Exemplo n.º 1
0
 def POST(self):
     stat, UserInfo = CheckLogin()
     if stat:
         data = web.input()
         UID = UserInfo.get('UID').encode('utf-8')
         sql = "SELECT PassWord FROM Users WHERE UID='%s'" % UID
         OldPassWord = db.QueryFirst(sql)[0].encode('utf-8')
         if data.get('OldPassWord') == OldPassWord:
             try:
                 UserName = data['UserName'].encode('utf-8')
                 Tel = data['Tel'].encode('utf-8')
                 E_mail = data['E-mail'].encode('utf-8')
                 MaxFiles = int(data['MaxFiles'])
                 MaxSize = int(data['MaxSize'])
                 NameRule = data['NameRule'].encode('utf-8')
                 Downloader = data['Downloader'].encode('utf-8')
                 NewPassword = data['NewPassWord'].encode('utf-8')
                 if not NewPassword:
                     NewPassword = OldPassWord
                 sql = "UPDATE Users SET UserName='******', Tel='%s', PassWord='******', " \
                       "`E-mail`='%s', MaxFiles=%d, MaxSize=%d, NameRule='%s', " \
                       "Downloader='%s' WHERE UID='%s'" % (UserName, Tel, NewPassword,
                         E_mail, MaxFiles, MaxSize, NameRule, Downloader, UID)
                 db.Execute(sql)
                 return Notice(u'操作成功', u'信息修改成功,请返回查看。', '/settings')
             except:
                 return Notice(u'操作失败', u'异常错误,请检查你的输入是否合法!', '/settings')
         else:
             return Notice(u'操作失败', u'密码错误!', '/settings')
     else:
         web.seeother('/login')
Exemplo n.º 2
0
def CheckLogin():
    SessionID = web.cookies().get('SessionID', None)
    result = db.QueryFirst(
        'SELECT UID, UserStatus, UserName, Tel, '
        '`E-mail`, MaxSize, MaxFiles FROM Users WHERE SessionID="%s"' %
        SessionID)
    if result:
        UserInfo = {
            'UID': result[0].decode('utf-8'),
            'UserStatus': result[1],
            'UserName': result[2].decode('utf-8'),
            'Tel': result[3].decode('utf-8'),
            'E-mail': result[4].decode('utf-8'),
            'MaxSize': result[5],
            'MaxFiles': result[6]
        }
        UserStatus = result[1]
        if UserStatus == USER_STATUS_ADMIN or UserStatus == USER_STATUS_NORMAL:
            return True, UserInfo
        elif UserStatus == USER_STATUS_FORBIDDEN:
            return True, UserInfo
        else:
            return False, {}
    else:
        return False, {}
Exemplo n.º 3
0
 def POST(self):
     data = web.input()
     UID = data.get('UID').encode('utf-8')
     # 首先检查UID是否合法
     if not UID.isalnum():
         return Notice(u'注册失败', u'用户ID必须由字母和数字构成!', '/register')
     # 其次检查UID是否重复
     result = db.QueryFirst("SELECT * FROM Users WHERE UID='%s'" % UID)
     if result:
         return Notice(u'注册失败', u'重复的学号/工号!', '/register')
     try:
         UserName = data.get('UserName').encode('utf-8')
         PassWord = data.get('PassWord').encode('utf-8')
         Tel = data.get('Tel').encode('utf-8')
         E_mail = data.get('E-mail').encode('utf-8')
         MaxSize = int(data.get('MaxSize'))
         MaxFiles = int(data.get('MaxFiles'))
         # TODO: 更改数据库格式,去除无用设置
         sql = "INSERT INTO `Users`(`UID`,`SessionID`,`UserStatus`," \
               "`UserName`,`PassWord`,`Tel`,`E-mail`,`MaxSize`,`MaxFiles`,`Downloader`) " \
               "VALUES ('%s',NULL,1,'%s','%s','%s','%s',%d,%d,'%s');" \
               % (UID, UserName, PassWord, Tel, E_mail, MaxSize, MaxFiles, cfg.read('downloader'))
         # 尝试为用户创建家目录
         user_path = os.path.join(cfg.read('global_pos'), UID)
         if not os.path.exists(user_path):
             os.mkdir(user_path)
         # 如果家目录创建成功,才更新数据库
         db.Execute(sql)
         return Notice(u'注册成功', u'请使用你新注册的帐号登录系统。', '/login')
     except Exception, err:
         return Notice(u'注册失败', u'错误: %s 请检查你的注册信息是否合法有效!' % err,
                       '/register')
Exemplo n.º 4
0
 def GET(self):
     stat, UserInfo = CheckLogin()
     if stat:
         sql = "SELECT UserName, Tel, `E-mail`, MaxFiles, MaxSize, NameRule, Downloader " \
               "FROM Users WHERE UID='%s'" % UserInfo['UID']
         result = db.QueryFirst(sql)
         MyTemplate = CreateMyTemplate('Settings.html')
         return MyTemplate.render(SiteName=cfg.read('site_name'),
                                  UserInfo=result,
                                  **UserInfo)
