def POST(self):
post = web.input()
web.ctx.session.lan = public.get_language()
if not (hasattr(post, 'username') or hasattr(post, 'password')
or hasattr(post, 'code')):
return public.returnJson(False, 'LOGIN_USER_EMPTY')
self.errorNum(False)
if self.limitAddress('?') < 1:
return public.returnJson(False, 'LOGIN_ERR_LIMIT')
post.username = post.username.strip()
password = public.md5(post.password.strip())
sql = db.Sql()
userInfo = sql.table('users').where(
"id=?", (1, )).field('id,username,password').find()
if hasattr(web.ctx.session, 'code'):
if web.ctx.session.code:
if not public.checkCode(post.code):
public.WriteLog('TYPE_LOGIN', 'LOGIN_ERR_CODE',
('****', web.ctx.session.code, web.ctx.ip))
return public.returnJson(False, 'CODE_ERR')
try:
if userInfo['username'] != post.username or userInfo[
'password'] != password:
public.WriteLog('TYPE_LOGIN', 'LOGIN_ERR_PASS',
('****', '******', web.ctx.ip))
num = self.limitAddress('+')
return public.returnJson(False, 'LOGIN_USER_ERR', (str(num), ))
import time
login_temp = 'data/login.temp'
if not os.path.exists(login_temp): public.writeFile(
login_temp, '')
login_logs = public.readFile(login_temp)
public.writeFile(
login_temp,
login_logs + web.ctx.ip + '|' + str(int(time.time())) + ',')
web.ctx.session.login = True
web.ctx.session.username = userInfo['username']
public.WriteLog('TYPE_LOGIN', 'LOGIN_SUCCESS',
(userInfo['username'], web.ctx.ip))
self.limitAddress('-')
numFile = '/tmp/panelNum.pl'
timeFile = '/tmp/panelNime.pl'
if os.path.exists(numFile): os.remove(numFile)
if os.path.exists(timeFile): os.remove(timeFile)
return public.returnJson(True, 'LOGIN_SUCCESS')
except Exception, ex:
stringEx = str(ex)
if stringEx.find('unsupported') != -1 or stringEx.find('-1') != -1:
btClear()
return public.returnJson(False,
'磁盘Inode已用完,面板已尝试释放Inode,请重试...')
public.WriteLog('TYPE_LOGIN', 'LOGIN_ERR_PASS',
('****', '******', web.ctx.ip))
num = self.limitAddress('+')
return public.returnJson(False, 'LOGIN_USER_ERR', (str(num), ))
def POST(self):
post = web.input()
web.ctx.session.lan = public.get_language()
if not (hasattr(post, 'username') or hasattr(post, 'password')
or hasattr(post, 'code')):
return public.returnJson(False, 'LOGIN_USER_EMPTY')
if self.limitAddress('?') < 1:
return public.returnJson(False, 'LOGIN_ERR_LIMIT')
post.username = post.username.strip()
password = public.md5(post.password.strip())
if hasattr(web.ctx.session, 'code'):
if web.ctx.session.code:
if not public.checkCode(post.code):
public.WriteLog('TYPE_LOGIN', 'LOGIN_ERR_CODE',
(post.username, post.code, web.ctx.ip))
return public.returnJson(False, 'CODE_ERR')
sql = db.Sql()
userInfo = sql.table('users').where(
"username=? AND password=?",
(post.username, password)).field('id,username,password').find()
try:
if userInfo['username'] != post.username or userInfo[
'password'] != password:
public.WriteLog('TYPE_LOGIN', 'LOGIN_ERR_PASS',
(post.username, '******', web.ctx.ip))
num = self.limitAddress('+')
return public.returnJson(False, 'LOGIN_USER_ERR', (str(num), ))
import time
login_temp = 'data/login.temp'
if not os.path.exists(login_temp): public.writeFile(
login_temp, '')
login_logs = public.readFile(login_temp)
public.writeFile(
login_temp,
login_logs + web.ctx.ip + '|' + str(int(time.time())) + ',')
