server/scripts/cgi-bin/info.py

283 lines
11 KiB
Python
Raw Normal View History

2002-01-02 17:04:23 +01:00
#!/usr/bin/env python
2002-01-02 14:11:33 +01:00
import sys
import MySQLdb
import cgi
import re
import smtplib
# specify the filename of the template file
2002-01-13 12:32:05 +01:00
scripturl="http://eressea.upb.de/~enno/cgi-bin/info.py"
2002-01-02 14:11:33 +01:00
TemplateFile = "vinyambar.html"
DefaultTitle = "Vinyambar Datenbank"
dbname = "vinyambar"
From = "accounts@vinyambar.de"
smtpserver = 'localhost'
2002-03-02 06:19:34 +01:00
Errors = ""
2002-01-02 14:11:33 +01:00
# define a new function called Display
# it takes one parameter - a string to Display
def Display(Content, Title=DefaultTitle):
TemplateHandle = open(TemplateFile, "r") # open in read only mode
# read the entire file as a string
2002-01-02 17:04:23 +01:00
TemplateInput = TemplateHandle.read()
2002-01-02 14:11:33 +01:00
TemplateHandle.close() # close the file
2002-01-02 17:04:23 +01:00
2002-03-02 06:19:34 +01:00
# for key in Form.keys():
# Content=Content+"<br>"+str(key)+"="+str(Form[key])
2002-01-02 17:04:23 +01:00
2002-01-02 14:11:33 +01:00
# this defines an exception string in case our
# template file is messed up
BadTemplateException = "There was a problem with the HTML template."
2002-01-02 17:04:23 +01:00
2002-01-02 14:11:33 +01:00
SubResult = re.subn("<!-- INSERT TITLE HERE -->", Title, TemplateInput)
SubResult = re.subn("<!-- INSERT CONTENT HERE -->", Content, SubResult[0])
if SubResult[1] == 0:
2002-01-13 12:32:05 +01:00
raise BadTemplateException
2002-01-02 14:11:33 +01:00
print "Content-Type: text/html\n\n"
print SubResult[0]
2002-03-02 06:19:34 +01:00
return
def SendTransfer(userid, factionid, game):
db = MySQLdb.connect(db=dbname)
cursor=db.cursor()
cursor.execute("select email, firstname from users where id="+str(userid))
email, firstname = cursor.fetchone()
Msg="From: "+From+"\nTo: "+email+"\nSubject: Vinambar Passwort\n\n"
Msg=Msg+"Hallo, "+firstname+"\n"
Msg=Msg+"Ein Spieler hat Dir seine Partei " + factionid + " im Spiel " + game + "\n"
Msg=Msg+"<EFBFBD>bertragen. Um die Partei zu <20>bernehmen, gehe bitte auf die Webseite \n"
Msg=Msg+"http://www.vinyambar.de/accounts.shtml, und akzeptiere dort den Transfer.\n"
server=smtplib.SMTP(smtpserver)
server.sendmail(From, email, Msg)
server.close()
db.close()
return
2002-01-02 14:11:33 +01:00
2002-03-02 06:19:34 +01:00
def SendPass(email):
try:
db = MySQLdb.connect(db=dbname)
cursor=db.cursor()
# print custid
cursor.execute("select id, email, password from users where email='"+email+"'")
custid, email, password = cursor.fetchone()
Msg="From: "+From+"\nTo: "+email+"\nSubject: Vinambar Passwort\n\n"
Msg=Msg+"Deine Kundennummer ist: "+str(int(custid))+"\n"
Msg=Msg+"Dein Vinyambar-Passwort lautet: "+password+"\n"
Msg=Msg+"\nDiese Mail wurde an Dich versandt, weil Du (oder jemand anders) \n"
Msg=Msg+"es im Formular auf http://www.vinyambar.de/accounts.shtml angefordert hat.\n"
server=smtplib.SMTP(smtpserver)
server.sendmail(From, email, Msg)
server.close()
db.close()
Display('<div align="center">Das Passwort wurde verschickt</div>', 'Kundendaten #'+str(custid))
except:
Display('<div align="center">Beim Versenden des Passwortes ist ein Fehler aufgetreten.<br>Eventuell ist die email-Adresse unbekannt</div>', 'Kundendaten f<>r '+email)
2002-01-02 14:11:33 +01:00
def ShowInfo(custid, Password):
2002-03-02 06:19:34 +01:00
global Errors
2002-01-02 14:11:33 +01:00
db = MySQLdb.connect(db=dbname)
cursor = db.cursor()
cursor.execute("select max(date), max(id) from transactions")
lastdate, id = cursor.fetchone()
2002-03-02 06:19:34 +01:00
query=("select firstname, lastname, email, address, city, country, phone, status "+
"from users "+
"where id="+str(custid)+" and password='"+Password+"' ")
2002-01-02 14:11:33 +01:00
#print query
results = cursor.execute(query);
2002-03-02 06:19:34 +01:00
if results != 0:
2002-01-13 12:32:05 +01:00
2002-03-02 06:19:34 +01:00
output = '<div align=center>Letzter Buchungstag: '+str(lastdate)[0:10]+'</div><form action="'+scripturl+'" method=post><div align=center><table bgcolor="#e0e0e0" width=80% border>\n'
firstname, lastname, email, address, city, country, phone, status = cursor.fetchone()
query = "SELECT sum(balance) from transactions where user="+str(custid)
transactions = cursor.execute(query)
balance = 0.00
if transactions != 0:
balance = cursor.fetchone()[0]
if balance == None:
balance=0.00
2002-01-13 12:32:05 +01:00
2002-03-02 06:19:34 +01:00
line = "<font color=red>"+Errors+"</font><tr>"
