From 937e87f3eb2758059469fb98b9ac431398553c1b Mon Sep 17 00:00:00 2001 From: Kakune55 Date: Wed, 20 Dec 2023 10:21:26 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AE=8C=E6=88=90=E5=90=8E=E5=8F=B0=E8=BA=AB?= =?UTF-8?q?=E4=BB=BD=E9=AA=8C=E8=AF=81=E5=8A=9F=E8=83=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Web/login.html | 59 +++++++++++++++++++++++++++ database/db.go | 105 ++++++++++++++++++++++++++++++++++++++++++++++++- main.go | 83 +++++++++++++++++++++++++++++++++++--- 3 files changed, 240 insertions(+), 7 deletions(-) create mode 100644 Web/login.html diff --git a/Web/login.html b/Web/login.html new file mode 100644 index 0000000..c7dd011 --- /dev/null +++ b/Web/login.html @@ -0,0 +1,59 @@ + + + + + 登录页面 + + + +
+
+ + + +
+
+ + + diff --git a/database/db.go b/database/db.go index e26838f..0646454 100644 --- a/database/db.go +++ b/database/db.go @@ -21,6 +21,10 @@ func Initdb() { md5 TEXT NOT NULL, ext TEXT NOT NULL ); + CREATE TABLE IF NOT EXISTS user ( + uname TEXT PRIMARY KEY, + password TEXT NOT NULL + ); ` _, err = db.Exec(createTableSQL) @@ -113,4 +117,103 @@ func QueryId() ([]string, error) { } return result, nil -} \ No newline at end of file +} + +func DelFile(linkID string) { + db, err := sql.Open("sqlite3", "./data/database.db") + if err != nil { + log.Fatal(err) + } + defer db.Close() + + // SQL语句 + SQL := ` + DELETE FROM "mytable" WHERE link = ? + ` + + stmt, err := db.Prepare(SQL) + if err != nil { + log.Fatal(err) + } + + _, err = stmt.Exec(linkID) //插入记录 + if err != nil { + log.Fatal(err) + } +} + +func NewUser(uname string, password string) { + db, err := sql.Open("sqlite3", "./data/database.db") + if err != nil { + log.Fatal(err) + } + defer db.Close() + + // SQL语句 + SQL := ` + INSERT INTO "user" ("uname" ,"password") VALUES (? , ?) + ` + + stmt, err := db.Prepare(SQL) + if err != nil { + log.Fatal(err) + } + + _, err = stmt.Exec(uname, password) //插入记录 + if err != nil { + log.Fatal(err) + } +} + +func QueryUser() ([]string, error) { + var result []string + + db, err := sql.Open("sqlite3", "./data/database.db") + if err != nil { + log.Fatal(err) + } + defer db.Close() + + rows, err := db.Query("SELECT uname FROM user") + if err != nil { + return nil, err + } + defer rows.Close() + + for rows.Next() { + var name string + if err := rows.Scan(&name); err != nil { + return nil, err + } + result = append(result, name) + } + + if err := rows.Err(); err != nil { + return nil, err + } + + return result, nil +} + +func CheckUserPasswd(username string, password string) bool { + // 连接到SQLite数据库 + db, err := sql.Open("sqlite3", "./data/database.db") + if err != nil { + log.Fatal(err) + } + defer db.Close() + // 查询用户名和密码 + const sqlStr = "SELECT * FROM 'user' WHERE uname=? AND password=?" + // 执行查询 + rows, err := db.Query(sqlStr, username, password) + if err != nil { + log.Fatal(err) + } + defer rows.Close() + // 判断查询结果 + if rows.Next() { + return true + } else { + return false + } +} diff --git a/main.go b/main.go index ce60cd7..26b2bc0 100644 --- a/main.go +++ b/main.go @@ -64,11 +64,13 @@ func init() { func main() { http.HandleFunc("/info", showimg) - http.HandleFunc("/info/list", showlist) - http.HandleFunc("/upload", upload) - http.HandleFunc("/img/",downloadHandler)//设置访问的路由 - http.HandleFunc("/img/mini",displayThumbnailHandler) - http.HandleFunc("/idlist",arrayHandler) + http.HandleFunc("/info/list", showlist)// + http.HandleFunc("/upload", upload)//上传图片 + http.HandleFunc("/img/",downloadHandler)//图片接口 + http.HandleFunc("/img/mini",displayThumbnailHandler)//缩略图接口 + http.HandleFunc("/idlist",arrayHandler)//获取现有图片id + http.HandleFunc("/img/del",deleteImagesHandler)//删除相应图片 + http.HandleFunc("/login",login)//登录页 fmt.Println("Web服务器已启动") err := http.ListenAndServe(":9090", nil) //设置监听的端口 if err != nil { @@ -82,6 +84,13 @@ func showimg(w http.ResponseWriter, r *http.Request) { } func showlist(w http.ResponseWriter, r *http.Request) { + cookie, _ := r.Cookie("login") + if cookie == nil{ //未授权禁止访问 + w.WriteHeader(401) + w.Write([]byte(`验证失败 点此登录`)) + return + } + t, _ := template.ParseFiles("Web/list.html") t.Execute(w, "Hello") } @@ -239,7 +248,13 @@ func displayThumbnailHandler(w http.ResponseWriter, r *http.Request) { } } -func arrayHandler(w http.ResponseWriter, r *http.Request) { +func arrayHandler(w http.ResponseWriter, r *http.Request) { //获取全部图片ID + cookie, _ := r.Cookie("login") + if cookie == nil{ //未授权禁止访问 + w.WriteHeader(401) + w.Write([]byte(`验证失败 点此登录`)) + return + } // 获取数组数据 data, err := database.QueryId() if err != nil { @@ -259,3 +274,59 @@ func arrayHandler(w http.ResponseWriter, r *http.Request) { // 将 JSON 数据写入响应体 w.Write(responseData) } + +func deleteImagesHandler(w http.ResponseWriter, r *http.Request) { + cookie, _ := r.Cookie("login") + if cookie == nil{ //未授权禁止访问 + w.WriteHeader(401) + w.Write([]byte(`验证失败 点此登录`)) + return + } + // 从请求参数中获取目录名 + id := r.FormValue("id") + + if id == "" { + http.Error(w, "未提供id", http.StatusBadRequest) + return + } + + // 拼接目录路径,确保路径安全性 + dirPath := filepath.Join("./data/img/", database.GetFileName(id)) + + // 删除目录及其所有内容 + if err := os.Remove(dirPath); err != nil { + http.Error(w, fmt.Sprintf("无法删除 %s: %s", database.GetFileName(id), err), http.StatusInternalServerError) + return + } + + database.DelFile(id) //删除数据库相关记录 + + // 返回成功的响应 + w.WriteHeader(http.StatusOK) + w.Write([]byte("成功删除")) +} + +func login(w http.ResponseWriter, r *http.Request) { + r.ParseForm() + if r.Method == "GET" { + t, _ := template.ParseFiles("Web/login.html") + w.Header().Set("Content-Type", "text/html") + t.Execute(w,"") + } else { + userlist,_:= database.QueryUser() + fmt.Println(userlist) + if len(userlist) == 0 { + database.NewUser("admin", r.FormValue("passwd")) + } else { + if !database.CheckUserPasswd("admin", r.FormValue("passwd")) { + http.Redirect(w, r, "/login",http.StatusFound) + fmt.Println("密码错误") + return + } + } + cookie := http.Cookie{Name: "login", Value: "yes"} + http.SetCookie(w, &cookie) + fmt.Println("密码正确") + http.Redirect(w, r, "/info/list",http.StatusFound) + } +} \ No newline at end of file