9 ani în urmă · b638c99029
--- a/app.py
+++ b/app.py
@@ -490,7 +490,7 @@ def register():
 
				                 return render_template('index.html', title = '회원가입 오류', logo = data['name'], data = '동일한 아이디의 유저가 있습니다.')
			
 
				             else:
			
 
				                 hashed = bcrypt.hashpw(bytes(request.form["pw"], 'utf-8'), bcrypt.gensalt())
			
 
				-                if(data['owner']):
			
 
				+                if(request.form["id"] == data['owner']):
			
 
				                     curs.execute("insert into user (id, pw, acl) value ('" + pymysql.escape_string(request.form["id"]) + "', '" + pymysql.escape_string(hashed.decode()) + "', 'owner')")
			
 
				                 else:
			
 
				                     curs.execute("insert into user (id, pw, acl) value ('" + pymysql.escape_string(request.form["id"]) + "', '" + pymysql.escape_string(hashed.decode()) + "', 'user')")
			
@@ -513,7 +513,7 @@ def ban(name = None):
 
				             curs.execute("select * from user where id = '" + pymysql.escape_string(ip) + "'")
			
 
				             rows = curs.fetchall()
			
 
				             if(rows):
			
 
				-                if(rows[0]['acl'] == 'owner' or 'admin'):
			
 
				+                if(rows[0]['acl'] == 'owner' or rows[0]['acl'] == 'admin'):
			
 
				                     curs.execute("select * from ban where block = '" + pymysql.escape_string(name) + "'")
			
 
				                     row = curs.fetchall()
			
 
				                     if(row):
			
@@ -534,14 +534,64 @@ def ban(name = None):
 
				             curs.execute("select * from user where id = '" + pymysql.escape_string(ip) + "'")
			
 
				             rows = curs.fetchall()
			
 
				             if(rows):
			
 
				-                if(rows[0]['acl'] == 'owner' or 'admin'):
			
 
				+                if(rows[0]['acl'] == 'owner' or rows[0]['acl'] == 'admin'):
			
 
				                     curs.execute("select * from ban where block = '" + pymysql.escape_string(name) + "'")
			
 
				                     row = curs.fetchall()
			
 
				                     if(row):
			
 
				                         now = '차단 해제'
			
 
				                     else:
			
 
				                         now = '차단'
			
 
				-                    return render_template('index.html', title = name, page = parse.quote(name), enter = '회원가입', logo = data['name'], tn = 16, now = now)
			
 
				+                    return render_template('index.html', title = name, page = parse.quote(name), logo = data['name'], tn = 16, now = now)
			
 
				+                else:
			
 
				+                    return render_template('index.html', title = '권한 오류', logo = data['name'], data = '권한이 모자랍니다.')
			
 
				+            else:
			
 
				+                return render_template('index.html', title = '권한 오류', logo = data['name'], data = '계정이 없습니다.')
			
 
				+        else:
			
 
				+            return render_template('index.html', title = '권한 오류', logo = data['name'], data = '비 로그인 상태 입니다.')
			
 
				+
			
 
				+@app.route('/admin/<name>', methods=['POST', 'GET'])
			
 
				+def admin(name = None):
			
 
				+    if(request.method == 'POST'):
			
 
				+        if(session.get('Now') == True):
			
 
				+            ip = getip(request)
			
 
				+            curs.execute("select * from user where id = '" + pymysql.escape_string(ip) + "'")
			
 
				+            rows = curs.fetchall()
			
 
				+            if(rows):
			
 
				+                if(rows[0]['acl'] == 'owner' or rows[0]['acl'] == 'admin'):
			
 
				+                    curs.execute("select * from user where id = '" + pymysql.escape_string(name) + "'")
			
 
				+                    row = curs.fetchall()
			
 
				+                    if(row):
			
 
				+                        if(row[0]['acl'] == 'admin' or row[0]['acl'] == 'owner'):
			
 
				+                            curs.execute("update user set acl = 'user' where id = '" + pymysql.escape_string(name) + "'")
			
 
				+                        else:
			
 
				+                            curs.execute("update user set acl = '" + pymysql.escape_string(request.form["select"]) + "' where id = '" + pymysql.escape_string(name) + "'")
			
 
				+                        conn.commit()
			
 
				+                        return '<meta http-equiv="refresh" content="0;url=/w/' + parse.quote(data['frontpage']) + '" />'
			
 
				+                    else:
			
 
				+                        return render_template('index.html', title = '사용자 오류', logo = data['name'], data = '계정이 없습니다.')
			
