Почетна Преглед Помоћ
Пријавите се
wiki
/
openNAMU__openNAMU
огледало од https://github.com/openNAMU/openNAMU.git
2
0
Креирај огранак 0
Датотеке Дискусије 0 Вики
Преглед изворни кода

SQLite 버전

2DU пре 8 година
родитељ
2294bb3951
комит
71461437aa
3 измењених фајлова са 297 додато и 758 уклоњено
Један поглед Покажи статистику Diff
  1. 211 494
      app.py
  2. 62 237
      func.py
  3. 24 27
      mark.py

Разлика између датотеке није приказан због своје велике величине
+ 211 - 494
app.py


+ 62 - 237
func.py
Прегледај датотеку 

@@ -2,13 +2,16 @@
 
 from bottle.ext import beaker
 
 from bottle.ext import beaker
 
 from urllib import parse
 
 from urllib import parse
 
 import json
 
 import json
 
-import pymysql
 
+import sqlite3
 
 import time
 
 import time
 
 import re
 
 import re
 
 import hashlib
 
 import hashlib
 
 
 
 json_data = open('set.json').read()
 
 json_data = open('set.json').read()
 
 set_data = json.loads(json_data)
 
 set_data = json.loads(json_data)
 
+
 
+conn = sqlite3.connect(set_data['db'] + '.db')
 
+curs = conn.cursor()
 
     
     
 session_opts = {
 
 session_opts = {
 
     'session.type': 'file',
 
     'session.type': 'file',
 
@@ -37,94 +40,68 @@ def diff(seqm):
 
     return(''.join(output))
 
     return(''.join(output))
 
            
            
 def admin_check(num):
 
 def admin_check(num):
 
-    conn = pymysql.connect(
 
-        user = set_data['user'], 
-        password = set_data['pw'], 
-        charset = 'utf8mb4', 
-        db = set_data['db']
 
-    )
 
-    curs = conn.cursor(pymysql.cursors.DictCursor)
 
-
 
     ip = ip_check() 
     ip = ip_check() 
-    curs.execute("select acl from user where id = '" + pymysql.escape_string(ip) + "'")
 
+    curs.execute("select acl from user where id = '" + escape(ip) + "'")
 
     user = curs.fetchall()
 
     user = curs.fetchall()
 
     if(user):
 
     if(user):
 
         reset = 0
 
         reset = 0
 
         while(1):
 
         while(1):
 
             if(num == 1 and reset == 0):
 
             if(num == 1 and reset == 0):
 
-                curs.execute('select name from alist where name = "' + pymysql.escape_string(user[0]["acl"]) + '" and acl = "ban"')
 
+                curs.execute('select name from alist where name = "' + escape(user[0][0]) + '" and acl = "ban"')
 
                 acl_data = curs.fetchall()
 
                 acl_data = curs.fetchall()
 
                 if(acl_data):
 
                 if(acl_data):
 
-                    conn.close()
 
                     return(1)
 
                     return(1)
 
                 else:
 
                 else:
 
                     reset = 1
 
                     reset = 1
 
             elif(num == 2 and reset == 0):
 
             elif(num == 2 and reset == 0):
 
-                curs.execute('select name from alist where name = "' + pymysql.escape_string(user[0]["acl"]) + '" and acl = "mdel"')
 
+                curs.execute('select name from alist where name = "' + escape(user[0][0]) + '" and acl = "mdel"')
 
                 acl_data = curs.fetchall()
 
                 acl_data = curs.fetchall()
 
                 if(acl_data):
 
                 if(acl_data):
 
-                    conn.close()
 
                     return(1)
 
                     return(1)
 
                 else:
 
                 else:
 
                     reset = 1
 
                     reset = 1
 
             elif(num == 3 and reset == 0):
 
             elif(num == 3 and reset == 0):
 
-                curs.execute('select name from alist where name = "' + pymysql.escape_string(user[0]["acl"]) + '" and acl = "toron"')
 
+                curs.execute('select name from alist where name = "' + escape(user[0][0]) + '" and acl = "toron"')
 
                 acl_data = curs.fetchall()
 
                 acl_data = curs.fetchall()
 
                 if(acl_data):
 
                 if(acl_data):
 
