def post(self): parser = reqparse.RequestParser() parser.add_argument('name', type=str, required=True) parser.add_argument("password", type=str, required=True) parser.add_argument("email", type=str, required=True) parser.add_argument("phonenum", type=str, required=True) parser.add_argument("motto", type=str) req = parser.parse_args(strict=True) name = req['name'] password = req['password'] pwhash = generate_password_hash(password, method='pbkdf2:sha1', salt_length=8) email = req['email'] phonenum = req['phonenum'] motto = req['motto'] cursor.execute( "INSERT INTO `User` (User_password,User_name,User_email,User_phonenum,User_authority,User_motto) VALUES ('%s','%s','%s','%s',1,'%s')" % (pwhash, name, email, phonenum, motto)) connection.commit() cursor.execute("SELECT User_id FROM User WHERE User_name LIKE '%s'" % (name)) result = cursor.fetchone() token = create_token(result['User_id']) connection.commit() return {'result': {'token': token}}
def post(self): parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) parser.add_argument('old_password', type=str, required=True) parser.add_argument('new_password', type=str, required=True) args = parser.parse_args(strict=True) # 前端记得验证两次密码不同 token = args.get('token') user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 old_p = args.get('old_password') new_p = args['new_password'] new_p_hash = generate_password_hash(new_p, method='pbkdf2:sha1', salt_length=8) cursor.execute("SELECT User_password FROM User WHERE User_id = '%d' " % user_id) result = cursor.fetchone()['User_password'] connection.commit() if result is None: return {'message': 'User does not exist.'}, 403 if check_password_hash(result, old_p): cursor.execute( "UPDATE User set User_password = '******' WHERE User_id = '%d' " % (new_p_hash, user_id)) connection.commit() return {'result': {'message': 'Modify successfully.'}} else: return {'message': 'The old password is wrong.'}, 403
def get(self): cursor.execute( "SELECT Topic_id FROM Topic_Contents GROUP BY Topic_id ORDER BY COUNT(Topic_Content_id) DESC" ) result = cursor.fetchmany(2) connection.commit() cursor.execute( "SELECT * FROM Topics WHERE Topic_id = '%d' or Topic_id = '%d'" % (result[0]['Topic_id'], result[1]['Topic_id'])) result = cursor.fetchall() connection.commit() return {'result': result}
def get(self): parser = reqparse.RequestParser() parser.add_argument("keywords", type=str, location="args", required=True) req = parser.parse_args(strict=True) keywords = '%' + req.get("keywords") + '%' cursor.execute("SELECT * FROM Books WHERE Book_name LIKE '%s' " % (keywords)) result = cursor.fetchall() connection.commit() return {'result': result}
def post(self, group_content_id): parser = RequestParser() parser.add_argument("token", type=str, location="headers", required=True) args = parser.parse_args(strict=True) token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 cursor.execute( "SELECT * FROM Group_Contents WHERE Group_content_id like '%s' " % (group_content_id, )) result = cursor.fetchone() connection.commit() if result is None: abort_if_doesnt_exist("Group_content_id") group_id = result['Group_id'] cursor.execute("SELECT * FROM Groups WHERE Group_id like '%s' " % (group_id, )) result = cursor.fetchone() if result['User_id'] != user_id: return {'message': 'Unauthorized.'}, 401 cursor.execute("UPDATE Group_Contents SET Is_pinned=1 \ WHERE Group_content_id like '%s' " % (group_content_id, )) connection.commit() cursor.execute( "SELECT * FROM Group_Contents WHERE Group_content_id like '%s' " % (group_content_id, )) result = cursor.fetchone() connection.commit() result['Create_time'] = str(result['Create_time']) return {'result': result}
def get(self): parser = reqparse.RequestParser() parser.add_argument("keywords", type=str, location="args", required=True) req = parser.parse_args(strict=True) keywords = '%' + req.get("keywords") + '%' cursor.execute( "SELECT * FROM Group_Contents WHERE Group_content_title LIKE '%s' OR Group_content_content LIKE '%s' " % (keywords, keywords)) result = cursor.fetchall() connection.commit() for i in result: i['Create_time'] = str(i['Create_time']) return {'result': result}
