Beispiel #1
0
 def update_db(self):
     cur = mysql.get_db().cursor()
     query = """Update application set realName = %s,falseName = %s,categoryId = %s,picture1 = %s,picture2 = %s where id = %s"""
     input=(self.realName,self.falseName,self.categoryId,self.picture1,self.picture2,self.id)
     cur.execute(query,input)
     mysql.get_db().commit()
     cur.close()
 def update_db(self):
     cur = mysql.get_db().cursor()
     query = """Update userDetailsTempate set attr = %s,name = %s,type = %s where id = %s"""
     input = (self.attr, self.name, self.type, self.id)
     cur.execute(query, input)
     mysql.get_db().commit()
     cur.close()
Beispiel #3
0
 def update_db(self):
     cur = mysql.get_db().cursor()
     query = """Update report set experimentDetaileID = %s,questionID = %s,answer = %s,part = %s,securityId = %s where id = %s"""
     input = (self.experimentDetaileID, self.questionID, self.answer,
              self.part, self.securityId, self.id)
     cur.execute(query, input)
     mysql.get_db().commit()
     cur.close()
Beispiel #4
0
 def update_db(self):
     cur = mysql.get_db().cursor()
     query = """Update experiment set type = %s,numberParti = %s,leftParti = %s,checkboxLen = %s,run = %s where id = %s"""
     input = (self.type, self.numberParti, self.leftParti, self.checkboxLen,
              self.run, self.id)
     cur.execute(query, input)
     mysql.get_db().commit()
     cur.close()
 def update_db(self):
     cur = mysql.get_db().cursor()
     query = """Update experimentDetaile set ExperimentId = %s,applicationId = %s,questionDisplay = %s,userID = %s,done = %s,groupExp = %s where id = %s"""
     input = (self.ExperimentId, self.applicationId, self.questionDisplay,
              self.userID, self.done, self.groupExp, self.id)
     cur.execute(query, input)
     mysql.get_db().commit()
     cur.close()
 def update_db(self):
     cur = mysql.get_db().cursor()
     query = """Update question set question = %s,section = %s,type = %s,answer1 = %s,answer2 = %s,answer3 = %s,answer4 = %s where id = %s"""
     input = (self.question, self.section, self.type, self.answer1,
              self.answer2, self.answer3, self.answer4, self.id)
     cur.execute(query, input)
     mysql.get_db().commit()
     cur.close()
Beispiel #7
0
 def delete_by_id(cls, _id):
     cur = mysql.get_db().cursor()
     query = """Delete from report where id = %s"""
     cur.execute(query, _id)
     if (cur.rowcount > 0):
         cur.close()
         mysql.get_db().commit()
         return True
     cur.close()
     return False
 def delete_by_securityApplictionID(cls, _securityApplictionID):
     cur = mysql.get_db().cursor()
     query = """Delete from securityApplictionDescription where securityApplictionId = %s"""
     cur.execute(query, _securityApplictionID)
     if (cur.rowcount > 0):
         cur.close()
         mysql.get_db().commit()
         return True
     cur.close()
     return False
 def save_to_db(self):
     cur = mysql.get_db().cursor()
     if (UserDetailsTemplateModel.find_by_id(self.id) != False):
         cur.close()
         return False
     input = (self.name, self.attr, self.type)
     query = """INSERT INTO userDetailsTempate (attr,name,type) VALUES (%s,%s,%s)"""
     cur.execute(query, input)
     mysql.get_db().commit()
     query = """SELECT * FROM userDetailsTempate ORDER BY id DESC LIMIT 1"""
     cur.execute(query)
     if (cur.rowcount > 0):
         self.id = cur.fetchone()[0]
     cur.close()
Beispiel #10
0
 def save_to_db(self):
     cur = mysql.get_db().cursor()
     if( ApplicationModel.find_by_id(self.id) != False ):
         cur.close()
         return False
     query= """INSERT INTO application (realName,falseName,categoryId,picture1,picture2) VALUES (%s, %s,%s,%s,%s)"""
     input=(self.realName,self.falseName,self.categoryId,self.picture1,self.picture2)
     cur.execute(query,input)
     mysql.get_db().commit()
     query = """SELECT * FROM application ORDER BY id DESC LIMIT 1"""
     cur.execute(query)
     if(cur.rowcount > 0):
         self.id=cur.fetchone()[0]
     cur.close()
 def save_to_db(self):
     cur = mysql.get_db().cursor()
     if (SecurityApplictionDescriptionModel.find_by_id(self.id) != False):
         cur.close()
