mod reg

app.py

@@ -649,6 +649,12 @@ def login_register_email():
 def login_register_email_check():
     return login_register_email_check_2(conn)
 
+'''
+@app.route('/register/submit', methods = ['POST', 'GET'])
+def login_register_submit():
+    return login_register_submit_2(conn)
+'''
+
 # 이 파트와 통일 예정
 @app.route('/<regex("need_email"):tool>', methods = ['POST', 'GET'])
 @app.route('/<regex("pass_find"):tool>', methods = ['POST', 'GET'])
@@ -665,6 +671,7 @@ def login_logout():
     return login_logout_2(conn)
 
 # Func-application
+# 이 파트는 register과 list로 쪼갤 예정
 @app.route('/application_submitted')
 def application_submitted():
     return application_submitted_2(conn)

route/login_register.py

@@ -18,11 +18,13 @@ def login_register_2(conn):
             return re_error('/ban')
 
     if flask.request.method == 'POST':
+        # 리캡차
         if captcha_post(flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
             return re_error('/error/13')
         else:
             captcha_post('', 0)
 
+        # 아이디 비밀번호 검증 파트
         user_id = flask.request.form.get('id', '')
         user_pw = flask.request.form.get('pw', '')
         user_repeat = flask.request.form.get('pw2', '')
@@ -48,61 +50,35 @@ def login_register_2(conn):
         curs.execute(db_change("select id from user_set where id = ?"), [user_id])
         if curs.fetchall():
             return re_error('/error/6')
-
-        hashed = pw_encode(user_pw)
-        ans_q = flask.request.form.get('approval_question_answer', '')
-
-        curs.execute(db_change('select data from other where name = "requires_approval"'))
-        requires_approval = curs.fetchall()
-        requires_approval = requires_approval and requires_approval[0][0] == 'on'
-        requires_approval = None if admin == 1 else requires_approval
-        if requires_approval:
-            curs.execute(db_change('select data from other where name = "approval_question"'))
-            approval_question = curs.fetchall()
-            approval_question = approval_question[0][0] if approval_question and approval_question[0][0] else ''
-        else:
-            approval_question = ''
-
-        # c_id, c_pw, c_ans, c_que, c_key, c_type
-        flask.session['c_id'] = user_id
-        flask.session['c_pw'] = hashed
-        flask.session['c_type'] = 'register'
-        if requires_approval:
-            flask.session['c_ans'] = flask.request.form.get('approval_question_answer', '')
-            flask.session['c_que'] = approval_question
         
-        curs.execute(db_change('select data from other where name = "email_have"'))
-        sql_data = curs.fetchall()
-        if sql_data and sql_data[0][0] != '' and admin != 1:
-            flask.session['c_key'] = load_random_key(32)
-
-            return redirect('/need_email')
-        else:
-            flask.session['c_key'] = 'email_pass'
-
-            return redirect('/check_key')
+        if admin != 1:
+            # 이메일 필요시 /register/email로 발송
+            curs.execute(db_change('select data from other where name = "email_have"'))
+            sql_data = curs.fetchall()
+            if sql_data and sql_data[0][0] != '':
+                # 임시로 세션에 저장
+                flask.session['reg_id'] = user_id
+                flask.session['reg_pw'] = user_pw
+
+                return redirect('/register/email')
+            
+            # 가입 승인 필요시 /register/submit으로 발송
+            curs.execute(db_change('select data from other where name = "requires_approval"'))
+            sql_data = curs.fetchall()
+            if sql_data and sql_data[0][0] != '':
+                flask.session['submit_id'] = user_id
+                flask.session['submit_pw'] = user_pw
+                
+                return redirect('/register/submit')
+        
+        # 전부 아니면 바로 가입 후 /login으로 발송
+        add_user(user_id, user_pw)
+        
+        return redirect('/login')
     else:
         curs.execute(db_change('select data from other where name = "contract"'))
         data = curs.fetchall()
         contract = (data[0][0] + '<hr class="main_hr">') if data and data[0][0] != '' else ''
-
-        approval_question = ''
-        
-        curs.execute(db_change('select data from other where name = "requires_approval"'))
-        requires_approval = curs.fetchall()
-        requires_approval = requires_approval and requires_approval[0][0] == 'on'
-        requires_approval = None if admin == 1 else requires_approval
-        if requires_approval:
-            curs.execute(db_change('select data from other where name = "approval_question"'))
-            data = curs.fetchall()
-            if data and data[0][0] != '':
-                approval_question = '''
-                    <hr class="main_hr">
-                    <span>''' + load_lang('approval_question') + ' : ' + data[0][0] + '''<span>
-                    <hr class="main_hr">
-                    <input placeholder="''' + load_lang('approval_question') + '''" name="approval_question_answer" type="text">
-                    <hr class="main_hr">
-                '''
                 
