diff --git a/.gitignore b/.gitignore index 413c71c..3d901ba 100644 --- a/.gitignore +++ b/.gitignore @@ -10,3 +10,4 @@ app/static/frequency/frequency.p app/static/wordfreqapp.db app/static/donate-the-author.jpg app/static/donate-the-author-hidden.jpg +app/model/__pycache__/ \ No newline at end of file diff --git a/README.md b/README.md index 29e74dd..14cc9aa 100644 --- a/README.md +++ b/README.md @@ -182,6 +182,7 @@ Bug report: http://118.25.96.118/bugzilla/show_bug.cgi?id=215 + ### 丁锐 修复了以下漏洞 @@ -191,4 +192,5 @@ Bug report: http://118.25.96.118/bugzilla/show_bug.cgi?id=215 Bug report: http://118.25.96.118/bugzilla/show_bug.cgi?id=489 -*Last modified on 2023-01-30* \ No newline at end of file +*Last modified on 2023-01-30* + diff --git a/app/Article.py b/app/Article.py index cf27ab7..ba253c9 100644 --- a/app/Article.py +++ b/app/Article.py @@ -33,12 +33,17 @@ def get_article_body(s): return '\n'.join(lst) -def get_today_article(user_word_list, articleID): +def get_today_article(user_word_list, existing_articles): rq = RecordQuery(path_prefix + 'static/wordfreqapp.db') - if articleID == None: + if existing_articles is None: + existing_articles = { + "index" : 0, # 为 article_ids 的索引 + "article_ids": [] # 之前显示文章的id列表,越后越新 + } + if existing_articles["index"] > len(existing_articles["article_ids"])-1: rq.instructions("SELECT * FROM article") else: - rq.instructions('SELECT * FROM article WHERE article_id=%d' % (articleID)) + rq.instructions('SELECT * FROM article WHERE article_id=%d' % (existing_articles["article_ids"][existing_articles["index"]])) rq.do() result = rq.get_results() random.shuffle(result) @@ -48,36 +53,41 @@ def get_today_article(user_word_list, articleID): d2 = load_freq_history(path_prefix + 'static/words_and_tests.p') d3 = get_difficulty_level(d1, d2) - d = {} + d = None d_user = load_freq_history(user_word_list) user_level = user_difficulty_level(d_user, d3) # more consideration as user's behaviour is dynamic. Time factor should be considered. - random.shuffle(result) # shuffle list - d = random.choice(result) - text_level = text_difficulty_level(d['text'], d3) - if articleID == None: + text_level = 0 + if existing_articles["index"] > len(existing_articles["article_ids"])-1: # 下一篇 + flag_get_article = False for reading in result: text_level = text_difficulty_level(reading['text'], d3) factor = random.gauss(0.8, 0.1) # a number drawn from Gaussian distribution with a mean of 0.8 and a stand deviation of 1 - if within_range(text_level, user_level, (8.0 - user_level) * factor): + if reading['article_id'] not in existing_articles["article_ids"] and within_range(text_level, user_level, (8.0 - user_level) * factor): # 新的文章之前没有出现过且符合一定范围的水平 d = reading + existing_articles["article_ids"].append(d['article_id']) # 列表添加新的文章id;下面进行 + flag_get_article = True break + if not flag_get_article: + existing_articles["index"] -= 1 + else: # 上一篇 + d = random.choice(result) + text_level = text_difficulty_level(d['text'], d3) - s = '
Article added on: %s
' % (d['date']) - s += '%s
' % (article_title) - s += '%s
' % (article_body) - s += '%s
' % (d['source']) - s += '%s
' % (get_question_part(d['question'])) - s = s.replace('\n', '恭喜,你已成功注册, 你的用户名是 %s。
