Exemple #1
0
def addAlbum(artist_id):

    data = request.get_json(force=True)

    if userAuth(data['username'], data['password']) == False:
        return jsonify({'error': True, 'message': 'You are not logged in!'})
    print 1
    try:
        album = {}
        print 2
        album['artist_id'] = str(artist_id)
        album['title'] = data['title']
        album['genre'] = data['genre']
        album['year'] = str(data['year'])
        print 3

        c, conn = connection()

        c.execute(
            "INSERT INTO albums ( artist_id, title, genre, year_released) VALUES(%s, %s, %s, %s)",
            [
                sanitize(album['artist_id']),
                sanitize(album['title']),
                sanitize(album['genre']),
                sanitize(album['year'])
            ])
        # Close Connection
        conn.commit()
        c.close()
        conn.close()
        print 4
        return jsonify({'error': False, "message": "Album added!"})
    except Exception as e:

        return (str(e))
Exemple #2
0
def resetVerifyCheck(key):
    url_serial = URLSafeSerializer(
        "XHhkMVx4OTgzXFxceDhmZilceDk2Ilx4MTZceDhkXHhhYlx4ZGFceDlkXHhiYUNHXHhlM1x4YTRceDFiK0RceGNhfg=="
    )
    timed_serial = TimedSerializer(
        "XHhkMVx4OTgzXFxceDhmZilceDk2Ilx4MTZceDhkXHhhYlx4ZGFceDlkXHhiYUNHXHhlM1x4YTRceDFiK0RceGNhfg=="
    )
    status = None
    try:
        key = timed_serial.loads(key, max_age=300)
        key = url_serial.loads(key)

        username = str(sanitize(key[0]))
        password = sha512_crypt.encrypt(sanitize(key[1]))
    except:
        status = "Oops, The Link Has Expired..!!"
        return status
    cursor, dbconn = dbConnection()
    query = "UPDATE users SET password = %s WHERE username = %s"
    try:
        cursor.execute(query, (password, username))
        dbconn.commit()
        status = "Password Updated Successfully..!!"
    except:
        dbconn.rollback()
        status = "Oops, Something Went Wrong Please Try Again..!!"
    cursor.close()
    dbconn.close()
    return status
Exemple #3
0
def processLogin(form):
    username = sanitize(form.username.data)
    password = sanitize(form.password.data)
    persistent = form.persistent.data

    status = False
    try:
        cursor, dbconn = dbConnection()
        query = "SELECT user_id, username, password FROM users WHERE username = %s"
        query_result = cursor.execute(query, [username])
        query_result = cursor.fetchone()
        user_id = query_result[0]
        query_result = query_result[2]
    except:
        status = "No Such User Exists..!!"
    else:
        if sha512_crypt.verify(password, query_result):
            session['logged_in'] = True
            session['username'] = username
            if persistent:
                session.permanent = True
            status = True
        else:
            status = "Invalid Credentials..!!"
        query = "SELECT reviewer_id, subject from reviewers where user_id = %s"
        query_result = cursor.execute(query, [user_id])
        if int(query_result) > 0:
            query_result = cursor.fetchone()
            session['reviewer'] = query_result[0]
            session['subject'] = query_result[1]
    cursor.close()
    dbconn.close()
    return status
Exemple #4
0
def register():
    
    data = request.get_json(force=True)
    email = data['email']
    username = data['username']
    password = data['password']
    password2 = data['confirmPassword']
    
    try:
        password = sha256_crypt.encrypt(str(password))

        # Check if username is available
        c, conn = connection()
        db_username = c.execute("SELECT * FROM users WHERE username = (%s)", [sanitize(username)])
        if int(db_username) > 0:
            return jsonify({ "userdata": False, "error": "Username Taken." })

        # Check if email is already used.
        db_email = c.execute("SELECT * FROM users WHERE email = (%s)", [sanitize(email)])
        if int(db_email) > 0:
            return jsonify({ "userdata": False, "error": "Email already used by another account." })

        # Credentials are good! Add new user and close the connection.
        c.execute("INSERT INTO users (username, password, email) VALUES (%s, %s, %s)",
                 [sanitize(username), sanitize(password), sanitize(email)])
        conn.commit()
        c.close()
        conn.close()

        return jsonify({ "userdata": True, "message": "You are now registered!" })
                
    except Exception as e:
        return(str(e))
Exemple #5
0
def signup():
    title = "Sign Up"
    try:
        
        if request.method == "POST":
            
            email = request.form['email']
            username = request.form['username']
            password = request.form['password']
            password2 = request.form['repeatpassword']
            
            #flash(username)
            #flash(password)
            
            # confirm password
            if password != password2:
                flash("Passwords do not match.")
                return render_template('pages/signup.html', title = title)
            if len(password) < 8:
                flash("Password not long enough.")
                return render_template('pages/signup.html', title = title)
            password = sha256_crypt.encrypt(str(password))
            
