def cms_addcmsuser(): if request.method == 'GET': roles = CMS_Role.query.all() context = dict(roles=roles) return render_template('cms/cms_addcmsuser.html', **context) else: form = AddCMSUserForm(request.form) if form.validate(): email = form.email.data username = form.username.data password = form.password.data roles = request.form.getlist('roles[]') db_user = CMS_User.query.filter_by(email=email).first() if not db_user: user = CMS_User(email=email, username=username, password=password) if roles: for role_id in roles: role = CMS_Role.query.filter_by(id=role_id).first() user.roles.append(role) db.session.add(user) db.session.commit() return xtjson.json_result() else: return xtjson.json_params_error(message=u'必须选择一个分组') else: return xtjson.json_params_error(message=u'该邮箱已注册!') else: return xtjson.json_params_error(message=form.get_error())
def add_post(): if flask.request.method == 'GET': boards = BoardModel.query.all() return flask.render_template('front/front_addpost.html', boards=boards) else: form = AddPostForm(flask.request.form) if form.validate(): title = form.title.data content = form.content.data board_id = form.board_id.data post_model = PostModel(title=title, content=content) # board_model = BoardModel.query.get(board_id).first() # board_model = BoardModel.query.filter(BoardModel.id == board_id).first() board_model = BoardModel.query.filter_by(id=board_id).first() if not board_model: return xtjson.json_params_error(message=u'没有该模板!') post_model.board = board_model post_model.author = flask.g.front_user # 写帖子积分+2 post_model.author.points += 2 db.session.add(post_model) db.session.commit() # db.session.close() return xtjson.json_result() else: return xtjson.json_params_error(message=form.get_error())
def add_cmsuser(): if flask.request.method == 'GET': roles = CMSRole.query.all() context = { 'roles': roles } return flask.render_template('cms/cms_addcmsuser.html', **context) else: form = CMSAddUserForm(flask.request.form) if form.validate(): email = form.email.data username = form.username.data password = form.password.data roles = flask.request.form.getlist('roles[]') if not roles: return xtjson.json_params_error(message=u'必须制定最少一个分组!') user = CMSUser(email=email, username=username, password=password) for role_id in roles: role = CMSRole.query.get(role_id) role.users.append(user) # user.roles.append(role) # db.session.add(user) # 先 user.roles.append(role),再 db.session.add(user)。因为user没有添加到数据库 db.session.commit() return xtjson.json_result() else: return xtjson.json_params_error(message=form.get_error())
def send_message(): phone = request.args.get('phone') if not phone: return xtjson.json_params_error(message=u'必须指定一个手机号码') if xtcache.get(phone): return xtjson.json_params_error(message=u'验证码已发送,60秒内有效') app_key = contants.APP_KEY app_secret = contants.APP_SECRET req = top.setDefaultAppInfo(app_key,app_secret) req = top.api.AlibabaAliqinFcSmsNumSendRequest() req.extend="" req.sms_type='normal' req.sms_free_sign_name = contants.ALIDAYU_SIGN_NAME graph_captcha = captcha.gene_text() req.sms_param = "{code:%s}"% graph_captcha req.rec_num = phone.decode('utf-8').encode('ascii') req.sms_template_code = contants.ALIDAYU_TEMPLATE_CODE try: resp = req.getResponse() xtcache.set(phone,graph_captcha) print xtcache.get(graph_captcha) return xtjson.json_result() except Exception,e: print e return xtjson.json_server_error()
