|
|
@@ -47,26 +47,25 @@ def redirect(data):
|
|
|
def re_error(data):
|
|
|
if(data == '/ban'):
|
|
|
ip = ip_check()
|
|
|
+ end = '권한이 맞지 않는 상태 입니다.'
|
|
|
if(ban_check() == 1):
|
|
|
curs.execute("select end, why from ban where block = ?", [ip])
|
|
|
- rows = curs.fetchall()
|
|
|
- if(not rows):
|
|
|
- data = re.search("^([0-9](?:[0-9]?[0-9]?)\.[0-9](?:[0-9]?[0-9]?))", ip)
|
|
|
- if(data):
|
|
|
- results = data.groups()
|
|
|
- curs.execute("select end, why from ban where block = ? and band = 'O'", [results[0]])
|
|
|
-
|
|
|
- rows = curs.fetchall()
|
|
|
+ d = curs.fetchall()
|
|
|
+ if(not d):
|
|
|
+ m = re.search("^([0-9]{1,3}\.[0-9]{1,3})", ip)
|
|
|
+ if(m):
|
|
|
+ curs.execute("select end, why from ban where block = ? and band = 'O'", [m.groups()[0]])
|
|
|
+ d = curs.fetchall()
|
|
|
|
|
|
- if(rows):
|
|
|
- if(rows[0][0]):
|
|
|
- end = rows[0][0] + ' 까지 차단 상태 입니다. / 사유 : ' + rows[0][1]
|
|
|
+ if(d):
|
|
|
+ if(d[0][0]):
|
|
|
+ end = d[0][0] + ' 까지 차단 상태 입니다. / 사유 : ' + d[0][1]
|
|
|
|
|
|
now = re.sub(':', '', get_time())
|
|
|
now = re.sub('\-', '', now)
|
|
|
now = int(re.sub(' ', '', now))
|
|
|
|
|
|
- day = re.sub('\-', '', rows[0][0])
|
|
|
+ day = re.sub('\-', '', d[0][0])
|
|
|
|
|
|
if(now >= int(day + '000000')):
|
|
|
curs.execute("delete from ban where block = ?", [ip])
|
|
|
@@ -74,11 +73,8 @@ def re_error(data):
|
|
|
|
|
|
end = '차단이 풀렸습니다. 다시 시도 해 보세요.'
|
|
|
else:
|
|
|
- end = '영구 차단 상태 입니다. / 사유 : ' + rows[0][1]
|
|
|
- else:
|
|
|
- end = '권한이 맞지 않는 상태 입니다.'
|
|
|
- else:
|
|
|
- end = '권한이 맞지 않는 상태 입니다.'
|
|
|
+ end = '영구 차단 상태 입니다. / 사유 : ' + d[0][1]
|
|
|
+
|
|
|
|
|
|
return(
|
|
|
html_minify(
|
|
|
@@ -177,10 +173,10 @@ try:
|
|
|
print('move 테이블 생성')
|
|
|
|
|
|
curs.execute('select data from other where name = "skin"')
|
|
|
- s_d = curs.fetchall()
|
|
|
- if(s_d):
|
|
|
- if(os.path.exists(os.path.abspath('./views/' + s_d[0][0] + '/index.tpl')) == 1):
|
|
|
- TEMPLATE_PATH.insert(0, './views/' + s_d[0][0] + '/')
|
|
|
+ skin_exist = curs.fetchall()
|
|
|
+ if(skin_exist):
|
|
|
+ if(os.path.exists(os.path.abspath('./views/' + skin_exist[0][0] + '/index.tpl')) == 1):
|
|
|
+ TEMPLATE_PATH.insert(0, './views/' + skin_exist[0][0] + '/')
|
|
|
else:
|
|
|
TEMPLATE_PATH.insert(0, './views/yousoro/')
|
|
|
else:
|
|
|
@@ -300,13 +296,13 @@ def edit_set(num = 0):
|
|
|
elif(num == 1):
|
|
|
if(admin_check(None, 'edit_set') == 1):
|
|
|
if(request.method == 'POST'):
|
|
|
- curs.execute("update other set data = ? where name = ?", [request.forms.name, 'name'])
|
|
|
- curs.execute("update other set data = ? where name = 'frontpage'", [request.forms.frontpage])
|
|
|
- curs.execute("update other set data = ? where name = 'license'", [request.forms.license])
|
|
|
- curs.execute("update other set data = ? where name = 'upload'", [request.forms.upload])
|
|
|
- curs.execute("update other set data = ? where name = 'skin'", [request.forms.skin])
|
|
|
- curs.execute("update other set data = ? where name = 'edit'", [request.forms.edit])
|
|
|
- curs.execute("update other set data = ? where name = 'reg'", [request.forms.reg])
|
|
|
+ curs.execute("update other set data = ? where name = ?", [request.forms.get('name'), 'name'])
|
|
|
+ curs.execute("update other set data = ? where name = 'frontpage'", [request.forms.get('frontpage')])
|
|
|