web.ctx.session.login = True
web.ctx.session.username = post.username
public.WriteLog('TYPE_LOGIN', 'LOGIN_SUCCESS',
(post.username, web.ctx.ip))
self.limitAddress('-')
return public.returnJson(True, 'LOGIN_SUCCESS')
except:
public.WriteLog('TYPE_LOGIN', 'LOGIN_ERR_PASS',
(post.username, '******', web.ctx.ip))
num = self.limitAddress('+')
return public.returnJson(False, 'LOGIN_USER_ERR', (str(num), ))
def setSession(self):
if not hasattr(web.ctx.session, 'brand'):
web.ctx.session.brand = public.getMsg('BRAND')
web.ctx.session.product = public.getMsg('PRODUCT')
web.ctx.session.rootPath = '/www'
web.ctx.session.webname = public.getMsg('NAME')
web.ctx.session.downloadUrl = 'http://download.bt.cn'
if os.path.exists('data/title.pl'):
web.ctx.session.webname = public.readFile('data/title.pl')
web.ctx.session.setupPath = self.setupPath
web.ctx.session.logsPath = '/www/wwwlogs'
if not hasattr(web.ctx.session, 'menu'):
web.ctx.session.menu = public.getLan('menu')
if not hasattr(web.ctx.session, 'lan'):
web.ctx.session.lan = public.get_language()
if not hasattr(web.ctx.session, 'home'):
web.ctx.session.home = 'https://www.bt.cn'
def setSession(self):
if not hasattr(web.ctx.session,'brand'):
web.ctx.session.brand = public.getMsg('BRAND');
web.ctx.session.product = public.getMsg('PRODUCT');
web.ctx.session.rootPath = '/www'
web.ctx.session.webname = public.getMsg('NAME');
web.ctx.session.downloadUrl = 'http://download.bt.cn';
if os.path.exists('data/title.pl'):
web.ctx.session.webname = public.readFile('data/title.pl');
web.ctx.session.setupPath = self.setupPath;
web.ctx.session.logsPath = '/www/wwwlogs';
if not hasattr(web.ctx.session,'menu'):
web.ctx.session.menu = public.getLan('menu');
if not hasattr(web.ctx.session,'lan'):
web.ctx.session.lan = public.get_language();
if not hasattr(web.ctx.session,'home'):
web.ctx.session.home = 'https://www.bt.cn';
def SetSession(self):
if not hasattr(web.ctx.session, 'brand'):
web.ctx.session.brand = public.getMsg('BRAND')
web.ctx.session.product = public.getMsg('PRODUCT')
web.ctx.session.rootPath = '/www'
web.ctx.session.webname = public.getMsg('NAME')
web.ctx.session.downloadUrl = 'http://download.bt.cn'
if os.path.exists('data/title.pl'):
web.ctx.session.webname = public.readFile('data/title.pl')
web.ctx.session.setupPath = '/www/server'
web.ctx.session.logsPath = '/www/wwwlogs'
if not hasattr(web.ctx.session, 'menu'):
web.ctx.session.menu = public.getLan('menu')
if not hasattr(web.ctx.session, 'lan'):
web.ctx.session.lan = public.get_language()
if not hasattr(web.ctx.session, 'home'):
web.ctx.session.home = 'https://www.bt.cn'
if not hasattr(web.ctx.session, 'webserver'):
if os.path.exists('/www/server/nginx'):
web.ctx.session.webserver = 'nginx'
else:
web.ctx.session.webserver = 'apache'
if os.path.exists('/www/server/' + web.ctx.session.webserver +
'/version.pl'):
web.ctx.session.webversion = public.readFile(
'/www/server/' + web.ctx.session.webserver +
'/version.pl').strip()
if not hasattr(web.ctx.session, 'phpmyadminDir'):
filename = '/www/server/data/phpmyadminDirName.pl'
if os.path.exists(filename):
web.ctx.session.phpmyadminDir = public.readFile(
filename).strip()
if not hasattr(web.ctx.session, 'server_os'):
tmp = {}
if os.path.exists('/etc/redhat-release'):