def edit_cmsuser(): # /edit_cmsuser/?user_id=xxx # /edit_cmsuser/xxx/ if flask.request.method == 'GET': user_id = flask.request.args.get('user_id') if not user_id: flask.abort(404) user = CMSUser.query.get(user_id) roles = CMSRole.query.all() current_roles = [role.id for role in user.roles] context = { 'user': user, 'roles': roles, 'current_roles': current_roles # 存储当前用户所有的角色id } return flask.render_template('cms/cms_editcmsuser.html', **context) else: user_id = flask.request.form.get('user_id') roles = flask.request.form.getlist('roles[]') if not user_id: return xtjson.json_params_error(message=u'没有指定id!') if not roles: return xtjson.json_params_error(message=u'必须指定一个组!') user = CMSUser.query.get(user_id) # 清掉之前的角色信息 user.roles[:] = [] # 添加新的角色 for role_id in roles: role_model = CMSRole.query.get(role_id) user.roles.append(role_model) db.session.commit() return xtjson.json_result()
def edit_cmsuser(): if request.method == 'GET': id = request.args.get('user_id') if id: user = User.query.get(id) roles = CMSRoles.query.all() current_id = [role.id for role in user.roles] context = {'user': user, 'roles': roles, 'current_id': current_id} return render_template('cms/edit_cmsuser.html', **context) else: return flask.abort else: roles = request.form.getlist('roles[]') user_id = request.form.get('user_id') if not user_id: return xtjson.json_params_error(message=u'用户id不存在') if not roles: return xtjson.json_params_error(message=u'没有指定角色') user = User.query.get(user_id) user.roles[:] = [] for role in roles: role_model = CMSRoles.query.get(role) user.roles.append(role_model) db.session.commit() return xtjson.json_result()
def telphone_captcha(): telphone = flask.request.args.get('telphone') if not telphone: return xtjson.json_params_error(message=u'请输入手机号码!') if xtcache.get(telphone): return xtjson.json_params_error(message=u'该手机号码已经申请过验证码,请在10分钟后再试!') telphone_captcha = xtcaptcha.Captcha.gene_text() xtcache.set(telphone,telphone_captcha,timeout=600) # 10分钟过期 app_key = '' app_secret = '' req = top.setDefaultAppInfo(app_key,app_secret) req = top.api.AlibabaAliqinFcSmsNumSendRequest() req.extend = "" req.sms_type = 'normal' req.sms_free_sign_name = 'python论坛' req.sms_param = "{code:'%s'}" % telphone_captcha req.rec_num = telphone.decode('utf-8').encode('ascii') req.sms_template_code = 'SMS_37105066' try: resp = req.getResponse() return xtjson.json_result() except Exception,e: return xtjson.json_params_error(message=u'短信发送太频繁')
def sms_captcha(): telephone = flask.request.args.get('telephone') if not telephone: return xtjson.json_params_error(message=u'手机号不能为空!') p2 = re.compile('^0\d{2,3}\d{7,8}$|^1[3587]\d{9}$|^147\d{8}') phonematch = p2.match(telephone) if not phonematch: return xtjson.json_params_error(message=u'手机号格式错误') tel = FrontUser.query.filter_by(telephone=telephone).first() if tel: return xtjson.json_params_error(message=u'该手机号已被注册,请勿重复注册') if xtcache.get(telephone): return xtjson.json_params_error(message=u'验证码已发送,请于1分钟后重新发送') app_key = constants.ALIDAYU_APP_KEY app_secret = constants.ALIDAYU_APP_SECRET req = top.setDefaultAppInfo(app_key, app_secret) req = top.api.AlibabaAliqinFcSmsNumSendRequest() req.extend = "" req.sms_type = 'normal' req.sms_free_sign_name = constants.ALIDAYU_SIGN_NAME # 给模版的参数 captcha = Captcha.gene_text() req.sms_param = "{code:'%s'}" % captcha req.rec_num = telephone.decode('utf-8').encode('ascii') req.sms_template_code = constants.ALIDAYU_TEMPLATE_CODE try: resp = req.getResponse() xtcache.set(telephone, captcha) return xtjson.json_result() except Exception, e: print e return xtjson.json_server_error()