         return easy_minify(flask.render_template(skin_check(),
             imp = [load_lang('register'), wiki_set(), wiki_custom(), wiki_css([0, 0])],

route/login_register_email.py

@@ -1,114 +1,66 @@
 from .tool.func import *
 
-def login_need_email_2(conn, tool):
+def login_register_email_2(conn):
     curs = conn.cursor()
     
-    if flask.request.method == 'POST':
-        re_set_list = ['c_id', 'c_pw', 'c_ans', 'c_que', 'c_key', 'c_type']
+    if not 'reg_id' in flask.session:
+        return redirect('/register')
     
-        if tool == 'email_change':
-            flask.session['c_key'] = load_random_key(32)
-            flask.session['c_id'] = ip_check()
-            flask.session['c_type'] = 'email_change'
-        elif tool == 'pass_find':
-            user_id = flask.request.form.get('id', '')
-            user_email = flask.request.form.get('email', '')
-
-            flask.session['c_key'] = load_random_key(32)
-            flask.session['c_id'] = user_id
-            flask.session['c_type'] = 'pass_find'
-        else:
-            if not 'c_type' in flask.session:
-                return redirect('/register')
+    if flask.request.method == 'POST':
+        flask.session['reg_key'] = load_random_key(32)
 
-        if tool != 'pass_find':
-            user_email = flask.request.form.get('email', '')
-            email_data = re.search(r'@([^@]+)$', user_email)
-            if email_data:
-                curs.execute(db_change("select html from html_filter where html = ? and kind = 'email'"), [email_data.group(1)])
-                if not curs.fetchall():
-                    for i in re_set_list:
-                        flask.session.pop(i, None)
-                    
-                    return redirect('/email_filter')
-            else:
-                for i in re_set_list:
-                    flask.session.pop(i, None)
-                
-                return re_error('/error/36')
+        user_email = flask.request.form.get('email', '')
+        email_data = re.search(r'@([^@]+)$', user_email)
+        if email_data:
+            email_data = email_data.group(1)
+            
+            curs.execute(db_change(
+                "select html from html_filter where html = ? and kind = 'email'"
+            ), [email_data])
+            if not curs.fetchall():                
+                return redirect('/email_filter')
 
         curs.execute(db_change('select data from other where name = "email_title"'))
         sql_d = curs.fetchall()
-        t_text = html.escape(sql_d[0][0]) if sql_d and sql_d[0][0] != '' else (wiki_set()[0] + ' key')
+        if sql_d and sql_d[0][0] != '':
+            t_text = html.escape(sql_d[0][0])
+        else:
+            t_text = wiki_set()[0] + ' key'
 
         curs.execute(db_change('select data from other where name = "email_text"'))
         sql_d = curs.fetchall()
-        i_text = (html.escape(sql_d[0][0]) + '\n\nKey : ' + flask.session['c_key']) if sql_d and sql_d[0][0] != '' else ('Key : ' + flask.session['c_key'])
-        
-        if tool == 'pass_find':
-            curs.execute(db_change("select id from user_set where id = ? and name = 'email' and data = ?"), [user_id, user_email])
-            if not curs.fetchall():
-                return re_error('/error/12')
-                
-            if send_email(user_email, t_text, i_text) == 0:
-                return re_error('/error/18')
-
-            return redirect('/check_key')
+        if sql_d and sql_d[0][0] != ''
+            i_text = html.escape(sql_d[0][0]) + '\n\nKey : ' + flask.session['c_key']
         else:
-            curs.execute(db_change('select id from user_set where name = "email" and data = ?'), [user_email])
-            if curs.fetchall():
-                for i in re_set_list:
-                    flask.session.pop(i, None)
+            i_text = 'Key : ' + flask.session['c_key']
+        
 
-                return re_error('/error/35')
-            
-            if send_email(user_email, t_text, i_text) == 0:
-                for i in re_set_list:
-                    flask.session.pop(i, None)
+        curs.execute(db_change('select id from user_set where name = "email" and data = ?'), [user_email])
+        if curs.fetchall():
+            return re_error('/error/35')
 