-                    conn.close()
 
                     return(1)
 
                     return(1)
 
                 else:
 
                 else:
 
                     reset = 1
 
                     reset = 1
 
             elif(num == 4 and reset == 0):
 
             elif(num == 4 and reset == 0):
 
-                curs.execute('select name from alist where name = "' + pymysql.escape_string(user[0]["acl"]) + '" and acl = "check"')
 
+                curs.execute('select name from alist where name = "' + escape(user[0][0]) + '" and acl = "check"')
 
                 acl_data = curs.fetchall()
 
                 acl_data = curs.fetchall()
 
                 if(acl_data):
 
                 if(acl_data):
 
-                    conn.close()
 
                     return(1)
 
                     return(1)
 
                 else:
 
                 else:
 
                     reset = 1
 
                     reset = 1
 
             elif(num == 5 and reset == 0):
 
             elif(num == 5 and reset == 0):
 
-                curs.execute('select name from alist where name = "' + pymysql.escape_string(user[0]["acl"]) + '" and acl = "acl"')
 
+                curs.execute('select name from alist where name = "' + escape(user[0][0]) + '" and acl = "acl"')
 
                 acl_data = curs.fetchall()
 
                 acl_data = curs.fetchall()
 
                 if(acl_data):
 
                 if(acl_data):
 
-                    conn.close()
 
                     return(1)
 
                     return(1)
 
                 else:
 
                 else:
 
                     reset = 1
 
                     reset = 1
 
             elif(num == 6 and reset == 0):
 
             elif(num == 6 and reset == 0):
 
-                curs.execute('select name from alist where name = "' + pymysql.escape_string(user[0]["acl"]) + '" and acl = "hidel"')
 
+                curs.execute('select name from alist where name = "' + escape(user[0][0]) + '" and acl = "hidel"')
 
                 acl_data = curs.fetchall()
 
                 acl_data = curs.fetchall()
 
                 if(acl_data):
 
                 if(acl_data):
 
-                    conn.close()
 
                     return(1)
 
                     return(1)
 
                 else:
 
                 else:
 
                     reset = 1
 
                     reset = 1
 
             else:
 
             else:
 
-                curs.execute('select name from alist where name = "' + pymysql.escape_string(user[0]["acl"]) + '" and acl = "owner"')
 
+                curs.execute('select name from alist where name = "' + escape(user[0][0]) + '" and acl = "owner"')
 
                 acl_data = curs.fetchall()
 
                 acl_data = curs.fetchall()
 
                 if(acl_data):
 
                 if(acl_data):
 
-                    conn.close()
 
                     return(1)
 
                     return(1)
 
                 else:
 
                 else:
 
                     break
 
                     break
 
-    conn.close()
 
                 
                 
 def include_check(name, data):
 
 def include_check(name, data):
 
-    conn = pymysql.connect(
 
-        user = set_data['user'], 
-        password = set_data['pw'], 
-        charset = 'utf8mb4', 
-        db = set_data['db']
 
-    )
 
-    curs = conn.cursor(pymysql.cursors.DictCursor)
 
-
 
     if(re.search('^틀:', name)):
 
     if(re.search('^틀:', name)):
 
-        curs.execute("select link from back where title = '" + pymysql.escape_string(name) + "' and type = 'include'")
 
+        curs.execute("select link from back where title = '" + escape(name) + "' and type = 'include'")
 
         back = curs.fetchall()
 
         back = curs.fetchall()
 
         for backp in back:
 
         for backp in back:
 
-            namumark(backp['link'], data, 1)
 
-    
-    conn.close()
 
+            namumark(backp[0], data, 1)    
     
     
 def login_check():
 
 def login_check():
 
     session = request.environ.get('beaker.session')
 
     session = request.environ.get('beaker.session')
 
@@ -134,18 +111,10 @@ def login_check():
 
         return(0)
 
         return(0)
 
 
 
 def ip_pas(raw_ip, num):
 
 def ip_pas(raw_ip, num):
 
-    conn = pymysql.connect(
 
-        user = set_data['user'], 
-        password = set_data['pw'], 
-        charset = 'utf8mb4', 
-        db = set_data['db']
 
-    )
 
-    curs = conn.cursor(pymysql.cursors.DictCursor)
 