def star_post(): form = StarpostForm(request.form) if form.validate(): post_id = form.post_id.data is_star = form.is_star.data postmodel = Post.query.get(post_id) starpostmodel = PoststarsModel.query.filter_by( post_id=post_id, author_id=flask.g.front_user.id).first() if is_star: if starpostmodel: return xtjson.json_params_error(message=u'您已对该帖子已经点过赞!') starpostmodel = PoststarsModel() starpostmodel.author = flask.g.front_user starpostmodel.post = postmodel db.session.commit() return xtjson.json_result() else: if starpostmodel: db.session.delete(starpostmodel) db.session.commit() return xtjson.json_result() else: return xtjson.json_params_error(message=u'您还没有该帖子点赞,无需取消点赞操作') else: return xtjson.json_params_error(message=form.error_message())
def post_addcomment(): if flask.request.method == 'GET': post_id = flask.request.args.get('post_id', type=int) comment_id = flask.request.args.get('comment_id', type=int) context = {'post': PostModel.query.get(post_id)} if comment_id: context['origin_comment'] = CommentModel.query.get(comment_id) return flask.render_template('front/front_addcomment.html', **context) else: form = FrontAddCommentForm(flask.request.form) if form.validate(): # 先判断该用户是否满足COMMENT_ALLOW_POINTS个积分 if flask.g.front_user.points < constants.COMMENT_ALLOW_POINTS: message = u'您必须达到%s个积分才能评论!' % constants.COMMENT_ALLOW_POINTS return xtjson.json_params_error(message=message) post_id = form.post_id.data content = form.content.data comment_id = form.comment_id.data comment_model = CommentModel(content=content) comment_model.author = flask.g.front_user post_model = PostModel.query.get(post_id) comment_model.post = post_model if comment_id: origin_comment = CommentModel.query.get(comment_id) comment_model.origin_comment = origin_comment # 评论一次加comment_up_points个积分 flask.g.front_user.points += constants.COMMENT_UP_POINTS db.session.add(comment_model) db.session.commit() return xtjson.json_result() else: return xtjson.json_params_error(message=form.get_error())
def post_star(): form = FrontPostStarForm(flask.request.form) if form.validate(): post_id = form.post_id.data is_star = form.is_star.data post_model = PostModel.query.get(post_id) star_model = PostStarModel.query.filter_by( author_id=flask.g.front_user.id, post_id=post_id).first() if is_star: if star_model: return xtjson.json_params_error(message=u'已点赞,无需再赞') star_model = PostStarModel() star_model.author = flask.g.front_user star_model.post = post_model # 点赞一次加star_up_points个积分 flask.g.front_user.points += constants.STAR_UP_POINTS db.session.add(star_model) db.session.commit() return xtjson.json_result() else: if star_model: # 取消点赞一次扣除star_up_points个积分 flask.g.front_user.points -= constants.STAR_UP_POINTS db.session.delete(star_model) db.session.commit() return xtjson.json_result() else: return xtjson.json_params_error(message=u'你尚未点赞') else: return xtjson.json_params_error(message=form.get_error())
def star_post(): form = StarPostForm(flask.request.form) if form.validate(): post_id = form.post_id.data is_star = form.is_star.data post_model = PostModel.query.get(post_id) star_model = PostStarModel.query.filter_by( author_id=flask.g.front_user.id, post_id=post_id).first() if is_star: # 要从数据库中查找一下,当前这个点赞是否存在,如果不存在,就添加,否则就提示已经点赞了 if star_model: return xtjson.json_params_error(message=u'您已经给这篇帖子点赞了,无需再点!') star_model = PostStarModel() star_model.author = flask.g.front_user star_model.post = post_model db.session.add(star_model) db.session.commit() return xtjson.json_result() else: if star_model: db.session.delete(star_model) db.session.commit() return xtjson.json_result() else: return xtjson.json_params_error(message=u'你尚未对该帖子进行点赞!') else: return xtjson.json_params_error(message=form.get_error())
