def detail(request):
aid = cgi.escape(request.GET.get('aid'))
url = request.get_host()
detail = []
if C.isset(aid):
detail = Article.objects.get(article_id=aid)
detail.author = User.objects.get(user_id=detail.author).username
detail.content = detail.content.replace('\t', '').replace('\n', '').replace(' ', '')
navList = C.getNavList()
userInfo = request.session.get('uInfo', '')
commentHtml = commentTree(commentList, 0, False)
commentList = Comment.objects.filter(article_id=aid)
del commentList
upArticle = Article.objects.get(article_id=aid)
upArticle.look_count = upArticle.look_count+1
upArticle.save()
context = {
'userinfo' : userInfo,
'detail' : detail,
'navList' : navList,
'url' : url,
'aid' : aid,
'commentHtml' : commentHtml,
'themeHeader' : C.getThemePath() + '/Public/header.html',
'themeFooter' : C.getThemePath() + '/Public/footer.html'
}
return render(request, C.getThemePath() + 'detail.html', context)
def index(request):
url = request.get_host()
cid = request.GET.get('cid')
if C.isset(cid) == 0:
cid = 0
navList = C.getNavList()
if request.method == 'POST':
articleList = Article.objects.filter(title__icontains=cgi.escape(request.POST.get('word'))).order_by('-article_id')
elif cid == 0:
articleList = Article.objects.all().order_by('-article_id')
else:
sql = 'SELECT * FROM "' + Meta.db_table + '_article" AS article LEFT JOIN "' + Meta.db_table
sql += '_relation" AS relation ON article.article_id=relation.aid WHERE relation.cid=' + cgi.escape(cid)
#sql += " AND article.title LIKE '%%" + request.POST.get('word') + "%%'"
sql += ' ORDER BY article_id DESC'
articleList = Article.objects.raw(sql)
articleList = list(articleList)
paginator = Paginator(articleList, 5)
page = int(request.GET.get('page', 1))
try:
pagebar = paginator.page(page)
except PageNotAnInteger:
pagebar = paginator.page(1)
except EmptyPage:
pagebar = paginator.page(paginator.num_pages)
categoryList = C.getCategoryList()
userInfo = request.session.get('uInfo', '')
contentDateList = Article.objects.order_by('created').values('created').distinct()
context = {
'url' : url,
'pagebar' : pagebar,
'navList' : navList,
'userinfo' : userInfo,
'cid' : int(cid),
'articleList' : articleList,
'categoryList' : categoryList,
'webInfo' : C.getWebInfo(),
'contentDateList' : contentDateList,
'themeHeader' : C.getThemePath() + '/Public/header.html',
'themeFooter' : C.getThemePath() + '/Public/footer.html'
}
return render(request, C.getThemePath() + 'index.html', context)
def logout(request):
if request.session.get('uInfo', False) != False:
del request.session['uInfo']
context = {
'themeHeader' : C.getThemePath() + '/Public/header.html',
'themeFooter' : C.getThemePath() + '/Public/footer.html'
}
return render(request, C.getThemePath() + 'logout.html', context)
def theme_edit(request):
if C.checkLoginAdmin(request.session.get('uInfo', False)) == False:
return HttpResponseRedirect('/signin/')
else:
if request.GET.get('file'):
fileName = cgi.escape(request.GET.get('file').replace('..', '').replace('/', '').replace('%', ''))
else:
fileName = 'index.html'
if request.GET.get('theme'):
themeDir = 'themes/' + cgi.escape(request.GET.get('theme').replace('.', '')) + '/'
else:
themeDir = C.getThemePath()
fileList = []
for filename in glob.glob(os.path.split(os.path.realpath(__file__))[0] + '/templates/' + themeDir + '*.*ml'):
p,f=os.path.split(filename);
fileList.append(f)
file_object = open(os.path.split(os.path.realpath(__file__))[0] + '/templates/' + themeDir + fileName)
try:
content = file_object.read()
finally:
file_object.close()
context = {
'content' : content,
'fileList' : fileList,
'fileName' : fileName,
'themeDir' : themeDir
}
return render(request, manageThemeDir + 'theme_edit.html', context)
def signup(request):
form = None
context = {
'themeHeader' : C.getThemePath() + '/Public/header.html',
'themeFooter' : C.getThemePath() + '/Public/footer.html'
}
if request.method == 'POST':
_code = request.POST.get('code') or ''
if not _code:
return render(C.getThemePath() + 'signup.html',locals())
ca = Captcha(request)
if not ca.check(_code):
return render(request, C.getThemePath() + 'signup.html', {'error':'验证码错误'})
context['form'] = SignupForm(request.POST)
if context['form'].is_valid():
exists = User.objects.filter(username=cgi.escape(request.POST.get('username'))).count()
if exists > 0:
return render(request, 'signup.html', {'error':'用户名已存在'})
User.objects.create(
status = 1
group = 'subscriber',
email = cgi.escape(request.POST.get('email')),
username = cgi.escape(request.POST.get('username').lower()),
password = make_password(cgi.escape(request.POST.get('upwd')), None, 'pbkdf2_sha256'),
)
return HttpResponse('Success')
else:
return render(request, C.getThemePath() + 'signup.html', context)
else:
return render(request, C.getThemePath() + 'signup.html', context)
return HttpResponse('Success')
else:
return render(request, C.getThemePath() + 'signup.html', context)
else:
return render(request, C.getThemePath() + 'signup.html', context)
def signin(request):
navList = C.getNavList()
url = request.get_host()
context = {}
context['themeHeader'] = C.getThemePath() + '/Public/header.html'
context['themeFooter'] = C.getThemePath() + '/Public/footer.html'
if request.method == 'POST':
form = SigninForm(request.POST)
if not form.is_valid():
context['form'] = form
return render(request, C.getThemePath() + 'signin.html', context)
try:
userinfo = User.objects.get(username=username)
password = cgi.escape(request.POST.get('upwd'))
status = check_password(password, userinfo.password)
username = cgi.escape(request.POST.get('username').lower())
except:
