def login_user():
data = request.get_json() or {}
if data['email'] == '':
return bad_request("Please provide email.")
elif data['password'] == '':
return bad_request("Please provide password.")
else:
jwt_token = create_access_token(identity={'email': data['email']})
db_password_res = (c.execute(
"SELECT PASSWORD FROM USERS WHERE email == '{}'".format(
data['email']))).fetchone()
if db_password_res is None:
return bad_request("User with this email not registered.")
else:
db_password = db_password_res[0]
if data['password'] == db_password:
c.execute(
"UPDATE users SET rand_str = '{}', logged_in = 1 WHERE email == '{}'"
.format(jwt_token, data['email']))
conn.commit()
response = jsonify({'token': jwt_token})
response.headers.add('Access-Control-Allow-Origin', '*')
else:
return bad_request("Invalid password.")
return response
def changePassword():
cursor.execute(
'select name, login, passwordHash from account where id = %s',
(current_user.id, ))
user = cursor.fetchone()
form = ChangePasswordForm()
if form.validate_on_submit():
if check_password_hash(
user[2], form.passwordOld.data
) and form.passwordNew1.data == form.passwordNew2.data:
cursor.execute(
'update account set passwordHash = %s where id = %s', (
generate_password_hash(form.passwordNew1.data),
current_user.id,
))
conn.commit()
flash('Пароль был успешно изменен')
return redirect(url_for('account'))
else:
flash('Старый пароль введен неверно или новые пароли не совпадают')
return redirect(url_for('changePassword'))
return render_template('changePassword.html',
title='Сменить пароль',
form=form,
user=user)
def delete(self, fields):
try:
sql = AllQuery.delete(self.table_name(self), fields)
cursor.execute(sql)
conn.commit()
except ConnectionError as error:
pass
def postAuth():
username = session['username']
filepath = request.form['filepath']
Followers = request.form['allFollowers']
Tag = request.form['tag']
time = datetime.now()
if Followers == 'accept':
allFollowers = 1
else:
allFollowers = 0
caption = request.form['caption']
cursor = conn.cursor()
cursor.execute('INSERT INTO Photo (postingDate, filepath, allFollowers, caption, photoPoster) VALUES(%s,%s,%s,%s,%s)',
(time, filepath, allFollowers, caption, username))
cursor.execute('SELECT photoID FROM Photo WHERE photoID = (SELECT MAX(photoID) FROM Photo)')
data = cursor.fetchone()
photoID = data.get('photoID')
cursor.execute('SELECT groupName, owner_username FROM BelongTo WHERE member_username = %s', (username))
data = cursor.fetchall()
for line in data:
groupName = line.get('groupName')
owner = line.get('owner_username')
if request.form[groupName] == 'accept':
cursor.execute('INSERT INTO SharedWith VALUES(%s,%s,%s)', (owner, groupName, photoID))
if len(Tag) != 0:
cursor.execute('SELECT * FROM Person WHERE username = %s', (Tag))
user = cursor.fetchone()
if not (user):
error = 'This user doesn\'t exist.'
return render_template('post.html', data = data, error = error)
cursor.execute('INSERT INTO Tagged VALUES(%s,%s,%s)', (Tag, photoID, 0))
conn.commit()
cursor.close()
return render_template('home.html')
def login():
if request.method == 'POST':
if request.form['type'] == 'signin':
# Query Database
cur = conn.cursor()
cur.execute("select email, username, password from accounts where email=%s", [request.form['email']])
data = cur.fetchone()
# Fail conditions [no user by that email or password does not match]
if data == None: return '', 298
if not bcrypt.verify(request.form['pass'], data[2]): return '', 299
# If good go to home page
login_user(User(data[0], data[1]), remember=True, duration=timedelta(days=1))
return redirect(url_for('home'), 303)
elif request.form['type'] == 'signup':
try:
albums = json.dumps([{ 'album_name': "My Gallery", 'images': [] }])
#Query Database
cur = conn.cursor()
# Attempt to add new user and login
password = bcrypt.hash(request.form['pass'])
cur.execute("insert into accounts (email, username, password, albums) values (%s, %s, %s, %s)",
[request.form['email'], request.form['user'], password, albums])
conn.commit()
login_user(User(request.form['email'], request.form['user']), remember=True, duration=timedelta(days=1))
return redirect(url_for('home'), 303)
except psycopg2.IntegrityError:
cur.execute('ROLLBACK')
return '', 299
if current_user.is_authenticated:
return redirect(url_for('home'))
else:
return render_template('login.html')
def account():
if current_user.idTypeAccountOne == 1:
form = ChangeAccountTypeForm()
else:
form = ChangeAccountPriceForm()
if current_user.idFirm != 1 and current_user.idTypeAccountTwo == 2:
cursor.execute('select * from firm where id = %s;',
(current_user.idFirm, ))
firm = cursor.fetchone()
else:
firm = None
if form.validate_on_submit():
if current_user.idTypeAccountOne == 1:
cursor.execute(
'update account set idTypeAccountOne = %s where id = %s;',
(form.typeAccountOne.data, current_user.id))
conn.commit()
login_user(load_user(current_user.id))
flash('Тип учетной записи записан.')
return redirect(url_for('account'))
else:
cursor.execute(
'update account set servicePrice = %s where id = %s;',
(form.servicePrice.data, current_user.id))
conn.commit()
login_user(load_user(current_user.id))
flash('Цена за услуги изменена.')
return redirect(url_for('account'))
return render_template('account.html',
title='Личный кабинет',
form=form,
firm=firm)
def newAdvertisement():
if checkDataAccountFull() == 0:
flash('Вы не заполнили данные профиля')
return redirect(url_for('fillAccount'))
if current_user.idTypeAccountOne != 3:
flash('Вы не рекламодатель')
return redirect(url_for('account'))
form = NewAdvertisementForm()
if form.validate_on_submit():
cursor.execute(
'insert into advertisement (title, image, numberDay, dateStart, dateFinish, idAccount, description) values (%s, %s, %s, %s, %s, %s, %s);',
(
form.title.data,
form.image.data,
form.numberDay.data,
date.today(),
date.today() + timedelta(30),
current_user.id,
form.description.data,
))
conn.commit()
flash('Ваше объявление добавлено на 30 дней.')
return redirect(url_for('advertisements'))
return render_template('newAdvertisement.html',
title='Новое объявление',
form=form)
def add_mark():
with conn.cursor() as cursor:
cursor.execute('select id, name from student;')
students = [{'id': x[0], 'name': x[1]} for x in cursor.fetchall()]
cursor.execute('select * from task;')
tasks = [{'id': x[0]} for x in cursor.fetchall()]
if request.method == 'POST' and is_admin:
if request.form["stop"] == 'true':
return render_template('add_mark.html', is_admin=is_admin)
with conn.cursor() as cursor:
