def index():
if request.method == 'POST':
log_newline(2)
logger.info('New contact-us form received!')
logger.info('Site: %s', str(request.referrer))
form_dict = dict(request.form)
logger.info('Form: %s', str(form_dict))
data_fields = ['name', 'phone', 'email', 'subject', 'message']
data = dict()
try:
for k,v in form_dict.iteritems():
if k in data_fields and bool(v[0]):
data[k] = unicode(v[0]).decode('utf-8')
logger.info('Form->Dict Serialize: %s', str(data))
except Exception, e:
#print 'Failed to handle form:\n\t%r' % request.form # DEBUG
logger.error('Serialize Fail!', exc_info=True)
return render_template('failure.html',
goto=request.referrer,
message="There was an error. Your message was not sent. Please try again."
)
if data.get('email'):
source_url = validate_and_get_domain(request.referrer)
try:
# get delivery email from site as stored in DB
recp = db_ops.ret_val(db_ops.Site, dict(url=source_url)).email
logger.info('Site found in records!')
except Exception, e:
logger.error('Error retrieving site data from DB!', exc_info=True)
recp = None
#message = '{subj}\n\n{msg}'.format(subj=data.get('subject', ''), msg=data.get('message', '')).strip()
analytics_store(source_url, **data) # store received data for future analytics
# For debug purposes
if app.config.get('DEBUG', False):
logger.debug('Sending mail to debug email: %s', config.MAIL_SENDER)
recp = config.MAIL_SENDER
if recp is not None:
message = format_msg_html(**data)
logger.info('Email HTML formatted')
if send_email(app, recp=recp, message=message, sender=config.MAIL_SENDER, subject="ContactForm: New message from your website."):
logger.info('Email sent to %s', recp)
return render_template('success.html',
goto=request.referrer,
message="Your message was sent successfully."
)
else:
logger.error('Site not found in records!')
def signup():
form = RegForm()
####TODO: ADD CODE TO PROPERLY VALIDATE FORM FIELDS
if form.validate_on_submit():
param_dict = {} # dict to map keywords to values retrieved from registration form
# retrieve user registration data from form
param_dict['username'] = form.username_fld.data.lower().decode('utf-8') # username converted to all-lower case
param_dict['email'] = form.email_fld.data.decode('utf-8')
####TODO: IMPLEMENT PASSWORD HASHING
param_dict['password'] = form.password_fld.data.decode('utf-8') or ''
db_ops.insert_val(db_ops.User, param_dict) # insert new values into DB
param_dict.pop('email') # clear dictionary key: email
param_dict.pop('password') # clear dictionary key: password
user = db_ops.ret_val(db_ops.User, param_dict) # retrieve user object from DB using username
param_dict.clear()
#if user is not None:
# notify user of signup
#notif_msg = 'Welcome to Afraisr, <span href="%s">%s</span>!' %(url_for('profile', username=user.username), user.username)
#utils.notify(user, notif_msg)
#param_dict['user_id'] = user.user_id # get user_id from user object
#param_dict['profile_img_name'] = app.config['DEFAULT_SILHOUETTE_UNKNOWN'] # set default user profile image for new user
#param_dict['reg_time'] = datetime.datetime.utcnow() # set user account creation date and time
#db_ops.insert_val(db_ops.UserDetails, param_dict) # save user details
flash('Successfully Registered!')
return redirect(url_for('login_auth'))
else:
if request.method=='POST':
flash('Check your Details!')
session['in_session'] = False
return render_template('sign_up.html', form = form)
def index():
if request.method == 'POST':
log_newline(2)
logger.info('New contact-us form received!')
logger.info('Site: %s', str(request.referrer))
form_dict = dict(request.form)
logger.info('Form: %s', str(form_dict))
data_fields = ['name', 'phone', 'email', 'subject', 'message']
data = dict()
try:
for k, v in form_dict.iteritems():
if k in data_fields and bool(v[0]):
data[k] = unicode(v[0]).decode('utf-8')
logger.info('Form->Dict Serialize: %s', str(data))
except Exception, e:
#print 'Failed to handle form:\n\t%r' % request.form # DEBUG
logger.error('Serialize Fail!', exc_info=True)
return render_template(
'failure.html',
goto=request.referrer,
message=
"There was an error. Your message was not sent. Please try again."
