From 1841bded6386dad8ca35441edb836b7b77fc6d8a Mon Sep 17 00:00:00 2001 From: SUNWUYUAN <1847261658@qq.com> Date: Sat, 30 Dec 2023 19:18:32 +0800 Subject: [PATCH] 1 --- build/ejs/python/my_python_projects.ejs | 2 +- build/ejs/python/python_projects.ejs | 4 +- build/ejs/scratch/my_scratch_projects.ejs | 2 +- build/ejs/scratch/scratch_projects.ejs | 4 +- build/ejs/user.ejs | 4 +- server/router_admin.js | 264 +++++++++++----------- server/router_ads.js | 28 +-- server/router_api.js | 18 +- server/router_my.js | 38 ++-- server/router_python.js | 58 ++--- server/router_scratch.js | 126 +++++------ server/router_user.js | 46 ++-- 12 files changed, 297 insertions(+), 297 deletions(-) diff --git a/build/ejs/python/my_python_projects.ejs b/build/ejs/python/my_python_projects.ejs index 700f709..2e2315d 100644 --- a/build/ejs/python/my_python_projects.ejs +++ b/build/ejs/python/my_python_projects.ejs @@ -51,7 +51,7 @@ , jump: function (obj, first) { $.ajax({ 'url': '/my/getPythonProjects', - 'type': 'POST', + 'type': 'GET', 'data': { curr: obj.curr, limit: obj.limit, state: state }, 'success': function (d) { if (d.length) { diff --git a/build/ejs/python/python_projects.ejs b/build/ejs/python/python_projects.ejs index 8af19a6..0c22a86 100644 --- a/build/ejs/python/python_projects.ejs +++ b/build/ejs/python/python_projects.ejs @@ -79,7 +79,7 @@ , jump: function (obj, first) { $.ajax({ 'url': '/python/view/getPythonProjects', - 'type': 'POST', + 'type': 'GET', 'data': { curr: obj.curr, limit: obj.limit, type: thetype }, 'success': function (d) { if (d.length) { @@ -135,7 +135,7 @@ $.ajax({ 'url': '/python/view/seachPythonProjects', - 'type': 'POST', + 'type': 'GET', 'data': { t: 'p', txt: txt, searchall: document.getElementById("python_src").checked }, 'success': function (d) { if (d.length) { diff --git a/build/ejs/scratch/my_scratch_projects.ejs b/build/ejs/scratch/my_scratch_projects.ejs index 463a43c..f0c8fe3 100644 --- a/build/ejs/scratch/my_scratch_projects.ejs +++ b/build/ejs/scratch/my_scratch_projects.ejs @@ -52,7 +52,7 @@ , jump: function (obj, first) { $.ajax({ 'url': '/my/getScratchProjects', - 'type': 'POST', + 'type': 'GET', 'data': { curr: obj.curr, limit: obj.limit, state: state }, 'success': function (d) { if (d.length) { diff --git a/build/ejs/scratch/scratch_projects.ejs b/build/ejs/scratch/scratch_projects.ejs index f5c34a0..94796fd 100644 --- a/build/ejs/scratch/scratch_projects.ejs +++ b/build/ejs/scratch/scratch_projects.ejs @@ -79,7 +79,7 @@ , jump: function (obj, first) { $.ajax({ 'url': '/scratch/view/getScratchProjects', - 'type': 'POST', + 'type': 'GET', 'data': { curr: obj.curr, limit: obj.limit, type: thetype }, 'success': function (d) { if (d.length) { @@ -133,7 +133,7 @@ $.ajax({ 'url': '/scratch/view/seachScratchProjects', - 'type': 'POST', + 'type': 'GET', 'data': { t: 's', txt: txt, searchall: document.getElementById("search_src").checked }, 'success': function (d) { if (d.length) { diff --git a/build/ejs/user.ejs b/build/ejs/user.ejs index e7fa206..45ca909 100644 --- a/build/ejs/user.ejs +++ b/build/ejs/user.ejs @@ -83,7 +83,7 @@ , jump: function (obj, first) { $.ajax({ 'url': '/api/getUserScratchProjects', - 'type': 'POST', + 'type': 'GET', 'data': { curr: obj.curr, limit: obj.limit, userid: getQueryString('id') }, 'success': function (d) { if (d.length) { @@ -124,7 +124,7 @@ , jump: function (obj, first) { $.ajax({ 'url': '/api/getUserPythonProjects', - 'type': 'POST', + 'type': 'GET', 'data': { curr: obj.curr, limit: obj.limit, userid: getQueryString('id') }, 'success': function (d) { if (d.length) { diff --git a/server/router_admin.js b/server/router_admin.js index 0cc19dc..faef93d 100644 --- a/server/router_admin.js +++ b/server/router_admin.js @@ -106,14 +106,14 @@ router.get('/user/data', function(req, res) { }); }); //管理员重置用户密码 -router.post('/user_setpwd', function (req, res) { - if (!req.body.pw || !req.body.un|| !I.userpwTest(req.body.pw)){ +router.get('/user_setpwd', function (req, res) { + if (!req.query.pw || !req.query.un|| !I.userpwTest(req.query.pw)){ res.status(200).send({"status":"failed","msg":"再试一次"}); return; } //对密码进行加密 - let pw = I.md5(I.md5(req.body.pw)+req.body.un); + let pw = I.md5(I.md5(req.query.pw)+req.query.un); var UPDATE = `UPDATE user SET pwd='${pw}' WHERE username='${req.body['un']}' LIMIT 1`; DB.query(UPDATE, function (err, d) { if (err) { @@ -124,13 +124,13 @@ router.post('/user_setpwd', function (req, res) { }); }); //用户管理:功能.0解封 2封号 -router.post('/user_setstate',function(req,res){ +router.get('/user_setstate',function(req,res){ var state = 0; if (req.body['s'] == undefined || req.body['s'] !=0) { state = 2;//未知时,都当作封号处理 } //var state = parseInt(req.body['s']); - var UPDATE = `UPDATE user SET state=${state} WHERE id=${req.body.id} LIMIT 1`; + var UPDATE = `UPDATE user SET state=${state} WHERE id=${req.query.id} LIMIT 1`; DB.query(UPDATE, function(err,d){ if(err){ res.status(200).send({"status":"failed","msg":"再试一次"}) @@ -141,13 +141,13 @@ router.post('/user_setstate',function(req,res){ }) }); //用户管理:创建新用户,功能 -router.post('/user_new',function(req,res){ - if (!req.body.un|| !I.usernameTest(req.body.un)){ +router.get('/user_new',function(req,res){ + if (!req.query.un|| !I.usernameTest(req.query.un)){ res.status(200).send({"status":"failed","msg":"再试一次"}); return; } //检查账号是否已存在 - var SQL = `SELECT id FROM user WHERE username='${req.body.un}' LIMIT 1`; + var SQL = `SELECT id FROM user WHERE username='${req.query.un}' LIMIT 1`; DB.query(SQL, function (err, User) { if (err) { res.status(200).send( msg_fail); @@ -159,10 +159,10 @@ router.post('/user_new',function(req,res){ } //对密码进行加密:默认密码为用户手机号后8位 - var nn = req.body.un.substring(req.body.un.length-6);//昵称 - var pw = nn;//req.body.un.substring(req.body.un.length-6);//初始密码 - pw = I.md5(I.md5(pw)+req.body.un); - SQL = `INSERT INTO user (username,pwd,nickname) VALUES ('${req.body.un}','${pw}','${nn}')`; + var nn = req.query.un.substring(req.query.un.length-6);//昵称 + var pw = nn;//req.query.un.substring(req.query.un.length-6);//初始密码 + pw = I.md5(I.md5(pw)+req.query.un); + SQL = `INSERT INTO user (username,pwd,nickname) VALUES ('${req.query.un}','${pw}','${nn}')`; DB.query(SQL, function (err, newUser) { if (err) { res.status(200).send( { 'status': 'fail', 'msg': '再试一次' }); @@ -181,9 +181,9 @@ router.post('/user_new',function(req,res){ }); }); //用户管理:批量创建新用户,功能 -router.post('/user_new100',function(req,res){ - const qz = req.body.qz; - const sl = req.body.sl; +router.get('/user_new100',function(req,res){ + const qz = req.query.qz; + const sl = req.query.sl; var reg = /^(?:\d+|[a-zA-Z]+){4,8}$/; if (!reg['test'](qz)) { res.status(200).send({status: 'x', msg:'前缀格式不正确'}); @@ -220,9 +220,9 @@ router.post('/user_new100',function(req,res){ }); //用户管理:开启、关闭用户注册通道 -router.post('/user/setRegist',function(req,res){ +router.get('/user/setRegist',function(req,res){ let v=1; - if (req.body.v != 1){ + if (req.query.v != 1){ v=0 } @@ -286,9 +286,9 @@ router.get('/works/scratch/data', function(req, res) { }); }); //作品管理:设置作品的标题 -router.post('/works/scratch/changeTitle',function(req,res){ - var UPDATE = `UPDATE scratch SET title=? WHERE id=${req.body.id} LIMIT 1`; - var SET = [`${req.body.t}`] +router.get('/works/scratch/changeTitle',function(req,res){ + var UPDATE = `UPDATE scratch SET title=? WHERE id=${req.query.id} LIMIT 1`; + var SET = [`${req.query.t}`] DB.qww(UPDATE, SET, function(err,d){ if(err){ res.status(200).send({"status":"failed","msg":"再试一次"}) @@ -299,14 +299,14 @@ router.post('/works/scratch/changeTitle',function(req,res){ }) }); //作品管理:设置作品的发布状态 -router.post('/works/scratch/setState',function(req,res){ - if (req.body.s == undefined || (req.body.s < 0 || 2 < req.body.s)) { +router.get('/works/scratch/setState',function(req,res){ + if (req.query.s == undefined || (req.query.s < 0 || 2 < req.query.s)) { s = 0;//未知时,都当作取消推荐处理 }else{ - s = req.body.s; + s = req.query.s; } - var UPDATE = `UPDATE scratch SET state=${s} WHERE id=${req.body.id} LIMIT 1`; + var UPDATE = `UPDATE scratch SET state=${s} WHERE id=${req.query.id} LIMIT 1`; DB.query(UPDATE, function(err,d){ if(err){ res.status(200).send({"status":"failed","msg":"再试一次"}) @@ -317,13 +317,13 @@ router.post('/works/scratch/setState',function(req,res){ }) }); //作品管理:复制作品为默认作品 -router.post('/works/scratch/setDefaultWork',function(req,res){ - if (!req.body.id || req.body.id == 1) { // 客服端传参数问题 +router.get('/works/scratch/setDefaultWork',function(req,res){ + if (!req.query.id || req.query.id == 1) { // 客服端传参数问题 res.status(200).send({status:"ok", msg:"操作成功"}); return; } - const SELECT = `SELECT title, src FROM scratch WHERE id=${req.body.id}`; + const SELECT = `SELECT title, src FROM scratch WHERE id=${req.query.id}`; DB.query(SELECT, function(err,d){ if(err || d.length==0){ res.status(200).send({status:"x", msg:"再试一次"}); @@ -392,9 +392,9 @@ router.get('/works/python/data', function(req, res) { }); }); //作品管理:Python 设置作品的标题 -router.post('/works/python/changeTitle',function(req,res){ - var UPDATE = `UPDATE python SET title=? WHERE id=${req.body.id} LIMIT 1`; - var SET = [`${req.body.t}`] +router.get('/works/python/changeTitle',function(req,res){ + var UPDATE = `UPDATE python SET title=? WHERE id=${req.query.id} LIMIT 1`; + var SET = [`${req.query.t}`] DB.qww(UPDATE, SET, function(err,d){ if(err){ res.status(200).send({status:"x", msg:"再试一次"}) @@ -405,14 +405,14 @@ router.post('/works/python/changeTitle',function(req,res){ }) }); //作品管理:Python设置作品的发布状态 -router.post('/works/python/setState',function(req,res){ - if (req.body.s == undefined || (req.body.s < 0 || 2 < req.body.s)) { +router.get('/works/python/setState',function(req,res){ + if (req.query.s == undefined || (req.query.s < 0 || 2 < req.query.s)) { s = 0;//未知时,都当作取消推荐处理 }else{ - s = req.body.s; + s = req.query.s; } - var UPDATE = `UPDATE python SET state=${s} WHERE id=${req.body.id} LIMIT 1`; + var UPDATE = `UPDATE python SET state=${s} WHERE id=${req.query.id} LIMIT 1`; DB.query(UPDATE, function(err,d){ if(err){ res.status(200).send({status:"x", msg:"再试一次"}) @@ -423,13 +423,13 @@ router.post('/works/python/setState',function(req,res){ }) }); //作品管理:Python复制作品为默认作品 -router.post('/works/python/setDefaultWork',function(req,res){ - if (!req.body.id || req.body.id == 1) { // 客服端传参数问题 +router.get('/works/python/setDefaultWork',function(req,res){ + if (!req.query.id || req.query.id == 1) { // 客服端传参数问题 res.status(200).send({status:"ok", msg:"操作成功"}); return; } - const SELECT = `SELECT title, src FROM python WHERE id=${req.body.id}`; + const SELECT = `SELECT title, src FROM python WHERE id=${req.query.id}`; DB.query(SELECT, function(err,d){ if(err || d.length==0){ res.status(200).send({status:"x", msg:"再试一次"}); @@ -481,19 +481,19 @@ router.get('/material/tag/data', function(req, res) { }); }); // 素材分类管理:添加 -router.post('/material/tag/add', function (req, res) { - var type = parseInt(req.body.t); +router.get('/material/tag/add', function (req, res) { + var type = parseInt(req.query.t); if (!type || (type < 1 || 4 < type)) {// 1背景、2角色、3造型、4声音 res.status(200).send({status:"x", msg: "素材类型参数错误"}); return; } - if (!req.body.v || req.body.v == ''){ + if (!req.query.v || req.query.v == ''){ res.status(200).send({status:"x", msg: "标签名错误"}); return; } - SQL = `INSERT INTO material_tags (type, tag) VALUES ('${type}', '${req.body.v}')`; + SQL = `INSERT INTO material_tags (type, tag) VALUES ('${type}', '${req.query.v}')`; DB.query(SQL, function (err, newTag) { if (err) { res.status(200).send({status:'x', msg: '保存数据错误,请再试一次' }); @@ -504,14 +504,14 @@ router.post('/material/tag/add', function (req, res) { }); }); // 素材分类管理:修改 -router.post('/material/tag/mod', function (req, res) { - if (!req.body.v || req.body.v == ''){ +router.get('/material/tag/mod', function (req, res) { + if (!req.query.v || req.query.v == ''){ res.status(200).send({status:"x", msg: "标签名错误"}); return; } SQL = `UPDATE material_tags SET tag=? WHERE id=?