cursor.execute(f'INSERT INTO mark (student_id, task_id, mark)\
VALUES (\'{int(request.form["student_id"])}\', {int(request.form["task_id"])},\
{request.form["mark"]});')
cursor.execute('select mark.id, mark, name\
from (select max(id) as maxid from mark) as foo\
join mark on maxid=mark.id join student on mark.student_id = student.id;'
)
try:
x = cursor.fetchall()
flash(f'Добавлена оценка: id: {x[0][0]}, оценка: {x[0][1]},\
имя: {x[0][2]}')
except:
flash('Что-то пошло не так, обратитесь к разработчику')
conn.commit()
return render_template('add_mark.html',
students=students,
tasks=tasks,
is_admin=is_admin)
def setupprofile():
createprofile = CreateProfile()
if request.method == "POST" and createprofile.validate_on_submit():
username = createprofile.username.data
location= createprofile.location.data
biography=createprofile.biography.data
photo= createprofile.profilepic.data
created_date=format_date_joined(datetime.datetime.now())
filename=secure_filename(photo.filename)
photo.save(os.path.join(app.config['UPLOAD_FOLDER'],filename))
lastuserid= db.engine.execute("select userid from users order by userid desc limit 1")
for last in lastuserid:
userid=last.userid
# insert into gallery and addphoto , get the id from that for profilepic
db.engine.execute("insert into gallery(photourl) values('"+'/static/uploads/'+filename+"')")
lastphotoid= db.engine.execute("select photoid from gallery order by photoid desc limit 1")
for last in lastphotoid:
photoid=last.photoid
# db.engine.execute("insert into addphoto(photoid ,userid) values ('"+str(photoid)+"','"+str(userid)+"')")
cur.execute("CALL addphotos("+str(photoid)+",'"+str(userid)+"')")
conn.commit()
db.engine.execute("insert into Profiles (userid,profilepic,username,biography,countryliving,createddate) values('"+str(userid)+"','"+str(photoid)+"','"+username+"','"+biography+"','"+location+"','"+format_date_joined(datetime.datetime.now())+"')")
return redirect(url_for('login'))
else:
flash_errors(createprofile)
return render_template('setupprofile.html',form=createprofile)
def add_student():
with conn.cursor() as cursor:
cursor.execute('select * from "group";')
groups = [{'id': x[0], 'chair': x[1]} for x in cursor.fetchall()]
if request.method == 'POST' and is_admin:
if request.form["stop"] == 'true':
print('stop')
return render_template('add_student.html', is_admin=is_admin)
with conn.cursor() as cursor:
cursor.execute(
f'INSERT INTO student (group_id, name, birth, admission)\
VALUES ({int(request.form.get("group_id"))},\'{request.form["name"]}\',\
\'{request.form["bith"]}\', \'{request.form["admission"]}\');')
cursor.execute('select id, group_id, name, birth, admission from\
(select max(id) as maxid from student) as foo\
join student on id = maxid;')
try:
x = cursor.fetchall()
print(x)
flash(
f'Добавлен студент, id: {x[0][0]}, номер группы: {x[0][1]},\
ФИО: {x[0][2]}, дата рождения: {x[0][3]}, \
дата поступления: {x[0][0]}')
except:
flash('Что-то пошло не так, обратитесь к разработчику')
conn.commit()
return render_template('add_student.html',
groups=groups,
is_admin=is_admin)
def add_curr():
with conn.cursor() as cursor:
cursor.execute('select * from subject;')
subjects = [{'id': x[0], 'title': x[1]} for x in cursor.fetchall()]
with conn.cursor() as cursor:
cursor.execute('select * from "group";')
groups = [{'id': x[0], 'title': x[1]} for x in cursor.fetchall()]
if request.method == 'POST' and is_admin:
try:
if request.form["stop"] == 'true':
return render_template('add_curr.html', is_admin=is_admin)
with conn.cursor() as cursor:
cursor.execute(f'INSERT INTO curriculum (subject_id, group_id)\
