def create_event(id):
if request.method == 'POST':
try:
title = request.form['title']
summary = request.form['summary']
start_date = request.form['startDate'] + ' 12:00:00'
end_date = request.form['endDate'] + ' 12:00:00' if request.form[
'endDate'] else ''
image_url = request.form['image']
error = None
if error is not None:
flash(error)
return "Adding event failed"
else:
db = get_db()
t = db.execute(
'INSERT INTO event (title, summary, startDate, endDate, image)'
' VALUES (?, ?, ?, ?, ?)',
(title, summary, start_date, end_date, image_url))
t = add_event_to_timeline(id, t.lastrowid, db)
db.commit()
event_json = get_event(request.form)
return "SUCCESS" + json.dumps(event_json)
except Exception as e:
return e
return "Only POST requests supported"
def updateTimeline(id):
"""Update a post if the current user is the author."""
tl = get_timeline(id)
if request.method == 'POST':
title = request.form['title']
summary = request.form['body']
background_image = request.form['background_image']
error = None
if not title:
error = 'Title is required.'
if error is not None:
flash(error)
else:
db = get_db()
db.execute(
'UPDATE timeline SET title = ?, summary = ?, background_image = ? WHERE id = ?',
(title, summary, background_image, id))
db.commit()
process_hash_tags(id, summary)
return view(id)
events = json.dumps(sqlarray_to_json_event(get_all_from_all_events()))
event_ids = [event['id'] for event in tl['events']]
timelines = json.dumps(sqlarray_to_json(get_all_timelines()))
return render_template('blog/update.html',
tl={
'timeline': tl['timeline'],
'events': events,
'event_ids': event_ids
},
timelines=timelines)
def contrast_timelines(id1, id2):
timeline1 = get_timeline(id1)
timeline2 = get_timeline(id2)
new_title = "Contrast of " + timeline1['timeline'][
'title'] + " and " + timeline2['timeline']['title']
db = get_db()
t = create_timeline(new_title, new_title, db)
new_timeline_id = t.lastrowid
events_to_add = set()
for event in timeline1['events']:
found = 0
for event2 in timeline2['events']:
if event['id'] == event2['id']:
found = 1
if found == 0:
events_to_add.add(event['id'])
for event in timeline2['events']:
found = 0
for event2 in timeline1['events']:
if event['id'] == event2['id']:
found = 1
if found == 0:
events_to_add.add(event['id'])
for event_id in events_to_add:
add_event_to_timeline(new_timeline_id, event_id, db)
db.commit()
return "SUCCESS" + url_for('blog.view', id=new_timeline_id)
def register():
"""Register a new user.
Validates that the username is not already taken. Hashes the
password for security.
"""
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
db = get_db()
error = None
if not username:
error = 'Username is required.'
elif not password:
error = 'Password is required.'
elif db.execute('SELECT id FROM user WHERE username = ?',
(username, )).fetchone() is not None:
error = 'User {0} is already registered.'.format(username)
if error is None:
# the name is available, store it in the database and go to
# the login page
db.execute('INSERT INTO user (username, password) VALUES (?, ?)',
(username, generate_password_hash(password)))
db.commit()
return redirect(url_for('auth.login'))
flash(error)
return render_template('auth/register.html')
def add_event(tid, eid):
event = get_event(eid)
db = get_db()
add_event_to_timeline(tid, eid, db)
db.commit()
event_json = get_formatted_event(event)
return "SUCCESS" + json.dumps(event_json)
def login():
"""Log in a registered user by adding the user id to the session."""
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
db = get_db()
error = None
user = db.execute('SELECT * FROM user WHERE username = ?',
(username, )).fetchone()
if user is None:
error = 'Incorrect username.'
elif not check_password_hash(
user['password'], password) and user['password'] != password:
error = 'Incorrect password.'
if error is None:
# store the user id in a new session and return to the home page
session.clear()
session['user_id'] = user['id']
return redirect(url_for('blog.index'))
flash(error)
return render_template('auth/login.html')
def get_event(id):
"""Get an event by id.
