wordfreqapp.db should be placed under app/db (not app/static) to protect data

Reviewed-on: mrlan/EnglishPal#188

README.md

@@ -18,7 +18,7 @@ picked from articles selected for him to read according his vocabulary level.  E
 
 `python3 main.py`
 
-Make sure you have put the SQLite database file in the path `app/static` (see below).
+Make sure you have put the SQLite database file in the path `app/db` (see below).
 
 
 ## Run it as a Docker container
@@ -214,5 +214,5 @@ Bug report: http://118.25.96.118/bugzilla/show_bug.cgi?id=215
 Bug report: http://118.25.96.118/bugzilla/show_bug.cgi?id=489
 
 
-*Last modified on 2023-01-30*
+*Last modified on 2026-03-12*
 

app/Article.py

@@ -106,7 +106,7 @@ def get_today_article(user_word_list, visited_articles):
         text_level = text_difficulty_level(d['text'], d3)
         result_of_generate_article = "found"
 
-    today_article = None
+    today_article = {}
     if d:
         oxford_words = load_oxford_words(oxford_words_path)
         oxford_word_count, total_words = count_oxford_words(d['text'],oxford_words)

app/Login.py

@@ -1,6 +1,8 @@
 import hashlib
 import string
 from datetime import datetime, timedelta
+import unicodedata
+
 
 def md5(s):
     '''
@@ -11,16 +13,13 @@ def md5(s):
     h = hashlib.md5(s.encode(encoding='utf-8'))
     return h.hexdigest()
 
+
 # import model.user after the defination of md5(s) to avoid circular import
 from model.user import get_user_by_username, insert_user, update_password_by_username
 
 path_prefix = '/var/www/wordfreq/wordfreq/'
 path_prefix = './'  # comment this line in deployment
 
-def verify_pass(newpass,oldpass):
-    if(newpass==oldpass):
-        return True
-
 
 def verify_user(username, password):
     user = get_user_by_username(username)
@@ -30,7 +29,7 @@ def verify_user(username, password):
 
 def add_user(username, password):
     start_date = datetime.now().strftime('%Y%m%d')
-    expiry_date = (datetime.now() + timedelta(days=30)).strftime('%Y%m%d') # will expire after 30 days
+    expiry_date = (datetime.now() + timedelta(days=30)).strftime('%Y%m%d')  # will expire after 30 days
     # 将用户名和密码一起加密，以免暴露不同用户的相同密码
     password = md5(username + password)
     insert_user(username=username, password=password, start_date=start_date, expiry_date=expiry_date)
@@ -50,12 +49,12 @@ def change_password(username, old_password, new_password):
     :return: 修改成功:True 否则:False
     '''
     if not verify_user(username, old_password):  # 旧密码错误
-        return False
+        return {'error':'Old password is wrong.', 'username':username}
     # 将用户名和密码一起加密，以免暴露不同用户的相同密码
-    if verify_pass(new_password,old_password): #新旧密码一致
-        return False
+    if new_password == old_password:  #新旧密码一致
+        return {'error':'New password cannot be the same as the old password.', 'username':username}
     update_password_by_username(username, new_password)
-    return True
+    return {'success':'Password changed', 'username':username}
 
 
 def get_expiry_date(username):
@@ -65,30 +64,64 @@ def get_expiry_date(username):
     else:
         return user.expiry_date
 
+
 class UserName:
     def __init__(self, username):
         self.username = username
 
