Merge pull request 'WIP：Bug529-GuHan' (#88) from Bug529-GuHan into master

Reviewed-on: http://121.4.94.30:3000/mrlan/EnglishPal/pulls/88
2023-06-04 12:39:34 +08:00 · 2023-06-04 12:39:34 +08:00 · 708a6a2821
parent 43c719b6b2 688a198768
commit 708a6a2821
30 changed files with 1012 additions and 351 deletions
--- a/.gitignore
+++ b/.gitignore
@ -10,3 +10,4 @@ app/static/frequency/frequency.p
 app/static/wordfreqapp.db
 app/static/donate-the-author.jpg
 app/static/donate-the-author-hidden.jpg
 app/model/__pycache__/
--- a/README.md
+++ b/README.md
@ -182,6 +182,7 @@ Bug report: http://118.25.96.118/bugzilla/show_bug.cgi?id=215
 ### 丁锐
 修复了以下漏洞
@ -191,4 +192,5 @@ Bug report: http://118.25.96.118/bugzilla/show_bug.cgi?id=215
 Bug report: http://118.25.96.118/bugzilla/show_bug.cgi?id=489
-*Last modified on 2023-01-30*
+*Last modified on 2023-01-30*
--- a/app/Article.py
+++ b/app/Article.py
@ -7,7 +7,7 @@ import random, glob
 import hashlib
 from datetime import datetime
 from flask import Flask, request, redirect, render_template, url_for, session, abort, flash, get_flashed_messages
-from difficulty import get_difficulty_level, text_difficulty_level, user_difficulty_level
+from difficulty import get_difficulty_level_for_user, text_difficulty_level, user_difficulty_level
 path_prefix = '/var/www/wordfreq/wordfreq/'
@ -32,12 +32,20 @@ def get_article_body(s):
    return '\n'.join(lst)
-def get_today_article(user_word_list, articleID):
+def get_today_article(user_word_list, visited_articles):
    rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
-    if articleID == None:
+    if visited_articles is None:
        visited_articles = {
            "index" : 0,  # 为 article_ids 的索引
            "article_ids": []  # 之前显示文章的id列表，越后越新
        }
    if visited_articles["index"] > len(visited_articles["article_ids"])-1:  # 生成新的文章，因此查找所有的文章
        rq.instructions("SELECT * FROM article")
-    else:
+    else:  # 生成阅读过的文章，因此查询指定 article_id 的文章
-        rq.instructions('SELECT * FROM article WHERE article_id=%d' % (articleID))
+        if visited_articles["article_ids"][visited_articles["index"]] == 'null':  # 可能因为直接刷新页面导致直接去查询了'null'，因此当刷新的页面的时候，需要直接进行“上一篇”操作
            visited_articles["index"] -= 1
            visited_articles["article_ids"].pop()
        rq.instructions('SELECT * FROM article WHERE article_id=%d' % (visited_articles["article_ids"][visited_articles["index"]]))
    rq.do()
    result = rq.get_results()
    random.shuffle(result)
@ -45,38 +53,51 @@ def get_today_article(user_word_list, articleID):
    # Choose article according to reader's level
    d1 = load_freq_history(path_prefix + 'static/frequency/frequency.p')
    d2 = load_freq_history(path_prefix + 'static/words_and_tests.p')
-    d3 = get_difficulty_level(d1, d2)
+    d3 = get_difficulty_level_for_user(d1, d2)
-    d = {}
+    d = None
    result_of_generate_article = "not found"
    d_user = load_freq_history(user_word_list)
    user_level = user_difficulty_level(d_user, d3)  # more consideration as user's behaviour is dynamic. Time factor should be considered.
-    random.shuffle(result)  # shuffle list
+    text_level = 0
-    d = random.choice(result)
+    if visited_articles["index"] > len(visited_articles["article_ids"])-1:  # 生成新的文章
-    text_level = text_difficulty_level(d['text'], d3)
+        amount_of_visited_articles = len(visited_articles["article_ids"])
-    if articleID == None:
+        amount_of_existing_articles = result.__len__()
-        for reading in result:
+        if amount_of_visited_articles == amount_of_existing_articles:  # 如果当前阅读过的文章的数量 == 存在的文章的数量，即所有的书本都阅读过了
-            text_level = text_difficulty_level(reading['text'], d3)
+            result_of_generate_article = "had read all articles"
-            factor = random.gauss(0.8,
+        else:
-                                  0.1)  # a number drawn from Gaussian distribution with a mean of 0.8 and a stand deviation of 1
+            for k in range(3):  # 最多尝试3次
-            if within_range(text_level, user_level, (8.0 - user_level) * factor):
+                for reading in result:
-                d = reading
+                    text_level = text_difficulty_level(reading['text'], d3)
-                break
+                    factor = random.gauss(0.8, 0.1)  # a number drawn from Gaussian distribution with a mean of 0.8 and a stand deviation of 1
                    if reading['article_id'] not in visited_articles["article_ids"] and within_range(text_level, user_level, (8.0 - user_level) * factor):  # 新的文章之前没有出现过且符合一定范围的水平
                        d = reading
                        visited_articles["article_ids"].append(d['article_id'])  # 列表添加新的文章id；下面进行
                        result_of_generate_article = "found"
                        break
                if result_of_generate_article == "found":  # 用于成功找到文章后及时退出外层循环
                    break
        if result_of_generate_article != "found":  # 阅读完所有文章，或者循环3次没有找到适合的文章，则放入空（“null”）
            visited_articles["article_ids"].append('null')
    else:  # 生成已经阅读过的文章
        d = random.choice(result)
        text_level = text_difficulty_level(d['text'], d3)
        result_of_generate_article = "found"
-    s = '<div class="alert alert-success" role="alert">According to your word list, your level is <span class="badge bg-success">%4.2f</span>  and we have chosen an article with a difficulty level of <span class="badge bg-success">%4.2f</span> for you.</div>' % (
+    today_article = None
-        user_level, text_level)
+    if d:
-    s += '<p class="text-muted">Article added on: %s</p>' % (d['date'])
+        today_article = {
-    s += '<div class="p-3 mb-2 bg-light text-dark">'
+            "user_level": '%4.2f' % user_level,
-    article_title = get_article_title(d['text'])
+            "text_level": '%4.2f' % text_level,
-    article_body = get_article_body(d['text'])
+            "date": d['date'],
-    s += '<p class="display-5">%s</p>' % (article_title)
+            "article_title": get_article_title(d['text']),
-    s += '<p class="lead"><font id="article" size=2>%s</font></p>' % (article_body)
+            "article_body": get_article_body(d['text']),
-    s += '<p><small class="text-muted">%s</small></p>' % (d['source'])
+            "source": d["source"],
-    s += '<p><b>%s</b></p>' % (get_question_part(d['question']))
+            "question": get_question_part(d['question']),
-    s = s.replace('\n', '<br/>')
+            "answer": get_answer_part(d['question'])
-    s += '%s' % (get_answer_part(d['question']))
+        }
-    s += '</div>'
+
-    session['articleID'] = d['article_id']
+    return visited_articles, today_article, result_of_generate_article
    return s
 def load_freq_history(path):
@ -116,21 +137,4 @@ def get_answer_part(s):
            flag = 1
        elif flag == 1:
            result.append(line)
-    # https://css-tricks.com/snippets/javascript/showhide-element/
+    return '\n'.join(result)
    js = '''
 <script type="text/javascript">
    function toggle_visibility(id) {
       var e = document.getElementById(id);
       if(e.style.display == 'block')
          e.style.display = 'none';
       else
          e.style.display = 'block';
    }
 </script>
    '''
    html_code = js
    html_code += '\n'
    html_code += '<button onclick="toggle_visibility(\'answer\');">ANSWER</button>\n'
    html_code += '<div id="answer" style="display:none;">%s</div>\n' % ('\n'.join(result))
    return html_code
--- a/app/Login.py
+++ b/app/Login.py
@ -3,6 +3,18 @@ import string
 from datetime import datetime, timedelta
 from UseSqlite import InsertQuery, RecordQuery
 def md5(s):
    '''
    MD5摘要
    :param str: 字符串
    :return: 经MD5以后的字符串
    '''
    h = hashlib.md5(s.encode(encoding='utf-8'))
    return h.hexdigest()
 # import model.user after the defination of md5(s) to avoid circular import
 from model.user import get_user_by_username, insert_user, update_password_by_username
 path_prefix = '/var/www/wordfreq/wordfreq/'
 path_prefix = './'  # comment this line in deployment
@ -12,13 +24,9 @@ def verify_pass(newpass,oldpass):
 def verify_user(username, password):
-    rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
+    user = get_user_by_username(username)
-    password = md5(username + password)
+    encoded_password = md5(username + password)
-    rq.instructions_with_parameters("SELECT * FROM user WHERE name=:username AND password=:password", dict(
+    return user is not None and user.password == encoded_password
        username=username, password=password))  # the named style https://docs.python.org/3/library/sqlite3.html
    rq.do_with_parameters()
    result = rq.get_results()
    return result != []
 def add_user(username, password):
@ -26,19 +34,12 @@ def add_user(username, password):
    expiry_date = (datetime.now() + timedelta(days=30)).strftime('%Y%m%d') # will expire after 30 days
    # 将用户名和密码一起加密，以免暴露不同用户的相同密码
    password = md5(username + password)
-    rq = InsertQuery(path_prefix + 'static/wordfreqapp.db')
+    insert_user(username=username, password=password, start_date=start_date, expiry_date=expiry_date)
    rq.instructions_with_parameters("INSERT INTO user VALUES (:username, :password, :start_date, :expiry_date)", dict(
        username=username, password=password, start_date=start_date, expiry_date=expiry_date))
    rq.do_with_parameters()
 def check_username_availability(username):
-    rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
+    existed_user = get_user_by_username(username)
-    rq.instructions_with_parameters(
+    return existed_user is None
        "SELECT * FROM user WHERE name=:username", dict(username=username))
    rq.do_with_parameters()
    result = rq.get_results()
    return result == []
 def change_password(username, old_password, new_password):
@ -54,35 +55,16 @@ def change_password(username, old_password, new_password):
    # 将用户名和密码一起加密，以免暴露不同用户的相同密码
    if verify_pass(new_password,old_password): #新旧密码一致
        return False
-    password = md5(username + new_password)
+    update_password_by_username(username, new_password)
    rq = InsertQuery(path_prefix + 'static/wordfreqapp.db')
    rq.instructions_with_parameters("UPDATE user SET password=:password WHERE name=:username", dict(
        password=password, username=username))
    rq.do_with_parameters()
    return True
 def get_expiry_date(username):
-    rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
+    user = get_user_by_username(username)
-    rq.instructions_with_parameters(
+    if user is None:
        "SELECT expiry_date FROM user WHERE name=:username", dict(username=username))
    rq.do_with_parameters()
    result = rq.get_results()
    if len(result) > 0:
        return result[0]['expiry_date']
    else:
        return '20191024'
-
+    else:
-
+        return user.expiry_date
 def md5(s):
    '''
    MD5摘要
    :param str: 字符串
    :return: 经MD5以后的字符串
    '''
    h = hashlib.md5(s.encode(encoding='utf-8'))
    return h.hexdigest()
 class UserName:
    def __init__(self, username):
@ -96,9 +78,9 @@ class UserName:
        if ' ' in self.username: # a user name must not include a whitespace
            return 'Whitespace is not allowed in the user name.'