def get(self): parser = RequestParser() parser.add_argument('token', type=str, location="headers", required=True) args = parser.parse_args(strict=True) token = args.get('token') user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 cursor.execute("SELECT * FROM User_Topic WHERE User_id = %d" % (user_id)) result = cursor.fetchall() connection.commit() return {"result": result}
def post(self): parser = RequestParser() parser.add_argument('user_email', type=str, required=True) args = parser.parse_args(strict=True) email = args.get('user_email') cursor.execute("SELECT * FROM User WHERE User_email = '%s'" % email) connection.commit() result = cursor.fetchone() if result is None: return {'message': 'Wrong email.'}, 403 send_email( '[豆辛瓜辛] Reset Your Password', sender=app.config['ADMINS'][0], recipients=[email], # templates中内容暂时用于测试 text_body=render_template('reset_password.txt', user=result), html_body=render_template('reset_password.html', user=result))
def get(self): parser = reqparse.RequestParser() parser.add_argument("token", type=str, location="headers", required=True) req = parser.parse_args(strict=True) token = req['token'] user_id = verify_token(token) if user_id is not None: cursor.execute( "SELECT User_id,User_name,User_email,User_phonenum,User_authority,User_motto FROM User WHERE User_id LIKE '%s'" % (user_id)) result = cursor.fetchone() connection.commit() return {'result': result} else: return {'message': 'Illegal token.'}, 403
def post(self): parser = RequestParser() parser.add_argument('new_password', type=str, required=True) parser.add_argument('token', type=str, location="headers", required=True) args = parser.parse_args(strict=True) token = args.get('token') user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 n_pw = args.get('new_password') n_pwhash = generate_password_hash(n_pw) cursor.execute( "UPDATE User set User_password = '******' where User_id = '%d'" % (n_pwhash, user_id)) connection.commit() return {'message': 'Reset successfully.'}
def get(self, topic_id): cursor.execute("SELECT * FROM Topics WHERE Topic_id LIKE '%s'" % (topic_id)) result = cursor.fetchone() if result is None: abort_if_doesnt_exist("Topic_id") cursor.execute( "SELECT Topic_content_id,Topic_content_content,Topic_content_image,Topic_id,Create_time,`User`.User_id,`User`.User_name FROM Topic_Contents,`User`\ WHERE Topic_id = %d AND Topic_Contents.User_id=`User`.User_id" % (topic_id)) content = cursor.fetchall() connection.commit() for i in content: i['Create_time'] = str(i['Create_time']) return { 'result': { 'info': result, 'contents': content, } }
def get(self, book_id): cursor.execute("SELECT * FROM Books WHERE Book_id LIKE '%s'" % (book_id)) result = cursor.fetchone() if result is None: abort_if_doesnt_exist("Book_id") cursor.execute( "SELECT Book_comment_id,Book_comment_title,Book_comment_approve,Book_comment_disapprove,Book_comment_content,\ Book_id,Create_time,`User`.User_id,`User`.User_name FROM Book_Comments,`User`\ WHERE Book_id= %d and Book_Comments.User_id=User.User_id" % (book_id)) content = cursor.fetchall() connection.commit() for i in content: i['Create_time'] = str(i['Create_time']) return { 'result': { 'info': result, 'comments': content, } }
def get(self, group_id): cursor.execute("SELECT * FROM Groups WHERE Group_id LIKE '%s'" % (group_id)) result = cursor.fetchone() if result is None: abort_if_doesnt_exist("Group_id") cursor.execute( "SELECT Group_content_id,Group_content_content,Group_content_title,Group_id,Group_content_image,Create_time,\ Is_highlighted,Is_pinned,`User`.User_id,`User`.User_name FROM Group_Contents,`User`\ WHERE Group_id=%d and Group_Contents.User_id=User.User_id ORDER BY Is_pinned DESC" % (group_id)) content = cursor.fetchall() connection.commit() for i in content: i['Create_time'] = str(i['Create_time']) return { 'result': { 'info': result, 'contents': content, } }