            # Check if username is available
            c, conn = connection()
            db_username = c.execute("SELECT * FROM users WHERE username = (%s)", [sanitize(username)])
            if int(db_username) > 0:
                flash("Username taken.")
                return render_template('pages/signup.html', title = title)
            
            # Check if email is already used.
            db_email = c.execute("SELECT * FROM users WHERE email = (%s)", [sanitize(email)])
            if int(db_email) > 0:
                flash("An account already exists with that email.")
                return render_template('pages/signup.html', title = title)
            
            # Credentials are good! Add new user and close the connection.
            c.execute("INSERT INTO users (username, password, email) VALUES (%s, %s, %s)",
                     [sanitize(username), sanitize(password), sanitize(email)])
            conn.commit()
            c.close()
            conn.close()
            #gc.collect()

            flash("You are now Registered!")

            session['logged_in'] = True
            session['user_id'] = 1
            session['username'] = username
            session['user_email'] = email
            session['user_type'] = 0
            session['user_active'] = 0
            session['user_image'] = 'placeholder.jpg'
            return redirect(url_for('home'))
                
        return render_template('pages/signup.html', title = title)
    except Exception as e:
        flash(e)
        return(str(e))
Exemple #6
0
def commentArticle(form, article_id):
    status = "Thanks For Your Comment..!!"
    cursor, dbconn = dbConnection()
    article_id = sanitize(str(article_id))
    reviewer_id = session['reviewer']
    comment = sanitize(str(form.comment.data))
    try:
        if not (addComment(article_id, reviewer_id, comment, cursor, dbconn)):
            status = "You've Already Provided Your Comment..!!"
    except:
        dbconn.rollback()
        status = "Oops, Something Went Wrong Please Try Again..!!"
    return status
Exemple #7
0
def addSong(artist_id, album_id):

    data = request.get_json(force=True)

    if userAuth(data['username'], data['password']) == False:
        print "sup"
        return jsonify({'error': True, 'message': 'You are not logged in!'})

    try:
        song = {}
        song['album_id'] = str(album_id)
        #song['album_id'] = data[1]
        song['track_number'] = str(data['track_number'])
        song['title'] = data['title'].encode('utf-8')
        song['lyrics'] = data['lyrics'].encode('utf-8')
        song['media_link'] = data['media_link'].encode('utf-8')

        c, conn = connection()
        c.execute(
            "INSERT INTO tracks (album_id, track_no, title, lyrics, media_link) VALUES (%s, %s, %s, %s, %s);",
            [
                sanitize(song['album_id']),
                sanitize(song['track_number']),
                sanitize(song['title']), song['lyrics'],
                sanitize(song['media_link'])
            ])
        c.execute("SELECT LAST_INSERT_ID();")
        data = c.fetchone()
        # Close Connection
        conn.commit()
        c.close()
        conn.close()
        print data
        return jsonify({
            "error": False,
            "message": "Song added!",
            "track_id": data['LAST_INSERT_ID()']
        })

    except Exception as e:
        print "err: " + str(e)
        return jsonify({
            'error':
            True,
            'message':
            'Something went wrong... Content may not have saved.'
        })
Exemple #8
0
def editAlbum(artist_id, album_id):

    data = request.get_json(force=True)

    if userAuth(data['username'], data['password']) == False:
        return jsonify({'error': True, 'message': 'You are not logged in!'})
    print 1
    try:
        album = {}
        print 2
        album['id'] = str(album_id)
        album['artist'] = str(artist_id)
        album['title'] = data['title']
        #album['artwork'] = request.form['artwork']
        album['genre'] = data['genre']
        album['year'] = str(data['year'])
        print 3
        c, conn = connection()
        '''
        file = request.files['artwork']
        if file and allowed_file(file.filename):
            image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1])
            file.save(os.path.join(app.config['UPLOAD_FOLDER'], image))
            c.execute("UPDATE albums SET artwork = (%s) WHERE album_id = (%s)", [sanitize(image), sanitize(album['id'])])
        '''
        print 4
        c.execute(
            "UPDATE albums SET title = (%s), genre = (%s), year_released = (%s) WHERE album_id = (%s)",
            [
                sanitize(album['title']),
                sanitize(album['genre']),
                sanitize(album['year']),
                sanitize(album['id'])
            ])
        # Close Connection
        conn.commit()
        c.close()
        conn.close()
        print 5
        return jsonify({"error": False, "message": "Album Updated!"})

    except Exception as e:

        return (str(e))
Exemple #9
0
def register():

    data = request.get_json(force=True)
    email = data['email']
    username = data['username']
    password = data['password']
    password2 = data['confirmPassword']

    try:
        password = sha256_crypt.encrypt(str(password))