-                return re_error('/error/18')
+        if send_email(user_email, t_text, i_text) == 0:
+            return re_error('/error/18')
 
-            flask.session['c_email'] = user_email
+        flask.session['reg_email'] = user_email
 
-            return redirect('/check_key')
+        return redirect('/register/email/check')
     else:
-        if tool == 'pass_find':
-            curs.execute(db_change('select data from other where name = "password_search_text"'))
-            sql_d = curs.fetchall()
-            b_text = (sql_d[0][0] + '<hr class="main_hr">') if sql_d and sql_d[0][0] != '' else ''
-
-            return easy_minify(flask.render_template(skin_check(),
-                imp = [load_lang('password_search'), wiki_set(), wiki_custom(), wiki_css([0, 0])],
-                data = b_text + '''
-                    <form method="post">
-                        <input placeholder="''' + load_lang('id') + '''" name="id" type="text">
-                        <hr class="main_hr">
-                        <input placeholder="''' + load_lang('email') + '''" name="email" type="text">
-                        <hr class="main_hr">
-                        <button type="submit">''' + load_lang('save') + '''</button>
-                    </form>
-                ''',
-                menu = [['user', load_lang('return')]]
-            ))
-        else:
-            if tool == 'need_email' and not 'c_type' in flask.session:
-                return redirect('/register')
-
-            curs.execute(db_change('select data from other where name = "email_insert_text"'))
-            sql_d = curs.fetchall()
-            b_text = (sql_d[0][0] + '<hr class="main_hr">') if sql_d and sql_d[0][0] != '' else ''
+        curs.execute(db_change('select data from other where name = "email_insert_text"'))
+        sql_d = curs.fetchall()
+        b_text = (sql_d[0][0] + '<hr class="main_hr">') if sql_d and sql_d[0][0] != '' else ''
 
-            return easy_minify(flask.render_template(skin_check(),
-                imp = [load_lang('email'), wiki_set(), wiki_custom(), wiki_css([0, 0])],
-                data = '''
-                    <a href="/email_filter">(''' + load_lang('email_filter_list') + ''')</a>
+        return easy_minify(flask.render_template(skin_check(),
+            imp = [load_lang('email'), wiki_set(), wiki_custom(), wiki_css([0, 0])],
+            data = '''
+                <a href="/email_filter">(''' + load_lang('email_filter_list') + ''')</a>
+                <hr class="main_hr">
+                ''' + b_text + '''
+                <form method="post">
+                    <input placeholder="''' + load_lang('email') + '''" name="email" type="text">
                     <hr class="main_hr">
-                    ''' + b_text + '''
-                    <form method="post">
-                        <input placeholder="''' + load_lang('email') + '''" name="email" type="text">
-                        <hr class="main_hr">
-                        <button type="submit">''' + load_lang('save') + '''</button>
-                    </form>
-                ''',
-                menu = [['user', load_lang('return')]]
-            ))
+                    <button type="submit">''' + load_lang('save') + '''</button>
+                </form>
+            ''',
+            menu = [['user', load_lang('return')]]
+        ))

route/login_register_email_check.py

@@ -1,150 +1,35 @@
 from .tool.func import *
 
-def login_check_key_2(conn, tool):
+def login_register_email_check_2(conn):
     curs = conn.cursor()
 
-    if  flask.request.method == 'POST' or \
-        ('c_key' in flask.session and flask.session['c_key'] == 'email_pass'):
-        re_set_list = ['c_id', 'c_pw', 'c_ans', 'c_que', 'c_key', 'c_type', 'c_email']
-        ip = ip_check()
-        input_key = flask.request.form.get('key', '')
+    if not 'reg_email' in flask.session:
+        return redirect('/register')
+    
+    if  flask.request.method == 'POST':
+        user_ip = ip_check()
         user_agent = flask.request.headers.get('User-Agent', '')
+        input_key = flask.request.form.get('key', '')
 
