def create_user(user): password = hash_password(user["password"]) sql = "INSERT INTO users(user_name, user_email, user_password, user_address, user_phone, created_by, actions) VALUES ('%s','%s','%s','%s','%s', %d, %d)" % ( user["user_name"], user["user_email"], password, user["user_address"], user["user_phone"], user["created_by"], user["actions"]) status = 0 res = '' try: cursor.execute(sql) db.commit() status = 200 res = 'User created successfully' except pymysql.Error as e: try: print("MySQL Error [%d]: %s") % (e.args[0], e.args[1]) return None except IndexError: print("MySQL Error: %s") % str(e) return None except: db.rollback() status = 401 res = 'Something went wrong. Try again' return res, status
def get_avatar(): # 获取头像图片数据 上传文件的数据 data = request.files.get('avatar') if not data: return jsonify(errno=RET.PARAMERR, errmsg="未传头像") try: # 读取上传的文件内容,并调用自己封装的方法上传到七牛 avatar_img_name = img_store(data.read()) except Exception as e: return jsonify(errno=RET.THIRDERR, errmsg="上传失败") # 存入数据库 user_id = g.user_id try: # update 方法 第一次添加 第二次可以修改 UserInfo.query.filter_by(id=user_id).update( {"author_url": avatar_img_name}) db.session.commit() except Exception as e: logging.error(e) db.rollback() return jsonify(errno=RET.DBERR, errmsg="数据库错误") # 通用域名 + 图片名字 avatar_url = constants.QINIUIMGURL + avatar_img_name return jsonify(errno=RET.OK, errmsg="头像上传成功", data={"avatar_url": avatar_url})
def app_register(): if session.get('loginTag'): return redirect(url_for('app_admin')) error = None form = RegisterForm() if form.validate_on_submit(): try: user = User(form.username.data.strip(), form.password.data.strip(), form.email.data.strip(), form.blog.data.strip()) db.session.add(user) db.session.commit() except Exception as e: db.rollback() finally: db.session.close() flash('Congratulations, you are now a registered user!') return redirect(url_for('app_admin')) elif form.errors: for field_name, errors in form.errors.items(): for error in errors: flash("{0} - {1}".format(field_name, errors), category='error') return render_template('register.html', form=form, error=error)
def register(user, address, account): userModel = addressModel = None try: try: userModel = UserModel(**user) userModel = userDao.save(userModel, autocommit=False) except Exception as e: print(e) if 'Duplicate' in str(e): raise ValueError('Username already taken') raise ValueError('User informations are not valid') try: addressModel = AddressModel(**address) addressModel = addressDao.save(addressModel, autocommit=False) except Exception as e: print(e) raise ValueError('Address informations are not valid') try: accountModel = AccountModel(**account) accountModel.id_User = userModel.id accountModel.id_Address = addressModel.id accountDao.save(accountModel, autocommit=False) except Exception as e: print(e) raise ValueError('Account informations are not valid') db.commit() return userDao.getById(userModel.id) except Exception as e: db.rollback() raise e
def admin_album(): if request.method == 'POST': album_name = request.form.get('album_name') album_state = request.form.get('album_state') or '1' album_desc = request.form.get('album_desc') if not album_name: return make_response(jsonify({"code": 1, "message": "请填写相册名称!"})) try: db.session.add(Album(album_name=album_name, album_desc=album_desc)) db.session.commit() except Exception: db.rollback() return make_response( jsonify({ "code": 1, "message": "新增失败,请联系管理员!" })) finally: db.session.close() return make_response(jsonify({"code": 0, "message": "新建成功!"})) albums = db.session.query( Album.album_id, Album.album_name, Album.album_slt).filter(Album.album_status == '1').all() return render_template('album/index.html', albums=albums)
def create_product(product): sql = "INSERT INTO products (product_name, product_description, product_price, product_qty, created_by, actions) VALUES('%s','%s','%8.2f','%d','%d', '%d')" % ( product["product_name"], product["product_description"], product["product_price"], product["product_qty"], product["created_by"], product["actions"]) print(sql) status = 0 res = '' try: cursor.execute(sql) db.commit() status = 200 res = 'Product created successfully' except pymysql.Error as e: try: print("MySQL Error" + str(e)) return None except IndexError: print("MySQL Error: %s") % str(e) return None except: db.rollback() status = 401 res = 'Something went wrong. Try again' return res, status