        # Check if username is available
        c, conn = connection()
        db_username = c.execute("SELECT * FROM users WHERE username = (%s)",
                                [sanitize(username)])
        if int(db_username) > 0:
            return jsonify({"userdata": False, "error": "Username Taken."})

        # Check if email is already used.
        db_email = c.execute("SELECT * FROM users WHERE email = (%s)",
                             [sanitize(email)])
        if int(db_email) > 0:
            return jsonify({
                "userdata": False,
                "error": "Email already used by another account."
            })

        # Credentials are good! Add new user and close the connection.
        c.execute(
            "INSERT INTO users (username, password, email) VALUES (%s, %s, %s)",
            [sanitize(username),
             sanitize(password),
             sanitize(email)])
        conn.commit()
        c.close()
        conn.close()

        return jsonify({
            "userdata": True,
            "message": "You are now registered!"
        })

    except Exception as e:
        return (str(e))
Exemple #10
0
def reviewArticle(form, article_id):
    article_status = sanitize(str(form.status.data))
    article_id = sanitize(str(article_id))
    reviewer_id = session['reviewer']
    status = None
    cursor, dbconn = dbConnection()
    try:
        query = "UPDATE articles SET status = %s, review_date = CURRENT_TIMESTAMP WHERE article_id = %s;"
        query1 = "INSERT INTO article_reviewer VALUES(%s, %s);"
        cursor.execute(query, (article_status, article_id))
        cursor.execute(query1, (article_id, reviewer_id))
        status = "Review Submitted Successfully..!!"
        dbconn.commit()
    except:
        dbconn.rollback()
        status = "Oops, Something Went Wrong Please Try Again..!!"
    cursor.close()
    dbconn.close()
    return status
Exemple #11
0
def artist():
    try:
        
        artist_id = request.args.get('artist')
        
        # Establish connection
        c, conn = connection()
        
        
        result = c.execute("SELECT * FROM artists WHERE artist_id = (%s)", [sanitize(artist_id)])
        data = c.fetchone()
        
        artist = {}
        artist['id'] = data[0]
        artist['name'] = data[2]
        artist['bio'] = nl2br(data[1].decode('utf-8'))
        artist['genre'] = data[3]
        artist['country'] = data[4]
        artist['year'] = data[5]
        title = artist['name']
        result = c.execute("SELECT name, role FROM members WHERE artist_id = (%s)", [sanitize(artist_id)])
        data = c.fetchall()
        
        members = []
        for member in data:
            members.append({'name': member[0], 'role': member[1]})
        
        result = c.execute("SELECT * FROM albums WHERE artist_id = (%s) ORDER BY year_released DESC;", [artist['id']])
        data = c.fetchall()
        
        albums = []
        for album in data:
            result = c.execute("SELECT track_id, title, track_no FROM tracks WHERE album_id = (%s) ORDER BY track_no;", [album[0]])
            data2 = c.fetchall()
            tracklist = []
            for track in data2:
                tracklist.append({'id': track[0], 'title': track[1], 'track_no': track[2]})
            albums.append({'id': album[0], 'title': album[2], 'genre': album[3], 'year': album[4], 'artwork': album[5], 'tracklist': tracklist})
        return render_template('pages/artist.html', title = title, artist = artist, members = members, albums = albums)
    except Exception as e:
        flash(e)
        return(str(e))
Exemple #12
0
def editSong():
    try:
        title = "Edit Song"
        if request.method == "POST":
            #flash("one!")
            song = {}

            song['id'] = request.args.get('song')
            #song['album_id'] = data[1]
            song['track_number'] = request.form['track_number']
            song['title'] = request.form['title'].encode('utf-8')
            song['lyrics'] = request.form['lyrics'].encode('utf-8')
            song['media_link'] = request.form['media_link']
            
            title = song['title']
            #flash("two!")
            c, conn = connection()
            c.execute("UPDATE tracks SET title = (%s), track_no = (%s), lyrics = (%s), media_link = (%s) WHERE track_id = (%s)", [sanitize(song['title']), sanitize(song['track_number']), song['lyrics'], sanitize(song['media_link']),sanitize(song['id'])])
            # Close Connection
            conn.commit()
            c.close()
            conn.close()
            #gc.collect()
            flash("Updated!")
            