-    
     if(re.search("(\.|:)", raw_ip)):
 
     if(re.search("(\.|:)", raw_ip)):
 
         ip = raw_ip
 
         ip = raw_ip
 
     else:
 
     else:
 
-        curs.execute("select title from data where title = '사용자:" + pymysql.escape_string(raw_ip) + "'")
 
+        curs.execute("select title from data where title = '사용자:" + escape(raw_ip) + "'")
 
         row = curs.fetchall()
 
         row = curs.fetchall()
 
         if(row):
 
         if(row):
 
             ip = '<a href="/w/' + url_pas('사용자:' + raw_ip) + '">' + raw_ip + '</a>'
 
             ip = '<a href="/w/' + url_pas('사용자:' + raw_ip) + '">' + raw_ip + '</a>'
 
@@ -158,9 +127,7 @@ def ip_pas(raw_ip, num):
 
         ip += ' <a href="/record/' + url_pas(raw_ip) + '">(기록)</a> <a href="/user/' + url_pas(raw_ip) + '/topic">(토론 기록)</a>'        
         ip += ' <a href="/record/' + url_pas(raw_ip) + '">(기록)</a> <a href="/user/' + url_pas(raw_ip) + '/topic">(토론 기록)</a>'        
     else:
 
     else:
 
         ip += ' <a href="/record/' + url_pas(raw_ip) + '">(기록)</a>'
 
         ip += ' <a href="/record/' + url_pas(raw_ip) + '">(기록)</a>'
 
-    
-    conn.close()
 
-    
+
 
     return(ip)
 
     return(ip)
 
 
 
 def custom_css_user():
 
 def custom_css_user():
 
@@ -173,259 +140,117 @@ def custom_css_user():
 
     return(data)
 
     return(data)
 
 
 
 def acl_check(ip, name):
 
 def acl_check(ip, name):
 
-    conn = pymysql.connect(
 
-        user = set_data['user'], 
-        password = set_data['pw'], 
-        charset = 'utf8mb4', 
-        db = set_data['db']
 
-    )
 
-    curs = conn.cursor(pymysql.cursors.DictCursor)
 
-
 
     m = re.search("^사용자:([^/]*)", name)
 
     m = re.search("^사용자:([^/]*)", name)
 
     n = re.search("^파일:(.*)", name)
 
     n = re.search("^파일:(.*)", name)
 
     if(m):
 
     if(m):
 
         g = m.groups()
 
         g = m.groups()
 
         if(ip == g[0]):
 
         if(ip == g[0]):
 
             if(re.search("(\.|:)", g[0])):
 
             if(re.search("(\.|:)", g[0])):
 
-                conn.close()
 
                 return(1)
 
                 return(1)
 
             else:
 
             else:
 
-                curs.execute("select * from ban where block = '" + pymysql.escape_string(ip) + "'")
 
+                curs.execute("select block from ban where block = '" + escape(ip) + "'")
 
                 rows = curs.fetchall()
 
                 rows = curs.fetchall()
 
                 if(rows):
 
                 if(rows):
 
-                    conn.close()
 
                     return(1)
 
                     return(1)
 
                 else:
 
                 else:
 
-                    conn.close()
 
                     return(0)
 
                     return(0)
 
         else:
 
         else:
 
-            conn.close()
 
-            return(1)
 
-    elif(n):
 
-        if(admin_check(None) != 1):
 
-            conn.close()
 
             return(1)
 
             return(1)
 
+    elif(n and admin_check(5) != 1):
 
+        return(1)
 
     else:
 
     else:
 
         b = re.search("^([0-9](?:[0-9]?[0-9]?)\.[0-9](?:[0-9]?[0-9]?))", ip)
 
         b = re.search("^([0-9](?:[0-9]?[0-9]?)\.[0-9](?:[0-9]?[0-9]?))", ip)
 
         if(b):
 
         if(b):
 
             results = b.groups()
 
             results = b.groups()
 
-            curs.execute("select * from ban where block = '" + pymysql.escape_string(results[0]) + "' and band = 'O'")
 
+            curs.execute("select block from ban where block = '" + escape(results[0]) + "' and band = 'O'")
 
             rowss = curs.fetchall()
 
             rowss = curs.fetchall()
 
             if(rowss):
 
             if(rowss):
 
-                conn.close()
 
                 return(1)
 
                 return(1)
 
-            else:
 
