Compare commits

..

4 Commits

Author SHA1 Message Date
缪宸硕 e48008550a Merge branch 'Bug394-MiaoChenShuo' into master 2022-06-12 21:50:36 +08:00
李凯 fde3be4c23 更新 'app/Article.py' 2022-06-11 23:21:17 +08:00
李凯 5d5f4cf8f2 更新 'app/Article.py' 2022-06-11 23:13:08 +08:00
miaochenshuo 260f62967b 修复 Bug394 2022-06-05 23:36:55 +08:00
2 changed files with 449 additions and 971 deletions

View File

@ -5,6 +5,10 @@ from UseSqlite import InsertQuery, RecordQuery
path_prefix = '/var/www/wordfreq/wordfreq/' path_prefix = '/var/www/wordfreq/wordfreq/'
path_prefix = './' # comment this line in deployment path_prefix = './' # comment this line in deployment
def verify_pass(newpass,oldpass):
if(newpass==oldpass):
return True
def verify_user(username, password): def verify_user(username, password):
rq = RecordQuery(path_prefix + 'static/wordfreqapp.db') rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
@ -47,6 +51,8 @@ def change_password(username, old_password, new_password):
if not verify_user(username, old_password): # 旧密码错误 if not verify_user(username, old_password): # 旧密码错误
return False return False
# 将用户名和密码一起加密,以免暴露不同用户的相同密码 # 将用户名和密码一起加密,以免暴露不同用户的相同密码
if verify_pass(new_password,old_password): #新旧密码一致
return False
password = md5(username + new_password) password = md5(username + new_password)
rq = InsertQuery(path_prefix + 'static/wordfreqapp.db') rq = InsertQuery(path_prefix + 'static/wordfreqapp.db')
rq.instructions_with_parameters("UPDATE user SET password=:password WHERE name=:username", dict( rq.instructions_with_parameters("UPDATE user SET password=:password WHERE name=:username", dict(

File diff suppressed because it is too large Load Diff