+ curs.execute("update other set data = ? where name = 'license'", [request.forms.get('license')])
|
|
|
+ curs.execute("update other set data = ? where name = 'upload'", [request.forms.get('upload')])
|
|
|
+ curs.execute("update other set data = ? where name = 'skin'", [request.forms.get('skin')])
|
|
|
+ curs.execute("update other set data = ? where name = 'edit'", [request.forms.get('edit')])
|
|
|
+ curs.execute("update other set data = ? where name = 'reg'", [request.forms.get('reg')])
|
|
|
conn.commit()
|
|
|
|
|
|
return(redirect('/edit_set/1'))
|
|
|
@@ -402,7 +398,7 @@ def edit_set(num = 0):
|
|
|
elif(num == 2):
|
|
|
if(admin_check(None, 'edit_set') == 1):
|
|
|
if(request.method == 'POST'):
|
|
|
- curs.execute("update other set data = ? where name = ?", [request.forms.contract, 'contract'])
|
|
|
+ curs.execute("update other set data = ? where name = ?", [request.forms.get('contract'), 'contract'])
|
|
|
conn.commit()
|
|
|
|
|
|
return(redirect('/edit_set/2'))
|
|
|
@@ -552,25 +548,25 @@ def admin_plus(name = None):
|
|
|
if(request.method == 'POST'):
|
|
|
curs.execute("delete from alist where name = ?", [name])
|
|
|
|
|
|
- if(request.forms.ban):
|
|
|
+ if(request.forms.get('ban')):
|
|
|
curs.execute("insert into alist (name, acl) values (?, 'ban')", [name])
|
|
|
|
|
|
- if(request.forms.mdel):
|
|
|
+ if(request.forms.get('mdel')):
|
|
|
curs.execute("insert into alist (name, acl) values (?, 'mdel')", [name])
|
|
|
|
|
|
- if(request.forms.toron):
|
|
|
+ if(request.forms.get('toron')):
|
|
|
curs.execute("insert into alist (name, acl) values (?, 'toron')", [name])
|
|
|
|
|
|
- if(request.forms.check):
|
|
|
+ if(request.forms.get('check')):
|
|
|
curs.execute("insert into alist (name, acl) values (?, 'check')", [name])
|
|
|
|
|
|
- if(request.forms.acl):
|
|
|
+ if(request.forms.get('acl')):
|
|
|
curs.execute("insert into alist (name, acl) values (?, 'acl')", [name])
|
|
|
|
|
|
- if(request.forms.hidel):
|
|
|
+ if(request.forms.get('hidel')):
|
|
|
curs.execute("insert into alist (name, acl) values (?, 'hidel')", [name])
|
|
|
|
|
|
- if(request.forms.owner):
|
|
|
+ if(request.forms.get('owner')):
|
|
|
curs.execute("insert into alist (name, acl) values (?, 'owner')", [name])
|
|
|
|
|
|
conn.commit()
|
|
|
@@ -1080,7 +1076,7 @@ def block_log(num = 1):
|
|
|
@route('/history/<name:path>/n/<num:int>', method=['POST', 'GET'])
|
|
|
def history_view(name = None, num = 1):
|
|
|
if(request.method == 'POST'):
|
|
|
- return(redirect('/w/' + url_pas(name) + '/r/' + request.forms.b + '/diff/' + request.forms.a))
|
|
|
+ return(redirect('/w/' + url_pas(name) + '/r/' + request.forms.get('b') + '/diff/' + request.forms.get('a')))
|
|
|
else:
|
|
|
select = ''
|
|
|
if(num * 50 <= 0):
|
|
|
@@ -1194,16 +1190,16 @@ def history_view(name = None, num = 1):
|
|
|
|
|
|
@route('/search', method=['POST'])
|
|
|
def search():
|
|
|
- return(redirect('/search/' + url_pas(request.forms.search)))
|
|
|
+ return(redirect('/search/' + url_pas(request.forms.get('search'))))
|
|
|
|
|
|
@route('/goto', method=['POST'])
|
|
|
def goto():
|
|
|
- curs.execute("select title from data where title = ?", [request.forms.search])
|
|
|
+ curs.execute("select title from data where title = ?", [request.forms.get('search')])
|
|
|
data = curs.fetchall()
|
|
|
if(data):
|
|
|
- return(redirect('/w/' + url_pas(request.forms.search)))
