def del_data():
if 'whereJson' in req.form:
try:
dict_where = json.loads(req.form['whereJson'])
if len(dict_where) != 1:
return make_response('whereJson错误')
except:
return make_response('whereJson错误')
else:
return make_response('whereJson错误')
result = mysqldb.del_data(table_name, dict_where)
# print(result)
if result:
# 操作记录
content = 'whereJson=' + re.sub(
r'\"', "'", json.dumps(dict_where, ensure_ascii=False))
dict_record = {
'username': dict_login['username'],
'dbName': table_name,
'action': '删除',
'content': content,
'os': dict_login['os'],
'px': dict_login['px'],
'ip': req.remote_addr,
'time': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
}
mysqldb.set_record(dict_record)
return make_response('操作成功')
else:
return make_response('操作失败')
def update_data(self):
if 'whereStr' in self.req.form:
str_where = self.req.form['whereStr']
if not str_where:
return make_response('whereStr错误')
else:
return make_response('whereStr错误')
if 'updateJson' in self.req.form:
try:
dict_update = json.loads(self.req.form['updateJson'])
if len(dict_update) == 0:
return make_response('updateJson错误')
if 'id' in dict_update:
return make_response('updateJson错误')
except:
return make_response('updateJson错误')
else:
return make_response('updateJson错误')
dict_update['update_name'] = self.dict_login['username']
dict_update['update_time'] = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
result = mysqldb.update_data(self.table_name, str_where, dict_update)
# print(result)
if result:
# 操作记录
content = 'whereStr=' + re.sub(r'\"', "'", str_where) + '&updateJson=' + re.sub(r'\"', "'", json.dumps(dict_update, ensure_ascii=False))
dict_record = {'username': self.dict_login['username'], 'dbName': self.table_name, 'action': '修改', 'content': content, 'os': self.dict_login['os'], 'px': self.dict_login['px'], 'ip': self.req.remote_addr, 'time': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())}
mysqldb.set_record(dict_record)
return make_response('操作成功')
else:
return make_response('操作失败')
def update_data():
if 'whereStr' in req.form:
str_where = req.form['whereStr']
if not str_where:
return make_response('whereStr错误')
else:
return make_response('whereStr错误')
if 'updateJson' in req.form:
try:
dict_update = json.loads(req.form['updateJson'])
if len(dict_update) == 0:
return make_response('updateJson错误')
if 'id' in dict_update or 'username' in dict_update:
return make_response('updateJson错误')
except:
return make_response('updateJson错误')
else:
return make_response('updateJson错误')
if 'password' in dict_update:
if len(dict_update['password']) < 6:
return make_response('密码长度不能小于6')
else:
password = "******" + dict_update['password'] + dict_update[
'password'][0:3]
md5 = hashlib.md5()
md5.update(password.encode(encoding='utf-8'))
md5_password = md5.hexdigest()
dict_update['password'] = md5_password
else:
pass
dict_update['update_name'] = dict_login['username']
dict_update['update_time'] = time.strftime("%Y-%m-%d %H:%M:%S",
time.localtime())
result = mysqldb.update_data(table_name, str_where, dict_update)
# print(result)
if result:
# 操作记录
content = 'whereStr=' + re.sub(
r'\"', "'", str_where) + '&updateJson=' + re.sub(
r'\"', "'", json.dumps(dict_update, ensure_ascii=False))
dict_record = {
'username': dict_login['username'],
'dbName': table_name,
'action': '修改',
'content': content,
'os': dict_login['os'],
'px': dict_login['px'],
'ip': req.remote_addr,
'time': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
}
mysqldb.set_record(dict_record)
return make_response('操作成功')
else:
return make_response('操作失败')
def insert_data(self):
if 'dataArr' in self.req.form:
try:
list_data = json.loads(self.req.form['dataArr'])
if len(list_data) == 0:
return make_response('dataArr错误')
