Beispiel #1
0
def event_new():
    if request.method == "POST":
        query = """INSERT INTO Event (title,description,start_time,end_time) VALUES(%s,%s,%s,%s);"""
        title = sanitizeHTML(request.form.get('title'))
        description = sanitizeHTML(request.form.get('description'))
        start_time = sanitizeHTML(request.form.get('start_time'))
        end_time = sanitizeHTML(request.form.get('end_time'))
        t = (title,description,start_time,end_time)
        cursor = g.db.cursor()
        cursor.execute(query,t)
        g.db.commit()

        cursor.close()
        return redirect(url_for('events'))
    else:
        return render_template('event_new.html',user_id=session['user_id'])
Beispiel #2
0
def register():

    full_name = sanitizeHTML(request.form.get('fullname',''))
    email = sanitizeHTML(request.form.get('email',''))
    password = sanitizeHTML(request.form['password'])
    passwordconfirm = sanitizeHTML(request.form['password'])
    agreed_to_terms = sanitizeHTML(request.form.get('terms',''))    # either on or ''

    if agreed_to_terms == '':
        flash('Must agree to terms and conditions')
        return redirect(url_for('login'))

    if not full_name:
        flash('Must include name')
    if not email:
        flash('Must include email')

    if not password:
        flash('Must include password')

    if password != passwordconfirm:
        flash('Passwords do not match')

    if full_name and email and password and (password == passwordconfirm):
        # preserve request type of POST with HTTP code 307
        # as per HTTP/1.1 (RFC 2616) 
        # create the user and log them in with the given info
        query = """INSERT INTO SLUser (full_name, email, password) VALUES(%s,%s,%s);"""
        cursor = g.db.cursor()
        cursor.execute(query,(full_name,email,password))
        g.db.commit()
        cursor.close()
        flash("Registration successful. Check your email for a confirmation.")

        return redirect(url_for('login',email=email,password=password), code=307)
    
    return redirect(url_for('login'))