         return False
     input = (self.securityApplictionId, self.privacyId, self.privacyRankId)
     query = """INSERT INTO securityApplictionDescription (securityApplictionId,privacyId,privacyRankId) VALUES (%s, %s, %s)"""
     cur.execute(query, input)
     mysql.get_db().commit()
     query = """SELECT * FROM securityApplictionDescription ORDER BY id DESC LIMIT 1"""
     cur.execute(query)
     if (cur.rowcount > 0):
         self.id = cur.fetchone()[0]
     cur.close()
Beispiel #12
0
 def save_to_db(self):
     cur = mysql.get_db().cursor()
     if (PrivacyModel.find_by_id(self.id) != False):
         cur.close()
         return False
     input = (self.name)
     query = """INSERT INTO privacy (name) VALUES ( %s)"""
     cur.execute(query, input)
     mysql.get_db().commit()
     query = """SELECT * FROM privacy ORDER BY id DESC LIMIT 1"""
     cur.execute(query)
     if (cur.rowcount > 0):
         self.id = cur.fetchone()[0]
     cur.close()
Beispiel #13
0
 def save_to_db(self):
     cur = mysql.get_db().cursor()
     if (UserDetailsModel.find_by_id(self.id) != False):
         cur.close()
         return False
     input = (self.value, self.attrParent, self.userId)
     query = """INSERT INTO userDetails (value,attrParent,userId) VALUES (%s,%s,%s)"""
     cur.execute(query, input)
     mysql.get_db().commit()
     query = """SELECT * FROM userDetails ORDER BY id DESC LIMIT 1"""
     cur.execute(query)
     if (cur.rowcount > 0):
         self.id = cur.fetchone()[0]
     cur.close()
 def save_to_db(self):
     cur = mysql.get_db().cursor()
     if (ExperimentDetaileModel.find_by_id(self.id) != False):
         cur.close()
         return False
     input = (self.ExperimentId, self.applicationId, self.questionDisplay,
              self.userID, self.done, self.groupExp)
     query = """INSERT INTO experimentDetaile (ExperimentId,applicationId,questionDisplay,userID,done,groupExp) VALUES (%s,%s,%s,%s, %s, %s)"""
     cur.execute(query, input)
     mysql.get_db().commit()
     query = """SELECT * FROM experimentDetaile ORDER BY id DESC LIMIT 1"""
     cur.execute(query)
     if (cur.rowcount > 0):
         self.id = cur.fetchone()[0]
     cur.close()
Beispiel #15
0
 def save_to_db(self):
     cur = mysql.get_db().cursor()
     if (ExperimentModel.find_by_id(self.id) != False):
         cur.close()
         return False
     input = (self.type, self.numberParti, self.leftParti, self.checkboxLen,
              self.run)
     query = """INSERT INTO experiment (type,numberParti,leftParti,checkboxLen,run) VALUES (%s,%s,%s, %s, %s)"""
     cur.execute(query, input)
     mysql.get_db().commit()
     query = """SELECT * FROM experiment ORDER BY id DESC LIMIT 1"""
     cur.execute(query)
     if (cur.rowcount > 0):
         self.id = cur.fetchone()[0]
     cur.close()
Beispiel #16
0
 def save_to_db(self):
     cur = mysql.get_db().cursor()
     if (QuestionModel.find_by_id(self.id) != False):
         cur.close()
         return False
     query = """INSERT INTO question (question,section,type,answer1,answer2,answer3,answer4) VALUES (%s,%s, %s,%s, %s,%s, %s)"""
     input = (self.question, self.section, self.type, self.answer1,
              self.answer2, self.answer3, self.answer4)
     cur.execute(query, input)
     mysql.get_db().commit()
     query = """SELECT * FROM question ORDER BY id DESC LIMIT 1"""
     cur.execute(query)
     if (cur.rowcount > 0):
         self.id = cur.fetchone()[0]
     cur.close()
Beispiel #17
0
 def save_to_db(self):
     cur = mysql.get_db().cursor()
     if (ReportModel.find_by_id(self.id) != False):
         cur.close()
         return False
     query = """INSERT INTO report (experimentDetaileID,questionID,answer,part,securityId) VALUES (%s,%s,%s,%s,%s)"""
     input = (self.experimentDetaileID, self.questionID, self.answer,
              self.part, self.securityId)
     cur.execute(query, input)
     mysql.get_db().commit()
     query = """SELECT * FROM report ORDER BY id DESC LIMIT 1"""
     cur.execute(query)
     if (cur.rowcount > 0):
         self.id = cur.fetchone()[0]
     cur.close()
Beispiel #18
0
def signup_route():
	if request.method == 'GET':
		print 'SignUp GET'
		return render_template('signup.html')