except:
return make_response('dataArr错误')
else:
return make_response('dataArr错误')
for item in list_data:
item['create_name'] = self.dict_login['username']
item['create_time'] = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
item['update_name'] = ''
item['update_time'] = ''
result = mysqldb.insert_data(self.table_name, list_data)
# print(result)
if result:
# 操作记录
content = 'dataArr=' + re.sub(r'\"', "'", json.dumps(list_data, ensure_ascii=False))
dict_record = {'username': self.dict_login['username'], 'dbName': self.table_name, 'action': '增加', 'content': content, 'os': self.dict_login['os'], 'px': self.dict_login['px'], 'ip': self.req.remote_addr, 'time': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())}
mysqldb.set_record(dict_record)
return make_response('操作成功')
else:
return make_response('操作失败')
def insert_data():
if 'dataArr' in req.form:
try:
list_data = json.loads(req.form['dataArr'])
if len(list_data) == 0:
return make_response('dataArr错误')
except:
return make_response('dataArr错误')
else:
return make_response('dataArr错误')
upload_files = req.files.getlist("file")
for i, file in enumerate(upload_files):
now_time = time.strftime("%Y-%m-%d-%H-%M-%S",
time.localtime()) + "-" + str(
time.time())[11:15]
now_path = os.path.dirname(
os.path.dirname(__file__)
) + "/static/uploadFile/" + now_time + "___" + file.filename
if not os.path.exists(now_path):
file.save(now_path)
else:
pass
url = "/static/uploadFile/" + now_time + "___" + file.filename
list_data[i]['name'] = file.filename
list_data[i]['size'] = os.path.getsize(now_path)
list_data[i]['url'] = url
list_data[i]['create_name'] = dict_login['username']
list_data[i]['create_time'] = time.strftime(
"%Y-%m-%d %H:%M:%S", time.localtime())
# print(list_data)
result = mysqldb.insert_data(table_name, list_data)
# print(result)
if result:
# 操作记录
content = 'dataArr=' + re.sub(
r'\"', "'", json.dumps(list_data, ensure_ascii=False))
dict_record = {
'username': dict_login['username'],
'dbName': table_name,
'action': '上传文件',
'content': content,
'os': dict_login['os'],
'px': dict_login['px'],
'ip': req.remote_addr,
'time': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
}
mysqldb.set_record(dict_record)
return make_response('操作成功')
else:
return make_response('操作失败')
def insert_data():
if 'dataArr' in req.form:
try:
list_data = json.loads(req.form['dataArr'])
if len(list_data) == 0:
return make_response('dataArr错误')
except:
return make_response('dataArr错误')
else:
return make_response('dataArr错误')
if len(list_data) > 1:
return make_response('不支持批量插入')
for item in list_data:
item['create_name'] = dict_login['username']
item['create_time'] = time.strftime("%Y-%m-%d %H:%M:%S",
time.localtime())
# 查询角色权限是否存在
str_where = 'power_id=' + str(
list_data[0]['power_id']) + ' and model_id=' + str(
list_data[0]['model_id']
) + ' and function_en="' + list_data[0]['function_en'] + '"'
str_field = 'power_id,model_id,function_en'
args = {'pre_page_num': 1, 'curr_page': 1, 'sort': ''}
result = mysqldb.find_data(table_name, str_where, str_field, args)
if result['count'] > 0:
return make_response('该角色权限已存在')
result = mysqldb.insert_data(table_name, list_data)
# print(result)
if result:
# 操作记录
content = 'dataArr=' + re.sub(
r'\"', "'", json.dumps(list_data, ensure_ascii=False))
dict_record = {
'username': dict_login['username'],
'dbName': table_name,
'action': '增加',
'content': content,
'os': dict_login['os'],
'px': dict_login['px'],
'ip': req.remote_addr,
'time': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
}
mysqldb.set_record(dict_record)
return make_response('操作成功')
else:
return make_response('操作失败')
def insert_data(self):
if 'dataArr' in self.req.form:
try:
list_data = json.loads(self.req.form['dataArr'])
