def post(self):
user_name = self.PyStrEscape(self.get_argument("user_name", None))
user_password = self.get_argument("user_password", None)
if user_name and user_password:
userinfo = self.db.get("select id, name, password, salt, grade, email from usr where name='%s';" % user_name.lower())
if userinfo and check_password(user_password, userinfo['password'], userinfo['salt']):
self.session['user'] = userinfo
self.session.save()
self.write('done')
else:
self.write('user name or password error!')
else:
self.write('user name or password is empty!')
self.flush()
def post(self):
old_pwd = self.get_argument("old_password", None)
user_pwd = self.get_argument("user_password", None)
repeat_pwd = self.get_argument("repeat_password", None)
if user_pwd == repeat_pwd:
if check_password(old_pwd, self.current_user['password'], self.current_user['salt']):
pwd, salt = encrypt_password(user_pwd)
if pwd is not 'error' and self.db.execute_rowcount("update usr set password=%s, salt=%s where id=%s;", *(pwd, salt, self.current_user['id'])):
self.clear_cookie("sid")
self.session.clear()
self.write('done')
else:
self.write("olderror")
else:
self.write("newerror")
self.flush()
def post(self):
user_name = self.PyStrEscape(self.get_argument("user_name", None))
user_password = self.get_argument("user_password", None)
if user_name and user_password:
userinfo = self.db.get(
"select id, name, password, salt, grade, email from usr where name='%s';"
% user_name.lower())
if userinfo and check_password(user_password, userinfo['password'],
userinfo['salt']):
self.session['user'] = userinfo
self.session.save()
self.write('done')
else:
self.write('user name or password error!')
else:
self.write('user name or password is empty!')
self.flush()
def post(self):
old_pwd = self.get_argument("old_password", None)
user_pwd = self.get_argument("user_password", None)
repeat_pwd = self.get_argument("repeat_password", None)
if user_pwd == repeat_pwd:
if check_password(old_pwd, self.current_user['password'],
self.current_user['salt']):
pwd, salt = encrypt_password(user_pwd)
if pwd is not 'error' and self.db.execute_rowcount(
"update usr set password=%s, salt=%s where id=%s;",
*(pwd, salt, self.current_user['id'])):
self.clear_cookie("sid")
self.session.clear()
self.write('done')
else:
self.write("olderror")
else:
self.write("newerror")
self.flush()