-        if  'c_type' in flask.session and \
-            flask.session['c_type'] == 'pass_find' and \
-            flask.session['c_key'] == input_key:
-            curs.execute(db_change("update user_set set data = ? where name = 'pw' and id = ?"), [
-                pw_encode(flask.session['c_key']), 
-                flask.session['c_id']
-            ])
-            conn.commit()
-
-            user_id = flask.session['c_id']
-            user_pw = flask.session['c_key']
-
-            for i in re_set_list:
-                flask.session.pop(i, None)
-
-            curs.execute(db_change('select data from other where name = "reset_user_text"'))
-            sql_d = curs.fetchall()
-            b_text = (sql_d[0][0] + '<hr class="main_hr">') if sql_d and sql_d[0][0] != '' else ''
-
-            curs.execute(db_change('select data from user_set where name = "2fa" and id = ?'), [user_id])
-            if curs.fetchall():
-                curs.execute(db_change("update user_set set data = '' where name = '2fa' and id = ?"), [user_id])
-
-            return easy_minify(flask.render_template(skin_check(),
-                imp = [load_lang('reset_user_ok'), wiki_set(), wiki_custom(), wiki_css([0, 0])],
-                data = b_text + load_lang('id') + ' : ' + user_id + '<br>' + load_lang('password') + ' : ' + user_pw,
-                menu = [['user', load_lang('return')]]
-            ))
-        elif    'c_type' in flask.session and \
-                (flask.session['c_key'] == input_key or flask.session['c_key'] == 'email_pass'):
-            curs.execute(db_change('select data from other where name = "encode"'))
-            db_data = curs.fetchall()
-
-            if flask.session['c_type'] == 'register':
-                if flask.session['c_key'] == 'email_pass':
-                    flask.session['c_email'] = ''
-
-                curs.execute(db_change("select id from user_set limit 1"))
-                first = 1 if not curs.fetchall() else 0
-
-                curs.execute(db_change("select id from user_set where id = ?"), [
-                    flask.session['c_id']
-                ])
-                if curs.fetchall():
-                    for i in re_set_list:
-                        flask.session.pop(i, None)
+        if flask.session['reg_key'] != input_key:
+            return redirect('/register')
 
-                    return re_error('/error/6')
+        curs.execute(db_change('select data from other where name = "requires_approval"'))
+        sql_data = curs.fetchall()
+        if sql_data and sql_data[0][0] != '':
+            flask.session['submit_id'] = flask.session['reg_id']
+            flask.session['submit_pw'] = flask.session['reg_pw']
+            flask.session['submit_email'] = flask.session['reg_email']
             
-                curs.execute(db_change("select id from user_set where id = ? and name = 'application'"), [
-                    flask.session['c_id']
-                ])
-                if curs.fetchall():
-                    for i in re_set_list:
-                        flask.session.pop(i, None)
-
-                    return re_error('/error/6')
-
-                curs.execute(db_change(
-                    'select data from other where name = "requires_approval"'
-                ))
-                requires_approval = curs.fetchall()
-                if requires_approval and requires_approval[0][0] == 'on':
-                    user_app_data = {}
-                    user_app_data['id'] = flask.session['c_id']
-                    user_app_data['pw'] = flask.session['c_pw']
-                    user_app_data['date'] = get_time()
-                    user_app_data['encode'] = db_data[0][0]
-                    user_app_data['question'] = flask.session['c_que']
-                    user_app_data['answer'] = flask.session['c_ans']
-                    user_app_data['ip'] = ip
-                    user_app_data['ua'] = user_agent
-                    user_app_data['email'] = flask.session['c_email']
-                    
-                    curs.execute(db_change(
-                        "insert into user_set (id, name, data) values (?, ?, ?)"
-                    ), [
-                        flask.session['c_id'],
-                        'application',
-                        json.dumps(user_app_data)
-                    ])
-                    conn.commit()
-    
-                    for i in re_set_list:
-                        flask.session.pop(i, None)
-
-                    return redirect('/application_submitted')
-                else:
-                    if first == 0:
-                        user_auth = 'user'
-                    else:
-                        user_auth = 'owner'
-                    
-                    curs.execute(db_change("insert into user_set (id, name, data) values (?, 'pw', ?)"), [
-                        flask.session['c_id'],
-                        flask.session['c_pw']
-                    ])
-                    curs.execute(db_change("insert into user_set (id, name, data) values (?, 'acl', ?)"), [
-                        flask.session['c_id'],
-                        user_auth
-                    ])
-                    curs.execute(db_change("insert into user_set (id, name, data) values (?, 'date', ?)"), [
-                        flask.session['c_id'],
-                        get_time()
-                    ])
-                    curs.execute(db_change("insert into user_set (id, name, data) values (?, 'encode', ?)"), [
-                        flask.session['c_id'],
-                        db_data[0][0]
-                    ])
-
-                curs.execute(db_change("insert into user_set (name, id, data) values ('email', ?, ?)"), [
-                    flask.session['c_id'],
-                    flask.session['c_email']
-                ])
-                ua_plus(flask.session['c_id'], ip, user_agent, get_time())
-
-                flask.session['id'] = flask.session['c_id']
-                flask.session['head'] = ''
-
-                conn.commit()
-            else:
-                curs.execute(db_change('delete from user_set where name = "email" and id = ?'), [ip])
-                curs.execute(db_change('insert into user_set (name, id, data) values ("email", ?, ?)'), [ip, flask.session['c_email']])
-
-                first = 0
-
-            for i in re_set_list:
-                flask.session.pop(i, None)
-
-            return redirect('/change') if first == 0 else redirect('/setting') 
-        else:
-            for i in re_set_list:
-                flask.session.pop(i, None)
-
-            return redirect('/user')
+            return redirect('/register/submit')
+        
+        add_user(
+            flask.session['reg_id'],
+            flask.session['reg_pw'],
+            flask.session['reg_email']
+        )
+
+        return redirect('/login')
     else:
         curs.execute(db_change('select data from other where name = "check_key_text"'))
         sql_d = curs.fetchall()