VALUES ({int(request.form.get("subject_id"))}, {int(request.form.get("group_id"))});'
)
cursor.execute(f'select subject_id, group_id from curriculum \
where subject_id={int(request.form.get("subject_id"))}, group_id = {int(request.form.get("group_id"))};'
)
x = cursor.fetchall()
flash(
f'Добавлена связь, номер предмета: {x[0][1]}, номер группы: {x[0][2]}'
)
conn.commit()
except:
flash('Что-то пошло не так, обратитесь к разработчику')
return render_template('add_curr.html',
subjects=subjects,
groups=groups,
is_admin=is_admin)
def salvaEstimativa():
req = request.get_json()
codProj = req['codProj']
modelo = req['modelo']
modo = req['modo']
loc = req['loc']
kloc = req['kloc']
esforco = req['esforco']
prazo = req['prazo']
produtividade = req['produtividade']
tam = req['tam']
cursor = conn.cursor()
cursor.execute(
"DELETE FROM bancoprojeto2020.estimativa WHERE Proj_Cod = %s",
(codProj))
conn.commit()
cursor.close()
cursor = conn.cursor()
cursor.execute(
"INSERT INTO bancoprojeto2020.estimativa(Est_Modelo,Est_Modo,Est_Loc,Est_Kloc,Est_Esforco,Est_Prazo,Est_Produtividade,Est_TamEquipe,Proj_Cod) VALUES (%s,%s,%s,%s,%s,%s,%s,%s,%s)",
(modelo, modo, loc, kloc, esforco, prazo, produtividade, tam, codProj))
conn.commit()
cursor.close()
operacao = True
return jsonify(operacao=operacao)
def alterarproj():
if request.method == "POST":
id = request.form['id']
nome = request.form['nome']
gerente = request.form['gerente']
descricao = request.form['descricao']
cod = request.form.get('tc')
tempocontagem = request.form['tempocontagem']
temporeal = request.form['temporeal']
datainicio = request.form['datainicio']
dataprevista = request.form['dataprevista']
fct = request.form['fct']
lingcod = request.form.get('ling')
escopo = request.form.get('escopo')
cursor = conn.cursor()
cursor.execute(
"UPDATE bancoprojeto2020.projeto SET TC_Cod=%s,Proj_Nome=%s,Proj_Descricao=%s,Proj_TempoContagem=%s,Proj_TempoReal=%s,Proj_Gerente=%s,Proj_DataInicio=%s,Proj_DataP=%s,Proj_FCT=%s, Ling_Cod=%s, Proj_Escopo=%s WHERE Proj_Cod=%s",
(cod, nome, descricao, tempocontagem, temporeal, gerente,
datainicio, dataprevista, fct, lingcod, escopo, id))
conn.commit()
cursor.close()
flash("Alterado com Sucesso!")
return redirect(url_for('projeto.cadProjeto'))
def setArticle(self, image_name, artic_name, artic_descr, artic_categ):
cursor.execute(
'INSERT INTO articles(image_name, artic_name, artic_descr) VALUES(%s, %s, %s)',
(image_name, artic_name, artic_descr))
cursor.execute('INSERT INTO categories(artic_categ) VALUES(%s)',
(artic_categ))
conn.commit()
cursor.execute(
'SELECT artic_id FROM articles WHERE artic_name=%s ORDER By artic_id DESC LIMIT 1',
(artic_name))
artic_ind = (cursor.fetchone())
cursor.execute(
'SELECT categ_id FROM categories WHERE artic_categ=%s ORDER By categ_id DESC LIMIT 1',
(artic_categ))
categ_ind = cursor.fetchone()
cursor.execute(
'INSERT INTO cat_art(artic_id, categ_id) VALUES(%s, %s)',
(artic_ind[0], categ_ind[0]))
conn.commit()
def newShield():
if checkDataAccountFull() == 0:
flash('Вы не заполнили данные профиля')
return redirect(url_for('fillAccount'))
if current_user.idTypeAccountOne != 4:
flash('Вы не установщик')
return redirect(url_for('account'))
form = NewShieldForm()
if form.validate_on_submit():
if form.image.data == "":
form.image.data = 'http://manual-m.ru/wp-content/uploads/2019/10/no-image-300x300.jpeg'
cursor.execute(
'insert into shield (title, image, address, price, idAccount, description) values (%s, %s, %s, %s, %s, %s);',
(
form.title.data,
form.image.data,
form.address.data,
form.price.data,
current_user.id,
form.description.data,
))
conn.commit()
flash('Ваш щит добавлен в базу.')
