def upload_pic_data(form): #Check session is correct if (session.check_session(form) != "passed"): login_form() return #Get file info fileInfo = form['file'] #Get user user=form["user"].value s=form["session"].value # Check if the file was uploaded if fileInfo.filename: # Remove directory path to extract name only fileName = os.path.basename(fileInfo.filename) open(IMAGEPATH+'/user1/'+user+'.jpg', 'wb').write(fileInfo.file.read()) image_url="login.cgi?action=show_image&user={user}&session={session}".format(user=user,session=s) print_html_content_type() print ('<H2>The picture ' + fileName + ' was uploaded successfully</H2>') print('<image src="'+image_url+'">') print ('<a href="login.cgi?action=return&user={user}&session={session}">Return</a>'.format(user=user,session=s)) else: message = 'No file was uploaded'
def new_template(): rqstSession = request.get_cookie('pysessionid', secret=prop('cookieSecret')) if check_session(rqstSession) is True: if request.forms.get('save', '').strip(): name = request.forms.get('name').strip() conn_string = prop('database') conn = psycopg2.connect(conn_string) cursor = conn.cursor() sql = """ insert into template (id_tmpl, template_name) values (nextval('template_id_tmpl_seq'), %(name)s) """ cursor.execute(sql, {'name': name}) conn.commit() cursor.close() return template('new_template') else: return template('new_template') else: pysessionid = '' response.set_cookie('pysessionid', pysessionid, secret=prop('cookieSecret'), Expires='Thu, 01-Jan-1970 00:00:10 GMT', httponly=True) return template('main')
def new_album(form): #Check session if session.check_session(form) != "passed": return html=""" <H1> New Album</H1> """ print_html_content_type() print(html);
def show_image(form): #Check session if session.check_session(form) != "passed": login_form() return user=form["user"].value s=form["session"].value # Read image with open(IMAGEPATH+'/user1/'+user+'.jpg', 'rb') as content_file: content = content_file.read() # Send header and image content hdr = "Content-Type: image/jpeg\nContent-Length: %d\n\n" % len(content) print hdr+content
def edit_item(id_shed): try: rqstSession = request.get_cookie('pysessionid', secret=prop('cookieSecret')) if check_session(rqstSession) is True: if request.forms.get('save', '').strip(): id_shed = request.forms.get('id_shed', '').strip() state = request.forms.get('state', '').strip() time = request.forms.get('time', '').strip() conn_string = prop('database') conn = psycopg2.connect(conn_string) cursor = conn.cursor() sql = """ update schedule set time = %(time)s, state = %(state)s where id_shed = %(id_shed)s """ cursor.execute(sql, { 'time': time, 'state': state, 'id_shed': id_shed }) conn.commit() return template('scheduleConf') else: conn_string = prop('database') conn = psycopg2.connect(conn_string) cursor = conn.cursor() sql = """ select id_shed, day, time, state from schedule where id_shed = %(id_shed)s """ cursor.execute(sql, {'id_shed': id_shed}) cur_data = cursor.fetchone() return template('edit_schedule', old=cur_data, id_shed=id_shed) else: pysessionid = '' response.set_cookie('pysessionid', pysessionid, secret=prop('cookieSecret'), Expires='Thu, 01-Jan-1970 00:00:10 GMT', httponly=True) redirect('/login') except Exception as e: logging.debug(e) return '<p>Error</p>'
def main(): try: try: rqstSession = request.get_cookie('pysessionid', secret=prop('cookieSecret')) except: pass if check_session(rqstSession) is True: try: roomTemp = check_temp.temp('room').get_temp() radTemp = check_temp.temp('rad').get_temp() outsideTemp = check_temp.temp('outside').get_temp() if request.forms.get('override', '').strip(): logging.debug('override') set_override() return template('main', roomTemp=roomTemp, radTemp=radTemp, outsideTemp=outsideTemp) except: pass return template('main', roomTemp=roomTemp, radTemp=radTemp, outsideTemp=outsideTemp) elif request.forms.get('override', '').strip() is '': rqstSession = request.get_cookie('pysessionid', secret=prop('cookieSecret')) username = request.forms.get('username').upper() password = request.forms.get('password').strip() logging.debug(password) if auth.passwd(username, password).check_password() == True: set_session(rqstSession) return template('main', roomTemp=roomTemp, radTemp=radTemp, outsideTemp=outsideTemp) else: return template('login') except Exception as e: logging.debug('exception in main: %s' % e) return '<p>Error</p>'
