def __init__(self, username, password):
self.error = None
self.verification = False
self.username = clean(username)
self.password = clean(password)
self.locate_user_data()
def login_submit():
if request.method == 'POST':
if request.form['login-submit'] == 'Login':
username = clean(request.form['username'])
password = clean(request.form['password'])
""" Check if fields are blank """
if username == '' or password == '':
flash(u'One or more fields have been left blank.', 'error')
else:
""" Login """
submit = Login(username, password)
timestamp = datetime.now().strftime('%H:%M%p - %m-%d-%Y')
wmsg = f'Welcome back, {username}. Logged in at {timestamp}'
if submit.verification is True:
flash(wmsg, 'login-welcome')
session['username'] = username
session['logged_in'] = True
else:
flash(submit.error, 'error')
else:
flash(u'What did you do?', 'error')
return redirect(url_for('admin_login'))
def addMessage(user, message):
c_user = clean(user)
c_message = clean(message)
#query
query = "insert into messages(user,message) values(%s,%s)"
#execute query
return insertData(query, (c_user, c_message))
def updateBlog(blog_id, title, content, user):
c_id = clean(blog_id)
c_title = clean(title)
c_content = clean(content)
c_user = clean(user)
con, db = connect_db()
db.execute("update articales set title=%s,content=%s,user=%s where id=%s",
(c_title, c_content, c_user, c_id))
con.commit()
db.close()
def createBlog(title, content, user):
c_title = clean(title)
c_content = clean(content)
c_user = clean(user)
con, db = connect_db()
db.execute("insert into articales(title,content,user) values(%s,%s,%s)",
(c_title, c_content, c_user))
con.commit()
db.close()
def delete(id, username):
c_id = clean(id)
c_username = clean(username)
conn, db = connection()
query = db.execute('DELETE FROM articale WHERE id = %s AND author = %s',
(c_id, c_username))
conn.commit()
db.close
def registerUser(name, username, email, password):
c_name = clean(name)
c_username = clean(username)
c_email = clean(email)
c_password = sha256_crypt.encrypt(clean(password))
con, db = connect_db()
db.execute(
"insert into users (name,username,email,password) values(%s,%s,%s,%s)",
(c_name, c_username, c_email, c_password))
con.commit()
db.close()
def update(id, title, content):
c_id = clean(id)
c_title = clean(title)
c_content = clean(content)
conn, db = connection()
query = db.execute(
'UPDATE articale SET title=%s, content = %s WHERE id = %s',
(c_title, c_content, c_id))
conn.commit()
db.close
def Add_Articale(title, user, content):
c_title = clean(title)
c_content = clean(content)
conn, db = connection()
query = db.execute(
'INSERT INTO articale (title,author,content,approve) VALUES (%s,%s,%s,0)',
(c_title, user, c_content))
conn.commit()
db.close()
def addUser(name, username, email, password):
#clean fields
c_name = clean(name)
c_username = clean(username)
c_email = clean(email)
c_password = sha256_crypt.hash(clean(password)) #hash password
#execute query
d = insertData(
"insert into users (name,username,email,password) values(%s,%s,%s,%s)",
(c_name, c_username, c_email, c_password))
print(d)
def deleteBlog(blog_id):
c_id = clean(blog_id)
con, db = connect_db()
db.execute("delete from articales where id=%s", (c_id))
con.commit()
db.close()
def getAllBlogsForUser(user):
c_user = clean(user)
con, db = connect_db()
query = db.execute("select * from articales where user=%s", [c_user])
data = db.fetchall()
con.commit()
db.close()
return query, data
def verify_login(self, genuine_pass):
""" Compare passwords """
verify = hasher.verify(self.password, clean(genuine_pass))
if verify is True:
self.verification = True
else:
self.error = 'Incorrect password for ' + self.username
def delete_user(id):
c_id = clean(id)
conn, db = connection()
query = db.execute('DELETE FROM users WHERE id = %s', (c_id))
conn.commit()
db.close
def get_by_id(id):
c_id = clean(id)
conn, db = connection()
query = db.execute('SELECT * FROM articale WHERE id=%s', [c_id])
data = db.fetchone()
return query, data
def admin_delete(id):
c_id = clean(id)
conn, db = connection()
query = db.execute('DELETE FROM articale WHERE id = %s ', [c_id])
conn.commit()
db.close
def approve(id):
c_id = clean(id)
conn, db = connection()
query = db.execute('UPDATE articale SET approve=1 WHERE id = %s', [c_id])
conn.commit()
db.close
def add_user(name, username, email, password):
# get data & clean it
c_name = clean(name)
c_username = clean(username)
c_email = clean(email)
c_password = sha256_crypt.encrypt(clean(password))
# create connection
conn, db = connection()
# execute query
query = db.execute(
"INSERT INTO users (name,username,email,password,admin) VALUES (%s,%s,%s,%s,0)",
(c_name, c_username, c_email, c_password))
# save change
conn.commit()
# close connection
db.close()
def update_user(name, username, email, id):
# get data & clean it
c_name = clean(name)
c_username = clean(username)
c_email = clean(email)
c_id = clean(id)
# create connection
conn, db = connection()
# execute query
query = db.execute(
"UPDATE users SET name=%s,username=%s,email=%s WHERE id = %s",
(c_name, c_username, c_email, c_id))
# save change
conn.commit()
# close connection
db.close()
def check_user(username):
c_username = clean(username)
# create connection
conn, db = connection()
# execute query
query = db.execute('SELECT * FROM users WHERE username = %s', [c_username])
#fetch data
data = db.fetchone()
return query, data
def verify_login(self):
""" Compare passwords
"""
verify = hasher.verify(self.password, clean(self.passw))
if verify is True:
""" Begin session and send verification signal to
controller if verify is True
"""
session['username'] = self.username
session['logged_in'] = True
self.verification = True
else:
self.error = 'Incorrect password for ' + self.username
def checkUser(username):
#clean
c_username = clean(username)
#query
query = "select * from users where username=%s"
return getOneData(query, [c_username])
def getOneBlog(blog_id):
c_id = clean(blog_id)
con, db = connect_db()
query = db.execute("select * from articales where id=%s", [c_id])
data = db.fetchone()
return query, data
def getMessages(username):
#clean
c_user = clean(username)
#query
query = "select * from messages where user=%s"
return getAllData(query, [c_user])
def checkUser(username):
c_username = clean(username)
conn, db = connect_db()
query = db.execute("select * from users where username=%s", [c_username])
data = db.fetchone()
return query, data
