Fixed report procedure. Added check input parameters

This commit is contained in:
svk28 2017-08-29 14:06:02 +03:00
parent f8dd39a7bb
commit 77b11e9d50

View File

@ -1,4 +1,5 @@
import os, sys, pymysql, urlparse3
# coding=utf-8
import os, sys, pymysql, re, time
def application(environ, start_response):
#sys.stdout._encoding = 'utf-8'
@ -45,7 +46,9 @@ def menu():
'<li><a class="hsubs" href="#">Справочник</a><ul class="subs">\n' \
'<li><a href="?query_type=external">Городские телефоны</a></li>\n' \
'<li><a href="?query_type=internal">Внутренние</a></li></ul></li>\n' \
'<li><a class="hsubs" href="">Отчёты</a><ul class="subs"><li><a href="?query_type=report">Звонки по отделам</a></li>\n' \
'<li><a class="hsubs" href="">Отчёты</a><ul class="subs">' \
'<li><a href="?query_type=report&report_type=int">Список звонков по номеру</a></li>\n' \
'<li><a href="?query_type=report&report_type=dep">Звонки по отделам</a></li>\n' \
'</ul></div>\n'
return txtMenu
@ -98,15 +101,31 @@ def ReportForm():
def ReportData(environ):
paramDict = {item.split('=')[0]: item.split('=')[1] for item in environ['QUERY_STRING'].split('&')}
numbers = paramDict.get('int_number')
date_begin = paramDict.get('date_begin')
date_end = paramDict.get('date_end')
# проверка корректности параметров
# внутренний номер (3 цифры 100-999)
templateNumber = '(^[1-9][0-9][0-9]$)'
if re.match(templateNumber, str(paramDict.get('int_number'))) is not None:
numbers = paramDict.get('int_number')
else:
return ErrorMessage('Введите внутренний номер')
# проверка и преобразование дат в удобоваримый для субд формат
templateDate = '^(0[1-9]|[12][0-9]|3[01])[.](0[1-9]|1[012])[.](19|20)[0-9][0-9]$'
if re.match(templateDate, str(paramDict.get('date_begin'))) is not None:
date_begin = time.strftime("%Y-%m-%d", time.strptime(str(paramDict.get('date_begin')), "%d.%m.%Y"))
else:
return ErrorMessage('Неверный формат даты начала периода')
if re.match(templateDate, paramDict.get('date_end')) is not None:
date_end = time.strftime("%Y-%m-%d", time.strptime(str(paramDict.get('date_end')), "%d.%m.%Y"))
else:
return ErrorMessage('Неверный формат даты окончания периода')
conn = connectDB()
c = conn.cursor()
order = 'call_date'
result = '<td><h4 align=left>Список звонков с номера {}</h4>'.format(numbers)
qwr = "SELECT * FROM ats.cdr where int_number=\'{}\' AND call_date BETWEEN CAST(\'{}\' AS DATE) AND CAST(\'{}\' AS DATE) LIMIT 1000".format(numbers, date_begin, date_end)
qwr = "SELECT * FROM cdr where int_number=\'{}\' AND call_date BETWEEN CAST(\'{}\' AS DATE) AND CAST(\'{}\' AS DATE) LIMIT 1000".format(numbers, date_begin, date_end)
c.execute(qwr)
listHeader = '<table class="table_dark"><tr>' \
@ -116,12 +135,14 @@ def ReportData(environ):
result = result + listHeader
for row in c.fetchall():
rowData = '<td>%s</td><td>%s</td><td>%s</td><td>%s</td><td>%s</td><td>%s</td><td>%s</td><td>%s</td><td>%s</td><td>%s</td><td>%s</td></tr>'\
% (row[0], row[1], row[2], row[3], row[4], row[5], row[5], row[7], row[9], row[9], row[10])
rowData = '<td>{}</td><td>{}</td><td>{}</td><td>{}</td><td>{}</td><td>{}</td><td>{}</td><td>{}</td><td>{}</td><td>{}</td><td>{}</td></tr>'\
.format(row[0], row[1], row[2], row[3], row[4], row[5], row[5], row[7], row[9], row[9], row[10])
result = result + rowData
return (result + "</table></td></tr></table>\n" + qwr)
def ErrorMessage(txt):
return ('<td width=100% align=center valign=center><font color=red>{}</font></td></tr></table>'.format(txt))
def connectDB():
c = pymysql.connect(