Beispiel #1
0
def update_profile(user_id):
    if request.method == 'GET':
        cur = db.cursor()
        cur.execute("SELECT * FROM users WHERE user_id=%s", (user_id, ))
        current_user = cur.fetchall()
        db.commit()
        cur.close()
        return render_template('updatepro.html', current_user=current_user)

    if request.method == 'POST':
        name = request.form.get('username')
        phone = request.form.get('phone')
        dob = request.form.get('date_birth')
        profile_pic = request.files.get('profile_pic')
        if profile_pic.filename == "":
            print("Image must have gile name")
            return redirect(url_for('index'))
        if not allowed_image(profile_pic.filename):
            print("THAT NOT ALLOWED")
            return redirect(url_for('index'))
        else:
            filename = secure_filename(profile_pic.filename)
        profile_pic.save(os.path.join(app.config['IMAGE_UPLOADS'], filename))

        cur = db.cursor()
        cur.execute(
            "UPDATE users SET user_name=%s, user_phone=%s, user_dob=%s, profile_image=%s WHERE user_id=%s",
            (name, phone, dob, filename, user_id))
        db.commit()
        cur.close()
        return redirect(url_for('profile'))
Beispiel #2
0
def home():
    cur = db.cursor()
    cur.execute(
        " SELECT posts.post_title,posts.post_image, users.user_name FROM posts JOIN users ON users.user_id=posts.user_id "
    )
    posts = cur.fetchall()
    return render_template('home.html', posts=posts, title='Home')
Beispiel #3
0
def delete(post_id):
    if request.method == 'GET':
        cur = db.cursor()
        cur.execute("DELETE FROM posts where post_id=%s", (post_id, ))
        db.commit()
        cur.close()
        return redirect(url_for('profile'))
Beispiel #4
0
def update(post_id):
    if request.method == 'POST':
        title = request.form.get('title')
        cur = db.cursor()
        cur.execute("UPDATE posts SET post_title=%s WHERE post_id=%s",
                    (title, post_id))
        cur.execute("SELECT * FROM posts WHERE post_id=%s", (post_id, ))
        current_post = cur.fetchall()
        db.commit()
        cur.close()
        return redirect(url_for('profile'))

    if request.method == 'GET':
        cur = db.cursor()
        cur.execute("SELECT * FROM posts WHERE post_id=%s", (post_id, ))
        current_post = cur.fetchall()
        db.commit()
        cur.close()
        return render_template('update.html',
                               current_post=current_post,
                               title='Update Post')
Beispiel #5
0
def profile():
    cur = db.cursor()
    cur.execute(
        " SELECT posts.post_id, posts.post_title, posts.post_image, users.user_name FROM posts JOIN users ON users.user_id=posts.user_id WHERE users.user_id='%s'",
        (session['id'], ))
    posts = cur.fetchall()
    cur.execute(" SELECT * FROM users WHERE users.user_id='%s'",
                (session['id'], ))
    users = cur.fetchall()
    return render_template('profile.html',
                           posts=posts,
                           users=users,
                           title='Profile')
Beispiel #6
0
def signup():
    if request.method == 'POST':
        name = request.form.get('username')
        email = request.form.get('email')
        password = request.form.get('password')
        phone = request.form.get('phone')
        dob = request.form.get('date_birth')
        cur = db.cursor(dictionary=True)
        cur.execute(
            "INSERT INTO users(user_name, user_email, user_pass, user_phone, user_dob) VALUES (%s,%s,%s,%s,%s)",
            (name, email, password, phone, dob))
        db.commit()
        cur.close()
        return redirect(url_for('index'))
    return render_template('signup.html', title='register')
Beispiel #7
0
def create_post():
    if request.method == 'POST':
        title = request.form.get('title')
        post_image = request.files.get('post_image')
        if post_image.filename == "":
            print("Image must have file name")
            return redirect(url_for('index'))
        if not allowed_image(post_image.filename):
            print("THAT NOT ALLOWED")
            return redirect(url_for('index'))
        else:
            filename = secure_filename(post_image.filename)
        post_image.save(os.path.join(app.config['IMAGE_UPLOADS'], filename))
        cur = db.cursor(dictionary=True, buffered=True)
        cur.execute(
            "INSERT INTO posts(post_title,post_image,user_id) VALUES (%s,%s,%s)",
            (title, filename, session['id']))
        db.commit()
        cur.close()
        return redirect(url_for('home'))
    return render_template('post.html', title='Create Post')
Beispiel #8
0
def index():
    msg = ''
    if request.method == 'POST':
        name = request.form.get('username')
        password = request.form.get('password')
        cur = db.cursor(dictionary=True, buffered=True)
        cur.execute(
            "SELECT * FROM users WHERE user_name = %s AND user_pass = %s",
            (name, password))
        user = cur.fetchone()
        if user:
            session['loggedin'] = True
            session['id'] = user['user_id']
            session['username'] = user['user_name']
            return redirect(url_for('home'))
        else:
            msg = 'Incorrect username/password!'

    if 'loggedin' in session:
        return redirect(url_for('home'))
    else:
        return render_template('index.html', msg=msg, title='index')