def user_fb_login(): # POST: Process response from external Fitbit server. if request.method == "POST": # Extract the Fitbit token and username from the response data. fb_token, username = complete_fb_login(request.data) # If the username wasn't saved, return to the original PowerToken login # page. if username is None: return redirect(url_for("user_login", error="Invalid username")) # Get the user with that username from the database. user = User.query.filter_by(username=username).first() # If the user with that username isn't in the database for whatever # reason, go back to the PowerToken login page. if user is None: return redirect(url_for("user_login", error="Invalid user")) # If everything is okay so far, add the Fitbit token to the database. user.fb_token = fb_token try: db.session.commit() except: db.rollback() # This code will never be called but must be present. return render_template("user_home.html", username=username) # GET: Render Fitbit page, which redirects to external login. elif request.method == "GET": username = request.args.get("username") return render_template("user_fb_login.html", username=username)
def auth_delete_node(): nid = request.form.get('nid') if not nid: return make_response(jsonify({"code": 1, "message": "参数传递错误!"})) query = db.session.query(func.count( Module.module_id)).filter(Module.module_parent == nid).scalar() if query: return make_response(jsonify({"code": 1, "message": "请删除节点下面的子节点先!"})) try: db.session.query(RoleAndModule).filter( RoleAndModule.module_id == nid).delete() db.session.query(Module).filter(Module.module_id == nid).delete() db.session.commit() return make_response(jsonify({"code": 0, "message": "删除成功!"})) except Exception: db.rollback() return make_response(jsonify({ "code": 1, "message": "数据库执行失败,请联系管理员!" })) finally: db.session.close()
def signup(): ''' Specify what happens when the signup link is accessed. If signup is successful, the user will be added into database, logged in and redirected to the myphotos page. If signup failed, an error page with proper messages will be redirected to. The users table in the database have the following columns: userid, username, salt, hhash, count (i.e. # of images the user uploaded) userid is unique, as it will be automatically incremented as new entry (i.e. new user) is added to the table. username is also set to be unique, so addition of duplicate username will cause an exception to be raised. salt value will be per-user. hhash will be the encrypted version of the password user input. ''' utils.record_requests() # If user is logged in, access to the login page will direct user to myphotos if (current_user.is_authenticated): return redirect(url_for('myphotos')) if request.method == 'POST': # read user input to the form username = request.form.get('username') password = request.form.get('password') # Do not allow empty username and/or password if username == '' or password == '': return render_template('error.html', error="Empty field(s) is not allowed.") # encrpt the plain text password salt = uuid.uuid4().hex hhash = hashlib.sha256(password.encode() + salt.encode()).hexdigest() # access the database cur = db.cursor() # insert user-input username and password into the users table try: cur.execute( "INSERT INTO users (username, salt, hhash, count) VALUES ('%s', '%s', '%s', '%d');" % (username, salt, hhash, 0)) except Exception as e: db.rollback() cur.close() # exception caused by duplicate username if (e.args[0] == 1062): e = "Username has already been registered!" # exception caused by username being too long (limit is 50 characters) elif (e.args[0] == 1406): e = "Username is too long!" # handle any other database errors return render_template('error.html', error=e) db.commit() # Now that signup complete successfully, log in the newly registered user with flask-login user = User.get(username) cur.close() login_user(user) # flash a message on website to let users know they have succesfully signed up and logged in. flash( "Your account is created successfully and you are now logged in! Start by uploading your first photo." ) return redirect(url_for('myphotos')) return render_template('signup.html')