+    def contains_chinese(self):
+        for char in self.username:
+            # Check if the character is in the CJK (Chinese, Japanese, Korean) Unicode block
+            if unicodedata.name(char).startswith('CJK UNIFIED IDEOGRAPH'):
+                return True
+        return False
+
     def validate(self):
         if len(self.username) > 20:
             return f'{self.username} is too long.  The user name cannot exceed 20 characters.'
-        if self.username.startswith('.'): # a user name must not start with a dot
+        if self.username.startswith('.'):  # a user name must not start with a dot
             return 'Period (.) is not allowed as the first letter in the user name.'
-        if ' ' in self.username: # a user name must not include a whitespace
+        if ' ' in self.username:  # a user name must not include a whitespace
             return 'Whitespace is not allowed in the user name.'
-        for c in self.username: # a user name must not include special characters, except non-leading periods or underscores
+        for c in self.username:  # a user name must not include special characters, except non-leading periods or underscores
             if c in string.punctuation and c != '.' and c != '_':
                 return f'{c} is not allowed in the user name.'
-        if self.username in ['signup', 'login', 'logout', 'reset', 'mark', 'back', 'unfamiliar', 'familiar', 'del', 'admin']:
+        if self.username in ['signup', 'login', 'logout', 'reset', 'mark', 'back', 'unfamiliar', 'familiar', 'del',
+                             'admin']:
             return 'You used a restricted word as your user name.  Please come up with a better one.'
+        if self.contains_chinese():
+            return 'Chinese characters are not allowed in the user name.'
+        return 'OK'
 
+
+class Password:
+    def __init__(self, password):
+        self.password = password
+
+    def contains_chinese(self):
+        for char in self.password:
+            # Check if the character is in the CJK (Chinese, Japanese, Korean) Unicode block
+            if unicodedata.name(char).startswith('CJK UNIFIED IDEOGRAPH'):
+                return True
+        return False
+
+    def validate(self):
+        if len(self.password) < 4:
+            return 'Password must be at least 4 characters long.'
+        if ' ' in self.password:
+            return 'Password cannot contain spaces.'
+        if self.contains_chinese():
+            return 'Chinese characters are not allowed in the password.'
         return 'OK'
 
 
 class WarningMessage:
-    def __init__(self, s):
+    def __init__(self, s, type='username'):
         self.s = s
+        self.type = type
 
     def __str__(self):
-        return UserName(self.s).validate()
-
+        if self.type == 'username':
+            return UserName(self.s).validate()
+        if self.type == 'password':
+            return Password(self.s).validate()

app/account_service.py

@@ -133,10 +133,7 @@ def reset():
         # POST请求用于提交修改后信息
         old_password = escape(request.form['old-password'])
         new_password = escape(request.form['new-password'])
-        flag = change_password(username, old_password, new_password) # flag表示是否修改成功
-        if flag:
-            session['logged_in'] = False
-            return jsonify({'status':'1'})  # 修改成功
-        else:
-            return jsonify({'status':'2'})  # 修改失败
+        result = change_password(username, old_password, new_password)
+        return jsonify(result)
+
 

app/api_service.py

@@ -0,0 +1,31 @@
+from flask import *
+from flask_httpauth import HTTPTokenAuth
+from Article import load_freq_history
+
+path_prefix = '/var/www/wordfreq/wordfreq/'
+path_prefix = './'  # comment this line in deployment
+
+apiService = Blueprint('site',__name__)
+
+auth = HTTPTokenAuth(scheme='Bearer')
+
+tokens = {
+    "token": "token",
+    "secret-token": "lanhui"  # token, username
+}
+
+
+@auth.verify_token
+def verify_token(token):
+    if token in tokens:
+        return tokens[token]
+
+
+@apiService.route('/api/mywords')  # HTTPie usage: http -A bearer -a secret-token  http://127.0.0.1:5000/api/mywords
+@auth.login_required
+def show():
+    username = auth.current_user()
+    word_freq_record = path_prefix + 'static/frequency/' + 'frequency_%s.pickle' % (username)
+    d = load_freq_history(word_freq_record)
+    return jsonify(d)
+

app/main.py

@@ -4,15 +4,18 @@
 ###########################################################################
 from flask import abort, jsonify
 from markupsafe import escape
+from collections import Counter
 from Login import *
 from Article import *
 import Yaml
 from user_service import userService
 from account_service import accountService
 from admin_service import adminService, ADMIN_NAME
+from api_service import apiService
 import os
 from translate import *
 
+
 app = Flask(__name__)
 app.secret_key = os.urandom(32)
 
