profile.pyThis python script asks the user to log in, then sends a form that allows the user to update "profile" information.
Try it: run script
001: #!/usr/bin/python
002: import cgi, cgitb, sys
003: import MySQLdb
004: import dbname
005: cgitb.enable(); # formats errors in HTML
006:
007: sys.stderr = sys.stdout
008:
009:
010:
011: def login(form,action):
012: 'log into users table'
013: login_form = '''<form action="%s" method="POST">
014: <p>Please enter your username and password
015: <p><table>
016: <tr><td>Username <td><input type="text" name="username">
017: <tr><td>Password<td><input type="password" name="password">
018: </table>
019: <p><input type="submit" value="Login">
020: </form>
021: </body></html>''' % action
022: fields = ("username", "password");
023: okay=True
024: for field in fields:
025: if (not form.has_key(field)):
026: #if (okay): print '<dir></pre>'
027: okay=False
028: #print 'missing <b>%s</b>' % field
029: if (not okay):
030: #print '</pre></dir>'
031: print login_form
032: sys.exit()
033: db = dbname.dbopen()
034: try:
035: cur = db.cursor()
036: cur.execute("""SELECT uid from users
037: where username='%s' and password='%s'""" % (form["username"].value, form["password"].value) )
038: rows = cur.fetchall()
039: cur.close();
040: db.close();
041: if (cur.rowcount > 0):
042: uid = rows[0]
043: return uid
044: else:
045: print '<p>login failed, please try again.'
046: print login_form
047: sys.exit()
048: except MySQLdb.Error, e:
049: print e
050: sys.exit()
051:
052: print "Content-type: text/html"
053: print
054: print '''<html>
055: <head>
056: <title>User Profile</title>
057: </head>
058: <body>
059: <h1>User Profile</h1>'''
060:
061: form = cgi.FieldStorage()
062:
063: if (form.has_key('uid')):
064: uid = int(form['uid'].value)
065: else:
066: uid = login(form,'profile.py')
067:
068: db=dbname.dbopen()
069:
070: try:
071: cur = db.cursor()
072: cur.execute("""SELECT nickname, red, green, blue, xloc, yloc, message from users
073: where uid=%d""" % uid )
074: row = cur.fetchone()
075: except MySQLdb.Error, e:
076: print '<p>'
077: print e
078: sys.exit()
079:
080:
081: fields = ("nickname", "red", "green", "blue", "xloc", "yloc", "message")
082:
083: okay=False
084: setstr = 'modified=now()'
085:
086: if (form.has_key("nickname")):
087: okay=True
088: nickname = form["nickname"].value
089: setstr = setstr + ", nickname = '%s'" % nickname
090: else: nickname = row[0]
091:
092: if (form.has_key("red")):
093: okay=True
094: red = int(form["red"].value)
095: setstr = setstr + ", red = %d" % red
096: elif (row[1]):
097: red = row[1]
098: else:
099: red = 255
100:
101: if (form.has_key("green")):
102: okay=True
103: green = int(form["green"].value)
104: setstr = setstr + ", green = %d" % green
105: elif (row[2]):
106: green = row[2]
107: else:
108: green = 0
109:
110: if (form.has_key("blue")):
111: okay=True
112: blue = int(form["blue"].value)
113: setstr = setstr + ", blue = %d" % blue
114: elif (row[3]):
115: blue = row[3]
116: else:
117: blue = 0
118:
119: if (form.has_key("xloc")):
120: okay=True
121: xloc = float(form["xloc"].value)
122: setstr = setstr + ", xloc = %g" % xloc
123: elif (row[4]):
124: xloc = row[4]
125: else:
126: xloc = 160
127:
128: if (form.has_key("yloc")):
129: okay=True
130: yloc = float(form["yloc"].value)
131: setstr = setstr + ", yloc = %g" % yloc
132: elif (row[5]):
133: yloc = row[5]
134: else:
135: yloc = 120
136:
137: if (form.has_key("message")):
138: okay=True
139: message = form["message"].value
140: setstr = setstr + ", message = '%s'" % message
141: else:
142: message = row[6]
143:
144: if (not nickname): nickname = ' '
145: if (not message): message = ' '
146:
147: #print '<p>Set values: <b>%s</b>' % setstr
148:
149: if (okay):
150: try:
151: cur = db.cursor()
152: cur.execute("UPDATE users SET %s WHERE uid=%d" % (setstr, uid) )
153: except MySQLdb.Error, e:
154: print '<p>'
155: print e
156: sys.exit()
157:
158:
159: print '<form action="profile.py" method=POST>'
160:
161: print '<input type="hidden" name="uid" value=%d>' % uid
162:
163: print '<p><table>'
164: print '<tr><td>Nickname <td> <input type="text" name="nickname" value="%s" size=16>' % nickname
165: print '<tr><td>Message <td> <input type="text" name="message" value="%s" size=32>' % message
166: print '</table>'
167:
168:
169: print '''<h4>Screen Location</h4>
170: <p><table>
171: <tr><td>x <td><input type="text" name="xloc" value=%g>
172: <tr><td>y <td><input type="text" name="yloc" value=%g>
173: </table>''' % (xloc, yloc)
174:
175: bgcolor = '%02X%02X%02X' % (red, green, blue)
176:
177: print '''<h4>Color</h4>
178: <p><table>
179: <tr><td>red <td><input type="text" name="red" value=%d size=3>
180: <td rowspan=3 width=12><br>
181: <td rowspan=3 width=80 bgcolor=%s><br>
182: <tr><td>green <td><input type="text" name="green" value=%d size=3>
183: <tr><td>blue <td><input type="text" name="blue" value=%d size=3>
184: </table>''' % (red, bgcolor, green, blue)
185:
186: print '''<p><input type="submit" value="Update">
187: </form>
188: </body></html>'''
Maintained by John Loomis, updated Sun Mar 02 22:54:20 2008