        for c in self.username: # a user name must not include special characters, except non-leading periods or underscores
-            if c in string.punctuation and c is not '.' and c is not '_':
+            if c in string.punctuation and c != '.' and c != '_':
                return f'{c} is not allowed in the user name.'
-        if self.username in ['signup', 'login', 'logout', 'reset', 'mark', 'back', 'unfamiliar', 'familiar', 'del']:
+        if self.username in ['signup', 'login', 'logout', 'reset', 'mark', 'back', 'unfamiliar', 'familiar', 'del', 'admin']:
            return 'You used a restricted word as your user name.  Please come up with a better one.'
        return 'OK'
--- a/app/account_service.py
+++ b/app/account_service.py
@ -19,21 +19,15 @@ def signup():
        # POST方法需判断是否注册成功，再根据结果返回不同的内容
        username = escape(request.form['username'])
        password = escape(request.form['password'])
        password2 = escape(request.form['password2'])
        #! 添加如下代码为了过滤注册时的非法字符
        warn = WarningMessage(username)
        if str(warn) != 'OK':
-            return str(warn)
+            return jsonify({'status': '3', 'warn': str(warn)})
        available = check_username_availability(username)
        if not available: # 用户名不可用
-            flash('用户名 %s 已经被注册。' % (username))
+            return jsonify({'status': '0'})
            return render_template('signup.html')
        elif len(password.strip()) < 4: # 密码过短
            return '密码过于简单。'
        elif password != password2:
            return '确认密码与输入密码不一致！'
        else: # 添加账户信息
            add_user(username, password)
            verified = verify_user(username, password)
@ -43,11 +37,10 @@ def signup():
                session[username] = username
                session['username'] = username
                session['expiry_date'] = get_expiry_date(username)
-                session['articleID'] = None
+                session['visited_articles'] = None
-                return '<p>恭喜，你已成功注册， 你的用户名是 <a href="%s">%s</a>。</p>\
+                return jsonify({'status': '2'})
                <p><a href="/%s">开始使用</a> <a href="/">返回首页</a><p/>' % (username, username, username)
            else:
-                return '用户名密码验证失败。'
+                return jsonify({'status': '1'})
@ -59,13 +52,7 @@ def login():
    '''
    if request.method == 'GET':
        # GET请求
-        if not session.get('logged_in'):
+        return render_template('login.html')
            # 未登录，返回登录页面
            return render_template('login.html')
        else:
            # 已登录，提示信息并显示登出按钮
            return '你已登录 <a href="/%s">%s</a>。 登出点击<a href="/logout">这里</a>。' % (
                session['username'], session['username'])
    elif request.method == 'POST':
        # POST方法用于判断登录是否成功
        # check database and verify user
@ -79,10 +66,10 @@ def login():
            session['username'] = username
            user_expiry_date = get_expiry_date(username)
            session['expiry_date'] = user_expiry_date
-            session['articleID'] = None
+            session['visited_articles'] = None
-            return redirect(url_for('user_bp.userpage', username=username))
+            return jsonify({'status': '1'})
        else:
-            return '无法通过验证。'
+            return jsonify({'status': '0'})
@accountService.route("/logout", methods=['GET', 'POST'])
@ -115,31 +102,9 @@ def reset():
        # POST请求用于提交修改后信息
        old_password = escape(request.form['old-password'])
        new_password = escape(request.form['new-password'])
        re_new_password = escape(request.form['re-new-password'])  # 确认新密码
        if re_new_password != new_password: #验证新密码两次输入是否相同
            return '新密码不匹配，请重新输入'
        if len(new_password) < 4: #验证新密码长度，原则参照注册模块
            return '密码过于简单。(密码长度至少4位)'
        flag = change_password(username, old_password, new_password) # flag表示是否修改成功
        if flag:
            session['logged_in'] = False
-            return \
+            return jsonify({'status':'1'})  # 修改成功
 '''
 <script>
 alert('密码修改成功，请重新登录。');
 window.location.href="/login";
 </script>
 '''
        else:
-            return \
+            return jsonify({'status':'2'})  # 修改失败
 '''
 <script>
 alert('密码修改失败');
 window.location.href="/reset";
 </script>
 '''
--- a/app/admin_service.py
+++ b/app/admin_service.py
@ -0,0 +1,142 @@
 # System Library
 from flask import *
 # Personal library
 from Yaml import yml
 from model.user import *
 from model.article import *
 ADMIN_NAME = "lanhui"  # unique admin name
 _cur_page = 1  # current article page
 _page_size = 5  # article sizes per page
 adminService = Blueprint("admin_service", __name__)
 def check_is_admin():
    # 未登录，跳转到未登录界面
    if not session.get("logged_in"):
        return render_template("not_login.html")
    # 用户名不是admin_name
    if session.get("username") != ADMIN_NAME:
        return "You are not admin!"
    return "pass"
@adminService.route("/admin", methods=["GET"])
 def admin():
    is_admin = check_is_admin()
    if is_admin != "pass":
        return is_admin
    return render_template(
        "admin_index.html", yml=yml, username=session.get("username")
    )
@adminService.route("/admin/article", methods=["GET", "POST"])
 def article():
    global _cur_page, _page_size
    is_admin = check_is_admin()
    if is_admin != "pass":
        return is_admin
    _article_number = get_number_of_articles()
    try:
        _page_size = min(
            max(1, int(request.args.get("size", 5))), _article_number
        )  # 最小的size是1
        _cur_page = min(
            max(1, int(request.args.get("page", 1))), _article_number // _page_size + (_article_number % _page_size > 0)
        )  # 最小的page是1
    except ValueError:
        return "page parmas must be int!"