|
|
|
+ return(redirect('/w/' + url_pas(request.forms.get('search'))))
|
|
|
else:
|
|
|
- return(redirect('/search/' + url_pas(request.forms.search)))
|
|
|
+ return(redirect('/search/' + url_pas(request.forms.get('search'))))
|
|
|
|
|
|
@route('/search/<name:path>')
|
|
|
@route('/search/<name:path>/n/<num:int>')
|
|
|
@@ -1362,7 +1358,7 @@ def revert(name = None, num = None):
|
|
|
rows[0][0],
|
|
|
today,
|
|
|
ip,
|
|
|
- request.forms.send + ' (' + str(num) + '판)',
|
|
|
+ request.forms.get('send') + ' (' + str(num) + '판)',
|
|
|
leng
|
|
|
)
|
|
|
|
|
|
@@ -1414,7 +1410,7 @@ def m_del():
|
|
|
ip = ip_check()
|
|
|
if(admin_check(2, 'm_del') == 1):
|
|
|
if(request.method == 'POST'):
|
|
|
- data = request.forms.content + '\r\n'
|
|
|
+ data = request.forms.get('content') + '\r\n'
|
|
|
m = re.findall('(.*)\r\n', data)
|
|
|
for g in m:
|
|
|
curs.execute("select data from data where title = ?", [g])
|
|
|
@@ -1430,7 +1426,7 @@ def m_del():
|
|
|
'',
|
|
|
today,
|
|
|
ip,
|
|
|
- request.forms.send + ' (대량 삭제)',
|
|
|
+ request.forms.get('send') + ' (대량 삭제)',
|
|
|
leng
|
|
|
)
|
|
|
data = re.sub('(.*)\r\n', '', data, 1)
|
|
|
@@ -1482,14 +1478,14 @@ def edit(name = None, num = None):
|
|
|
if(can == 1):
|
|
|
return(re_error('/ban'))
|
|
|
|
|
|
- if(len(request.forms.send) > 500):
|
|
|
+ if(len(request.forms.get('send')) > 500):
|
|
|
return(re_error('/error/15'))
|
|
|
|
|
|
- if(request.forms.otent == request.forms.content):
|
|
|
+ if(request.forms.get('otent') == request.forms.get('content')):
|
|
|
return(re_error('/error/18'))
|
|
|
|
|
|
today = get_time()
|
|
|
- content = savemark(request.forms.content)
|
|
|
+ content = savemark(request.forms.get('content'))
|
|
|
|
|
|
curs.execute("delete from back where link = ?", [name])
|
|
|
curs.execute("delete from cat where cat = ?", [name])
|
|
|
@@ -1497,9 +1493,9 @@ def edit(name = None, num = None):
|
|
|
curs.execute("select data from data where title = ?", [name])
|
|
|
rows = curs.fetchall()
|
|
|
if(rows):
|
|
|
- leng = leng_check(len(request.forms.otent), len(content))
|
|
|
+ leng = leng_check(len(request.forms.get('otent')), len(content))
|
|
|
if(num):
|
|
|
- content = rows[0][0].replace(request.forms.otent, content)
|
|
|
+ content = rows[0][0].replace(request.forms.get('otent'), content)
|
|
|
|
|
|
curs.execute("update data set data = ? where title = ?", [content, name])
|
|
|
else:
|
|
|
@@ -1511,7 +1507,7 @@ def edit(name = None, num = None):
|
|
|
content,
|
|
|
today,
|
|
|
ip,
|
|
|
- send_p(request.forms.send),
|
|
|
+ send_p(request.forms.get('send')),
|
|
|
leng
|
|
|
)
|
|
|
|
|
|
@@ -1592,7 +1588,7 @@ def preview(name = None, num = None):
|
|
|
if(can == 1):
|
|
|
return(re_error('/ban'))
|
|
|
|
|
|
- newdata = request.forms.content
|
|
|
+ newdata = request.forms.get('content')
|
|
|
newdata = re.sub('^#(?:redirect|넘겨주기) (?P<in>[^\n]*)', ' * [[\g<in>]] 문서로 넘겨주기', newdata)
|
|
|
enddata = namumark(name, newdata, 0, 0, 0)
|
|
|
|
|
|
@@ -1606,8 +1602,8 @@ def preview(name = None, num = None):
|
|
|
template('index',
|
|
|
imp = [name, wiki_set(1), wiki_set(3), custom(0), custom(1), custom(2), ' (미리보기)', 0],
|
|
|
data = '<form method="post" action="/edit/' + url_pas(name) + action + '"> \
|
|
|
- <textarea style="height: 80%;" name="content">' + request.forms.content + '</textarea> \
|
|
|