def add_comment(): if flask.request.method == 'GET': post_id = flask.request.args.get('post_id') post_model = PostModel.query.get(post_id) # db.session.close() return flask.render_template('front/front_addcoment.html', post=post_model) else: if flask.g.front_user.points < settings.COMMENT_ALLOW_POINTS: message = u'你的积分是%s,少于评论需求的%s积分,去发布帖子、写评论和做任务' \ u'挣积分吧~' % (flask.g.front_user.points, settings.COMMENT_ALLOW_POINTS) return xtjson.json_params_error(message=message) form = AddCommentForm(flask.request.form) if form.validate(): post_id = form.post_id.data content = form.content.data comment_model = CommentModel(content=content) post_model = PostModel.query.get(post_id) comment_model.post = post_model comment_model.author = flask.g.front_user # 评论积分+1 comment_model.author.points += 1 db.session.add(comment_model) db.session.commit() # db.session.close() return xtjson.json_result() else: return xtjson.json_params_error(message=form.get_error())
def cms_edit_cmsuser(): if request.method == 'GET': user_id = request.args.get('user_id') user = CMS_User.query.filter_by(id=user_id).first() roles = CMS_Role.query.all() if user: context = dict(roles=roles, user=user) return render_template('cms/cms_edit_cmsuser.html', **context) else: abort(404) else: role_ids = request.form.getlist('roles[]') user_id = request.form.get('user_id') user = CMS_User.query.filter_by(id=user_id).first() user_role_ids = [role.id for role in user.roles] if role_ids: if role_ids and role_ids == user_role_ids: return xtjson.json_params_error(message=u'原信息与提交信息一致,无需修改') else: user.roles = [] for role_id in role_ids: role = CMS_Role.query.filter_by(id=role_id).first() user.roles.append(role) db.session.commit() return xtjson.json_result() else: return xtjson.json_params_error(message=u'必须选择一个分组')
def top_article(request): # method(GET,POST) # 参数 # wiki form = TopArticleForm(request.POST) if form.is_valid(): uid = form.cleaned_data.get('uid') articleModel = ArticleModel.objects.filter(pk=uid).first() if articleModel: if not articleModel.thumbnail: return xtjson.json_params_error(message=u'有缩略图的文章才能置顶') topModel = articleModel.top if not topModel: topModel = TopModel() # 如果存在,也save一下,这样就会更新operate_time了 topModel.save() articleModel.top = topModel articleModel.save(update_fields=['top']) return xtjson.json_result() else: return xtjson.json_params_error(message=u'该文章不存在') else: return form.get_error_response()
def edit_cms_user(): if flask.request.method == 'GET': user_id = flask.request.args.get('user_id') if not user_id: return flask.abort(404) user = CMSUser.query.get(user_id) roles = CMSRole.query.all() current_roles = [role.id for role in user.roles ] context = { 'user' : user, 'roles' : roles, 'current_roles' : current_roles } return flask.render_template('cms/cms_editcmsuser.html', **context) else: user_id = flask.request.form.get('user_id') if not user_id: return xtjson.json_params_error(message=u'用户不存在') roles = flask.request.form.getlist('roles[]') if not roles: return xtjson.json_params_error(message=u'必须最少指定一个分组') user = CMSUser.query.get(user_id) user.roles[:] = [] for role_id in roles: role_model = CMSRole.query.get(role_id) user.roles.append(role_model) db.session.commit() return xtjson.json_result()
def post(self): uuid = self.get_argument('uuid', '') want_remove = self.get_argument('want_remove', '') if not uuid: message = xtjson.json_params_error(message=u'必须指定文件uuid!') self.write(message) else: file = File.by_field_first(uuid=uuid) if not file: message = xtjson.json_params_error(message=u'没有找到该文件!') self.write(message) else: if not file.is_removed: if want_remove == '1': file.is_removed = True self.db.commit() self.write(xtjson.json_result()) else: message = xtjson.json_params_error( message=u'该文件没有被删除,无需取消删除!') self.write(message) else: if want_remove == '0': file.is_removed = False self.db.commit() self.write(xtjson.json_result()) else: message = xtjson.json_params_error( message=u'该文件已删除,无需重复删除!') self.write(message)