tmp['x'] = 'RHEL'
tmp['osname'] = public.readFile(
'/etc/redhat-release').split()[0]
elif os.path.exists('/usr/bin/yum'):
tmp['x'] = 'RHEL'
tmp['osname'] = public.readFile('/etc/issue').split()[0]
elif os.path.exists('/etc/issue'):
tmp['x'] = 'Debian'
tmp['osname'] = public.readFile('/etc/issue').split()[0]
web.ctx.session.server_os = tmp
def POST(self):
post = web.input()
web.ctx.session.lan = public.get_language();
if not (hasattr(post, 'username') or hasattr(post, 'password') or hasattr(post, 'code')):
return public.returnJson(False,'LOGIN_USER_EMPTY');
if not self.errorNum(False): return public.returnJson(False,'防暴破机制已被启动,解除命令: rm -f /tmp/panelN*.pl');
if self.limitAddress('?') < 1: return public.returnJson(False,'LOGIN_ERR_LIMIT');
post.username = post.username.strip();
password = public.md5(post.password.strip());
sql = db.Sql();
userInfo = sql.table('users').where("id=?",(1,)).field('id,username,password').find()
if hasattr(web.ctx.session,'code'):
if web.ctx.session.code:
if not public.checkCode(post.code):
public.WriteLog('TYPE_LOGIN','LOGIN_ERR_CODE',(userInfo['username'],web.ctx.session.code,web.ctx.ip));
return public.returnJson(False,'CODE_ERR');
try:
if userInfo['username'] != post.username or userInfo['password'] != password:
public.WriteLog('TYPE_LOGIN','LOGIN_ERR_PASS',(userInfo['username'],'******',web.ctx.ip));
num = self.limitAddress('+');
return public.returnJson(False,'LOGIN_USER_ERR',(str(num),));
import time;
login_temp = 'data/login.temp'
if not os.path.exists(login_temp): public.writeFile(login_temp,'');
login_logs = public.readFile(login_temp);
public.writeFile(login_temp,login_logs + web.ctx.ip + '|' + str(int(time.time())) + ',');
web.ctx.session.login = True;
web.ctx.session.username = userInfo['username'];
public.WriteLog('TYPE_LOGIN','LOGIN_SUCCESS',(userInfo['username'],web.ctx.ip));
self.limitAddress('-');
numFile = '/tmp/panelNum.pl';
timeFile = '/tmp/panelNime.pl';
if os.path.exists(numFile): os.remove(numFile);
if os.path.exists(timeFile): os.remove(timeFile);
return public.returnJson(True,'LOGIN_SUCCESS');
except:
public.WriteLog('TYPE_LOGIN','LOGIN_ERR_PASS',(userInfo['username'],'******',web.ctx.ip));
num = self.limitAddress('+');
return public.returnJson(False,'LOGIN_USER_ERR',(str(num),));
def GET(self):
if os.path.exists('/www/server/panel/install.pl'):
raise web.seeother('/install')
web.ctx.session.lan = public.get_language()
if not hasattr(session, 'webname'):
session.webname = public.getMsg('NAME')
tmp = web.ctx.host.split(':')
domain = public.readFile('data/domain.conf')
if domain:
if (tmp[0].strip() != domain.strip()):
errorStr = '''
<meta charset="utf-8">
<title>%s</title>
</head><body>
<h1>%s</h1>
<p>%s</p>
<p>%s</p>
<p>%s</p>
<hr>
<address>%s 5.x <a href="http://www.bt.cn/bbs" target="_blank">%s</a></address>
</body></html>
''' % (public.getMsg('PAGE_ERR_TITLE'),
public.getMsg('PAGE_ERR_DOMAIN_H1'),
public.getMsg('PAGE_ERR_DOMAIN_P1'),
public.getMsg('PAGE_ERR_DOMAIN_P2'),
public.getMsg('PAGE_ERR_DOMAIN_P3'), public.getMsg('NAME'),
public.getMsg('PAGE_ERR_HELP'))
web.header('Content-Type',
'text/html; charset=utf-8',
unique=True)
return errorStr
if os.path.exists('data/limitip.conf'):
iplist = public.readFile('data/limitip.conf')
if iplist:
iplist = iplist.strip()
