def lookupShopList(): systemvalue = getsystemvalue() if flask.request.method == 'POST': try: sql = "select shopname,descr,price from shoplist where id={};" tempsql = " or id=".join(idList) connect = connectDatabase.connect() cursor = connect.cursor() try: cursor.execute(sql.format(tempsql)) shopvalueList = cursor.fetchall() flask.session['shopvalueList'] = shopvalueList return 'ok' except: return "dataerror" except: return 'error' shopvalue = flask.session['shopvalueList'] try: user = flask.session['username'] except: user = None return flask.render_template('shoplist.html', shopvalue=shopvalue, user=user, systemvalue=systemvalue)
def shopplay(): systemvalue = getsystemvalue() if flask.request.method == "POST": #展示商品 id = flask.request.form.get('id') connect = connectDatabase.connect() cursor = connect.cursor() try: cursor.execute( 'select imgSrc,shopname,descr,price from shoplist where id=%s;', (id)) shopvalue = cursor.fetchall() #存储商品id flask.session['id'] = id #存储临时商品信息 flask.session['tempShopInformation'] = shopvalue return 'ok' except: return 'error' finally: cursor.close() connect.close() return flask.render_template( 'shopplay.html', shopValue=flask.session['tempShopInformation'], systemvalue=systemvalue)
def addtable(): if flask.request.method == "POST": tablename = flask.request.form.get('tablename') sql = "create table " + tablename + "(id int(2) not null," count = int(flask.request.form.get('attributeCount')) i = 0 while i < count: attribute = flask.request.form.get('attribute' + str(i)) texttype = flask.request.form.get('texttype' + str(i)) length = flask.request.form.get('length' + str(i)) isNull = flask.request.form.get('isNull' + str(i)) tempSql = attribute + " " + texttype + "(" + str( length) + " ) " + isNull + "," sql += tempSql i += 1 sql += 'primary key(id));' connect = connectDatabase.connect() connect.begin() cursor = connect.cursor() try: cursor.execute(sql) connect.commit() return flask.redirect('/admin/') except: connect.rollback() return flask.redirect('/admin/table') finally: cursor.close() connect.close() return flask.render_template('addtable.html')
def create(sql): connect = connectDatabase.connect() cursor = connect.cursor() cursor.execute(sql) print("恭喜,创建成功!") cursor.close() connect.close()
def addTableData(): if flask.request.method == 'POST': tempattr = "" tempvalue = [] for i in flask.session['tableAttr']: tempattr += i[0] tempattr += "," tempvalue.append(flask.request.form.get(i[0])) sqlattr = tempattr.rsplit(',', 1)[0] sqlvalue = tuple(tempvalue) sql = "insert into " + flask.session[ 'tablename'] + "(" + sqlattr + ") values" + str(sqlvalue) + ";" connect = connectDatabase.connect() connect.begin() cursor = connect.cursor() try: cursor.execute(sql) connect.commit() return "ok" except: connect.rollback() return "错误" finally: cursor.close() connect.close() return flask.render_template('addtabledata.html', tablename=flask.session['tablename'], tableattr=flask.session['tableAttr'])
def drop(sql): connect = connectDatabase.connect() cursor = connect.cursor() cursor.execute(sql) print("删除成功!") cursor.close() connect.close()
def admin(username=None): if username == None: username = flask.session['username'] connect = connectDatabase.connect() cursor = connect.cursor() try: cursor.execute('show tables;') tables = cursor.fetchall() connect.commit() try: cursor.execute("select username from users;") users = cursor.fetchall() connect.commit() return flask.render_template('admin.html', tables=tables, users=users, username=username) except: connect.rollback() return "暂时没有数据哦" except: connect.rollback() return "数据异常!" finally: cursor.close() connect.close()
def register(): systemvalue = getsystemvalue() sqluser = '******' sqlinfor = "insert into userinformation(name,birthday,xueli,gender) values(%s,%s,%s,%s);" if flask.request.method == 'POST': username = flask.request.form.get('username') #判断用户名是否过于简单 if len(username) <= 6: print("你的用户名过于简单!") return flask.render_template("register.html") password = flask.request.form.get('password') #判断密码是否包含数字和字母 if password.isnumeric() or password.isalpha(): print("你的密码应该含有数字和字母!") return flask.render_template('register.html') quanxian = flask.request.form.get('user') connect = connectDatabase.connect() #开启事物处理 connect.begin() try: cursor = connect.cursor() try: #查询用户是否被注册 cursor.execute("select password from users where username=%s;", (username)) data = cursor.fetchall() if data[0]: return "你的账号已经被注册了!" except: name = flask.request.form.get('uname') birthday = flask.request.form.get('birthday') xueli = flask.request.form.get('xueli') gender = flask.request.form.get('gender') cursor.execute(sqlinfor, (name, birthday, xueli, gender)) #查询userinformation ID sqlSel = "select id from userinformation where name=%s;" cursor.execute(sqlSel, (name)) infor_id = cursor.fetchone()[0] cursor.execute(sqluser, (username, password, quanxian, infor_id)) connect.commit() return flask.redirect('/user/login') except: connect.rollback() return "注册失败,可能原因是你的用户名或者密码过长!" finally: cursor.close() connect.close() return flask.render_template('register.html', systemvalue=systemvalue)