- <textarea style="display: none; height: 80%;" name="otent">' + request.forms.otent + '</textarea> \
|
|
|
+ <textarea style="height: 80%;" name="content">' + request.forms.get('content') + '</textarea> \
|
|
|
+ <textarea style="display: none; height: 80%;" name="otent">' + request.forms.get('otent') + '</textarea> \
|
|
|
<br> \
|
|
|
<br> \
|
|
|
<input placeholder="사유" name="send" style="width: 100%;" type="text"> \
|
|
|
@@ -1639,14 +1635,7 @@ def delete(name = None):
|
|
|
today = get_time()
|
|
|
|
|
|
leng = '-' + str(len(rows[0][0]))
|
|
|
- history_plus(
|
|
|
- name,
|
|
|
- '',
|
|
|
- today,
|
|
|
- ip,
|
|
|
- request.forms.send + ' (삭제)',
|
|
|
- leng
|
|
|
- )
|
|
|
+ history_plus(name, '', today, ip, request.forms.get('send') + ' (삭제)', leng)
|
|
|
|
|
|
curs.execute("delete from back where link = ?", [name])
|
|
|
curs.execute("delete from cat where cat = ?", [name])
|
|
|
@@ -1729,15 +1718,15 @@ def move(name = None):
|
|
|
rows = curs.fetchall()
|
|
|
|
|
|
leng = '0'
|
|
|
- curs.execute("select title from history where title = ?", [request.forms.title])
|
|
|
+ curs.execute("select title from history where title = ?", [request.forms.get('title')])
|
|
|
row = curs.fetchall()
|
|
|
if(row):
|
|
|
return(re_error('/error/19'))
|
|
|
|
|
|
if(rows):
|
|
|
- curs.execute("update data set title = ? where title = ?", [request.forms.title, name])
|
|
|
- curs.execute("update back set link = ? where link = ?", [request.forms.title, name])
|
|
|
- curs.execute("update cat set cat = ? where cat = ?", [request.forms.title, name])
|
|
|
+ curs.execute("update data set title = ? where title = ?", [request.forms.get('title'), name])
|
|
|
+ curs.execute("update back set link = ? where link = ?", [request.forms.get('title'), name])
|
|
|
+ curs.execute("update cat set cat = ? where cat = ?", [request.forms.get('title'), name])
|
|
|
|
|
|
d = rows[0][0]
|
|
|
else:
|
|
|
@@ -1748,16 +1737,16 @@ def move(name = None):
|
|
|
d,
|
|
|
today,
|
|
|
ip,
|
|
|
- request.forms.send + ' (<a href="/w/' + url_pas(name) + '">' + name + '</a> - <a href="/w/' + url_pas(request.forms.title) + '">' + request.forms.title + '</a> 이동)',
|
|
|
+ request.forms.get('send') + ' (<a href="/w/' + url_pas(name) + '">' + name + '</a> - <a href="/w/' + url_pas(request.forms.get('title')) + '">' + request.forms.get('title') + '</a> 이동)',
|
|
|
leng
|
|
|
)
|
|
|
|
|
|
- curs.execute('insert into move (origin, new, date, who, send) values (?, ?, ?, ?, ?)', [name, request.forms.title, today, ip, request.forms.send])
|
|
|
+ curs.execute('insert into move (origin, new, date, who, send) values (?, ?, ?, ?, ?)', [name, request.forms.get('title'), today, ip, request.forms.get('send')])
|
|
|
|
|
|
- curs.execute("update history set title = ? where title = ?", [request.forms.title, name])
|
|
|
+ curs.execute("update history set title = ? where title = ?", [request.forms.get('title'), name])
|
|
|
conn.commit()
|
|
|
|
|
|
- return(redirect('/w/' + url_pas(request.forms.title)))
|
|
|
+ return(redirect('/w/' + url_pas(request.forms.get('title'))))
|
|
|
else:
|
|
|
l_c = custom(0)
|
|
|
if(l_c == 0):
|
|
|
@@ -1842,7 +1831,7 @@ def manager(num = 1):
|
|
|
)
|
|
|
elif(num == 2):
|
|
|
if(request.method == 'POST'):
|
|
|
- return(redirect('/acl/' + url_pas(request.forms.name)))
|
|
|
+ return(redirect('/acl/' + url_pas(request.forms.get('name'))))
