-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmain.py
More file actions
167 lines (145 loc) · 6.08 KB
/
main.py
File metadata and controls
167 lines (145 loc) · 6.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
# coding=UTF-8
import cherrypy
import os, os.path
import codecs
from Cheetah.Template import Template
import mysql.connector
import hashlib
def redirect_to_login_if_no_session(func):
def decorate(*args, **kwargs):
if 'sid' not in cherrypy.session:
return login_page("init")
return func(*args, **kwargs)
return decorate
def template_render(fname, params):
page = os.path.join('html', fname)
f = codecs.open(page, encoding='utf-8')
temp = f.read()
rend = Template(temp)
for key, value in params.iteritems():
setattr(rend, key, value)
return unicode(rend)
def execute_query(query, params):
cnx = mysql.connector.connect(user='root',
password='master',
host='127.0.0.1',
database='markbook')
cursor = cnx.cursor()
cursor.execute(query, params)
try:
rows = cursor.fetchall()
except:
rows = None
cnx.commit()
return rows
def login_page(message):
if 'sid' in cherrypy.session:
raise cherrypy.HTTPRedirect("/user?id=" + cherrypy.session['user_id'])
return template_render('login.html', {'message': message})
class Root(object):
@cherrypy.expose
def checklogin(self, username, passwd, action):
try:
query = "SELECT password, id FROM markbook.users WHERE login = %s "
rows = execute_query(query, [username])
if len(rows) > 0:
if (rows[0][0].lower() == hashlib.md5(passwd).hexdigest().lower()):
cherrypy.session['sid'] = cherrypy.session.id
cherrypy.session['user_id'] = str(rows[0][1])
raise cherrypy.HTTPRedirect("/user?id=" + str(rows[0][1]))
else:
return login_page("Отказано в доступе!")
else:
return login_page("Отказано в доступе!! ")
except cherrypy.HTTPRedirect:
raise
except Exception, e:
return login_page("Отказано в доступе!!!"+e.message)
@cherrypy.expose
@redirect_to_login_if_no_session
def index(self):
try:
raise cherrypy.HTTPRedirect("/user?id=" + cherrypy.session['user_id'])
except cherrypy.HTTPRedirect:
raise
except Exception, e:
cherrypy.log("Root. Template Render Failure!", traceback=True)
return error_page(str(e))
@cherrypy.expose
def logout(self):
cherrypy.session.delete()
return login_page("init")
@cherrypy.expose
@redirect_to_login_if_no_session
def user(self, id):
if cherrypy.session['user_id'] != id:
return login_page("init")
query = "SELECT name, is_admin FROM markbook.users WHERE id = %s "
rows = execute_query(query, [id])
if not rows:
pass
user_name = rows[0][0]
is_admin = rows[0][1]
has_photo = os.path.isfile("./public/user_photos/" + id + ".jpg")
photo = id + ".jpg"
query = "SELECT id, name FROM markbook.courses WHERE id_instructor = %s "
rows = execute_query(query, [id])
list = [{"id":i[0],"name":i[1]} for i in rows]
return template_render('user_page.html', {'user_name' : user_name,
'has_photo' : has_photo,
'photo' : photo,
'id' : id,
'courses': list,
'is_admin': is_admin})
@cherrypy.expose
def upload(self, id, ufile):
if 'sid' not in cherrypy.session:
return "ok"
upload_path = "./public/user_photos/"
upload_filename = str(id) + ".jpg"
upload_file = os.path.join(upload_path, upload_filename)
size = 0
with open(upload_file, 'wb') as out:
while True:
data = ufile.file.read(8192)
if not data:
break
out.write(data)
size += len(data)
raise cherrypy.HTTPRedirect("/user?id=" + id)
@cherrypy.expose
def registration(self):
if 'sid' in cherrypy.session:
raise cherrypy.HTTPRedirect("/user?id=" + cherrypy.session['user_id'])
return template_render('user_edit.html',{})
@cherrypy.expose
def login_exists(self, login):
if 'sid' not in cherrypy.session:
return "ok"
query = "Select id from markbook.users where login = %s"
rows = execute_query(query, [login])
return str(len(rows))
@cherrypy.expose
def add_user(self, login, password, name, comment):
query = "Insert into markbook.users (name, comment, login, password) values (%s, %s, %s, %s)"
rows = execute_query(query, [name, comment, login, hashlib.md5(password).hexdigest().lower()])
return login_page("init")
@cherrypy.expose
@redirect_to_login_if_no_session
def course_registration(self):
query = "Select is_admin from markbook.users where id = %s"
rows = execute_query(query, [cherrypy.session['user_id']])
if not rows:
raise cherrypy.HTTPRedirect("/user?id=" + cherrypy.session['user_id'])
if rows[0][0] == 0:
raise cherrypy.HTTPRedirect("/user?id=" + cherrypy.session['user_id'])
query = "Select id, name, login from markbook.users"
rows = execute_query(query, [])
list = [{"id" : i[0], "name" : i[1], "login" : i[2]} for i in rows]
return template_render('course_edit.html',{"users" : list})
@cherrypy.expose
def add_course(self, name, instructor):
query = "Insert into markbook.courses (name, id_instructor) values (%s, %s)"
rows = execute_query(query, [name, instructor])
return "ok";
cherrypy.quickstart(Root(), '/', "app.conf")