return redirect(url_for('shields'))
return render_template('newShield.html', title='Новый щит', form=form)
def createpost(option):
createpost = CreatePost()
textpost=createpost.text.data
postDate='2020-04-24'
postTime='12:09:00'
if request.method == "POST":
# print("went into function")
if(textpost!=""):
print("textpost")
db.engine.execute("insert into posts(content,ctype, postDateTime) values('"+textpost+"','text','"+str(datetime.datetime.now())+"')")
else:
photo= createpost.image.data
# created_date=format_date_joined(datetime.datetime.now())
filename=secure_filename(photo.filename)
photo.save(os.path.join(app.config['UPLOAD_FOLDER'],filename))
db.engine.execute("insert into gallery(photourl) values('"+'/static/uploads/'+filename+"')")
lastphotoid= db.engine.execute("select photoid from gallery order by photoid desc limit 1")
for last in lastphotoid:
photoid=last.photoid
# db.engine.execute("insert into addphoto(photoid ,userid) values ('"+str(photoid)+"','"+session['userid']+"')")
cur.execute("CALL addphotos("+str(photoid)+",'"+str(session['userid'])+"')")
conn.commit()
db.engine.execute("insert into posts(content,ctype, postDateTime) values('"+'/static/uploads/'+filename+"','image','"+str(datetime.datetime.now())+"')")
lastpostid= db.engine.execute("select postId from posts order by postid desc limit 1")
for last in lastpostid:
postId=last.postid
# db.engine.execute("insert into user_post_log(postid ,userid) values ('"+str(postId)+"','"+session['userid']+"')")
cur.execute("CALL adduserposts("+str(postId)+",'"+str(session['userid'])+"')")
conn.commit()
return redirect(url_for('posts'))
def newFirm():
form = NewFirmForm()
if form.validate_on_submit():
cursor.execute(
'select * from firm where inn = %s or email = %s or phone = %s;',
(
form.inn.data,
form.email.data,
form.phone.data,
))
firm = cursor.fetchone()
if firm:
flash('Фирма с таким ИНН, email или телефоном уже существует.')
return redirect(url_for('newFirm'))
cursor.execute(
'insert into firm (inn, name, email, phone) values (%s, %s, %s, %s);',
(
form.inn.data,
form.name.data,
form.email.data,
form.phone.data,
))
conn.commit()
flash('Фирма добавлена в базу.')
return redirect(url_for('firms'))
return render_template('newFirm.html', title='Добавление фирмы', form=form)
def adicionaAtributo(codProj, lista):
sql = "INSERT INTO bancoprojeto2020.atributo (AT_Descricao,Tab_Cod,Proj_Cod) VALUES "
sql2 = ""
tam = len(lista)
i = 1
while i < tam:
j = 0
tam2 = len(lista[i])
sql2 = "SELECT Tab_Cod FROM bancoprojeto2020.tabela WHERE Tab_Nome = '" + lista[
i - 1] + "' AND Proj_Cod = " + codProj
cursor = conn.cursor()
cursor.execute(sql2)
res = cursor.fetchone()
cursor.close()
Tab_Cod = res[0]
while j < tam2:
sql += "(" + "'" + lista[i][j] + "'" + "," + str(
Tab_Cod) + "," + str(codProj) + "),"
j = j + 1
i = i + 2
result = sql.rstrip(',')
cursor = conn.cursor()
linhasAfetadas = cursor.execute(result)
conn.commit()
cursor.close()
operacao = False
if linhasAfetadas > 0:
operacao = True
return operacao
def createAccount():
if current_user.is_authenticated:
flash('Для регистрации нового аккаунта выйдите из существующего')
return redirect(url_for('account'))
form = CreateAccountForm()
if form.validate_on_submit():
cursor.execute('select * from account where login = %s;',
(form.login.data, ))
user = cursor.fetchone()
if user:
flash('Учетная запись с таким логином уже существует!')
return redirect(url_for('createAccount'))
if form.passwordOne.data == form.passwordTwo.data:
cursor.execute(
'insert into account (login, passwordHash, idTypeAccountOne, idTypeAccountTwo, idFirm) values (%s, %s, 1, 1, 1);',
(
form.login.data,
generate_password_hash(form.passwordOne.data),
))
conn.commit()
cursor.execute('select id from account where login = %s;',
(form.login.data, ))
user = cursor.fetchone()
login_user(load_user(user[0]), remember=0)
flash('Учетная запись создана успешно. Заполните данные профиля.')
return redirect(url_for('fillAccount'))
else:
flash('Пароли не совпадают.')