def login(): form = LoginForm() if request.method == 'GET': return render_template("base.html", title='login', form=form) else: db = pymysql.connect( host='database-1.clr3d8nnckz4.us-east-2.rds.amazonaws.com', user='******', password='******', port=3306, db='chatbot') cursor = db.cursor() sql = [ "SELECT password,name,email from student where id=%s", "SELECT password,name,email from staff where id=%s" ] if form.validate_on_submit(): id = form.id.data print(id) password = form.password.data SorT = form.SorT.data if SorT == 1: cursor.execute(sql[0], id) result = cursor.fetchall() if len(result) != 0: ((results, user, email), ) = result print(results) print(password) if check_password_hash(results, password): db.commit() db.close() info = [id, user, email, 's'] print(info) return render_template("index_student.html", info=info) else: cursor.execute(sql[1], id) result = cursor.fetchall() if len(result) != 0: ((results, user, email), ) = result print(results) print(password) if check_password_hash(results, password): db.commit() db.close() info = [id, user, email, 't'] print(info) return render_template("index_teacher.html", info=info) else: print('******') db.rollback() db.close() flash( u'Sorry, your account or password was incorrect. Please double-check.', 'error') return redirect(url_for('login'))
def display(imname=None, cvname=None): ''' Specify what happens when the display link is accessed. Only logged in users can access this link; others will be redirected to the login page. This webpage displays an original photo and its opencv processed version side by side. This webpage can be accessedd in 3 ways: 1) after successful upload; 2) after clicking on thumbnails on myphotos page; 3) url. For 2), the redirect is handled in html, which makes it necessary to have the two extra variables in the url For 3), user might try to access others photos by guessing the image names to compose the url. We specifically check the owner of the images about to be displayed to prevent this illegal access from happening. ''' utils.record_requests() # recover namebase and extension from imname namebase, extension = imname.rsplit('.', 1) # make sure the imname and cvname correspond to each other if (namebase + '_cv' != cvname.rsplit('.', 1)[0]): return render_template( 'error.html', error= 'Wrong access! Please display photos by choosing from "My Photos" page.' ) # access database cur = db.cursor() # retrieve info about the user who uploaded this photo try: cur.execute( "SELECT userid FROM images WHERE namebase = '%s' AND extension = '%s';" % (namebase, extension)) except Exception: db.rollback() cur.close() return render_template('error.html') userid = cur.fetchone()[0] cur.close() # check if the photo's owner matches current user if (userid == None) or (userid != current_user.userid): return render_template( 'error.html', error= 'Wrong access! Please display photos by choosing from "My Photos" page.' ) presigned_urls = [] try: im_url = generate_presigned_url(imname) cv_url = generate_presigned_url(cvname) data = [im_url, cv_url] presigned_urls.append(data) except Exception: return render_template('error.html', error="cannot read images") return render_template('display.html', im_url=im_url, cv_url=cv_url)
def sign_in(): form = RegisterForm() if request.method == 'GET': return render_template("register.html", title='register', form=form) else: db = pymysql.connect( host='database-1.clr3d8nnckz4.us-east-2.rds.amazonaws.com', user='******', password='******', port=3306, db='chatbot') cursor = db.cursor() sql = [ "INSERT INTO student(id,email,password,name) VALUES (%s,%s,%s,%s)", "INSERT INTO staff(id,email,password,name) VALUES (%s,%s,%s,%s)" ] if form.validate_on_submit(): id = form.id.data name = form.name.data email = form.email.data password = form.password.data SorT = form.SorT.data password = generate_password_hash(password) if SorT == 1: cursor.execute("SELECT * from student where id=%s", id) result = cursor.fetchall() if len(result) != 0: flash( 'Registration failed, zID has been registered, please log in directly.', 'error') return render_template("register.html", title='register', form=form) else: cursor.execute(sql[0], (id, email, password, name)) else: cursor.execute("SELECT * from staff where id=%s", id) result = cursor.fetchall() if len(result) != 0: flash( 'Registration failed, zID has been registered, please log in directly.', 'error') return render_template("register.html", title='register', form=form) else: cursor.execute(sql[1], (id, email, password, name)) db.commit() db.close() # flash('Congratulations, your register are success.', 'info') return redirect(url_for('login')) db.rollback() db.close() flash('Sorry, your register not success, please try again.', 'error') return render_template("register.html", title='register', form=form)
def generic_database_insertion_multiple(query, params): try: for key, value in params.items(): value = str(value).replace("'", "''") query = query.replace(key, str(value)) except: pass try: with conn.cursor() as cursor: cursor.execute(query) conn.commit() return 'thread complete' except psycopg2.InterfaceError: conn.rollback() except psycopg2.InternalError: conn.rollback()
def set_user_name(): '''修改用户名''' user_id = g.user_id data = json.loads(request.get_data()) if not data: return jsonify(errno=RET.PARAMERR, errmsg="参数不完整") name = data['name'] # 跟新数据库中的用户名 try: UserInfo.query.filter_by(id=user_id).update({"user_name": name}) db.session.commit() session["name"] = name except Exception as e: logging.error(e) db.rollback() return jsonify(errno=RET.DBERR, errmsg="数据错误") return jsonify(errno=RET.OK, errmsg="ok")
def edit_product(data): sql = "SELECT * FROM products WHERE product_id = %d" % data["product_id"] print(sql) status = 0 res = '' try: cursor.execute(sql) result = cursor.fetchone() print(type(result[6])) if result[6] == 2 or result[6] == 3 or result[6] == 6 or result[ 6] == 7 or result[6] == 15: sql = "UPDATE products SET product_name = '%s',product_description = '%s',product_price = '%8.2f', product_qty = '%d', created_by = '%d', actions = '%d' WHERE product_id = %d" % ( data["product_name"], data["product_description"], data["product_price"], data["product_qty"], data["created_by"], data["actions"], data["product_id"]) print(sql) status = 0 res = '' try: cursor.execute(sql) db.commit() status = 200 res = 'Product updated successfully' except pymysql.Error as e: try: print("MySQL Error" + str(e)) return None except IndexError: print("MySQL Error: %s") % str(e) return None except: db.rollback() status = 401 res = 'Something went wrong. Try again' else: status = 201 res = "Not authorized" except: print("Error: unable to fetch data") return res, status
def add(): """ " add question based on [name] """ try: data = request.json if data is None: return response_error(MESSAGE.INVALID_PARAMETER, CODE.INVALID_PARAMETER) name = data['name'] question = Question(name=name, ) db.session.add(question) db.session.commit() return response_ok(question.to_json()) except Exception as ex: db.rollback() return response_error(str(ex))
def add(): """ " add business model based on [name] """ try: data = request.json if data is None: return response_error(MESSAGE.INVALID_PARAMETER, CODE.INVALID_PARAMETER) name = data['name'] bm = BusinessModel(name=name, ) db.session.add(bm) db.session.commit() return response_ok(bm.to_json()) except Exception as ex: db.rollback() return response_error(str(ex))
def changegroupid(): if current_user.perm == Permission.ADMIN: id = request.args['id'] groupid = request.args['newgroup'] if len(groupid) != 6: flash('群组长度不对,请确认为六位!') return 'fail' user = Students.query.filter_by(id=id).first() print(user.fk_tid) if user is not None and user.fk_tid != groupid: user.fk_tid = groupid db.session.add(user) try: db.session.commit() except: db.rollback() flash('修改成功!') return 'ok' else: flash('修改失败(groupid)') return 'fail'
def generic_database_update(query, params): try: for key, value in params.items(): value = str(value).replace("'", "''") query = query.replace(key, str(value)) except: pass try: with conn.cursor() as cursor: cursor.execute(query) res = cursor.fetchone() conn.commit() if res is not None: return res[0] else: return 0 except psycopg2.InterfaceError: conn.rollback() except psycopg2.InternalError: conn.rollback()
