def post(self, group_id): # 点击按钮进行参与,post请求 parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) args = parser.parse_args(strict=True) token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 cursor.execute( "SELECT * FROM User_Group where User_id = %d and Group_id = %d" % (user_id, group_id)) result = cursor.fetchone() connection.commit() if result is not None: return {'message': 'You have joined the group before.'}, 403 cursor.execute("INSERT INTO User_Group values('%d', '%d')" % (group_id, user_id)) connection.commit() cursor.execute( "SELECT * from User_Group where User_id = '%d' and Group_id = '%d'" % (user_id, group_id)) result = cursor.fetchone() connection.commit() return {'result': result}
def post(self, group_content_id): parser = RequestParser() parser.add_argument("token", type=str, location="headers", required=True) args = parser.parse_args(strict=True) token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 cursor.execute( "SELECT * FROM Group_Contents WHERE Group_content_id like '%s' " % (group_content_id, )) result = cursor.fetchone() connection.commit() if result is None: abort_if_doesnt_exist("Group_content_id") group_id = result['Group_id'] cursor.execute("SELECT * FROM Groups WHERE Group_id like '%s' " % (group_id, )) result = cursor.fetchone() if result['User_id'] != user_id: return {'message': 'Unauthorized.'}, 401 cursor.execute("UPDATE Group_Contents SET Is_pinned=1 \ WHERE Group_content_id like '%s' " % (group_content_id, )) connection.commit() cursor.execute( "SELECT * FROM Group_Contents WHERE Group_content_id like '%s' " % (group_content_id, )) result = cursor.fetchone() connection.commit() result['Create_time'] = str(result['Create_time']) return {'result': result}
def post(self, book_comment_id): parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) parser.add_argument('book_report_title', type=str, required=True) parser.add_argument('book_report_reason', type=str, required=True) args = parser.parse_args() token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 report_t = args.get('book_report_title') report_r = args.get('book_report_reason') cursor.execute( "INSERT INTO Book_Reports(Book_report_title, Book_report_reason, User_id, Book_comment_id) \ values('%s', '%s', '%d', '%d')" % (report_t, report_r, user_id, book_comment_id)) connection.commit() cursor.execute("SELECT LAST_INSERT_ID()") connection.commit() result = cursor.fetchone()['LAST_INSERT_ID()'] cursor.execute( "SELECT * FROM Book_Reports WHERE Book_report_id = '%d'" % result) connection.commit() result = cursor.fetchone() result['Create_time'] = str(result['Create_time']) return {'result': result}
def post(self, book_id): # 如果用户之前已经评了分,这里默认无法再评分 parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) parser.add_argument('book_score', type=float, required=True) args = parser.parse_args() token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 book_score = float(args.get('book_score')) cursor.execute( "SELECT Book_score, Book_score_num from Books where book_id = '%d'" % book_id) result = cursor.fetchone() book_s = result['Book_score'] book_s_n = result['Book_score_num'] new_book_s = (book_s * book_s_n + book_score) / (book_s_n + 1.0) cursor.execute( "UPDATE Books set Book_score_num = Book_score_num + 1, Book_score = '%f' where Book_id = '%d'" % (new_book_s, book_id)) connection.commit() cursor.execute("SELECT Book_score from Books where Book_id = '%d'" % book_id) result = cursor.fetchone() connection.commit() return {'result': result}
def post(self, book_id): parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) parser.add_argument('book_comment_content', type=str, required=True) parser.add_argument('book_comment_title', type=str, required=True) args = parser.parse_args(strict=True) token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 book_com = args.get('book_comment_content') book_com_t = args.get('book_comment_title') cursor.execute( "INSERT into Book_Comments(Book_comment_title, Book_comment_approve, Book_comment_disapprove, \ Book_comment_content, User_id, Book_id) \ values('%s','%d','%d','%s','%d','%d')" % (book_com_t, 0, 0, book_com, user_id, book_id)) connection.commit() cursor.execute("SELECT LAST_INSERT_ID()") connection.commit() result = cursor.fetchone()['LAST_INSERT_ID()'] cursor.execute( "SELECT * FROM Book_Comments where Book_comment_id = '%d'" % result) result = cursor.fetchone() connection.commit() result['Create_time'] = str(result['Create_time']) return {'result': result}