    _articles = get_page_articles(_cur_page, _page_size)
    for article in _articles:   # 获取每篇文章的title
        article.title = article.text.split("\n")[0]
        article.content = '<br/>'.join(article.text.split("\n")[1:])
    context = {
        "article_number": _article_number,
        "text_list": _articles,
        "page_size": _page_size,
        "cur_page": _cur_page,
        "username": session.get("username"),
    }
    def _update_context():
        article_len = get_number_of_articles()
        context["article_number"] = article_len
        context["text_list"] = get_page_articles(_cur_page, _page_size)
        _articles = get_page_articles(_cur_page, _page_size)
        for article in _articles:   # 获取每篇文章的title
            article.title = article.text.split("\n")[0]
        context["text_list"] = _articles
    if request.method == "GET":
        try:
            delete_id = int(request.args.get("delete_id", 0))
        except:
            return "Delete article ID must be int!"
        if delete_id:  # delete article
            delete_article_by_id(delete_id)
            _update_context()
    elif request.method == "POST":
        data = request.form
        content = data.get("content", "")
        source = data.get("source", "")
        question = data.get("question", "")
        level = data.get("level", "4")
        if content:
            if level not in ['1', '2', '3', '4']:
                return "Level must be between 1 and 4."
            add_article(content, source, level, question)
            _update_context()
            title = content.split('\n')[0]
            flash(f'Article added. Title: {title}')
    return render_template("admin_manage_article.html", **context)
@adminService.route("/admin/user", methods=["GET", "POST"])
 def user():
    is_admin = check_is_admin()
    if is_admin != "pass":
        return is_admin
    context = {
        "user_list": get_users(),
        "username": session.get("username"),
    }
    if request.method == "POST":
        data = request.form
        username = data.get("username","")
        new_password = data.get("new_password", "")
        expiry_time = data.get("expiry_time", "")
        if username:
            if new_password:
                update_password_by_username(username, new_password)
                flash(f'Password updated to {new_password}')
            if expiry_time:
                update_expiry_time_by_username(username, "".join(expiry_time.split("-")))
                flash(f'Expiry date updated to {expiry_time}.')
    return render_template("admin_manage_user.html", **context)
@adminService.route("/admin/expiry", methods=["GET"])
 def user_expiry_time():
    is_admin = check_is_admin()
    if is_admin != "pass":
        return is_admin
    username = request.args.get("username", "")
    if not username:
        return "Username can't be empty."
    user = get_user_by_username(username)
    if not user:
        return "User does not exist."
    return user.expiry_date
--- a/app/difficulty.py
+++ b/app/difficulty.py
@ -8,6 +8,7 @@
 import pickle
 import math
 from wordfreqCMD import remove_punctuation, freq, sort_in_descending_order, sort_in_ascending_order
 import snowballstemmer
 def load_record(pickle_fname):
@ -17,41 +18,51 @@ def load_record(pickle_fname):
    return d
-def difficulty_level_from_frequency(word, d):
+def convert_test_type_to_difficulty_level(d):
-    level = 1
+    """
-    if not word in d:
+    对原本的单词库中的单词进行难度评级
-        return level
+    :param d: 存储了单词库pickle文件中的单词的字典
-    
+    :return:
-    if 'what' in d:
+    """
-        ratio = (d['what']+1)/(d[word]+1) # what is a frequent word
+    result = {}
-        level = math.log( max(ratio, 1), 2)
+    L = list(d.keys())  # in d, we have test types (e.g., CET4,CET6,BBC) for each word
-    level = min(level, 8) 
+    for k in L:
-    return level
+        if 'CET4' in d[k]:
            result[k] = 4  # CET4 word has level 4
        elif 'OXFORD3000' in d[k]:
            result[k] = 5
        elif 'CET6' in d[k] or 'GRADUATE' in d[k]:
            result[k] = 6
        elif 'OXFORD5000' in d[k] or 'IELTS' in d[k]:
            result[k] = 7
        elif 'BBC' in d[k]:
            result[k] = 8
    return result  # {'apple': 4, ...}
-def get_difficulty_level(d1, d2):
+def get_difficulty_level_for_user(d1, d2):
-    d = {}
+    """
-    L = list(d1.keys())  # in d1, we have freuqence for each word
+    d2 来自于词库的35511个已标记单词
-    L2 = list(d2.keys()) # in d2, we have test types (e.g., CET4,CET6,BBC) for each word
+    d1 用户不会的词
-    L.extend(L2)
+    在d2的后面添加单词，没有新建一个新的字典
-    L3 = list(set(L)) # L3 contains all words
+    """
-    for k in L3:
+    # TODO: convert_test_type_to_difficulty_level() should not be called every time.  Each word's difficulty level should be pre-computed.
-        if k in d2:
+    d2 = convert_test_type_to_difficulty_level(d2)  # 根据d2的标记评级{'apple': 4, 'abandon': 4, ...}
-            if 'CET4' in d2[k]:
+    stemmer = snowballstemmer.stemmer('english')
                d[k] = 4 # CET4 word has level 4
            elif 'CET6' in d2[k]:
                d[k] = 6
            elif 'BBC' in d2[k]:
                d[k] = 8
                if k in d1: # BBC could contain easy words that are not in CET4 or CET6.  So 4 is not reasonable.  Recompute difficulty level.
                    d[k] = min(difficulty_level_from_frequency(k, d1), d[k])
        elif k in d1:
            d[k] = difficulty_level_from_frequency(k, d1)
-    return d
+    for k in d1:  # 用户的词
        if k in d2:  # 如果用户的词以原型的形式存在于词库d2中
            continue  # 无需评级，跳过
        else:
            stem = stemmer.stemWord(k)
            if stem in d2:  # 如果用户的词的词根存在于词库d2的词根库中
                d2[k] = d2[stem]  # 按照词根进行评级
            else:
                d2[k] = 3  # 如果k的词根都不在，那么就当认为是3级
    return d2
 def revert_dict(d):
    '''
@ -62,12 +73,13 @@ def revert_dict(d):
    for k in d:
        if type(d[k]) is list:  # d[k] is a list of dates.
            lst = d[k]
-        elif type(d[k]) is int: # for backward compatibility.  d was sth like {'word':1}.  The value d[k] is not a list of dates, but a number representing how frequent this word had been added to the new word book. 
+        elif type(d[
                      k]) is int:  # for backward compatibility.  d was sth like {'word':1}.  The value d[k] is not a list of dates, but a number representing how frequent this word had been added to the new word book.
            freq = d[k]
-            lst = freq*['2021082019'] # why choose this date?  No particular reasons.  I fix the bug in this date.
+            lst = freq * ['2021082019']  # why choose this date?  No particular reasons.  I fix the bug in this date.
        for time_info in lst:
-            date = time_info[:10] # until hour
+            date = time_info[:10]  # until hour
            if not date in d2:
                d2[date] = [k]
            else:
@ -76,42 +88,44 @@ def revert_dict(d):
 def user_difficulty_level(d_user, d):
-    d_user2 = revert_dict(d_user) # key is date, and value is a list of words added in that date
+    d_user2 = revert_dict(d_user)  # key is date, and value is a list of words added in that date
    count = 0
    geometric = 1
-    for date in sorted(d_user2.keys(), reverse=True): # most recently added words are more important while determining user's level
+    for date in sorted(d_user2.keys(),
-        lst = d_user2[date] # a list of words
+                       reverse=True):  # most recently added words are more important while determining user's level
-        lst2 = [] # a list of tuples, (word, difficulty level)
+        lst = d_user2[date]  # a list of words
-        for  word in lst:
+        lst2 = []  # a list of tuples, (word, difficulty level)
        for word in lst:
            if word in d:
                lst2.append((word, d[word]))
-        lst3 = sort_in_ascending_order(lst2) # easiest tuple first
+        lst3 = sort_in_ascending_order(lst2)  # easiest tuple first
-        #print(lst3)
+        # print(lst3)
        for t in lst3:
            word = t[0]
            hard = t[1]
-            #print('WORD %s HARD %4.2f' % (word, hard))
+            # print('WORD %s HARD %4.2f' % (word, hard))
            geometric = geometric * (hard)
            count += 1
            if count >= 10:
-                return geometric**(1/count)
+                return geometric ** (1 / count)
-    return geometric**(1/max(count,1))
+    return geometric ** (1 / max(count, 1))
 def text_difficulty_level(s, d):
    s = remove_punctuation(s)
    L = freq(s)
-    lst = [] # a list of tuples, each tuple being (word, difficulty level)
+    lst = []  # a list of tuples, each tuple being (word, difficulty level)
    stop_words = {'the':1, 'and':1, 'of':1, 'to':1, 'what':1, 'in':1, 'there':1, 'when':1, 'them':1, 'would':1, 'will':1, 'out':1, 'his':1, 'mr':1, 'that':1, 'up':1, 'more':1, 'your':1, 'it':1, 'now':1, 'very':1, 'then':1, 'could':1, 'he':1, 'any':1, 'some':1, 'with':1, 'into':1, 'you':1, 'our':1, 'man':1, 'other':1, 'time':1, 'was':1, 'than':1, 'know':1, 'about':1, 'only':1, 'like':1, 'how':1, 'see':1, 'is':1, 'before':1, 'such':1, 'little':1, 'two':1, 'its':1, 'as':1, 'these':1, 'may':1, 'much':1, 'down':1, 'for':1, 'well':1, 'should':1, 'those':1, 'after':1, 'same':1, 'must':1, 'say':1, 'first':1, 'again':1, 'us':1, 'great':1, 'where':1, 'being':1, 'come':1, 'over':1, 'good':1, 'himself':1, 'am':1, 'never':1, 'on':1, 'old':1, 'here':1, 'way':1, 'at':1, 'go':1, 'upon':1, 'have':1, 'had':1, 'without':1, 'my':1, 'day':1, 'be':1, 'but':1, 'though':1, 'from':1, 'not':1, 'too':1, 'another':1, 'this':1, 'even':1, 'still':1, 'her':1, 'yet':1, 'under':1, 'by':1, 'let':1, 'just':1, 'all':1, 'because':1, 'we':1, 'always':1, 'off':1, 'yes':1, 'so':1, 'while':1, 'why':1, 'which':1, 'me':1, 'are':1, 'or':1, 'no':1, 'if':1, 'an':1, 'also':1, 'thus':1, 'who':1, 'cannot':1, 'she':1, 'whether':1} # ignore these words while computing the artile's difficulty level
    for x in L:
        word = x[0]
-        if word in d:
+        if word not in stop_words and word in d:
            lst.append((word, d[word]))
-    lst2 = sort_in_descending_order(lst) # most difficult words on top
+    lst2 = sort_in_descending_order(lst)  # most difficult words on top
-    #print(lst2)
+    # print(lst2)
    count = 0
    geometric = 1
    for t in lst2:
@ -119,24 +133,20 @@ def text_difficulty_level(s, d):
        hard = t[1]
        geometric = geometric * (hard)
        count += 1
-        if count >= 20: # we look for n most difficult words
+        if count >= 20:  # we look for n most difficult words
-            return geometric**(1/count)
+            return geometric ** (1 / count)
    return geometric**(1/max(count,1))
    return geometric ** (1 / max(count, 1))
 if __name__ == '__main__':
    d1 = load_record('frequency.p')
-    #print(d1)
+    # print(d1)
    d2 = load_record('words_and_tests.p')
-    #print(d2)
+    # print(d2)
-
+    d3 = get_difficulty_level_for_user(d1, d2)
    d3 = get_difficulty_level(d1, d2)
    s = '''
 South Lawn
@ -197,7 +207,6 @@ Amidst the aftermath of this shocking referendum vote, there is great uncertaint
 '''
    s = '''
 British Prime Minister Boris Johnson walks towards a voting station during the Brexit referendum in Britain, June 23, 2016. (Photo: EPA-EFE)
@ -218,7 +227,6 @@ The prime minister was forced to ask for an extension to Britain's EU departure
 Johnson has repeatedly pledged to finalize the first stage, a transition deal, of Britain's EU divorce battle by Oct. 31. A second stage will involve negotiating its future relationship with the EU on trade, security and other salient issues.
