def insert_post(post_data):
saved_img = False
insert_sql = 'INSERT INTO post (author, content, date, likes, img) VALUES (%s,%s,%s,%s, %s)'
if 'pic' in post_data:
saved_img = True
#connect to DB
con = connect()
if con == None:
return False, 0
try:
with con.cursor() as cursor:
cursor.execute(insert_sql,
(post_data['author'], post_data['content'],
post_data['date'], post_data['likes'], saved_img))
post_id = cursor.lastrowid
con.commit()
con.close()
return True, post_id
except Exception as e:
print e
con.close()
return False, 0
def watchlist_login():
if request.method == "POST":
attempted_username = request.form['username']
attempted_password = request.form['password']
connection, curs = connect()
curs.execute('SELECT * \
FROM users \
WHERE username = "******"' % (attempted_username))
userInfo = curs.fetchone()
if userInfo == None:
flash(
"Username not found. Try a different username, or create an account."
)
return render_template("watchlist_login.html")
uid, username, password = userInfo
curs.close()
connection.close()
gc.collect()
try:
if attempted_username == username and sha256_crypt.verify(
attempted_password, password):
session['logged_in'] = True
session['uid'] = uid
session['username'] = username
flash("Welcome %s!" % (username))
return redirect(url_for("watchlist_blueprint.watchlist_home"))
else:
flash("Incorrect password, try again")
return render_template("watchlist_login.html")
except Exception as e:
return str(e)
return render_template("watchlist_login.html")
def get_watchlists():
wls = []
connection, curs = connect()
curs.execute('SELECT * \
FROM lists \
WHERE uid = %d and username = "******"' %
(session["uid"], session['username']))
tups = curs.fetchall()
for tup in tups:
wls.append(tup)
return wls
def create_user(sql_insert,user_id,encrypted,nickname,salt, email, team): con = connect() if con == None: return 'Error' try: with con.cursor() as cursor: s = cursor.execute(sql_insert,(user_id,encrypted,nickname,salt,email,team)); con.commit() con.close() return True except Exception as e: print 'can not excute the sql command' con.close() return 'Error'
def watchlist_list_view(lid):
connection, curs = connect()
curs.execute('SELECT watchlist_name, data FROM lists WHERE lid = "%d"' %
(int(lid)))
list_info = curs.fetchone()
name = list_info[0]
date = list_info[1].strftime("%m-%d-%y")
curs.execute('SELECT * FROM movies WHERE lid = "%d"' % (int(lid)))
movies = curs.fetchall()
return render_template("watchlist_list_view.html",
name=name,
movies=movies,
size=len(movies),
date=date)
def query_user(sql_query, username): con = connect() if con == None: return 'Error' try: with con.cursor() as cursor: cursor.execute(sql_query,(username,)); result = cursor.fetchone() con.close() return result except Exception as e: print e con.close() return 'Error'
def process_floor_step(message):
try:
chat_id = message.chat.id
floor = message.text
client = client_dict[chat_id]
client.floor = floor
replykey = telebot.types.ReplyKeyboardMarkup(True, True)
replykey.row("Подтвердить")
replykey.row("Начать сначала")
newmessage = bot.send_message(
chat_id,
"Ваш заказ: \n Имя: " + client.name + "\nФамилия: " +
client.lastname + "\n Район: " + client.area + "\n Улица: " +
client.street + "\n Номер дома: " + client.entrance +
"\n Номер квартиры: " + client.apartment + "\n Этаж: " +
client.floor + "\n Статус заказа: ",
reply_markup=replykey)
conn.connect(conn, client.client_id, client.name, client.lastname,
client.area, client.street, client.entrance,
client.apartment, client.floor)
#conn.connect(conn, 1314214,"adad","sdad","asdasd","700")
except Exception as e:
bot.reply_to(message, "Вы готовы подтвердить?")