\ - ' % (username, username, username) + session['existing_articles'] = None + return jsonify({'status': '2'}) else: - return '用户名密码验证失败。' + return jsonify({'status': '1'}) @@ -59,13 +52,7 @@ def login(): ''' if request.method == 'GET': # GET请求 - if not session.get('logged_in'): - # 未登录,返回登录页面 - return render_template('login.html') - else: - # 已登录,提示信息并显示登出按钮 - return '你已登录 %s。 登出点击这里。' % ( - session['username'], session['username']) + return render_template('login.html') elif request.method == 'POST': # POST方法用于判断登录是否成功 # check database and verify user @@ -79,10 +66,10 @@ def login(): session['username'] = username user_expiry_date = get_expiry_date(username) session['expiry_date'] = user_expiry_date - session['articleID'] = None - return redirect(url_for('user_bp.userpage', username=username)) + session['existing_articles'] = None + return jsonify({'status': '1'}) else: - return '无法通过验证。' + return jsonify({'status': '0'}) @accountService.route("/logout", methods=['GET', 'POST']) @@ -115,31 +102,9 @@ def reset(): # POST请求用于提交修改后信息 old_password = escape(request.form['old-password']) new_password = escape(request.form['new-password']) - - re_new_password = escape(request.form['re-new-password']) # 确认新密码 - if re_new_password != new_password: #验证新密码两次输入是否相同 - return '新密码不匹配,请重新输入' - if len(new_password) < 4: #验证新密码长度,原则参照注册模块 - return '密码过于简单。(密码长度至少4位)' - flag = change_password(username, old_password, new_password) # flag表示是否修改成功 if flag: session['logged_in'] = False - return \ -''' - - -''' - + return jsonify({'status':'1'}) # 修改成功 else: - return \ -''' - - -''' + return jsonify({'status':'2'}) # 修改失败 diff --git a/app/admin_service.py b/app/admin_service.py new file mode 100644 index 0000000..1d1ba6e --- /dev/null +++ b/app/admin_service.py @@ -0,0 +1,145 @@ +# System Library +from flask import * + +# Personal library +from Yaml import yml +from model.user import * +from model.article import * + +ADMIN_NAME = "lanhui" # unique admin name +_cur_page = 1 # current article page +_page_size = 5 # article sizes per page +adminService = Blueprint("admin_service", __name__) + + +def check_is_admin(): + # 未登录,跳转到未登录界面 + if not session.get("logged_in"): + return render_template("not_login.html") + + # 用户名不是admin_name + if session.get("username") != ADMIN_NAME: + return "You are not admin!" + + return "pass" + + +@adminService.route("/admin", methods=["GET"]) +def admin(): + is_admin = check_is_admin() + if is_admin != "pass": + return is_admin + + return render_template( + "admin_index.html", yml=yml, username=session.get("username") + ) + + +@adminService.route("/admin/article", methods=["GET", "POST"]) +def article(): + global _cur_page, _page_size + + is_admin = check_is_admin() + if is_admin != "pass": + return is_admin + + _article_number = get_number_of_articles() + try: + _page_size = min( + max(1, int(request.args.get("size", 5))), _article_number + ) # 最小的size是1 + _cur_page = min( + max(1, int(request.args.get("page", 1))), _article_number // _page_size + (_article_number % _page_size > 0) + ) # 最小的page是1 + except ValueError: + return "page parmas must be int!" + + _articles = get_page_articles(_cur_page, _page_size) + for article in _articles: # 获取每篇文章的title + article.title = article.text.split("\n")[0] + article.content = 'English Pal - Learn English smartly!
{% if session['logged_in'] %} - {{session['username']}} + {{ session['username'] }} + {% if session['username'] == admin_name %} + 管理 + {% endif %} {% else %} -{{random_ads|safe}}
+{{ random_ads }}。 试试吧!
{% endif %} -粘贴1篇文章 (English only)
English Pal for {{ username }} - 退出 - 重设密码 + {% if username == admin_name %} + 管理 + {% endif %} + 退出 + 重设密码
- {{ flashed_messages|safe }} +{# {% for message in flashed_messages %}#} {# 根据user_service.userpage,取消了参数flashed_messages,因此注释了这段代码 #} +{#阅读文章并回答问题
-Article added on: {{ today_article["date"] }}
{{ today_article["article_title"] }}
{{ today_article["article_body"] }}
{{ today_article['source'] }}
{{ today_article['question'] }}
Notes:
No article is currently available for you. You can try again a few times or mark new words in the passage to improve your level.
收集生词吧 (可以在正文中划词,也可以复制黏贴)