     else:
         web.seeother('/login')
Exemplo n.º 5
0
 def POST(self):
     stat, UserInfo = CheckLogin()
     if stat:
         if UserInfo['UserStatus'] == USER_STATUS_FORBIDDEN:
             return json.dumps({'status': 401, 'msg': u'被封禁用户无权操作!'})
         UID = UserInfo['UID'].encode('utf-8')
         data = web.input(month=[], day=[], hour=[], minute=[])
         action = data.get('action', '')
         URL_Rule = data.get('URL_Rule', '').encode('utf-8')
         # 检查URL是否合法
         if match('^\w+://', URL_Rule) is None:
             URL_Rule = 'http://%s' % URL_Rule
         Rule_Name = data.get('Rule_Name', '').encode('utf-8')
         Status = int(data.get('Status', '0'))
         TaskID = int(data.get('TaskID', '0'))
         if action == 'modify':
             try:
                 sql = "UPDATE UserTask SET URL_Rule='%s', Status=%d, Rule_Name='%s' "\
                       "WHERE TaskID=%d" % (URL_Rule, Status, Rule_Name, TaskID)
                 db.Execute(sql)
                 return json.dumps({'status': 200, 'msg': u'操作成功!'})
             except Exception, e:
                 return json.dumps({
                     'status': 400,
                     'msg': u'意外错误:%s。请检查你的输入数据。' % e
                 })
         elif action == 'delete':
             try:
                 # 注意要删除任务对应文件夹:
                 sql = "SELECT `UID`, `SubDirectory` FROM `UserTask` WHERE `TaskID` = %d" % TaskID
                 Dirs = db.QueryFirst(sql)
                 del_path = os.path.join(cfg.read('global_pos'),
                                         Dirs[0].decode('utf-8'),
                                         Dirs[1].decode('utf-8'))
                 if Dirs[1] and os.path.exists(del_path):
                     rmtree(del_path)
                 sql = "DELETE FROM `UserTask` WHERE `TaskID`=%d" % TaskID
                 db.Execute(sql)
                 sql = "DELETE FROM `CurrentTask` WHERE `TaskID`=%d" % TaskID
                 db.Execute(sql)
                 return json.dumps({'status': 200, 'msg': u'操作成功!'})
             except Exception, e:
                 return json.dumps({
                     'status': 400,
                     'msg': u'意外错误:%s。删除失败!' % e
                 })
Exemplo n.º 6
0
 def POST(self):
     data = web.input()
     UID = data.get('UID')
     PassWd = data.get("password")
     expire = data.get('expires')
     sql = 'SELECT UserName, UserStatus FROM Users WHERE UID = "%s" AND PassWord = "******"' \
           % (UID, PassWd)
     result = db.QueryFirst(sql)
     if result:
         SessionID = sha.new(repr(time()) + str(random())).hexdigest()
         web.setcookie('SessionID', SessionID, int(expire))
         sql = 'UPDATE Users SET SessionID = "%s" WHERE UID = "%s"' % (
             SessionID, UID)
         db.Execute(sql)
         web.seeother('/index')
     else:
         return Notice(u'登录失败', u'密码错误', '/login')
Exemplo n.º 7
0
 def update_worker(self, overwrite_time=None):
     # TODO: 添加任务前先检查当前网络是否连通
     # 首先选择所有任务列表中未暂停且未被下载中的任务
     sql = "SELECT * FROM `CurrentTask` WHERE `Status` = 1 ORDER BY `RepeatTimes` ASC"
     all_task = db.Query(sql)
     # 对于每一项任务进行处理,加入缓冲区
     for task in all_task:
         # 利用任务的时区信息,实例化两个时间戳
         # 并且计算当前时刻在目标时区是几点
         TimeZone = timezone(task[7])
         if overwrite_time is None:
             Now = datetime.now(TimeZone)
         else:
             Now = overwrite_time
         StartTime = TimeZone.localize(parser.parse(task[4]))
         FinishTime = TimeZone.localize(parser.parse(task[5]))
         TaskID = task[6]
         if Now > FinishTime:
             # 如果任务已经超时,直接删除
             sql = "DELETE FROM `CurrentTask` WHERE `TaskID` = %d" % TaskID
             db.Execute(sql)
         elif Now < StartTime:
             # 如果该任务尚未开始,就继续处理下一项任务
             continue
         else:
             # 如果这项任务应该被执行,就将其放入缓冲区
             sql = "SELECT `Downloader`, `CheckType`, `CheckSize` FROM `UserTask` WHERE `TaskID` = %d" % TaskID
             task_data = db.QueryFirst(sql)
             data = {
                 'TaskID': TaskID,
                 'URL': task[1],
                 # 注意这里的编码,需要传入unicode
                 'Location': task[3].decode('utf-8'),
                 'Downloader': task_data[0],
                 'CheckType': task_data[1],
                 'CheckSize': task_data[2]
             }
             self.thread_pool.insert(data)