from flask import Flask, render_template, request, flash, redirect, url_for import pymysql from pymysql.cursors import Cursor import os from typing import Dict app = Flask(__name__) app.secret_key = os.environ.get('SECRET_KEY', 'OPTIONALSECRETKEY') def get_db(): return pymysql.connect( host='localhost', user='kejingfan', password='KJF2811879', database='TESTDB' ) @app.route("/") def index(): return render_template("index.html") @app.route("/signup.html", methods=('GET', 'POST')) def signup(): if request.method == 'GET': return render_template('signup.html') if request.method == 'POST': id = request.form['cardCode'] name = request.form['name'] phone_number = request.form['mobileNo'] password = request.form['encryptedPassword'] db = get_db() cursor = db.cursor() # 检查已有用户 sql = """ SELECT COUNT(*) FROM passengers \ WHERE ID = %s; """ try: cursor.execute(sql, (id,)) id_exist = cursor.fetchall()[0][0] except Exception as e: flash("数据库异常,查询失败") print(e) return redirect(url_for('signup')) if (id_exist != 0): flash("您已注册过,请勿重复注册") db.close() return redirect(url_for('index')) # 插入 sql = ''' INSERT INTO passengers (ID, `Name`, Phone_number, `Password`) \ VALUES (%s, %s, %s, %s); \ ''' try: cursor.execute(sql, (id, name, phone_number, password)) db.commit() flash("注册成功") except Exception as e: db.rollback() print(e) flash("数据库异常,注册失败") db.close() return redirect(url_for('index')) def verify_user(cursor:Cursor, id:str, password:str) -> str: # 检查已有用户 sql = """ SELECT COUNT(*) FROM passengers \ WHERE ID = %s; """ try: cursor.execute(sql, (id,)) id_exist = cursor.fetchall()[0][0] except Exception as e: flash("数据库异常,查询失败") print(e) return redirect(url_for('signup')) if (id_exist == 0): return "NO_USER" # 检查密码 sql = """ SELECT `Password` FROM passengers \ WHERE ID = %s; """ try: cursor.execute(sql, (id,)) record_password = cursor.fetchall()[0][0] except Exception as e: flash("数据库异常,查询失败") print(e) return redirect(url_for('modify')) if (record_password != password): return "WRONG_PASSWORD" return "USER_VERIFIED" class ModifyInfo: def __init__(self, form:Dict[str, str]): self.id = form['cardCode'] modifyType = form['modifyType'] self.new_password = form['encryptedNewPassword'] self.phone_number = form['mobileNo'] modifyType2command = { '1':'delete account', '2':'modify Password', '3':'modify Phone_Number' } self.sql_dict = { 'delete account': 'DELETE FROM passengers WHERE ID = %s;', 'modify Password': 'UPDATE passengers SET `Password` = %s WHERE ID = %s;', 'modify Phone_Number': 'UPDATE passengers SET Phone_number = %s WHERE ID = %s;' } self.sql_args_dict = { 'delete account': (self.id,), 'modify Password': (self.new_password, self.id), 'modify Phone_Number': (self.phone_number, self.id) } self.ok_message_dict = { 'delete account': "删除账户成功", 'modify Password': "修改密码成功", 'modify Phone_Number': "修改手机号成功" } self.fail_message_dict = { 'delete account': "数据库异常,删除账户失败", 'modify Password': "数据库异常,修改密码失败", 'modify Phone_Number': "数据库异常,修改手机号失败" } self.command = modifyType2command[modifyType] def get_sql(self): return self.sql_dict[self.command] def get_args(self): return self.sql_args_dict[self.command] def get_ok_message(self): return self.ok_message_dict[self.command] def get_fail_message(self): return self.fail_message_dict[self.command] @app.route("/modify.html", methods=('GET', 'POST')) def modify(): if request.method == 'GET': return render_template('modify.html') if request.method == 'POST': id = request.form['cardCode'] password = request.form['encryptedPassword'] db = get_db() cursor = db.cursor() verify_info = verify_user(cursor, id, password) if (verify_info == "NO_USER"): flash("您未注册过,无法修改账号") db.close() return redirect(url_for('signup')) elif (verify_info == "WRONG_PASSWORD"): flash("密码错误") db.close() return redirect(url_for('modify')) modifyInfo = ModifyInfo(request.form) try: cursor.execute(modifyInfo.get_sql(), modifyInfo.get_args()) db.commit() flash(modifyInfo.get_ok_message()) except Exception as e: db.rollback() print(e) flash(modifyInfo.get_fail_message()) db.close() return redirect(url_for('index'))