Principles_of_Database_System/Project/Service/func/signup.py

from flask import render_template, request, redirect, url_for
from .config import db
import re
import pymysql

def signup():
    error_messages = {
        'username': '',
        'mobileNo': '',
        'password': '',
        'confirmPassword': ''
    }

    if request.method == 'GET':
        return render_template('signup.html', errors=error_messages)
    
    if request.method == 'POST':
        username = request.form['username']
        phone_number = request.form['mobileNo']
        password = request.form['encryptedPassword']
        confirm_password = request.form['encryptedConfirmPassword']

        # Basic validation for phone number
        if not re.match(r'^\d{11}$', phone_number):
            error_messages['mobileNo'] = '手机号格式有误'

        # Check password length after MD5 hash
        if len(password) != 32:  # MD5 hash length is 32 characters
            error_messages['password'] = '密码格式有误'

        # Confirm password validation
        if password != confirm_password:
            error_messages['confirmPassword'] = '两次输入的密码不一致'

        if any(error_messages.values()):
            return render_template('signup.html', errors=error_messages)

        conn = pymysql.connect(**db)
        cursor = conn.cursor(pymysql.cursors.DictCursor)

        # 检查已有用户
        sql = """
        SELECT COUNT(*) FROM Users \
        WHERE Phone_number = %s;
        """
        try:
            cursor.execute(sql, (phone_number,))
            phone_exist = cursor.fetchall()[0]['COUNT(*)']
        except Exception as e:
            error_messages['mobileNo'] = "数据库异常，查询失败"
            print(e)
            return render_template('signup.html', errors=error_messages)
        
        if phone_exist != 0:
            error_messages['mobileNo'] = "该手机号已注册，请勿重复注册"
            conn.close()
            return render_template('signup.html', errors=error_messages)

        # 插入
        sql = '''
        INSERT INTO Users (Phone_number, Username, `Password`) \
        VALUES (%s, %s, %s); \
        '''
        try:
            cursor.execute(sql, (phone_number, username, password))
            conn.commit()
            return redirect(url_for('index'))
        except Exception as e:
            conn.rollback()
            print(e)
            error_messages['mobileNo'] = "数据库异常，注册失败"
            return render_template('signup.html', errors=error_messages)
        finally:
            conn.close()