Exemplo n.º 1
0
    def get(self, *args):

        # 访问日志处理
        dic_login_p = {}
        dic_t = {}
        txt_log = ""  # 日志的文本内容
        path_p = config.path_main + "data\\log\\z_log_web_index.csv"
        file_file = inc_file.File_file()
        dic_t["time_v"] = str_split(datetime.datetime.now())  # 访问时间
        dic_t["ip"] = self.request.remote_ip  # 获得IP
        dic_t["id"] = 0
        # 获得用户cookie资料
        try:

            str_t = self.get_secure_cookie("session_lqab_user")
            str_t = str_t.decode('utf-8')
            # 解密session字典
            str_t = secret_lqab(str_t,
                                key_p=config.dic_config["secret_key"],
                                salt_p=config.dic_config["secret_salt"],
                                secret_if="no")
            dic_login_p = eval(str_t)
            if ("id" in dic_login_p):
                dic_t["id"] = dic_login_p["id"]

        except:

            pass

        #print ("日志参数",path_p,dic_t) # 调试用

        # 将访问日志字典转化为csv格式
        if (dic_t):
            txt_log = str(
                dic_t["id"]) + "," + dic_t["ip"] + "," + dic_t["time_v"] + "\n"

        # 写入访问日志
        try:
            file_file.write_add(path_p=path_p, renew_if=0, content_p=txt_log)
        except:
            pass

        # 渲染首页
        self.render('index.html',
                    name_soft=config.dic_config["name_soft"],
                    type_soft=config.dic_config["type_soft"],
                    vol_soft=config.dic_config["vol_soft"],
                    authority_soft=config.dic_config["authority_soft"],
                    author_soft=config.dic_config["author_soft"],
                    qq_group=config.dic_config["qq_group"],
                    tel_lqab=config.dic_config["tel_lqab"],
                    url_lqab=config.dic_config["url_lqab"],
                    sys_time=str(datetime.datetime.now()))  #渲染首页
Exemplo n.º 2
0
    def do_it(self, *args):

        roles_p = ""  # 权限值初始化
        file_p = ""  # 请求功能模块名
        code_p = ""  # 请求功能模块名
        output = ""  # 请求结果的输出方式
        time_now_p = str_split(datetime.datetime.now())  # 请求时间
        path_p = config.path_main + "data\\log\\"
        dic_t = {}
        str_log = ""
        args_p = {}

        # 取得web端提交参数
        dic_t = self.request.arguments
        for x in dic_t:
            try:
                args_p[x] = dic_t[x][0].decode('utf-8')
            except:
                pass

        # 登录校验
        pass_if, dic_login_p = self.admin_login_check(
            time_alive_p=config.dic_config["time_alive"])

        if (pass_if is False):

            self.render(
                'login_admin.html',
                name_soft=config.dic_config["name_soft"],
                type_soft=config.dic_config["type_soft"],
                vol_soft=config.dic_config["vol_soft"],
            )

        # 参数处理

        roles_p = dic_login_p["roles"]
        try:
            file_p = self.browser_argument(name_p="file")
            code_p = self.browser_argument(name_p="code")
            output = self.browser_argument(name_p="output")
        except:
            pass
        print("脚本调用参数", roles_p, file_p, code_p, output)  # 调试用

        # 业务处理
        args_p["roles"] = roles_p  # 追加操作权限参数
        if ("aid" in dic_login_p):
            args_p["aid"] = str(dic_login_p["aid"])  # 追加管理员ID

        content = self.content_get(roles_p=roles_p,
                                   file_p=file_p,
                                   code_p=code_p,
                                   args_p=args_p)

        # 写入操作日志
        if (config.dic_config["log_if"] == "1"):

            path_p += "z_log_script.csv"
            args_p["time_run"] = str_split(
                datetime.datetime.now()).encode('utf_8')
            file_file = inc_file.File_file()

            # 将访问日志字典转化为csv格式
            txt_log = ""

            #print ("基础参数字典",args_p) # 调试用
            print("日志路径", path_p)  # 调试用

            if (args_p):

                try:
                    txt_log = args_p["file"][0] + "," + args_p["code"][
                        0] + "," + args_p["output"][0] + "," + args_p[
                            "roles"] + "," + args_p["time_run"] + "\n"
                    file_file.write_add(path_p=path_p,
                                        renew_if=0,
                                        content_p=txt_log)
                except:
                    pass

