def card_add(request): """ 发说说 :param request: :return: """ if request.method == 'GET': result = qq_face_path() return render(request, 'news/card-add.html', locals()) elif request.method == 'POST': username = request.session["username"] result = sql_my_profile(username) new_content = request.POST.get("new_content", None) new_img = request.FILES.get('new_img', '') try: if new_img: handle_uploaded_file(request.FILES['new_img'], str(request.FILES['new_img'])) new_img = "static/img/news/" + str(new_img) db = get_db() args = { # "new_id": str(get_now_time_stamp()) + str(uuid.uuid4()), # 说说id "new_id": str(uuid.uuid4()), # 说说id "username": result['username'], # 用户名 "nickname": result['nickname'], # 用户昵称 "upload_head": result['upload_head'], # 用户头像 "content": new_content, # 说说内容 "img": new_img, # 说说图片 "create_date": datetime.datetime.now().strftime('%Y-%m-%d %w %H:%M:%S') # 发表时间 } db.ebf_news.insert(args) except Exception as e: logging.error(e) return HttpResponseRedirect('/main')
def messages(request, skip=0, limit=20, field='create_time', order=-1, **kwargs): """ 数据管理 :param request: :param skip: :param limit: :param field: :param order: :param kwargs: :return: """ if request.method == 'GET': # 当前用户 username = request.session["username"] res = sql_my_profile(username) user_type = res['user_type'] return render(request, 'messages/messages.html', locals()) if request.method == 'POST': username = request.session["username"] res = sql_my_profile(username) user_type = res['user_type'] # 查询条件 title_title = kwargs.get('title_title') type_type = kwargs.get('type_type') message_name = kwargs.get('message_name') # 上传时间段 min_date = kwargs.get('min_date') max_date = kwargs.get('max_date') if user_type == 3: message_name = username results = select_messages(title_title, type_type, message_name, min_date, max_date, field, order, skip, limit) return JsonResponse(results, encoder=UTC2LocalEncoder)
def login(request): if request.method == 'POST': username = request.REQUEST.get('username', None) pwd = request.REQUEST.get('password', None) if username and pwd: pwd += username # 再次加密进行验证 password = md5_16(pwd) print("用户名: {}, 密码:{}, 加密后密码:{}".format(username, pwd, password)) # 获取的表单数据与数据库进行比较 check_pwd = User.objects.filter(username__exact=username, password__exact=password) if check_pwd: res = sql_my_profile(username) else: # 比较失败 return HttpResponse( '<html><script type="text/javascript">alert("帐号密码不匹配"); ' 'window.location="/login"</script></html>') if res["status"] == 1: # 比较成功,跳转index response = HttpResponseRedirect('/index') # 将username写入浏览器session request.session['username'] = username # 将用户类型写入session request.session['user_type'] = res['user_type'] # 将upload_head写入浏览器session request.session['upload_head'] = res['upload_head'] # 将upload_head写入浏览器cookie # 中文无法存入cookie中,可以存在session # response.set_cookie('upload_head', upload_head) # request.COOKIES['upload_head'] = upload_head return response elif res["status"] == 2: # 比较失败 return HttpResponse( '<html><script type="text/javascript">alert("您的帐号被禁用了,请联系管理员"); ' 'window.location="/login"</script></html>') elif res["status"] == 3: # 比较失败 return HttpResponse( '<html><script type="text/javascript">alert("您的帐号未通过审核,请联系管理员"); ' 'window.location="/login"</script></html>') else: return HttpResponse( '<html><script type="text/javascript">alert("帐号密码不能为空"); ' 'window.location="/login"</script></html>') elif request.method == 'GET': return render(request, 'login.html')
def index(request): # upload_head = request.COOKIES['upload_head'] # upload_head = request.COOKIES.get('upload_head', '') username = request.session["username"] res = sql_my_profile(username) user_type = res['user_type'] if user_type == 1: # 用户拥有的菜单 menu = sql_url_id() all_menu = sql_url_menu() else: # 用户拥有的菜单 menu = sql_user_type_menu(user_type) # 总菜单 all_menu = sql_url_menu() return render(request, 'index.html', locals())