def add_cms_user(): if flask.request.method == "GET": roles = CMSRole.query.all() context = { 'roles': roles } return flask.render_template('cms/cms_addcmsuser.html', **context) else: form = CMSAdduserForm(flask.request.form) if form.validate(): username = form.username.data email = form.email.data password = form.password.data roles = flask.request.form.getlist('roles[]') print roles if not roles: return xtjson.json_params_error(message=u'必须最少指定一个分组!') user = CMSUser(username=username,email=email,password=password) for role_id in roles: role = CMSRole.query.get(role_id) role.users.append(user) if email == CMSUser.query.filter_by(email=email).first(): return xtjson.json_params_error(message=u'该CMS用户已经存在,请勿重复添加!') db.session.commit() return xtjson.json_result() else: return xtjson.json_params_error(message=form.get_error())
def post_star(): form = PostStarForm(flask.request.form) if form.validate(): post_id = form.post_id.data is_star = form.is_star.data post_model = PostModel.query.get(post_id) star_model = PostStarModel.query.filter_by( author_id=flask.g.front_user.id, post_id=post_id).first() # 如果表单中获取到点赞的信息,再去判断数据库中这个点赞是否存在,若存在,则提示已点赞,否则添加 if is_star: if star_model: return xtjson.json_params_error(message=u'您已经给这篇帖子点赞了,无需再点!') star_model = PostStarModel() star_model.author = flask.g.front_user star_model.post = post_model db.session.add(star_model) db.session.commit() return xtjson.json_result() else: # 如果表单中不存在点赞的信息,再去数据库中查是否存在,如果存在就将它删掉,若不存在就是还没有点赞 if star_model: db.session.delete(star_model) db.session.commit() return xtjson.json_result() else: return xtjson.json_params_error(message=u'你尚未对该帖子进行点赞!') else: return xtjson.json_params_error(message=form.get_error())
def settings(): if flask.request.method == 'POST': form = SettingsForm(flask.request.form) if form.validate(): id = form.id.data username = form.username.data realname = form.realname.data qq = form.qq.data avatar = form.avatar.data signature = form.signature.data user = FrontUser.query.get(id) if user: if username and len(username) > 0: user.username = username if realname and len(realname) > 0: user.realname = realname if qq and len(qq) > 0: user.qq = qq if avatar and len(avatar) > 0: user.avatar = avatar if signature and len(signature) > 0: user.signature = signature db.session.commit() return xtjson.json_result() else: return xtjson.json_params_error(message=u'该用户不存在!') else: return xtjson.json_params_error(message=form.get_error()) else: return flask.render_template('front/account/front_settings.html')
def sms_captcha(): telephone = flask.request.args.get('telephone') # 获取用户名,用于发送短信验证码显示用户名 # username = flask.request.args.get('username') if not telephone: return xtjson.json_params_error(message=u'必须指定手机号码!') if xtcache.get(telephone): return xtjson.json_params_error(message=u'验证码已发送,请1分钟后重复发送!') # if not username: # return xtjson.json_params_error(message=u'必须输入用户名!') # 阿里大于APP_KEY及APP_SECRET app_key = constants.APP_KEY app_secret = constants.APP_SECRET req = top.setDefaultAppInfo(app_key, app_secret) req = top.api.AlibabaAliqinFcSmsNumSendRequest() req.extend = "" req.sms_type = 'normal' # 签名名称 req.sms_free_sign_name = constants.SIGN_NAME # 随即生成字符串 captcha = Captcha.gene_text() # 设置短信的模板 req.sms_param = "{code:%s}" % captcha # req.sms_param = "{username:%s,code:%s}" % (username, captcha) req.rec_num = telephone.decode('utf-8').encode('ascii') req.sms_template_code = constants.TEMPLATE_CODE try: resp = req.getResponse() xtcache.set(telephone, captcha) return xtjson.json_result() except Exception, e: print e return xtjson.json_server_error()