	elif request.method == 'POST':
		print 'SignUp POST'

		f = request.form

		# Create a new User
		if checkIfEmailExists(f['email']):
			salt = encrypt.genSalt()
			newPassword = encrypt.encryptPassword(salt, f['password'])

			query_AddUser = '******'
			data_AddUser = [f['firstname'], f['lastname'], newPassword, f['email'], f['phone']]
			
			conn = mysql.get_db()
			cursor = conn.cursor()
			cursor.execute(query_AddUser, data_AddUser)
			conn.commit()

			# on Success, create a session, include username as a part of url
			session['email'] = f['email']
			session['name'] = f['firstname'] + ' ' + f['lastname']
			user = f['email'].split('@')[0]
			session['user'] = user
			return redirect(url_for('main_user.main_user_route', user=session['user']))
		else:
			error = 'Email already exists'
			return render_template('signup.html', error = error)
 def drop_db(self):
     cur = mysql.get_db().cursor()
     stmt = "SHOW TABLES LIKE 'experimentDetaile'"
     cur.execute(stmt)
     result = cur.fetchone()
     if result:
         sql = "DROP TABLE experimentDetaile"
         cur.execute(sql)
         cur.close()
 def drop_db(self):
     cur = mysql.get_db().cursor()
     stmt = "SHOW TABLES LIKE 'securityApplictionDescription'"
     cur.execute(stmt)
     result = cur.fetchone()
     if result:
         sql = "DROP TABLE securityApplictionDescription"
         cur.execute(sql)
         cur.close()
Beispiel #21
0
 def drop_db(self):
     cur = mysql.get_db().cursor()
     stmt = "SHOW TABLES LIKE 'privacy'"
     cur.execute(stmt)
     result = cur.fetchone()
     if result:
         sql = "DROP TABLE privacy"
         cur.execute(sql)
         cur.close()
Beispiel #22
0
 def find_by_id(cls, _id):
     cur = mysql.get_db().cursor()
     query = """select * from application where id = %s"""
     cur.execute(query,_id)
     if(cur.rowcount > 0):
         row = cur.fetchone()
         cur.close()
         application=ApplicationModel(row[1],row[2],row[3],row[4],row[5])
         application.id=row[0]
         return application
     cur.close()
     return False
Beispiel #23
0
 def find_by_id(cls, _id):
     cur = mysql.get_db().cursor()
     query = """select * from report where id = %s"""
     cur.execute(query, _id)
     if (cur.rowcount > 0):
         row = cur.fetchone()
         cur.close()
         report = ReportModel(row[1], row[2], row[3], row[4], row[5])
         report.id = row[0]
         return report
     cur.close()
     return False
Beispiel #24
0
 def find_by_attrParent(cls, _id):
     cur = mysql.get_db().cursor()
     query = """select * from userDetails where attrParent = %s"""
     cur.execute(query, _id)
     if (cur.rowcount > 0):
         row = cur.fetchone()
         cur.close()
         UserDetails = UserDetailsModel(row[1], row[2], row[5], row[4])
         UserDetails.id = row[0]
         cur.close()
         return UserDetails
     cur.close()
     return False
Beispiel #25
0
 def find_by_id(cls, _id):
     cur = mysql.get_db().cursor()
     query = """select * from securty where id = %s"""
     cur.execute(query,_id)
     if(cur.rowcount > 0):
         row = cur.fetchone()
         cur.close()
         securtyFeature=SecurtyModel(row[1])
         SecurtyFeature.id=row[0]
         cur.close()
         return securtyFeature
     cur.close()
     return False
Beispiel #26
0
 def find_Experiment_run_type(cls, _type):
     cur = mysql.get_db().cursor()
     query = """select * from experiment where run = %s AND type = %s"""
     cur.execute(query, 1, _type)
     if (cur.rowcount > 0):
         rows = cur.fetchone()
         cur.close()
         Experiment = ExperimentModel(row[1], row[2], row[4], row[5])
         Experiment.leftParti = row[3]
         Experiment.id = row[0]
         return Experiment
     cur.close()
     return False
Beispiel #27
0
def checkIfEmailExists(email):
	print 'checkIfEmailExists'
	query_GetEmail = 'SELECT * FROM User WHERE email = %s'
	data_GetEmail = [email]