 '''
    s = '''
 Thank you very much. We have a Cabinet meeting. We’ll have a few questions after grace. And, if you would, Ben, please do the honors.
@ -233,17 +241,11 @@ We need — for our farmers, our manufacturers, for, frankly, unions and non-uni
 '''
-
+    # f = open('bbc-fulltext/bbc/entertainment/001.txt')
    #f = open('bbc-fulltext/bbc/entertainment/001.txt')
    f = open('wordlist.txt')
    s = f.read()
    f.close()
    print(text_difficulty_level(s, d3))
-            
+
--- a/app/main.py
+++ b/app/main.py
@ -5,24 +5,24 @@
 # Copyright 2019 (C) Hui Lan <hui.lan@cantab.net>
 # Written permission must be obtained from the author for commercial uses.
 ###########################################################################
 from flask import escape
 from Login import *
 from Article import *
 import Yaml
 from user_service import userService
 from account_service import accountService
 from admin_service import adminService, ADMIN_NAME
 app = Flask(__name__)
 app.secret_key = 'lunch.time!'
 # 将蓝图注册到Lab app
 app.register_blueprint(userService)
 app.register_blueprint(accountService)
 app.register_blueprint(adminService)
 path_prefix = '/var/www/wordfreq/wordfreq/'
 path_prefix = './'  # comment this line in deployment
 def get_random_image(path):
    '''
    返回随机图
@ -39,8 +39,7 @@ def get_random_ads():
    返回随机广告
    :return: 一个广告(包含HTML标签)
    '''
-    ads = random.choice(['个性化分析精准提升', '你的专有单词本', '智能捕捉阅读弱点，针对性提高你的阅读水平'])
+    return random.choice(['个性化分析精准提升', '你的专有单词本', '智能捕捉阅读弱点，针对性提高你的阅读水平'])
    return ads + '。 <a href="/signup">试试</a>吧！'
 def appears_in_test(word, d):
@ -98,9 +97,13 @@ def mainpage():
        d = load_freq_history(path_prefix + 'static/frequency/frequency.p')
        d_len = len(d)
        lst = sort_in_descending_order(pickle_idea.dict2lst(d))
-        return render_template('mainpage_get.html', random_ads=random_ads, number_of_essays=number_of_essays,
+        return render_template('mainpage_get.html', 
-                               d_len=d_len, lst=lst, yml=Yaml.yml)
+                               admin_name=ADMIN_NAME,
-
+                               random_ads=random_ads,
                               d_len=d_len,
                               lst=lst,
                               yml=Yaml.yml,
                               number_of_essays=number_of_essays)
 if __name__ == '__main__':
--- a/app/model/init.py
+++ b/app/model/init.py
@ -0,0 +1,30 @@
 from pony.orm import *
 db = Database()
 db.bind("sqlite", "../static/wordfreqapp.db", create_db=True)  # bind sqlite file
 class User(db.Entity):
    _table_ = "user"  # table name
    name = PrimaryKey(str)
    password = Optional(str)
    start_date = Optional(str)
    expiry_date = Optional(str)
 class Article(db.Entity):
    _table_ = "article"  # table name
    article_id = PrimaryKey(int, auto=True)
    text = Optional(str)
    source = Optional(str)
    date = Optional(str)
    level = Optional(str)
    question = Optional(str)
 db.generate_mapping(create_tables=True)  # must mapping after class declaration
 if __name__ == "__main__":
    with db_session:
        print(Article[2].text)  # test get article which id=2 text content
--- a/app/model/article.py
+++ b/app/model/article.py
@ -0,0 +1,34 @@
 from model import *
 from datetime import datetime
 def add_article(content, source="manual_input", level="5", question="No question"):
    with db_session:
        # add one article to sqlite
        Article(
            text=content,
            source=source,
            date=datetime.now().strftime("%-d %b %Y"),  # format style of `5 Oct 2022`
            level=level,
            question=question,
        )
 def delete_article_by_id(article_id):
    article_id &= 0xFFFFFFFF  # max 32 bits
    with db_session:
        article = Article.select(article_id=article_id)
        if article:
            article.first().delete()
 def get_number_of_articles():
    with db_session:
        return len(Article.select()[:])
 def get_page_articles(num, size):
    with db_session:
        return [
            x
            for x in Article.select().order_by(desc(Article.article_id)).page(num, size)
        ]
--- a/app/model/user.py
+++ b/app/model/user.py
@ -0,0 +1,30 @@
 from model import *
 from Login import md5
 from pony import orm
 def get_users():
    with db_session:
        return User.select().order_by(User.name)[:]
 def get_user_by_username(username):
    with db_session:
        user = User.select(name=username)
        if user:
            return user.first()
 def insert_user(username, password, start_date, expiry_date):
    with db_session:
        user = User(name=username, password=password, start_date=start_date, expiry_date=expiry_date)
        orm.commit()
 def update_password_by_username(username, password="123456"):
    with db_session:
        user = User.select(name=username)
        if user:
            user.first().password = md5(username + password)
 def update_expiry_time_by_username(username, expiry_time="20230323"):
    with db_session:
        user = User.select(name=username)
        if user:
            user.first().expiry_date = expiry_time
--- a/app/pickle_idea2.py
+++ b/app/pickle_idea2.py
@ -68,7 +68,7 @@ def save_frequency_to_pickle(d, pickle_fname):
    d2 = {}
    for k in d:
        if not k in exclusion_lst and not k.isnumeric() and not len(k) < 2:
-            d2[k] = list(sorted(set(d[k])))
+            d2[k] = list(sorted(d[k])) # 原先这里是d2[k] = list(sorted(set(d[k])))
    pickle.dump(d2, f)
    f.close()
--- a/app/static/config.yml
+++ b/app/static/config.yml
@ -1,16 +1,17 @@
 # 全局引入的css文件地址
 css:
  item:
-    - static/css/bootstrap.css
+    - ../static/css/bootstrap.css
 # 全局引入的js文件地址
 js:
  head: # 在页面加载之前加载
-    - static/js/jquery.js
+    - ../static/js/jquery.js
-    - static/js/word_operation.js
+    - ../static/js/read.js
    - ../static/js/word_operation.js
  bottom: # 在页面加载完之后加载
-    - static/js/fillword.js
+    - ../static/js/fillword.js
-    - static/js/highlight.js
+    - ../static/js/highlight.js
 # 高亮样式，目前仅支持修改颜色
 highlight:
--- a/app/static/js/fillword.js
+++ b/app/static/js/fillword.js
@ -1,9 +1,5 @@
 let isRead = true;
 let isChoose = true;
 let reader = window.speechSynthesis; // 全局定义朗读者，以便朗读和暂停
 let current_position = 0; // 朗读文本的当前位置
 let original_position = 0; // 朗读文本的初始位置
 let to_speak = ""; // 朗读的初始内容
 function getWord() {
    return window.getSelection ? window.getSelection() : document.selection.createRange().text;
@ -11,7 +7,7 @@ function getWord() {
 function fillInWord() {
    let word = getWord();
-    if (isRead) read(word);
+    if (isRead) Reader.read(word, inputSlider.value);
    if (!isChoose) return;
    const element = document.getElementById("selected-words");
    element.value = element.value + " " + word;
@ -19,50 +15,17 @@ function fillInWord() {
 document.getElementById("text-content").addEventListener("click", fillInWord, false);
-function makeUtterance(str, rate) {
+const sliderValue = document.getElementById("rangeValue");
-    let msg = new SpeechSynthesisUtterance(str);
+const inputSlider = document.getElementById("rangeComponent");
    msg.rate = rate;
    msg.lang = "en-US"; // TODO: add language options menu
    msg.onboundary = ev => {
        if (ev.name == "word") {
            current_position = ev.charIndex;
        }
    }
    return msg;
 }
 const sliderValue = document.getElementById("rangeValue"); // 显示值
 const inputSlider = document.getElementById("rangeComponent"); // 滑块元素
 inputSlider.oninput = () => {
-    let value = inputSlider.value; // 获取滑块的值
+    let value = inputSlider.value;
    sliderValue.textContent = value + '×';
    if (!reader.speaking) return;
    reader.cancel();
    let msg = makeUtterance(to_speak.substring(original_position + current_position), value);
    original_position = original_position + current_position;
    current_position = 0;
    reader.speak(msg);
 };
 function read(s) {
    to_speak = s.toString();
    original_position = 0;
    current_position = 0;
    let msg = makeUtterance(to_speak, inputSlider.value);
    reader.speak(msg);
 }
 function onReadClick() {
    isRead = !isRead;
    if (!isRead) {
        reader.cancel();
    }
 }
 function onChooseClick() {
    isChoose = !isChoose;
 }
 function stopRead() {
    reader.cancel();
 }
--- a/app/static/js/highlight.js
+++ b/app/static/js/highlight.js
@ -38,8 +38,18 @@ function highLight() {
        list[i] = list[i].replace('|', "");
        list[i] = list[i].replace('?', "");
        if (list[i] !== "" && "<mark>".indexOf(list[i]) === -1 && "</mark>".indexOf(list[i]) === -1) {
-	    //将文章中所有出现该单词word的地方改为：" <mark>" + word + "<mark> "。 正则表达式RegExp()中，"\\s"代表单词前后必须要有空格，以防止只对单词中的部分字符高亮的情况出现。
+           //将文章中所有出现该单词word的地方改为："<mark>" + word + "<mark>"。 正则表达式RegExp()中，"\\b"代表单词边界匹配。
-            articleContent = articleContent.replace(new RegExp("\\s"+list[i]+"\\s", "g"), " <mark>" + list[i] + "</mark> ");
+
            //修改代码
            let articleContent_fb = articleContent;  //文章副本
            while(articleContent_fb.toLowerCase().indexOf(list[i].toLowerCase()) !== -1 && list[i]!=""){
                //找到副本中和list[i]匹配的第一个单词(第一种匹配情况),并赋值给list[i]。
                const index = articleContent_fb.toLowerCase().indexOf(list[i].toLowerCase());
