def post(self):
email = self.get_request("email", "")
user_url = self.get_request("personal_url", "")
displayName = self.get_request("display_name", "")
password = self.get_request("password", "")
crsf = self.get_request("_xsrf","")
user_crsf = self.get_cookie("_xsrf","unknown")
self.clear_cookie("_xsrf")
if crsf != user_crsf or user_crsf =="unknown":
self.print_result(False, "Xsrf protected!")
return
if user_url != "":
tmp = user_url.lower()
if not tmp.startswith("http"):
user_url = "http://"+user_url
if not pyUtility.isURL(user_url):
self.print_result(False, "The Format of URL is wrong!")
return
if email == "":
self.print_result(False, "Email Cannot be blank!")
return
if not pyUtility.isEmail(email):
self.print_result(False, "Email Format is incorrect!")
return
current = self.get_current_user()
if current['user_email'] != email:
"""
Check if email has been taken or not
"""
if not User().isEmailUnique(email):
self.print_result(False, "Email Has been used")
return
user = User().getByID(current['ID'], False)
if user:
if not password == "":
newPwd = user.getEncodeStr(password)
if newPwd != user.user_pass:
user.user_pass = newPwd
user.user_email = email
user.user_url = user_url
user.display_name = displayName
newUserData = user.row2dict()
if user.update():
self.set_current_user(newUserData)
self.print_result(True, "Done")
else :
self.print_result(False, "Failed to Update DB")
else:
# find failed
self.print_result(False, "Can not find any record")
def post(self):
uid = self.get_request("id","")
email = self.get_request("email", "")
user_url = self.get_request("personal_url", "")
displayName = self.get_request("display_name", "")
password = self.get_request("password", "")
role = self.get_request("role","")
status = self.get_int_request("status",0)
if uid =="":
self.print_result(False,"error id is empty")
return
if user_url != "":
tmp = user_url.lower()
if not tmp.startswith("http"):
user_url = "http://"+user_url
if not pyUtility.isURL(user_url):
self.print_result(False, "The Format of URL is wrong!")
return
if email == "":
self.print_result(False, "Email Cannot be blank!")
return
if not pyUtility.isEmail(email):
self.print_result(False, "Email Format is incorrect!")
return
user = User().getByID(uid, False)
if not user:
user.close()
self.print_result(False, "Can not find any record")
return
if user.user_email != email:
"""
Check if email has been taken or not
"""
if not User().isEmailUnique(email, False):
self.print_result(False, "Email Has been used")
return
if not password == "":
newPwd = user.getEncodeStr(password)
if newPwd != user.user_pass:
user.user_pass = newPwd
user.user_email = email
user.user_url = user_url
user.role = pyEnum.GetAccountRole(role)
user.user_status = pyEnum.GetAccountStatusID(status)
user.display_name = displayName
if user.update():
self.print_result(True, "Done", self.webroot_url("admin/users/edit/?id="+uid))
else :
self.print_result(False, "Failed to Update DB")
def post(self):
user_account = self.get_request("account","")
email = self.get_request("email", "")
user_url = self.get_request("personal_url", "")
displayName = self.get_request("display_name", "")
password = self.get_request("password", "")
role = self.get_request("role","")
status = self.get_int_request("status",0)
if user_account == "":
self.print_result(False, "User Account Cannot be blank!")
return
if user_url != "":
tmp = user_url.lower()
if not tmp.startswith("http"):
user_url = "http://"+user_url
if not pyUtility.isURL(user_url):
self.print_result(False, "The Format of URL is wrong!")
return
if email == "":
self.print_result(False, "Email Cannot be blank!")
return
if not pyUtility.isEmail(email):
self.print_result(False, "Email Format is incorrect!")
return
if password == "":
self.print_result(False, "Password is empty!")
return
user_account = user_account.lower()
email = email.lower()
if not pyUtility.isAccountLegal(user_account):
self.print_result(False, "The Format of Account is not legal")
return
if not User().isUnique(email=email, acc=user_account):
self.print_result(False, "Account or Email Has been used")
return
user = User()
newPwd = user.getEncodeStr(password)
user.user_login = user_account
user.user_pass = newPwd
user.user_email = email
user.user_url = user_url
user.role = role
user.user_status = status
user.display_name = displayName
newID = user.save()
if newID >0:
self.print_result(True, "Done", self.get_webroot_url()+"admin/users/")
else:
self.print_result(False, "Failed to Add Account to DB")
def post(self):
canRegister = pyCache.WebOptions['users_can_register']
if canRegister !='1':
self.print_result(False, "registration is now closed!")
return
account = self.get_request("account", "")
email = self.get_request("email", "")
url = self.get_request("personal_url", "", False)
displayName = self.get_request("display_name", "")
password = self.get_request("password", "")
validcode = self.get_request("valid_code", "")
if not pyUtility.isAccountLegal(account):
self.print_result(False, "The Format of Account is wrong!")
return
if not pyUtility.isEmail(email):
self.print_result(False, "The Format of Email is wrong!")
return
if not url =="":
tmp = url.lower()
if not tmp.startswith("http"):
url = "http://"+url
if not pyUtility.isURL(url):
self.print_result(False, "The Format of URL is wrong!")
return
if account == "" or email == "" or password == "" or validcode == "":
self.print_result(False, "some of fields can not be blank")
return
if "registercode" in self.session:
if validcode != self.session['registercode']:
del self.session['registercode']
self.print_result(False, "Validation Code is incorrect!")
return
else:
self.print_result(False, "Validation Code is empty!")
return
# register process
del self.session['registercode']
chk = User().isUnique(acc=account, email=email)
if not chk:
self.print_result(False, "Account or Email has been used, Try another one!")
return
user = User()
user.user_login = account
user.user_email = email
user.user_pass = user.getEncodeStr(password)
user.user_url = url
user.display_name = displayName
# ts = str(time.time())
activationKey = user.getEncodeStr(str(account) + "-secret-")
user.user_activation_key = activationKey
if user.save() >0:
self.print_result(True, "The Register Letter Has been sent to your email.")
"""
Send Email to register
"""
p = dict(
activationKey=activationKey,
login_user=account,
admin_email=pyCache.WebOptions['admin_email'],
website_url=self.webroot_url("", True)
)
msg = self.render_string("email/register.html", **p)
subject = "[" + self.web_title() + "] Thank you for joining us"
qm = SingleMail.get_instance()
qm.send_email(email, subject, msg, 'html')
else:
self.print_result(False, "Error, When save to db")