|
|
var express = require('express');
var router = express.Router();
const DBHelp
=require('./DBHelp');
/* GET home page. */
router.get(
'/', function(req, res, next)
{
res.render(
'index', {>
});
//登录
router.route('/login').all(Logined).get(function(req,res)
{
res.render('login',{title:'Login'});
}).post(function(req,res)
{
let user={username:req.body.username,password:req.body.password};
let sqlStr='select count(*) as count from users where username="'+user.username+'" and password="'+user.password+'"';
let dbhelp=new DBHelp();
dbhelp.Find(sqlStr,function(result)
{
if(result[0].count==1)
{
//出于安全,只把包含用户名存入session
req.session.user={username:user.username};
return res.redirect('/home');
}
else
{
req.session.error='用户名不存在或者密码错误!';
return res.redirect('/login');
}
});
});
//注册
router.route('/register').all(Logined).get(function(req,res)
{
res.render('register',{title:'Register'});
}).post(function(req,res)
{
let newUser={username:req.body.username,password:req.body.password,passwordSec:req.body.passwordSec};
let sqlStr2='select count(*) as count from users where username="'+newUser.username+'"';
let dbhelp=new DBHelp();
dbhelp.Find(sqlStr2,function(result)
{
if(result[0].count!=1)
{
if(newUser.password===newUser.passwordSec)
{
let sqlStr='insert into users(username,password) values(?,?)';
let data=[newUser.username,newUser.password]
dbhelp.Add(sqlStr,data,function()
{
req.session.error='注册成功,请登录!';
return res.redirect('/login');
});
}
else
{
req.session.error='两次密码不一致!';
return res.redirect('/register');
}
}
else
{
req.session.error='用户名已存在!';
return res.redirect('/register');
}
});
});
//Home用户管理
router.route('/home').all(LoginFirst).get(function(req,res)
{
let sqlStr='select username from users';
let dbhelp=new DBHelp();
dbhelp.Find(sqlStr,function(result)
{
if(result)
{
res.render('home',{title:'Home',Allusers:result});
}
else
{
res.render('home',{title:'Home'});
}
});
});
//删除
router.route('/delete/:URLusername').get(function(req,res)
{
let reqUsername=req.params.URLusername;
if(reqUsername!==req.session.user.username)
{
let sqlStr='delete from users where username="'+reqUsername+'"';
let dbhelp=new DBHelp();
dbhelp.Delete(sqlStr,function()
{
req.session.error='移除用户 '+reqUsername+' 成功!';
return res.redirect('/home');
});
}
else
{
req.session.error="不能操作当前登录用户!";
return res.redirect('/home');
}
});
//重置密码
router.get('/resetPwd/:URLusername',function(req,res)
{
let reqUsername=req.params.URLusername;
if(reqUsername!==req.session.user.username)
{
let sqlStr='update users set password=? where username=?';
let data=['123456',reqUsername];
let dbhelp=new DBHelp();
dbhelp.Update(sqlStr,data,function()
{
req.session.error=reqUsername+' 的密码已重置为 123456!';
return res.redirect('/home');
});
}
else
{
req.session.error="不能操作当前登录用户!";
return res.redirect('/home');
}
});
//注销
router.get('/logout',function(req,res)
{
req.session.user=null;
return res.redirect('/');
});
function Logined(req,res,next)
{
if(req.session.user)
{
req.session.error='您已登录!';
return res.redirect('/home');
}
next();
}
function LoginFirst(req,res,next)
{
if(!req.session.user)
{
req.session.error='请先登录!';
return res.redirect('/login');
}
next();
}
module.exports = router; |
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2017-12-16 16:33:54
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