)
if data.get('email'):
source_url = validate_and_get_domain(request.referrer)
try:
# get delivery email from site as stored in DB
recp = db_ops.ret_val(db_ops.Site, dict(url=source_url)).email
logger.info('Site found in records!')
except Exception, e:
logger.error('Error retrieving site data from DB!',
exc_info=True)
recp = None
#message = '{subj}\n\n{msg}'.format(subj=data.get('subject', ''), msg=data.get('message', '')).strip()
analytics_store(source_url,
**data) # store received data for future analytics
# For debug purposes
if app.config.get('DEBUG', False):
logger.debug('Sending mail to debug email: %s',
config.MAIL_SENDER)
recp = config.MAIL_SENDER
if recp is not None:
message = format_msg_html(**data)
logger.info('Email HTML formatted')
if send_email(
app,
recp=recp,
message=message,
sender=config.MAIL_SENDER,
subject="ContactForm: New message from your website."):
logger.info('Email sent to %s', recp)
return render_template(
'success.html',
goto=request.referrer,
message="Your message was sent successfully.")
else:
logger.error('Site not found in records!')
def login_auth():
form = LoginForm()
####TODO: ADD CODE TO PROPERLY VALIDATE FORM FIELDS
if form.validate_on_submit():
####TODO: ADD CODE TO HANDLE INVALID LOGIN
# code to enable login with username or email
param_dict={}
if form.username_fld.data.find('@') > -1: # user entered email not username
param_dict['email'] = form.username_fld.data # create email key ins session dictionary
else: # user entered username not email
param_dict['username'] = form.username_fld.data # create username key ins session dictionary
user = db_ops.ret_val(db_ops.User, param_dict) # retrieve 'user' object with usernam or email, depending on which is provided
if user is not None: # user with username/email was found
param_dict.clear()
# retrieve full user details from DB using 'user_id'
#param_dict['user_id'] = user.user_id
#user_det = db_ops.ret_val(db_ops.UserDetails, param_dict)
####TODO: ADD CODE TO PROPERLY VALIDATE PASSWORD CORRECTNESS; FIND A MORE SECURE APPROACH
# begin password verification
if form.password_fld.data == user.password: # Validate correctness of password; dumb procedure though, but should suffice
session['in_session'] = True # login was successful; a user is now in session
# get active user's username and email details
session['username'] = user.username
session['email'] = user.email
# get active user's name details if available
#if user_det is not None:
#if user_det.f_name is not None:
#session['f_name'] = user_det.f_name
#if user_det.l_name is not None:
#session['l_name'] = user_det.l_name
####TODO: NEED TO IMPLEMENT BETTER SECURITY HERE
form.username_fld.data = '' # clear username field data in form
form.password_fld.data = '' # clear password field data in form
flash("User '%s' has been logged-in; Remember_me=%s" %(session.get('username'), str(form.remember_me_chkbx.data))) #DEBUG
# notify user of login operation
#notif_msg = 'You logged in at '+ str(datetime.datetime.utcnow())
#utils.notify(user, notif_msg)
return redirect(url_for('profile', username = session.get('username')))
#end: password verification
else: # incorrect password entry
flash('You may have entered the wrong password! Try again') #DEBUG
# notify user of login operation
#notif_msg = 'An attempt was made to log into your account at: '+ str(datetime.datetime.utcnow())
#utils.notify(user, notif_msg)
#end: if: form fields validated
else: # incorrect email or username entry
flash('Username or Email not found in our records!') #DEBUG
else: # Login Failed! ..... clear session credentials
if request.method=='POST':
flash('Check your Details!') #DEBUG
session.pop('username', '')
session.pop('email', '')
#session.pop('f_name', '')
#session.pop('l_name', '')
session['in_session'] = False # no user is in session
return render_template('login.html', form = form)