def post(self): parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) parser.add_argument('old_password', type=str, required=True) parser.add_argument('new_password', type=str, required=True) args = parser.parse_args(strict=True) # 前端记得验证两次密码不同 token = args.get('token') user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 old_p = args.get('old_password') new_p = args['new_password'] new_p_hash = generate_password_hash(new_p, method='pbkdf2:sha1', salt_length=8) cursor.execute("SELECT User_password FROM User WHERE User_id = '%d' " % user_id) result = cursor.fetchone()['User_password'] connection.commit() if result is None: return {'message': 'User does not exist.'}, 403 if check_password_hash(result, old_p): cursor.execute( "UPDATE User set User_password = '******' WHERE User_id = '%d' " % (new_p_hash, user_id)) connection.commit() return {'result': {'message': 'Modify successfully.'}} else: return {'message': 'The old password is wrong.'}, 403
def post(self, movie_id): # 如果用户之前已经评了分,这里默认无法再评分 parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) parser.add_argument('movie_score', type=float, required=True) args = parser.parse_args() token = args.get('token') user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 movie_score = float(args.get('movie_score')) cursor.execute( "SELECT Movie_score, Movie_score_num from Movies where Movie_id = '%d'" % movie_id) result = cursor.fetchone() movie_s = result['Movie_score'] movie_s_n = result['Movie_score_num'] new_movie_s = (movie_s * movie_s_n + movie_score) / (movie_s_n + 1.0) cursor.execute( "UPDATE Movies set Movie_score_num = Movie_score_num + 1, Movie_score = '%f' where Movie_id = '%d'" % (new_movie_s, movie_id)) connection.commit() cursor.execute("SELECT Movie_score from Movies where Movie_id = '%d'" % movie_id) result = cursor.fetchone() connection.commit() return {'result': result}
def get(self): parser = RequestParser() parser.add_argument('token', type=str, location="headers", required=True) args = parser.parse_args(strict=True) token = args.get('token') user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 cursor.execute("SELECT * FROM User_Topic WHERE User_id = %d" % (user_id)) result = cursor.fetchall() connection.commit() return {"result": result}
def get(self): parser = reqparse.RequestParser() parser.add_argument("token", type=str, location="headers", required=True) req = parser.parse_args(strict=True) token = req['token'] user_id = verify_token(token) if user_id is not None: cursor.execute( "SELECT User_id,User_name,User_email,User_phonenum,User_authority,User_motto FROM User WHERE User_id LIKE '%s'" % (user_id)) result = cursor.fetchone() connection.commit() return {'result': result} else: return {'message': 'Illegal token.'}, 403
def post(self, book_comment_id): parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) parser.add_argument('type', type=int, required=True) args = parser.parse_args() token = args["token"] approve_type = args['type'] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 if approve_type != -1 and approve_type != 1: return {'message': 'Illegal type(not -1 or 1).'}, 400 cursor.execute( "SELECT Type FROM Book_Comment_Approvals WHERE Book_comment_id = %d AND User_id = %d" % (book_comment_id, user_id)) result = cursor.fetchone() if result != None: connection.commit() return {'message': 'duplicate approve or disapprove.'}, 403 cursor.execute( "INSERT INTO Book_Comment_Approvals(Book_comment_id,User_id,type) VALUES(%d,%d,%d)" % (book_comment_id, user_id, approve_type)) if approve_type == 1: temp_str = "Book_comment_approve" else: temp_str = "Book_comment_disapprove" cursor.execute("UPDATE Book_Comments \ SET %s = %s + 1 \ WHERE Book_comment_id = %d" % ( temp_str, temp_str, book_comment_id, )) connection.commit() cursor.execute( "SELECT * FROM Book_Comments WHERE Book_comment_id = %d " % (book_comment_id)) result = cursor.fetchone() result['Create_time'] = str(result['Create_time']) return {'result': result}
def post(self): parser = RequestParser() parser.add_argument('new_password', type=str, required=True) parser.add_argument('token', type=str, location="headers", required=True) args = parser.parse_args(strict=True) token = args.get('token') user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 n_pw = args.get('new_password') n_pwhash = generate_password_hash(n_pw) cursor.execute( "UPDATE User set User_password = '******' where User_id = '%d'" % (n_pwhash, user_id)) connection.commit() return {'message': 'Reset successfully.'}