def save_house_img(house_id): try: house = HouseInfo.query.filter_by(id=house_id).first() except Exception as e: logging.error(e) return jsonify(errno=RET.DBERR, errmsg="数据查询错误") # 判断房屋是否存在 if not house: return jsonify(errno=RET.DATAERR, errmsg="房屋不存在") # request.files.get("house_image") 是一个文件类 ready() 党法读取数据 img_data = request.files.get("house_image").read() if not all([house_id, img_data]): return jsonify(errno=RET.PARAMERR, errmsg="参数不完整") # 读取上传的文件内容,并调用自己封装的方法上传到七牛 try: image_name = img_store(img_data) except Exception as e: logging.error(e) return jsonify(errno=RET.THIRDERR, errmsg="上传失败") # 图片名存入数据库 house_pic = HousePic(house_id=house_id, img_url=image_name) db.session.add(house_pic) # 如果房屋主图片未设置 设置主图 if house.index_image_url == '': house.index_image_url = image_name db.session.add(house) try: db.session.commit() except Exception as e: logging.error(e) db.rollback() return jsonify(errno=RET.DBERR, errmsg="数据存储异常") url = constants.QINIUIMGURL + image_name return jsonify(errno=RET.OK, errmsg="ok", data={"url": url})
def rel_auth(): '''用户实名认证''' user_id = g.user_id user = UserInfo.query.filter_by(id=user_id).first() if request.method == 'POST': data = json.loads(request.get_data()) real_name = data.get('real_name') id_card = data.get('id_card') # 保存数据库 try: #只有当 真是姓名和省份在好为空才能添加 UserInfo.query.filter_by(id=user_id, real_name='', id_card='').update({ 'real_name': real_name, "id_card": id_card }) db.session.commit() except Exception as e: logging.error(e) db.rollback() return jsonify(errno=RET.DBERR, errmsg='数据错误') return jsonify(errno=RET.OK, errmsg='ok', data=user.get_dict())
def api_register(): ''' API especially for test ''' username = request.form.get('username') password = request.form.get('password') if username == '' or password == '': # Forbidden return jsonify("Empty field(s) is not allowed."), 403 salt = uuid.uuid4().hex hhash = hashlib.sha256(password.encode() + salt.encode()).hexdigest() cur = db.cursor() try: cur.execute( "INSERT INTO users (username, salt, hhash, count) VALUES ('%s', '%s', '%s', '%d');" % (username, salt, hhash, 0)) except Exception as e: db.rollback() cur.close() if (e.args[0] == 1062): e = "Username has already been registered!" # Conflict return jsonify(e), 409 elif (e.args[0] == 1406): # Forbidden e = "Username is too long!" return jsonify(e), 403 db.commit() user = User.get(username) if (user == None): # Internal server error return jsonify("Database error; cannot add user"), 500 cur.close() login_user(user) return jsonify("Successfully registered"), 200
def generic_database_connect(query, params): try: for key, value in params.items(): value = str(value).replace("'", "''") query = query.replace(key, str(value)) except: pass if "update" in query: print(query) try: with conn.cursor() as cursor: cursor.execute(query) conn.commit() return [ dict((cursor.description[i][0], value) for i, value in enumerate(row)) for row in cursor.fetchall() ] except psycopg2.InterfaceError: conn.rollback() except psycopg2.InternalError: conn.rollback()
def selectDApply(): db = pymysql.connect("127.0.0.1", "root", "638436", "adms") cursor = db.cursor() dapply = "select * from dapplication" # 获得诊断申请列表查询语句 where da_uid='" + username + "'" try: # 执行sql语句 cursor.execute(dapply) da_re = cursor.fetchall() da = () for i in da_re: if i[4] == "申请中": i = i + ('/Allow', 'btn btn-success', 'submit', '批准') da += ((i),) print(da) db.commit() except: # 如果发生错误则回滚 traceback.print_exc() db.rollback() msg = "服务器错误!" # 关闭数据库连接 db.close()
def update_anime_db(page=1): last_page = 322 if page == last_page: print('complete') return url = "https://api.jikan.moe/v3/top/anime/" + str(page) time.sleep(4) response = requests.get(url) if response.status_code == 200: json = response.json() top = json.get('top') for i in range(50): this_mal_id = top[i]['mal_id'] exists = MAL_Database.query.filter_by(mal_id=this_mal_id).first() if exists is None: anime = MAL_Database(rank=top[i]['rank'], mal_id=this_mal_id, title=top[i]['title'], image_url=top[i]['image_url'], episodes=top[i]['episodes'], mal_score=str(top[i]['score']), mal_url=top[i]['url'], start_date=top[i]['start_date'], end_date=top[i]['end_date'], anime_type=top[i]['type'], members=top[i]['members']) try: db.session.add(anime) db.session.commit() except Exception as e: print("rolling back") db.rollback() page = page + 1 update_anime_db(page) else: print('finished or didnt get response status code is %s', response.status_code)