if not web.ctx.ip in iplist.split(','):
errorStr = '''
<meta charset="utf-8">
<title>%s</title>
</head><body>
<h1>%s</h1>
<p>%s</p>
<p>%s</p>
<p>%s</p>
<hr>
<address>%s 5.x <a href="http://www.bt.cn/bbs" target="_blank">%s</a></address>
</body></html>
''' % (public.getMsg('PAGE_ERR_TITLE'), public.getMsg('PAGE_ERR_IP_H1'),
public.getMsg('PAGE_ERR_IP_P1', (web.ctx.ip, )),
public.getMsg('PAGE_ERR_IP_P2'), public.getMsg('PAGE_ERR_IP_P3'),
public.getMsg('NAME'), public.getMsg('PAGE_ERR_HELP'))
web.header('Content-Type',
'text/html; charset=utf-8',
unique=True)
return errorStr
get = web.input()
sql = db.Sql()
if hasattr(get, 'dologin'):
if web.ctx.session.login != False:
web.ctx.session.login = False
web.ctx.session.kill()
import time
time.sleep(0.2)
raise web.seeother('/login')
if hasattr(web.ctx.session, 'login'):
if web.ctx.session.login == True:
raise web.seeother('/')
if not hasattr(web.ctx.session, 'code'):
web.ctx.session.code = False
data = {}
data['lan'] = public.getLan('login')
render = web.template.render('templates/' + templateName + '/',
globals={
'session': session,
'web': web
})
return render.login(data)
def GET(self):
if os.path.exists('/www/server/panel/install.pl'): raise web.seeother('/install');
web.ctx.session.lan = public.get_language();
if not hasattr(session,'webname'): session.webname = public.getMsg('NAME');
tmp = web.ctx.host.split(':')
domain = public.readFile('data/domain.conf')
if domain:
if(tmp[0].strip() != domain.strip()):
errorStr = '''
<meta charset="utf-8">
<title>%s</title>
</head><body>
<h1>%s</h1>
<p>%s</p>
<p>%s</p>
<p>%s</p>
<hr>
<address>%s 5.x <a href="http://www.bt.cn/bbs" target="_blank">%s</a></address>
</body></html>
''' % (public.getMsg('PAGE_ERR_TITLE'),public.getMsg('PAGE_ERR_DOMAIN_H1'),public.getMsg('PAGE_ERR_DOMAIN_P1'),public.getMsg('PAGE_ERR_DOMAIN_P2'),public.getMsg('PAGE_ERR_DOMAIN_P3'),public.getMsg('NAME'),public.getMsg('PAGE_ERR_HELP'))
web.header('Content-Type','text/html; charset=utf-8', unique=True)
return errorStr
if os.path.exists('data/limitip.conf'):
iplist = public.readFile('data/limitip.conf')
if iplist:
iplist = iplist.strip();
if not web.ctx.ip in iplist.split(','):
errorStr = '''
<meta charset="utf-8">
<title>%s</title>
</head><body>
<h1>%s</h1>
<p>%s</p>
<p>%s</p>
<p>%s</p>
<hr>
<address>%s 5.x <a href="http://www.bt.cn/bbs" target="_blank">%s</a></address>
</body></html>
''' % (public.getMsg('PAGE_ERR_TITLE'),public.getMsg('PAGE_ERR_IP_H1'),public.getMsg('PAGE_ERR_IP_P1',(web.ctx.ip,)),public.getMsg('PAGE_ERR_IP_P2'),public.getMsg('PAGE_ERR_IP_P3'),public.getMsg('NAME'),public.getMsg('PAGE_ERR_HELP'))
web.header('Content-Type','text/html; charset=utf-8', unique=True)
return errorStr;
get = web.input()
sql = db.Sql()
if hasattr(get,'dologin'):
if web.ctx.session.login != False:
web.ctx.session.login = False;
web.ctx.session.kill();
import time
time.sleep(0.2);
raise web.seeother('/login')
if hasattr(web.ctx.session,'login'):
if web.ctx.session.login == True:
raise web.seeother('/')
if not hasattr(web.ctx.session,'code'):
web.ctx.session.code = False
data = {}
data['lan'] = public.getLan('login')
render = web.template.render('templates/' + templateName + '/',globals={'session': session,'web':web})
return render.login(data)