            return redirect('/song/?song=' + str(song['id']))
        
        elif request.method == "GET":
            
            track_id = request.args.get('song')
            # Establish connection
            c, conn = connection()

            result = c.execute("SELECT * FROM tracks WHERE track_id = (%s)", [sanitize(track_id)])
            data = c.fetchone()
            # Close Connection
            conn.commit()
            c.close()
            conn.close()
            #gc.collect()
            
            song = {}
            
            song['id'] = data[0]
            song['album_id'] = data[1]
            song['track_number'] = data[2]
            song['title'] = data[3].decode('utf-8')
            song['lyrics'] = data[4].decode('utf-8')
            song['media_link'] = data[5]
        
        return render_template('pages/edit-song.html', title = title, song = song)
    except Exception as e:
        flash(e)
        return(str(e))
Exemple #13
0
def editSong(artist_id, album_id, track_id):

    data = request.get_json(force=True)

    if userAuth(data['username'], data['password']) == False:
        print "sup"
        return jsonify({'error': True, 'message': 'You are not logged in!'})

    try:
        song = {}
        song['id'] = str(track_id)
        #song['album_id'] = data[1]
        song['track_number'] = str(data['track_number'])
        song['title'] = data['title'].encode('utf-8')
        song['lyrics'] = data['lyrics'].encode('utf-8')
        song['media_link'] = data['media_link'].encode('utf-8')

        c, conn = connection()
        c.execute(
            "UPDATE tracks SET title = (%s), track_no = (%s), lyrics = (%s), media_link = (%s) WHERE track_id = (%s);",
            [
                sanitize(song['title']),
                sanitize(song['track_number']), song['lyrics'],
                sanitize(song['media_link']),
                sanitize(song['id'])
            ])
        # Close Connection
        conn.commit()
        c.close()
        conn.close()

        return jsonify({'error': False, 'message': 'Save successful!'})

    except Exception as e:
        print "err: " + str(e)
        return jsonify({
            'error':
            True,
            'message':
            'Something went wrong... Content may not have saved.'
        })
Exemple #14
0
def song():
    try:
         
        track_id = request.args.get('song')
        
        # Establish connection
        c, conn = connection()
        song = {}
        
        result = c.execute("SELECT * FROM tracks WHERE track_id = (%s)", [sanitize(track_id)])
        data = c.fetchone()
        #flash("hi")
        song['id'] = data[0]
        song['album_id'] = data[1]
        song['track_number'] = data[2]
        song['title'] = data[3].decode('utf-8')
        song['lyrics'] = nl2br(data[4].decode('utf-8'))
        if data[5] != None and 'youtube' in data[5]:
            song['media_link'] = data[5].split("=")[1]
        else:
            song['media_link'] = ''
        result = c.execute("SELECT t.track_id, t.track_no, t.title, a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM tracks T JOIN albums a ON t.album_id=a.album_id JOIN artists ar ON a.artist_id=ar.artist_id WHERE t.album_id=(%s) ORDER BY t.track_no", [song['album_id']])
        data = c.fetchall()
        
        album = {}
        
        album['id'] = data[0][3]
        album['title'] = data[0][4]
        album['artwork'] = data[0][7]
        album['genre'] = data[0][5]
        album['year'] = data[0][6]
        
        album['tracklist'] = {}
        album['tracklist']['tracks'] = []
        for track in data:
            album['tracklist']['tracks'].append({'title': track[2], 'track_no': track[1], 'id': track[0]})
            
        # Close Connection
        conn.commit()
        c.close()
        conn.close()
        #gc.collect()
        
        title = song['title']
        
        artist = {}
        artist['id'] = data[0][8]
        artist['name'] = data[0][9]
        
        return render_template('pages/song.html', title = title, song = song, album = album, artist = artist)
    except Exception as e:
        flash(e)
        return(str(e))
Exemple #15
0
def processRegistration(form):
    username = sanitize(form.username.data)
    password = sha512_crypt.encrypt(sanitize(form.password.data))
    email = sanitize(form.email.data)
    fullname = sanitize(form.fullname.data)
    contact = (sanitize(form.contact.data)) or None
    reviewer = form.reviewer.data
    reviewer_choice = sanitize(str(form.reviewer_choice.data))

    cursor, dbconn = dbConnection()
    status = None

    query = "SELECT * FROM users WHERE username = %s"
    query_result = cursor.execute(query, [username])

    if int(query_result) > 0:
        status = "Plz..Choose A Different Username..!!"
    else:
        try:
            query = "INSERT INTO users(username, password, fullname, email_id, contact_no) VALUES(%s, %s, %s, %s, IFNULL(%s, DEFAULT(contact_no)));"
            query_result = cursor.execute(
                query, (username, password, fullname, email, contact))
            if reviewer == True:
                query = "INSERT INTO reviewers(user_id, subject) VALUES(LAST_INSERT_ID(), %s)"
                query_result = cursor.execute(query, [reviewer_choice])
            dbconn.commit()
            status = 0
        except:
            dbconn.rollback()
            status = "Oops.!! Something Went Wrong, Plz Try Again..!!"
    cursor.close()
    dbconn.close()
    return status
Exemple #16
0
def add_Artist():

    data = request.get_json(force=True)

