', '']
self.cur_random_no = "%s%s%s" % (time.time(), self.usr_id,
random.random())
self.account = self.my_account(self.usr_id_p)
# 用户类型
self.usr_type = self.dActiveUser.get('usr_type', 0)
# self.usrPic = self.dMemberUser['member']['pic']
self.uid = self.account.get('uid', 0)
self.weid = self.account.get('weid', 0)
self.access_token_d = {
'token': self.account.get("access_token", ''),
'expire': self.account.get("expires_in", 0)
}
self.access_token = ''
self.wx_appKey = self.account.get('key', '')
self.wx_secret = self.account.get('secret', '')
self.domain = self.account.get('domain', '')
#####################################################################
self.specialinit()
self.init_data()
self.myInit()
self.oSHOP = oSHOP
self.oUSER = oUSER
self.oMALL = oMALL
self.oQINIU = oQINIU
#self.oKUAIDI=oKUAIDI
self.oGOODS = oGOODS
self.oGOODS_D = oGOODS_D
self.oORDER_SET = oORDER_SET
self.oGOODS_N = oGOODS_N
self.oGOODS_G = oGOODS_G
self.oOPENID = oOPENID
self.oSHOP_T = oSHOP_T
self.oCATEGORY = oCATEGORY
self.oGOODS_SELL = oGOODS_SELL
self.oTOLL = oTOLL.get()
self.oGOODS_PT = oGOODS_PT
self.oGOODS_DPT = oGOODS_DPT
self.oPT_GOODS = oPT_GOODS
self.oUSERS_OSS = oUSERS_OSS
self.oGOODS_H = oGOODS_H
# #####################################################################
# ########七牛公共调用
self.qiniu_access_key_all = self.oTOLL.get('access_key')
self.qiniu_secret_key_all = self.oTOLL.get('secret_key')
self.qiniu_bucket_name_all = self.oTOLL.get('bucket')
self.qiniu_domain_all = self.oTOLL.get('qiniu_domain')
#
# ##########
self.ali_appid = self.oTOLL.get('ali_appid')
self.app_private_key = self.oTOLL.get('app_private_key')
self.ali_public_key = self.oTOLL.get('ali_public_key')
self.sms_appid = self.oTOLL.get('sms_appkey')
self.sms_appkey = self.oTOLL.get('sms_appsecret')
self.SMS_template_id = self.oTOLL.get('sms_appcode')
self.try_out = self.oTOLL.get('try_out')
self.combo_one_name = self.oTOLL.get('combo_one_name')
self.combo_one_price = self.oTOLL.get('combo_one_price')
self.combo_one_day = self.oTOLL.get('combo_one_day')
self.combo_two_name = self.oTOLL.get('combo_two_name')
self.combo_two_price = self.oTOLL.get('combo_two_price')
self.combo_two_day = self.oTOLL.get('combo_two_day')
self.combo_thr_name = self.oTOLL.get('combo_thr_name')
self.combo_thr_price = self.oTOLL.get('combo_thr_price')
self.combo_thr_day = self.oTOLL.get('combo_thr_day')
self.call_url = self.oTOLL.get('call_url')
self.re_url = self.oTOLL.get('re_url')
self.wx_appid = self.oTOLL.get('appid')
self.wx_secret = self.oTOLL.get('secret')
self.wxstatus = self.oTOLL.get('wxstatus')
self.SMS_SEND = QcloudSms(self.sms_appid, self.sms_appkey)
#
self.oss_all = self.oUSERS_OSS.get(self.usr_id_p).get('oss_all', 0)
self.oss_now = self.oUSERS_OSS.get(self.usr_id_p).get('oss_now', 0)
self.qiniu_flag = self.oUSERS_OSS.get(self.usr_id_p).get(
'qiniu_flag', 0)
self.oss_flag = self.oUSERS_OSS.get(self.usr_id_p).get('oss_flag', 0)
def goPartQrlogin(self):
dR = {'code': '0', 'MSG': '登录成功,跳转到首页'}
qrcode = self.dl.GP('qrcode', '')
if qrcode == '':
dR = {'code': '1', 'MSG': '微信验证码不能为空'}
return self.jsons(dR)
try:
login_ip = self.objHandle.headers["X-Real-IP"]
except:
login_ip = self.objHandle.remote_addr
pdata = {
'viewid': 'wxcode',
'part': 'CheckCode',
'ctype': 1,
'qrcode': qrcode
}
r = self.dl._http.post('https://wxcode.yjyzj.cn/wxcode', data=pdata)
res = r.json()
if res.get('code', '') == '1':
dR['MSG'] = '验证码错误请重新输入'
return self.jsons(dR)
elif res.get('code', '') == '2':
dR['MSG'] = '验证码有误或超时'
return self.jsons(dR)
wx_openid = res['openid']
sql = """select usr_id,wx_openid
from users where wx_openid=%s and coalesce(status,0)=1"""
l, t = self.dl.db.select(sql, [wx_openid])
if t == 0: #不存在需要注册
random_no = "%s%s" % (time.time(), random.random())
sql = """insert into users(login_id,status,ctime,random_no,wx_openid)
values(encrypt(%s,%s,'aes'),1,now(),%s,%s)"""
parm = ['', self.dl.md5code, random_no, wx_openid]
self.dl.db.query(sql, parm)
ll, tt = self.dl.db.select(
'select usr_id from users where random_no=%s', random_no)
if tt == 0:
dR['MSG'] = '注册失败了,请重新注册!'
return self.jsons(dR)
usr_id = ll[0][0]
sqlu = """
update users set dept_id=%s where usr_id=%s;
insert into usr_role (usr_id ,role_id,usr_name,cid ,ctime)
values (%s,2 ,%s,0 ,now());"""
parmu = [usr_id, usr_id, usr_id, wx_openid]
self.dl.db.query(sqlu, parmu)
self.dl.oQINIU.update(usr_id)
sql = """select usr_id,wx_openid
from users where wx_openid=%s and coalesce(status,0)=1"""
l, t = self.dl.db.select(sql, [wx_openid])
#已注册直接跳转
usr_id, login_id = l[0]
result = self.dl.cookie.isetcookie("__session", usr_id)
self.dl.checkuser(usr_id)
self.dl.oUSERS_OSS.update(usr_id)
menu1, menu2, menu3 = self.dl.getSysMenu(usr_id)
if usr_id in user_menu:
user_menu[usr_id] = {
'menu1': menu1,
'menu2': menu2,
'menu3': menu3
}
else:
user_menu.update(
{usr_id: {
'menu1': menu1,
'menu2': menu2,
'menu3': menu3
}})
sql = "UPDATE users SET last_login=%s,last_ip=%s WHERE usr_id=%s"
self.dl.db.query(sql, [self.dl.getToday(7), login_ip, usr_id])
login_status = '成功'
self.login_log(login_status=login_status,
usr_id=usr_id,
login_id=login_id,
login_type='PC',
login_ip=login_ip)
return self.jsons(dR)