def post(self): parser = reqparse.RequestParser() parser.add_argument('name', type=str, required=True) parser.add_argument("password", type=str, required=True) req = parser.parse_args(strict=True) name = req['name'] password = req['password'] cursor.execute("SELECT * FROM User WHERE User_name LIKE '%s'" % name) result = cursor.fetchone() connection.commit() if result is None: return { 'message': 'Login error, incorrect password or username.' }, 403 if check_password_hash(result['User_password'], password): token = create_token(result['User_id']) return {'result': {'token': token}} else: return { 'message': 'Login error, incorrect password or username.' }, 403
def post(self, book_id): # 如果用户之前已经评了分,这里默认无法再评分 parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) parser.add_argument('book_score', type=float, required=True) args = parser.parse_args() token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 book_score = float(args.get('book_score')) cursor.execute( "SELECT Book_score, Book_score_num from Books where book_id = '%d'" % book_id) result = cursor.fetchone() book_s = result['Book_score'] book_s_n = result['Book_score_num'] new_book_s = (book_s * book_s_n + book_score) / (book_s_n + 1.0) cursor.execute( "UPDATE Books set Book_score_num = Book_score_num + 1, Book_score = '%f' where Book_id = '%d'" % (new_book_s, book_id)) connection.commit() cursor.execute("SELECT Book_score from Books where Book_id = '%d'" % book_id) result = cursor.fetchone() connection.commit() return {'result': result}
def post(self, movie_id): # 如果用户之前已经评了分,这里默认无法再评分 parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) parser.add_argument('movie_score', type=float, required=True) args = parser.parse_args() token = args.get('token') user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 movie_score = float(args.get('movie_score')) cursor.execute( "SELECT Movie_score, Movie_score_num from Movies where Movie_id = '%d'" % movie_id) result = cursor.fetchone() movie_s = result['Movie_score'] movie_s_n = result['Movie_score_num'] new_movie_s = (movie_s * movie_s_n + movie_score) / (movie_s_n + 1.0) cursor.execute( "UPDATE Movies set Movie_score_num = Movie_score_num + 1, Movie_score = '%f' where Movie_id = '%d'" % (new_movie_s, movie_id)) connection.commit() cursor.execute("SELECT Movie_score from Movies where Movie_id = '%d'" % movie_id) result = cursor.fetchone() connection.commit() return {'result': result}
def post(self, group_id): # 点击按钮进行参与,post请求 parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) args = parser.parse_args(strict=True) token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 cursor.execute( "SELECT * FROM User_Group where User_id = %d and Group_id = %d" % (user_id, group_id)) result = cursor.fetchone() connection.commit() if result is not None: return {'message': 'You have joined the group before.'}, 403 cursor.execute("INSERT INTO User_Group values('%d', '%d')" % (group_id, user_id)) connection.commit() cursor.execute( "SELECT * from User_Group where User_id = '%d' and Group_id = '%d'" % (user_id, group_id)) result = cursor.fetchone() connection.commit() return {'result': result}
def post(self, book_comment_id): parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) parser.add_argument('book_report_title', type=str, required=True) parser.add_argument('book_report_reason', type=str, required=True) args = parser.parse_args() token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 report_t = args.get('book_report_title') report_r = args.get('book_report_reason') cursor.execute( "INSERT INTO Book_Reports(Book_report_title, Book_report_reason, User_id, Book_comment_id) \ values('%s', '%s', '%d', '%d')" % (report_t, report_r, user_id, book_comment_id)) connection.commit() cursor.execute("SELECT LAST_INSERT_ID()") connection.commit() result = cursor.fetchone()['LAST_INSERT_ID()'] cursor.execute( "SELECT * FROM Book_Reports WHERE Book_report_id = '%d'" % result) connection.commit() result = cursor.fetchone() result['Create_time'] = str(result['Create_time']) return {'result': result}