-                curs.execute("select * from ban where block = '" + pymysql.escape_string(ip) + "'")
 
+
 
+        curs.execute("select block from ban where block = '" + escape(ip) + "'")
 
+        rows = curs.fetchall()
 
+        if(rows):
 
+            return(1)
 
+        else:
 
+            curs.execute("select acl from data where title = '" + escape(name) + "'")
 
+            row = curs.fetchall()
 
+            if(row):
 
+                curs.execute("select acl from user where id = '" + escape(ip) + "'")
 
                 rows = curs.fetchall()
 
                 rows = curs.fetchall()
 
-                if(rows):
 
-                    conn.close()
 
-                    return(1)
 
-                else:
 
-                    curs.execute("select acl from data where title = '" + pymysql.escape_string(name) + "'")
 
-                    row = curs.fetchall()
 
-                    if(row):
 
-                        curs.execute("select * from user where id = '" + pymysql.escape_string(ip) + "'")
 
-                        rows = curs.fetchall()
 
-                        if(row[0]['acl'] == 'user'):
 
-                            if(rows):
 
-                                conn.close()
 
-                                return(0)
 
-                            else:
 
-                                conn.close()
 
-                                return(1)
 
-                        elif(row[0]['acl'] == 'admin'):
 
-                            if(rows):
 
-                                if(rows[0]['acl'] == 'admin' or rows[0]['acl'] == 'owner'):
 
-                                    conn.close()
 
-                                    return(0)
 
-                                else:
 
-                                    conn.close()
 
-                                    return(1)
 
-                            else:
 
-                                conn.close()
 
-                                return(1)
 
-                        else:
 
-                            conn.close()
 
-                            return(0)
 
-                    else:
 
-                        conn.close()
 
+                if(row[0][0] == 'user'):
 
+                    if(rows):
 
                         return(0)
 
                         return(0)
 
-        else:
 
-            curs.execute("select * from ban where block = '" + pymysql.escape_string(ip) + "'")
 
-            rows = curs.fetchall()
 
-            if(rows):
 
-                conn.close()
 
-                return(1)
 
-            else:
 
-                curs.execute("select acl from data where title = '" + pymysql.escape_string(name) + "'")
 
-                row = curs.fetchall()
 
-                if(row):
 
-                    curs.execute("select * from user where id = '" + pymysql.escape_string(ip) + "'")
 
-                    rows = curs.fetchall()
 
-                    if(row[0]['acl'] == 'user'):
 
-                        if(rows):
 
-                            conn.close()
 
-                            return(0)
 
-                        else:
 
-                            conn.close()
 
-                            return(1)
 
-                    elif(row[0]['acl'] == 'admin'):
 
-                        if(rows):
 
-                            if(rows[0]['acl'] == 'admin' or rows[0]['acl'] == 'owner'):
 
-                                conn.close()
 
-                                return(0)
 
-                            else:
 
-                                conn.close()
 
-                                return(1)
 
-                        else:
 
-                            conn.close()
 
-                            return(1)
 
                     else:
 
                     else:
 
-                        conn.close()
 
+                        return(1)
 
+                elif(row[0][0] == 'admin'):
 
+                    if(rows and admin_check(5) == 1):
 
                         return(0)
 
                         return(0)
 
+                    else:
 
+                        return(1)
 
                 else:
 
                 else:
 
-                    conn.close()
 
                     return(0)
 
                     return(0)
 
-    conn.close()
 
+            else:
 
+                return(0)    
 
 
 def ban_check(ip):
 
 def ban_check(ip):
 
-    conn = pymysql.connect(
 
-        user = set_data['user'], 
-        password = set_data['pw'], 
-        charset = 'utf8mb4', 
-        db = set_data['db']
 
-    )
 
-    curs = conn.cursor(pymysql.cursors.DictCursor)
 
-
 
     b = re.search("^([0-9](?:[0-9]?[0-9]?)\.[0-9](?:[0-9]?[0-9]?))", ip)
 
     b = re.search("^([0-9](?:[0-9]?[0-9]?)\.[0-9](?:[0-9]?[0-9]?))", ip)
 
     if(b):
 
     if(b):
 
         results = b.groups()
 
         results = b.groups()
 
-        curs.execute("select * from ban where block = '" + pymysql.escape_string(results[0]) + "' and band = 'O'")
 