    if userAuth(data['username'], data['password']) == False:
        return jsonify({'error': True, 'message': 'You are not logged in!'})
    print 1
    try:
        artist = {}
        artist['name'] = data['name']
        artist['bio'] = data['bio'].encode('utf-8')
        artist['genre'] = data['genre']
        artist['country'] = data['country']
        artist['year'] = str(data['year'])
        print 2
        c, conn = connection()
        c.execute(
            "INSERT INTO artists(name, biography, genre, country, year_formed) VALUES ((%s), (%s), (%s), (%s), (%s))",
            [
                sanitize(artist['name']), artist['bio'],
                sanitize(artist['genre']),
                sanitize(artist['country']),
                sanitize(artist['year'])
            ])
        c.execute("SELECT LAST_INSERT_ID();")
        data = c.fetchone()
        # Close Connection
        conn.commit()
        c.close()
        conn.close()
        print 3
        return jsonify({
            'error': False,
            'message': 'Updated artist!',
            "artist_id": data['LAST_INSERT_ID()']
        })

    except Exception as e:

        return (str(e))
Exemple #17
0
def processReset(form):
    username = sanitize(form.username.data)
    password = sanitize(form.password.data)
    email = None
    status = None
    token = None

    cursor, dbconn = dbConnection()
    query = "SELECT * FROM users WHERE username = %s"
    query_result = cursor.execute(query, [username])
    if int(query_result) <= 0:
        status = "No Such User Exists..!!"
    else:
        email = cursor.fetchone()[4]
        url_serial = URLSafeSerializer(
            "XHhkMVx4OTgzXFxceDhmZilceDk2Ilx4MTZceDhkXHhhYlx4ZGFceDlkXHhiYUNHXHhlM1x4YTRceDFiK0RceGNhfg=="
        )
        timed_serial = TimedSerializer(
            "XHhkMVx4OTgzXFxceDhmZilceDk2Ilx4MTZceDhkXHhhYlx4ZGFceDlkXHhiYUNHXHhlM1x4YTRceDFiK0RceGNhfg=="
        )
        token = timed_serial.dumps(url_serial.dumps([username, password]))
    cursor.close()
    dbconn.close()
    return status, email, token
Exemple #18
0
def editArtist(artist_id):

    data = request.get_json(force=True)

    if userAuth(data['username'], data['password']) == False:
        return jsonify({'error': True, 'message': 'You are not logged in!'})

    try:
        artist = {}
        artist['id'] = str(artist_id)
        artist['name'] = data['name']
        artist['bio'] = data['bio'].encode('utf-8')
        artist['genre'] = data['genre']
        artist['country'] = data['country']
        artist['year'] = str(data['year'])

        c, conn = connection()
        c.execute(
            "UPDATE artists SET name = (%s), biography = (%s), genre = (%s), country = (%s), year_formed = (%s) WHERE artist_id = (%s)",
            [
                sanitize(artist['name']), artist['bio'],
                sanitize(artist['genre']),
                sanitize(artist['country']),
                sanitize(artist['year']),
                sanitize(artist['id'])
            ])
        # Close Connection
        conn.commit()
        c.close()
        conn.close()

        return jsonify({'error': False, 'message': 'Updated artist!'})

    except Exception as e:

        return (str(e))
Exemple #19
0
def login():
    
    #error = "Hey"
    title = "Login"
    request.form.email = "test"
    try:
        if request.method == "POST":
            attempted_username = request.form['email']
            attempted_password = request.form['password']
            
            #flash(attempted_username)
            #flash(attempted_password)
            
            #TODO check username and password with db; set session vars
            c, conn = connection()
            res = c.execute("SELECT * FROM users WHERE username = (%s)", [sanitize(attempted_username)])
            data = c.fetchone()
            conn.commit()
            c.close()
            conn.close()
            #gc.collect()
            
            if int(res) > 0:
                db_password = data[2]
                if sha256_crypt.verify(attempted_password, db_password):
                    session['logged_in'] = True
                    session['user_id'] = data[0]
                    session['username'] = data[1]
                    session['user_email'] = data[3]
                    session['user_type'] = data[4]
                    session['user_fname'] = data[5]
                    session['user_lname'] = data[6]
                    session['user_active'] = data[7]
                    session['user_image'] = data[8]
                    #flash(data)
                    return redirect(url_for('home'))
            
            flash("Username or password was incorrect. Please try again.")
            #TODO end --------------------------------------------------
            
        return render_template("pages/login.html", title=title)
         
        
    except Exception as e:
        flash(e)
        error = "Failed."
    
    return render_template("pages/login.html", title=title, error = error)
Exemple #20
0
def search():
    search = request.args.get('search')
    try:
        title = "Search"
        query = "%" + search + "%"