`; - var VAL = [`${req.body.v}`, req.body.id]; + var VAL = [`${req.query.v}`, req.query.id]; DB.qww(SQL, VAL, function (err, TAG) { if (err) { res.status(200).send({status:'x', msg: '保存数据错误,请再试一次' }); @@ -522,9 +522,9 @@ router.post('/material/tag/mod', function (req, res) { }); }); // 素材分类管理:删除 -router.post('/material/tag/del', function (req, res) { +router.get('/material/tag/del', function (req, res) { // 判断此标签下是否有素材:只能删除空标签 - var type = parseInt(req.body.t); + var type = parseInt(req.query.t); var tabelname = '';// 1背景、2角色、3造型、4声音 if (type == 1 ) { tabelname = "material_backdrop";} else if (type == 2 ) { tabelname = "material_sprite";} else @@ -536,7 +536,7 @@ router.post('/material/tag/del', function (req, res) { } - var VAL = [req.body.id]; + var VAL = [req.query.id]; var SQL = `SELECT id FROM ${tabelname} WHERE tagId=? LIMIT 1`; DB.qww(SQL, VAL, function (err, MATE) { if (err) { @@ -611,9 +611,9 @@ router.get('/material/backdrop/data', function(req, res) { }); }); // 背景管理:添加 -router.post('/material/backdrop/add', function(req, res) { +router.get('/material/backdrop/add', function(req, res) { var newFileName = random_32ID_With_Time_Tag(); - const SQL = `INSERT INTO material_backdrop (tagId, md5) VALUES ('${req.body.tagId}', '${newFileName}.png')`; + const SQL = `INSERT INTO material_backdrop (tagId, md5) VALUES ('${req.query.tagId}', '${newFileName}.png')`; DB.query(SQL, function (err, newTag) { if (err) { res.status(200).send({status:'x', msg: '保存数据错误,请再试一次' }); @@ -629,7 +629,7 @@ router.post('/material/backdrop/add', function(req, res) { }); }); // 背景管理:修改素材 -router.post('/material/backdrop/modImage', function (req, res) { +router.get('/material/backdrop/modImage', function (req, res) { if (!req['files']['file']) { res.status(200).send({status: 'x', msg: '文件上传失败,请再试一次'}); return; @@ -645,7 +645,7 @@ router.post('/material/backdrop/modImage', function (req, res) { } - let md5 = req.body.md5; + let md5 = req.query.md5; const oldExt = md5.substring(md5.length-3); if (oldExt == newExt){ // 后缀未变,直接替换 const newpath = `./data/material/asset/${md5}`; @@ -661,7 +661,7 @@ router.post('/material/backdrop/modImage', function (req, res) { const newpath = `./data/material/asset/${md5}`; fs.rename(tmppath, newpath, function (err) { if(err){}}); - SQL = `UPDATE material_backdrop SET md5=? WHERE id=${req.body.id}`; + SQL = `UPDATE material_backdrop SET md5=? WHERE id=${req.query.id}`; VAL = [md5]; DB.qww(SQL, VAL, function (err, R) { if (err) { @@ -674,14 +674,14 @@ router.post('/material/backdrop/modImage', function (req, res) { } }); // 背景管理:修改名称 -router.post('/material/backdrop/modName', function (req, res) { - if (!req.body.v || req.body.v == ''){ +router.get('/material/backdrop/modName', function (req, res) { + if (!req.query.v || req.query.v == ''){ res.status(200).send({status:"x", msg: "名称错误"}); return; } var SQL = `UPDATE material_backdrop SET name=? WHERE id=?`; - var VAL = [req.body.v, req.body.id]; + var VAL = [req.query.v, req.query.id]; DB.qww(SQL, VAL, function (err, Mate) { if (err) { res.status(200).send({status:'x', msg: '保存数据错误,请再试一次' }); @@ -692,14 +692,14 @@ router.post('/material/backdrop/modName', function (req, res) { }); }); // 背景管理:修改尺寸 -router.post('/material/backdrop/modMateSize', function (req, res) { - let infoValue = parseInt(req.body.v); - if (req.body.t == 'info0' || req.body.t == 'info1'){ +router.get('/material/backdrop/modMateSize', function (req, res) { + let infoValue = parseInt(req.query.v); + if (req.query.t == 'info0' || req.query.t == 'info1'){ if (!infoValue || infoValue<1 || 99990 ORDER BY view_count DESC LIMIT ${(curr-1)*limit}, ${limit}`; DB.query(SQL, function (err, data) { if (err) { @@ -25,10 +25,10 @@ router.post('/getUserScratchProjects', function (req, res) { }); //显示Scratch项目列表:数据,{curr:obj.curr, limit:obj.limit,state:state} -router.post('/getUserPythonProjects', function (req, res) { - var curr = parseInt(req.body.curr); //当前要显示的页码 - var limit = parseInt(req.body.limit); //每页显示的作品数 - var userid = parseInt(req.body.userid); // +router.get('/getUserPythonProjects', function (req, res) { + var curr = parseInt(req.query.curr); //当前要显示的页码 + var limit = parseInt(req.query.limit); //每页显示的作品数 + var userid = parseInt(req.query.userid); // var SQL = `SELECT id, title,state,view_count,description FROM python WHERE authorid=${userid} AND state>0 ORDER BY view_count DESC LIMIT ${(curr-1)*limit}, ${limit}`; DB.query(SQL, function (err, data) { if (err) { @@ -95,7 +95,7 @@ router.get('/usertx', function (req, res) { }); }); -router.post("/getuserinfo", function (req, res) { +router.get("/getuserinfo", function (req, res) { //获取已分享的作品总数:1:普通作品,2:推荐的优秀作品 SQL = `SELECT id,nickname, motto FROM user WHERE id = ${req.query.id};`; diff --git a/server/router_my.js b/server/router_my.js index 34f4d69..7ae308f 100644 --- a/server/router_my.js +++ b/server/router_my.js @@ -72,10 +72,10 @@ router.get('/python', function (req, res) { }); }); //显示Scratch项目列表:数据,{curr:obj.curr, limit:obj.limit,state:state} -router.post('/getScratchProjects', function (req, res) { - var curr = parseInt(req.body.curr); //当前要显示的页码 - var limit = parseInt(req.body.limit); //每页显示的作品数 - var state = parseInt(req.body.state); //每页显示的作品状态 +router.get('/getScratchProjects', function (req, res) { + var curr = parseInt(req.query.curr); //当前要显示的页码 + var limit = parseInt(req.query.limit); //每页显示的作品数 + var state = parseInt(req.query.state); //每页显示的作品状态 var SQL = `SELECT