1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 | #controllers/signup.pyimport config, lib, datetime, uuidfrom bottle import route, template, request, redirectfrom models import userdb@route('/signup')def signup(): config.kargs['blogTitle'] = "ទំព័រសមាជិក" config.kargs['posts'] = userdb.select(config.kargs['dashboardPostLimit']) config.kargs['thumbs'] = lib.getPostThumbs(config.kargs['posts'], type="user") config.kargs['page'] = 1 return template('dashboard/signup', data=config.kargs)@route('/user/<id:int>')def post(id): config.kargs['blogTitle'] = "ទំព័រសមាជិក" config.kargs['frontPagePostLimit'] = 20 config.kargs['post'] = userdb.select(1, id) config.kargs['posts'] = userdb.select(config.kargs['frontPagePostLimit']) config.kargs['thumbs'] = lib.getPostThumbs(config.kargs['posts'], "user") config.kargs['page'] = 1 author = request.get_cookie("logged-in", secret=config.kargs['secretKey']) if author: config.kargs['showEdit'] = True return template('user', data=config.kargs)@route('/signup', method="POST")def signupPost(): author = request.get_cookie("logged-in", secret=config.kargs['secretKey']) user = userdb.createTable() username = request.forms.getunicode('fusername') password = request.forms.getunicode('fpassword') rights = request.forms.getunicode('frights') email = request.forms.getunicode('femail') profile = request.forms.getunicode('fprofile') gender = request.forms.getunicode('fgender') if not user: userdb.insert(str(uuid.uuid4().int), username, password, "Admin", email, profile, gender) else: if ((author != "Guest") and userdb.checkAdmin(author)): if 'postId' in config.kargs: id = config.kargs['postId'] userdb.update(username, password, rights, email, profile, gender, id) del config.kargs['postId'] else: userdb.insert(str(uuid.uuid4().int), username, password, rights, email, profile, gender) redirect('/signup') redirect('/login')@route('/user/edit/<id:int>')def edit(id): author = request.get_cookie("logged-in", secret=config.kargs['secretKey']) if ((author != "Guest") and userdb.checkAdmin(author)): config.kargs['blogTitle'] = "ទំព័រកែតំរូវ" config.kargs['posts'] = userdb.select(config.kargs['dashboardPostLimit']) config.kargs['thumbs'] = lib.getPostThumbs(config.kargs['posts'], type="user") config.kargs['post'] = userdb.select(1, id) config.kargs['edit'] = True config.kargs['postId'] = id config.kargs['page'] = 1 return template('dashboard/signup', data=config.kargs) redirect('/signup')@route('/user/delete/<id:int>')def delete(id): author = request.get_cookie("logged-in", secret=config.kargs['secretKey']) if ((author != "Guest") and userdb.checkAdmin(author)): userdb.delete(id) redirect('/signup')@route('/user/paginate/<place>')def paginate(place): if place == "frontEnd": postLimit = config.kargs['frontPagePostLimit'] else: postLimit = config.kargs['dashboardPostLimit'] posts = userdb.select(postLimit, page=config.kargs['page']) if posts: config.kargs['page'] += 1 thumbs = lib.getPostThumbs(posts, type='user') return {'json':posts, 'thumbs':thumbs} else: return {'json':0} |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 | #models/userdb.pyimport osimport psycopg2def createTable(): if 'DYNO' in os.environ: DATABASE_URL = os.environ['DATABASE_URL'] conn = psycopg2.connect(DATABASE_URL, sslmode='require') cursor = conn.cursor() else: conn = psycopg2.connect( database="postgres", user="postgres", password="sokhavuth", host="localhost", port="5432" ) cursor = conn.cursor() SQL = '''CREATE TABLE IF NOT EXISTS USERS( ID TEXT, USERNAME TEXT, PASSWORD TEXT, RIGHTS TEXT, EMAIL TEXT, PROFILE TEXT, GENDER TEXT )''' cursor.execute(SQL) cursor.execute("SELECT ID FROM USERS LIMIT 1") result = cursor.fetchone() conn.commit() conn.close() return resultdef insert(*user): if 'DYNO' in os.environ: DATABASE_URL = os.environ['DATABASE_URL'] conn = psycopg2.connect(DATABASE_URL, sslmode='require') cursor = conn.cursor() else: conn = psycopg2.connect( database="postgres", user="postgres", password="sokhavuth", host="localhost", port="5432" ) cursor = conn.cursor() cursor.execute("INSERT INTO USERS (ID, USERNAME, PASSWORD, RIGHTS, EMAIL, PROFILE, GENDER) VALUES %s ", (user,)) conn.commit() conn.close()def check(username, password): if 'DYNO' in os.environ: DATABASE_URL = os.environ['DATABASE_URL'] conn = psycopg2.connect(DATABASE_URL, sslmode='require') cursor = conn.cursor() else: conn = psycopg2.connect( database="postgres", user="postgres", password="sokhavuth", host="localhost", port="5432" ) cursor = conn.cursor() cursor.execute("SELECT USERNAME, PASSWORD FROM USERS WHERE USERNAME = '"+ username + "' and PASSWORD = '" + password + "' LIMIT 1") result = cursor.fetchone() if result: return True else: return False def checkAdmin(username): if 'DYNO' in os.environ: DATABASE_URL = os.environ['DATABASE_URL'] conn = psycopg2.connect(DATABASE_URL, sslmode='require') cursor = conn.cursor() else: conn = psycopg2.connect( database="postgres", user="postgres", password="sokhavuth", host="localhost", port="5432" ) cursor = conn.cursor() cursor.execute("SELECT USERNAME, RIGHTS FROM USERS WHERE USERNAME = '"+ username + "' and RIGHTS = 'Admin' LIMIT 1") result = cursor.fetchone() if result: return True else: return Falsedef select(amount, id=None, page=0): createTable() if 'DYNO' in os.environ: DATABASE_URL = os.environ['DATABASE_URL'] conn = psycopg2.connect(DATABASE_URL, sslmode='require') cursor = conn.cursor() else: conn = psycopg2.connect( database="postgres", user="postgres", password="sokhavuth", host="localhost", port="5432" ) cursor = conn.cursor() if id and (amount == 1): cursor.execute("SELECT * FROM USERS WHERE ID = '" + str(id) +"'") elif page: SQL = "SELECT * FROM USERS ORDER BY CTID DESC OFFSET %s ROWS FETCH NEXT %s ROWS ONLY" cursor.execute(SQL, (amount*page, amount)) else: cursor.execute("SELECT * FROM USERS ORDER BY CTID DESC LIMIT " + str(amount)) result = cursor.fetchall() return resultdef update(*args): if 'DYNO' in os.environ: DATABASE_URL = os.environ['DATABASE_URL'] conn = psycopg2.connect(DATABASE_URL, sslmode='require') cursor = conn.cursor() else: conn = psycopg2.connect( database="postgres", user="postgres", password="sokhavuth", host="localhost", port="5432" ) cursor = conn.cursor() sql = "UPDATE USERS SET USERNAME = %s, PASSWORD = %s, RIGHTS = %s, EMAIL = %s, PROFILE = %s, GENDER = %s WHERE ID = '%s' " cursor.execute(sql, args) conn.commit() conn.close()def delete(id): if 'DYNO' in os.environ: DATABASE_URL = os.environ['DATABASE_URL'] conn = psycopg2.connect(DATABASE_URL, sslmode='require') cursor = conn.cursor() else: conn = psycopg2.connect( database="postgres", user="postgres", password="sokhavuth", host="localhost", port="5432" ) cursor = conn.cursor() cursor.execute("DELETE FROM USERS WHERE ID = '" + str(id) + "'") conn.commit() conn.close() |
GitHub: https://github.com/Sokhavuth/kwblog
Heroku: https://khmerweb-kwblog.herokuapp.com/