@@ -20,6 +23,7 @@ app.secret_key = os.urandom(32)
 app.register_blueprint(userService)
 app.register_blueprint(accountService)
 app.register_blueprint(adminService)
+app.register_blueprint(apiService)
 
 path_prefix = '/var/www/wordfreq/wordfreq/'
 path_prefix = './'  # comment this line in deployment
@@ -55,6 +59,12 @@ def appears_in_test(word, d):
     else:
         return ','.join(d[word])
 
+
+def good_word(word):
+    return len(word) < len('Pneumonoultramicroscopicsilicovolcanoconiosis') \
+        and Counter(word).most_common(1)[0][1] <= 4
+
+
 @app.route("/mark", methods=['GET', 'POST'])
 def mark_word():
     '''
@@ -96,7 +106,7 @@ def mainpage():
     if request.method == 'POST':  # when we submit a form
         content = escape(request.form['content'])
         f = WordFreq(content)
-        lst = f.get_freq()
+        lst = [ t for t in f.get_freq() if good_word(t[0]) ] # only keep normal words
         # save history
         d = load_freq_history(path_prefix + 'static/frequency/frequency.p')
         lst_history = pickle_idea.dict2lst(d)
@@ -134,8 +144,8 @@ if __name__ == '__main__':
     运行程序
     '''
     # app.secret_key = os.urandom(16)
-    # app.run(debug=False, port='6000')
-    app.run(debug=True)
+    app.run(debug=True, port=5000)
+    # app.run(debug=True)
     # app.run(debug=True, port='6000')
     # app.run(host='0.0.0.0', debug=True, port='6000')
     # print(mod5('123'))

app/pickle_idea.py

@@ -6,6 +6,7 @@
 # Purpose: dictionary & pickle as a simple means of database.
 # Task: incorporate the functions into wordfreqCMD.py such that it will also show cumulative frequency.
 
+import os
 import pickle
 from datetime import datetime
 
@@ -55,11 +56,13 @@ def save_frequency_to_pickle(d, pickle_fname):
     f.close()
 
 def unfamiliar(path,word):
-    f = open(path,"rb")
-    dic = pickle.load(f)
-    dic[word] += [datetime.now().strftime('%Y%m%d%H%M')]
-    fp = open(path,"wb")
-    pickle.dump(dic,fp)
+    if not os.path.exists(path):
+        return None
+    with open(path,"rb") as f:
+        dic = pickle.load(f)
+        dic[word] += [datetime.now().strftime('%Y%m%d%H%M')]
+    with open(path,"wb") as fp:
+        pickle.dump(dic,fp)
 
 def familiar(path,word):
     f = open(path,"rb")

app/pickle_idea2.py

@@ -64,7 +64,6 @@ def load_record(pickle_fname):
 
 def save_frequency_to_pickle(d, pickle_fname):
     f = open(pickle_fname, 'wb')
-    exclusion_lst = ['one', 'no', 'has', 'had', 'do', 'that', 'have', 'by', 'not', 'but', 'we', 'this', 'my', 'him', 'so', 'or', 'as', 'are', 'it', 'from', 'with', 'be', 'can', 'for', 'an', 'if', 'who', 'whom', 'whose', 'which', 'the', 'to', 'a', 'of', 'and', 'you', 'i', 'he', 'she', 'they', 'me', 'was', 'were', 'is', 'in', 'at', 'on', 'their', 'his', 'her', 's', 'said', 'all', 'did', 'been', 'w']
     d2 = {}
     for k in d:
         if not k in exclusion_lst and not k.isnumeric() and not len(k) < 2:
@@ -73,6 +72,7 @@ def save_frequency_to_pickle(d, pickle_fname):
     f.close()
 
 
+exclusion_lst = ['one', 'no', 'has', 'had', 'do', 'that', 'have', 'by', 'not', 'but', 'we', 'this', 'my', 'him', 'so', 'or', 'as', 'are', 'it', 'from', 'with', 'be', 'can', 'for', 'an', 'if', 'who', 'whom', 'whose', 'which', 'the', 'to', 'a', 'of', 'and', 'you', 'i', 'he', 'she', 'they', 'me', 'was', 'were', 'is', 'in', 'at', 'on', 'their', 'his', 'her', 's', 'said', 'all', 'did', 'been', 'w']
 
 if __name__ == '__main__':
 

app/static/js/fillword.js

@@ -21,14 +21,19 @@ function fillInWord() {
     localStorage.setItem('selectedWords', element.value);
 }
 