id, title,view_count,description FROM scratch WHERE authorid=${req.session.userid} AND state=${state} ORDER BY view_count DESC LIMIT ${(curr-1)*limit}, ${limit}`; DB.query(SQL, function (err, data) { @@ -88,10 +88,10 @@ router.post('/getScratchProjects', function (req, res) { }); //显示Scratch项目列表:数据,{curr:obj.curr, limit:obj.limit,state:state} -router.post('/getPythonProjects', function (req, res) { - var curr = parseInt(req.body.curr); //当前要显示的页码 - var limit = parseInt(req.body.limit); //每页显示的作品数 - var state = parseInt(req.body.state); //每页显示的作品状态 +router.get('/getPythonProjects', function (req, res) { + var curr = parseInt(req.query.curr); //当前要显示的页码 + var limit = parseInt(req.query.limit); //每页显示的作品数 + var state = parseInt(req.query.state); //每页显示的作品状态 var SQL = `SELECT id, title,view_count,description FROM python WHERE authorid=${req.session.userid} AND state=${state} ORDER BY view_count DESC LIMIT ${(curr-1)*limit}, ${limit}`; DB.query(SQL, function (err, data) { @@ -104,7 +104,7 @@ router.post('/getPythonProjects', function (req, res) { }); //分享Scratch项目 -router.post('/scratch/share', function (req, res) { +router.get('/scratch/share', function (req, res) { var SQL = `UPDATE scratch SET state=1 WHERE id=${ req.body['id']} AND authorid=${req.session.userid} LIMIT 1`; DB.query(SQL, function (err, d) { if (err) { @@ -117,7 +117,7 @@ router.post('/scratch/share', function (req, res) { }); //分享Scratch项目 -router.post('/python/share', function (req, res) { +router.get('/python/share', function (req, res) { var SQL = `UPDATE python SET state=1 WHERE id=${ req.body['id']} AND authorid=${req.session.userid} LIMIT 1`; DB.query(SQL, function (err, d) { if (err) { @@ -130,7 +130,7 @@ router.post('/python/share', function (req, res) { }); //简介 -router.post('/scratch/setdescription', function (req, res) { +router.get('/scratch/setdescription', function (req, res) { var SET= {description:req.body['description']}; var SQL = `UPDATE scratch SET ? WHERE id=${ req.body['id']} AND authorid=${req.session.userid} LIMIT 1`; DB.qww(SQL,SET, function (err, d) { @@ -144,7 +144,7 @@ router.post('/scratch/setdescription', function (req, res) { }); //简介 -router.post('/python/setdescription', function (req, res) { +router.get('/python/setdescription', function (req, res) { var SET= {description:req.body['description']}; var SQL = `UPDATE python SET ? WHERE id=${ req.body['id']} AND authorid=${req.session.userid} LIMIT 1`; DB.qww(SQL,SET, function (err, d) { @@ -159,7 +159,7 @@ router.post('/python/setdescription', function (req, res) { //取消分享Scratch项目 -router.post('/scratch/noshare', function (req, res) { +router.get('/scratch/noshare', function (req, res) { var SQL = `UPDATE scratch SET state=0 WHERE id=${ req.body['id']} AND authorid=${req.session.userid} LIMIT 1`; DB.query(SQL, function (err, d) { if (err) { @@ -172,7 +172,7 @@ router.post('/scratch/noshare', function (req, res) { }); //取消分享Scratch项目 -router.post('/python/noshare', function (req, res) { +router.get('/python/noshare', function (req, res) { var SQL = `UPDATE python SET state=0 WHERE id=${ req.body['id']} AND authorid=${req.session.userid} LIMIT 1`; DB.query(SQL, function (err, d) { if (err) { @@ -188,7 +188,7 @@ router.post('/python/noshare', function (req, res) { //删除Scratch项目 -router.post('/scratch/del', function (req, res) { +router.get('/scratch/del', function (req, res) { var DEL = `DELETE FROM scratch WHERE id=${ req.body['id']} AND authorid=${req.session.userid} LIMIT 1`; DB.query(DEL, function (err, d) { if (err) { @@ -210,7 +210,7 @@ router.post('/scratch/del', function (req, res) { }); //删除Scratch项目 -router.post('/python/del', function (req, res) { +router.get('/python/del', function (req, res) { var DEL = `DELETE FROM python WHERE id=${ req.body['id']} AND authorid=${req.session.userid} LIMIT 1`; DB.query(DEL, function (err, d) { if (err) { @@ -249,7 +249,7 @@ router.get('/info', function (req, res) { }); }); //修改头像 -router.post('/set/avatar', function (req, res) { +router.get('/set/avatar', function (req, res) { //保存文件到正确位置 if (!req['files']['file']) { res.status(200).send( {'status':'文件上传失败'} ); @@ -291,7 +291,7 @@ router.post('/set/avatar', function (req, res) { }); }); //修改个人信息 -router.post('/set/userinfo', function (req, res) { +router.get('/set/userinfo', function (req, res) { var UPDATE = `UPDATE user SET ? WHERE id=${req.session.userid} LIMIT 1`; var SET = { 'nickname':req.body['nickname'], @@ -326,7 +326,7 @@ router.post('/set/userinfo', function (req, res) { }); }); //修改密码:动作 -router.post('/set/pw', function (req, res) { +router.get('/set/pw', function (req, res) { var oldPW = I.md5(I.md5(req.body['oldpw'])+req.session.username); //console.log(oldPW) //console.log(req.body['oldpw']) diff --git a/server/router_python.js b/server/router_python.js index e331235..6b43b28 100644 --- a/server/router_python.js +++ b/server/router_python.js @@ -29,11 +29,11 @@ router.get("/", function (req, res) { }); //翻页:Python作品列表:数据 -router.post("/view/getPythonProjects", function (req, res) { - var curr = parseInt(req.body.curr); //当前要显示的页码 - var limit = parseInt(req.body.limit); //每页显示的作品数 +router.get("/view/getPythonProjects", function (req, res) { + var curr = parseInt(req.query.curr); //当前要显示的页码 + var limit = parseInt(req.query.limit); //每页显示的作品数 var type = "view_count"; - if (req.body.type == "new") { + if (req.query.type == "new") { type = "time"; } @@ -50,19 +50,19 @@ router.post("/view/getPythonProjects", function (req, res) { }); //搜索:Scratch项目列表:数据//只搜索标题 -router.post("/view/seachPythonProjects", function (req, res) { - if (!req.body.txt) { +router.get("/view/seachPythonProjects", function (req, res) { + if (!req.query.txt) { res.status(200).send([]); return; } var tabelName = "python"; var searchinfo = "title"; - if (req.body.searchall == "true") { + if (req.query.searchall == "true") { searchinfo = "src"; } //var SQL = `SELECT id, title FROM ${tabelName} WHERE state>0 AND (${searchinfo} LIKE ?) LIMIT 12`; var SQL = `SELECT ${tabelName}.id, ${tabelName}.title, ${tabelName}.state,${tabelName}.authorid,${tabelName}.description, user.nickname,user.motto FROM ${tabelName} JOIN user ON ${tabelName}.authorid = user.id WHERE ${tabelName}.state>0 AND (${searchinfo} LIKE ?)