+        curs.execute("select block from ban where block = '" + escape(results[0]) + "' and band = 'O'")
 
         rowss = curs.fetchall()
 
         rowss = curs.fetchall()
 
         if(rowss):
 
         if(rowss):
 
-            conn.close()
 
             return(1)
 
             return(1)
 
-        else:
 
-            curs.execute("select * from ban where block = '" + pymysql.escape_string(ip) + "'")
 
-            rows = curs.fetchall()
 
-            if(rows):
 
-                conn.close()
 
-                return(1)
 
-            else:
 
-                conn.close()
 
-                return(0)
 
+
 
+    curs.execute("select block from ban where block = '" + escape(ip) + "'")
 
+    rows = curs.fetchall()
 
+    if(rows):
 
+        return(1)
 
     else:
 
     else:
 
-        curs.execute("select * from ban where block = '" + pymysql.escape_string(ip) + "'")
 
-        rows = curs.fetchall()
 
-        if(rows):
 
-            conn.close()
 
-            return(1)
 
-        else:
 
-            conn.close()
 
-            return(0)
 
-    conn.close()
 
+        return(0)
 
         
         
 def topic_check(ip, name, sub):
 
 def topic_check(ip, name, sub):
 
-    conn = pymysql.connect(
 
-        user = set_data['user'], 
-        password = set_data['pw'], 
-        charset = 'utf8mb4', 
-        db = set_data['db']
 
-    )
 
-    curs = conn.cursor(pymysql.cursors.DictCursor)
 
-
 
     b = re.search("^([0-9](?:[0-9]?[0-9]?)\.[0-9](?:[0-9]?[0-9]?))", ip)
 
     b = re.search("^([0-9](?:[0-9]?[0-9]?)\.[0-9](?:[0-9]?[0-9]?))", ip)
 
     if(b):
 
     if(b):
 
         results = b.groups()
 
         results = b.groups()
 
-        curs.execute("select * from ban where block = '" + pymysql.escape_string(results[0]) + "' and band = 'O'")
 
+        curs.execute("select block from ban where block = '" + escape(results[0]) + "' and band = 'O'")
 
         rowss = curs.fetchall()
 
         rowss = curs.fetchall()
 
         if(rowss):
 
         if(rowss):
 
-            conn.close()
 
             return(1)
 
             return(1)
 
-        else:
 
-            curs.execute("select * from ban where block = '" + pymysql.escape_string(ip) + "'")
 
-            rows = curs.fetchall()
 
-            if(rows):
 
-                conn.close()
 
-                return(1)
 
-            else:
 
-                curs.execute("select * from stop where title = '" + pymysql.escape_string(name) + "' and sub = '" + pymysql.escape_string(sub) + "'")
 
-                rows = curs.fetchall()
 
-                if(rows):
 
-                    conn.close()
 
-                    return(1)
 
-                else:
 
-                    conn.close()
 
-                    return(0)
 
+
 
+    curs.execute("select block from ban where block = '" + escape(ip) + "'")
 
+    rows = curs.fetchall()
 
+    if(rows):
 
+        return(1)
 
     else:
 
     else:
 
-        curs.execute("select * from ban where block = '" + pymysql.escape_string(ip) + "'")
 
+        curs.execute("select title from stop where title = '" + escape(name) + "' and sub = '" + escape(sub) + "'")
 
         rows = curs.fetchall()
 
         rows = curs.fetchall()
 
         if(rows):
 
         if(rows):
 
-            conn.close()
 
             return(1)
 
             return(1)
 
         else:
 
         else:
 
-            curs.execute("select * from stop where title = '" + pymysql.escape_string(name) + "' and sub = '" + pymysql.escape_string(sub) + "'")
 
-            rows = curs.fetchall()
 
-            if(rows):
 
-                conn.close()
 
-                return(1)
 
-            else:
 
-                conn.close()
 
-                return(0)
 
-    conn.close()
 
+            return(0)
 
 
 
 def rd_plus(title, sub, date):
 
 def rd_plus(title, sub, date):
 
-    conn = pymysql.connect(
 
-        user = set_data['user'], 
-        password = set_data['pw'], 
-        charset = 'utf8mb4', 
-        db = set_data['db']
 