def post(self, group_id): parser = RequestParser() parser.add_argument("token", type=str, location="headers", required=True) parser.add_argument('group_content_title', type=str, required=True) parser.add_argument('group_content_content', type=str, required=True) parser.add_argument('group_content_image', type=str) args = parser.parse_args(strict=True) token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 cursor.execute( "SELECT * FROM User_Group where User_id = %d and Group_id = %d" % (user_id, group_id)) result = cursor.fetchone() connection.commit() if result is None: return {'message': 'You have not joined the group.'}, 403 group_content_title = args['group_content_title'] group_content_content = args['group_content_content'] group_content_image = args['group_content_image'] cursor.execute( "INSERT into Group_Contents(Group_content_title, Group_content_content, Group_id, \ User_id, Group_content_image,Is_highlighted,Is_pinned) \ values('%s','%s',%d,%d,'%s',0,0)" % (group_content_title, group_content_content, group_id, user_id, group_content_image)) connection.commit() cursor.execute("SELECT LAST_INSERT_ID()") result = cursor.fetchone()['LAST_INSERT_ID()'] cursor.execute( "SELECT * FROM Group_Contents where Group_content_id = %d" % result) result = cursor.fetchone() connection.commit() result['Create_time'] = str(result['Create_time']) return {'result': result}
def delete(self, book_comment_id): parser = RequestParser() parser.add_argument('token', type=str, location='headers', required=True) args = parser.parse_args() token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 cursor.execute( "SELECT Type FROM Book_Comment_Approvals WHERE Book_comment_id = %d AND User_id = %d" % (book_comment_id, user_id)) result = cursor.fetchone() if result == None: connection.commit() abort_if_doesnt_exist("book_comment_id") approve_type = result['Type'] cursor.execute( "DELETE FROM Book_Comment_Approvals WHERE Book_comment_id = %d AND User_id = %d " % (book_comment_id, user_id)) if approve_type == 1: temp_str = "Book_comment_approve" else: temp_str = "Book_comment_disapprove" cursor.execute("UPDATE Book_Comments \ SET %s = %s - 1 \ WHERE Book_comment_id = %d" % (temp_str, temp_str, book_comment_id)) connection.commit() cursor.execute( "SELECT * FROM Book_Comments WHERE Book_comment_id = %d " % (book_comment_id)) result = cursor.fetchone() result['Create_time'] = str(result['Create_time']) connection.commit() return {'result': result}
def get(self): parser = RequestParser() parser.add_argument('token', type=str, location="headers", required=True) args = parser.parse_args(strict=True) token = args.get('token') user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 cursor.execute("SELECT * FROM Movie_Reports WHERE User_id = %d" % (user_id)) result_m = cursor.fetchall() for i in result_m: i['Create_time'] = str(i['Create_time']) cursor.execute("SELECT * FROM Book_Reports WHERE User_id = %d" % (user_id)) result_b = cursor.fetchall() for i in result_b: i['Create_time'] = str(i['Create_time']) connection.commit() return {"result": {"books": result_b, "movies": result_m}}
def post(self, topic_id): parser = RequestParser() parser.add_argument("token", type=str, location="headers", required=True) parser.add_argument('topic_content_content', type=str, required=True) parser.add_argument('topic_content_image', type=str) args = parser.parse_args(strict=True) token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 cursor.execute( "SELECT * FROM User_Topic where User_id = %d and Topic_id = %d" % (user_id, topic_id)) result = cursor.fetchone() connection.commit() if result is None: return {'message': 'You have not joined the topic.'}, 403 topic_content_content = args['topic_content_content'] topic_content_image = args['topic_content_image'] cursor.execute( "INSERT into Topic_Contents( Topic_content_content, Topic_id, \ User_id, Topic_content_image) \ values('%s',%d,%d,'%s')" % (topic_content_content, topic_id, user_id, topic_content_image)) connection.commit() cursor.execute("SELECT LAST_INSERT_ID()") result = cursor.fetchone()['LAST_INSERT_ID()'] cursor.execute( "SELECT * FROM Topic_Contents where Topic_content_id = %d" % result) result = cursor.fetchone() connection.commit() result['Create_time'] = str(result['Create_time']) return {'result': result}
def post(self, group_id): parser = RequestParser() parser.add_argument("token", type=str, location="headers", required=True) parser.add_argument('group_apply_content', type=str, required=True) args = parser.parse_args(strict=True) token = args["token"] user_id = verify_token(token) if user_id is None: return {'message': 'Illegal token.'}, 403 group_apply_content = args['group_apply_content'] cursor.execute( "INSERT into Group_Apply(Group_apply_content,Group_id,User_id)\ VALUES('%s',%d,%d)" % (group_apply_content, group_id, user_id)) connection.commit() cursor.execute("SELECT LAST_INSERT_ID()") result = cursor.fetchone()['LAST_INSERT_ID()'] cursor.execute("SELECT * FROM Group_Apply where Group_apply_id = %d" % result) result = cursor.fetchone() connection.commit() return {'result': result}