route/login_register_submit.py

@@ -0,0 +1,37 @@
+from .tool.func import *
+
+def login_register_submit_2(conn):
+    approval_question = ''
+
+    curs.execute(db_change('select data from other where name = "requires_approval"'))
+    requires_approval = curs.fetchall()
+    requires_approval = requires_approval and requires_approval[0][0] == 'on'
+    requires_approval = None if admin == 1 else requires_approval
+    if requires_approval:
+        curs.execute(db_change('select data from other where name = "approval_question"'))
+        data = curs.fetchall()
+        if data and data[0][0] != '':
+            approval_question = '''
+                <hr class="main_hr">
+                <span>''' + load_lang('approval_question') + ' : ' + data[0][0] + '''<span>
+                <hr class="main_hr">
+                <input placeholder="''' + load_lang('approval_question') + '''" name="approval_question_answer" type="text">
+                <hr class="main_hr">
+            '''
+
+    ans_q = flask.request.form.get('approval_question_answer', '')
+
+    curs.execute(db_change('select data from other where name = "requires_approval"'))
+    requires_approval = curs.fetchall()
+    requires_approval = requires_approval and requires_approval[0][0] == 'on'
+    requires_approval = None if admin == 1 else requires_approval
+    if requires_approval:
+        curs.execute(db_change('select data from other where name = "approval_question"'))
+        approval_question = curs.fetchall()
+        approval_question = approval_question[0][0] if approval_question and approval_question[0][0] else ''
+    else:
+        approval_question = ''
+
+            if requires_approval:
+                flask.session['c_ans'] = flask.request.form.get('approval_question_answer', '')
+                flask.session['c_que'] = approval_question

route/tool/func.py

@@ -1406,6 +1406,52 @@ def add_alarm(who, context):
         'insert into alarm (name, data, date) values (?, ?, ?)'
     ), [who, context, get_time()])
     
+def add_user(user_name, user_pw, user_email = ''):
+    curs.execute(db_change("select id from user_set where id = ? limit 1"), [
+        user_name
+    ])
+    if curs.fetchall():
+        return 0
+    
+    user_pw_hash = pw_encode(user_pw)
+    
+    curs.execute(db_change('select data from other where name = "encode"'))
+    data_encode = curs.fetchall()
+    data_encode = data_encode[0][0]
+
+    curs.execute(db_change("select id from user_set limit 1"))
+    if not curs.fetchall():
+        user_auth = 'owner'
+    else:
+        user_auth = 'user'
+
+    curs.execute(db_change("insert into user_set (id, name, data) values (?, 'pw', ?)"), [
+        user_name,
+        user_pw_hash
+    ])
+    curs.execute(db_change("insert into user_set (id, name, data) values (?, 'acl', ?)"), [
+        user_name,
+        user_auth
+    ])
+    curs.execute(db_change("insert into user_set (id, name, data) values (?, 'date', ?)"), [
+        user_name,
+        get_time()
+    ])
+    curs.execute(db_change("insert into user_set (id, name, data) values (?, 'encode', ?)"), [
+        user_name,
+        data_encode
+    ])
+    
+    if user_email != '':
+        curs.execute(db_change("insert into user_set (name, id, data) values ('email', ?, ?)"), [
+            user_name,
+            user_email
+        ])
+        
+    conn.commit()
+        
+    return 1
+    
 def ua_plus(u_id, u_ip, u_agent, time):
     curs.execute(db_change("select data from other where name = 'ua_get'"))
     rep_data = curs.fetchall()