def register(): """ " user register based on [name], [email] and [password] """ try: data = request.json if data is None: return response_error(MESSAGE.INVALID_PARAMETER, CODE.INVALID_PARAMETER) email = data['email'] name = data['name'] password = data['password'] if is_valid_email(email) == False: return response_error(MESSAGE.INVALID_EMAIL, CODE.INVALID_EMAIL) user = User.find_by_email(email) if user is not None: return response_error(MESSAGE.USER_HAS_EMAIL_EXIST_ALREADY, CODE.USER_HAS_EMAIL_EXIST_ALREADY) confirm = hashlib.md5('{}{}'.format(password.strip(), 'appscyclone')).hexdigest() user = User( name=name, email=email, password=confirm, ) db.session.add(user) db.session.commit() return response_ok(user.to_json()) except Exception as ex: db.rollback() return response_error(str(ex))
def save_url(self, url): uniq_attempt = self.MAX_ATTEMPTS while uniq_attempt > 0: codes = [ self._generate(self.CODE_LENGTH) for _ in range(self.NUM_TEMP_CODES) ] existing = [ l.short_code for l in Link.select(Link.short_code).where( Link.short_code.in_(codes)) ] codes = [c for c in codes if c not in existing] try: Link.insert(short_code=codes[0], original_url=url).execute() return codes[0] except db_err.UniqueViolation: db.rollback() uniq_attempt -= 1 except db_err.DatabaseError as err: db.rollback() raise RuntimeError("Error saving a link record.", exc_info=err) raise ShortCodeGenerationFailure
def api_upload(): ''' API especially for load_generator to test ''' # check user info and login first username = request.form.get('username') password = request.form.get('password') user = User.get(username) if (user == None): # unauthorized return jsonify("Username does not exist!"), 401 veryfied_password = hashlib.sha256(password.encode() + user.salt.encode()).hexdigest() if (veryfied_password == user.hhash): login_user(user) else: # unauthorized return jsonify("Incorrect password!"), 401 # get info about the user-uploaded image try: file = request.files['file'] # Do not allow images bigger than 10M except RequestEntityTooLarge: # forbidden return jsonify("Image exceeds size limit (10M)."), 403 # Do not allow empty upload if file.filename == '': # forbidden return jsonify("No image selected."), 403 # Get a secure version of the filenmae filename = secure_filename(file.filename) # Separate filename and extension for easier name composition for original, thumbnail and opencv processed version filename, extension = filename.rsplit('.', 1) # access database cur = db.cursor() # read count from table users for naming the uploaded image try: cur.execute("SELECT count FROM users WHERE userid = '%d';" % (current_user.userid)) except Exception: cur.close() # internal server error return jsonify("Database error: cannot read column `count`"), 500 count = cur.fetchone() if (count == None): return jsonify("Database error: cannot read column `count`"), 500 count = count[0] # compose the namebase namebase = '_'.join([filename, str(current_user.userid), str(count)]) # if successfully uploadded, update count in users table try: cur.execute("UPDATE users SET count = '%d' WHERE userid = '%d';" % (count + 1, current_user.userid)) except Exception: db.rollback() cur.close() return jsonify("Database error: cannot update column `count`"), 500 # insert new entry (i.e. new image) into the users table try: cur.execute( "INSERT INTO images (userid, namebase, extension) VALUES ('%s', '%s', '%s');" % (current_user.userid, namebase, extension)) except Exception: db.rollback() cur.close() # internal server error return jsonify("Database error: cannot insert into `images`"), 500 # compose all names imname_base = namebase + '.' + extension tnname_base = namebase + '_tn.gif' cvname_base = namebase + '_cv.' + extension imname = webapp.config["SAVE_FOLDER"] + '/' + imname_base tnname = webapp.config["SAVE_FOLDER"] + '/' + tnname_base cvname = webapp.config["SAVE_FOLDER"] + '/' + cvname_base # save the original image file.save(imname) # save the thumbnail cmd_convert = "convert %s -auto-orient -thumbnail '200x200>' -gravity center -extent 200x200 -unsharp 0x.5 %s" % ( imname, tnname) result_convert = os.system(cmd_convert) if (result_convert != 0 ): # if successfully converted, result_convert should have vlaue 0 db.rollback() cur.close() os.remove(imname) return jsonify("Error: cannot create a thumnail"), 500 # save the image with text detected using opencv success = detect_text(webapp.config["TOP_FOLDER"], imname, cvname) if not success: db.rollback() cur.close() os.remove(imname) os.remove(tnname) return jsonify("Text detection failed, please re-upload."), 500 # upload to s3 try: s3_client.upload_file(imname, webapp.config["S3_BUCKET_NAME"], imname_base) s3_client.upload_file(tnname, webapp.config["S3_BUCKET_NAME"], tnname_base) s3_client.upload_file(cvname, webapp.config["S3_BUCKET_NAME"], cvname_base) except Exception: db.rollback() cur.close() os.remove(imname) os.remove(cvname) os.remove(tnname) return jsonify("Cannot upload image"), 500 db.commit() cur.close() # remove temp files os.remove(imname) os.remove(cvname) os.remove(tnname) # flash the message to let users know that image uploading is successful flash("The new photo is successfully uploaded!") # display the original image and the version with text deteced side by side return jsonify("Successfully uploaded"), 200
def save_house(): """ 房东发布房源信息 前端发送过来的json数据 { "title":"", "price":"", "area_id":"1", "address":"", "room_count":"", "acreage":"", "unit":"", "capacity":"", "beds":"", "deposit":"", "min_days":"", "max_days":"", "facility":["7","8"] } """ user_id = g.user_id data = request.get_data() #data = request.get_json() # 直接获取json数据 if not data: return jsonify(errno=RET.PARAMERR, errmsg="参数不完整") house_info = json.loads(data) #house_info = data user_id = user_id, title = house_info.get("title") price = house_info.get("price") address = house_info.get("address") room_count = house_info.get("room_count") acreage = house_info.get("acreage") unit = house_info.get("unit") capacity = house_info.get("capacity") beds = house_info.get("beds") deposit = house_info.get("deposit") min_days = house_info.get("min_days") max_days = house_info.get("max_days") area_id = house_info.get("area_id") # 校验传入数据 if not all((title, price, area_id, address, room_count, acreage, unit, capacity, beds, deposit, min_days, max_days)): return jsonify(errno=RET.PARAMERR, errmsg="参数缺失") # 前端传过来的单价和押金是以元为单位,转换为分 try: price = int(float(price) * 100) deposit = int(float(deposit) * 100) except Exception as e: return jsonify(errno=RET.PARAMERR, errmsg="参数错误") # 保存房屋基本信息数据到数据库 house = HouseInfo(user_id=user_id, title=title, price=price, address=address, room_count=room_count, acreage=acreage, unit=unit, beds=beds, deposit=deposit, min_days=min_days, max_days=max_days, area_id=area_id) db.session.add(house) if house_info.get("facility"): # 查询设施id在house_info["facilities"]列表里面 select * from xxx where id in house_info["facilities"] try: facilities = Facility.query.filter( Facility.id.in_(house_info["facility"])).all() house.facilities = facilities except Exception as e: logging.error(e) return jsonify(errno=RET.DBERR, errmsg='数据库错误') # 保存数据库 try: db.session.add(house) db.session.commit() except Exception as e: logging.error(e) db.rollback() return jsonify(errno=RET.DBERR, errmsg='数据错误') return jsonify(errno=RET.OK, errmsg="ok", data={"house_id": house.id})
def internal_error(error): db.rollback() return render_template('500.html'),500