`; - var WHERE = [`%${req.body.txt}%`]; + var WHERE = [`%${req.query.txt}%`]; DB.qww(SQL, WHERE, function (err, data) { if (err) { res.status(200).send([]); @@ -79,7 +79,7 @@ router.get('/play', function (req, res) { }); //项目点赞 -router.post('/play/like', function (req, res) { +router.get('/play/like', function (req, res) { if (!res.locals.login){ res.status(200).send( {'status': 'failed','msg': '请先登录'}); return; @@ -135,7 +135,7 @@ router.post('/play/like', function (req, res) { }); }); //项目收藏 -router.post('/play/favo', function (req, res) { +router.get('/play/favo', function (req, res) { if (!res.locals.login){ res.status(200).send( {'status': 'failed','msg': '请先登录'}); return; @@ -202,10 +202,10 @@ router.get('/old', function (req, res) { res.render('ejs/python/python_edit_old.ejs'); }) // 从数据库获取作品 -router.post('/getWork', function (req, res) { +router.get('/getWork', function (req, res) { var projectid = 0; - if (req.body.id && req.body.id>1){ - projectid = req.body.id; + if (req.query.id && req.query.id>1){ + projectid = req.query.id; } if (projectid == 0 || projectid == 1){ // 默认作品 @@ -256,16 +256,16 @@ router.post('/getWork', function (req, res) { }); // python 保存 -router.post('/save', function (req, res) { +router.get('/save', function (req, res) { if (!req.session.userid){ res.status(200).send({status: "x", msg: "请先登录" }); return; } // 新作品 - if (req.body.id == '0'){ + if (req.query.id == '0'){ var INSERT =`INSERT INTO python (authorid, title,src) VALUES (${req.session.userid}, ?, ?)`; - var SET = [req.body.title,req.body.data] + var SET = [req.query.title,req.query.data] DB.qww(INSERT, SET, function (err, newPython) { if (err || newPython.affectedRows==0) { res.status(200).send({status: "x", msg: "保存失败" }); @@ -279,11 +279,11 @@ router.post('/save', function (req, res) { } // 旧作品 - var UPDATE =`UPDATE python SET ? WHERE id=${req.body.id} AND authorid=${req.session.userid} LIMIT 1`; + var UPDATE =`UPDATE python SET ? WHERE id=${req.query.id} AND authorid=${req.session.userid} LIMIT 1`; var SET = { - title:req.body.title, - src:req.body.data, - description:req.body.description + title:req.query.title, + src:req.query.data, + description:req.query.description } DB.qww(UPDATE, SET, function (err, u) { if (err) { @@ -295,14 +295,14 @@ router.post('/save', function (req, res) { }) }); -router.post('/publish', function (req, res) { +router.get('/publish', function (req, res) { if (!req.session.userid){ res.status(200).send({status: "x", msg: "请先登录" }); return; } - var state = req.body.s=="0"? 1:0; - var UPDATE = `UPDATE python SET state=${state} WHERE id=${req.body.id} AND authorid=${req.session.userid} LIMIT 1`; + var state = req.query.s=="0"? 1:0; + var UPDATE = `UPDATE python SET state=${state} WHERE id=${req.query.id} AND authorid=${req.session.userid} LIMIT 1`; DB.query(UPDATE, function (err, u) { if (err) { res.status(200).send({status: "x", msg: "操作失败!"}); @@ -316,7 +316,7 @@ router.post('/publish', function (req, res) { // python 优秀作品 -router.post('/YxLibrary_count', function (req, res) { +router.get('/YxLibrary_count', function (req, res) { var SQL = `SELECT count(id) AS c FROM python WHERE state=2`; DB.query(SQL, function (err, COUNT){ if (err) { @@ -328,9 +328,9 @@ router.post('/YxLibrary_count', function (req, res) { }); }) //显示Python项目列表:数据,流加载模式 -router.post('/YxLibrary_data', function (req, res) { +router.get('/YxLibrary_data', function (req, res) { //获取当前数据集合:以被浏览次数降序排列,每次取16个 - var page = parseInt(req.body.page); + var page = parseInt(req.query.page); SQL = `SELECT python.id, python.authorid, python.view_count, python.time, python.title, python.description, user.nickname AS author_nickname FROM python `+ ` LEFT JOIN user ON user.id=python.authorid `+ ` WHERE python.state=2 ORDER BY python.view_count DESC LIMIT ${(page-1)*16},${16}`; @@ -354,7 +354,7 @@ router.all('*', function (req, res, next) { next(); }); -router.post('/MyLibrary_count', function (req, res) { +router.get('/MyLibrary_count', function (req, res) { var SQL = `SELECT count(id) AS c FROM python WHERE authorid=${req.session.userid}`; DB.query(SQL, function (err, COUNT){ if (err) { @@ -365,9 +365,9 @@ router.post('/MyLibrary_count', function (req, res) { } }); }) -router.post('/MyLibrary_data', function (req, res) { +router.get('/MyLibrary_data', function (req, res) { //获取当前数据集合:以被浏览次数降序排列,每次取16个 - var page = parseInt(req.body.page); + var page = parseInt(req.query.page); SQL = `SELECT id, state, time, title FROM python WHERE authorid=${req.session.userid} ORDER BY time DESC LIMIT ${(page-1)*16},${16}`; DB.query(SQL, function (err, data) { if (err) { diff --git a/server/router_scratch.js b/server/router_scratch.js index efcc4ff..7404f05 100644 --- a/server/router_scratch.js +++ b/server/router_scratch.js @@ -29,11 +29,11 @@ router.get("/", function (req, res) { }); }); //翻页:Scratch作品列表:数据 -router.post("/view/getScratchProjects", function (req, res) { - var curr = parseInt(req.body.curr); //当前要显示的页码 - var limit = parseInt(req.body.limit); //每页显示的作品数 +router.get("/view/getScratchProjects", function (req, res) { + var curr = parseInt(req.query.curr); //当前要显示的页码 + var limit = parseInt(req.query.limit); //每页显示的作品数 var type = "view_count"; - if (req.body.type == "new") { + if (req.query.type == "new") { type = "time"; } @@ -50,19 +50,19 @@ router.post("/view/getScratchProjects", function (req, res) { }); //搜索:Scratch项目列表:数据//只搜索标题 -router.post("/view/seachScratchProjects", function (req, res) { - if (!req.body.txt) { +router.get("/view/seachScratchProjects", function (req, res) { + if (!req.query.txt) { res.status(200).send([]); return; } var tabelName = "scratch"; var searchinfo = "title"; - if (req.body.searchall == "true") { + if (req.query.searchall == "true") { searchinfo = "src"; } //var SQL = `SELECT id, title FROM ${tabelName} WHERE state>0 AND (${searchinfo} LIKE ?) LIMIT 12`; var SQL = `SELECT ${tabelName}.id, ${tabelName}.title, ${tabelName}.state,${tabelName}.authorid,${tabelName}.description, user.nickname,user.motto FROM ${tabelName} JOIN user ON ${tabelName}.authorid = user.id WHERE ${tabelName}.state>0 AND (${searchinfo} LIKE ?)