:param id: id of event to get
"""
db = get_db()
event = db.execute(
'SELECT id, title, summary, startDate, endDate, image, credit'
' FROM event t WHERE id = ?', (id, )).fetchone()
return event
def load_logged_in_user():
"""If a user id is stored in the session, load the user object from
the database into ``g.user``."""
user_id = session.get('user_id')
if user_id is None:
g.user = None
else:
g.user = get_db().execute('SELECT * FROM user WHERE id = ?',
(user_id, )).fetchone()
def get_all_timeline_tags():
db = get_db()
d = {}
tt = db.execute('SELECT * FROM timeline_tags').fetchall()
for elem in tt:
tid = elem['timeline_id']
if tid in d:
d[tid].append(elem['tag_id'])
else:
d[tid] = [elem['tag_id']]
return d
def get_tagged_timelines(tag):
db = get_db()
tag_row = db.execute('SELECT id FROM tags WHERE tag = ?',
(tag, )).fetchone()
if not tag_row:
return []
res = db.execute(
'SELECT id, title, summary, background_image, author_id'
' FROM timeline_tags JOIN timeline ON id = timeline_id'
' WHERE tag_id = ?', (tag_row['id'], )).fetchall()
return res
def delete(id):
"""Delete a post.
Ensures that the post exists and that the logged in user is the
author of the post.
"""
get_timeline(id)
db = get_db()
db.execute('DELETE FROM timeline WHERE id = ?', (id, ))
db.commit()
return redirect(url_for('blog.index'))
def delete_event(tid, eid):
"""Delete an event."""
try:
db = get_db()
db.execute(
'DELETE FROM timeline_has WHERE timeline_id = ? AND event_id = ?',
(tid, eid))
found = db.execute(
'SELECT count(*) FROM timeline_has WHERE event_id = ?',
(eid, )).fetchone()[0]
if found == 0:
db.execute('DELETE FROM event WHERE id = ?', (eid, ))
db.commit()
except Exception as e:
return "FAILED"
return "SUCCESS"
def create():
"""Create a new post for the current user."""
if request.method == 'POST':
title = request.form['title']
summary = request.form['summary']
error = None
if not title:
error = 'Title is required.'
if error is not None:
flash(error)
else:
db = get_db()
t = create_timeline(title, summary, db)
db.commit()
return redirect(url_for('blog.view', id=t.lastrowid))
return render_template('blog/create.html')
def compare_timelines(id1, id2):
timeline1 = get_timeline(id1)
timeline2 = get_timeline(id2)
new_title = "Comparison of " + timeline1['timeline'][
'title'] + " and " + timeline2['timeline']['title']
new_background_image = timeline1['timeline'][
'background_image'] or timeline2['timeline']['background_image'] or ''
db = get_db()
t = create_timeline(new_title, new_title, new_background_image, db)
new_timeline_id = t.lastrowid
events_to_add = set()
for event in timeline1['events']:
for event2 in timeline2['events']:
if event['id'] == event2['id']:
events_to_add.add(event['id'])
for event_id in events_to_add:
add_event_to_timeline(new_timeline_id, event_id, db)
db.commit()
return "SUCCESS" + url_for('blog.view', id=new_timeline_id)
def get_timeline(id):
"""Get a timeline by id.