def post(self, book_id): parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) parser.add_argument('book_comment_content', type=str, required=True) parser.add_argument('book_comment_title', type=str, required=True) args = parser.parse_args(strict=True) token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 book_com = args.get('book_comment_content') book_com_t = args.get('book_comment_title') cursor.execute( "INSERT into Book_Comments(Book_comment_title, Book_comment_approve, Book_comment_disapprove, \ Book_comment_content, User_id, Book_id) \ values('%s','%d','%d','%s','%d','%d')" % (book_com_t, 0, 0, book_com, user_id, book_id)) connection.commit() cursor.execute("SELECT LAST_INSERT_ID()") connection.commit() result = cursor.fetchone()['LAST_INSERT_ID()'] cursor.execute( "SELECT * FROM Book_Comments where Book_comment_id = '%d'" % result) result = cursor.fetchone() connection.commit() result['Create_time'] = str(result['Create_time']) return {'result': result}
def get(self): parser = RequestParser() parser.add_argument('token', type=str, location="headers", required=True) args = parser.parse_args(strict=True) token = args.get('token') user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 cursor.execute("SELECT * FROM Movie_Reports WHERE User_id = %d" % (user_id)) result_m = cursor.fetchall() for i in result_m: i['Create_time'] = str(i['Create_time']) cursor.execute("SELECT * FROM Book_Reports WHERE User_id = %d" % (user_id)) result_b = cursor.fetchall() for i in result_b: i['Create_time'] = str(i['Create_time']) connection.commit() return {"result": {"books": result_b, "movies": result_m}}
def get(self): cursor.execute( "SELECT Book_comment_id,Book_comment_title,Book_comment_approve,Book_comment_disapprove,Book_comment_content,\ Book_id,Create_time,`User`.User_id,`User`.User_name FROM Book_Comments,`User`\ WHERE Book_Comments.User_id=User.User_id") resultb = cursor.fetchall() connection.commit() cursor.execute( "SELECT Movie_comment_id,Movie_comment_title,Movie_comment_approve,Movie_comment_disapprove,Movie_comment_content,\ Movie_id,Create_time,`User`.User_id,`User`.User_name FROM Movie_Comments,`User`\ WHERE Movie_Comments.User_id=User.User_id") resultm = cursor.fetchall() connection.commit() for i in resultb: i['Create_time'] = str(i['Create_time']) for i in resultm: i['Create_time'] = str(i['Create_time']) return { 'result': { 'book_comments': resultb, 'movie_comments': resultm, } }
def post(self, book_comment_id): parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) parser.add_argument('type', type=int, required=True) args = parser.parse_args() token = args["token"] approve_type = args['type'] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 if approve_type != -1 and approve_type != 1: return {'message': 'Illegal type(not -1 or 1).'}, 400 cursor.execute( "SELECT Type FROM Book_Comment_Approvals WHERE Book_comment_id = %d AND User_id = %d" % (book_comment_id, user_id)) result = cursor.fetchone() if result != None: connection.commit() return {'message': 'duplicate approve or disapprove.'}, 403 cursor.execute( "INSERT INTO Book_Comment_Approvals(Book_comment_id,User_id,type) VALUES(%d,%d,%d)" % (book_comment_id, user_id, approve_type)) if approve_type == 1: temp_str = "Book_comment_approve" else: temp_str = "Book_comment_disapprove" cursor.execute("UPDATE Book_Comments \ SET %s = %s + 1 \ WHERE Book_comment_id = %d" % ( temp_str, temp_str, book_comment_id, )) connection.commit() cursor.execute( "SELECT * FROM Book_Comments WHERE Book_comment_id = %d " % (book_comment_id)) result = cursor.fetchone() result['Create_time'] = str(result['Create_time']) return {'result': result}