def login(request): if request.method == 'POST': _code = request.POST.get('Captcha') or '' ca = code.Captcha() if ca.validate(_code): username = request.POST.get('username', None) pwd = request.POST.get('password', None) if username and pwd: pwd += username # 再次加密进行验证 password = set_password(pwd) # 获取的表单数据与数据库进行比较 user = User.objects.filter(username__exact=username, password__exact=password) if user: # 比较成功,跳转index response = HttpResponseRedirect('/index') res = sql_my_profile(username) # 将username写入浏览器session request.session['username'] = username # 将用户类型写入session request.session['user_type'] = res['user_type'] # 将upload_head写入浏览器session request.session['upload_head'] = res['upload_head'] # 将upload_head写入浏览器cookie # 中文无法存入cookie中,可以存在session # response.set_cookie('upload_head', upload_head) # request.COOKIES['upload_head'] = upload_head return response else: # 比较失败 return HttpResponse( '<html><script type="text/javascript">alert("帐号密码不匹配"); ' 'window.location="/login"</script></html>') else: return HttpResponse( '<html><script type="text/javascript">alert("帐号密码不能为空"); ' 'window.location="/login"</script></html>') else: return HttpResponse( '<html><script type="text/javascript">alert("验证码错误"); ' 'window.location="/login"</script></html>') elif request.method == 'GET': return render(request, 'login.html')
def users_edit(request): """ 对用户重置密码,更改状态等 :param request: :return: """ if request.method == 'POST': # 数据id username = request.POST.get("username") action = request.POST.get("action") user_info = sql_my_profile(username) if user_info and user_info["user_type"] != 1: ret = error(1, "操作失败了") # 初始化密码 if action == "init": new_pwd = username + username[::-1] # 用户名和密码一起加密 new_pwd += username new_pwd = md5_16(new_pwd) result = sql_update_password(new_pwd, username) if result == 'ok': ret = error(0) else: ret = error(1, "重置密码失败了") elif action == "delete": result = delete_user(username) if result == 'ok': ret = error(0) else: ret = error(1, "删除用户失败了") elif action == "update": status = request.POST.get("status") status = int(status) if status in [1, 2, 3]: result = sql_update_status(status, username) if result == 'ok': ret = error(0) else: ret = error(1, "更改用户失败了") return HttpResponse(ret) else: return HttpResponse(json.dumps({"status": -1, "data": "用户信息为空"})) return HttpResponse(json.dumps({"status": -1}))
def my_profile(request): if request.method == 'GET': username = request.session["username"] result = sql_my_profile(username) return render(request, 'my-profile.html', locals())
def messages_edit(request): """ 数据管理添加,编辑 :param request: :return: """ action = request.REQUEST.get('action', None) message_name = request.session["username"] res = sql_my_profile(message_name) user_type = res['user_type'] if action is None: return HttpResponseRedirect(reverse("404")) if request.method == 'GET': if action == 'add': title = "添加" return render(request, 'messages/messages-edit.html', locals()) if action == 'edit': title = "编辑" _id = ObjectId(request.GET.get('_id')) db = get_db() content = db.ebf_messages.find_one({'_id': _id}) content = { key.strip('_'): str(value) for key, value in content.items() } return render(request, 'messages/messages-edit.html', locals()) elif request.method == 'POST': try: if action == 'add': content_content = request.POST.get('content_content', None) type_type = request.POST.get('type_type', None) title_title = request.POST.get('title_title', None) content = { 'title_title': title_title, 'content_content': content_content, 'reply_content': "", 'type_type': type_type, 'message_name': message_name, 'create_time': datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S") } db = get_db() posts = db.ebf_messages posts.insert(content) return HttpResponse(json.dumps({"status": 0})) elif action == 'edit': _id = request.POST.get('_id', None) title_title = request.POST.get('title_title', None) content_content = request.POST.get('content_content', None) content = { 'title_title': title_title, 'content_content': content_content, } if user_type != 3: reply_content = request.POST.get('reply_content', None) content["reply_content"] = reply_content db = get_db() posts = db.ebf_messages _id = ObjectId(_id) old_content = posts.find_one({'_id': _id}) old_content.update(content) posts.update({"_id": _id}, old_content) return HttpResponse(json.dumps({"status": 0})) except Exception as e: print(e) return HttpResponse(json.dumps({"status": -1})) else: return HttpResponseRedirect(reverse("404"))