-    )
 
-    curs = conn.cursor(pymysql.cursors.DictCursor)
 
-
 
-    curs.execute("select * from rd where title = '" + pymysql.escape_string(title) + "' and sub = '" + pymysql.escape_string(sub) + "'")
 
+    curs.execute("select title from rd where title = '" + escape(title) + "' and sub = '" + escape(sub) + "'")
 
     rd = curs.fetchall()
 
     rd = curs.fetchall()
 
     if(rd):
 
     if(rd):
 
-        curs.execute("update rd set date = '" + pymysql.escape_string(date) + "' where title = '" + pymysql.escape_string(title) + "' and sub = '" + pymysql.escape_string(sub) + "'")
 
+        curs.execute("update rd set date = '" + escape(date) + "' where title = '" + escape(title) + "' and sub = '" + escape(sub) + "'")
 
     else:
 
     else:
 
-        curs.execute("insert into rd (title, sub, date) value ('" + pymysql.escape_string(title) + "', '" + pymysql.escape_string(sub) + "', '" + pymysql.escape_string(date) + "')")
 
+        curs.execute("insert into rd (title, sub, date) values ('" + escape(title) + "', '" + escape(sub) + "', '" + escape(date) + "')")
 
     conn.commit()
 
     conn.commit()
 
     
     
-    conn.close()
 
-    
 def rb_plus(block, end, today, blocker, why):
 
 def rb_plus(block, end, today, blocker, why):
 
-    conn = pymysql.connect(
 
-        user = set_data['user'], 
-        password = set_data['pw'], 
-        charset = 'utf8mb4', 
-        db = set_data['db']
 
-    )
 
-    curs = conn.cursor(pymysql.cursors.DictCursor)
 
-
 
-    curs.execute("insert into rb (block, end, today, blocker, why) value ('" + pymysql.escape_string(block) + "', '" + pymysql.escape_string(end) + "', '" + today + "', '" + pymysql.escape_string(blocker) + "', '" + pymysql.escape_string(why) + "')")
 
+    curs.execute("insert into rb (block, end, today, blocker, why) values ('" + escape(block) + "', '" + escape(end) + "', '" + today + "', '" + escape(blocker) + "', '" + escape(why) + "')")
 
     conn.commit()
 
     conn.commit()
 
-    
-    conn.close()
 
 
 
 def history_plus(title, data, date, ip, send, leng):
 
 def history_plus(title, data, date, ip, send, leng):
 
-    conn = pymysql.connect(
 
-        user = set_data['user'], 
-        password = set_data['pw'], 
-        charset = 'utf8mb4', 
-        db = set_data['db']
 
-    )
 
-    curs = conn.cursor(pymysql.cursors.DictCursor)
 
-
 
-    curs.execute("select * from history where title = '" + pymysql.escape_string(title) + "' order by id+0 desc limit 1")
 
+    curs.execute("select id from history where title = '" + escape(title) + "' order by id+0 desc limit 1")
 
     rows = curs.fetchall()
 
     rows = curs.fetchall()
 
     if(rows):
 
     if(rows):
 
-        number = int(rows[0]['id']) + 1
 
-        curs.execute("insert into history (id, title, data, date, ip, send, leng) value ('" + str(number) + "', '" + pymysql.escape_string(title) + "', '" + pymysql.escape_string(data) + "', '" + date + "', '" + pymysql.escape_string(ip) + "', '" + pymysql.escape_string(send) + "', '" + leng + "')")
 
+        number = int(rows[0][0]) + 1
 
+        curs.execute("insert into history (id, title, data, date, ip, send, leng) values ('" + str(number) + "', '" + escape(title) + "', '" + escape(data) + "', '" + date + "', '" + escape(ip) + "', '" + escape(send) + "', '" + leng + "')")
 
     else:
 
     else:
 
-        curs.execute("insert into history (id, title, data, date, ip, send, leng) value ('1', '" + pymysql.escape_string(title) + "', '" + pymysql.escape_string(data) + "', '" + date + "', '" + pymysql.escape_string(ip) + "', '" + pymysql.escape_string(send + ' (새 문서)') + "', '" + leng + "')")
 