def new_user(): try: rqstSession = request.get_cookie('pysessionid', secret=prop('cookieSecret')) except: pass if check_session(rqstSession) is True: if request.forms.get('save', '').strip(): userid = request.forms.get('userid', '').upper() password = request.forms.get('password').strip() confpassword = request.forms.get('confpassword').strip() logging.debug('new user password = %s' % password) if password is not '' and password == confpassword and userid is not '': hashed_password = auth.passwd(userid, password).hash_password() conn_string = prop('database') conn = psycopg2.connect(conn_string) cursor = conn.cursor() sql = """ insert into users (id_usrr, userid, password) values (nextval('users_id_usrr_seq'), %(userid)s, %(password)s) """ cursor.execute(sql, { 'userid': userid, 'password': hashed_password }) conn.commit() cursor.close() redirect("/main") else: return template('newuser') else: return template('newuser') else: pysessionid = '' response.set_cookie('pysessionid', pysessionid, secret=prop('cookieSecret'), Expires='Thu, 01-Jan-1970 00:00:10 GMT', httponly=True) return template('login')
def upload(form): if session.check_session(form) != "passed": login_form() return user=form["user"].value s=form["session"].value html=""" <HTML> <HEAD> <TITLE>Upload Avatar</TITLE> <!-- Bootstrap core CSS --> <link href="http://getbootstrap.com/dist/css/bootstrap.min.css" rel="stylesheet"> <!-- Custom styles for this template --> <link href="upload.css" rel="stylesheet"> </HEAD> <BODY background="bg.jpg"> <FORM ACTION="login.cgi" METHOD="POST" enctype="multipart/form-data"> <input type="hidden" name="user" value="{user}"> <input type="hidden" name="session" value="{session}"> <input type="hidden" name="action" value="upload-pic-data"> <div style="text-align: center; color:white"> <H2>Choose a picture</H2> </div> <div style="color : white"> <INPUT style="" TYPE="FILE" NAME="file" class="custom-file-input"> </div> <br> <div style="text-align: center" > <input class="btn btn-lg btn-primary" type="submit" value="Submit"> <br> <br> <a href="login.cgi?action=return&user={user}&session={session}" style="text-align: center; color:white">Return</a> </div> </form> </BODY> </HTML> """ print_html_content_type() print(html.format(user=user,session=s))
def get_cookie(environ): """ Cookie取得メソッド :param envrion: :return: Cookieがある場合Cookie(http.cookies)を返し、無い場合Noneを返す """ if "HTTP_COOKIE" in environ: print ('[cookie]: has cookie') cookie = http.cookies.SimpleCookie() cookie.load(environ['HTTP_COOKIE']) session_id = cookie['session'].value user_id = cookie['user_id'].value if check_session(session_id, user_id) is False: return None print ('[session-id]:', session_id) print ('[login-user]:', user_id) return cookie else: print ("not exist cookie") return None
def set_temp(): rqstSession = request.get_cookie('pysessionid', secret=prop('cookieSecret')) if check_session(rqstSession) is True: if request.forms.get('save', '').strip(): target_temp = request.forms.get('temp').strip() logging.debug('target temp = %s' % target_temp) conn_string = prop('database') conn = psycopg2.connect(conn_string) cursor = conn.cursor() sql = """ update target_temp set target_temp = %(target_temp)s """ cursor.execute(sql, {'target_temp': target_temp}) conn.commit() cursor.close() redirect("/main") else: logging.debug('set temp page') conn_string = prop('database') conn = psycopg2.connect(conn_string) cursor = conn.cursor() sql = """ select target_temp from target_temp """ cursor.execute(sql) curr_temp = cursor.fetchone() logging.debug('current target temp = %s' % curr_temp) cursor.close() return template('set_temp', curr_temp=curr_temp) else: pysessionid = '' response.set_cookie('pysessionid', pysessionid, secret=prop('cookieSecret'), Expires='Thu, 01-Jan-1970 00:00:10 GMT', httponly=True) return template('main')
