def login(request):
dbconnection = dbconn()
dbconnection.connect()
if request.method == "POST":
user = request.POST.get("user")
pwd = request.POST.get("pwd")
is_logged = (pwd, ) in dbconnection.exec(
"SELECT upassword FROM userlist WHERE uname = '%s';" % user)
dbconnection.close()
if is_logged:
dbconnection = dbconn()
dbconnection.connect()
((uno, ), ) = dbconnection.exec(
"SELECT uno FROM userlist WHERE uname = '%s';" % user)
dbconnection.close()
obj = redirect("/user/%s/" % user)
obj.set_cookie('uname', user, max_age=600)
obj.set_cookie('uno', uno, max_age=600)
else:
obj = render(
request,
os.path.join(BASE_DIR, "login_interface/templates/Login.html"),
{"messages": ['Error login']})
return obj
def register(request):
dbconnection = dbconn()
dbconnection.connect()
if request.method == "POST":
user = request.POST.get("user")
pwd = request.POST.get("pwd")
pwd2 = request.POST.get("pwd2")
email = request.POST.get("email")
if pwd != pwd2:
return render(
request,
os.path.join(BASE_DIR,
"register_interface/templates/Register.html"),
{"messages": ['二次密码输入错误']})
for each in ["%", "&", "*", "_", "?", "/", "\\", "|", "!", "~"]:
if each in pwd:
return render(
request,
os.path.join(BASE_DIR,
"register_interface/templates/Register.html"),
{"messages": ['密码内含有非法字符']})
if each in user:
return render(
request,
os.path.join(BASE_DIR,
"register_interface/templates/Register.html"),
{"messages": ['用户名内含有非法字符']})
if not 5 <= len(user) <= 20:
return render(
request,
os.path.join(BASE_DIR,
"register_interface/templates/Register.html"),
{"messages": ['用户名长度非法']})
if not 5 <= len(pwd) <= 20:
return render(
request,
os.path.join(BASE_DIR,
"register_interface/templates/Register.html"),
{"messages": ['密码长度非法']})
if '@' not in email:
return render(
request,
os.path.join(BASE_DIR,
"register_interface/templates/Register.html"),
{"messages": ['邮箱格式非法']})
if len(
dbconnection.exec("SELECT * FROM userlist WHERE uname='%s';" %
user)):
return render(
request,
os.path.join(BASE_DIR,
"register_interface/templates/Register.html"),
{"messages": ['用户名已经存在']})
dbconnection.do("INSERT INTO userlist VALUES(NULL,'%s','%s','%s');" %
(user, pwd, email))
return render(
request,
os.path.join(BASE_DIR, "login_interface/templates/Login.html"),
{"messages": ['注册成功']})
def setFinished(request, uname, ptno):
cookie_username = request.COOKIES.get('uname', None)
uno = request.COOKIES.get('uno', None)
if(cookie_username == uname):
dbconnection = dbconn()
dbconnection.connect()
dbconnection.exec(f"CALL PERSONFINISH ({ptno})")
dbconnection.close()
return redirect('/user/%s/#personal' % uname)
else:
return redirect('/login')
def get_personal(uno):
dbconnection = dbconn()
dbconnection.connect()
render_data = []
raw_result = dbconnection.exec(
'select ptfinishflag, ptno, ptname, ptbegintime, ptendtime, ptfinishtime, ptimportance from ptasklist where pt_uno = %s'
% uno)
for item in raw_result:
temp_dict = {}
if item[0] == '0':
temp_dict['checked'] = ''
elif item[0] == '1':
temp_dict['checked'] = 'checked="checked"'
temp_dict['ptno'] = item[1]
temp_dict['data'] = item[1:]
render_data.append(temp_dict)
return render_data
def changeprofile(request, uname):
cookie_username = request.COOKIES.get('uname', None)
uno = request.COOKIES.get('uno', None)
if (cookie_username == uname) and request.method == "POST":
dbconnection = dbconn()
dbconnection.connect()
olduemail = request.POST.get("olduemail")
uname = request.POST.get("unamebox")
upwd = request.POST.get("upwdbox")
uemail = request.POST.get("uemail")
((olduemail_, ),
) = dbconnection.exec(f'select email from userlist where uno={uno}')
if olduemail != olduemail_:
messages.success(request, "邮箱验证失败")
return redirect(f'/user/{cookie_username}/#profile')
for each in ["%", "&", "*", "_", "?", "/", "\\", "|", "!", "~"]:
if each in upwd:
messages.success(request, '密码内含有非法字符')
return redirect(f'/user/{cookie_username}/#profile')
if each in uname:
messages.success(request, '用户名内含有非法字符')
return redirect(f'/user/{cookie_username}/#profile')
if not 5 <= len(uname) <= 20:
messages.success(request, '用户名长度非法')
return redirect(f'/user/{cookie_username}/#profile')
if not 5 <= len(upwd) <= 20:
messages.success(request, '密码长度非法')
return redirect(f'/user/{cookie_username}/#profile')
if '@' not in uemail or '@' == uemail[0] or '@' == uemail[-1]:
messages.success(request, '邮箱格式非法')
return redirect(f'/user/{cookie_username}/#profile')
if len(
dbconnection.exec(
"SELECT * FROM userlist WHERE uname='%s' and uno!='%s';" %
(uname, uno))):
messages.success(request, '用户名已经存在')
return redirect(f'/user/{cookie_username}/#profile')
dbconnection.do(
f"update userlist set uname='{uname}', upassword='******', email='{uemail}' where uno={uno}"
)
messages.success(request, '真不错 修改已经完成了')
return redirect('/login')
else:
return redirect(f'/user/{cookie_username}/#profile')
def addpersonalapi(request, uname):
cookie_username = request.COOKIES.get('uname', None)
uno = request.COOKIES.get('uno', None)
if(cookie_username == uname):
dbconnection = dbconn()
dbconnection.connect()
ptreptype = request.POST.get('ptreptype')
ptname = request.POST.get('ptname')
ptend = request.POST.get('ptend').replace('T', ' ')
ptrep = request.POST.get('ptrep')
ptimp = request.POST.get('ptimp')
ptbegintime = datetime.now().strftime('%Y-%m-%d %H:%M:%S.%f')
if ptreptype == '0':
dbconnection.doing("INSERT INTO PTaskList (ptno,pt_uno,ptname,ptbegintime,ptendtime,ptimportance) VALUES(NULL, %s, '%s', '%s', '%s', %s);" % (uno, ptname, ptbegintime, ptend, ptimp))
else:
dbconnection.doing(f"CALL P_{ptreptype}REP({ptrep},'{ptbegintime}','{ptend}',{uno},'{ptname}',{ptimp});")
dbconnection.close()
return redirect('/user/%s/#personal' % uname)
else:
return redirect('/login')
# datetime.now().strftime('%Y-%m-%d %H:%M:%S.%f')