|
|
|
else:
|
|
|
return(
|
|
|
html_minify(
|
|
|
@@ -1860,7 +1849,7 @@ def manager(num = 1):
|
|
|
)
|
|
|
elif(num == 3):
|
|
|
if(request.method == 'POST'):
|
|
|
- return(redirect('/check/' + url_pas(request.forms.name)))
|
|
|
+ return(redirect('/check/' + url_pas(request.forms.get('name'))))
|
|
|
else:
|
|
|
return(
|
|
|
html_minify(
|
|
|
@@ -1878,7 +1867,7 @@ def manager(num = 1):
|
|
|
)
|
|
|
elif(num == 4):
|
|
|
if(request.method == 'POST'):
|
|
|
- return(redirect('/ban/' + url_pas(request.forms.name)))
|
|
|
+ return(redirect('/ban/' + url_pas(request.forms.get('name'))))
|
|
|
else:
|
|
|
return(
|
|
|
html_minify(
|
|
|
@@ -1896,7 +1885,7 @@ def manager(num = 1):
|
|
|
)
|
|
|
elif(num == 5):
|
|
|
if(request.method == 'POST'):
|
|
|
- return(redirect('/admin/' + url_pas(request.forms.name)))
|
|
|
+ return(redirect('/admin/' + url_pas(request.forms.get('name'))))
|
|
|
else:
|
|
|
return(
|
|
|
html_minify(
|
|
|
@@ -1914,7 +1903,7 @@ def manager(num = 1):
|
|
|
)
|
|
|
elif(num == 6):
|
|
|
if(request.method == 'POST'):
|
|
|
- return(redirect('/record/' + url_pas(request.forms.name)))
|
|
|
+ return(redirect('/record/' + url_pas(request.forms.get('name'))))
|
|
|
else:
|
|
|
return(
|
|
|
html_minify(
|
|
|
@@ -1932,7 +1921,7 @@ def manager(num = 1):
|
|
|
)
|
|
|
elif(num == 8):
|
|
|
if(request.method == 'POST'):
|
|
|
- return(redirect('/admin_plus/' + url_pas(request.forms.name)))
|
|
|
+ return(redirect('/admin_plus/' + url_pas(request.forms.get('name'))))
|
|
|
else:
|
|
|
return(
|
|
|
html_minify(
|
|
|
@@ -1950,7 +1939,7 @@ def manager(num = 1):
|
|
|
)
|
|
|
elif(num == 9):
|
|
|
if(request.method == 'POST'):
|
|
|
- return(redirect('/json_out/' + url_pas(request.forms.name)))
|
|
|
+ return(redirect('/json_out/' + url_pas(request.forms.get('name'))))
|
|
|
else:
|
|
|
return(
|
|
|
html_minify(
|
|
|
@@ -1968,7 +1957,7 @@ def manager(num = 1):
|
|
|
)
|
|
|
elif(num == 10):
|
|
|
if(request.method == 'POST'):
|
|
|
- return(redirect('/check/' + url_pas(request.forms.name) + '/' + url_pas(request.forms.name2)))
|
|
|
+ return(redirect('/check/' + url_pas(request.forms.get('name')) + '/' + url_pas(request.forms.get('name2'))))
|
|
|
else:
|
|
|
return(
|
|
|
html_minify(
|
|
|
@@ -2025,7 +2014,7 @@ def json_out(name = None):
|
|
|
def json_in():
|
|
|
if(admin_check(None, 'json_in') == 1):
|
|
|
if(request.method == 'POST'):
|
|
|
- data = json.loads(request.forms.data)
|
|
|
+ data = json.loads(request.forms.get('data'))
|
|
|
title = data["title"]
|
|
|
|
|
|
curs.execute('select title from history where title = ?', [title])
|
|
|
@@ -2318,7 +2307,7 @@ def topic(name = None, sub = None):
|
|
|
|
|
|
rd_plus(name, sub, today)
|
|
|
|
|
|
- data = re.sub("\[\[(분류:(?:(?:(?!\]\]).)*))\]\]", "[br]", request.forms.content)
|
|
|
+ data = re.sub("\[\[(분류:(?:(?:(?!\]\]).)*))\]\]", "[br]", request.forms.get('content'))
|
|
|
m = re.findall("(?:#([0-9]+))", data)
|
|
|
for da in m:
|
|
|
curs.execute("select ip from topic where title = ? and sub = ? and id = ?", [name, sub, da])
|
|
|
@@ -2497,9 +2486,8 @@ def close_topic_list(name = None, tool = None):
|
|
|
if(request.method == 'POST'):
|
|
|
t_num = ''
|
|
|
while(1):
|
|
|
- curs.execute("select title from topic where title = ? and sub = ? limit 1", [name, request.forms.topic + t_num])
|
|
|