                list[i] = articleContent_fb.substring(index, index + list[i].length);
                articleContent_fb = articleContent_fb.substring(index + list[i].length);    // 使用副本中list[i]之后的子串替换掉副本
                articleContent = articleContent.replace(new RegExp("\\b"+list[i]+"\\b","g"),"<mark>" + list[i] + "</mark>");
            }
        }
    }
    document.getElementById("article").innerHTML = articleContent;
--- a/app/static/js/read.js
+++ b/app/static/js/read.js
@ -0,0 +1,35 @@
 var Reader = (function() {
    let reader = window.speechSynthesis;
    let current_position = 0;
    let original_position = 0;
    let to_speak = "";
    function makeUtterance(str, rate) {
        let msg = new SpeechSynthesisUtterance(str);
        msg.rate = rate;
        msg.lang = "en-US";
        msg.onboundary = ev => {
            if (ev.name == "word") {
                current_position = ev.charIndex;
            }
        }
        return msg;
    }
    function read(s, rate) {
        to_speak = s.toString();
        original_position = 0;
        current_position = 0;
        let msg = makeUtterance(to_speak, rate);
        reader.speak(msg);
    }
    function stopRead() {
        reader.cancel();
    }
    return {
        read: read,
        stopRead: stopRead
    };
 })();
--- a/app/static/js/word_operation.js
+++ b/app/static/js/word_operation.js
@ -62,6 +62,13 @@ function delete_word(theWord) {
    });
 }
 function read_word(theWord) {
    let to_speak = $("#word_" + theWord).text();
    original_position = 0;
    current_position = 0;
    Reader.read(to_speak, inputSlider.value);
 }
 /* 
 * interface Word {
 *   word: string,
@ -95,6 +102,7 @@ function wordTemplate(word) {
        <a class="btn btn-success" onclick="familiar('${word.word}')" role="button">熟悉</a>
        <a class="btn btn-warning" onclick="unfamiliar('${word.word}')" role="button">不熟悉</a>
        <a class="btn btn-danger" onclick="delete_word('${word.word}')" role="button">删除</a>
        <a class="btn btn-info" onclick="read_word('${word.word}')" role="button">朗读</a>
    </p>`;
 }
--- a/app/static/words_and_tests.p
+++ b/app/static/words_and_tests.p
--- a/app/templates/admin_index.html
+++ b/app/templates/admin_index.html
@ -0,0 +1,55 @@
 <!DOCTYPE html>
 <html lang="en">
 <head>
    <meta charset="UTF-8">
    <meta name="viewport"
        content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes" />
    <meta name="format-detection" content="telephone=no" />
    {{ yml['header'] | safe }}
    {% if yml['css']['item'] %}
    {% for css in yml['css']['item'] %}
    <link href="{{ css }}" rel="stylesheet">
    {% endfor %}
    {% endif %}
    {% if yml['js']['head'] %}
    {% for js in yml['js']['head'] %}
    <script src="{{ js }}"></script>
    {% endfor %}
    {% endif %}
 </head>
 <body class="container" style="width: 800px; margin: auto; margin-top:24px;">
    <nav class="navbar navbar-expand-lg bg-light">
        <div class="container-fluid">
            <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav"
                aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
                <span class="navbar-toggler-icon"></span>
            </button>
            <div class="collapse navbar-collapse" id="navbarNav">
                <ul class="navbar-nav">
                    <li class="nav-item">
                        <a class="nav-link" href="/{{ username }}/userpage">返回 {{ username }}</a>
                    </li>
                </ul>
            </div>
        </div>
    </nav>
    <div class="card" style="margin-top:24px;">
        <div class="card-header">
            请选择您需要的操作
        </div>
        <ul class="list-group list-group-flush">
            <li class="list-group-item">
                <div class="d-grid gap-2">
                    <a href="/admin/article" class="btn btn-outline-primary" type="button">管理文章</a>
                    <a href="/admin/user" class="btn btn-outline-primary" type="button">管理用户</a>
                </div>
            </li>
        </ul>
    </div>
 </body>
 </html>
--- a/app/templates/admin_manage_article.html
+++ b/app/templates/admin_manage_article.html
@ -0,0 +1,103 @@
 <!DOCTYPE html>
 <html lang="en">
 <head>
    <meta charset="UTF-8">
    <meta name="viewport"
        content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes" />
    <meta name="format-detection" content="telephone=no" />
    <link href="../static/css/bootstrap.css" rel="stylesheet">
 </head>
 <body class="container" style="width: 800px; margin: auto; margin-top:24px;">
    <nav class="navbar navbar-expand-lg bg-light">
        <div class="container-fluid">
            <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav"
                aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
                <span class="navbar-toggler-icon"></span>
            </button>
            <div class="collapse navbar-collapse" id="navbarNav">
                <ul class="navbar-nav">
                    <li class="nav-item">
                        <a class="nav-link" href="/admin">前一页</a>
                    </li>
                </ul>
            </div>
        </div>
    </nav>
    {% for message in get_flashed_messages() %}
      <div class="alert alert-success" role="alert">
        {{ message }}
      </div>
    {% endfor %}
    <div class="card" style="margin-top:24px;">
        {% if tips %}
        <div class="alert alert-success" role="alert">
            {{ tips }}
        </div>
        {% endif %}
        <div class="card-content">
            <h5 style="margin-top: 10px;padding-left: 10px;">录入文章</h5>
            <form action="" method="post" class="container mb-3">
                <div class="mb-3">
                    <label class="form-label">文章内容</label>
                    <textarea id="content" name="content" class="form-control" rows="8" placeholder="首行是标题，后面是正文。"></textarea>
                    <label class="form-label">文章来源</label>
                    <textarea id="source" name="source" class="form-control" placeholder="推荐格式：Source: HTTP 链接。"></textarea>
                    <label class="form-label">文章等级</label>
                    <select id="level" class="form-select" name="level">
                        <option value="1">1</option>
                        <option value="2">2</option>
                        <option value="3">3</option>
                        <option selected value="4">4</option>
                    </select>
                    <label class="form-label">文章问题</label>
                    <textarea id="question" name="question" class="form-control" rows="6" placeholder="格式：&#x0a; QUESTION&#x0a; What?&#x0a;&#x0a; ANSWER&#x0a; Apple. "></textarea>
                </div>
                <input type="submit" value="保存" class="btn btn-outline-primary">
            </form>
        </div>
    </div>
    <div class="card" style="margin-top:24px;">
        <h5 style="margin-top: 10px;padding-left: 10px;">文章列表</h5>
        <div class="list-group">
            {% for text in text_list %}
            <div class="list-group-item list-group-item-action" aria-current="true">
                <div>
                    <a type="button" href="/admin/article?delete_id={{text.article_id}}" class="btn btn-outline-danger btn-sm">删除</a>
                </div>
                <div class="d-flex w-100 justify-content-between">
                    <h5 class="mb-1">{{ text.title }}</h5>
                </div>
                <div><small>{{ text.source }}</small></div>
                <div class="d-flex w-100 justify-content-between">
                    <small>Level: {{text.level }}</small>
                    <small>Date: {{ text.date }}</small>
                </div>
                {{ text.content | safe }}
            </div>
            {% endfor %}
        </div>
    </div>
    <div style="margin:20px 0;">
        <ul class="pagination pagination-sm justify-content-center">
            <li class="page-item"><a class="page-link" href="/admin/article?page={{ cur_page - 1 }}&size={{ page_size }}">Previous</a>
            </li>
            {% for i in range(1, article_number // page_size + (article_number % page_size > 0) + 1) %}
            {% if cur_page == i %}
            <li class="page-item active"><a class="page-link" href="/admin/article?page={{ i }}&size={{ page_size }}">{{ i }}</a>
            </li>
            {% else %}
            <li class="page-item"><a class="page-link" href="/admin/article?page={{ i }}&size={{ page_size }}">{{ i }}</a></li>
            {% endif %}
            {% endfor %}
            <li class="page-item"><a class="page-link" href="/admin/article?page={{ cur_page + 1 }}&size={{ page_size }}">Next</a>
            </li>
        </ul>
    </div>
 </body>
 </html>
--- a/app/templates/admin_manage_user.html
+++ b/app/templates/admin_manage_user.html
@ -0,0 +1,99 @@
 <!DOCTYPE html>
 <html lang="en">
 <head>
    <meta charset="UTF-8">
    <meta name="viewport"
        content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes" />
    <meta name="format-detection" content="telephone=no" />
    <link href="../static/css/bootstrap.css" rel="stylesheet">
    <script src="../static/js/jquery.js"></script>
 </head>
 <body class="container" style="width: 800px; margin: auto; margin-top:24px;">