def del_board(): board_id = flask.request.form.get('board_id') board = BoardModel.query.get(board_id) if not board_id and board: return xtjson.json_params_error(message=u'出错了!!') if board.posts: return xtjson.json_params_error(message=u'此板块存在帖子,不能删除!') db.session.delete(board) db.session.commit() return xtjson.json_result()
def sms_captcha(): telephone = request.args.get('telephone') if not telephone: return xtjson.json_params_error(message='请输入邮箱') if rhjcache.get(telephone): return xtjson.json_params_error(message='已向该邮箱发送验证码,请2分钟后再试') text = xtcaptcha.Captcha.gene_text() celery_send_sms.delay(telephone=telephone, captcha=text) rhjcache.set(telephone, text.lower(), time=2 * 60) return xtjson.json_result()
def post(self): form = CMSResetmailForm(flask.request.form) if form.validate(): email = form.email.data if flask.g.cms_user.email == email: return xtjson.json_params_error(message=u'新邮箱与老邮箱一致,无需修改!') flask.g.cms_user.email = email db.session.commit() return xtjson.json_result() else: return xtjson.json_params_error(message=form.get_error())
def delete_cmsrole(): form = CMSIdForm(flask.request.form) if form.validate(): id = form.id.data role = CMSRole.query.filter_by(id=id).first() if len(role.users) > 0: return xtjson.json_params_error(message=u'该组下还存在用户,不能删除!') db.session.delete(role) db.session.commit() return xtjson.json_result() else: return xtjson.json_params_error(message=form.get_error())
def delete_board(): board_id = request.form.get('board_id') if not board_id: return xtjson.json_params_error(message=u'必须指定版块ID') else: board = BoardModel.query.filter_by(id=board_id).first() if not board: return xtjson.json_params_error(message=u'该板块不存在') else: db.session.delete(board) db.session.commit() return xtjson.json_result()
def black_cms_user(): form = CMSBlackCMSUserForm(flask.request.form) if form.validate(): user_id = form.user_id.data if user_id == flask.g.cms_user.id: return xtjson.json_params_error(message=u'不能拉黑自己') is_black = form.is_black.data user = CMSUser.query.get(user_id) user.is_active = not is_black db.session.commit() return xtjson.json_result() else: return xtjson.json_params_error(message=form.get_error())
def delete_board(): board_id = flask.request.form.get('board_id') if not board_id: return xtjson.json_params_error(message=u'没有板块id') board = BoardModel.query.filter_by(id=board_id).first() if not board: return xtjson.json_params_error(message=u'没有该板块') #判断板块下帖子是否大于0 # if board.posts.count[0] > 0: # return xtjson.json_params_error(message=u'该板块下有帖子,不能删除,请先删除帖子') db.session.delete(board) db.session.commit() return xtjson.json_result()
def is_black(): form = PullBlack(request.form) if form.validate(): user_id = form.user_id.data if user_id == flask.g.cms_user.id: return xtjson.json_params_error(message=u'用户不能拉黑自己') is_black = form.is_black.data user = User.query.get(user_id) user.is_active = not is_black db.session.commit() return xtjson.json_result() else: return xtjson.json_params_error(message=form.error_message())
def add_board(): author = request.form.get('author') board_name = request.form.get('name') if not board_name: return xtjson.json_params_error(message=u'添加的版块名称不能为空!') boardmodel = Boards.query.filter_by(name=board_name).first() if boardmodel: return xtjson.json_params_error(message=u'该版块已存在,无需添加!') board = Boards(name=board_name) author = User.query.filter_by(username=author).first() board.author = author db.session.commit() return xtjson.json_result()