if len(list_data) == 0:
return make_response('dataArr错误')
except:
return make_response('dataArr错误')
else:
return make_response('dataArr错误')
list_username = []
for item in list_data:
if not item['username'] and not item['password']:
return make_response('用户名和密码不能为空')
if len(item['password']) < 6:
return make_response('密码长度不能小于6')
password = "******" + item['password'] + item['password'][0:3]
md5 = hashlib.md5()
md5.update(password.encode(encoding='utf-8'))
md5_password = md5.hexdigest()
item['password'] = md5_password
item['create_name'] = self.dict_login['username']
item['create_time'] = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
item['update_name'] = ''
item['update_time'] = ''
list_username.append(item['username'])
str_where = 'username in ' + re.sub(r'\,', '', str(tuple(list_username)))
str_field = 'id, username'
args = {'pre_page_num': 0, 'curr_page': 0, 'sort': ''}
find_result = mysqldb.find_data(self.table_name, str_where, str_field, args)
if find_result['count'] != 0:
return make_response('用户名已存在')
result = mysqldb.insert_data(self.table_name, list_data)
# print(result)
if result:
# 操作记录
content = 'dataArr=' + re.sub(r'\"', "'", json.dumps(list_data, ensure_ascii=False))
dict_record = {'username': self.dict_login['username'], 'dbName': self.table_name, 'action': '增加', 'content': content, 'os': self.dict_login['os'], 'px': self.dict_login['px'], 'ip': self.req.remote_addr, 'time': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())}
mysqldb.set_record(dict_record)
return make_response('操作成功')
else:
return make_response('操作失败')
def delete_data_fn(self, dict_where):
result = mysqldb.del_data(self.table_name, dict_where)
# print(result)
if result:
# 操作记录
content = 'whereJson=' + re.sub(r'\"', "'", json.dumps(dict_where, ensure_ascii=False))
dict_record = {'username': self.dict_login['username'], 'dbName': self.table_name, 'action': '删除', 'content': content,
'os': self.dict_login['os'], 'px': self.dict_login['px'], 'ip': self.req.remote_addr,
'time': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())}
mysqldb.set_record(dict_record)
return make_response('操作成功')
else:
return make_response('操作失败')
def insert_data_fn(self,list_data):
result = mysqldb.insert_data(self.table_name, list_data)
# print(result)
if result:
print('插入list_data成功')
# 操作记录
content = 'dataArr=' + re.sub(r'\"', "'", json.dumps(list_data, ensure_ascii=False))
dict_record = {'username': self.dict_login['username'], 'dbName': self.table_name, 'action': '增加', 'content': content,
'os': self.dict_login['os'], 'px': self.dict_login['px'], 'ip': self.req.remote_addr,
'time': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())}
mysqldb.set_record(dict_record)
return make_response('操作成功')
else:
return make_response('操作失败')
def del_data():
if 'whereJson' in req.form:
try:
dict_where = json.loads(req.form['whereJson'])
if not dict_where['url']:
return make_response('whereJson错误')
except:
return make_response('whereJson错误')
else:
return make_response('whereJson错误')
result = mysqldb.del_data(table_name, dict_where)
# print(result)
if result:
for url in dict_where['url']:
file_path = os.path.normpath(
os.path.dirname(os.path.dirname(__file__)) + url)
if os.path.exists(file_path):
os.remove(file_path)
else:
pass
# 操作记录
content = 'whereJson=' + re.sub(
r'\"', "'", json.dumps(dict_where, ensure_ascii=False))
dict_record = {
'username': dict_login['username'],
'dbName': table_name,
'action': '删除文件',
'content': content,
'os': dict_login['os'],
'px': dict_login['px'],
'ip': req.remote_addr,
'time': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
}
mysqldb.set_record(dict_record)
return make_response('操作成功')
else:
return make_response('操作失败')