def post(self, group_id): parser = RequestParser() parser.add_argument("token", type=str, location="headers", required=True) parser.add_argument('group_content_title', type=str, required=True) parser.add_argument('group_content_content', type=str, required=True) parser.add_argument('group_content_image', type=str) args = parser.parse_args(strict=True) token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 cursor.execute( "SELECT * FROM User_Group where User_id = %d and Group_id = %d" % (user_id, group_id)) result = cursor.fetchone() connection.commit() if result is None: return {'message': 'You have not joined the group.'}, 403 group_content_title = args['group_content_title'] group_content_content = args['group_content_content'] group_content_image = args['group_content_image'] cursor.execute( "INSERT into Group_Contents(Group_content_title, Group_content_content, Group_id, \ User_id, Group_content_image,Is_highlighted,Is_pinned) \ values('%s','%s',%d,%d,'%s',0,0)" % (group_content_title, group_content_content, group_id, user_id, group_content_image)) connection.commit() cursor.execute("SELECT LAST_INSERT_ID()") result = cursor.fetchone()['LAST_INSERT_ID()'] cursor.execute( "SELECT * FROM Group_Contents where Group_content_id = %d" % result) result = cursor.fetchone() connection.commit() result['Create_time'] = str(result['Create_time']) return {'result': result}
def delete(self, book_comment_id): parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) args = parser.parse_args() token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 cursor.execute( "SELECT Type FROM Book_Comment_Approvals WHERE Book_comment_id = %d AND User_id = %d" % (book_comment_id, user_id)) result = cursor.fetchone() if result == None: connection.commit() abort_if_doesnt_exist("book_comment_id") approve_type = result['Type'] cursor.execute( "DELETE FROM Book_Comment_Approvals WHERE Book_comment_id = %d AND User_id = %d " % (book_comment_id, user_id)) if approve_type == 1: temp_str = "Book_comment_approve" else: temp_str = "Book_comment_disapprove" cursor.execute("UPDATE Book_Comments \ SET %s = %s - 1 \ WHERE Book_comment_id = %d" % (temp_str, temp_str, book_comment_id)) connection.commit() cursor.execute( "SELECT * FROM Book_Comments WHERE Book_comment_id = %d " % (book_comment_id)) result = cursor.fetchone() result['Create_time'] = str(result['Create_time']) connection.commit() return {'result': result}
def post(self, topic_id): parser = RequestParser() parser.add_argument("token", type=str, location="headers", required=True) parser.add_argument('topic_content_content', type=str, required=True) parser.add_argument('topic_content_image', type=str) args = parser.parse_args(strict=True) token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 cursor.execute( "SELECT * FROM User_Topic where User_id = %d and Topic_id = %d" % (user_id, topic_id)) result = cursor.fetchone() connection.commit() if result is None: return {'message': 'You have not joined the topic.'}, 403 topic_content_content = args['topic_content_content'] topic_content_image = args['topic_content_image'] cursor.execute( "INSERT into Topic_Contents( Topic_content_content, Topic_id, \ User_id, Topic_content_image) \ values('%s',%d,%d,'%s')" % (topic_content_content, topic_id, user_id, topic_content_image)) connection.commit() cursor.execute("SELECT LAST_INSERT_ID()") result = cursor.fetchone()['LAST_INSERT_ID()'] cursor.execute( "SELECT * FROM Topic_Contents where Topic_content_id = %d" % result) result = cursor.fetchone() connection.commit() result['Create_time'] = str(result['Create_time']) return {'result': result}
def post(self, group_id): parser = RequestParser() parser.add_argument("token", type=str, location="headers", required=True) parser.add_argument('group_apply_content', type=str, required=True) args = parser.parse_args(strict=True) token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 group_apply_content = args['group_apply_content'] cursor.execute( "INSERT into Group_Apply(Group_apply_content,Group_id,User_id)\ VALUES('%s',%d,%d)" % (group_apply_content, group_id, user_id)) connection.commit() cursor.execute("SELECT LAST_INSERT_ID()") result = cursor.fetchone()['LAST_INSERT_ID()'] cursor.execute("SELECT * FROM Group_Apply where Group_apply_id = %d" % result) result = cursor.fetchone() connection.commit() return {'result': result}
def alive(): cursor.execute("SELECT * FROM phones") cursor.fetchone() connection.commit() print('interval execute.')
def get(self): cursor.execute('SELECT * FROM Groups;') connection.commit() return {'result': cursor.fetchall()}