def get_schedule(): try: rqstSession = request.get_cookie('pysessionid', secret=prop('cookieSecret')) if check_session(rqstSession) is True: try: delete = request.query['delete'] except: delete = False try: select = request.forms.get('select') except: select = None if delete is not False: id_shed = request.query['id_shed'] conn_string = prop('database') conn = psycopg2.connect(conn_string) cursor = conn.cursor() sql = """ delete from schedule where id_shed = %(id_shed)s """ cursor.execute(sql, {'id_shed': id_shed}) conn.commit() cursor.close() return template('scheduleConf') elif select is not None: tmpl = request.forms.get('tmpl') conn_string = prop('database') conn = psycopg2.connect(conn_string) cursor = conn.cursor() sql = """ select s.id_shed, s.day, s.time, s.state, t.template_name from schedule s join template t on (s.id_tmpl = t.id_tmpl) where t.template_name = %(tmpl)s order by s.seq, s.time """ cursor.execute(sql, {'tmpl': tmpl}) result = cursor.fetchall() sql = """ update template set selected = 'N' """ cursor.execute(sql) conn.commit() sql = """ update template set selected = 'Y' where template_name = %(tmpl)s """ cursor.execute(sql, {'tmpl': tmpl}) conn.commit() sql = """ select template_name from template """ cursor.execute(sql) rows = cursor.fetchall() cursor.close() tmpl = [] for row in rows: tmpl.append(row[0]) return template('sched_table', rows=result, tmpl=tmpl) else: conn_string = prop('database') conn = psycopg2.connect(conn_string) cursor = conn.cursor() sql = """ select s.id_shed, s.day, s.time, s.state, t.template_name from schedule s join template t on (s.id_tmpl = t.id_tmpl) where t.selected = 'Y' order by seq, time """ cursor.execute(sql) result = cursor.fetchall() sql = """ select template_name, (select count(1) from template) as count from template """ cursor.execute(sql) rows = cursor.fetchall() cursor.close() tmpl = [] for row in rows: count = row[1] tmpl.append(row[0]) return template('sched_table', rows=result, tmpl=tmpl, count=count) else: pysessionid = '' response.set_cookie('pysessionid', pysessionid, secret=prop('cookieSecret'), Expires='Thu, 01-Jan-1970 00:00:10 GMT', httponly=True) redirect('/login') except Exception as e: logging.debug(e) return '<p>Error</p>'
def new_schedule(): try: rqstSession = request.get_cookie('pysessionid', secret=prop('cookieSecret')) if check_session(rqstSession) is True: if request.forms.get('save', '').strip(): day = request.forms.get('day', '').strip() state = request.forms.get('state', '').strip() time = request.forms.get('time', '').strip() tmpl = request.forms.get('tmpl', '').strip() seq_dict = { 'MONDAY': 1, 'TUESDAY': 2, 'WEDNESDAY': 3, 'THURSDAY': 4, 'FRIDAY': 5, 'SATURDAY': 6, 'SUNDAY': 7 } seq = seq_dict[day] conn_string = prop('database') conn = psycopg2.connect(conn_string) cursor = conn.cursor() sql = """ insert into schedule (id_shed, day, time, state, seq, id_tmpl) values (nextval('schedule_id_shed_seq'), %(day)s, %(time)s, %(state)s, %(seq)s, (select id_tmpl from template where template_name = %(tmpl)s)) """ cursor.execute( sql, { 'time': time, 'state': state, 'day': day, 'seq': seq, 'tmpl': tmpl }) conn.commit() cursor.close() return template('scheduleConf') else: conn_string = prop('database') conn = psycopg2.connect(conn_string) cursor = conn.cursor() sql = """ select template_name from template """ cursor.execute(sql) rows = cursor.fetchall() cursor.close() tmpl = [] for row in rows: tmpl.append(row[0]) return template('new_schedule', tmpl=tmpl) else: pysessionid = '' response.set_cookie('pysessionid', pysessionid, secret=prop('cookieSecret'), Expires='Thu, 01-Jan-1970 00:00:10 GMT', httponly=True) redirect('/login') except Exception as e: logging.debug(e) return '<p>Error</p>'