def admin_user_update(dic):
query = "update user set username='******',usergroup='%s',realname='%s',phone='%s',qq='%s' where uid=='%s';"
args = (dic['username'], dic['usergroup'], dic['realname'], dic['phone'],
dic['qq'], dic['uid'])
db.query_db(query % args, True, True)
if dic['password'] != getUserByUid(dic['uid'])['password']:
db.query_db(
"update user set password='******' where uid=='%s';" %
(md5(dic['password']), dic['uid']), True, True)
def login(username, password):
if len(
db.query_db(
"select * from user where username=='%s' collate nocase and password=='%s';"
% (username, md5(password)))) == 0:
return False
return True
def get_last_pid():
res = db.query_db(
"select pid from projects order by id DESC limit 1;", [], True)
Id = 0
if len(res) != 0:
Id = res['pid']
return Id
def getAllUsers():
res = db.query_db("select * from user")
l = len(res)
for i in range(0, l):
for key in res[i].keys():
if res[i][key] == None:
res[i][key] = ""
return res
def getUser(username):
res = db.query_db(
"select * from user where username='******' collate nocase;" % username,
True)
for key in res.keys():
if res[key] == None:
res[key] = ""
return res
def register(username, password):
if len(
db.query_db(
"select * from user where username=='%s' collate nocase;" %
(username))) == 0:
uid = db.getNextId('uid', 'user')
if uid == '1':
db.query_db(
"insert into user(uid,username,password,avatar,usergroup) values('%s','%s','%s','%s','%s');"
%
(uid, username, md5(password), '/static/img/default.png', '0'),
True, True)
else:
db.query_db(
"insert into user(uid,username,password,avatar,usergroup) values('%s','%s','%s','%s','%s');"
%
(uid, username, md5(password), '/static/img/default.png', '1'),
True, True)
return True
else:
return False
def config_updata(password, avatar, phone, qq, realname, info):
uid = session['user']['uid']
usergroup = session['user']['usergroup']
db.query_db(
"update user set avatar='%s',phone='%s',qq='%s',info='%s' where uid=='%s';"
% (avatar, phone, qq, info, uid), True, True)
if password != "":
db.query_db(
"update user set password='******' where uid=='%s';" %
(md5(password), uid), True, True)
if usergroup != "2" and realname != "":
db.query_db(
"update user set realname='%s' where uid=='%s';" % (realname, uid),
True, True)
def getAllProjects():
return db.query_db("select * from project")
def getUserByUid(uid):
res = db.query_db("select * from user where uid='%s';" % uid, True)
for key in res.keys():
if res[key] == None:
res[key] = ""
return res
def search(key):
query = "select * from project where title like '{0}' or abstract like '{0}' or content like '{0}';"
return db.query_db(query.format(key))
def admin_user_del(uid):
db.query_db("delete from user where uid == '%s';" % (uid), True, True)
def get_project(pid):
res = db.query_db('select * from projects where pid=?;', [pid], True)
return res
def get_projects():
res = db.query_db(
'select * from projects where deleted = 0 order by pid DESC;')
return res
def update_project(pid, title, content, time):
db.query_db("update projects set title='%s',content='%s',time='%s',deleted=%s where pid=%s;", [
title, content, time, pid])
def delete_project(pid, deleted):
db.query_db("update projects set deleted=%s where pid=%s;", [deleted, pid])
def add_project(uid, content, title, time):
pid = get_last_pid() + 1
db.query_db("insert into projects(pid,uid,title,content,time,deleted) values(%s,%s,'%s','%s','%s',0);", [
pid, uid, title, content, time])