return redirect(url_for('createAccount'))
return render_template('createAccount.html',
title='Создание аккаунта',
form=form)
def deletarScript(codProj):
cursor = conn.cursor()
cursor.execute(
"SELECT Tab_Cod FROM bancoprojeto2020.tabela WHERE Proj_Cod=%s",
(codProj))
results = cursor.fetchall()
cursor.close()
for tabelaCod in results:
cursor = conn.cursor()
cursor.execute(
"DELETE FROM bancoprojeto2020.atributo WHERE Tab_Cod = %s",
(tabelaCod))
conn.commit()
cursor.close()
cursor = conn.cursor()
linhasAfetadas = cursor.execute(
"DELETE FROM bancoprojeto2020.tabela WHERE Proj_Cod = %s", (codProj))
conn.commit()
cursor.close()
operacao = True
if linhasAfetadas == 0:
operacao = False
return jsonify(operacao=operacao)
def notificationsAuth():
username = session['username']
cursor = conn.cursor()
cursor.execute('SELECT username_follower FROM Follow WHERE username_followed = %s AND followstatus = 0', (username))
data = cursor.fetchall()
for line in data:
follower = line.get('username_follower')
if request.form[follower] == 'accept':
cursor.execute('UPDATE Follow SET followstatus = 1 WHERE username_followed = %s AND username_follower = %s',
(username, follower))
elif request.form[follower] == 'deny':
cursor.execute('DELETE FROM Follow WHERE username_followed = %s AND username_follower = %s',
(username, follower))
else:
pass
cursor.execute('SELECT photoID FROM Tagged WHERE username = %s AND tagstatus = 0', (username))
data = cursor.fetchall()
for line in data:
photoID = line.get('photoID')
if request.form[str(photoID)] == 'accept':
cursor.execute('UPDATE Tagged SET tagstatus = 1 WHERE username = %s AND photoID = %s',
(username, photoID))
elif request.form[str(photoID)] == 'deny':
cursor.execute('DELETE FROM Tagged WHERE username = %s AND photoID = %s',
(username, photoID))
else:
pass
conn.commit()
cursor.close()
return render_template('home.html', username = session['username'])
def buy(oid):
if not current_user.is_authenticated:
return redirect(url_for('login'))
cursor.execute("SELECT prize,users.id,name\
FROM items,market,users\
WHERE items.id = item_id AND users.id = user_id AND items.id=%s"
% oid)
res = cursor.fetchone()
cursor.execute("SELECT * FROM users WHERE id=%s" % res[1])
owner = User(cursor.fetchone())
if res[0] > current_user.gold:
flash("金币不足!")
return redirect(url_for('market'))
gold = current_user.gold - int(res[0])
owner_gold = owner.gold + int(res[0])
cursor.execute("DELETE FROM market WHERE item_id=%s" % oid)
cursor.execute("UPDATE users SET gold = %s WHERE id=%s" %
(gold, current_user.id))
cursor.execute("UPDATE users SET gold = %s WHERE id=%s" %
(owner_gold, owner.id))
cursor.execute("DELETE FROM storage WHERE item_id=%s AND user_id = %s " %
(oid, owner.id))
cursor.execute("INSERT INTO storage (user_id,item_id) VALUES (%s,%s)" %
(current_user.id, oid))
is_full()
conn.commit()
flash("成功购买" + res[2] + "!")