-document.getElementById("text-content").addEventListener("click", fillInWord, false);
+if (document.getElementById("text-content")) {
+    document.getElementById("text-content").addEventListener("click", fillInWord, false);
+}
 
 const sliderValue = document.getElementById("rangeValue");
 const inputSlider = document.getElementById("rangeComponent");
-inputSlider.oninput = () => {
-    let value = inputSlider.value;
-    sliderValue.textContent = value + '×';
-};
+
+if (inputSlider) {
+    inputSlider.oninput = () => {
+	let value = inputSlider.value;
+	sliderValue.textContent = value + '×';
+    };
+}
 
 function onReadClick() {
     isRead = !isRead;

app/static/js/highlight.js

@@ -9,11 +9,13 @@ function cancelBtnHandler() {
 }
 
 function showBtnHandler() {
-    document.getElementById("text-content").removeEventListener("click", fillInWord2, false);
-    document.getElementById("text-content").removeEventListener("touchstart", fillInWord2, false);
-    document.getElementById("text-content").addEventListener("click", fillInWord, false);
-    document.getElementById("text-content").addEventListener("touchstart", fillInWord, false);
-    highLight();
+    if (document.getElementById("text-content")) {
+	document.getElementById("text-content").removeEventListener("click", fillInWord2, false);
+	document.getElementById("text-content").removeEventListener("touchstart", fillInWord2, false);
+	document.getElementById("text-content").addEventListener("click", fillInWord, false);
+	document.getElementById("text-content").addEventListener("touchstart", fillInWord, false);
+	highLight();
+    }
 }
 function replaceWords(str, word) {
   let count = 0;

app/static/js/password.js

@@ -0,0 +1,20 @@
+function containsDigitsLettersSpecialCharacters(s) {
+    let resultD = 0, resultL = 0, resultS = 0;
+
+    // Digit test
+    '0123456789'.split('').forEach((x) => {
+	if (s.includes(x))
+	    resultD = 1;
+    });
+
+    // Letter test
+    resultL =  /[a-z]/i.test(s);
+
+    // Special charater test
+    '+-*/,.:;/\[]<>$%&()!?^~'.split('').forEach((x) => {
+	if (s.includes(x))
+	    resultS = 1;
+    });
+
+    return resultD + resultL + resultS == 3;
+}

app/static/js/read.js

@@ -3,6 +3,7 @@ var Reader = (function() {
     let current_position = 0;
     let original_position = 0;
     let to_speak = "";
+    let current_rate = 1; // 添加这一行，设置默认速率为 1
 
     function makeUtterance(str, rate) {
         let msg = new SpeechSynthesisUtterance(str);
@@ -24,12 +25,24 @@ var Reader = (function() {
         reader.speak(msg);
     }
 
+    function updateRate(rate) {
+        // 停止当前的朗读
+        stopRead();
+
+        // 更新当前速率
+        current_rate = rate;
+
+        // 重新开始朗读
+        read(to_speak, current_rate);
+    }
+
     function stopRead() {
         reader.cancel();
     }
 
     return {
         read: read,
-        stopRead: stopRead
+        stopRead: stopRead,
+        updateRate: updateRate // 添加这一行，将 updateRate 方法暴露出去
     };
 }) ();

app/static/js/word_operation.js

@@ -1,7 +1,9 @@
 function familiar(theWord) {
     let username = $("#username").text();
-    let word = $("#word_" + theWord).text();
-    let freq = $("#freq_" + theWord).text();
+    let word = document.getElementById(`word_${theWord}`).innerText;
+    let freq = document.getElementById(`freq_${theWord}`).innerText;
+    console.log(theWord);
+    console.log(word);
     $.ajax({
         type:"GET",
         url:"/" + username + "/" + word + "/familiar",
@@ -27,8 +29,10 @@ function familiar(theWord) {
 