        # Establish connection
        c, conn = connection()

        result = c.execute(
            "SELECT t.track_id, t.title, a.album_id, a.title, a.artwork, ar.artist_id, ar.name  FROM tracks t, albums a, artists ar WHERE (t.title LIKE (%s) OR t.lyrics LIKE (%s)) AND t.album_id = a.album_id AND a.artist_id = ar.artist_id ORDER BY t.title;",
            [sanitize(query), sanitize(query)])
        songResults = c.fetchall()

        result = c.execute(
            "SELECT a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM albums a, artists ar WHERE (a.title LIKE (%s) OR a.genre LIKE (%s) OR a.year_released LIKE (%s)) AND a.artist_id = ar.artist_id;",
            [sanitize(query),
             sanitize(query),
             sanitize(query)])
        albumResults = c.fetchall()

        result = c.execute(
            "SELECT ar.artist_id, ar.name, ar.genre, ar.country, a.artwork FROM artists ar LEFT JOIN albums a ON a.artist_id = ar.artist_id WHERE (name LIKE (%s) OR ar.genre LIKE (%s) OR country LIKE (%s)) GROUP BY ar.artist_id;",
            [sanitize(query),
             sanitize(query),
             sanitize(query)])
        artistResults = c.fetchall()

        conn.commit()
        c.close()
        conn.close()

        return jsonify({
            "tracks": songResults,
            "albums": albumResults,
            "artists": artistResults
        })

    except Exception as e:

        return str(e)
Exemple #21
0
def viewArticle(filename):
    UPLOAD_FOLDER = "articles"
    article = None
    status = True
    filename = sanitize(filename)
    cursor, dbconn = dbConnection()
    query = "SELECT articles.article_id, articles.title, articles.subject, articles.status, articles.submit_date, articles.review_date, authors.fullname FROM articles INNER JOIN article_author ON articles.article_id = article_author.article_id INNER JOIN authors ON article_author.author_id = authors.author_id WHERE articles.article_id = %s"
    article_details = cursor.execute(query, [filename])
    article_details = cursor.fetchone()
    try:
        filepath = path.join(UPLOAD_FOLDER, str(filename))
        article = open(filepath, 'r')
        article = article.read()
    except:
        status = "Oops, Something Went Wrong Please Try Again..!!"
    comment = viewComment(filename, cursor)
    cursor.close()
    dbconn.close()
    return article_details, article, status, comment
Exemple #22
0
def uploadArticle(form, file_obj):
    author = sanitize(form.author.data)
    email = sanitize(form.email.data)
    contact = sanitize(form.contact.data) or None
    address = sanitize(form.address.data)
    title = sanitize(form.title.data)
    article_subject = sanitize(str(form.article_subject.data))

    cursor, dbconn = dbConnection()

    query = "SELECT `AUTO_INCREMENT` FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = 'articles'"
    article_id = cursor.execute(query)
    article_id = cursor.fetchone()[0]

    status = uploadFiles(file_obj, article_id)
    if status == True:
        try:
            query = "INSERT INTO articles(title, subject, review_date) VALUES(%s, %s, DEFAULT(review_date));"
            cursor.execute(query, (title, article_subject))

            query = "SELECT author_id FROM authors WHERE email_id = %s;"
            author_status = cursor.execute(query, [email])
            if int(author_status) > 0:
                author_id = cursor.fetchone()[0]
                query1 = "INSERT INTO article_author VALUES(%s, %s);"
                cursor.execute(query1, (article_id, author_id))
            else:
                query1 = "INSERT INTO authors(fullname, email_id, address, contact_no) VALUES(%s, %s, %s, IFNULL(%s, DEFAULT(contact_no)));"
                query2 = "INSERT INTO article_author VALUES(%s, LAST_INSERT_ID());"
                cursor.execute(query1, (author, email, address, contact))
                cursor.execute(query2, [article_id])
            dbconn.commit()
            status = "Article Uploaded Successfully"
        except:
            dbconn.rollback()
            status = "Oops, Something Went Wrong Please Try Again..!!"
    cursor.close()
    dbconn.close()
    return status
Exemple #23
0
def search():
    try:
        title = "Search"
        search = request.args.get('search')
        query = "%" + request.args.get('search') + "%"
        # Establish connection
        c, conn = connection()
        
        result = c.execute("SELECT t.track_id, t.title, a.album_id, a.title, a.artwork, ar.artist_id, ar.name  FROM tracks t, albums a, artists ar WHERE (t.title LIKE (%s) OR t.lyrics LIKE (%s)) AND t.album_id = a.album_id AND a.artist_id = ar.artist_id ORDER BY t.title;", [sanitize(query), sanitize(query)])
        songResults = c.fetchall()
        
