huangjihao
/
EnglishPal
forked from mrlan/EnglishPal
1
0
Fork 0
Code Pull Requests Activity

Fix: Move wordfreqapp.db to new location

fix-vuln
徐宣 2023-06-19 14:48:35 +08:00
parent 2277473afe
commit f40a388277
6 changed files with 9 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -7,7 +7,7 @@ app/static/usr/*.jpg
app/static/img/
app/static/frequency/frequency_*.pickle
app/static/frequency/frequency.p
app/static/wordfreqapp.db
app/wordfreqapp.db
app/static/donate-the-author.jpg
app/static/donate-the-author-hidden.jpg
app/model/__pycache__/

4
Jenkinsfile vendored
View File

@ -10,8 +10,8 @@ pipeline {
stages {
stage('MakeDatabasefile') {
steps {
sh 'touch ./app/static/wordfreqapp.db && rm -f ./app/static/wordfreqapp.db'
sh 'cat ./app/static/wordfreqapp.sql | sqlite3 ./app/static/wordfreqapp.db'
sh 'touch ./app/wordfreqapp.db && rm -f ./app/wordfreqapp.db'
sh 'cat ./app/static/wordfreqapp.sql | sqlite3 ./app/wordfreqapp.db'
}
}
stage('BuildIt') {

6
README.md
View File

@ -61,15 +61,15 @@ My steps for deploying English on a Ubuntu server.
All articles are stored in the `article` table in a SQLite file called
`app/static/wordfreqapp.db`.
`app/wordfreqapp.db`.
### Adding new articles
To add articles, open and edit `app/static/wordfreqapp.db` using DB Browser for SQLite (https://sqlitebrowser.org).
To add articles, open and edit `app/wordfreqapp.db` using DB Browser for SQLite (https://sqlitebrowser.org).
### Extending an account's expiry date
By default, an account's expiry is 30 days after first sign-up. To extend account's expiry date, open and edit `user` table in `app/static/wordfreqapp.db`. Simply update field `expiry_date`.
By default, an account's expiry is 30 days after first sign-up. To extend account's expiry date, open and edit `user` table in `app/wordfreqapp.db`. Simply update field `expiry_date`.
### Exporting the database

4
app/Article.py
View File

@ -15,7 +15,7 @@ path_prefix = './' # comment this line in deployment
def total_number_of_essays():
rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
rq = RecordQuery(path_prefix + 'wordfreqapp.db')
rq.instructions("SELECT * FROM article")
rq.do()
result = rq.get_results()
@ -33,7 +33,7 @@ def get_article_body(s):
def get_today_article(user_word_list, visited_articles):
rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
rq = RecordQuery(path_prefix + 'wordfreqapp.db')
if visited_articles is None:
visited_articles = {
"index" : 0, # 为 article_ids 的索引

10
app/main.py
View File

@ -56,16 +56,6 @@ def appears_in_test(word, d):
else:
return ','.join(d[word])
@app.before_request
def restrict_file_access():
'''
禁止直接访问/static下的数据库文件
'''
requested_path = request.path
normalized_path = os.path.normpath(requested_path)
if normalized_path.startswith('/static/') and normalized_path.endswith('wordfreqapp.db'):
return abort(403)
@app.route("/mark", methods=['GET', 'POST'])
def mark_word():
'''

2
app/model/__init__.py
View File

@ -1,7 +1,7 @@
from pony.orm import *
db = Database()
db.bind("sqlite", "../static/wordfreqapp.db", create_db=True) # bind sqlite file
db.bind("sqlite", "../wordfreqapp.db", create_db=True) # bind sqlite file
class User(db.Entity):