line = line + "<tr><th height=30>Vorname</th><td><input size=40 name=firstname value=\""+firstname+"\"></td></tr>\n"
line = line + "<tr><th height=30>Nachname</th><td><input size=40 name=lastname value=\""+lastname+"\"></td></tr>\n"
if email==None:
email=""
line = line + "<tr><th height=30>EMail Adresse</th><td><input size=40 name=email value=\""+email+"\"></td></tr>\n"
if address==None:
address=""
line = line + "<tr><th height=30>Adresse</th><td><input size=40 name=address value=\""+address+"\"></td></tr>\n"
if city==None:
city=""
line = line + "<tr><th height=30>Wohnort</th><td><input size=40 name=city value=\""+city+"\"></td></tr>\n"
if phone==None:
phone=""
line = line + "<tr><th height=30>Telefon</th><td><input size=40 name=phone value=\""+phone+"\"></td></tr>\n"
line = line + "<tr><th height=30>Kontostand</th><td>"+str(balance)+" EUR</td></tr>\n"
line = line + "<tr><th height=30>Status</th><td>"+status+"</td></tr>\n"
output = output + line;
2002-01-13 12:32:05 +01:00
output=output+"</table></div>"
2002-03-02 06:19:34 +01:00
output=output+"<div align=center><h3>Partien</h3>\n"
games = cursor.execute("select id, name, status, info from games order by id")
while games>0:
games=games-1
gid, game, status, info = cursor.fetchone()
line = '<table bgcolor="#e0e0e0" width=80% border>\n<tr><th align=center><em>' + game + '</em>: ' + info + '</th></tr>'
if status=='WAITING':
line = line+'<tr><td>'
line = line + 'Ich m<>chte an diesem Spiel teilnehmen, und bevorzuge folgende Rasse:<br>\n'
line = line + '<select name="oldrace" size=1>'
line = line + '<OPTION selected value="">Keine Anmeldung'
line = line + '<option value="GOBLIN">Goblin'
line = line + '<option value="DWARF">Zwerg'
line = line + '<option value="ELF">Elf'
line = line + '<option value="HALFLING">Halbling'
line = line + '<option value="INSECT">Insekt'
line = line + '<option value="AQUARIAN">Meermensch'
line = line + '<option value="HUMAN">Mensch'
line = line + '<option value="CAT">Katze'
line = line + '<option value="TROLL">Troll'
line = line + '<option value="ORC">Ork'
line = line + '<option value="DEMON">D<>mon'
line = line + '</select>'
line = line+'</td></tr>'
elif status=='RUNNING':
query = ("select games.name, races.name, s.status, s.faction "+
"from races, games, subscriptions s "+
"where s.race=races.race and s.game="+str(int(gid))+" and s.game=games.id "+
"and s.user="+str(custid)+" ")
fcursor = db.cursor()
results = fcursor.execute(query)
if results>0:
while results>0:
results = results - 1
game, race, status, faction = fcursor.fetchone()
line = line + '<tr><td><em>Partei ' + faction + ', ' + race + ", " + status + "</em></td></tr>"
line = line + "<tr><td>"
if status=='ACTIVE':
line = line + 'Ich m<>chte diese Partei aufgeben: <input type="checkbox" name="cancel_' + faction + '"><br>\n'
line = line + 'Ich m<>chte die Partei an Spieler #<input size=4 name="transfer_' + faction + '"> <20>bergeben.\n'
elif status=='CANCELLED':
line = line + 'Reaktivieren: <input type="checkbox" name="activate_' + faction + '">\n'
elif status=='TRANSFERED':
line = line + 'Transfer akzeptieren: <input type="checkbox" name="accept_' + faction + '">\n'
line = line+'</td></tr>'
else:
continue
else:
continue
output=output+line+'</table>\n<p>\n'
output=output+"</div>"
2002-01-13 12:48:32 +01:00
query="select date, balance, text from transactions, descriptions where descriptions.handle=transactions.description and user="+str(custid)+" ORDER BY date"
2002-01-13 12:32:05 +01:00
results = cursor.execute(query);
2002-03-02 06:19:34 +01:00
if results>0:
output=output+'<div align=center>\n<h3>Transaktionen</h3>\n<table width=80% bgcolor="#e0e0e0" border>\n'
output=output+"<tr><th>Datum</th><th>Betrag</th><th>Verwendung</th></tr>\n"
while results>0:
results = results - 1
row = cursor.fetchone()
line = "<tr>"
line = line + "<td align=left>"+str(row[0])[0:10]+"</td>\n"
line = line + "<td align=right>"+str(row[1])+" EUR</td>\n"
line = line + "<td align=left>"+row[2]+"</td>\n"
line = line + "</tr>\n"
output=output+line
output=output+"</table></div>"
output=output+'<div align=center><p><input name="save" type="submit" value="Speichern"></div>'
2002-01-13 12:32:05 +01:00
output=output+'<input type="hidden" name="user" value="'+str(custid)+'"></div>'
output=output+'<input type="hidden" name="pass" value="'+Password+'"></div>'
output=output+"</form>"
2002-01-02 14:11:33 +01:00
else:
2002-01-13 12:32:05 +01:00
output = "Die Kundennummer oder das angegebene Passwort sind nicht korrekt."
