profile.py
This python script asks the user to log in, then sends a form that allows the user to update "profile" information.
Try it: run script
001: #!/usr/bin/python 002: import cgi, cgitb, sys 003: import MySQLdb 004: import dbname 005: cgitb.enable(); # formats errors in HTML 006: 007: sys.stderr = sys.stdout 008: 009: 010: 011: def login(form,action): 012: 'log into users table' 013: login_form = '''<form action="%s" method="POST"> 014: <p>Please enter your username and password 015: <p><table> 016: <tr><td>Username <td><input type="text" name="username"> 017: <tr><td>Password<td><input type="password" name="password"> 018: </table> 019: <p><input type="submit" value="Login"> 020: </form> 021: </body></html>''' % action 022: fields = ("username", "password"); 023: okay=True 024: for field in fields: 025: if (not form.has_key(field)): 026: #if (okay): print '<dir></pre>' 027: okay=False 028: #print 'missing <b>%s</b>' % field 029: if (not okay): 030: #print '</pre></dir>' 031: print login_form 032: sys.exit() 033: db = dbname.dbopen() 034: try: 035: cur = db.cursor() 036: cur.execute("""SELECT uid from users 037: where username='%s' and password='%s'""" % (form["username"].value, form["password"].value) ) 038: rows = cur.fetchall() 039: cur.close(); 040: db.close(); 041: if (cur.rowcount > 0): 042: uid = rows[0] 043: return uid 044: else: 045: print '<p>login failed, please try again.' 046: print login_form 047: sys.exit() 048: except MySQLdb.Error, e: 049: print e 050: sys.exit() 051: 052: print "Content-type: text/html" 053: print 054: print '''<html> 055: <head> 056: <title>User Profile</title> 057: </head> 058: <body> 059: <h1>User Profile</h1>''' 060: 061: form = cgi.FieldStorage() 062: 063: if (form.has_key('uid')): 064: uid = int(form['uid'].value) 065: else: 066: uid = login(form,'profile.py') 067: 068: db=dbname.dbopen() 069: 070: try: 071: cur = db.cursor() 072: cur.execute("""SELECT nickname, red, green, blue, xloc, yloc, message from users 073: where uid=%d""" % uid ) 074: row = cur.fetchone() 075: except MySQLdb.Error, e: 076: print '<p>' 077: print e 078: sys.exit() 079: 080: 081: fields = ("nickname", "red", "green", "blue", "xloc", "yloc", "message") 082: 083: okay=False 084: setstr = 'modified=now()' 085: 086: if (form.has_key("nickname")): 087: okay=True 088: nickname = form["nickname"].value 089: setstr = setstr + ", nickname = '%s'" % nickname 090: else: nickname = row[0] 091: 092: if (form.has_key("red")): 093: okay=True 094: red = int(form["red"].value) 095: setstr = setstr + ", red = %d" % red 096: elif (row[1]): 097: red = row[1] 098: else: 099: red = 255 100: 101: if (form.has_key("green")): 102: okay=True 103: green = int(form["green"].value) 104: setstr = setstr + ", green = %d" % green 105: elif (row[2]): 106: green = row[2] 107: else: 108: green = 0 109: 110: if (form.has_key("blue")): 111: okay=True 112: blue = int(form["blue"].value) 113: setstr = setstr + ", blue = %d" % blue 114: elif (row[3]): 115: blue = row[3] 116: else: 117: blue = 0 118: 119: if (form.has_key("xloc")): 120: okay=True 121: xloc = float(form["xloc"].value) 122: setstr = setstr + ", xloc = %g" % xloc 123: elif (row[4]): 124: xloc = row[4] 125: else: 126: xloc = 160 127: 128: if (form.has_key("yloc")): 129: okay=True 130: yloc = float(form["yloc"].value) 131: setstr = setstr + ", yloc = %g" % yloc 132: elif (row[5]): 133: yloc = row[5] 134: else: 135: yloc = 120 136: 137: if (form.has_key("message")): 138: okay=True 139: message = form["message"].value 140: setstr = setstr + ", message = '%s'" % message 141: else: 142: message = row[6] 143: 144: if (not nickname): nickname = ' ' 145: if (not message): message = ' ' 146: 147: #print '<p>Set values: <b>%s</b>' % setstr 148: 149: if (okay): 150: try: 151: cur = db.cursor() 152: cur.execute("UPDATE users SET %s WHERE uid=%d" % (setstr, uid) ) 153: except MySQLdb.Error, e: 154: print '<p>' 155: print e 156: sys.exit() 157: 158: 159: print '<form action="profile.py" method=POST>' 160: 161: print '<input type="hidden" name="uid" value=%d>' % uid 162: 163: print '<p><table>' 164: print '<tr><td>Nickname <td> <input type="text" name="nickname" value="%s" size=16>' % nickname 165: print '<tr><td>Message <td> <input type="text" name="message" value="%s" size=32>' % message 166: print '</table>' 167: 168: 169: print '''<h4>Screen Location</h4> 170: <p><table> 171: <tr><td>x <td><input type="text" name="xloc" value=%g> 172: <tr><td>y <td><input type="text" name="yloc" value=%g> 173: </table>''' % (xloc, yloc) 174: 175: bgcolor = '%02X%02X%02X' % (red, green, blue) 176: 177: print '''<h4>Color</h4> 178: <p><table> 179: <tr><td>red <td><input type="text" name="red" value=%d size=3> 180: <td rowspan=3 width=12><br> 181: <td rowspan=3 width=80 bgcolor=%s><br> 182: <tr><td>green <td><input type="text" name="green" value=%d size=3> 183: <tr><td>blue <td><input type="text" name="blue" value=%d size=3> 184: </table>''' % (red, bgcolor, green, blue) 185: 186: print '''<p><input type="submit" value="Update"> 187: </form> 188: </body></html>'''
Maintained by John Loomis, updated Sun Mar 02 22:54:20 2008