- t_data = curs.fetchall()
|
|
|
- if(t_data):
|
|
|
+ curs.execute("select title from topic where title = ? and sub = ? limit 1", [name, request.forms.get('topic') + t_num])
|
|
|
+ if(curs.fetchall()):
|
|
|
if(t_num == ''):
|
|
|
t_num = ' 2'
|
|
|
else:
|
|
|
@@ -2507,7 +2495,7 @@ def close_topic_list(name = None, tool = None):
|
|
|
else:
|
|
|
break
|
|
|
|
|
|
- return(redirect('/topic/' + url_pas(name) + '/sub/' + url_pas(request.forms.topic + t_num)))
|
|
|
+ return(redirect('/topic/' + url_pas(name) + '/sub/' + url_pas(request.forms.get('topic') + t_num)))
|
|
|
else:
|
|
|
plus = ''
|
|
|
menu = [['topic/' + url_pas(name), '목록']]
|
|
|
@@ -2543,9 +2531,7 @@ def close_topic_list(name = None, tool = None):
|
|
|
it_p = 1
|
|
|
|
|
|
if(it_p != 1):
|
|
|
- div += '<h2> \
|
|
|
- <a href="/topic/' + url_pas(name) + '/sub/' + url_pas(data[0]) + '">' + str((i + 1)) + '. ' + data[0] + '</a> \
|
|
|
- </h2>'
|
|
|
+ div += '<h2><a href="/topic/' + url_pas(name) + '/sub/' + url_pas(data[0]) + '">' + str((i + 1)) + '. ' + data[0] + '</a></h2>'
|
|
|
|
|
|
i += 1
|
|
|
|
|
|
@@ -2572,24 +2558,24 @@ def login():
|
|
|
if(ban == 1):
|
|
|
return(re_error('/ban'))
|
|
|
|
|
|
- curs.execute("select pw from user where id = ?", [request.forms.id])
|
|
|
+ curs.execute("select pw from user where id = ?", [request.forms.get('id')])
|
|
|
user = curs.fetchall()
|
|
|
if(user):
|
|
|
if(session.get('Now') == 1):
|
|
|
return(re_error('/error/11'))
|
|
|
|
|
|
- if(bcrypt.checkpw(bytes(request.forms.pw, 'utf-8'), bytes(user[0][0], 'utf-8'))):
|
|
|
+ if(bcrypt.checkpw(bytes(request.forms.get('pw'), 'utf-8'), bytes(user[0][0], 'utf-8'))):
|
|
|
session['Now'] = 1
|
|
|
- session['DREAMER'] = request.forms.id
|
|
|
+ session['DREAMER'] = request.forms.get('id')
|
|
|
|
|
|
- curs.execute("select css from custom where user = ?", [request.forms.id])
|
|
|
+ curs.execute("select css from custom where user = ?", [request.forms.get('id')])
|
|
|
css_data = curs.fetchall()
|
|
|
if(css_data):
|
|
|
session['Daydream'] = css_data[0][0]
|
|
|
else:
|
|
|
session['Daydream'] = ''
|
|
|
|
|
|
- curs.execute("insert into ua_d (name, ip, ua, today, sub) values (?, ?, ?, ?, '')", [request.forms.id, ip, agent, get_time()])
|
|
|
+ curs.execute("insert into ua_d (name, ip, ua, today, sub) values (?, ?, ?, ?, '')", [request.forms.get('id'), ip, agent, get_time()])
|
|
|
conn.commit()
|
|
|
|
|
|
return(redirect('/user'))
|
|
|
@@ -2631,20 +2617,20 @@ def change_password():
|
|
|
ban = ban_check()
|
|
|
|
|
|
if(request.method == 'POST'):
|
|
|
- if(request.forms.pw2 == request.forms.pw3):
|
|
|
+ if(request.forms.get('pw2') == request.forms.get('pw3')):
|
|
|
if(ban == 1):
|
|
|
return(re_error('/ban'))
|
|
|
|
|
|
- curs.execute("select pw from user where id = ?", [request.forms.id])
|
|
|
+ curs.execute("select pw from user where id = ?", [request.forms.get('id')])
|
|
|
user = curs.fetchall()
|
|
|
if(user):
|
|
|
if(re.search('(\.|:)', ip)):
|
|
|
return(redirect('/login'))
|
|
|
|
|
|
- if(bcrypt.checkpw(bytes(request.forms.pw, 'utf-8'), bytes(user[0][0], 'utf-8'))):
|
|
|
- hashed = bcrypt.hashpw(bytes(request.forms.pw2, 'utf-8'), bcrypt.gensalt())
|
|
|
+ if(bcrypt.checkpw(bytes(request.forms.get('pw'), 'utf-8'), bytes(user[0][0], 'utf-8'))):
|
|
|
+ hashed = bcrypt.hashpw(bytes(request.forms.get('pw2'), 'utf-8'), bcrypt.gensalt())
