def register(): try: if request.method == "POST": db = Database() displayname = request.form['name'] username = str(request.form['regusername']).lower() password = sha256_crypt.encrypt(str(request.form['regpassword'])) email = request.form['email'] AuthKey = ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(8)) x = db.read("SELECT * FROM users WHERE Username = (%s)", username) y = db.read("SELECT * FROM users WHERE Email = (%s)", email) if x: flash('Username Already in Use') return redirect(request.referrer) if y: flash('Your Email is already Registered') return redirect(request.referrer) db.write('''INSERT INTO users(Name,Username,Password,Email,AuthKey) VALUES(%s,%s,%s,%s,%s)''', displayname, username, password, email, AuthKey) db.close() flash('You Have Successfully Registered !') return redirect(request.referrer) except Exception as e: LOG.exception(e) return redirect(url_for(home))
def login(): try: if request.method == "POST": db = Database() username = request.form['username'].lower() users = db.read('SELECT Username,password,AuthKey,GUID,B3ID,Permissions FROM users WHERE username = (%s)', username) if not users: users = db.read('''SELECT Username,password,AuthKey,GUID,B3ID,Permissions FROM users WHERE Email = (%s)''', username) db.close() # users = [['supiri', 'pass', 'auth', '123', '3', [True, True, True, True, True]]] if users and sha256_crypt.verify(request.form['password'], users[0][1]): # if request.form['username'].lower() == users[0][0] and request.form['password'] == users[0][1]: session['logged_in'] = True session['username'] = users[0][0].title() session['authkey'] = users[0][2] session['guid'] = users[0][3] session['b3id'] = users[0][4] session['permission'] = users[0][5] flash('Welcome {}!'.format(users[0][0].title())) return redirect(request.referrer) else: flash('Invalid credentials. Try Again.') return redirect(request.referrer) except Exception as e: LOG.exception(e) return redirect(request.referrer)
def home(): try: if 'authkey' in session and session['authkey'] is not None: flash("Welcome ! It's look like you are new to here when you visit the Black Assassins Server type" " !webauth {} to complete the registration".format(session['authkey'])) db = Database() session['last_ss'] = int(db.read('SELECT ID FROM screenshots ORDER BY ID DESC LIMIT 1')[0][0]) ss = db.read('SELECT * FROM screenshots WHERE ID <= (%s) ORDER BY ID DESC LIMIT 27', session['last_ss']) ss_new = [] db.close() for s in ss: s = list(s) s[-1] = datetime.fromtimestamp(s[-1]) s[1] = escape(s[1]) s[4] = escape(str(s[4])[:90].strip(',').strip(' ')) ss_new.append(s) ss = ss_new if request.method == "POST": print(request.form) return render_template('home.html', ss=ss) else: return render_template('home.html', ss=ss) except Exception as e: LOG.exception(e) return render_template('home.html', ss=[])
def logout(): try: session.clear() flash("You have been logged out!") return redirect(request.referrer) except Exception as e: LOG.exception(e) return render_template("home.html")
def imageview(ssid): db = Database() ss = db.read('SELECT * FROM screenshots WHERE ID = (%s) ORDER BY ID DESC LIMIT 1', ssid) db.close() try: return render_template("imageview.html", data=ss) except Exception as e: LOG.exception(e) flash('ScreenShot Not Found') return redirect(url_for('home'))
def unban_player(ssid): try: db = Database() db.write('''UPDATE screenshots SET Banned = (%s) WHERE ID = (%s)''', None, ssid) flash("B3 Didn't Response to your Ban Request") flash("You have to Manually unban the Player via b3") db.close() return redirect(request.referrer) except Exception as e: LOG.exception(e) flash('Something Went Wrong') return redirect(request.referrer)
def auth(): try: db = Database() if request.method == "POST" and request.form['secretkey'] == db.read('SELECT secretkey from server_info')[0][0]: b3id = int(request.form['b3id']) guid = request.form['guid'] level = int(request.form['level']) if level >= 100: power = 'ban, train, getss, delss, manage' elif level >= 16: power = 'ban, train, getss' else: power = 'getss' authkey = request.form['authkey'] db.write( '''UPDATE users SET B3ID = (%s), GUID = (%s) ,Permissions = (%s), authkey = (%s) WHERE authkey = (%s)''', b3id, guid, power, None, authkey) db.close() return 'ok' except Exception as e: LOG.exception(e) return 'error'
def submit_ss(): try: db = Database() if request.method == "POST" and request.form['secretkey'] == db.read('SELECT secretkey from server_info')[0][0]: # noinspection PyBroadException try: id = int(db.read('''SELECT ID FROM ScreenShots''')[-1][0]) + 1 except: id = 1 name = request.form['name'][:-2] b3id = int(request.form['b3id']) connections = int(request.form['connections']) aliases = request.form['aliases'] guid = request.form['guid'] penalties = int(request.form['penalties']) ip = request.form['ip'] score = request.form['score'] # noinspection PyBroadException try: with urllib.request.urlopen("https://ipinfo.io/{}/json".format(ip)) as url: data = json.loads(url.read().decode()) address = '{}, {}'.format(data['city'], data['country']).strip(', ') except: address = 'Not Found' f = request.files['ss'] s3_client.upload_fileobj(f, os.getenv("BUCKET_NAME").strip(), 'MrDetective/{}.jpg'.format(id), ExtraArgs={'ACL': 'public-read'}) db.write('''INSERT INTO ScreenShots (Name,B3ID,Connections,Aliases,GUID,Address,IP,Penalties,Score, Timestamp) VALUES (%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)''', name, b3id, connections, aliases, guid, address, ip, penalties, score, int(time.time())) db.close() return jsonify('Got IT') except Exception as e: LOG.exception(e) return jsonify('Something Went Wrong')