        result = c.execute("SELECT a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM albums a, artists ar WHERE (a.title LIKE (%s) OR a.genre LIKE (%s) OR a.year_released LIKE (%s)) AND a.artist_id = ar.artist_id;", [sanitize(query), sanitize(query), sanitize(query)])
        albumResults = c.fetchall()
        
        result = c.execute("SELECT ar.artist_id, ar.name, ar.genre, ar.country, a.artwork FROM artists ar LEFT JOIN albums a ON a.artist_id = ar.artist_id WHERE (name LIKE (%s) OR ar.genre LIKE (%s) OR country LIKE (%s)) GROUP BY ar.artist_id;", [sanitize(query), sanitize(query), sanitize(query)])
        artistResults = c.fetchall()
        
        conn.commit()
        c.close()
        conn.close()
        #gc.collect()
        #flash(data)
        
        songs = []
        albums = []
        artists = []
        
        for song in songResults:
            songs.append({'id': song[0], 'title': song[1], 'album_id': song[2], 'album_title': song[3],  'artwork': song[4], 'artist_id': song[5], 'artist_name': song[6]})
            
        for album in albumResults:
            albums.append({'id': album[0], 'title': album[1], 'genre': album[2], 'year': album[3], 'artwork': album[4], 'artist_id': album[5], 'artist_name': album[6]})
            
        for artist in artistResults:
            artists.append({'id': artist[0], 'name': artist[1], 'genre': artist[2], 'country': artist[3], 'artwork': artist[4]})
        
        #TODO search albums
        
        #TODO search artists
        
        return render_template("pages/search.html", title = title, search = search, songs = songs, albums = albums, artists = artists)
    except Exception as e:
        #flash(e)
        return str(e)
Exemple #24
0
def addAlbumToArtist(artist_id):
    try:
        title = "Add Album"
        
        album = {}
        
        if request.method == "POST":
            
            # TODO modify to recieve JSON data.
            album['title'] = request.form['title']
            #album['artwork'] = request.form['artwork']
            album['genre'] = request.form['genre']
            album['year'] = request.form['year']
            
            file = request.files['artwork']
            
            title = album['title']
            
            c, conn = connection()
            
            
            
            if file and allowed_file(file.filename):
                image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1])
                file.save(os.path.join(app.config['UPLOAD_FOLDER'], image))
                c.execute("INSERT INTO albums ( artist_id, title, genre, year_released, artwork) VALUES(%s, %s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year']), sanitize(image)])
            else:
                c.execute("INSERT INTO albums ( artist_id, title, genre, year_released) VALUES(%s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year'])])
            # Close Connection
            conn.commit()
            c.close()
            conn.close()
            #gc.collect()
            
            return redirect('/artist/?artist=' + str(album['artist_id']) + "#album" + str(album['id']))
        elif request.method == "GET":
            title = "Add Album"
            album = {}
            artist = {}
           
            # ------------------------------
            
            return render_template('pages/edit-album.html', title = title, album = album, artist = artist)
        else:
            return render_template('err/404.html', title = title)
    except Exception as e:
        
        return(str(e))
Exemple #25
0
def addAlbum():
    try:
        title = "Add Album"
        
        album = {}
        
        if request.method == "POST":
            
            

            album['id'] = request.args.get('artist')
            album['artist_id'] = request.args.get('artist')
            album['title'] = request.form['title']
            #album['artwork'] = request.form['artwork']
            album['genre'] = request.form['genre']
            album['year'] = request.form['year']
            
            file = request.files['artwork']
            
            title = album['title']
            
            c, conn = connection()
            
            
            
            if file and allowed_file(file.filename):
                image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1])
                file.save(os.path.join(app.config['UPLOAD_FOLDER'], image))
                c.execute("INSERT INTO albums ( artist_id, title, genre, year_released, artwork) VALUES(%s, %s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year']), sanitize(image)])
            else:
                c.execute("INSERT INTO albums ( artist_id, title, genre, year_released) VALUES(%s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year'])])
            # Close Connection
            conn.commit()
            c.close()
            conn.close()
            #gc.collect()
            flash("Updated!")
            return redirect('/artist/?artist=' + str(album['artist_id']) + "#album" + str(album['id']))
        elif request.method == "GET":
            title = "Add Album"
            album = {}
            artist = {}
           