|
|
|
|
|
|
- curs.execute("update user set pw = ? where id = ?", [hashed.decode(), request.forms.id])
|
|
|
+ curs.execute("update user set pw = ? where id = ?", [hashed.decode(), request.forms.get('id')])
|
|
|
conn.commit()
|
|
|
|
|
|
return(redirect('/user'))
|
|
|
@@ -2767,26 +2753,26 @@ def register():
|
|
|
return(re_error('/ban'))
|
|
|
|
|
|
if(request.method == 'POST'):
|
|
|
- if(request.forms.pw == request.forms.pw2):
|
|
|
- if(re.search('(?:[^A-Za-zㄱ-힣0-9 ])', request.forms.id)):
|
|
|
+ if(request.forms.get('pw') == request.forms.get('pw2')):
|
|
|
+ if(re.search('(?:[^A-Za-zㄱ-힣0-9 ])', request.forms.get('id'))):
|
|
|
return(re_error('/error/8'))
|
|
|
|
|
|
- if(len(request.forms.id) > 32):
|
|
|
+ if(len(request.forms.get('id')) > 32):
|
|
|
return(re_error('/error/7'))
|
|
|
|
|
|
- curs.execute("select id from user where id = ?", [request.forms.id])
|
|
|
+ curs.execute("select id from user where id = ?", [request.forms.get('id')])
|
|
|
rows = curs.fetchall()
|
|
|
if(rows):
|
|
|
return(re_error('/error/6'))
|
|
|
|
|
|
- hashed = bcrypt.hashpw(bytes(request.forms.pw, 'utf-8'), bcrypt.gensalt())
|
|
|
+ hashed = bcrypt.hashpw(bytes(request.forms.get('pw'), 'utf-8'), bcrypt.gensalt())
|
|
|
|
|
|
curs.execute("select id from user limit 1")
|
|
|
user_ex = curs.fetchall()
|
|
|
if(not user_ex):
|
|
|
- curs.execute("insert into user (id, pw, acl) values (?, ?, '소유자')", [request.forms.id, hashed.decode()])
|
|
|
+ curs.execute("insert into user (id, pw, acl) values (?, ?, '소유자')", [request.forms.get('id'), hashed.decode()])
|
|
|
else:
|
|
|
- curs.execute("insert into user (id, pw, acl) values (?, ?, 'user')", [request.forms.id, hashed.decode()])
|
|
|
+ curs.execute("insert into user (id, pw, acl) values (?, ?, 'user')", [request.forms.get('id'), hashed.decode()])
|
|
|
conn.commit()
|
|
|
|
|
|
return(redirect('/login'))
|
|
|
@@ -2845,10 +2831,10 @@ def user_ban(name = None):
|
|
|
if(admin_check(1, 'ban (' + name + ')') == 1):
|
|
|
ip = ip_check()
|
|
|
|
|
|
- if(request.forms.year == '09'):
|
|
|
+ if(request.forms.get('year') == '09'):
|
|
|
end = ''
|
|
|
else:
|
|
|
- end = request.forms.year + '-' + request.forms.month + '-' + request.forms.day
|
|
|
+ end = request.forms.get('year') + '-' + request.forms.get('month') + '-' + request.forms.get('day')
|
|
|
|
|
|
curs.execute("select block from ban where block = ?", [name])
|
|
|
row = curs.fetchall()
|
|
|
@@ -2863,9 +2849,9 @@ def user_ban(name = None):
|
|
|
else:
|
|
|
band_d = ''
|
|
|
|
|
|
- rb_plus(name, end, get_time(), ip, request.forms.why)
|
|
|
+ rb_plus(name, end, get_time(), ip, request.forms.get('why'))
|
|
|
|
|
|
- curs.execute("insert into ban (block, end, why, band) values (?, ?, ?, ?)", [name, end, request.forms.why, band_d])
|
|
|
+ curs.execute("insert into ban (block, end, why, band) values (?, ?, ?, ?)", [name, end, request.forms.get('why'), band_d])
|
|
|
conn.commit()
|
|
|
|
|
|
return(redirect('/ban/' + url_pas(name)))
|
|
|
@@ -2941,9 +2927,9 @@ def acl(name = None):
|
|
|
curs.execute("select acl from data where title = ?", ['사용자:' + name])
|
|
|
acl_d = curs.fetchall()
|
|
|
if(acl_d):
|
|
|
- if(request.forms.select == 'all'):
|
|
|
+ if(request.forms.get('select') == 'all'):
|
|
|
curs.execute("update data set acl = 'all' where title = ?", ['사용자:' + name])
|
|
|