 function unfamiliar(theWord) {
     let username = $("#username").text();
-    let word = $("#word_" + theWord).text();
-    let freq = $("#freq_" + theWord).text();
+    let word = document.getElementById(`word_${theWord}`).innerText;
+    let freq = document.getElementById(`freq_${theWord}`).innerText;
+    console.log(theWord);
+    console.log(word);
     $.ajax({
         type:"GET",
         url:"/" + username + "/" + word + "/unfamiliar",
@@ -56,7 +60,13 @@ function delete_word(theWord) {
                 removeWord(theWord);
             } else {
                 $("#p_" + theWord).remove();
-            }    
+            }
+	    // remove highlighting for the word
+	    let highlightedWords = document.querySelectorAll('.highlighted');
+	    for (let x of highlightedWords) {
+		if (x.innerHTML == word)
+		    x.replaceWith(x.innerHTML);
+	    }
         }
     });
 }
@@ -83,7 +93,9 @@ function parseWord(element) {
     const word = element
         .querySelector("a.btn.btn-light[role=button]")  // 获取当前词频元素的词汇元素
         .innerText  // 获取词汇值;
-    const freq = Number.parseInt(element.querySelector(`#freq_${word}`).innerText);   // 获取词汇的数量
+    let freqId = `freq_${word}`;
+    freqId = CSS.escape(freqId); // for fixing bug 580, escape the apostrophe in the word
+    const freq = Number.parseInt(element.querySelector("#"+freqId).innerText);   // 获取词汇的数量
     return {
         word,
         freq
@@ -95,14 +107,14 @@ function parseWord(element) {
 */
 function wordTemplate(word) {
     // 这个模板应当与 templates/userpage_get.html 中的 <p id='p_${word.word}' class="new-word" > ... </p> 保持一致
-    return `<p id='p_${word.word}' class="new-word" >
+    return `<p id="p_${word.word}" class="new-word" >
         <a id="word_${word.word}"  class="btn btn-light" href='http://youdao.com/w/eng/${word.word}/#keyfrom=dict2.index'
            role="button">${word.word}</a>
         ( <a id="freq_${word.word}" title="${word.word}">${word.freq}</a> )
-        <a class="btn btn-success" onclick="familiar('${word.word}')" role="button">熟悉</a>
-        <a class="btn btn-warning" onclick="unfamiliar('${word.word}')" role="button">不熟悉</a>
-        <a class="btn btn-danger" onclick="delete_word('${word.word}')" role="button">删除</a>
-        <a class="btn btn-info" onclick="read_word('${word.word}')" role="button">朗读</a>
+        <a class="btn btn-success" onclick=familiar("${word.word}") role="button">熟悉</a>
+        <a class="btn btn-warning" onclick=unfamiliar("${word.word}") role="button">不熟悉</a>
+        <a class="btn btn-danger" onclick=delete_word("${word.word}") role="button">删除</a>
+        <a class="btn btn-info" onclick=read_word("${word.word}") role="button">朗读</a>
         <a class="btn btn-primary" onclick="addNote('{{ word }}'); saveNote('{{ word }}')" role="button">笔记</a> <!-- Modify to call addNote and then saveNote -->
         <input type="text" id="note_{{ word }}" class="note-input" placeholder="输入笔记内容" style="display:none;" oninput="saveNote('{{ word }}')"> <!-- Added oninput event -->
     </p>`;

app/templates/mainpage_get.html

@@ -31,7 +31,7 @@
             <p><a href="/login">登录</a>  <a href="/signup">注册</a> <a href="/static/usr/instructions.html">使用说明</a></p >
             <p><b> {{ random_ads }}。 <a href="/signup">试试</a>吧！</b></p>
         {% endif %}
-        <div class="alert alert-success" role="alert">共有文章 <span class="badge bg-success"> {{ number_of_essays }} </span> 篇，覆盖 <span class="badge bg-success"> {{ (ratio * 100) | int }}%  </span> 的 Oxford5000 单词</div>
+        <div class="alert alert-success" role="alert">共有文章 <span class="badge bg-success"> {{ number_of_essays }} </span> 篇，Oxford 5000 单词占比 <span class="badge bg-success"> {{ (ratio * 100) | int }}%  </span> </div>
         <p>粘贴1篇文章 (English only)</p>
         <form method="post" action="/">
             <textarea name="content" id="article" rows="10" cols="120"></textarea><br/>

