#!/usr/bin/env python
import sys
import MySQLdb
import cgi
import re
import smtplib
# specify the filename of the template file
scripturl="http://eressea.upb.de/~enno/cgi-bin/info.py"
TemplateFile = "vinyambar.html"
DefaultTitle = "Vinyambar Datenbank"
dbname = "vinyambar"
From = "accounts@vinyambar.de"
smtpserver = 'localhost'
Errors = ""
# define a new function called Display
# it takes one parameter - a string to Display
def Display(Content, Title=DefaultTitle):
TemplateHandle = open(TemplateFile, "r") # open in read only mode
# read the entire file as a string
TemplateInput = TemplateHandle.read()
TemplateHandle.close() # close the file
# for key in Form.keys():
# Content=Content+"
"+str(key)+"="+str(Form[key])
# this defines an exception string in case our
# template file is messed up
BadTemplateException = "There was a problem with the HTML template."
SubResult = re.subn("", Title, TemplateInput)
SubResult = re.subn("", Content, SubResult[0])
if SubResult[1] == 0:
raise BadTemplateException
print "Content-Type: text/html\n\n"
print SubResult[0]
return
def SendTransfer(userid, factionid, game):
db = MySQLdb.connect(db=dbname)
cursor=db.cursor()
cursor.execute("select email, firstname from users where id="+str(userid))
email, firstname = cursor.fetchone()
Msg="From: "+From+"\nTo: "+email+"\nSubject: Vinambar Passwort\n\n"
Msg=Msg+"Hallo, "+firstname+"\n"
Msg=Msg+"Ein Spieler hat Dir seine Partei " + factionid + " im Spiel " + game + "\n"
Msg=Msg+"übertragen. Um die Partei zu übernehmen, gehe bitte auf die Webseite \n"
Msg=Msg+"http://www.vinyambar.de/accounts.shtml, und akzeptiere dort den Transfer.\n"
server=smtplib.SMTP(smtpserver)
server.sendmail(From, email, Msg)
server.close()
db.close()
return
def SendPass(email):
try:
db = MySQLdb.connect(db=dbname)
cursor=db.cursor()
# print custid
cursor.execute("select id, email, password from users where email='"+email+"'")
custid, email, password = cursor.fetchone()
Msg="From: "+From+"\nTo: "+email+"\nSubject: Vinambar Passwort\n\n"
Msg=Msg+"Deine Kundennummer ist: "+str(int(custid))+"\n"
Msg=Msg+"Dein Vinyambar-Passwort lautet: "+password+"\n"
Msg=Msg+"\nDiese Mail wurde an Dich versandt, weil Du (oder jemand anders) \n"
Msg=Msg+"es im Formular auf http://www.vinyambar.de/accounts.shtml angefordert hat.\n"
server=smtplib.SMTP(smtpserver)
server.sendmail(From, email, Msg)
server.close()
db.close()
Display('
Das Passwort wurde verschickt
', 'Kundendaten #'+str(custid))
except:
Display('Beim Versenden des Passwortes ist ein Fehler aufgetreten.
Eventuell ist die email-Adresse unbekannt
', 'Kundendaten für '+email)
def ShowInfo(custid, Password):
global Errors
db = MySQLdb.connect(db=dbname)
cursor = db.cursor()
cursor.execute("select max(date), max(id) from transactions")
lastdate, id = cursor.fetchone()
query=("select firstname, lastname, email, address, city, country, phone, status "+
"from users "+
"where id="+str(custid)+" and password='"+Password+"' ")
#print query
results = cursor.execute(query);
if results != 0:
output = 'Letzter Buchungstag: '+str(lastdate)[0:10]+'
"
else:
output = "Die Kundennummer oder das angegebene Passwort sind nicht korrekt."
db.close()
Display(output, "Kundendaten #"+str(custid))
Errors = ""
def TransferFaction(sid, faction, newuser, game):
db = MySQLdb.connect(db=dbname)
update = db.cursor()
exist = update.execute("select id from users where id="+str(newuser))
if exist==1:
update.execute("UPDATE subscriptions set status='TRANSFERED', user=" + str(newuser) + " where id="+str(sid))
SendTransfer(newuser, faction, game);
db.close()
return
def Save(custid, Password):
validkeys=['email','address','lastname','firstname','city','password','phone']
values='id='+str(custid)
for key in Form.keys():
if key in validkeys:
values=values+", "+key+"='"+Form[key].value+"'"
db = MySQLdb.connect(db=dbname)
cursor=db.cursor()
cursor.execute('UPDATE users SET '+values+' where id='+str(custid))
nfactions = cursor.execute("select g.name, s.id, faction from games g, subscriptions s where s.status='ACTIVE' and s.user="+str(custid) + " and s.game=g.id")
while nfactions > 0:
game, sid, faction = cursor.fetchone()
if Form.has_key("cancel_"+faction):
update = db.cursor()
update.execute("UPDATE subscriptions set status='CANCELLED' where id="+str(sid))
elif Form.has_key("transfer_"+faction):
newuser = int(Form["transfer_"+faction].value)
TransferFaction(sid, faction, newuser, game)
nfactions = nfactions - 1
nfactions = cursor.execute("select g.name, s.id, faction from games g, subscriptions s where s.status='TRANSFERED' and s.user="+str(custid) + " and s.game=g.id")
while nfactions > 0:
game, sid, faction = cursor.fetchone()
if Form.has_key("accept_"+faction):
update = db.cursor()
update.execute("UPDATE subscriptions set status='ACTIVE' where id="+str(sid))
nfactions = nfactions - 1
nfactions = cursor.execute("select g.name, s.id, faction from games g, subscriptions s where s.status='CANCELLED' and s.user="+str(custid) + " and s.game=g.id")
while nfactions > 0:
game, sid, faction = cursor.fetchone()
if Form.has_key("activate_"+faction):
update = db.cursor()
update.execute("UPDATE subscriptions set status='ACTIVE' where id="+str(sid))
nfactions = nfactions - 1
db.close()
ShowInfo(custid, Password)
# Display("Noch nicht implementiert", "Daten speichern für Kunde #"+str(custid))
Form = cgi.FieldStorage()
if Form.has_key("user"):
custid = int(Form["user"].value)
else:
custid = 0
if Form.has_key("pass"):
Password = Form["pass"].value
else:
Password=""
if Form.has_key("sendpass"):
if Form.has_key("email"):
Email = Form["email"].value
else:
Email=""
SendPass(Email)
elif Form.has_key("save"):
Save(custid, Password)
else:
ShowInfo(custid, Password)