def sign_out(self):
dict_login = json.loads(self.req.cookies['logining'])
print(dict_login)
# 操作记录
content = 'action=SignOut'
dict_record = {
'username': dict_login['username'],
'dbName': self.table_name,
'action': '退出',
'content': content,
'os': dict_login['os'],
'px': dict_login['px'],
'ip': self.req.remote_addr,
'time': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
}
mysqldb.set_record(dict_record)
res = make_response('退出成功')
res.delete_cookie("logining")
print(dict_login['username'] + "退出成功")
return res
def sign_in(self):
if 'whereJson' in self.req.form:
try:
dict_where = json.loads(self.req.form['whereJson'])
except:
return make_response('whereJson错误')
else:
return make_response('whereJson错误')
if 'osJson' in self.req.form:
try:
dict_os = json.loads(self.req.form['osJson'])
except:
return make_response('osJson错误')
else:
return make_response('osJson错误')
if dict_where['username'] and len(dict_where['password']) >= 6:
password = "******" + dict_where['password'] + dict_where['password'][
0:3]
md5 = hashlib.md5()
md5.update(password.encode(encoding='utf-8'))
md5_password = md5.hexdigest()
dict_where['password'] = md5_password
else:
return make_response('用户名和密码格式错误')
print(dict_where)
str_where = 'username="******" and password="******"'
str_field = 'username,password'
args = {}
result = mysqldb.find_data(self.table_name, str_where, str_field, args)
# print(result)
if result and result['count'] > 0:
print(dict_where['username'] + "登录成功")
os = dict_os['os'] or ""
px = dict_os['px'] or ""
ip = self.req.remote_addr
# 操作记录
content = 'action=SignIn'
dict_record = {
'username': dict_where['username'],
'dbName': self.table_name,
'action': '登录',
'content': content,
'os': os,
'px': px,
'ip': ip,
'time': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
}
mysqldb.set_record(dict_record)
res = make_response('登录成功')
dict_json = {
'username': dict_where['username'],
'hash': dict_where['password'],
'os': os,
'px': px,
'ip': ip
}
res.set_cookie('logining',
json.dumps(dict_json, ensure_ascii=False),
max_age=8 * 3600)
return res
else:
return make_response('用户名或密码错误')
def update_data(self):
if 'whereJson' in self.req.form:
try:
dict_where = json.loads(self.req.form['whereJson'])
except:
return make_response('whereJson错误')
else:
return make_response('whereJson错误')
if 'updateJson' in self.req.form:
try:
dict_update = json.loads(self.req.form['updateJson'])
if len(dict_update) == 0:
return make_response('updateJson错误')
except:
return make_response('updateJson错误')
else:
return make_response('updateJson错误')
if 'username' not in dict_where:
return make_response('whereJson错误')
else:
pass
dict_login = json.loads(self.req.cookies['logining'])
if dict_where['username'] != dict_login['username']:
return make_response('没有权限')
else:
pass
if len(dict_update['password']) >= 6:
password = "******" + dict_update['password'] + dict_update[
'password'][0:3]
md5 = hashlib.md5()
md5.update(password.encode(encoding='utf-8'))
md5_password = md5.hexdigest()
dict_update['password'] = md5_password
else:
return make_response('密码不能为空')
str_where = 'username="******"'
dict_update['update_name'] = dict_login['username']
dict_update['update_time'] = time.strftime("%Y-%m-%d %H:%M:%S",
time.localtime())
result = mysqldb.update_data(self.table_name, str_where, dict_update)
# print(result)
if result:
# 操作记录
content = 'change password'
dict_record = {
'username': dict_login['username'],
'dbName': self.table_name,
'action': '修改',
'content': content,
'os': dict_login['os'],
'px': dict_login['px'],
'ip': self.req.remote_addr,
'time': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
}
mysqldb.set_record(dict_record)
return make_response('操作成功')
else:
return make_response('操作失败')
