from flask import render_template, request, flash, redirect, url_for, session from typing import Dict from pymysql.cursors import Cursor from .get_db import get_db def get_current_user(cursor: Cursor, phone_number: str): sql = "SELECT Username FROM Users WHERE Phone_number = %s" cursor.execute(sql, (phone_number,)) return cursor.fetchone() def verify_user(cursor: Cursor, phone_number: str, password: str) -> str: sql = """ SELECT Password FROM Users WHERE Phone_number = %s; """ cursor.execute(sql, (phone_number,)) record = cursor.fetchone() if not record: return "NO_USER" if record[0] != password: return "WRONG_PASSWORD" return "USER_VERIFIED" class ModifyInfo: def __init__(self, form: Dict[str, str], user_phone: str): self.phone_number = user_phone print(form) modifyType = form['modifyType'] self.new_password = form.get('encryptedNewPassword', None) self.new_phone_number = form.get('mobileNo', None) self.new_username = form.get('username', None) modifyType2command = { '删除账户': 'delete account', '修改密码': 'modify Password', '修改手机号': 'modify Phone_Number', '修改用户名': 'modify Username' } self.sql_dict = { 'delete account': 'DELETE FROM Users WHERE Phone_number = %s;', 'modify Password': 'UPDATE Users SET Password = %s WHERE Phone_number = %s;', 'modify Phone_Number': 'UPDATE Users SET Phone_number = %s WHERE Phone_number = %s;', 'modify Username': 'UPDATE Users SET Username = %s WHERE Phone_number = %s;' } self.sql_args_dict = { 'delete account': (self.phone_number,), 'modify Password': (self.new_password, self.phone_number), 'modify Phone_Number': (self.new_phone_number, self.phone_number), 'modify Username': (self.new_username, self.phone_number) } self.ok_message_dict = { 'delete account': "删除账户成功", 'modify Password': "修改密码成功", 'modify Phone_Number': "修改手机号成功", 'modify Username': "修改用户名成功" } self.fail_message_dict = { 'delete account': "数据库异常,删除账户失败", 'modify Password': "数据库异常,修改密码失败", 'modify Phone_Number': "数据库异常,修改手机号失败", 'modify Username': "数据库异常,修改用户名失败" } self.command = modifyType2command[modifyType] def get_sql(self): return self.sql_dict[self.command] def get_args(self): return self.sql_args_dict[self.command] def get_ok_message(self): return self.ok_message_dict[self.command] def get_fail_message(self): return self.fail_message_dict[self.command] def modify(): if request.method == 'GET': user_phone = session.get('user_id') db = get_db() cursor = db.cursor() current_user = get_current_user(cursor, user_phone) if not current_user: session.clear() return redirect(url_for('login')) return render_template('modify.html', current_user_phone=user_phone, current_username=current_user[0]) if request.method == 'POST': user_phone = session.get('user_id') password = request.form['encryptedPassword'] db = get_db() cursor = db.cursor() verify_info = verify_user(cursor, user_phone, password) if verify_info == "NO_USER": session.clear() return redirect(url_for('login')) elif verify_info == "WRONG_PASSWORD": flash("密码错误") db.close() return redirect(url_for('modify')) modifyInfo = ModifyInfo(request.form, user_phone) if modifyInfo.command == 'modify Phone_Number': check_sql = "SELECT COUNT(*) FROM Users WHERE Phone_number = %s;" cursor.execute(check_sql, (modifyInfo.new_phone_number,)) if cursor.fetchone()[0] > 0: flash("手机号已存在,请使用其他手机号") db.close() return redirect(url_for('modify')) try: cursor.execute(modifyInfo.get_sql(), modifyInfo.get_args()) db.commit() flash(modifyInfo.get_ok_message()) db.close() if modifyInfo.command in ['modify Phone_Number', 'modify Password', 'delete account']: session.clear() session.pop("user_id", None) return redirect(url_for('login')) elif modifyInfo.command == 'modify Username': return redirect(url_for('modify')) except Exception as e: db.rollback() print(e) flash(modifyInfo.get_fail_message()) db.close() return redirect(url_for('modify'))