def watchlist_film_view():
mid = request.args.get("mid", default="")
movie = tmdb.get_movie(mid)
wls = []
if request.method == "POST":
try:
lid = int(request.form['list_name'])
except:
flash("You must select a choice from your watchlists")
return redirect(
url_for("watchlist_blueprint.watchlist_film_view", mid=mid))
uid = session['uid']
connection, curs = connect()
if duplicate_movie(curs, int(movie.mid), lid):
flash("%s is already in that list!" % movie.title)
return redirect(
url_for("watchlist_blueprint.watchlist_film_view", mid=mid))
try:
curs.execute(
'INSERT INTO movies(mid, title, poster, release_date, overview, lid, uid) \
VALUES("%d", "%s", "%s", "%s", "%s", "%d", "%d")' %
(int(movie.mid), movie.title, movie.poster, movie.release_date,
movie.overview.encode('ascii',
'ignore').decode('utf8'), lid, uid))
connection.commit()
flash("%s added to list" % (str(movie.title)))
curs.close()
connection.close()
return redirect(
url_for("watchlist_blueprint.watchlist_film_view",
mid=int(movie.mid)))
except Exception as e:
print(str(e))
return render_template("watchlist_single_movie.html",
movie=movie,
wls=wls)
try:
session['logged_in']
wls = get_watchlists()
return render_template("watchlist_single_movie.html",
movie=movie,
wls=wls)
except Exception as e:
# flash(str(e))
return render_template("watchlist_single_movie.html",
movie=movie,
wls=wls)
def search_user(name):
search_sql = "SELECT ID,user_ID,team FROM user_account WHERE user_id LIKE %s"
#connect DB
con = connect()
if con == None:
return False
try:
with con.cursor(pymysql.cursors.DictCursor) as cursor:
count = cursor.execute(search_sql,("%" + name + "%",));
if count > 0:
results = cursor.fetchall();
con.close()
return results
except Exception as e:
print e
con.close()
return False
def add_follow(username , follow_name): insert_sql= "INSERT INTO user_follow (user_follower , user_followed) SELECT user1.ID ,user2.ID FROM user_account user1,user_account user2 WHERE user1.user_ID = %s and user2.user_ID = %s" #connect to DB con = connect() if con == None: return False try: with con.cursor() as cursor: cursor.execute(insert_sql,(username , follow_name)); con.commit() con.close() return True except Exception as e: print e con.close() return False
def change_password(user_ID, password, salt):
insert_sql = 'UPDATE user_account SET password = %s , salt = %s where user_ID = %s'
#connect to DB
con = connect()
if con == None:
return 'Error'
try:
with con.cursor() as cursor:
cursor.execute(insert_sql, (password, salt, user_ID))
con.commit()
con.close()
return True
except Exception as e:
print e
con.close()
return False
def query_friend(username): query_sql = "SELECT user_account1.user_ID AS name, user_account1.team AS team FROM user_account AS user_account1, user_follow , user_account AS user_account2 WHERE user_account2.user_ID = %s AND user_follow.user_follower = user_account2.ID AND user_account1.ID = user_follow.user_followed" results = None #connect to DB con = connect() if con == None: return 'Error' try: with con.cursor(pymysql.cursors.DictCursor) as cursor: count = cursor.execute(query_sql,(username,)); if count > 0: results = cursor.fetchall(); con.close() return results except Exception as e: print e con.close() return 'Error'
def if_follow(username , friend): search_sql = "SELECT * FROM user_follow,user_account as user1, user_account as user2 WHERE user_follow.user_follower = user1.ID and user_follow.user_followed = user2.ID and user1.user_ID = %s and user2.user_ID = %s " #connect DB con = connect() if con == None: return False try: with con.cursor() as cursor: count = cursor.execute(search_sql,(username,friend)); con.close() if count > 0: return True else: return False except Exception as e: print e con.close() return False
def do_like(post_id, liker_id):
#query the post
query_sql = 'SELECT likes, likers FROM post WHERE id = %s'
#update method
update_sql = 'UPDATE post SET likes = %s, likers = %s WHERE id = %s'
#connect DB
con = connect()
if con == None:
return False
try:
