def lookupShopList():
systemvalue = getsystemvalue()
if flask.request.method == 'POST':
try:
sql = "select shopname,descr,price from shoplist where id={};"
tempsql = " or id=".join(idList)
connect = connectDatabase.connect()
cursor = connect.cursor()
try:
cursor.execute(sql.format(tempsql))
shopvalueList = cursor.fetchall()
flask.session['shopvalueList'] = shopvalueList
return 'ok'
except:
return "dataerror"
except:
return 'error'
shopvalue = flask.session['shopvalueList']
try:
user = flask.session['username']
except:
user = None
return flask.render_template('shoplist.html',
shopvalue=shopvalue,
user=user,
systemvalue=systemvalue)
def shopplay():
systemvalue = getsystemvalue()
if flask.request.method == "POST":
#展示商品
id = flask.request.form.get('id')
connect = connectDatabase.connect()
cursor = connect.cursor()
try:
cursor.execute(
'select imgSrc,shopname,descr,price from shoplist where id=%s;',
(id))
shopvalue = cursor.fetchall()
#存储商品id
flask.session['id'] = id
#存储临时商品信息
flask.session['tempShopInformation'] = shopvalue
return 'ok'
except:
return 'error'
finally:
cursor.close()
connect.close()
return flask.render_template(
'shopplay.html',
shopValue=flask.session['tempShopInformation'],
systemvalue=systemvalue)
def addtable():
if flask.request.method == "POST":
tablename = flask.request.form.get('tablename')
sql = "create table " + tablename + "(id int(2) not null,"
count = int(flask.request.form.get('attributeCount'))
i = 0
while i < count:
attribute = flask.request.form.get('attribute' + str(i))
texttype = flask.request.form.get('texttype' + str(i))
length = flask.request.form.get('length' + str(i))
isNull = flask.request.form.get('isNull' + str(i))
tempSql = attribute + " " + texttype + "(" + str(
length) + " ) " + isNull + ","
sql += tempSql
i += 1
sql += 'primary key(id));'
connect = connectDatabase.connect()
connect.begin()
cursor = connect.cursor()
try:
cursor.execute(sql)
connect.commit()
return flask.redirect('/admin/')
except:
connect.rollback()
return flask.redirect('/admin/table')
finally:
cursor.close()
connect.close()
return flask.render_template('addtable.html')
def create(sql):
connect = connectDatabase.connect()
cursor = connect.cursor()
cursor.execute(sql)
print("恭喜,创建成功!")
cursor.close()
connect.close()
def addTableData():
if flask.request.method == 'POST':
tempattr = ""
tempvalue = []
for i in flask.session['tableAttr']:
tempattr += i[0]
tempattr += ","
tempvalue.append(flask.request.form.get(i[0]))
sqlattr = tempattr.rsplit(',', 1)[0]
sqlvalue = tuple(tempvalue)
sql = "insert into " + flask.session[
'tablename'] + "(" + sqlattr + ") values" + str(sqlvalue) + ";"
connect = connectDatabase.connect()
connect.begin()
cursor = connect.cursor()
try:
cursor.execute(sql)
connect.commit()
return "ok"
except:
connect.rollback()
return "错误"
finally:
cursor.close()
connect.close()
return flask.render_template('addtabledata.html',
tablename=flask.session['tablename'],
tableattr=flask.session['tableAttr'])
def drop(sql):
connect = connectDatabase.connect()
cursor = connect.cursor()
cursor.execute(sql)
print("删除成功!")
cursor.close()
connect.close()
def admin(username=None):
if username == None:
username = flask.session['username']
connect = connectDatabase.connect()
cursor = connect.cursor()
try:
cursor.execute('show tables;')
tables = cursor.fetchall()
connect.commit()
try:
cursor.execute("select username from users;")
users = cursor.fetchall()
connect.commit()
return flask.render_template('admin.html',
tables=tables,
users=users,
username=username)
except:
connect.rollback()
return "暂时没有数据哦"
except:
connect.rollback()
return "数据异常!"
