def post(self):
"""Create a administrator.
"""
# create
fields = DotDict(corporation="",
name="",
login="",
password="",
mobile="",
phone="",
email="",
valid="",
source_id="")
list_inject = ['name', 'password', 'mobile', 'phone']
for key in list_inject:
v = self.get_argument(key, '')
# if not check_sql_injection(v):
# self.get()
# return
for key in fields.iterkeys():
fields[key] = self.get_argument(key, '')
fields.source_id = fields.source_id if fields.source_id else 5
administrator_id = self.db.execute("INSERT INTO T_ADMINISTRATOR (login, password, "
" name, mobile, phone, email, "
" corporation, source_id, valid, type)"
" VALUES (%s, password(%s), %s, %s, "
" %s, %s, %s, %s, %s, %s)",
fields.login, fields.password,
fields.name, fields.mobile,
fields.phone, fields.email,
fields.corporation,
fields.source_id, fields.valid, 2)
# insert privilege
privileges = map(int, self.get_arguments('privileges'))
if privileges:
self.db.executemany("INSERT INTO T_PRIVILEGE"
" VALUES (%s, %s)",
[(administrator_id, id)
for id in privileges])
cities = map(int, str_to_list(self.get_argument('cities', '')))
key = self.get_area_memcache_key(administrator_id)
if len(cities) == 1 and cities[0] == 0:
self.db.execute("INSERT INTO T_AREA_PRIVILEGE"
" VALUES(NULL, %s, %s, %s)",
administrator_id, AREA.CATEGORY.PROVINCE,
AREA.PROVINCE.LIAONING)
cities = self.db.query("SELECT city_id, city_name FROM T_HLR_CITY"
" WHERE province_id = %s",
AREA.PROVINCE.LIAONING)
self.redis.setvalue(key, cities)
else:
# put privilege_areas into memcached
areas = self.get_area(cities)
self.redis.setvalue(key, areas)
cities = self.db.query("SELECT region_code FROM T_HLR_CITY"
" WHERE city_id IN %s",
tuple(cities + DUMMY_IDS))
cids = [c.region_code for c in cities]
for cid in cids:
self.db.execute("INSERT INTO T_AREA_PRIVILEGE"
" VALUES (NULL, %s, %s, %s)",
administrator_id, AREA.CATEGORY.CITY, cid)
self.redirect("/administrator/list/%s" % administrator_id)