return redirect(url_for('market'))
def registerAuth():
#form request
username = request.form['username']
password = request.form['password']
firstName = request.form['First Name']
lastName = request.form['Last Name']
bio = request.form['Bio']
#hashing password
hashword = hashlib.sha256(password.encode())
newpassword = (hashword.hexdigest())
cursor = conn.cursor()
query = 'SELECT * FROM person WHERE username = %s'
cursor.execute(query, (username))
data = cursor.fetchone()
error = None
if(data):
error = "This user already exists"
return render_template('register.html', error = error)
else:
ins = 'INSERT INTO person VALUES(%s, %s, %s, %s, %s)'
cursor.execute(ins, (username, newpassword, firstName, lastName, bio))
conn.commit()
cursor.close()
return render_template('index.html')
def is_full():
min = {"_id": "0", "value": 100000}
cursor.execute(
"select items.id, items.name, items.type, items.value, items.rare\
from items, users, storage\
where items.id=storage.item_id and users.id=storage.user_id and users.id=%s"
% current_user.id)
res = cursor.fetchall()
items = []
for i in res:
item = Item(i)
items.append(item)
if len(items) >= MAX_ITEM:
for item in items:
if item.value < min["value"]:
min["_id"] = item.id
min["value"] = item.value
cursor.execute(
"DELETE FROM storage WHERE item_id=%s AND user_id = %s " %
(min['_id'], current_user.id))
cursor.execute("INSERT INTO explore VALUES (%s)" % min['_id'])
conn.commit()
return True
else:
return False
def adicionaContagem():
req = request.get_json()
contCod = req['contCod']
fCod = req['fCod']
pCod = req['pCod']
tpCod = req['tpCod']
desc = req['desc']
td = req['td']
tr = req['tr']
complexidade = req['complexidade']
pf = req['pf']
cursor = conn.cursor()
if contCod == '0':
cursor.execute(
"INSERT INTO bancoprojeto2020.contagem (Fun_Cod,TP_Cod,Proj_Cod,Cont_Descricao,Cont_TD,Cont_TR,Cont_Complexidade,Cont_Contribuicao) VALUES (%s,%s,%s,%s,%s,%s,%s,%s)",
(fCod, tpCod, pCod, desc, td, tr, complexidade, pf))
conn.commit()
cursor.close()
else:
cursor.execute(
"UPDATE bancoprojeto2020.contagem SET TP_Cod=%s,Cont_Descricao=%s, Cont_TD=%s, Cont_TR=%s, Cont_Complexidade=%s, Cont_Contribuicao=%s WHERE Cont_Cod=%s",
(tpCod, desc, td, tr, complexidade, pf, contCod))
conn.commit()
cursor.close
cursor = conn.cursor()
cursor.execute(
"SELECT MAX(Cont_Cod) FROM bancoprojeto2020.contagem WHERE Proj_Cod=%s",
(pCod))
cod = cursor.fetchall()[0]
cursor.close()
return jsonify(cod=cod)
def addRequest(data):
if 'authorised' not in session or not session['authorised']:
emit('denyRequest', room=request.sid)
return
# Add skate information to database
id = str(uuid.uuid4())
skateInfo = (id, data['time'], float(data['size']),
(1 if data['age'] == 'youth' else 0),
('figure', 'hockey', 'speed').index(data['type']), 0)
db.execute("INSERT INTO skates VALUES(?, ?, ?, ?, ?, ?)", skateInfo)
conn.commit()
# Add skate information to memory queue
queueItem = {
'time': data['time'],
'size': float(data['size']),
'age': data['age'],
'type': data['type'],
'status': 0
}
queue[id] = queueItem
print('+ {}: Size {}{} {}'.format(id, data['size'],
('Y' if data['age'] == 'youth' else ''),
data['type']))
# Acknowledge addition
emit('addSuccess', id, room=request.sid)
emit('pubRequest', dict({'id': id}, **queueItem), broadcast=True)
def newAccount():
cursor.execute('select name, login, status from account where id = %s',
(current_user.id, ))
user = cursor.fetchone()
if user[2] == 0:
flash('Отказано в доступе')
return redirect(url_for('account'))
form = CreateAccountForm()
if form.validate_on_submit():
cursor.execute('select * from account where login = %s',
(form.login.data, ))
check_user = cursor.fetchone()
if check_user:
flash('Учетная запись с таким логином уже существует!')