 
				+                else:
			
 
				+                    return render_template('index.html', title = '권한 오류', logo = data['name'], data = '권한이 모자랍니다.')
			
 
				+            else:
			
 
				+                return render_template('index.html', title = '권한 오류', logo = data['name'], data = '계정이 없습니다.')
			
 
				+        else:
			
 
				+            return render_template('index.html', title = '권한 오류', logo = data['name'], data = '비 로그인 상태 입니다.')
			
 
				+    else:
			
 
				+        if(session.get('Now') == True):
			
 
				+            ip = getip(request)
			
 
				+            curs.execute("select * from user where id = '" + pymysql.escape_string(ip) + "'")
			
 
				+            rows = curs.fetchall()
			
 
				+            if(rows):
			
 
				+                if(rows[0]['acl'] == 'owner'):
			
 
				+                    curs.execute("select * from user where id = '" + pymysql.escape_string(name) + "'")
			
 
				+                    row = curs.fetchall()
			
 
				+                    if(row):
			
 
				+                        if(row[0]['acl'] == 'admin' or row[0]['acl'] == 'owner'):
			
 
				+                            now = '권한 해제'
			
 
				+                        else:
			
 
				+                            now = '권한 부여'
			
 
				+                        return render_template('index.html', title = name, page = parse.quote(name), logo = data['name'], tn = 18, now = now)
			
 
				+                    else:
			
 
				+                        return render_template('index.html', title = '사용자 오류', logo = data['name'], data = '계정이 없습니다.')
			
 
				                 else:
			
 
				                     return render_template('index.html', title = '권한 오류', logo = data['name'], data = '권한이 모자랍니다.')
			
 
				             else:
			
--- a/templates/index.html
+++ b/templates/index.html
@@ -261,10 +261,13 @@
 
				 				<li>차단 구현</li>
			
 
				 				<li>토론 목록 보강</li>
			
 
				 				<li>ACL 기능 구현</li>
			
 
				+				<li>어드민 부여 구현 (완료)</li>
			
 
				 				<h2>1.2</h2>
			
 
				 				<li>대역 차단 구현</li>
			
 
				 				<li>diff 구현</li>
			
 
				 				<li>기초 파서 제작</li>
			
 
				+				<h2>계속</h2>
			
 
				+				<li>버그 수정</li>
			
 
				 				<br>
			
 
				 				<h2>파이나무 라이선스</h2>
			
 
				 				<li>미정</li>
			
@@ -272,7 +275,7 @@
 
				 				<li>인용문 아이콘 <a href="http://www.flaticon.com/free-icon/quote-left_25672">Dave Gandy</a> CC 3.0 BY</li>
			
 
				 				<br>
			
 
				 				<h2>기타</h2>
			
 
				-				<li>현재 버전 1.1.1a - Beta</li>
			
 
				+				<li>현재 버전 1.1.2 - Beta</li>
			
 
				 			</div>
			
 
				 			{% elif tn == 15 %}
			
 
				 			<h1 class="title">{{title}}</h1>
			
@@ -343,6 +346,20 @@
 
				 				<li>===== 5단계 문단 =====</li>
			
 
				 				<li>====== 6단계 문단 ======</li>
			
 
				 			</div>
			
 
				+			{% elif tn == 18 %}
			
 
				+			<h1 class="title">{{title}}</h1>
			
 
				+			<h2 class="title"><span style="margin-left:5px"></span>(권한 부여)</h2>
			
 
				+			<form id="usrform" method="POST" action="/admin/{{page}}">
			
 
				+				{% if now == '권한 부여' %}
			
 
				+				<select name="select">
			
 
				+					<option value="admin" selected="selected">관리자</option>
			
 
				+					<option value="ownet">소유자</option>
			
 
				+				</select>
			
 
				+				<br>
			
 
				+				<br>
			
 
				+				{% endif %}
			
 
				+				<button class="btn btn-primary" type="submit">{{now}}</button>
			
 
				+			</form>
			
 
				 			{% else %}
			
 
				 			<h1 class="title">{{title}}</h1>
			
 
				 			<h2 class="title"><span style="margin-left:5px"></span></h2>