This repository has been archived by the owner on Sep 6, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
signupPage.cgi
133 lines (123 loc) · 4.32 KB
/
signupPage.cgi
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
#!/usr/bin/python
import cgi, os # For environment data and helpers
import hashlib # For basic password security
from pymongo import MongoClient # For MongoDB connections
import cgitb #Traceback
cgitb.enable()
'''
Name: Drayton Williams
'''
# Details to access MongoDB
username='dw15we'
passwd='5925342'
client=MongoClient('mongodb://'+username+':'+passwd+'@127.0.0.1/'+username)
db=client[username]
# Checks the header cookies for the currently logged in user
# and returns the username
def check_logged_in():
if os.environ.has_key('HTTP_COOKIE'):
user=None #Assume doesn't exist
usid=None # until proven otherwise
cookies=os.environ['HTTP_COOKIE'].split(';')
for cookie in cookies:
if cookie.split('=')[0].strip()=='user':
user=cookie[cookie.find('=')+1:] #Is this one understandable?
elif cookie.split('=')[0].strip()=='usid':
usid=cookie[cookie.find('=')+1:]
if user and usid: #If we have cookies for a username/sesionid
rec=db.users.find_one({'username':user,'usid':usid})
if rec!=None: #If the database records match the user
return user #I know, a little weird to not return True
return None
print "Content-Type: text/html"
statusName=check_logged_in()
print
form = cgi.FieldStorage() # gets access to the submitted form data (only instantiate one)
newUsername = form.getfirst('newUsername') # gets username from form
newPassword = form.getfirst('newPassword') # gets password from form
if newUsername!=None and newPassword!=None: # if username and password were input
newUsername = str(newUsername)
newPassword = str(newPassword)
hashedPassword = hashlib.md5(newPassword).hexdigest()
newUser = {
'username':newUsername,
'password':hashedPassword,
'isAdmin':False,
'isLoggedIn':False
}
tempNewUserCheck = db.users.find_one({'username':newUsername}) # checks database for pre-existence of new user
if tempNewUserCheck == None: # no account already exists
db.users.insert_one(newUser)
print "<script>alert('User added to database');</script>"
else: # an account already exists
print "<script>alert('An account with that username already exists');</script>"
else: # username or password field are empty
print "<script>alert('The fields cannot be empty');</script>"
print """
<html>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<head>
<title>Assignment 4 - Signup Page</title>
<link rel="stylesheet" type="text/css" href="style.css">
<style>
th {
text-align: right;
}
h3 {
text-align: center;
}
</style>
</head>
"""
# Top shared element
print open('pageDesign.top','r').read()
# displays the admin menu if user is an admin
isAdmin = db.users.user=db.users.find_one({'username':statusName,'isAdmin':True})
if isAdmin: # the user is an admin
print """
<a href="adminUserPage.cgi">
<button>Admin: Users</button>
</a>
<a href="adminProductPage.cgi">
<button>Admin: Products</button>
</a>
"""
# displaying buttons/status depending on if the user is signed in
if statusName: #user is signed in
# display sign out button
print """
<a href="logoutUser.cgi">
<button>Logout</button>
</a>
"""
print "<h4>"
print "Signed in as: "+statusName
print "</h4>"
else: # user is offline
# display sign in button
print '''
<a href="loginPage.cgi">
<button>Login</button>
</a>
'''
# display status as offline
print "<h4>"
print "Signed in as: Offline"
print "</h4>"
print """
<body>
<table cellpadding="5" cellspacing="10" align="center">
<h3>Signup Page: Create a user account!</h3>
<form method="post">
<tr><th>New Username:</th><td><input type='text' name='newUsername'/></td></tr>
<tr><th>New Password:</th><td><input type='password' name='newPassword'/></td></tr>
<tr><td colspan="2" align="right"><input type='submit' value='Create User' name='login' /></td></tr>
</form>
</table>
</body>
"""
# Bottom shared element
print open('pageDesign.bottom','r').read()
"""
</html>
"""