app/templates/reset.html

@@ -3,6 +3,7 @@
           content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes"/>
     <link rel="stylesheet" href="static/css/login_service.css">
     <script src="static/js/jquery.js"></script>
+    <script src="static/js/password.js"></script>
     <script>
         function reset() {
             let old_password = $("#old-password").val();
@@ -24,15 +25,19 @@
                 alert('密码过于简单。(密码长度至少4位)');
                 return false;
             }
+            if (!containsDigitsLettersSpecialCharacters(new_password)) {
+		alert('密码过于简单。(密码要包括数字，字母，特殊符号)');
+		return false;
+            }
             $.post("/reset", {'old-password': old_password, 'new-password': new_password},
-                function (response) {
-                    if (response.status === '1') {
-                        alert('密码修改成功，请重新登录。');
-                        window.location.href = "/login";
-                    } else if (response.status === '2') {
-                        alert('密码修改失败');
-                        window.location.href = "/reset";
+                   function (response) {
+		       console.log(response);
+                    if ('success' in response) {
+                        alert('密码修改成功。');
+                    } else if ('error' in response) {
+                        alert(`密码修改失败 ${response.error}`);
                     }
+                    window.location.href = `/${response.username}/userpage`;
                 }
             )
             return false;
@@ -52,4 +57,4 @@
         <button class="btn" onclick="window.location.href='/{{ username }}/userpage'">放弃修改</button>
 
     </div>
-{% endblock %}
+{% endblock %}

app/templates/signup.html

@@ -7,6 +7,7 @@
     <meta charset="UTF-8">
     <meta http-equiv="X-UA-Compatible" content="IE-edge,chrome=1">
     <link href="static/css/slide-unlock.css" rel="stylesheet">
+    <script src="static/js/password.js"></script>
     <script src="static/js/jquery.js"></script>
     <script src="static/js/jquery.slideunlock.js"></script>
     <script>
@@ -44,6 +45,10 @@
             alert('密码过于简单。(密码长度至少4位)');
             return false;
         }
+        if (!containsDigitsLettersSpecialCharacters(password)) {
+            alert('密码过于简单。(密码要包括数字，字母，特殊符号)');
+            return false;
+        }
         is_ok = slider.getIsOk();
         if(!is_ok){
             alert('没有滑动验证');

app/templates/userpage_get.html

@@ -87,7 +87,7 @@
 
     <div id="text-content">
         <div id="found">
-          <div class="alert alert-success" role="alert">According to your word list, your level is <span class="text-decoration-underline" id="user_level">{{ today_article["user_level"] }}</span>  and we have chosen an article with a difficulty level of <span class="text-decoration-underline" id="text_level">{{ today_article["text_level"] }}</span> for you. The Oxford word coverage is <span class="text-decoration-underline" id="ratio">{{ (today_article["ratio"] * 100) | int }}%.</span></div>
+          <div class="alert alert-success" role="alert">According to your word list, your level is <span class="text-decoration-underline" id="user_level">{{ today_article["user_level"] }}</span>  and we have chosen an article with a difficulty level of <span class="text-decoration-underline" id="text_level">{{ today_article["text_level"] }}</span> for you. <span class="text-decoration-underline" id="ratio">{{ (today_article["ratio"] * 100) | int }}%</span> of the words in this article are in Oxford Word 5000.</div>
             <p class="text-muted" id="date">Article added on: {{ today_article["date"] }}</p><br/>
 