	conn = mysql.get_db()
	cursor = conn.cursor()
	cursor.execute(query_GetEmail, data_GetEmail)
	result = cursor.fetchall()
	print len(result)
	if len(result) == 0:
		return True
	return False
Beispiel #28
0
 def find_by_id(cls, _id):
     cur = mysql.get_db().cursor()
     query = """select * from privacy where id = %s"""
     cur.execute(query, _id)
     if (cur.rowcount > 0):
         row = cur.fetchone()
         cur.close()
         privacyFact = PrivacyModel(row[1])
         PrivacyModel.id = row[0]
         cur.close()
         return privacyFact
     cur.close()
     return False
 def find_by_id(cls, _id):
     cur = mysql.get_db().cursor()
     query = """select * from securityApplictionDescription where id = %s"""
     cur.execute(query, _id)
     if (cur.rowcount > 0):
         row = cur.fetchone()
         cur.close()
         SecurityAppliction = SecurityApplictionDescriptionModel(
             row[1], row[2], row[3])
         SecurityAppliction.id = row[0]
         cur.close()
         return SecurityAppliction
     cur.close()
     return False
 def find_by_id(cls, _id):
     cur = mysql.get_db().cursor()
     query = """select * from experimentDetaile where id = %s"""
     cur.execute(query, _id)
     if (cur.rowcount > 0):
         row = cur.fetchone()
         cur.close()
         Experiment = ExperimentDetaileModel(row[1], row[2], row[3], row[4],
                                             row[5], row[6])
         Experiment.id = row[0]
         cur.close()
         return Experiment
     cur.close()
     return False
Beispiel #31
0
 def find_all_UserDetails(cls):
     cur = mysql.get_db().cursor()
     query = """select * from userDetails"""
     cur.execute(query)
     if (cur.rowcount > 0):
         rows = cur.fetchall()
         cur.close()
         UserDetailsArry = []
         for row in rows:
             UserDetails = UserDetailsModel(row[1], row[2], row[3])
             UserDetails.id = row[0]
             UserDetailsArry.append(UserDetails)
         return UserDetailsArry
     cur.close()
     return False
Beispiel #32
0
 def find_all_PrivacyFact(cls):
     cur = mysql.get_db().cursor()
     query = """select * from privacy"""
     cur.execute(query)
     if (cur.rowcount > 0):
         rows = cur.fetchall()
         cur.close()
         PrivacyFactArry = []
         for row in rows:
             privacyFact = PrivacyModel(row[1])
             privacyFact.id = row[0]
             PrivacyFactArry.append(privacyFact)
         return PrivacyFactArry
     cur.close()
     return []
Beispiel #33
0
def bagunis_route(user, baguniid):
	# Check if a user is logged in
	# If not, redirect to the main page for login
	if 'email' not in session:
		print 'Not logged in: redirecting to main...'
		return redirect(url_for('main.main_route'))

	# Check if the url is the right url for the current user
	session_username = session['email'].split('@')[0]
	if session_username != user:
		return render_template('403.html'), 403

	# Check if the current Baguni is displayed to the right user
	curBaguniid = baguniid

	query_getEmail = 'SELECT email FROM BaguniAccess WHERE baguniid = %s'
	data_getEmail = [curBaguniid]

	conn = mysql.get_db()
	cursor = conn.cursor()
	cursor.execute(query_getEmail, data_getEmail)

	try:
		db_email = cursor.fetchall()[0][0]
		if db_email != session['email']:
			return render_template('403.html'), 403
	except IndexError:
		return render_template('403.html'), 403


	if request.method == 'GET':
		# Get info about items in the current Baguni from the database
		query_getItems = 'SELECT * FROM Item WHERE baguniid = %s ORDER BY itemname ASC'
		data_getItems = [curBaguniid]

		conn = mysql.get_db()
		cursor = conn.cursor()
		cursor.execute(query_getItems, data_getItems)
		db_items = cursor.fetchall()

		items = []
		checked = ''
		for db_item in db_items:
			if db_item[7] == 1:
				checked = 'checked'

			item = {
				'origurl': db_item[2],
				'imageurl': db_item[3],
				'price': db_item[4],
				'brand': db_item[5],
				'name': db_item[6],
				'selected': checked
			}
			items.append(item)

		return render_template("bagunis.html", items = items)
	if request.method == 'POST':
		# Receive json object from ajax request
		jsondata = request.get_json()
		itemURL = jsondata['itemURL']
		curStep = jsondata['step']