return redirect(url_for('newAccount'))
cursor.execute(
'insert into account (login, passwordHash, name, status) values (%s, %s, %s, %s);',
(
form.login.data,
generate_password_hash(form.password.data),
form.name.data,
form.level.data,
))
conn.commit()
flash('Учетная запись для {} создана успешно!'.format(form.name.data))
flash('Login: {}'.format(form.login.data))
flash('Password: {}'.format(form.password.data))
return redirect(url_for('account'))
return render_template('newAccount.html',
title='Создание аккаунта',
form=form,
user=user)
def add_user():
global name
global phone_number
global gender
global twitter_id
global email
global password
name = request.form.get('username')
email = request.form.get('useremail')
password = sha256_crypt.encrypt(
(str(request.form.get('userpassword')))) # Hashing passwords
phone_number = request.form.get('userphone')
gender = request.form.get('gender')
twitter_id = request.form.get('twitter_id')
cursor.execute("""INSERT INTO `users` (`user_id`,`name`,`email`,`password`,`phone_number`,`gender`,`twitter_id`) VALUES (NULL,'{}','{}','{}','{}','{}','{}')""".format(
name, email, password, phone_number, gender, twitter_id))
conn.commit()
cursor.execute(
"""SELECT * FROM `users` WHERE `email` LIKE '{}' AND `password` LIKE '{}' """.format(email, password))
user = cursor.fetchone()
twitter_id = user[6] # Gets twitter id
a = api.twitter_api(twitter_id) # Calls twitter api
res = ml.predict(a) # Gets prediction using ML
per_map = {0: 'ENFJ', 1: 'ENFP', 2: 'ENTJ', 3: 'ENTP', 4: 'ESFJ', 5: 'ESFP', 6: 'ESTJ', 7: 'ESTP',
8: 'INFJ', 9: 'INFP', 10: 'INTJ', 11: 'INTP', 12: 'ISFJ', 13: 'ISFP', 14: 'ISTJ', 15: 'ISTP'} # Bayers personailty index
personality_index = per_map[res]
print(personality_index)
cursor.execute(
"""SELECT * FROM `users` WHERE `email` LIKE '{}' AND `password` LIKE '{}' """.format(email, password))
user = cursor.fetchone()
cursor.execute("""UPDATE `users` set personality_index='{}' WHERE email='{}' """.format(
personality_index, email)) # Stores personality index
conn.commit()
return redirect('/login')
def change_book():
if current_user.id != 1:
flash('Данная страница не доступна для Вас!')
return redirect(url_for('index'))
global id_book
if id_book == None:
flash('Вы не выбрали книгу для изменения!')
return redirect(url_for('books'))
form = ChangeBookForm()
if form.validate_on_submit():
cursor.execute(
'update book set price = %s, quantity_in_stock = %s, image = %s, description = %s where id = %s;',
(
form.price.data,
form.quantity_in_stock.data,
form.image.data,
form.description.data,
id_book,
))
conn.commit()
flash('Данные изменены!')
id_book = None
return redirect(url_for('books'))
elif request.method == 'GET':
cursor.execute(
'select price, quantity_in_stock, image, description from book where id = %s;',
(id_book, ))
book = cursor.fetchone()
form.price.data = book[0]
form.quantity_in_stock.data = book[1]
form.image.data = book[2]
form.description.data = book[3]
return render_template('new_book.html',
title='Редактирование книги',
form=form)
def joingroupAuth():
username = session['username']
group = request.form['Friend Group']
groupleader = request.form['Group Creator']
cursor = conn.cursor()
query = 'SELECT * FROM Friendgroup WHERE groupName = %s AND groupOwner = %s'
cursor.execute(query, (group, groupleader))
data = cursor.fetchone()
error = None
if (data):
cursor.execute(
'SELECT * FROM BelongTo WHERE member_username = %s AND owner_username = %s AND groupName = %s',
(username, groupleader, group))
data = cursor.fetchone()
if (data):
error = 'You already belong to this group.'
return render_template('joingroup.html', error=error)
else:
cursor.execute('INSERT INTO BelongTo VALUES(%s,%s,%s)',
(username, groupleader, group))
conn.commit()
cursor.close()
return render_template('home.html', username=session['username'])
else:
error = 'Incorrect Group Name and/or Group Creator'
return render_template('joingroup.html', error=error)