        # 结果展示
        if (output == "html"):
            self.write(content)  # 调试用
Exemplo n.º 3
0
    def file_do(self, roles_p=0):

        file_p = ""  # 请求功能模块名
        code_p = ""  # 请求功能模块名
        output = ""  # 请求结果的输出方式
        time_now_p = str_split(datetime.datetime.now())  # 请求时间
        path_p = config.path_main + "data\\log\\"
        dic_t = {}
        str_log = ""
        args_p = {}
        result = "<center><br><br>N/A</center>"
        content = ""

        # 取得web端提交参数
        dic_t = self.request.arguments
        for x in dic_t:
            try:
                args_p[x] = dic_t[x][0].decode('utf-8')
            except:
                pass

        # 登录校验
        pass_if, dic_login_p = self.user_login_check(
            time_alive_p=config.dic_config["time_alive"])
        #print ("基础参数",pass_if,dic_login_p) # 调试用

        # 追加参数字典
        #print ("追加前的参数字典",args_p) # 调试用
        args_p.update(dic_login_p)

        if (pass_if is False):
            result = "没有权限或登录超时"
            return result

        try:
            file_p = self.browser_argument(name_p="file")
            code_p = self.browser_argument(name_p="code")
            output = self.browser_argument(name_p="output")
        except:
            pass

        #print ("脚本调用参数",roles_p,file_p,code_p,output) # 调试用

        # 业务处理
        args_p["roles"] = roles_p  # 追加操作权限参数

        content = self.content_get(roles_p=roles_p,
                                   file_p=file_p,
                                   code_p=code_p,
                                   args_p=args_p)
        # print ("内容",content) # 调试用

        # 写入操作日志
        if (config.dic_config["log_if"] == "1"):
            path_p += "z_log_script.csv"
            args_p["time_run"] = str_split(datetime.datetime.now())
            file_file = inc_file.File_file()
            # 将访问日志字典转化为csv格式
            txt_log = ""
            if (args_p):
                txt_logo = args_p["file"] + "," + args_p[
                    "code"] + "," + args_p["output"] + "," + str(
                        args_p["roles"]) + "," + args_p["time_run"] + "\n"
                try:
                    file_file.write_add(path_p=path_p,
                                        renew_if=0,
                                        content_p=txt_log)
                except:
                    pass

        # 结果展示
        if (output == "html"):
            result = content  # 调试用

        return result
Exemplo n.º 4
0
    def admin_login_do(self, username_p="", password_p="", cookie_if=1):

        pass_if_p = False
        roles_p = ""
        dic_t = {}
        str_log = ""
        aid_p = 0  # 管理员ID
        str_t = ""
        dic_t["username"] = username_p
        dic_t["password"] = password_p
        username_p = hash_make(hash_make(username_p))  #密文处理
        password_p = hash_make(hash_make(password_p))  #密文处理
        path_p = config.path_main + "data\\log\\admin\\"

        #查询用户管理数据库

        rs_sqlite_file = Conn_sqlite3(config.path_main +
                                      config.dic_config["path_sqlite"],
                                      0)  # 生成文件数据库实例
        sql = "select roles,id from user_main where username='******' and password = '******' order by id desc limit 0,1"
        res_m, rows_m = rs_sqlite_file.read_sql(sql)

        if (res_m > 0):

            roles_p = rows_m[0][0]
            dic_t["roles"] = rows_m[0][0]
            dic_t["id"] = rows_m[0][1]
            aid_p = rows_m[0][1]
            dic_t["time_login"] = str_split(datetime.datetime.now())
            dic_t["ip"] = self.request.remote_ip
            str_log = str(dic_t)

            # 日志操作
            if (config.dic_config["log_if"] == "1"):
                path_p += "z_admin_login_" + str(rows_m[0][1]) + ".csv"
                file_file = inc_file.File_file()

            # 加密session字典
            str_t = secret_lqab(str_log,
                                key_p=config.dic_config["secret_key"],
                                salt_p=config.dic_config["secret_salt"],
                                secret_if="yes")
            pass_if_p = True

        if (pass_if_p == True):

            #print ("加密的session字典",str_t) # 调试用
            if (cookie_if == 1):
                self.set_secure_cookie("session_lqab_admin", str_t)
                txt_log = ""
                # 将访问日志字典转化为csv格式
                if (dic_t):
                    txt_log = str(
                        dic_t["id"]) + "," + dic_t["username"] + "," + dic_t[
                            "password"] + "," + dic_t["roles"] + "," + dic_t[
                                "time_login"] + "," + dic_t["ip"] + "\n"
                try:
                    file_file.write_add(path_p=path_p,
                                        renew_if=0,
                                        content_p=txt_log)
                except:
                    pass

        rs_sqlite_file.close_cur()  # 关闭数据库游标
        rs_sqlite_file.close()  # 关闭数据库连接

        return pass_if_p, roles_p, aid_p