with con.cursor(pymysql.cursors.DictCursor) as cursor:
count = cursor.execute(query_sql, (int(post_id), ))
if count == 1:
result = cursor.fetchone()
else:
con.close()
return False
if result['likers'] is not None:
likers = result['likers']
liker_people = result['likers'].split(",")
for liker in liker_people:
if liker == liker_id:
con.close()
return 'No change'
likers += (',' + liker_id)
else:
likers = liker_id
new_likes = result['likes']
new_likes += 1
count = cursor.execute(update_sql,
(new_likes, likers, int(post_id)))
con.commit()
con.close()
if count == 1:
return True
return False
except Exception as e:
print e
con.close()
return False
def delete_follow(username , follow_name): delete_sql = "DELETE FROM user_follow WHERE user_follow.user_follower IN (SELECT user_account.ID FROM user_account WHERE user_account.user_ID = %s) AND user_follow.user_followed IN (SELECT user_account.ID FROM user_account WHERE user_account.user_ID = %s)" #connect DB con = connect() if con == None: return False try: with con.cursor() as cursor: count = cursor.execute(delete_sql,(username , follow_name)); con.commit() con.close() if count > 0: return True return False except Exception as e: print e con.close() return False
def get_team(username): search_sql = "SELECT team from user_account where user_id = %s" #connect DB con = connect() if con == None: return False try: with con.cursor() as cursor: cursor.execute(search_sql,(username,)); result = cursor.fetchone() con.close() return result except Exception as e: print e con.close() return False # DELETE FROM user_follow WHERE user_follow.user_follower IN (SELECT user_account.ID FROM user_account WHERE user_account.user_ID = 'x') AND user_follow.user_followed IN (SELECT user_account.ID FROM user_account WHERE user_account.user_ID = 'b') # INSERT INTO user_follow (user_follower , user_followed) SELECT user1.ID ,user2.ID FROM user_account user1,user_account user2 WHERE user1.user_ID = '1' and user2.user_ID = '2';
def watchlist_signup():
session.pop('_flashes', None)
try:
form = RegistrationForm(request.form)
if request.method == "POST" and form.validate(
): # if the form info is valid
username = form.username.data
password = sha256_crypt.encrypt(str(form.password.data))
connection, curs = connect()
# Check if username already exists in database
curs.execute(
"SELECT * \
FROM users \
WHERE username = (%s);", (username, ))
if len(curs.fetchall()) > 0:
flash("That username is already taken, please try another")
return render_template('watchlist_signup.html', form=form)
else:
curs.execute(
"INSERT INTO users (username, password) \
VALUES (%s, %s);", (username, password))
connection.commit()
flash("Account created successfully!")
curs.execute('SELECT uid from users where username = "******";' %
(username))
data = curs.fetchone()
uid = int(data[0])
curs.close()
connection.close()
gc.collect()
session['uid'] = uid
session['logged_in'] = True
session['username'] = username
return redirect(url_for('watchlist_blueprint.watchlist_home'))
return render_template('watchlist_signup.html', form=form)
if request.method == "POST" and form.validate(
) == False: # if form info is invalid
flash('Invalid password, please try again')
return render_template('watchlist_signup.html', form=form)
except Exception as e:
return str(e)
return render_template("watchlist_signup.html")
def delete_post(post_id):
#query sql
delete_sql = 'DELETE FROM post WHERE id = %s'
#connect DB
con = connect()
if con == None:
return False
try:
with con.cursor() as cursor:
count = cursor.execute(delete_sql, (int(post_id), ))
con.commit()
con.close()
if count == 1:
return True
return False
except Exception as e:
print e
con.close()
return False
def watchlist_mylists():
try:
session['logged_in']
lists_info = []
connection, curs = connect()
curs.execute('SELECT * \
FROM lists \
WHERE uid = %d and username = "******"' %
(session["uid"], session['username']))
listtup = curs.fetchall()
for tup in listtup:
tup = list(tup)
tup[4] = tup[4].strftime("%m-%d-%y")
lists_info.append(tup)
curs.close()
