def admin_user_update(dic): query = "update user set username='******',usergroup='%s',realname='%s',phone='%s',qq='%s' where uid=='%s';" args = (dic['username'], dic['usergroup'], dic['realname'], dic['phone'], dic['qq'], dic['uid']) db.query_db(query % args, True, True) if dic['password'] != getUserByUid(dic['uid'])['password']: db.query_db( "update user set password='******' where uid=='%s';" % (md5(dic['password']), dic['uid']), True, True)
def login(username, password): if len( db.query_db( "select * from user where username=='%s' collate nocase and password=='%s';" % (username, md5(password)))) == 0: return False return True
def get_last_pid(): res = db.query_db( "select pid from projects order by id DESC limit 1;", [], True) Id = 0 if len(res) != 0: Id = res['pid'] return Id
def getAllUsers(): res = db.query_db("select * from user") l = len(res) for i in range(0, l): for key in res[i].keys(): if res[i][key] == None: res[i][key] = "" return res
def getUser(username): res = db.query_db( "select * from user where username='******' collate nocase;" % username, True) for key in res.keys(): if res[key] == None: res[key] = "" return res
def register(username, password): if len( db.query_db( "select * from user where username=='%s' collate nocase;" % (username))) == 0: uid = db.getNextId('uid', 'user') if uid == '1': db.query_db( "insert into user(uid,username,password,avatar,usergroup) values('%s','%s','%s','%s','%s');" % (uid, username, md5(password), '/static/img/default.png', '0'), True, True) else: db.query_db( "insert into user(uid,username,password,avatar,usergroup) values('%s','%s','%s','%s','%s');" % (uid, username, md5(password), '/static/img/default.png', '1'), True, True) return True else: return False
def config_updata(password, avatar, phone, qq, realname, info): uid = session['user']['uid'] usergroup = session['user']['usergroup'] db.query_db( "update user set avatar='%s',phone='%s',qq='%s',info='%s' where uid=='%s';" % (avatar, phone, qq, info, uid), True, True) if password != "": db.query_db( "update user set password='******' where uid=='%s';" % (md5(password), uid), True, True) if usergroup != "2" and realname != "": db.query_db( "update user set realname='%s' where uid=='%s';" % (realname, uid), True, True)
def getAllProjects(): return db.query_db("select * from project")
def getUserByUid(uid): res = db.query_db("select * from user where uid='%s';" % uid, True) for key in res.keys(): if res[key] == None: res[key] = "" return res
def search(key): query = "select * from project where title like '{0}' or abstract like '{0}' or content like '{0}';" return db.query_db(query.format(key))
def admin_user_del(uid): db.query_db("delete from user where uid == '%s';" % (uid), True, True)
def get_project(pid): res = db.query_db('select * from projects where pid=?;', [pid], True) return res
def get_projects(): res = db.query_db( 'select * from projects where deleted = 0 order by pid DESC;') return res
def update_project(pid, title, content, time): db.query_db("update projects set title='%s',content='%s',time='%s',deleted=%s where pid=%s;", [ title, content, time, pid])
def delete_project(pid, deleted): db.query_db("update projects set deleted=%s where pid=%s;", [deleted, pid])
def add_project(uid, content, title, time): pid = get_last_pid() + 1 db.query_db("insert into projects(pid,uid,title,content,time,deleted) values(%s,%s,'%s','%s','%s',0);", [ pid, uid, title, content, time])