usersignup.py

python web programming 部分

#! python
#
# $Workfile: UserSignUp.py $ $Revision: 6 $
# $Date: 10/07/01 1:49p $ $Author: Sholden $
#
import User
import pyforms

from Params import SITENAME, MAILHOST, WEBMASTER
from Error import Error
import whrandom
import smtplib
import mx.DateTime as mxdt
import mx.DateTime.ARPA as arpa
import pickle

class Page(User.Page):
    """Accept new account details posted by EntryForm.

    We record the user details in the Wannabe table, using a 
    six-digit random number as a confirmation key. We then
    send an email to their address containing a URL with the
    confirmation key masked by twelve other digits to discourage
    exhaustive searches. We assume that the user will only get to
    the URL if they see the email. Accessing the URL will use the
    Activate class to move the details from Wannabe to Student.
    """
    def Body(self):
        if self.op != "POST":
            raise Error(405, "Method Not Allowed", errmsg="You can only POST to this page")
        FD = self.getValidForm()
        udata = self.getFormData()
        errors = self.ChkReqd(FD, udata)
        if not errors:
            # Do the expensive stuff only if the data is OK
            User.cursor.execute(
                        "SELECT count(*) FROM student WHERE StdEmail=%s",
                        (self.input["StdEmail"], ))
            r1 = User.cursor.fetchall()[0][0]
            User.cursor.execute(
                        "SELECT count(*) FROM wannabe WHERE StdEmail=%s",
                        (self.input["StdEmail"], ))
            r2 = User.cursor.fetchall()[0][0]
            if r1+r2:
                errors.append("Email address in use")
        if errors:
            errors = self.RedText("<BR>\r\n".join(errors))
            FD = User.buildFD(self.RedText("Please Correct"), errors)
            form = pyforms.FormBuild(FD, "UserForm",
                        "/UsrSignUp/", Width=25,
                        Buttons=(("CREATE", 0), ),
                        R=udata)
            self.session._fd = FD
            self.session._secureform = 1
            return form
        # Generate random number for email authentication URL
        count = 0
        sql = "SELECT count(*) FROM Wannabe WHERE Stdconf=%s"
        while count < 1000: # We should find one quickly
            conf = whrandom.randint(1000000, 9999999)
            User.cursor.execute(sql, (conf, ))
            if User.cursor.fetchall() == [(0,)]:
                break
        else:
            raise Error(500, "Internal Server Error",
                    errmsg="Could not generate confirmation number after 1,000 tries!")
        sql = "INSERT INTO Wannabe (%s) VALUES (%s)" % \
                        (", ".join(User.StdNames+["StdConf", "StdOrder"]),
                         ", ".join(["%s" for x in User.StdNames+[1, 1]]))
        data = [self.input[x] for x in User.StdNames] + \
                [conf, pickle.dumps(self.session._bookings)]
        User.cursor.execute(sql, tuple(data))
        User.conn.commit()
        # Send confirmation email to our wannabe
        # If they have an order pending, tell them how to proceed
        dt = arpa.str(mxdt.now())
        # hide the real confirmation number
        c1 = whrandom.randint(1000000, 9999999)
        c2 = whrandom.randint(1000000, 9999999)
        conf = "%d%d%d" % (c1, conf, c2)
        if self.session._bookings:
            orderp = """
Your order can be confirmed as soon as you have activated
your new account.
"""
        else:
            orderp = ""
        msg = """Date: %s
Subject: Your PythonTeach Account Activation Code
From: %s
To: %s

Thank you for enrolling with PythonTeach. We very much hope you
will find our services valuable, and that we can help you for
many years to come.

All you need to do to activate the account and enable login is
to visit the following URL:

    http://%s/Activate/%s/

You will then be able to log in as follows:

    Username: %s
    Password: %s

Please make a record of these details.
%s
Sincerely
PythonTeach
""" % (dt, WEBMASTER, udata.StdEmail, SITENAME, conf, udata.StdEmail, udata.StdPasswd, orderp)
        try:
            smtp = smtplib.SMTP(MAILHOST)
            result = smtp.sendmail(WEBMASTER, [udata.StdEmail], msg)
            smtp.quit()
            return """<H3>Welcome to PythonTeach!</H3>
            <P>Thank you for entering your details,
            which have been recorded.</P>
            <P>You should shortly receive an email
            containing a confirmation URL. Your account
            will be activated once you have visited this URL.
            If you were processing an order when you signed
            up, the email will include details of how to
            confirm that order.</P>
            <P>You will not be able to submit any further
            orders until you have completed sign-up.
            In the meantime please feel free to browse
            the remainder of the site.</P>
            """
        except smtplib.SMTPException:
            return """<P>Sorry, our outgoing mail service
            is temporarily disabled.</P>
            <P>Please <A HREF="mailto:%s">email us</A>
            explaining the situation, and we will
            send your activation code by hand</P>
            <P>If you do not receive a reply, you should
            try other means of contact listed elsewhere
            on this site.
            """ % WEBMASTER