`; - var WHERE = [`%${req.body.txt}%`]; + var WHERE = [`%${req.query.txt}%`]; DB.qww(SQL, WHERE, function (err, data) { if (err) { res.status(200).send([]); @@ -150,7 +150,7 @@ router.get("/play/project/:filename", function (req, res) { }); }); //移动端项目点赞:不需要登录即可直接点赞 -router.post("/play/like", function (req, res) { +router.get("/play/like", function (req, res) { var pid = req.body["pid"]; //scratch表like_count+1 @@ -165,7 +165,7 @@ router.post("/play/like", function (req, res) { }); }); //项目收藏 -router.post("/play/favo", function (req, res) { +router.get("/play/favo", function (req, res) { if (!res.locals.login) { res.status(200).send({ status: "failed", msg: "请先登录" }); return; @@ -230,7 +230,7 @@ router.post("/play/favo", function (req, res) { }); //项目开源、闭源 -router.post("/play/openSrc", function (req, res) { +router.get("/play/openSrc", function (req, res) { if (!res.locals.login) { res.status(200).send({ status: "failed", msg: "请先登录" }); return; @@ -270,7 +270,7 @@ router.get("/edit", function (req, res) { //支持两种方案加载默认作品 //1、从指定文件加载 //2、从数据库加载 -router.post("/project/:projectid", function (req, res) { +router.get("/project/:projectid", function (req, res) { ////console.log('服务器:获取作品JSON源代码'); var projectid = 0; if (req.params.projectid) { @@ -361,13 +361,13 @@ router.get("/assets/:filename", function (req, res) { }); //保存作品:标题 -router.post("/saveProjcetTitle", function (req, res) { +router.get("/saveProjcetTitle", function (req, res) { if (!res.locals.login) { res.status(404); return; } - var UPDATE = `UPDATE scratch SET title=? WHERE id=${req.body.id} AND authorid=${req.session.userid} LIMIT 1`; - var VAL = [`${req.body.title}`]; + var UPDATE = `UPDATE scratch SET title=? WHERE id=${req.query.id} AND authorid=${req.session.userid} LIMIT 1`; + var VAL = [`${req.query.title}`]; DB.qww(UPDATE, VAL, function (err, SCRATCH) { if (err) { res.status(404).send({ status: "err" }); //返回内容可有可无,,因为客户端没处理 @@ -410,7 +410,7 @@ router.put("/projects/:projectid", function (req, res) { }); }); //保存作品:缩略图 -router.post("/thumbnail/:projectid", function (req, res) { +router.get("/thumbnail/:projectid", function (req, res) { ////console.log('开始保存缩略图:'+req.params.projectid); // 请求的头部为 'Content-Type': 'image/png'时,用req.on接收文件 @@ -440,14 +440,14 @@ router.post("/thumbnail/:projectid", function (req, res) { }); }); //分享作品: -router.post("/shareProject/:projectid", function (req, res) { +router.get("/shareProject/:projectid", function (req, res) { if (!res.locals.login) { res.status(200).send({ status: "x" }); return; } var s = 0; - if (req.body.s == 1) { + if (req.query.s == 1) { s = 1; } @@ -464,7 +464,7 @@ router.post("/shareProject/:projectid", function (req, res) { }); //保存新作品:保存源代码及作品名称。req.body为项目JSON源代码,?title=作品名称 -router.post("/projects", function (req, res) { +router.get("/projects", function (req, res) { //console.log("服务器:新建作品JSON源代码"); if (!req.body) { @@ -490,7 +490,7 @@ router.post("/projects", function (req, res) { }); }); //新作品:保存作品素材 -router.post("/assets/:filename", function (req, res) { +router.get("/assets/:filename", function (req, res) { var strFileName = "./data/material/asset/" + req.params.filename; fs.exists(strFileName, function (bExists) { //if (bExists) { @@ -606,25 +606,25 @@ router.get("/test_getBlockLinkToServer", (req, res, next) => { }); // 获取我的作品列表 -// req.body.t:0:未分享/1:已分享 /100:全部 /200:收藏 -router.post("/getMyProjectLibrary", function (req, res) { +// req.query.t:0:未分享/1:已分享 /100:全部 /200:收藏 +router.get("/getMyProjectLibrary", function (req, res) { if (res.locals["userid"] == "") { res.status(200).send({ status: "err", data: [] }); } var WHERE = ""; - if (req.body.t == 0) { + if (req.query.t == 0) { WHERE = " AND state=0"; - } else if (req.body.t == 1) { + } else if (req.query.t == 1) { // 包括1发而的、2推荐的 WHERE = " AND state>0"; } - if (req.body.f && req.body.f != "") { - WHERE += ` AND title LIKE '%${req.body.f}%'`; + if (req.query.f && req.query.f != "") { + WHERE += ` AND title LIKE '%${req.query.f}%'`; } - var SELECT = `SELECT id, title, time, state FROM scratch WHERE authorid=${req.session["userid"]} ${WHERE} ORDER BY time DESC LIMIT ${req.body.l},${req.body.n}`; //正式版本中,需要限定作者本身的作品 + var SELECT = `SELECT id, title, time, state FROM scratch WHERE authorid=${req.session["userid"]} ${WHERE} ORDER BY time DESC LIMIT ${req.query.l},${req.query.n}`; //正式版本中,需要限定作者本身的作品 DB.query(SELECT, function (err, SCRATCH) { if (err) { res.status(200).send({ status: "err", data: [] }); @@ -635,11 +635,11 @@ router.post("/getMyProjectLibrary", function (req, res) { }); // 获取优秀作品列表 -router.post("/getYxProjectLibrary", function (req, res) { +router.get("/getYxProjectLibrary", function (req, res) { var SELECT = ` SELECT s.id, s.title, s.view_count, s.authorid, u.nickname FROM scratch s ` + " LEFT JOIN user u ON u.id=s.authorid " + - ` WHERE s.state=2 ORDER BY s.view_count DESC LIMIT ${req.body.l},${req.body.n}`; + ` WHERE s.state=2 ORDER BY s.view_count DESC LIMIT ${req.query.l},${req.query.n}`; DB.query(SELECT, function (err, SCRATCH) { if (err) { res.status(200).send({ status: "err", data: [] }); @@ -651,24 +651,24 @@ router.post("/getYxProjectLibrary", function (req, res) { // 获取背景 // 组件获取条件 tag:是否获取分类; f: 搜索字符串; t: 分类; l: 已经获取的背景数; n: 每次获取的背景数,默认为20个 -router.post("/getBackdropLibrary", function (req, res) { +router.get("/getBackdropLibrary", function (req, res) { var WHERE = ""; - if (req.body.t != 0) { - WHERE = " AND tagId=" + req.body.t; + if (req.query.t != 0) { + WHERE = " AND tagId=" + req.query.t; } - if (req.body.f && req.body.f != "") { - WHERE += ` AND name LIKE '%${req.body.f}%'`; + if (req.query.f && req.query.f != "") { + WHERE += ` AND name LIKE '%${req.query.f}%'`; } - var SELECT = `SELECT id, name, md5, info0, info1, info2 FROM material_backdrop WHERE state=1 ${WHERE} ORDER BY name DESC LIMIT ${req.body.l},${req.body.n}`; + var SELECT = `SELECT id, name, md5, info0, info1, info2 FROM material_backdrop WHERE state=1 ${WHERE} ORDER BY name DESC LIMIT ${req.query.l},${req.query.n}`; DB.query(SELECT, function (err, Backdrop) { if (err) { res.status(200).send({ status: "err", data: [], tags: [] }); return; } - if (req.body.tag == 0) { + if (req.query.tag == 0) { res.status(200).send({ status: "ok", data: Backdrop, tags: [] }); return; } @@ -687,7 +687,7 @@ router.post("/getBackdropLibrary", function (req, res) { }); // 随机获取一个背景 -router.post("/getRandomBackdrop", function (req, res) { +router.get("/getRandomBackdrop", function (req, res) { const SELECT = `SELECT name, md5, info0, info1, info2 FROM material_backdrop` + ` JOIN (SELECT MAX(id) AS maxId, MIN(id) AS minId FROM material_backdrop WHERE state=1) AS m ` + @@ -704,26 +704,26 @@ router.post("/getRandomBackdrop", function (req, res) { // 获取造型 // 组件获取条件 tag:是否获取分类; f: 搜索字符串; t: 分类; l: 已经获取的背景数; n: 每次获取的背景数,默认为32个 -router.post("/getCostumeLibrary", function (req, res) { +router.get("/getCostumeLibrary", function (req, res) { // //console.log(req.body); var WHERE = ""; - if (req.body.t != 0) { - WHERE = " AND tagId=" + req.body.t; + if (req.query.t != 0) { + WHERE = " AND tagId=" + req.query.t; } - if (req.body.f && req.body.f != "") { - WHERE += ` AND name LIKE '%${req.body.f}%'`; + if (req.query.f && req.query.f != "") { + WHERE += ` AND name LIKE '%${req.query.f}%'`; } - var SELECT = `SELECT id, name, md5, info0, info1, info2 FROM material_costume WHERE state=1 ${WHERE} ORDER BY name DESC LIMIT ${req.body.l},${req.body.n}`; + var SELECT = `SELECT id, name, md5, info0, info1, info2 FROM material_costume WHERE state=1 ${WHERE} ORDER BY name DESC LIMIT ${req.query.l},${req.query.n}`; DB.query(SELECT, function (err, Backdrop) { if (err) { res.status(200).send({ status: "err", data: [], tags: [] }); return; } - if (req.body.tag == 0) { + if (req.query.tag == 0) { res.status(200).send({ status: "ok", data: Backdrop, tags: [] }); return; } @@ -742,7 +742,7 @@ router.post("/getCostumeLibrary", function (req, res) { }); // 随机获取一个造型 -router.post("/getRandomCostume", function (req, res) { +router.get("/getRandomCostume", function (req, res) { const SELECT = `SELECT name, md5, info0, info1, info2 FROM material_costume` + ` JOIN (SELECT MAX(id) AS maxId, MIN(id) AS minId FROM material_costume WHERE state=1) AS m ` + @@ -759,24 +759,24 @@ router.post("/getRandomCostume", function (req, res) { // 获取声音 // 组件获取条件 tag:是否获取分类; f: 搜索字符串; t: 分类; l: 已经获取的背景数; n: 每次获取的背景数,默认为32个 -router.post("/getSoundLibrary", function (req, res) { +router.get("/getSoundLibrary", function (req, res) { var WHERE = ""; - if (req.body.t != 0) { - WHERE = " AND tagId=" + req.body.t; + if (req.query.t != 0) { + WHERE = " AND tagId=" + req.query.t; } - if (req.body.f && req.body.f != "") { - WHERE += ` AND name LIKE '%${req.body.f}%'`; + if (req.query.f && req.query.f != "") { + WHERE += ` AND name LIKE '%${req.query.f}%'`; } - var SELECT = `SELECT id, name, md5, format, rate, sampleCount FROM material_sound WHERE state=1 ${WHERE} ORDER BY name DESC LIMIT ${req.body.l},${req.body.n}`; + var SELECT = `SELECT id, name, md5, format, rate, sampleCount FROM material_sound WHERE state=1 ${WHERE} ORDER BY name DESC LIMIT ${req.query.l},${req.query.n}`; DB.query(SELECT, function (err, Backdrop) { if (err) { res.status(200).send({ status: "err", data: [], tags: [] }); return; } - if (req.body.tag == 0) { + if (req.query.tag == 0) { res.status(200).send({ status: "ok", data: Backdrop, tags: [] }); return; } @@ -794,7 +794,7 @@ router.post("/getSoundLibrary", function (req, res) { }); }); // 随机获取一个声音 -router.post("/getRandomSound", function (req, res) { +router.get("/getRandomSound", function (req, res) { const SELECT = `SELECT name, md5, format, rate, sampleCount FROM material_sound` + ` JOIN (SELECT MAX(id) AS maxId, MIN(id) AS minId FROM material_sound WHERE state=1) AS m ` + @@ -811,24 +811,24 @@ router.post("/getRandomSound", function (req, res) { // 获取角色 // 组件获取条件 tag:是否获取分类; f: 搜索字符串; t: 分类; l: 已经获取的素材数; n: 每次获取的素材数,默认为32个 -router.post("/getSpriteLibrary", function (req, res) { +router.get("/getSpriteLibrary", function (req, res) { var WHERE = ""; - if (req.body.t != 0) { - WHERE = " AND tagId=" + req.body.t; + if (req.query.t != 0) { + WHERE = " AND tagId=" + req.query.t; } - if (req.body.f && req.body.f != "") { - WHERE += ` AND name LIKE '%${req.body.f}%'`; + if (req.query.f && req.query.f != "") { + WHERE += ` AND name LIKE '%${req.query.f}%'`; } - var SELECT = `SELECT id, name, json FROM material_sprite WHERE state=1 ${WHERE} ORDER BY name DESC LIMIT ${req.body.l},${req.body.n}`; + var SELECT = `SELECT id, name, json FROM material_sprite WHERE state=1 ${WHERE} ORDER BY name DESC LIMIT ${req.query.l},${req.query.n}`; DB.query(SELECT, function (err, Backdrop) { if (err) { res.status(200).send({ status: "err", data: [], tags: [] }); return; } - if (req.body.tag == 0) { + if (req.query.tag == 0) { res.status(200).send({ status: "ok", data: Backdrop, tags: [] }); return; } @@ -846,7 +846,7 @@ router.post("/getSpriteLibrary", function (req, res) { }); }); // 随机获取一个角色 -router.post("/getRandomSprite", function (req, res) { +router.get("/getRandomSprite", function (req, res) { const SELECT = `SELECT name, json FROM material_sprite` + ` JOIN (SELECT MAX(id) AS maxId, MIN(id) AS minId FROM material_sprite WHERE state=1) AS m ` + @@ -862,7 +862,7 @@ router.post("/getRandomSprite", function (req, res) { }); //Scratch启动时,自动获取一次登录信息 -router.post("/getSession", (req, res) => { +router.get("/getSession", (req, res) => { if (!res.locals.login) { var new_session = { userid: 0, @@ -882,7 +882,7 @@ router.post("/getSession", (req, res) => { res.status(200).send(JSON.stringify(new_session)); }); //从Scratch中退出 -router.post("/logout", function (req, res) { +router.get("/logout", function (req, res) { logout(req, res); var login_info = [{ username: "OurWorldExampleUser", success: 1 }]; res.status(200).send(login_info); diff --git a/server/router_user.js b/server/router_user.js index c25b287..18708b9 100644 --- a/server/router_user.js +++ b/server/router_user.js @@ -62,10 +62,10 @@ router.get("/repw", function (req, res) { }); //登录 -router.post("/login", function (req, res) { +router.get("/login", function (req, res) { request.post( { - url:`${process.env.reverify}?secret=${process.env.resecret}&response=${req.body.re}`, + url:`${process.env.reverify}?secret=${process.env.resecret}&response=${req.query.re}`, }, function (err, httpResponse, body) { if (err) { @@ -80,10 +80,10 @@ router.post("/login", function (req, res) { } if ( - !req.body.pw || - !I.userpwTest(req.body.pw) || - !req.body.un || - !I.usernameTest(req.body.un) + !req.query.pw || + !I.userpwTest(req.query.pw) || + !req.query.un || + !I.usernameTest(req.query.un) ) { res.status(200).send({ status: "账号或密码错误" }); return; @@ -98,7 +98,7 @@ router.post("/login", function (req, res) { } var User = USER[0]; - pw = I.md5(I.md5(req.body.pw) + req.body.un); + pw = I.md5(I.md5(req.query.pw) + req.query.un); if (User["pwd"] != pw) { res.status(200).send({ status: "账号或密码错误" }); } else if (User["state"] == 2) { @@ -169,10 +169,10 @@ router.get("/logout", function (req, res) { }); //注册 -router.post("/register", function (req, res) { +router.get("/register", function (req, res) { request.post( { - url:`${process.env.reverify}?secret=${process.env.resecret}&response=${req.body.re}`, + url:`${process.env.reverify}?secret=${process.env.resecret}&response=${req.query.re}`, }, function (err, httpResponse, body) { if (err) { @@ -195,10 +195,10 @@ router.post("/register", function (req, res) { return; } - //if (!req.body.pw|| !I.userpwTest(req.body.pw) || !req.body.un|| !I.usernameTest(req.body.un)){ res.status(200).send( { 'status':'账号或密码格式错误' });return;} - //if (I.phoneTest(req.body.un)){res.status(200).send( { 'status':'手机号不能直接用于注册账号' });return;} + //if (!req.query.pw|| !I.userpwTest(req.query.pw) || !req.query.un|| !I.usernameTest(req.query.un)){ res.status(200).send( { 'status':'账号或密码格式错误' });return;} + //if (I.phoneTest(req.query.un)){res.status(200).send( { 'status':'手机号不能直接用于注册账号' });return;} - var username = req.body.un; + var username = req.query.un; SQL = `SELECT id FROM user WHERE username='${username}' LIMIT 1`; DB.query(SQL, function (err, User) { if (err) { @@ -211,7 +211,7 @@ router.post("/register", function (req, res) { } //对密码进行加密 - //var pw = req.body.pw; + //var pw = req.query.pw; var randonpw = I.randomString(10); var randonpw = randonpw + "@O"; //console.log(randonpw); @@ -221,7 +221,7 @@ router.post("/register", function (req, res) { //console.log(pw); //新用户注册 //loginInfo = [{'t': new Date(),'ip':req.ip,'agent':req.headers["user-agent"]}]; //var nickname = username.substring(username.length-5); - var nickname = req.body.pw; + var nickname = req.query.pw; //console.log(nickname); var INSERT = `INSERT INTO user (username,pwd,nickname) VALUES ('${username}','${pw}','${nickname}')`; DB.query(INSERT, function (err, newUser) { @@ -349,10 +349,10 @@ router.post("/register", function (req, res) { ); }); //找回密码 -router.post("/repw", function (req, res) { +router.get("/repw", function (req, res) { request.post( { - url:`${process.env.reverify}?secret=${process.env.resecret}&response=${req.body.re}`, + url:`${process.env.reverify}?secret=${process.env.resecret}&response=${req.query.re}`, }, function (err, httpResponse, body) { if (err) { @@ -365,7 +365,7 @@ router.post("/repw", function (req, res) { res.status(200).send({ status: "验证码错误" }); return; } - var username = req.body.un; + var username = req.query.un; SQL = `SELECT * FROM user WHERE username='${username}' LIMIT 1`; DB.query(SQL, function (err, User) { if (err) { @@ -467,10 +467,10 @@ router.post("/repw", function (req, res) { }); //找回密码 -router.post("/torepw", function (req, res) { +router.get("/torepw", function (req, res) { request.post( { - url:`${process.env.reverify}?secret=${process.env.resecret}&response=${req.body.re}`, + url:`${process.env.reverify}?secret=${process.env.resecret}&response=${req.query.re}`, }, function (err, httpResponse, body) { if (err) { @@ -483,9 +483,9 @@ router.post("/torepw", function (req, res) { res.status(200).send({ status: "验证码错误" }); return; } - //console.log(req.body.token); + //console.log(req.query.token); var user1 = jwt.verify( - req.body.token, + req.query.token, process.env.jwttoken, function (err, decoded) { if (err) { @@ -497,8 +497,8 @@ router.post("/torepw", function (req, res) { } ); //console.log(userid); - //console.log(req.body.pw); - var newPW = I.md5(I.md5(req.body.pw) + username); + //console.log(req.query.pw); + var newPW = I.md5(I.md5(req.query.pw) + username); //console.log(newPW); SET = { pwd: newPW };