 	    <button onclick="saveArticle()" >标记文章</button>
@@ -179,10 +179,10 @@
                     <a id="word_{{ word }}"  class="btn btn-light" href='http://youdao.com/w/eng/{{ word }}/#keyfrom=dict2.index'
                     role="button">{{ word }}</a>
                     ( <a id="freq_{{ word }}" title="{{ word }}">{{ freq }}</a> )
-                    <a class="btn btn-success" onclick="familiar('{{ word }}')" role="button">熟悉</a>
-                    <a class="btn btn-warning" onclick="unfamiliar('{{ word }}')" role="button">不熟悉</a>
-                    <a class="btn btn-danger" onclick="delete_word('{{ word }}')" role="button">删除</a>
-                    <a class="btn btn-info" onclick="read_word('{{ word }}')" role="button">朗读</a>
+                    <a class="btn btn-success" onclick=familiar("{{ word }}") role="button">熟悉</a>
+                    <a class="btn btn-warning" onclick=unfamiliar("{{ word }}") role="button">不熟悉</a>
+                    <a class="btn btn-danger" onclick=delete_word("{{ word }}") role="button">删除</a>
+                    <a class="btn btn-info" onclick=read_word("{{ word }}") role="button">朗读</a>
                     <a class="btn btn-primary" onclick="addNote('{{ word }}'); saveNote('{{ word }}')" role="button">笔记</a> <!-- Modify to call addNote and then saveNote -->
                     <input type="text" id="note_{{ word }}" class="note-input" placeholder="输入笔记内容" style="display:none;" oninput="saveNote('{{ word }}')"> <!-- Added oninput event -->
                 </p>
@@ -284,6 +284,7 @@
                     update(data['today_article']);
                     check_pre(data['visited_articles']);
                     check_next(data['result_of_generate_article']);
+                    toggleHighlighting();
                 }
             }
         });
@@ -300,6 +301,7 @@
                     e.style.display = 'none';
                     update(data['today_article']);
                     check_pre(data['visited_articles']);
+                    toggleHighlighting();
                 }
             }
         });
@@ -420,6 +422,12 @@
 
     savedArticlesDropdown.selectedIndex = -1;
 }
+
+    document.getElementById('rangeComponent').addEventListener('input', function() {
+    var rate = this.value;
+    Reader.updateRate(rate);
+});
+
 </script>
 </body>
 <style>

app/test/test_bug536_jiangwangzhe.py

@@ -0,0 +1,88 @@
+from selenium.webdriver.common.alert import Alert
+from selenium.webdriver.common.by import By
+from selenium.webdriver.support.ui import WebDriverWait
+from selenium.webdriver.support import expected_conditions as EC
+
+
+# 对用户名不能为中文进行测试
+def test_register_username_with_chinese(driver, URL):
+    try:
+        driver.get(URL + "/signup")
+
+        # 等待用户名输入框出现
+        username_elem = WebDriverWait(driver, 10).until(
+            EC.presence_of_element_located((By.ID, 'username'))
+        )
+        username_elem.send_keys("测试用户")  # 输入中文用户名
+
+        # 等待密码输入框出现
+        password_elem = WebDriverWait(driver, 10).until(
+            EC.presence_of_element_located((By.ID, 'password'))
+        )
+        password_elem.send_keys("validPassword123")  # 输入有效密码
+
+        # 等待确认密码输入框出现
+        password2_elem = WebDriverWait(driver, 10).until(
+            EC.presence_of_element_located((By.ID, 'password2'))
+        )
+        password2_elem.send_keys("validPassword123")  # 输入有效确认密码
+
+        # 等待注册按钮出现并点击
+        signup_button = WebDriverWait(driver, 10).until(
+            EC.element_to_be_clickable((By.XPATH, '//button[@onclick="signup()"]'))
+        )
+        signup_button.click()
+
+        # 等待警告框出现并接受
+        WebDriverWait(driver, 10).until(EC.alert_is_present())
+        alert = driver.switch_to.alert
+        alert_text = alert.text
+        print(f"警告文本: {alert_text}")
+        assert alert_text == "Chinese characters are not allowed in the user name."  # 根据实际的警告文本进行断言
+        alert.accept()
+
+    except Exception as e:
+        print(f"发生错误: {e}")
+        raise
+
+
+# 对注册时密码不能是中文进行测试
+def test_register_password_with_chinese(driver, URL):
+    try:
+        driver.get(URL + "/signup")
+
+        # 等待用户名输入框出现
+        username_elem = WebDriverWait(driver, 10).until(
+            EC.presence_of_element_located((By.ID, 'username'))
+        )
+        username_elem.send_keys("validUsername123")  # 输入有效用户名
+
+        # 等待密码输入框出现
+        password_elem = WebDriverWait(driver, 10).until(
+            EC.presence_of_element_located((By.ID, 'password'))
+        )
+        password_elem.send_keys("测试密码")  # 输入中文密码
+
+        # 等待确认密码输入框出现
+        password2_elem = WebDriverWait(driver, 10).until(
+            EC.presence_of_element_located((By.ID, 'password2'))
+        )
+        password2_elem.send_keys("测试密码")  # 输入中文确认密码
+
+        # 等待注册按钮出现并点击
+        signup_button = WebDriverWait(driver, 10).until(
+            EC.element_to_be_clickable((By.XPATH, '//button[@onclick="signup()"]'))
+        )
+        signup_button.click()
+
+        # 等待警告框出现并接受
+        WebDriverWait(driver, 10).until(EC.alert_is_present())
+        alert = driver.switch_to.alert
+        alert_text = alert.text
+        print(f"警告文本: {alert_text}")
+        assert alert_text == "Chinese characters are not allowed in the password."  # 根据实际的警告文本进行断言
+        alert.accept()
+
+    except Exception as e:
+        print(f"发生错误: {e}")
+        raise

