2002-03-17 18:13:59 +01:00
|
|
|
|
#!/usr/bin/env python
|
|
|
|
|
|
|
2002-04-03 00:09:40 +02:00
|
|
|
|
# If (password, custid) exist in the database, and the user is in state
|
|
|
|
|
|
# 'WAITING', he will be changed to 'CONFIRMED'.
|
|
|
|
|
|
|
2002-03-17 18:13:59 +01:00
|
|
|
|
import sys
|
|
|
|
|
|
import MySQLdb
|
|
|
|
|
|
import cgi
|
2002-03-19 23:33:45 +01:00
|
|
|
|
import os
|
2002-03-17 18:13:59 +01:00
|
|
|
|
import re
|
|
|
|
|
|
|
|
|
|
|
|
# specify the filename of the template file
|
|
|
|
|
|
scripturl="http://eressea.upb.de/~enno/cgi-bin/eressea-confirm.py"
|
|
|
|
|
|
HTMLTemplate = "eressea.html"
|
|
|
|
|
|
DefaultTitle = "Eressea Anmeldung"
|
|
|
|
|
|
dbname = "eressea"
|
|
|
|
|
|
db=None
|
|
|
|
|
|
|
|
|
|
|
|
# define a new function called Display
|
|
|
|
|
|
# it takes one parameter - a string to Display
|
|
|
|
|
|
def Display(Content, Title=DefaultTitle):
|
|
|
|
|
|
TemplateHandle = open(HTMLTemplate, "r") # open in read only mode
|
|
|
|
|
|
# read the entire file as a string
|
|
|
|
|
|
TemplateInput = TemplateHandle.read()
|
|
|
|
|
|
TemplateHandle.close() # close the file
|
|
|
|
|
|
|
|
|
|
|
|
# this defines an exception string in case our
|
|
|
|
|
|
# template file is messed up
|
|
|
|
|
|
BadTemplateException = "There was a problem with the HTML template."
|
|
|
|
|
|
|
|
|
|
|
|
SubResult = re.subn("<!-- INSERT TITLE HERE -->", Title, TemplateInput)
|
|
|
|
|
|
SubResult = re.subn("<!-- INSERT CONTENT HERE -->", Content, SubResult[0])
|
|
|
|
|
|
if SubResult[1] == 0:
|
|
|
|
|
|
raise BadTemplateException
|
|
|
|
|
|
|
|
|
|
|
|
print "Content-Type: text/html\n\n"
|
|
|
|
|
|
print SubResult[0]
|
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def GetKey(Form, key):
|
|
|
|
|
|
if Form.has_key(key):
|
|
|
|
|
|
value=Form[key].value
|
|
|
|
|
|
if value!="":
|
|
|
|
|
|
return value
|
|
|
|
|
|
return None
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def genpasswd():
|
|
|
|
|
|
newpasswd=""
|
|
|
|
|
|
chars = string.letters + string.digits
|
|
|
|
|
|
for i in range(8):
|
|
|
|
|
|
newpasswd = newpasswd + choice(chars)
|
|
|
|
|
|
return newpasswd
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Form = cgi.FieldStorage()
|
|
|
|
|
|
|
|
|
|
|
|
custid=GetKey(Form, "custid")
|
|
|
|
|
|
password=GetKey(Form, "password")
|
|
|
|
|
|
|
|
|
|
|
|
if (password==None) or (custid==None):
|
|
|
|
|
|
output="<p>Um Deine Anmeldung zu best<73>tigen musst Du das Formular vollst<73>ndig ausf<73>llen.\n "
|
|
|
|
|
|
for key in Form.keys():
|
|
|
|
|
|
output=output+"<br>"+str(key)+"="+str(Form[key])
|
|
|
|
|
|
Display(output)
|
|
|
|
|
|
else:
|
|
|
|
|
|
db=MySQLdb.connect(db=dbname)
|
|
|
|
|
|
cursor=db.cursor()
|
2002-04-03 00:09:40 +02:00
|
|
|
|
exist=cursor.execute("select id from users where id="+custid+" and status='WAITING' and password='"+password+"'")
|
2002-03-17 18:13:59 +01:00
|
|
|
|
if exist==0:
|
|
|
|
|
|
Display('<p>Kundennummer oder Schl<68>ssel falsch. Bitte beachte, dass Du beim Schl<68>ssel auf Gro<72>- und Kleinschreibung achten mu<6D>t.')
|
|
|
|
|
|
else:
|
2002-03-19 23:33:45 +01:00
|
|
|
|
if os.environ.has_key('REMOTE_ADDR'):
|
|
|
|
|
|
ip=os.environ['REMOTE_ADDR']
|
|
|
|
|
|
cursor.execute("REPLACE userips (ip, user) VALUES ('"+ip+"', "+str(int(custid))+")")
|
2002-03-17 18:13:59 +01:00
|
|
|
|
cursor.execute("update users set status='CONFIRMED' where password='"+password+"' and id="+custid)
|
|
|
|
|
|
Display("<p>Deine Anmeldung wurde best<73>tigt.");
|
|
|
|
|
|
db.close()
|