    <nav class="navbar navbar-expand-lg bg-light">
        <div class="container-fluid">
            <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav"
                aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
                <span class="navbar-toggler-icon"></span>
            </button>
            <div class="collapse navbar-collapse" id="navbarNav">
                <ul class="navbar-nav">
                    <li class="nav-item">
                        <a class="nav-link" href="/admin">前一页</a>
                    </li>
                </ul>
            </div>
        </div>
    </nav>
    {% for message in get_flashed_messages() %}
      <div class="alert alert-success" role="alert">
        {{ message }}
      </div>
    {% endfor %}
    <div class="card" style="margin-top:24px;">
        <h5 style="margin-top: 10px;padding-left: 10px;">重置选中用户的信息</h5>
        <form id="user_form" action="" method="post" class="container mb-3">
            <div>
                <label class="form-label" style="padding-top: 10px;">用户</label>
                <select onchange="loadUserExpiryDate()" id="username" name="username" class="form-select" aria-label="Default select example">
                    <option selected>选择用户</option>
                    {% for user in user_list %}
                    <option value="{{ user.name }}">{{ user.name }}</option>
                    {% endfor %}
                </select>
                <label class="form-label" style="padding-top: 10px;">修改密码</label>
                <div>
                    <button type="button" id="reset_pwd_btn" class="btn btn-outline-success">获取12位随机密码</button>
                    <input style="margin-left: 20px;border: 0; font-size: 20px;" name="new_password"
                        id="new_password"></input>
                </div>
                <label class="form-label" style="padding-top: 10px;">过期时间</label>
                <div>
                    <input type="date" id="expiry_date" name="expiry_time" placeholder="YYYY-MM-DD" pattern="yyyyMMdd">
                </div>
            </div>
            <button style="margin-top: 50px;" type="submit" class="btn btn-primary">更新用户信息</button>
        </form>
    </div>
 </body>
 <script>
    // 密码生成器
    function generatePassword(length) {
        const charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^*()_+~`|}{[]\:;?,./-=";
        let password = "";
        for (let i = 0; i < length; i++) {
            password += charset.charAt(Math.floor(Math.random() * charset.length));
        }
        return password;
    }
    document.getElementById("reset_pwd_btn").addEventListener("click", () => {
        // 生成12位随机密码
        let pwd = generatePassword(12)
        document.getElementById("new_password").value = pwd
    })
    // 选择用户后更新其过期时间
    function loadUserExpiryDate() {
        const cur_user = $('#username').val();
        $.ajax({
            type: "GET",
            url: `/admin/expiry?username=${cur_user}`,
            success: function(resp) {
                const year = resp.substr(0,4);
                const month = resp.substr(4,2);
                const day = resp.substr(6,2);
                document.getElementById("expiry_date").value = year + '-' + month + '-' + day
            }
        })
    }
 </script>
 </html>
--- a/app/templates/login.html
+++ b/app/templates/login.html
@ -1,28 +1,47 @@
 {% block body %}
 {% if session['logged_in'] %}
-You're logged in already!
+你已登录 <a href="/{{ session['username'] }}">{{ session['username'] }}</a>。 登出点击<a href="/logout">这里</a>。
 {% else %}
 <meta charset="utf-8" name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes" />
 <link rel="stylesheet" href="static/css/login_service.css">
-
+<script src="static/js/jquery.js"></script>
 <script>
    function login(){
        let username = $("#username").val();
        let password = $("#password").val();
        if (username === "" || password === ""){
            alert('输入不能为空!');
            return false;
        }
        $.post(
            "/login", {'username': username, 'password': password},
            function (response) {
                if (response.status === '0') {
                    alert('无法通过验证。');
                    window.location.href = "/login";
                } else if (response.status === '1') {
                    window.location.href = "/"+username+"/userpage";
                }
            }
        )
        return false;
    }
 </script>
 <div class="container">
  <section class="signin-heading">
    <h1>Sign In</h1>
  </section>
-  <form action="/login" method="POST">
+  <input type="text" placeholder="用户名" class="username" id="username">
-    <input type="text" placeholder="用户名" class="username" name="username" required>
+  <input type="password" placeholder="密码" class="password"  id="password">
-    <input type="password" placeholder="密码" class="password"  name="password" required>
+  <button type="button" class="btn" onclick="login()">登录</button>
-    <button type="submit" class="btn">登录</button>
+  <a class="signup" href="/signup">注册</a>
  </form>
 </div>
 <a href="/signup" class="signup">注册</a>
 {% endif %}
 {% endblock %}
--- a/app/templates/mainpage_get.html
+++ b/app/templates/mainpage_get.html
@ -23,12 +23,15 @@
    <div class="container-fluid">
        <p><b><font size="+3" color="red">English Pal - Learn English smartly!</font></b></p>
        {% if session['logged_in'] %}
-            <a href="/{{session['username']}}">{{session['username']}}</a></p>
+            <a href="/{{ session['username'] }}/userpage">{{ session['username'] }}</a>
            {% if session['username'] == admin_name %}
            <a href="/admin">管理</a></p>
            {% endif %}
        {% else %}
            <p><a href="/login">登录</a>  <a href="/signup">注册</a> <a href="/static/usr/instructions.html">使用说明</a></p >
-            <p><b>{{random_ads|safe}}</b></p>
+            <p><b> {{ random_ads }}。 <a href="/signup">试试</a>吧！</b></p>
        {% endif %}
-        <div class="alert alert-success" role="alert">共有文章 <span class="badge bg-success"> {{number_of_essays}} </span> 篇</div>
+        <div class="alert alert-success" role="alert">共有文章 <span class="badge bg-success"> {{ number_of_essays }} </span> 篇</div>
        <p>粘贴1篇文章 (English only)</p>
        <form method="post" action="/">
            <textarea name="content" rows="10" cols="120"></textarea><br/>
--- a/app/templates/reset.html
+++ b/app/templates/reset.html
@ -2,6 +2,38 @@
    <meta charset="utf-8" name="viewport"
          content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes"/>
    <link rel="stylesheet" href="static/css/login_service.css">
    <script src="static/js/jquery.js"></script>
    <script>
        function reset() {
            let old_password = $("#old-password").val();
            let new_password = $("#new-password").val();
            let re_new_password = $("#re-new-password").val();
            if (old_password === "" || new_password === "" || re_new_password === ""){
                alert('输入不能为空!');
                return false;
            }
            if (new_password !== re_new_password) {
                alert('新密码不匹配，请重新输入');
                return false;
            }
            if (new_password.length < 4) {
                alert('密码过于简单。(密码长度至少4位)');
                return false;
            }
            $.post("/reset", {'old-password': old_password, 'new-password': new_password},
                function (response) {
                    if (response.status === '1') {
                        alert('密码修改成功，请重新登录。');
                        window.location.href = "/login";
                    } else if (response.status === '2') {
                        alert('密码修改失败');
                        window.location.href = "/reset";
                    }
                }
            )
            return false;
        }
    </script>
    <div class="container">
@ -9,14 +41,11 @@
            <h1>Reset Password</h1>
        </section>
-        <form action="/reset" method="POST">
+        <input type="password" placeholder="原密码" class="old-password" name="old-password" id="old-password"/>
-            <input type="password" placeholder="原密码" class="old-password" name="old-password" required>
+        <input type="password" placeholder="新密码" class="new-password" name="new-password" id="new-password"/>
-            <input type="password" placeholder="新密码" class="new-password" name="new-password" required>
+        <input type="password" placeholder="确认新密码" class="re-new-password" name="re-new-password" id="re-new-password"/>
-            <input type="password" placeholder="确认新密码" class="re-new-password" name="re-new-password" required>
+        <button id="submit" class="btn" onclick="reset()">提交</button>
-            <input type="submit" name="submit" class="btn" value="提交"/>
+        <button class="btn" onclick="window.location.href='/{{ username }}/userpage'">放弃修改</button>
            <input type="button" name="submit" class="btn" value="放弃修改"
                   onclick="window.location.href='/{{ username }}'"/>
        </form>
    </div>
 {% endblock %}
--- a/app/templates/signup.html
+++ b/app/templates/signup.html
@ -6,6 +6,47 @@ You're logged in already! <a href="/logout">Logout</a>.
