from flask import render_template, request, redirect, url_for from .config import db import re import pymysql def signup(): error_messages = { 'username': '', 'mobileNo': '', 'password': '', 'confirmPassword': '' } if request.method == 'GET': return render_template('signup.html', errors=error_messages) if request.method == 'POST': username = request.form['username'] phone_number = request.form['mobileNo'] password = request.form['encryptedPassword'] confirm_password = request.form['encryptedConfirmPassword'] # Basic validation for phone number if not re.match(r'^\d{11}$', phone_number): error_messages['mobileNo'] = '手机号格式有误' # Check password length after MD5 hash if len(password) != 32: # MD5 hash length is 32 characters error_messages['password'] = '密码格式有误' # Confirm password validation if password != confirm_password: error_messages['confirmPassword'] = '两次输入的密码不一致' if any(error_messages.values()): return render_template('signup.html', errors=error_messages) conn = pymysql.connect(**db) cursor = conn.cursor(pymysql.cursors.DictCursor) # 检查已有用户 sql = """ SELECT COUNT(*) FROM Users \ WHERE Phone_number = %s; """ try: cursor.execute(sql, (phone_number,)) phone_exist = cursor.fetchall()[0]['COUNT(*)'] except Exception as e: error_messages['mobileNo'] = "数据库异常,查询失败" print(e) return render_template('signup.html', errors=error_messages) if phone_exist != 0: error_messages['mobileNo'] = "该手机号已注册,请勿重复注册" conn.close() return render_template('signup.html', errors=error_messages) # 插入 sql = ''' INSERT INTO Users (Phone_number, Username, `Password`) \ VALUES (%s, %s, %s); \ ''' try: cursor.execute(sql, (phone_number, username, password)) conn.commit() return redirect(url_for('index')) except Exception as e: conn.rollback() print(e) error_messages['mobileNo'] = "数据库异常,注册失败" return render_template('signup.html', errors=error_messages) finally: conn.close()