def upload(): ''' Specify what happens when the login link is accessed. Only logged in users can access this link; others will be redirected to the login page. The images table in the database have the following columns: imid, userid, namebase, extension For an uploaded file, only its filename, seprated into namebase and extension, will be saved into the database. The image file itself is stored into the local file system, together with its thumbnail and opencv processed version with text detection. Duplicate filenames are okay since each will have the userid and count added to the path they are saved locally. The actual path an image is saved will be: webapp.config["SAVE_FOLDER"]/namebase_userid_count.extension Its thumbnail path will be: webapp.config["SAVE_FOLDER"]/namebase_userid_count_tn.extension Its opencv-processed version path will be: webapp.config["SAVE_FOLDER"]/namebase_userid_count_cv.extension ''' utils.record_requests() if request.method == 'POST': # get info about the user-uploaded image try: file = request.files['image'] # Do not allow images bigger than 10M except RequestEntityTooLarge: return render_template('error.html', error="Image exceeds size limit (10M).") # Do not allow empty upload if file.filename == '': return render_template('error.html', error="No image selected.") # Get a secure version of the filenmae filename = secure_filename(file.filename) print(filename) # Separate filename and extension for easier name composition for original, thumbnail and opencv processed version filename, extension = filename.rsplit('.', 1) # Only allow JPG and PNG images if extension not in ['jpg', 'jpeg', 'png']: return render_template('error.html', e="Only JPG and PNG images are allowed!") # access database cur = db.cursor() # read count from table users for naming the uploaded image try: cur.execute("SELECT count FROM users WHERE userid = '%d';" % (current_user.userid)) except Exception: cur.close() return render_template('error.html') count = cur.fetchone() if (count == None): return render_template('error.html') count = count[0] # compose the namebase namebase = '_'.join([filename, str(current_user.userid), str(count)]) # if successfully uploadded, update count in users table try: cur.execute("UPDATE users SET count = '%d' WHERE userid = '%d';" % (count + 1, current_user.userid)) except Exception: db.rollback() cur.close() return render_template('error.html') # insert new entry (i.e. new image) into the users table try: cur.execute( "INSERT INTO images (userid, namebase, extension) VALUES ('%s', '%s', '%s');" % (current_user.userid, namebase, extension)) except Exception: db.rollback() cur.close() return render_template('error.html') # compose all names imname_base = namebase + '.' + extension tnname_base = namebase + '_tn.gif' cvname_base = namebase + '_cv.' + extension imname = webapp.config["SAVE_FOLDER"] + '/' + imname_base tnname = webapp.config["SAVE_FOLDER"] + '/' + tnname_base cvname = webapp.config["SAVE_FOLDER"] + '/' + cvname_base # save the original image file.save(imname) # save the thumbnail cmd_convert = "convert %s -auto-orient -thumbnail '200x200>' -gravity center -extent 200x200 -unsharp 0x.5 %s" % ( imname, tnname) result_convert = os.system(cmd_convert) if (result_convert != 0 ): # if successfully converted, result_convert should have vlaue 0 db.rollback() cur.close() os.remove(imname) return render_template( 'error.html', error="Thumbnail creation failed, please re-upload.") # save the image with text detected using opencv success = detect_text(webapp.config["TOP_FOLDER"], imname, cvname) if not success: db.rollback() cur.close() os.remove(imname) os.remove(tnname) return render_template( 'error.html', error="Text detection failed, please re-upload.") # upload to s3 try: s3_client.upload_file(imname, webapp.config["S3_BUCKET_NAME"], imname_base) s3_client.upload_file(tnname, webapp.config["S3_BUCKET_NAME"], tnname_base) s3_client.upload_file(cvname, webapp.config["S3_BUCKET_NAME"], cvname_base) except Exception: db.rollback() cur.close() os.remove(imname) os.remove(cvname) os.remove(tnname) return render_template('error.html', error="Cannot upload image") db.commit() cur.close() # remove temp files os.remove(imname) os.remove(cvname) os.remove(tnname) # flash the message to let users know that image uploading is successful flash("The new photo is successfully uploaded!") # display the original image and the version with text deteced side by side return display(imname=imname_base, cvname=cvname_base) return render_template('upload.html')
def close_test_db_connection(self): db.rollback()