 {% else %}
 <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes" />
 <link rel="stylesheet" href="static/css/login_service.css">
 <script src="static/js/jquery.js"></script>
    <script>
        function signup() {
            let username = $("#username").val();
            let password = $("#password").val();
            let password2 = $("#password2").val();
            if (username === "" || password === "" || password2 === ""){
                alert('输入不能为空!');
                return false;
            }
            if (password !== password2) {
                alert('确认密码与输入密码不一致！');
                return false;
            }
            if (password.length < 4) {
                alert('密码过于简单。(密码长度至少4位)');
                return false;
            }
            $.post("/signup", {'username': username, 'password': password},
                function (response) {
                    if (response.status === '0') {
                        alert('用户名'+username+'已经被注册。');
                        window.location.href = "/signup";
                    } else if (response.status === '1') {
                        alert('用户名密码验证失败。');
                        window.location.href = "/signup";
                    } else if (response.status === '2') {
                        let f = confirm("恭喜，你已成功注册，你的用户名是"+username+'.\n点击“确认”开始使用，或点击“取消”返回首页');
                        if (f) {
                            window.location.href = '/'+username+'/userpage';
                        } else {
                            window.location.href = '/';
                        }
                    } else if (response.status === '3') {
                        alert(response.warn);
                    }
                }
            )
            return false;
        }
    </script>
 <p>{{ get_flashed_messages()[0] | safe }}</p>
@ -15,12 +56,10 @@ You're logged in already! <a href="/logout">Logout</a>.
    <h1>Sign Up</h1>
  </section>
-  <form action="/signup" method="POST">
+  <p><input type="username" id="username" placeholder="输入用户名" class="username"></p>
-    <p><input type="username" name="username" placeholder="输入用户名" required="required" class="username"></p>
+  <p><input type="password" id="password" placeholder="输入密码" class="password"></p>
-    <p><input type="password" name="password" placeholder="输入密码" required="required" class="password"></p>
+  <p><input type="password" id="password2" placeholder="确认密码" class="password" ></p>
-    <p><input type="password" name="password2" placeholder="确认密码" required="required" class="password" ></p>
+  <button type="button" class="btn" onclick="signup()">注册</button>
    <button type="submit" class="btn">注册</button>
  </form>
 </div>
--- a/app/templates/userpage_get.html
+++ b/app/templates/userpage_get.html
@ -37,20 +37,51 @@
 <body>
 <div class="container-fluid">
    <p><b>English Pal for <font id="username" color="red">{{ username }}</font></b>
        <a class="btn btn-secondary" href="/logout" role="button">退出</a>
        <a class="btn btn-secondary" href="/reset" role="button">重设密码</a>
    </p>
    {{ flashed_messages|safe }}
-    <a class="btn btn-success" href="/{{ username }}/reset" role="button"> 下一篇 Next Article </a>    
+        {% if username ==  admin_name %}
-    {% if session.get('articleID') != session.get('old_articleID') %}
+        <a class="btn btn-secondary" href="/admin" role="button" onclick="stopRead()">管理</a>
-        {% if session.get('old_articleID') != None %}
+        {% endif %}
-            <a class="btn btn-success" href="/{{ username }}/back" role="button"> 上一篇 Previous Article </a>
+        <a id="quit" class="btn btn-secondary" href="/logout" role="button" onclick="stopRead()">退出</a>
-        {% endif%}
+        <a class="btn btn-secondary" href="/reset" role="button" onclick="stopRead()">重设密码</a>
-    {% endif %}
+
    </p>
 {#    {% for message in flashed_messages %}#} {# 根据user_service.userpage,取消了参数flashed_messages，因此注释了这段代码 #}
 {#        <div class="alert alert-warning" role="alert">Congratulations! {{ message }}</div>#}
 {#    {% endfor %}#}
        <button class="btn btn-success" id="load_next_article" onclick="load_next_article()"> 下一篇 Next Article </button>
        <button class="btn btn-success" id="load_pre_article" onclick="load_pre_article()" > 上一篇 Previous Article </button>
    <p><b>阅读文章并回答问题</b></p>
-    <div id="text-content">{{ today_article|safe }}</div>
+    <div id="text-content">
        <div id="found">
            <div class="alert alert-success" role="alert">According to your word list, your level is <span class="badge bg-success" id="user-level">{{ today_article["user_level"] }}</span>  and we have chosen an article with a difficulty level of <span class="badge bg-success" id="text_level">{{ today_article["text_level"] }}</span> for you.</div>
                <p class="text-muted" id="date">Article added on: {{ today_article["date"] }}</p><br/>
            <div class="p-3 mb-2 bg-light text-dark"><br/>
            <p class="display-5" id="article_title">{{ today_article["article_title"] }}</p><br/>
            <p class="lead"><font id="article" size=2>{{ today_article["article_body"] }}</font></p><br/>
            <p><small class="text-muted" id="source">{{ today_article['source'] }}</small></p><br/>
            <p><b id="question">{{ today_article['question'] }}</b></p><br/>
                <script type="text/javascript">
                    function toggle_visibility(id) { {# https://css-tricks.com/snippets/javascript/showhide-element/#}
                        const e = document.getElementById(id);
                        if(e.style.display === 'block')
                            e.style.display = 'none';
                        else
                            e.style.display = 'block';
                    }
                </script>
                <button onclick="toggle_visibility('answer');">ANSWER</button>
                <div id="answer" style="display:none;">{{ today_article['answer'] }}</div><br/>
            </div>
        </div>
        <div class="alert alert-success" role="alert" id="not_found" style="display:none;">
            <p class="text-muted"><span class="badge bg-success">Notes:</span><br>No article is currently available for you. You can try again a few times or mark new words in the passage to improve your level.</p>
        </div>
        <div class="alert alert-success" role="alert" id="read_all" style="display:none;">
            <p class="text-muted"><span class="badge bg-success">Notes:</span><br>You've read all the articles.</p>
        </div>
    </div>
    <input type="checkbox" onclick="toggleHighlighting()" checked/>生词高亮
    <input type="checkbox" onclick="onReadClick()" checked/>大声朗读
@ -60,11 +91,11 @@
            <div class="sliderValue">
                <span id="rangeValue">1×</span>
            </div>
-        <input type="range" id="rangeComponent" min="0.5" max="2" value="1" step="0.25" "/>
+            <input type="range" id="rangeComponent" min="0.5" max="2" value="1" step="0.25"/>
        </div>
-    </div>    
+    </div>
    <p><b>收集生词吧</b> （可以在正文中划词，也可以复制黏贴）</p>
-    <form method="post" action="/{{ username }}">
+    <form method="post" action="/{{ username }}/userpage">
        <textarea name="content" id="selected-words" rows="10" cols="120"></textarea><br/>
        <input type="submit" value="把生词加入我的生词库"/>
        <input type="reset" value="清除"/>
@ -102,6 +133,7 @@
                    <a class="btn btn-success" onclick="familiar('{{ word }}')" role="button">熟悉</a>
                    <a class="btn btn-warning" onclick="unfamiliar('{{ word }}')" role="button">不熟悉</a>
                    <a class="btn btn-danger" onclick="delete_word('{{ word }}')" role="button">删除</a>
                    <a class="btn btn-info" onclick="read_word('{{ word }}')" role="button">朗读</a>
                </p>
            {% endfor %}
        </div>
@ -114,12 +146,73 @@
        <script src="{{ js }}"></script>
    {% endfor %}
 {% endif %}
 <script type="text/javascript">
    function load_next_article(){
        $.ajax({
            url: '/get_next_article/{{username}}',
            dataType: 'json',
            success: function(data) {
                // 更新页面内容
                if(data['today_article']){
                    update(data['today_article']);
                    check_pre(data['visited_articles']);
                    check_next(data['result_of_generate_article']);
                }
