def login(request): dbconnection = dbconn() dbconnection.connect() if request.method == "POST": user = request.POST.get("user") pwd = request.POST.get("pwd") is_logged = (pwd, ) in dbconnection.exec( "SELECT upassword FROM userlist WHERE uname = '%s';" % user) dbconnection.close() if is_logged: dbconnection = dbconn() dbconnection.connect() ((uno, ), ) = dbconnection.exec( "SELECT uno FROM userlist WHERE uname = '%s';" % user) dbconnection.close() obj = redirect("/user/%s/" % user) obj.set_cookie('uname', user, max_age=600) obj.set_cookie('uno', uno, max_age=600) else: obj = render( request, os.path.join(BASE_DIR, "login_interface/templates/Login.html"), {"messages": ['Error login']}) return obj
def register(request): dbconnection = dbconn() dbconnection.connect() if request.method == "POST": user = request.POST.get("user") pwd = request.POST.get("pwd") pwd2 = request.POST.get("pwd2") email = request.POST.get("email") if pwd != pwd2: return render( request, os.path.join(BASE_DIR, "register_interface/templates/Register.html"), {"messages": ['二次密码输入错误']}) for each in ["%", "&", "*", "_", "?", "/", "\\", "|", "!", "~"]: if each in pwd: return render( request, os.path.join(BASE_DIR, "register_interface/templates/Register.html"), {"messages": ['密码内含有非法字符']}) if each in user: return render( request, os.path.join(BASE_DIR, "register_interface/templates/Register.html"), {"messages": ['用户名内含有非法字符']}) if not 5 <= len(user) <= 20: return render( request, os.path.join(BASE_DIR, "register_interface/templates/Register.html"), {"messages": ['用户名长度非法']}) if not 5 <= len(pwd) <= 20: return render( request, os.path.join(BASE_DIR, "register_interface/templates/Register.html"), {"messages": ['密码长度非法']}) if '@' not in email: return render( request, os.path.join(BASE_DIR, "register_interface/templates/Register.html"), {"messages": ['邮箱格式非法']}) if len( dbconnection.exec("SELECT * FROM userlist WHERE uname='%s';" % user)): return render( request, os.path.join(BASE_DIR, "register_interface/templates/Register.html"), {"messages": ['用户名已经存在']}) dbconnection.do("INSERT INTO userlist VALUES(NULL,'%s','%s','%s');" % (user, pwd, email)) return render( request, os.path.join(BASE_DIR, "login_interface/templates/Login.html"), {"messages": ['注册成功']})
def setFinished(request, uname, ptno): cookie_username = request.COOKIES.get('uname', None) uno = request.COOKIES.get('uno', None) if(cookie_username == uname): dbconnection = dbconn() dbconnection.connect() dbconnection.exec(f"CALL PERSONFINISH ({ptno})") dbconnection.close() return redirect('/user/%s/#personal' % uname) else: return redirect('/login')
def get_personal(uno): dbconnection = dbconn() dbconnection.connect() render_data = [] raw_result = dbconnection.exec( 'select ptfinishflag, ptno, ptname, ptbegintime, ptendtime, ptfinishtime, ptimportance from ptasklist where pt_uno = %s' % uno) for item in raw_result: temp_dict = {} if item[0] == '0': temp_dict['checked'] = '' elif item[0] == '1': temp_dict['checked'] = 'checked="checked"' temp_dict['ptno'] = item[1] temp_dict['data'] = item[1:] render_data.append(temp_dict) return render_data
def changeprofile(request, uname): cookie_username = request.COOKIES.get('uname', None) uno = request.COOKIES.get('uno', None) if (cookie_username == uname) and request.method == "POST": dbconnection = dbconn() dbconnection.connect() olduemail = request.POST.get("olduemail") uname = request.POST.get("unamebox") upwd = request.POST.get("upwdbox") uemail = request.POST.get("uemail") ((olduemail_, ), ) = dbconnection.exec(f'select email from userlist where uno={uno}') if olduemail != olduemail_: messages.success(request, "邮箱验证失败") return redirect(f'/user/{cookie_username}/#profile') for each in ["%", "&", "*", "_", "?", "/", "\\", "|", "!", "~"]: if each in upwd: messages.success(request, '密码内含有非法字符') return redirect(f'/user/{cookie_username}/#profile') if each in uname: messages.success(request, '用户名内含有非法字符') return redirect(f'/user/{cookie_username}/#profile') if not 5 <= len(uname) <= 20: messages.success(request, '用户名长度非法') return redirect(f'/user/{cookie_username}/#profile') if not 5 <= len(upwd) <= 20: messages.success(request, '密码长度非法') return redirect(f'/user/{cookie_username}/#profile') if '@' not in uemail or '@' == uemail[0] or '@' == uemail[-1]: messages.success(request, '邮箱格式非法') return redirect(f'/user/{cookie_username}/#profile') if len( dbconnection.exec( "SELECT * FROM userlist WHERE uname='%s' and uno!='%s';" % (uname, uno))): messages.success(request, '用户名已经存在') return redirect(f'/user/{cookie_username}/#profile') dbconnection.do( f"update userlist set uname='{uname}', upassword='******', email='{uemail}' where uno={uno}" ) messages.success(request, '真不错 修改已经完成了') return redirect('/login') else: return redirect(f'/user/{cookie_username}/#profile')
def addpersonalapi(request, uname): cookie_username = request.COOKIES.get('uname', None) uno = request.COOKIES.get('uno', None) if(cookie_username == uname): dbconnection = dbconn() dbconnection.connect() ptreptype = request.POST.get('ptreptype') ptname = request.POST.get('ptname') ptend = request.POST.get('ptend').replace('T', ' ') ptrep = request.POST.get('ptrep') ptimp = request.POST.get('ptimp') ptbegintime = datetime.now().strftime('%Y-%m-%d %H:%M:%S.%f') if ptreptype == '0': dbconnection.doing("INSERT INTO PTaskList (ptno,pt_uno,ptname,ptbegintime,ptendtime,ptimportance) VALUES(NULL, %s, '%s', '%s', '%s', %s);" % (uno, ptname, ptbegintime, ptend, ptimp)) else: dbconnection.doing(f"CALL P_{ptreptype}REP({ptrep},'{ptbegintime}','{ptend}',{uno},'{ptname}',{ptimp});") dbconnection.close() return redirect('/user/%s/#personal' % uname) else: return redirect('/login') # datetime.now().strftime('%Y-%m-%d %H:%M:%S.%f')