# -*- coding: utf-8 -*- import os import sys import re import sqlite3 import random from cgi import parse_qs, escape sys.path.insert(0, os.path.dirname(__file__)) def application(environ, start_response): _inscritos = sqlite3.connect('inscritos.db') inscritos = _inscritos.cursor() inscritos.execute("CREATE TABLE IF NOT EXISTS ticket (dt text, email text unique, name text, phone text, nasc text, city text, uf text)") _sorteados = sqlite3.connect('sorteados.db') sorteados = _sorteados.cursor() sorteados.execute("CREATE TABLE IF NOT EXISTS ticket (dt text, email text unique, name text, phone text, nasc text, city text, uf text)") g = parse_qs(environ['QUERY_STRING']) op = g.get('op', [''])[0] length = int(environ.get('CONTENT_LENGTH', '0')) p = parse_qs(environ['wsgi.input'].read(length)) response = "OK" if op == 'a': email = p.get('email', [''])[0] # email = re.sub("@", "", email) phone = p.get('phone', [''])[0] phone = re.sub("[^\d]+", "", phone) if len(email) > 0: phone = str(int(phone))[0:11].rjust(11, '0').strip() nasc = escape(p.get('nasc', [''])[0]).strip() name = escape(p.get('name', [''])[0]).strip() city = escape(p.get('city', [''])[0]).strip() uf = escape(p.get('uf', [''])[0]).strip() try: inscritos.execute("INSERT INTO ticket VALUES (CURRENT_TIMESTAMP, '" + email + "','" + name + "','" + phone + "','" + nasc +"','" + city +"','" + uf + "')") response = u"Inscrição realizada com sucesso!" _inscritos.commit() except: return # response = u"Já está inscrito!" elif op == 'd': email = g.get('email', [''])[0] if len(email) > 0: inscritos.execute("DELETE FROM ticket WHERE email = '" + email + "'") _inscritos.commit() elif op == 's': phone = g.get('phone', [''])[0].strip() name = escape(g.get('name', [''])[0]).strip() city = escape(g.get('city', [''])[0]).strip() uf = escape(g.get('uf', [''])[0]).strip() sorteados.execute("INSERT INTO ticket VALUES (CURRENT_TIMESTAMP, '" + phone + "','" + name + "','" + city +"','" + uf + "')") _sorteados.commit() elif op == '!': # https://wsgi.readthedocs.io/en/latest/specifications/simple_authentication.html # sorteados.execute('SELECT * FROM ticket ORDER BY dt DESC LIMIT 10') # rows = sorteados.fetchall() # # sorteado = """ # #