            }
        });
    }
    function load_pre_article(){
        $.ajax({
            url: '/get_pre_article/{{username}}',
            dataType: 'json',
            success: function(data) {
                // 更新页面内容
                if(data['today_article']){
                    update(data['today_article']);
                    check_pre(data['visited_articles']);
                }
            }
        });
    }
    function update(today_article){
        $('#user-level').html(today_article['user_level']);
        $('#text_level').html(today_article["text_level"]);
        $('#date').html('Article added on: '+today_article["date"]);
        $('#article_title').html(today_article["article_title"]);
        $('#article').html(today_article["article_body"]);
        $('#source').html(today_article['source']);
        $('#question').html(today_article["question"]);
        $('#answer').html(today_article["answer"]);
    }
 <!-- 检查是否存在上一篇或下一篇，不存在则对应按钮隐藏-->
    function check_pre(visited_articles){
        if((visited_articles=='')||(visited_articles['index']<=0)){
            $('#load_pre_article').hide();
        }else{
            $('#load_pre_article').show();
        }
    }
    function check_next(result_of_generate_article){
        if(result_of_generate_article == "found"){
            $('#found').show();$('#not_found').hide();
            $('#read_all').hide();
        }else if(result_of_generate_article == "not found"){
            $('#found').hide();
            $('#not_found').show();
            $('#read_all').hide();
        }else{
            $('#found').hide();
            $('#not_found').hide();
            $('#read_all').show();
        }
    }
 </script>
 </body>
 <style>
    mark {
-    color: #{{ yml['highlight']['color'] }};
+        color: #{{ yml['highlight']['color'] }};
-    background-color: rgba(0,0,0,0);
+        background-color: rgba(0, 0, 0, 0);
-}
+    }
 </style>
 </html>
--- a/app/user_service.py
+++ b/app/user_service.py
@ -1,5 +1,5 @@
 from datetime import datetime
-
+from admin_service import ADMIN_NAME
 from flask import *
 # from app import Yaml
@ -21,33 +21,46 @@ userService = Blueprint("user_bp", __name__)
 path_prefix = '/var/www/wordfreq/wordfreq/'
 path_prefix = './'  # comment this line in deployment
-
+@userService.route("/get_next_article/<username>",methods=['GET','POST'])
-@userService.route("/<username>/reset", methods=['GET', 'POST'])
+def get_next_article(username):
-def user_reset(username):
+    user_freq_record = path_prefix + 'static/frequency/' + 'frequency_%s.pickle' % (username)
    '''
    用户界面
    :param username: 用户名
    :return: 返回页面内容
    '''
    session['old_articleID'] = session.get('articleID')
    if request.method == 'GET':
-        session['articleID'] = None
+        visited_articles = session.get("visited_articles")
-        return redirect(url_for('user_bp.userpage', username=username))
+        if visited_articles['article_ids'][-1] == "null":  # 如果当前还是“null”，则将“null”pop出来,无需index+=1
            visited_articles['article_ids'].pop()
        else:  # 当前不为“null”，直接 index+=1
            visited_articles["index"] += 1
        session["visited_articles"] = visited_articles
        visited_articles, today_article, result_of_generate_article = get_today_article(user_freq_record, session.get('visited_articles'))
        data = {
            'visited_articles': visited_articles,
            'today_article': today_article,
            'result_of_generate_article': result_of_generate_article
        }
    else:
        return 'Under construction'
    return json.dumps(data)
-@userService.route("/<username>/back", methods=['GET'])
+@userService.route("/get_pre_article/<username>",methods=['GET'])
-def user_back(username):
+def get_pre_article(username):
-    '''
+    user_freq_record = path_prefix + 'static/frequency/' + 'frequency_%s.pickle' % (username)
    用户界面
    :param username: 用户名
    :return: 返回页面内容
    '''
    if request.method == 'GET':
-        session['articleID'] = session.get('old_articleID')
+        visited_articles = session.get("visited_articles")
-        return redirect(url_for('user_bp.userpage', username=username))
+        if(visited_articles["index"]==0):
-
+            data=''
-
+        else:
            visited_articles["index"] -= 1  # 上一篇，index-=1
            if visited_articles['article_ids'][-1] == "null":  # 如果当前还是“null”，则将“null”pop出来
                visited_articles['article_ids'].pop()
            session["visited_articles"] = visited_articles
            visited_articles, today_article, result_of_generate_article = get_today_article(user_freq_record, session.get('visited_articles'))
            data = {
                'visited_articles': visited_articles,
                'today_article': today_article,
                'result_of_generate_article':result_of_generate_article
            }
        return json.dumps(data)
@userService.route("/<username>/<word>/unfamiliar", methods=['GET', 'POST'])
 def unfamiliar(username, word):
@ -89,11 +102,12 @@ def deleteword(username, word):
    '''
    user_freq_record = path_prefix + 'static/frequency/' + 'frequency_%s.pickle' % (username)
    pickle_idea2.deleteRecord(user_freq_record, word)
-    flash(f'<strong>{word}</strong> is no longer in your word list.')
+    # 模板userpage_get.html中删除单词是异步执行，而flash的信息后续是同步执行的，所以注释这段代码；同时如果这里使用flash但不提取信息，则会影响 signup.html的显示。bug复现：删除单词后，点击退出，点击注册，注册页面就会出现提示信息
    # flash(f'{word} is no longer in your word list.')
    return "success"
-@userService.route("/<username>", methods=['GET', 'POST'])
+@userService.route("/<username>/userpage", methods=['GET', 'POST'])
 def userpage(username):
    '''
    用户界面
@ -130,20 +144,21 @@ def userpage(username):
        words = ''
        for x in lst3:
            words += x[0] + ' '
        visited_articles, today_article, result_of_generate_article = get_today_article(user_freq_record, session.get('visited_articles'))
        session['visited_articles'] = visited_articles
        # 通过 today_article，加载前端的显示页面
        return render_template('userpage_get.html',
                               admin_name=ADMIN_NAME,
                               username=username,
                               session=session,
-                               flashed_messages=get_flashed_messages_if_any(),
+                               # flashed_messages=get_flashed_messages(), 仅有删除单词的时候使用到flash，而删除单词是异步执行，这里的信息提示是同步执行，所以就没有存在的必要了
-                               today_article=get_today_article(user_freq_record, session['articleID']),
+                               today_article=today_article,
                               result_of_generate_article=result_of_generate_article,
                               d_len=len(d),
                               lst3=lst3,
                               yml=Yaml.yml,
                               words=words)
@userService.route("/<username>/mark", methods=['GET', 'POST'])
 def user_mark_word(username):
    '''
@ -173,15 +188,3 @@ def get_time():
    '''
    return datetime.now().strftime('%Y%m%d%H%M')  # upper to minutes
 def get_flashed_messages_if_any():
    '''
    在用户界面显示黄色提示信息
    :return: 包含HTML标签的提示信息
    '''
    messages = get_flashed_messages()
    s = ''
    for message in messages:
        s += '<div class="alert alert-warning" role="alert">'
        s += f'Congratulations! {message}'
        s += '</div>'
    return s
--- a/app/wordfreqCMD.py
+++ b/app/wordfreqCMD.py
@ -39,7 +39,7 @@ def file2str(fname):#文件转字符
 def remove_punctuation(s): # 这里是s是形参 (parameter)。函数被调用时才给s赋值。
-    special_characters = '\_©~<=>+-/[]*&$%^@.,?!:;#()"“”—‘’{}|' # 把里面的字符都去掉
+    special_characters = '\_©~<=>+/[]*&$%^@.,?!:;#()"“”—‘’{}|' # 把里面的字符都去掉
    for c in special_characters:
        s = s.replace(c, ' ') # 防止出现把 apple,apple 移掉逗号后变成 appleapple 情况
    s = s.replace('--', ' ')
@ -70,7 +70,7 @@ def sort_in_ascending_order(lst):# 单词按频率降序排列
    return lst2
-def make_html_page(lst, fname):
+def make_html_page(lst, fname):  # 只是在wordfreqCMD.py中的main函数中调用，所以不做修改
    '''
    功能：把lst的信息存到fname中，以html格式。
    '''
--- a/build.sh
+++ b/build.sh
@ -3,6 +3,10 @@
 DEPLOYMENT_DIR=/home/lanhui/englishpal2/EnglishPal
 cd $DEPLOYMENT_DIR
 # Install dependencies
 pip3 install -r requirements.txt
 # Stop service
 sudo docker stop EnglishPal
 sudo docker rm EnglishPal
--- a/requirements.txt
+++ b/requirements.txt
@ -1,3 +1,5 @@
 Flask==1.1.2
 selenium==3.141.0
 PyYAML~=6.0
 pony==0.7.16
 snowballstemmer==2.2.0