- elif(request.forms.select == 'user'):
|
|
|
+ elif(request.forms.get('select') == 'user'):
|
|
|
curs.execute("update data set acl = 'user' where title = ?", ['사용자:' + name])
|
|
|
else:
|
|
|
curs.execute("update data set acl = '' where title = ?", ['사용자:' + name])
|
|
|
@@ -2993,9 +2979,9 @@ def acl(name = None):
|
|
|
curs.execute("select acl from data where title = ?", [name])
|
|
|
row = curs.fetchall()
|
|
|
if(row):
|
|
|
- if(request.forms.select == 'admin'):
|
|
|
+ if(request.forms.get('select') == 'admin'):
|
|
|
curs.execute("update data set acl = 'admin' where title = ?", [name])
|
|
|
- elif(request.forms.select == 'user'):
|
|
|
+ elif(request.forms.get('select') == 'user'):
|
|
|
curs.execute("update data set acl = 'user' where title = ?", [name])
|
|
|
else:
|
|
|
curs.execute("update data set acl = '' where title = ?", [name])
|
|
|
@@ -3047,10 +3033,10 @@ def acl(name = None):
|
|
|
def user_admin(name = None):
|
|
|
if(request.method == 'POST'):
|
|
|
if(admin_check(None, 'admin (' + name + ')') == 1):
|
|
|
- if(request.forms.select == 'X'):
|
|
|
+ if(request.forms.get('select') == 'X'):
|
|
|
curs.execute("update user set acl = 'user' where id = ?", [name])
|
|
|
else:
|
|
|
- curs.execute("update user set acl = ? where id = ?", [request.forms.select, name])
|
|
|
+ curs.execute("update user set acl = ? where id = ?", [request.forms.get('select'), name])
|
|
|
conn.commit()
|
|
|
|
|
|
return(redirect('/admin/' + url_pas(name)))
|
|
|
@@ -3397,7 +3383,7 @@ def upload():
|
|
|
return(re_error('/ban'))
|
|
|
|
|
|
if(request.method == 'POST'):
|
|
|
- data = request.files.f_data
|
|
|
+ data = request.files.get('f_data')
|
|
|
if(data):
|
|
|
if(int(wiki_set(4)) * 1024 * 1024 < request.content_length):
|
|
|
return re_error('/error/17')
|
|
|
@@ -3552,12 +3538,12 @@ def custom_css_view():
|
|
|
curs.execute("select * from custom where user = ?", [ip])
|
|
|
css_data = curs.fetchall()
|
|
|
if(css_data):
|
|
|
- curs.execute("update custom set css = ? where user = ?", [request.forms.content, ip])
|
|
|
+ curs.execute("update custom set css = ? where user = ?", [request.forms.get('content'), ip])
|
|
|
else:
|
|
|
- curs.execute("insert into custom (user, css) values (?, ?)", [ip, request.forms.content])
|
|
|
+ curs.execute("insert into custom (user, css) values (?, ?)", [ip, request.forms.get('content')])
|
|
|
conn.commit()
|
|
|
|
|
|
- session['Daydream'] = request.forms.content
|
|
|
+ session['Daydream'] = request.forms.get('content')
|
|
|
|
|
|
return(redirect('/user'))
|
|
|
else:
|
|
|
@@ -3605,11 +3591,11 @@ def custom_js_view():
|
|
|
curs.execute("select * from custom where user = ?", [ip + ' (js)'])
|
|
|
js_data = curs.fetchall()
|
|
|
if(js_data):
|
|
|
- curs.execute("update custom set css = ? where user = ?", [request.forms.content, ip + ' (js)'])
|
|
|
+ curs.execute("update custom set css = ? where user = ?", [request.forms.get('content'), ip + ' (js)'])
|
|
|
else:
|
|
|
- curs.execute("insert into custom (user, css) values (?, ?)", [ip + ' (js)', request.forms.content])
|
|
|
+ curs.execute("insert into custom (user, css) values (?, ?)", [ip + ' (js)', request.forms.get('content')])
|
|
|
conn.commit()
|
|
|
- session['AQUARIUM'] = request.forms.content
|
|
|
+ session['AQUARIUM'] = request.forms.get('content')
|
|
|
|
|
|
return(redirect('/user'))
|
|
|
else:
|
2DU