+        curs.execute("insert into history (id, title, data, date, ip, send, leng) values ('1', '" + escape(title) + "', '" + escape(data) + "', '" + date + "', '" + escape(ip) + "', '" + escape(send + ' (새 문서)') + "', '" + leng + "')")
 
     conn.commit()
 
     conn.commit()
 
-    
-    conn.close()
 
 
 
 def leng_check(a, b):
 
 def leng_check(a, b):
 
     if(a < b):
 
     if(a < b):

+ 24 - 27
mark.py
Прегледај датотеку 

@@ -2,7 +2,7 @@
 
 from bottle.ext import beaker
 
 from bottle.ext import beaker
 
 from urllib import parse
 
 from urllib import parse
 
 import json
 
 import json
 
-import pymysql
 
+import sqlite3
 
 import time
 
 import time
 
 import re
 
 import re
 
 import hashlib
 
 import hashlib
 
@@ -10,6 +10,9 @@ import hashlib
 
 json_data = open('set.json').read()
 
 json_data = open('set.json').read()
 
 set_data = json.loads(json_data)
 
 set_data = json.loads(json_data)
 
 
 
+conn = sqlite3.connect(set_data['db'] + '.db')
 
+curs = conn.cursor()
 
+
 
 session_opts = {
 
 session_opts = {
 
     'session.type': 'file',
 
     'session.type': 'file',
 
     'session.data_dir': './app_session/',
 
     'session.data_dir': './app_session/',
 
@@ -23,6 +26,13 @@ def get_time():
 
     date = "%04d-%02d-%02d %02d:%02d:%02d" % (now.tm_year, now.tm_mon, now.tm_mday, now.tm_hour, now.tm_min, now.tm_sec)
 
     date = "%04d-%02d-%02d %02d:%02d:%02d" % (now.tm_year, now.tm_mon, now.tm_mday, now.tm_hour, now.tm_min, now.tm_sec)
 
 
 
     return(date)
 
     return(date)
 
+
 
+def escape(data):
 
+    data = data.replace('\\', '\\\\')
 
+    data = data.replace("'", "\'")
 
+    data = data.replace('"', '\"')
 
+
 
+    return(data)
 
     
     
 def ip_check():
 
 def ip_check():
 
     session = request.environ.get('beaker.session')
 
     session = request.environ.get('beaker.session')
 
@@ -324,35 +334,22 @@ def toc_pas(data, title):
 
     return(data)
 
     return(data)
 
 
 
 def backlink_plus(name, link, backtype, num):
 
 def backlink_plus(name, link, backtype, num):
 
-    if(num == 1):
 
-        conn = pymysql.connect(user = set_data['user'], password = set_data['pw'], charset = 'utf8mb4', db = set_data['db'])
 
-        curs = conn.cursor(pymysql.cursors.DictCursor)
 
-        
-        curs.execute("select title from back where title = '" + pymysql.escape_string(link) + "' and link = '" + pymysql.escape_string(name) + "' and type = '" + backtype + "'")
 
+    if(num == 1):       
+        curs.execute("select title from back where title = '" + escape(link) + "' and link = '" + escape(name) + "' and type = '" + backtype + "'")
 
         y = curs.fetchall()
 
         y = curs.fetchall()
 
         if(not y):
 
         if(not y):
 
-            curs.execute("insert into back (title, link, type) value ('" + pymysql.escape_string(link) + "', '" + pymysql.escape_string(name) + "',  '" + backtype + "')")
 
+            curs.execute("insert into back (title, link, type) values ('" + escape(link) + "', '" + escape(name) + "',  '" + backtype + "')")
 
             conn.commit()
 
             conn.commit()
 
-            
-        conn.close()
 
 
 
 def cat_plus(name, link, num):
 
 def cat_plus(name, link, num):
 
-    if(num == 1):
 
-        conn = pymysql.connect(user = set_data['user'], password = set_data['pw'], charset = 'utf8mb4', db = set_data['db'])
 
-        curs = conn.cursor(pymysql.cursors.DictCursor)
 
-        
-        curs.execute("select title from cat where title = '" + pymysql.escape_string(link) + "' and cat = '" + pymysql.escape_string(name) + "'")
 
+    if(num == 1):        
+        curs.execute("select title from cat where title = '" + escape(link) + "' and cat = '" + escape(name) + "'")
 
         y = curs.fetchall()
 
         y = curs.fetchall()
 
         if(not y):
 
         if(not y):
 