finally:
cursor.close()
connect.close()
def register():
systemvalue = getsystemvalue()
sqluser = '******'
sqlinfor = "insert into userinformation(name,birthday,xueli,gender) values(%s,%s,%s,%s);"
if flask.request.method == 'POST':
username = flask.request.form.get('username')
#判断用户名是否过于简单
if len(username) <= 6:
print("你的用户名过于简单!")
return flask.render_template("register.html")
password = flask.request.form.get('password')
#判断密码是否包含数字和字母
if password.isnumeric() or password.isalpha():
print("你的密码应该含有数字和字母!")
return flask.render_template('register.html')
quanxian = flask.request.form.get('user')
connect = connectDatabase.connect()
#开启事物处理
connect.begin()
try:
cursor = connect.cursor()
try:
#查询用户是否被注册
cursor.execute("select password from users where username=%s;",
(username))
data = cursor.fetchall()
if data[0]:
return "你的账号已经被注册了!"
except:
name = flask.request.form.get('uname')
birthday = flask.request.form.get('birthday')
xueli = flask.request.form.get('xueli')
gender = flask.request.form.get('gender')
cursor.execute(sqlinfor, (name, birthday, xueli, gender))
#查询userinformation ID
sqlSel = "select id from userinformation where name=%s;"
cursor.execute(sqlSel, (name))
infor_id = cursor.fetchone()[0]
cursor.execute(sqluser,
(username, password, quanxian, infor_id))
connect.commit()
return flask.redirect('/user/login')
except:
connect.rollback()
return "注册失败,可能原因是你的用户名或者密码过长!"
finally:
cursor.close()
connect.close()
return flask.render_template('register.html', systemvalue=systemvalue)
def login():
systemvalue = getsystemvalue()
if flask.request.method == "POST":
username = flask.request.form.get('username')
password = flask.request.form.get('password')
goAdmin = flask.request.form.get('goAdmin')
check = flask.request.form.get('check').lower()
#验证两个验证码是否相等
if check == flask.session['randomcheck']:
#查询是否有这个用户
connect = connectDatabase.connect()
connect.begin()
cursor = connect.cursor()
sql = "select password,quanxian from users where username=%s;"
try:
cursor.execute(sql, (username))
result = cursor.fetchone()
getPassword = result[0]
quanxian = result[1]
connect.commit()
#验证密码是否相等
if password == getPassword:
#查看权限等级
if quanxian == 1:
flask.session['username'] = username
if goAdmin == "1":
return flask.redirect('/admin/' + username)
return flask.redirect('/' + username)
flask.session['username'] = username
return flask.redirect('/' + username)
return "密码错误!"
except:
connect.rollback()
return "用户名不存在!"
finally:
cursor.close()
connect.close()
return "验证码错误!"
randomcheck = ""
i = 0
while i < 3:
randomcheck += chr(random.randint(97, 122))
i += 1
randomcheck += chr(random.randint(48, 57))
flask.session["randomcheck"] = randomcheck
return flask.render_template('login.html',
randomcheck=randomcheck,
systemvalue=systemvalue)
def delUser():
if flask.request.method == "POST":
username = flask.request.form.get("username")
connect = connectDatabase.connect()
connect.begin()
cursor = connect.cursor()
sql = "delete from users where username=%s;"
try:
cursor.execute(sql, (username))
connect.commit()
return "用户删除成功"
except:
connect.rollback()
return "用户删除失败"
finally:
cursor.close()
connect.close()
def index(username=None):
#imglist = getImage()
connect = connectDatabase.connect()
cursor = connect.cursor()
try:
systemvalue = getsystemvalue()
cursor.execute('select id,imgSrc,shopname from shoplist;')
shopValue = cursor.fetchall()
return flask.render_template('index.html',
username=username,
shopValue=shopValue,
systemvalue=systemvalue)
except:
return "数据异常,请刷新重试!"
