def login_submit():
record_requests(get_instanceId())
cnx = get_db()
cursor = cnx.cursor()
if 'username' in request.form and \
'password' in request.form:
query = "SELECT * FROM user_information WHERE username='******';" % (
request.form['username'])
cursor.execute(query)
c = cursor.fetchall()
if len(c) == 1 and checkPassWord(c[0][2], request.form['password']):
session['authenticated'] = True
session.permanent = True
session['username'] = request.form['username']
session['error_dis'] = None
session['user_id'] = c[0][0]
login_success = 'You have successfully logged in!'
return render_template("upload.html", login_success=login_success)
if 'username' in request.form:
session['username'] = request.form['username']
session['authenticated'] = False
session['error'] = "Error! Incorrect username or password!"
return redirect(url_for('login'))
def uploadTA():
record_requests(get_instanceId())
username = request.values['username']
password = request.values['password']
message, permission = loginTA(username, password)
if permission == 0:
return message
else:
return file_uploadTA()
def register():
record_requests(get_instanceId())
uname_r = None
e_r = None
if 'username_r' in session:
uname_r = session['username_r']
if 'error_r' in session:
e_r = session['error_r']
return render_template("register.html", error=e_r, username=uname_r)
def register_submit():
record_requests(get_instanceId())
cnx = get_db()
cursor = cnx.cursor()
if 'username' in request.form and \
'password' in request.form and \
'confirm_password' in request.form:
query = "SELECT * FROM user_information WHERE username='******';" % (
request.form['username'])
cursor.execute(query)
c = cursor.fetchall()
# Judge if the username has duplicate
if len(c) == 1 and c[0][1] == request.form['username']:
session[
'error_r'] = "This user had registered, change another username!"
return redirect(url_for('register'))
# Judge if the username is longer than 100 chars
if len(request.form['username']) >= 100:
session['error_r'] = "Username is too long!"
return redirect(url_for('register'))
# Judge whether the two passwords are same
if request.form['password'] != request.form['confirm_password']:
session[
'error_r'] = "The two passwords are not the same, please confirm!"
return redirect(url_for('register'))
# Assign unique user_id
query = "SELECT * FROM user_information"
cursor.execute(query)
c = cursor.fetchall()
id = len(c)
saltedPS = enPassWord(request.form['password'])
query = "INSERT INTO user_information VALUES ('%d','%s','%s');" % (
id + 1, request.form['username'], saltedPS)
try:
cursor.execute(query)
cnx.commit()
except:
cnx.rollback()
success = "Create account Success, please login!"
return render_template("login.html", register_success=success)
session['error_r'] = "Every box should have value!"
return redirect(url_for('register'))
def login():
shutil.rmtree('app/static')
os.mkdir('app/static')
record_requests(get_instanceId())
uname = None
e = None
if 'username' in session:
uname = session['username']
if 'error' in session:
e = session['error']
if 'authenticated' in session:
if session['authenticated']:
return redirect(url_for('disPhoto'))
return render_template("login.html", error=e, username=uname)
def view():
record_requests(get_instanceId())
if 'username' not in session:
return redirect(url_for('user'))
username = str(session['username'])
path = os.path.join('app', 'static', username)
mkdir(path)
cnx = get_db()
cursor = cnx.cursor()
query = "SELECT origin_path,thumb_path,text_path from user_information,image where image.user_id = user_information.user_id and username = '******';" % username
cursor.execute(query)
allphotos = cursor.fetchall()
if not allphotos:
session[
'error_dis'] = "No photo in your account, Please upload photos first!"
return redirect(url_for('disPhoto'))
else:
session['error_dis'] = None
# download user's all files to local
for row in allphotos:
for col in row:
s3.download_file('a2homework', col[16:], col[16:])
listphoto = []
#insert filename to form new list
for row in allphotos:
listtemp = []
for col in row:
listtemp.append(col[16:])
#print(listtemp)
#print(row[1])
fpath = os.path.split(row[1])
listtemp.append(fpath[1])
listphoto.append(listtemp)
print(listphoto)
return render_template('view.html', listphoto=listphoto)
def registerTA():
record_requests(get_instanceId())
try:
username = str(request.args.get('username'))
password = str(request.args.get('password'))
cnx = get_db()
cursor = cnx.cursor()
# Judge if the args are empty
if len(username) == 0 or len(password) == 0:
return "None of the username or password should be empty!"
query = "SELECT * FROM user_information WHERE username='******';" % (
username)
cursor.execute(query)
c = cursor.fetchall()
# Judge if the username has duplicate
if len(c) == 1 and c[0][1] == username:
return "This user had registered, change another username!"
# Judge if the username is longer than 100 chars
if len(username) >= 100:
return "Username is too long!"
# Assign unique user_id
query = "SELECT * FROM user_information"
cursor.execute(query)
c = cursor.fetchall()
id = len(c)
saltedPS = enPassWord(password)
query = "INSERT INTO user_information VALUES ('%d','%s','%s');" % (
id + 1, username, saltedPS)
try:
cursor.execute(query)
cnx.commit()
except:
cnx.rollback()
return "Create account Success, please login!"
except Exception as e:
traceback.print_tb(e.__traceback__)
return "Create new account failed!"
def loginTA(username, password):
record_requests(get_instanceId())
cnx = get_db()
cursor = cnx.cursor()
if len(username) == 0 or len(password) == 0:
message = "None of the username and password should be empty!"
permission = 0
else:
query = "SELECT * FROM user_information WHERE username='******';" % (
username)
cursor.execute(query)
c = cursor.fetchall()
if len(c) == 1 and checkPassWord(c[0][2], password):
session['authenticated'] = True
session.permanent = True
session['username'] = username
session['user_id'] = c[0][0]
message = "Login success!"
permission = 1
else:
session['authenticated'] = False
message = "Error! Incorrect username or password!"
permission = 0
return message, permission
def disPhoto():
record_requests(get_instanceId())
error_dis = None
if 'error_dis' in session:
error_dis = session['error_dis']
return render_template("upload.html", error_dis=error_dis)
def user():
record_requests(get_instanceId())
return render_template("user.html")
def logout():
record_requests(get_instanceId())
session.clear()
return render_template("base.html")
def show():
record_requests(get_instanceId())
return render_template("show.html")
