示例#1
0
    def post(self):

        email = self.get_request("email", "")
        user_url = self.get_request("personal_url", "")
        displayName = self.get_request("display_name", "")
        password = self.get_request("password", "")
        crsf = self.get_request("_xsrf","")
        user_crsf = self.get_cookie("_xsrf","unknown")
        self.clear_cookie("_xsrf")
        if crsf != user_crsf or user_crsf =="unknown":
            self.print_result(False, "Xsrf protected!")
            return
        if user_url != "":
            tmp = user_url.lower()
            if not tmp.startswith("http"):
                user_url = "http://"+user_url
            if not pyUtility.isURL(user_url):
                self.print_result(False, "The Format of URL is wrong!")
                return
        if email == "":
            self.print_result(False, "Email Cannot be blank!")
            return
        if not pyUtility.isEmail(email):
            self.print_result(False, "Email Format is incorrect!")
            return

        current = self.get_current_user()
        if current['user_email'] != email:
            """
                Check if email has been taken or not
            """
            if not User().isEmailUnique(email):

                self.print_result(False, "Email Has been used")
                return
        user = User().getByID(current['ID'], False)
        if user:
            if not password == "":
                newPwd = user.getEncodeStr(password)
                if newPwd != user.user_pass:
                    user.user_pass = newPwd
            user.user_email = email
            user.user_url = user_url
            user.display_name = displayName
            newUserData = user.row2dict()
            if user.update():
                self.set_current_user(newUserData)
                self.print_result(True, "Done")
            else :
                self.print_result(False, "Failed to Update DB")
        else:
            # find failed
            self.print_result(False, "Can not find any record")
示例#2
0
    def post(self):
        uid = self.get_request("id","")
        email = self.get_request("email", "")
        user_url = self.get_request("personal_url", "")
        displayName = self.get_request("display_name", "")
        password = self.get_request("password", "")
        role = self.get_request("role","")
        status = self.get_int_request("status",0)
        if uid =="":
            self.print_result(False,"error id is empty")
            return

        if user_url != "":
            tmp = user_url.lower()
            if not tmp.startswith("http"):
                user_url = "http://"+user_url
            if not pyUtility.isURL(user_url):
                self.print_result(False, "The Format of URL is wrong!")
                return
        if email == "":
            self.print_result(False, "Email Cannot be blank!")
            return
        if not pyUtility.isEmail(email):
            self.print_result(False, "Email Format is incorrect!")
            return

        user = User().getByID(uid, False)
        if not user:
            user.close()
            self.print_result(False, "Can not find any record")
            return
        if user.user_email != email:
            """
                Check if email has been taken or not
            """
            if not User().isEmailUnique(email, False):
                self.print_result(False, "Email Has been used")
                return
        if not password == "":
            newPwd = user.getEncodeStr(password)
            if newPwd != user.user_pass:
                user.user_pass = newPwd
        user.user_email = email
        user.user_url = user_url
        user.role = pyEnum.GetAccountRole(role)
        user.user_status = pyEnum.GetAccountStatusID(status)
        user.display_name = displayName
        if user.update():
            self.print_result(True, "Done", self.webroot_url("admin/users/edit/?id="+uid))
        else :
            self.print_result(False, "Failed to Update DB")
示例#3
0
 def post(self):
     user_account = self.get_request("account","")
     email = self.get_request("email", "")
     user_url = self.get_request("personal_url", "")
     displayName = self.get_request("display_name", "")
     password = self.get_request("password", "")
     role = self.get_request("role","")
     status = self.get_int_request("status",0)
     if user_account == "":
         self.print_result(False, "User Account Cannot be blank!")
         return
     if user_url != "":
         tmp = user_url.lower()
         if not tmp.startswith("http"):
             user_url = "http://"+user_url
         if not pyUtility.isURL(user_url):
             self.print_result(False, "The Format of URL is wrong!")
             return
     if email == "":
         self.print_result(False, "Email Cannot be blank!")
         return
     if not pyUtility.isEmail(email):
         self.print_result(False, "Email Format is incorrect!")
         return
     if password == "":
         self.print_result(False, "Password is empty!")
         return
     user_account = user_account.lower()
     email = email.lower()
     if not pyUtility.isAccountLegal(user_account):
         self.print_result(False, "The Format of Account is not legal")
         return
     if not User().isUnique(email=email, acc=user_account):
         self.print_result(False, "Account or Email Has been used")
         return
     user = User()
     newPwd = user.getEncodeStr(password)
     user.user_login = user_account
     user.user_pass = newPwd
     user.user_email = email
     user.user_url = user_url
     user.role = role
     user.user_status = status
     user.display_name = displayName
     newID = user.save()
     if newID >0:
         self.print_result(True, "Done", self.get_webroot_url()+"admin/users/")
     else:
         self.print_result(False, "Failed to Add Account to DB")
示例#4
0
    def post(self):
        canRegister = pyCache.WebOptions['users_can_register']
        if canRegister !='1':
            self.print_result(False, "registration is now closed!")
            return

        account = self.get_request("account", "")
        email = self.get_request("email", "")
        url = self.get_request("personal_url", "", False)
        displayName = self.get_request("display_name", "")
        password = self.get_request("password", "")
        validcode = self.get_request("valid_code", "")

        if not pyUtility.isAccountLegal(account):
            self.print_result(False, "The Format of Account is wrong!")
            return
        if not pyUtility.isEmail(email):
            self.print_result(False, "The Format of Email is wrong!")
            return

        if not url =="":
            tmp = url.lower()
            if not tmp.startswith("http"):
                url = "http://"+url
            if not pyUtility.isURL(url):
                self.print_result(False, "The Format of URL is wrong!")
                return

        if account == "" or email == "" or password == "" or validcode == "":
            self.print_result(False, "some of fields can not be blank")
            return
        if "registercode" in self.session:
            if validcode != self.session['registercode']:
                del self.session['registercode']
                self.print_result(False, "Validation Code is incorrect!")
                return
        else:
            self.print_result(False, "Validation Code is empty!")
            return
            # register process
        del self.session['registercode']

        chk = User().isUnique(acc=account, email=email)
        if not chk:
            self.print_result(False, "Account or Email has been used, Try another one!")
            return

        user = User()
        user.user_login = account
        user.user_email = email
        user.user_pass = user.getEncodeStr(password)
        user.user_url = url
        user.display_name = displayName
        # ts = str(time.time())
        activationKey = user.getEncodeStr(str(account) + "-secret-")
        user.user_activation_key = activationKey
        if user.save() >0:
            self.print_result(True, "The Register Letter Has been sent to your email.")
            """
                Send Email to register
            """
            p = dict(
                activationKey=activationKey,
                login_user=account,
                admin_email=pyCache.WebOptions['admin_email'],
                website_url=self.webroot_url("", True)
            )
            msg = self.render_string("email/register.html", **p)
            subject = "[" + self.web_title() + "] Thank you for joining us"
            qm = SingleMail.get_instance()
            qm.send_email(email, subject, msg, 'html')
        else:
            self.print_result(False, "Error, When save to db")