finally:
cursor.close()
connect.close()
def lookTableData():
tablename = flask.session['tablename']
connect = connectDatabase.connect()
cursor = connect.cursor()
try:
cursor.execute('select * from ' + tablename + ';')
tablevalue = cursor.fetchall()
return flask.render_template('looktabledata.html',
tablename=tablename,
tableattr=flask.session['tableAttr'],
tablevalue=tablevalue)
except:
connect.rollback()
return '数据异常'
finally:
cursor.close()
connect.close()
def insert():
connect = connectDatabase.connect()
cursor = connect.cursor()
for i in numpy.arange(1, 25):
imgUrl = "/static/image/" + str(i) + ".jpg"
id = str(i)
shopname = ""
k = 0
while k < 20:
shopname += chr(random.randint(65, 200))
k += 1
price = random.randrange(50, 1000) / 10
cursor.execute(
"insert into shoplist(id,imgSrc,shopname,price) values(%s,%s,%s,%s);",
(id, imgUrl, shopname, str(price)))
connect.commit()
print('ok')
cursor.close()
connect.close()
def getInformation():
systemvalue = getsystemvalue()
if flask.request.method == "POST":
username = flask.request.form.get('username')
connect = connectDatabase.connect()
cursor = connect.cursor()
sql = "select a.username,a.password,a.quanxian,b.name,b.birthday,b.xueli,b.gender from users a left join userinformation b on a.infor_id=b.id where a.username=%s;"
try:
cursor.execute(sql, (username))
nowValue = cursor.fetchone()
flask.session['tempInfor'] = nowValue
return 'ok'
except:
return 'error'
finally:
cursor.close()
connect.close()
return flask.render_template('userinformation.html',
information=flask.session['tempInfor'],
systemvalue=systemvalue)
def updating():
if flask.request.method == "POST":
username = flask.request.form.get('username')
password = flask.request.form.get('password')
sql = "update users set password=%s where username=%s;"
connect = connectDatabase.connect()
connect.begin()
cursor = connect.cursor()
try:
cursor.execute(sql, (password, username))
connect.commit()
return flask.redirect('/admin/')
except:
connect.rollback()
return "密码更新失败"
finally:
cursor.close()
connect.close()
return flask.render_template('updateUser.html',
username=flask.session['username'])
def adduser():
if flask.request.method == 'POST':
username = flask.request.form.get('username')
password = flask.request.form.get('password')
connect = connectDatabase.connect()
cursor = connect.cursor()
try:
cursor.execute("select password from users where username=%s;",
(username))
getpassword = cursor.fetchall()
if getpassword[0]:
return "用户名已存在!"
except:
cursor.execute(
"insert into users(username,password) values(%s,%s);",
(username, password))
connect.commit()
return flask.redirect('/admin/')
finally:
cursor.close()
connect.close()
return flask.render_template('adduser.html')
def result():
systemvalue = getsystemvalue()
id = flask.session['id']
connect = connectDatabase.connect()
cursor = connect.cursor()
try:
user = flask.session['username']
except:
user = None
try:
cursor.execute(
'select shopname,imgSrc,price from shoplist where id=%s;', (id))
shopvalue = cursor.fetchall()
return flask.render_template('result.html',
shopValue=shopvalue,
systemvalue=systemvalue,
user=user)
except:
return "服务异常,请刷新重试!"
finally:
cursor.close()
connect.close()
def looktable():
if flask.request.method == "POST":
tablename = flask.request.form.get('tablename')
connect = connectDatabase.connect()
cursor = connect.cursor()
sql = "desc " + tablename + ";"
try:
cursor.execute(sql)
revalue = cursor.fetchall()
#(('id', 'int(2)', 'NO', 'PRI', None, ''),
# ('imgUrl', 'varchar(20)', 'NO', '', None, ''),
#('descr', 'varchar(100)', 'YES', '', None, ''),
# ('price', 'float', 'YES', '', None, ''))
flask.session["tableAttr"] = revalue
flask.session['tablename'] = tablename
return 'ok'
except:
return "数据表名异常"
finally:
cursor.close()
connect.close()
return flask.render_template('looktable.html',
tablename=flask.session['tablename'],
tableattr=flask.session['tableAttr'])