2002-01-02 17:39:19 +01:00
db.close()
2002-01-02 14:11:33 +01:00
Display(output, "Kundendaten #"+str(custid))
2002-03-02 06:19:34 +01:00
Errors = ""
def TransferFaction(sid, faction, newuser, game):
db = MySQLdb.connect(db=dbname)
update = db.cursor()
exist = update.execute("select id from users where id="+str(newuser))
if exist==1:
update.execute("UPDATE subscriptions set status='TRANSFERED', user=" + str(newuser) + " where id="+str(sid))
SendTransfer(newuser, faction, game);
db.close()
return
2002-01-02 14:11:33 +01:00
2002-01-02 17:39:19 +01:00
def Save(custid, Password):
validkeys=['email','address','lastname','firstname','city','password','phone']
values='id='+str(custid)
for key in Form.keys():
2002-01-13 12:32:05 +01:00
if key in validkeys:
values=values+", "+key+"='"+Form[key].value+"'"
2002-01-02 17:39:19 +01:00
db = MySQLdb.connect(db=dbname)
cursor=db.cursor()
cursor.execute('UPDATE users SET '+values+' where id='+str(custid))
2002-01-13 12:32:05 +01:00
2002-01-13 12:48:32 +01:00
nfactions = cursor.execute("select g.name, s.id, faction from games g, subscriptions s where s.status='ACTIVE' and s.user="+str(custid) + " and s.game=g.id")
2002-01-13 12:32:05 +01:00
while nfactions > 0:
game, sid, faction = cursor.fetchone()
if Form.has_key("cancel_"+faction):
2002-01-13 12:48:32 +01:00
update = db.cursor()
update.execute("UPDATE subscriptions set status='CANCELLED' where id="+str(sid))
2002-03-02 06:19:34 +01:00
elif Form.has_key("transfer_"+faction):
newuser = int(Form["transfer_"+faction].value)
TransferFaction(sid, faction, newuser, game)
nfactions = nfactions - 1
nfactions = cursor.execute("select g.name, s.id, faction from games g, subscriptions s where s.status='TRANSFERED' and s.user="+str(custid) + " and s.game=g.id")
while nfactions > 0:
game, sid, faction = cursor.fetchone()
if Form.has_key("accept_"+faction):
update = db.cursor()
update.execute("UPDATE subscriptions set status='ACTIVE' where id="+str(sid))
2002-01-13 12:48:32 +01:00
nfactions = nfactions - 1
nfactions = cursor.execute("select g.name, s.id, faction from games g, subscriptions s where s.status='CANCELLED' and s.user="+str(custid) + " and s.game=g.id")
while nfactions > 0:
game, sid, faction = cursor.fetchone()
if Form.has_key("activate_"+faction):
update = db.cursor()
update.execute("UPDATE subscriptions set status='ACTIVE' where id="+str(sid))
2002-01-13 12:32:05 +01:00
nfactions = nfactions - 1
2002-01-02 17:39:19 +01:00
db.close()
ShowInfo(custid, Password)
# Display("Noch nicht implementiert", "Daten speichern f<>r Kunde #"+str(custid))
2002-01-02 14:11:33 +01:00
Form = cgi.FieldStorage()
if Form.has_key("user"):
custid = int(Form["user"].value)
else:
custid = 0
2002-01-02 17:04:23 +01:00
2002-01-02 14:11:33 +01:00
if Form.has_key("pass"):
Password = Form["pass"].value
else:
Password=""
2002-01-02 18:13:59 +01:00
if Form.has_key("sendpass"):
if Form.has_key("email"):
2002-01-13 12:32:05 +01:00
Email = Form["email"].value
2002-01-02 18:13:59 +01:00
else:
2002-01-13 12:32:05 +01:00
Email=""
2002-01-02 18:13:59 +01:00
SendPass(Email)
2002-01-02 17:39:19 +01:00
elif Form.has_key("save"):
Save(custid, Password)
else:
ShowInfo(custid, Password)