179 lines
5.6 KiB
Python
179 lines
5.6 KiB
Python
from flask import Flask, render_template, request, flash, redirect, url_for
|
|
import pymysql
|
|
from pymysql.cursors import Cursor
|
|
import os
|
|
from typing import Dict
|
|
|
|
|
|
app = Flask(__name__)
|
|
app.secret_key = os.environ.get('SECRET_KEY', 'OPTIONALSECRETKEY')
|
|
|
|
|
|
def get_db():
|
|
return pymysql.connect(
|
|
host='localhost', user='kejingfan',
|
|
password='KJF2811879', database='TESTDB'
|
|
)
|
|
|
|
|
|
@app.route("/")
|
|
def index():
|
|
return render_template("index.html")
|
|
|
|
|
|
@app.route("/signup.html", methods=('GET', 'POST'))
|
|
def signup():
|
|
if request.method == 'GET':
|
|
return render_template('signup.html')
|
|
|
|
if request.method == 'POST':
|
|
id = request.form['cardCode']
|
|
name = request.form['name']
|
|
phone_number = request.form['mobileNo']
|
|
password = request.form['encryptedPassword']
|
|
|
|
db = get_db()
|
|
cursor = db.cursor()
|
|
|
|
# 检查已有用户
|
|
sql = """
|
|
SELECT COUNT(*) FROM passengers \
|
|
WHERE ID = %s;
|
|
"""
|
|
try:
|
|
cursor.execute(sql, (id,))
|
|
id_exist = cursor.fetchall()[0][0]
|
|
except Exception as e:
|
|
flash("数据库异常,查询失败")
|
|
print(e)
|
|
return redirect(url_for('signup'))
|
|
if (id_exist != 0):
|
|
flash("您已注册过,请勿重复注册")
|
|
db.close()
|
|
return redirect(url_for('index'))
|
|
|
|
# 插入
|
|
sql = '''
|
|
INSERT INTO passengers (ID, `Name`, Phone_number, `Password`) \
|
|
VALUES (%s, %s, %s, %s); \
|
|
'''
|
|
try:
|
|
cursor.execute(sql, (id, name, phone_number, password))
|
|
db.commit()
|
|
flash("注册成功")
|
|
except Exception as e:
|
|
db.rollback()
|
|
print(e)
|
|
flash("数据库异常,注册失败")
|
|
db.close()
|
|
return redirect(url_for('index'))
|
|
|
|
|
|
def verify_user(cursor:Cursor, id:str, password:str) -> str:
|
|
# 检查已有用户
|
|
sql = """
|
|
SELECT COUNT(*) FROM passengers \
|
|
WHERE ID = %s;
|
|
"""
|
|
try:
|
|
cursor.execute(sql, (id,))
|
|
id_exist = cursor.fetchall()[0][0]
|
|
except Exception as e:
|
|
flash("数据库异常,查询失败")
|
|
print(e)
|
|
return redirect(url_for('signup'))
|
|
if (id_exist == 0):
|
|
return "NO_USER"
|
|
|
|
# 检查密码
|
|
sql = """
|
|
SELECT `Password` FROM passengers \
|
|
WHERE ID = %s;
|
|
"""
|
|
try:
|
|
cursor.execute(sql, (id,))
|
|
record_password = cursor.fetchall()[0][0]
|
|
except Exception as e:
|
|
flash("数据库异常,查询失败")
|
|
print(e)
|
|
return redirect(url_for('modify'))
|
|
if (record_password != password):
|
|
return "WRONG_PASSWORD"
|
|
|
|
return "USER_VERIFIED"
|
|
|
|
|
|
class ModifyInfo:
|
|
def __init__(self, form:Dict[str, str]):
|
|
self.id = form['cardCode']
|
|
modifyType = form['modifyType']
|
|
self.new_password = form['encryptedNewPassword']
|
|
self.phone_number = form['mobileNo']
|
|
modifyType2command = {
|
|
'1':'delete account',
|
|
'2':'modify Password',
|
|
'3':'modify Phone_Number'
|
|
}
|
|
self.sql_dict = {
|
|
'delete account': 'DELETE FROM passengers WHERE ID = %s;',
|
|
'modify Password': 'UPDATE passengers SET `Password` = %s WHERE ID = %s;',
|
|
'modify Phone_Number': 'UPDATE passengers SET Phone_number = %s WHERE ID = %s;'
|
|
}
|
|
self.sql_args_dict = {
|
|
'delete account': (self.id,),
|
|
'modify Password': (self.new_password, self.id),
|
|
'modify Phone_Number': (self.phone_number, self.id)
|
|
}
|
|
self.ok_message_dict = {
|
|
'delete account': "删除账户成功",
|
|
'modify Password': "修改密码成功",
|
|
'modify Phone_Number': "修改手机号成功"
|
|
}
|
|
self.fail_message_dict = {
|
|
'delete account': "数据库异常,删除账户失败",
|
|
'modify Password': "数据库异常,修改密码失败",
|
|
'modify Phone_Number': "数据库异常,修改手机号失败"
|
|
}
|
|
self.command = modifyType2command[modifyType]
|
|
def get_sql(self):
|
|
return self.sql_dict[self.command]
|
|
def get_args(self):
|
|
return self.sql_args_dict[self.command]
|
|
def get_ok_message(self):
|
|
return self.ok_message_dict[self.command]
|
|
def get_fail_message(self):
|
|
return self.fail_message_dict[self.command]
|
|
|
|
|
|
@app.route("/modify.html", methods=('GET', 'POST'))
|
|
def modify():
|
|
if request.method == 'GET':
|
|
return render_template('modify.html')
|
|
|
|
if request.method == 'POST':
|
|
id = request.form['cardCode']
|
|
password = request.form['encryptedPassword']
|
|
db = get_db()
|
|
cursor = db.cursor()
|
|
|
|
verify_info = verify_user(cursor, id, password)
|
|
if (verify_info == "NO_USER"):
|
|
flash("您未注册过,无法修改账号")
|
|
db.close()
|
|
return redirect(url_for('signup'))
|
|
elif (verify_info == "WRONG_PASSWORD"):
|
|
flash("密码错误")
|
|
db.close()
|
|
return redirect(url_for('modify'))
|
|
|
|
modifyInfo = ModifyInfo(request.form)
|
|
try:
|
|
cursor.execute(modifyInfo.get_sql(), modifyInfo.get_args())
|
|
db.commit()
|
|
flash(modifyInfo.get_ok_message())
|
|
except Exception as e:
|
|
db.rollback()
|
|
print(e)
|
|
flash(modifyInfo.get_fail_message())
|
|
db.close()
|
|
return redirect(url_for('index')) |