-            curs.execute("insert into cat (title, cat) value ('" + pymysql.escape_string(link) + "', '" + pymysql.escape_string(name) + "')")
 
+            curs.execute("insert into cat (title, cat) values ('" + escape(link) + "', '" + escape(name) + "')")
 
             conn.commit()
 
             conn.commit()
 
-            
-        conn.close()
 
 
 
-def namumark(title, data, num):
 
-    conn = pymysql.connect(user = set_data['user'], password = set_data['pw'], charset = 'utf8mb4', db = set_data['db'])
 
-    curs = conn.cursor(pymysql.cursors.DictCursor)
 
-    
+def namumark(title, data, num):    
     data = html_pas(data, 1)
 
     data = html_pas(data, 1)
 
 
 
     b = 0
 
     b = 0
 
@@ -372,12 +369,12 @@ def namumark(title, data, num):
 
             if(results[0] == title):
 
             if(results[0] == title):
 
                 data = include.sub("<b>" + results[0] + "</b>", data, 1)
 
                 data = include.sub("<b>" + results[0] + "</b>", data, 1)
 
             else:
 
             else:
 
-                curs.execute("select * from data where title = '" + pymysql.escape_string(results[0]) + "'")
 
+                curs.execute("select data from data where title = '" + escape(results[0]) + "'")
 
                 in_con = curs.fetchall()
 
                 in_con = curs.fetchall()
 
                 
                 
                 backlink_plus(title, results[0], 'include', num)
 
                 backlink_plus(title, results[0], 'include', num)
 
                 if(in_con):                        
                 if(in_con):                        
-                    in_data = in_con[0]['data']
 
+                    in_data = in_con[0][0]
 
                     in_data = include.sub("", in_data)
 
                     in_data = include.sub("", in_data)
 
                     
                     
                     in_data = html_pas(in_data, 1)
 
                     in_data = html_pas(in_data, 1)
 
@@ -453,7 +450,7 @@ def namumark(title, data, num):
 
                 cat_plus(title, g[0], num)
 
                 cat_plus(title, g[0], num)
 
                     
                     
                 if(category == ''):
 
                 if(category == ''):
 
-                    curs.execute("select title from data where title = '" + pymysql.escape_string(g[0]) + "'")
 
+                    curs.execute("select title from data where title = '" + escape(g[0]) + "'")
 
                     exists = curs.fetchall()
 
                     exists = curs.fetchall()
 
                     if(exists):
 
                     if(exists):
 
                         red = ""
 
                         red = ""
 
@@ -462,7 +459,7 @@ def namumark(title, data, num):
 
                         
                         
                     category += '<a ' + red + ' href="/w/' + url_pas(g[0]) + '">' + re.sub("분류:", "", g[0]) + '</a>'
 
                     category += '<a ' + red + ' href="/w/' + url_pas(g[0]) + '">' + re.sub("분류:", "", g[0]) + '</a>'
 
                 else:
 
                 else:
 
-                    curs.execute("select title from data where title = '" + pymysql.escape_string(g[0]) + "'")
 
+                    curs.execute("select title from data where title = '" + escape(g[0]) + "'")
 
                     exists = curs.fetchall()
 
                     exists = curs.fetchall()
 
                     if(exists):
 
                     if(exists):
 
                         red = ""
 
                         red = ""
 
@@ -662,7 +659,7 @@ def namumark(title, data, num):
 
                 else:
 
                 else:
 
                     nosharp = re.sub("<sharp>", "#", results[0])
 
                     nosharp = re.sub("<sharp>", "#", results[0])
 
                     
                     
-                    curs.execute("select title from data where title = '" + pymysql.escape_string(nosharp) + "'")
 
+                    curs.execute("select title from data where title = '" + escape(nosharp) + "'")
 
                     y = curs.fetchall()
 
                     y = curs.fetchall()
 
                     if(y):
 
                     if(y):
 
                         clas = ''
 
                         clas = ''
 
@@ -1209,5 +1206,5 @@ def namumark(title, data, num):
 
                 } \
 
                 } \
 
             </script>"
 
             </script>"
 
     
     
-    conn.close()
 
+    
     return(data)
 
     return(data)

Неке датотеке нису приказане због велике количине промена