		print curStep

		if curStep == 0:
			# Parse the url given
			parseResult = parseCafe24Mall(itemURL)
			# {
			# 	'domain': domain,
			# 	'img': img,
			# 	'name': name,
			# 	'price': price,
			# 	'info': info
			# }

			parseSuccess = parseResult[0]
			parseError = parseResult[1]
			parseInfo = parseResult[2]
			print parseError
			print parseInfo
			
			return jsonify(
				errorMessage = parseError,
				checkImage = parseInfo['img'],
				checkBrand = parseInfo['domain'],
				checkName = parseInfo['name'],
				checkPrice = parseInfo['price'],
				moreInfo = parseInfo['info']
			)
		elif curStep == 1:
			print jsondata['price']
			print jsondata['moreInfo']
			query_addItem = ('INSERT INTO Item(baguniid, originalurl, imageurl, price, '
							 'brandname, itemname, addInfo) VALUES (%s,%s,%s,%s,%s,%s,%s)')
			data_addItem = [baguniid, itemURL, jsondata['imageURL'], jsondata['price'], jsondata['brandName'],
							jsondata['itemName'], jsondata['moreInfo']]

			conn = mysql.get_db()
			cursor = conn.cursor()
			cursor.execute(query_addItem, data_addItem)
			conn.commit()

		return ('', 200)
Beispiel #34
0
def main_user_route(user):
	# Check if a user is logged in
	# If not, redirect to the main page for login
	if 'email' not in session:
		print 'Not logged in: redirecting to main...'
		return redirect(url_for('main.main_route'))

	# Check if the url is the right url for the current user 
	if session['user'] != user:
		return render_template('403.html'), 403

	if request.method == 'GET':
		print 'baguni GET'
		# Get all the Baguni IDs associated with the email account
		query_getBaguniId = 'SELECT * FROM BaguniAccess WHERE email = %s'
		data_getBaguniId = [session['email']]

		conn = mysql.get_db()
		cursor = conn.cursor()
		cursor.execute(query_getBaguniId, data_getBaguniId)
		baguniid = cursor.fetchall()

		bagunis = []

		for i in range(0, len(baguniid)):
			curBaguniId = baguniid[i][1]
			# For each Baguni ID, get Baguni info
			query_getBaguni = 'SELECT * FROM Baguni WHERE baguniid = %s'
			data_getBaguni = [curBaguniId]

			cursor.execute(query_getBaguni, data_getBaguni)
			baguni = cursor.fetchall()[0]

			# For each Baguni, count the number of items in that Baguni
			query_getNumItems = 'SELECT COUNT(itemid) FROM Item WHERE baguniid = %s'
			data_getNumItems = [curBaguniId]

			cursor.execute(query_getNumItems, data_getNumItems)
			numItems = cursor.fetchall()[0][0]

			# For each Baguni, count the number of items SELECTED in that Baguni
			query_getNumSelected = 'SELECT COUNT(itemid) FROM Item WHERE baguniid = %s AND selected = %s'
			data_getNumSelected = [curBaguniId, 1]

			cursor.execute(query_getNumSelected, data_getNumSelected)
			numSelected = cursor.fetchall()[0][0]


			newBaguni = [baguni, numItems, numSelected]
			
			bagunis.append(newBaguni)

		return render_template("main_user.html", bagunis = bagunis, user = user)

	if request.method == 'POST':
		print 'baguni POST'
		jsondata = request.get_json()
		baguniName = jsondata['baguniName']
		baguniColor = jsondata['baguniColor']

		# Insert into Baguni
		query_addBaguni = 'INSERT INTO Baguni (email, title, color) VALUES (%s, %s, %s)'
		data_addBaguni = [session['email'], baguniName, baguniColor]

		conn = mysql.get_db()
		cursor = conn.cursor()
		cursor.execute(query_addBaguni, data_addBaguni)
		conn.commit()

		# Get the id of inserted Baguni
		query_getBaguniId = 'SELECT LAST_INSERT_ID()'
		
		baguniid = cursor.execute(query_getBaguniId)
		baguniid = cursor.fetchall()[0]

		# Insert into BaguniAccess the newly added Baguni
		query_addBagAccess = 'INSERT INTO BaguniAccess (email, baguniid) VALUES (%s, %s)'
		data_addBagAccess = [session['email'], baguniid]

		cursor.execute(query_addBagAccess, data_addBagAccess)
		conn.commit()

		return ('', 200)