app/test/test_bug555_fangchen.py

@@ -0,0 +1,43 @@
+import time
+import pytest
+import uuid
+from selenium import webdriver
+from selenium.webdriver import ActionChains
+from selenium.webdriver.common.by import By
+from selenium.webdriver.support.ui import WebDriverWait
+from selenium.webdriver.support import expected_conditions as EC
+from selenium.common.exceptions import UnexpectedAlertPresentException, NoAlertPresentException, NoSuchElementException, \
+    TimeoutException
+from conftest import URL
+driver = webdriver.Chrome()
+def test_bug555():
+    try:
+        driver.maximize_window()
+        base_url = "http://127.0.0.1:5000"
+        driver.get(base_url)
+        article = WebDriverWait(driver, 10).until(EC.element_to_be_clickable((By.ID, 'article')))
+        perform_actions_on_article(driver, article)
+
+        next_button = WebDriverWait(driver, 10).until(EC.element_to_be_clickable((By.ID, 'load_next_article')))
+        next_button.click()
+        print("Clicked next article button.")
+
+        prev_button = WebDriverWait(driver, 10).until(EC.element_to_be_clickable((By.ID, 'load_pre_article')))
+        prev_button.click()
+        print("Clicked previous article button.")
+
+    except (TimeoutException, NoSuchElementException) as e:
+        print(f"An error occurred: {e}")
+
+    finally:
+        driver.quit()
+        print("Driver closed.")
+
+def perform_actions_on_article(driver, article):
+    actions = ActionChains(driver)
+    actions.move_to_element(article)
+    actions.click_and_hold()
+    actions.move_by_offset(450, 200)
+    actions.release()
+    actions.perform()
+    print("Performed actions on article.")

app/user_service.py

@@ -178,14 +178,17 @@ def user_mark_word(username):
         d = load_freq_history(user_freq_record)
         lst_history = pickle_idea2.dict2lst(d)
         lst = []
+        lst2 = []
         for word in request.form.getlist('marked'):
-            lst.append((word, [get_time()]))
+            if not word in pickle_idea2.exclusion_lst and len(word) > 2:
+                lst.append((word, [get_time()]))
+                lst2.append(word)
         d = pickle_idea2.merge_frequency(lst, lst_history)
         if len(lst_history) > 999:
             flash('You have way too many words in your difficult-words book. Delete some first.')
         else:
             pickle_idea2.save_frequency_to_pickle(d, user_freq_record)
-            flash('Added %s.' % (', '.join(request.form.getlist('marked'))))
+            flash('Added %s.' % ', '.join(lst2))
         return redirect(url_for('user_bp.userpage', username=username))
     else:
         return 'Under construction'

requirements.txt

@@ -6,3 +6,4 @@ snowballstemmer==2.2.0
 Werkzeug==2.2.2
 requests
 pytest~=8.1.1
+Flask-HTTPAuth==4.4.0