connection.close()
return render_template("watchlist_mylists.html", lists_info=lists_info)
except:
flash("Please login to view your watchlists")
return redirect(url_for("watchlist_blueprint.watchlist_login"))
def insert_post(post_data):
insert_sql = 'INSERT INTO post (author, content, date, likes) VALUES (%s,%s,%s,%s)'
#connect to DB
con = connect()
if con == None:
return 'Error'
try:
with con.cursor() as cursor:
cursor.execute(insert_sql,
(post_data['author'], post_data['content'],
post_data['date'], post_data['likes']))
con.commit()
con.close()
return True
except Exception as e:
print e
con.close()
return False
def query_post(username):
#query post ordered by post date
query_sql = 'SELECT * FROM post WHERE author = %s ORDER BY date DESC'
results = None
#connect to DB
con = connect()
if con == None:
return 'Error'
try:
with con.cursor(pymysql.cursors.DictCursor) as cursor:
count = cursor.execute(query_sql, (username, ))
if count > 0:
results = cursor.fetchall()
con.close()
return results
except Exception as e:
print e
con.close()
return 'Error'
def watchlist_new_list():
try:
if session['logged_in']:
if request.method == "POST":
wlname = request.form['wlname']
connection, curs = connect()
curs.execute(
'INSERT INTO lists (uid, username, watchlist_name) \
VALUES (%d, "%s", "%s");' %
(session["uid"], session["username"], wlname))
connection.commit()
flash('"%s" list added!' % (wlname))
curs.close()
connection.close()
return redirect(
url_for("watchlist_blueprint.watchlist_mylists"))
return render_template("watchlist_new_list.html")
flash("You must login before creating a new list")
return redirect(url_for("watchlist_blueprint.login"))
except Exception as e:
return str(e)
def query_profile(username):
#query post ordered by post date
query_sql = 'SELECT user_ID,email_address,nickname FROM user_account WHERE user_ID = %s'
results = None
#connect to DB
con = connect()
if con == None:
return 'Error'
try:
with con.cursor(pymysql.cursors.DictCursor) as cursor:
count = cursor.execute(query_sql, (username))
con.commit()
if count > 0:
results = cursor.fetchall()
con.close()
return results
except Exception as e:
print e
con.close()
return None
def update(user_ID, post_data):
update_sql = 'UPDATE user_account set nickname = %s , email_address = %s where user_ID = %s'
# print user_ID
#connect to DB
con = connect()
if con == None:
return 'Error'
try:
with con.cursor() as cursor:
cursor.execute(
update_sql,
(post_data['nickname'], post_data['email_address'], user_ID))
# print "!!!!!!!!!!!!!!!!!!!!"
con.commit()
con.close()
return True
except Exception as e:
print e
# print "#####################"
con.close()
return False
# CLI for commands within Subdomainator
#
# Author: skorov (Adapted from Empire. Thanks Harmj0y!)
import sys
import os
from cmd import Cmd
from tldextract import extract
import dbconnector as db
import config
import crontab
import subprocess
BASEDIR = os.path.dirname(os.path.realpath(__file__))
DATABASE = os.path.join(BASEDIR, config.DATABASE)
db.connect(DATABASE)
try:
input = raw_input
except NameError:
pass
def title():
os.system("clear")
print("""
_ _ _ _
_______ _ _| |_ _| |___ _____ ___|_|___ ___| |_ ___ ___
| | | | . | . | . | | .'| | | .'| _| . | _|
| ___|___|___|___|___|_|_|_|__,|_|_|_|__,|_| |___|_|
| \ ============================================
def __init__(self):
db.connect(DATABASE)
def __init__(self):
db.connect(DATABASE)
#
# Author: skorov (Adapted from Empire. Thanks Harmj0y!)
import sys
import os
from cmd import Cmd
from tldextract import extract
import dbconnector as db
import config
import crontab
import subprocess
BASEDIR = os.path.dirname(os.path.realpath(__file__))
DATABASE = os.path.join(BASEDIR, config.DATABASE)
db.connect(DATABASE)
try:
input = raw_input
except NameError:
pass
def title():
os.system("clear")
print("""
_ _ _ _
_______ _ _| |_ _| |___ _____ ___|_|___ ___| |_ ___ ___
| | | | . | . | . | | .'| | | .'| _| . | _|
| ___|___|___|___|___|_|_|_|__,|_|_|_|__,|_| |___|_|
| \ ============================================