:param id: id of timeline to get
"""
db = get_db()
timeline = db.execute(
'SELECT t.id, title, summary, created, author_id, username'
' FROM timeline t JOIN user u ON t.author_id = u.id'
' WHERE t.id = ?', (id, )).fetchone()
if timeline is None:
abort(404, "Timeline id {0} doesn't exist.".format(id))
tl = {'timeline': timeline, 'events': []}
events = db.execute(
'SELECT * FROM timeline_has th INNER JOIN event e ON th.event_id = e.id WHERE th.timeline_id = '
+ str(timeline['id'])).fetchall()
tl['events'] = events
return tl
def update_event(eid):
try:
title = request.form['title']
summary = request.form['summary']
start_date = request.form['startDate'] + ' 12:00:00'
end_date = request.form['endDate'] + ' 12:00:00' if request.form[
'endDate'] else ''
image_url = request.form['image']
credit = request.form['credit']
error = None
db = get_db()
db.execute(
'UPDATE event SET title = ?, summary = ?, startDate = ?, endDate = ?, image = ?, credit = ? WHERE id = ?',
(title, summary, start_date, end_date, image_url, credit, eid))
db.commit()
return "SUCCESS"
except Exception as e:
print(e)
return "FAILURE"
def process_hash_tags(tid, s):
new_tags = set(part[1:] for part in s.split() if part.startswith('#'))
db = get_db()
all_tags = get_all_tags()
existing_tags = get_tag_set(
db.execute('SELECT * FROM timeline_tags WHERE timeline_id = ?',
(tid, )).fetchall())
current_tags = set(all_tags[tag] for tag in existing_tags)
removed_tags = current_tags - new_tags
added_tags = new_tags - current_tags
for tag in added_tags:
if tag not in all_tags:
t = db.execute('INSERT INTO tags (tag)' ' VALUES (?)', (tag, ))
all_tags[tag] = t.lastrowid
all_tags[t.lastrowid] = tag
t = db.execute('INSERT INTO timeline_tags'
' VALUES (?, ?)', (tid, all_tags[tag]))
for tag in removed_tags:
db.execute(
'DELETE FROM timeline_tags WHERE timeline_id = ? AND tag_id = ?',
(tid, all_tags[tag]))
db.commit()
def create():
"""Create a new post for the current user."""
if request.method == 'POST':
title = request.form['title']
summary = request.form['summary']
background_image = request.form['background_image']
error = None
if not title:
error = 'Title is required.'
if error is not None:
flash(error)
else:
db = get_db()
t = create_timeline(title, summary, background_image, db)
db.commit()
process_hash_tags(t.lastrowid, summary)
return redirect(url_for('blog.view', id=t.lastrowid))
timelines = json.dumps(sqlarray_to_json(get_all_timelines()))
return render_template('blog/create.html', timelines=timelines)
def updateTimeline(id):
"""Update a post if the current user is the author."""
post = get_timeline(id)
if request.method == 'POST':
title = request.form['title']
body = request.form['body']
error = None
if not title:
error = 'Title is required.'
if error is not None:
flash(error)
else:
db = get_db()
db.execute(
'UPDATE timeline SET title = ?, summary = ? WHERE id = ?',
(title, body, id))
db.commit()
return redirect(url_for('blog.index'))
return render_template('blog/update.html', post=post)
def get_all_from_all_events():
db = get_db()
events = db.execute(
'SELECT id, title, summary, startDate, endDate, image, credit'
' FROM event').fetchall()
return events
def get_username(uid):
db = get_db()
usr = db.execute('SELECT username FROM user WHERE id = ?',
(uid, )).fetchone()
return usr['username']
def get_all_events():
db = get_db()
events = db.execute('SELECT id, title FROM event').fetchall()
return events
def get_all_timelines():
db = get_db()
timelines = db.execute('SELECT id, title FROM timeline').fetchall()
return timelines
def get_all_from_all_timelines():
db = get_db()
timelines = db.execute(
'SELECT id, title, summary, background_image, author_id FROM timeline'
).fetchall()
return timelines
def index():
"""Show all the posts, most recent first."""
db = get_db()
timelines = db.execute('SELECT * FROM timeline t').fetchall()
return render_template('blog/index.html', timelines=timelines)
def get_all_tags():
db = get_db()
return get_tag_dict(db.execute('SELECT * FROM tags').fetchall())
