GithubHelp home page GithubHelp logo

zju-cst / drls Goto Github PK

View Code? Open in Web Editor NEW
5.0 5.0 2.0 728 KB

Zhejiang University software college dormitory random lottery system

Home Page: http://www.cst.zju.edu.cn/

License: Mozilla Public License 2.0

CSS 15.56% JavaScript 8.52% Python 63.52% HTML 12.20% Shell 0.19%

drls's Introduction

DRLS

Zhejiang University software college dormitory random lottery system

需求介绍

1.可配置学生的抽签的权重,通过Excel上传学生名单以及权重。

2.要求随机抽签的结果可复现。

项目介绍

此项目为浙江大学软件学院的宿舍随机抽签系统,采用随机区间算法,权重即为改学生的随机区间大小,同时为实现随机结果可复现的需求,采用初始化随机种子的方法,需要强调的是初始化随机种子以及学生名单顺序均由辅导员当天确定,且经过学生同意,不存在提前确定的学生区间以及随机种子的情况,保证抽检的公平

如有问题欢迎提issue,若有同学更好的算法实现,欢迎提pr以及star

开始使用

项目目录 drls/data,将作为数据存储目录存在,在其中将会生成如下文件:

  1. lock.txt 密码文件,该文件用于控制单次上传excel,并简单验证权限
  2. num.txt 记录需要抽签的目标人数
  3. random_seed.txt 记录当前抽签的随机种子
  4. studata.xls 存储用户信息,仅仅支持xls格式文件,该文件应该只有两个字段,字段1为学号,字段2为抽签权重

请注意,代码执行逻辑为:

如果``lock.txt``存在,则只能够上传一次xls文件,并且需要输入密码,今后访问本程序则只能够验证结果。
  • 如果``lock.txt``存在,``studata.xls``不存在,则允许第一次上传,并要求输入密码
  • 如果``lock.txt``存在,``studata.xls``也存在,不再允许上传,只能够验证上一次随机抽取结果

如果``lock.txt``不存在,则可以多次上传xls数据,并覆盖上一次数据

其他文件如``num.txt``、random_seed.txt``studata.xls``则会自动创建

开始开发

运行如下的命令将帮助你快速开始

git clone https://github.com/zju-cst/DRLS
cd drls
pip install -r requirements/dev.txt
npm install
npm start  # run the webpack dev server and flask server using concurrently

你就可以看到程序在 http://localhost:5000 运行.

如果你不用npm 进行开发的话,那么请在开发之前,在cli中运行如下命令,以设置开发环境变量:

export FLASK_APP=autoapp.py
export FLASK_DEBUG=1

部署

部署应用:

export FLASK_DEBUG=0
npm run build   # build assets with webpack
flask run       # start the flask server

在你的生产环境中,请确保 FLASK_DEBUG 环境变量已经被设置为``0``,只有这样生产配置``ProdConfig`` 才会被使用.

Shell

To open the interactive shell, run

flask shell

By default, you will have access to the flask app.

Running Tests

To run all tests, run

flask test

Asset Management

Files placed inside the assets directory and its subdirectories (excluding js and css) will be copied by webpack's file-loader into the static/build directory, with hashes of their contents appended to their names. For instance, if you have the file assets/img/favicon.ico, this will get copied into something like static/build/img/favicon.fec40b1d14528bf9179da3b6b78079ad.ico. You can then put this line into your header:

<link rel="shortcut icon" href="{{asset_url_for('img/favicon.ico') }}">

to refer to it inside your HTML page. If all of your static files are managed this way, then their filenames will change whenever their contents do, and you can ask Flask to tell web browsers that they should cache all your assets forever by including the following line in your settings.py:

SEND_FILE_MAX_AGE_DEFAULT = 31556926  # one year

drls's People

Contributors

kjzz avatar terasum avatar

Stargazers

avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar

Forkers

terasum xing11

drls's Issues

第一个随机种子可篡改

根据文件DRLS/drls/public/views.py:

        # check passwd
        lock_file_path = os.path.join(app.config['UPLOAD_FOLDER'],app.config['LOCK_FILE_NAME'])
        lock = file_exists(lock_file_path)
        if lock:
            passwd = request.form['passwd']
            app.logger.info(passwd)
            app.logger.info(lock)
            passwd_file = open(lock_file_path,'r')
            real_passwd = passwd_file.readline().strip()
            passwd_file.close()
            if real_passwd != passwd:
                return JSONR(ERRCODE.UNAUTHORIZED,'password was wrong')
        else:
            pass
        seed_file_path = os.path.join(app.config['UPLOAD_FOLDER'], app.config['RANDOMSEED_FILE_NAME'])
        num_file_path = os.path.join(app.config['UPLOAD_FOLDER'], app.config['RANDOMNUM_FILE_NAME'])

第一个随机种子来自于用户输入,第二次修改需要知道lock.txt中的密码,而http://localhost:2992/刚好可以读取项目下任意文件,可篡改随机种子。

已知的随机种子导致结果可预测

文件DRLS/drls/rng.py中获取随机数使用外部随机种子:

        ran = random.uniform(0,self.range)
        return ran

第一个随机种子来源于外部文件上传,文件DRLS/drls/public/views.py:

def upload():
    if request.method == 'POST':
        seed = request.form['randomSeed']
        num = request.form['randomNum']

已知的随机种子导致结果可预测

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.