def delete(id): conn = conn_db() cur = conn.cursor() cur.execute('DELETE FROM post WHERE comment_id = %s', (id, )) conn.commit() conn.close() return redirect(url_for('show_comment'))
def login(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] conn = conn_db() cur = conn.cursor() error = None cur.execute('SELECT * FROM sys_table WHERE username = %s', (username, )) sys = cur.fetchone() cur.close() conn.commit() if sys is None: error = 'Incorrect Username!' elif not check_password_hash(sys[2], password): error = 'Incorrect Password!' if error is None: session.clear() session['userid'] = sys[0] return redirect(url_for('HomeWithMap')) flash(error) return render_template('sign_in.html')
def update(id): if mysession(): post = get_post(id) if request.method == 'POST': body = request.form['comment'] error = None if not body: error = 'comment can not be empty!' if error is not None: flash(error) return redirect(url_for('show_comment')) else: conn = conn_db() cur = conn.cursor() cur.execute( 'UPDATE post SET comment = %s' 'WHERE comment_id = %s', (body, id)) cur.close() conn.commit() conn.close() return redirect(url_for('show_comment')) else: return render_template('blog/update.html', post=post) else: error = 'Only logged users can insert posts!' flash(error) return redirect(url_for('login'))
def comment(): if mysession(): if request.method == 'POST': body = request.form['comment'] error = None if not body: error = 'comment can not be empty' if error is not None: flash(error) return redirect(url_for('show_comment')) else: conn = conn_db() cur = conn.cursor() cur.execute( 'INSERT INTO post (comment, author_id) VALUES ( %s, %s)', (body, g.user[0])) cur.close() conn.commit() conn.close() return redirect(url_for('show_comment')) else: return render_template('Extend.html') else: error = 'You must be logged in to comment!' flash(error) return redirect(url_for('login'))
def Register(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] email = request.form['email'] age = request.form['age'] error = None if not username: error = 'please fill out this field.' elif not password: error = 'please fill out this field.' if not email: error = 'please fill out this field.' if not age: error = 'please fill out this field.' else: conn = conn_db() cur = conn.cursor() cur.execute('SELECT userid FROM sys_table WHERE username = %s', (username, )) if cur.fetchone() is not None: error = 'Username already used! try another one please!' cur.close() else: conn = conn_db() cur = conn.cursor() cur.execute('SELECT userid FROM sys_table WHERE email = %s', (email, )) if cur.fetchone() is not None: error = 'Email already used! try another one please!' cur.close() if error is None: conn = conn_db() cur = conn.cursor() cur.execute( 'INSERT INTO sys_table (username, password, email, age) VALUES (%s, %s,%s, %s)', (username, generate_password_hash(password), email, age)) cur.close() conn.commit() return redirect(url_for('login')) flash(error) return render_template('sign_UP.html')
def get_alpha(id): conn = conn_db() cur = conn.cursor() cur.execute( """SELECT * FROM public."Lagos_ALPhA_Survey" WHERE "ID" = %s""", (id, )) alpha = cur.fetchall() cur.close() if alpha is None: abort(404, "Alpha ID {0} doesn't exist.".format(id)) return alpha
def show_comment(): mysession() conn = conn_db() cur = conn.cursor() cur.execute( """SELECT sys_table.username, post.comment_id, post.created, post.comment FROM sys_table, post WHERE sys_table.userid = post.author_id""") posts = cur.fetchall() cur.close() conn.commit() conn.close() return render_template('blog/comment_order.html', posts=posts)