def login(): systemvalue = getsystemvalue() if flask.request.method == "POST": username = flask.request.form.get('username') password = flask.request.form.get('password') goAdmin = flask.request.form.get('goAdmin') check = flask.request.form.get('check').lower() #验证两个验证码是否相等 if check == flask.session['randomcheck']: #查询是否有这个用户 connect = connectDatabase.connect() connect.begin() cursor = connect.cursor() sql = "select password,quanxian from users where username=%s;" try: cursor.execute(sql, (username)) result = cursor.fetchone() getPassword = result[0] quanxian = result[1] connect.commit() #验证密码是否相等 if password == getPassword: #查看权限等级 if quanxian == 1: flask.session['username'] = username if goAdmin == "1": return flask.redirect('/admin/' + username) return flask.redirect('/' + username) flask.session['username'] = username return flask.redirect('/' + username) return "密码错误!" except: connect.rollback() return "用户名不存在!" finally: cursor.close() connect.close() return "验证码错误!" randomcheck = "" i = 0 while i < 3: randomcheck += chr(random.randint(97, 122)) i += 1 randomcheck += chr(random.randint(48, 57)) flask.session["randomcheck"] = randomcheck return flask.render_template('login.html', randomcheck=randomcheck, systemvalue=systemvalue)
def delUser(): if flask.request.method == "POST": username = flask.request.form.get("username") connect = connectDatabase.connect() connect.begin() cursor = connect.cursor() sql = "delete from users where username=%s;" try: cursor.execute(sql, (username)) connect.commit() return "用户删除成功" except: connect.rollback() return "用户删除失败" finally: cursor.close() connect.close()
def index(username=None): #imglist = getImage() connect = connectDatabase.connect() cursor = connect.cursor() try: systemvalue = getsystemvalue() cursor.execute('select id,imgSrc,shopname from shoplist;') shopValue = cursor.fetchall() return flask.render_template('index.html', username=username, shopValue=shopValue, systemvalue=systemvalue) except: return "数据异常,请刷新重试!" finally: cursor.close() connect.close()
def lookTableData(): tablename = flask.session['tablename'] connect = connectDatabase.connect() cursor = connect.cursor() try: cursor.execute('select * from ' + tablename + ';') tablevalue = cursor.fetchall() return flask.render_template('looktabledata.html', tablename=tablename, tableattr=flask.session['tableAttr'], tablevalue=tablevalue) except: connect.rollback() return '数据异常' finally: cursor.close() connect.close()
def insert(): connect = connectDatabase.connect() cursor = connect.cursor() for i in numpy.arange(1, 25): imgUrl = "/static/image/" + str(i) + ".jpg" id = str(i) shopname = "" k = 0 while k < 20: shopname += chr(random.randint(65, 200)) k += 1 price = random.randrange(50, 1000) / 10 cursor.execute( "insert into shoplist(id,imgSrc,shopname,price) values(%s,%s,%s,%s);", (id, imgUrl, shopname, str(price))) connect.commit() print('ok') cursor.close() connect.close()
def getInformation(): systemvalue = getsystemvalue() if flask.request.method == "POST": username = flask.request.form.get('username') connect = connectDatabase.connect() cursor = connect.cursor() sql = "select a.username,a.password,a.quanxian,b.name,b.birthday,b.xueli,b.gender from users a left join userinformation b on a.infor_id=b.id where a.username=%s;" try: cursor.execute(sql, (username)) nowValue = cursor.fetchone() flask.session['tempInfor'] = nowValue return 'ok' except: return 'error' finally: cursor.close() connect.close() return flask.render_template('userinformation.html', information=flask.session['tempInfor'], systemvalue=systemvalue)
def updating(): if flask.request.method == "POST": username = flask.request.form.get('username') password = flask.request.form.get('password') sql = "update users set password=%s where username=%s;" connect = connectDatabase.connect() connect.begin() cursor = connect.cursor() try: cursor.execute(sql, (password, username)) connect.commit() return flask.redirect('/admin/') except: connect.rollback() return "密码更新失败" finally: cursor.close() connect.close() return flask.render_template('updateUser.html', username=flask.session['username'])
def adduser(): if flask.request.method == 'POST': username = flask.request.form.get('username') password = flask.request.form.get('password') connect = connectDatabase.connect() cursor = connect.cursor() try: cursor.execute("select password from users where username=%s;", (username)) getpassword = cursor.fetchall() if getpassword[0]: return "用户名已存在!" except: cursor.execute( "insert into users(username,password) values(%s,%s);", (username, password)) connect.commit() return flask.redirect('/admin/') finally: cursor.close() connect.close() return flask.render_template('adduser.html')
def result(): systemvalue = getsystemvalue() id = flask.session['id'] connect = connectDatabase.connect() cursor = connect.cursor() try: user = flask.session['username'] except: user = None try: cursor.execute( 'select shopname,imgSrc,price from shoplist where id=%s;', (id)) shopvalue = cursor.fetchall() return flask.render_template('result.html', shopValue=shopvalue, systemvalue=systemvalue, user=user) except: return "服务异常,请刷新重试!" finally: cursor.close() connect.close()
def looktable(): if flask.request.method == "POST": tablename = flask.request.form.get('tablename') connect = connectDatabase.connect() cursor = connect.cursor() sql = "desc " + tablename + ";" try: cursor.execute(sql) revalue = cursor.fetchall() #(('id', 'int(2)', 'NO', 'PRI', None, ''), # ('imgUrl', 'varchar(20)', 'NO', '', None, ''), #('descr', 'varchar(100)', 'YES', '', None, ''), # ('price', 'float', 'YES', '', None, '')) flask.session["tableAttr"] = revalue flask.session['tablename'] = tablename return 'ok' except: return "数据表名异常" finally: cursor.close() connect.close() return flask.render_template('looktable.html', tablename=flask.session['tablename'], tableattr=flask.session['tableAttr'])