            # ------------------------------
            
            return render_template('pages/edit-album.html', title = title, album = album, artist = artist)
        else:
            return render_template('err/404.html', title = title)
    except Exception as e:
        flash(e)
        return(str(e))
Exemple #26
0
def add_Artist():
    
    data = request.get_json(force=True)
    
    if userAuth(data['username'], data['password']) == False:
        return jsonify({'error': True, 'message': 'You are not logged in!'} )
    print 1
    try: 
        artist = {}
        artist['name'] = data['name']
        artist['bio'] = data['bio'].encode('utf-8')
        artist['genre'] = data['genre']
        artist['country'] = data['country']
        artist['year'] = str(data['year'])
        print 2
        c, conn = connection()
        c.execute("INSERT INTO artists(name, biography, genre, country, year_formed) VALUES ((%s), (%s), (%s), (%s), (%s))", [sanitize(artist['name']), artist['bio'], sanitize(artist['genre']), sanitize(artist['country']),sanitize(artist['year'])])
        c.execute("SELECT LAST_INSERT_ID();")
        data = c.fetchone()
        # Close Connection
        conn.commit()
        c.close()
        conn.close()
        print 3
        return jsonify({'error': False, 'message': 'Updated artist!', "artist_id": data['LAST_INSERT_ID()']})
       
    except Exception as e:
        
        return(str(e))
Exemple #27
0
def editAlbum():
    try:
        title = "Edit Album"
        if request.method == "POST":
            
            album = {}

            album['id'] = request.args.get('album')
            album['artist'] = request.args.get('artist')
            album['title'] = request.form['title']
            #album['artwork'] = request.form['artwork']
            album['genre'] = request.form['genre']
            album['year'] = request.form['year']
            title = album['title']
            
            c, conn = connection()
            
            file = request.files['artwork']
            if file and allowed_file(file.filename):
                image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1])
                file.save(os.path.join(app.config['UPLOAD_FOLDER'], image))
                c.execute("UPDATE albums SET artwork = (%s) WHERE album_id = (%s)", [sanitize(image), sanitize(album['id'])])
            
            c.execute("UPDATE albums SET title = (%s), genre = (%s), year_released = (%s) WHERE album_id = (%s)", [sanitize(album['title']), sanitize(album['genre']), sanitize(album['year']), sanitize(album['id'])])
            # Close Connection
            conn.commit()
            c.close()
            conn.close()
            #gc.collect()
            flash("Updated!")
            return redirect('/artist/?artist=' + str(album['artist']) + "#album" + str(album['id']))
        elif request.method == "GET":
            album_id = request.args.get('album')
            
            # Establish connection
            c, conn = connection()
            
            result = c.execute("SELECT a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM albums a JOIN artists ar ON a.artist_id=ar.artist_id WHERE a.album_id=(%s)", [sanitize(album_id)])
            data = c.fetchone()
            # Close Connection
            conn.commit()
            c.close()
            conn.close()
            #gc.collect()
            
            album = {}

            album['id'] = data[0]
            album['title'] = data[1]
            album['artwork'] = data[4]
            album['genre'] = data[2]
            album['year'] = data[3]
            
            artist = {}
            artist['id'] = data[5]
            artist['name'] = data[6]
            
            title = album['title']
           
            # ------------------------------
            
            return render_template('pages/edit-album.html', title = title, album=album, artist = artist)
        else:
            return render_template('err/404.html', title = title)
    except Exception as e:
        flash(e)
        return(str(e))
Exemple #28
0
def editAlbum(artist_id, album_id):
    
    data = request.get_json(force=True)
    
    if userAuth(data['username'], data['password']) == False:
        return jsonify({'error': True, 'message': 'You are not logged in!'} )
    print 1
    try:   
        album = {}
        print 2
        album['id'] = str(album_id)
        album['artist'] = str(artist_id)
        album['title'] = data['title']
        #album['artwork'] = request.form['artwork']
        album['genre'] = data['genre']
        album['year'] = str(data['year'])
        print 3
        c, conn = connection()
        '''
        file = request.files['artwork']
        if file and allowed_file(file.filename):
            image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1])
            file.save(os.path.join(app.config['UPLOAD_FOLDER'], image))
            c.execute("UPDATE albums SET artwork = (%s) WHERE album_id = (%s)", [sanitize(image), sanitize(album['id'])])
        '''
        print 4
        c.execute("UPDATE albums SET title = (%s), genre = (%s), year_released = (%s) WHERE album_id = (%s)", [sanitize(album['title']), sanitize(album['genre']), sanitize(album['year']), sanitize(album['id'])])
        # Close Connection
        conn.commit()
        c.close()
        conn.close()
        print 5
        return jsonify({"error": False, "message": "Album Updated!"})
        
    except Exception as e:
        
        return(str(e))
Exemple #29
0
def addSong(artist_id, album_id):
    
    data = request.get_json(force=True)
    
    if userAuth(data['username'], data['password']) == False:
        print "sup"
        return jsonify({'error': True, 'message': 'You are not logged in!'} )
       
    try:
        song = {}
        song['album_id'] = str(album_id)
        #song['album_id'] = data[1]
        song['track_number'] = str(data['track_number'])
        song['title'] = data['title'].encode('utf-8')
        song['lyrics'] = data['lyrics'].encode('utf-8')
        song['media_link'] = data['media_link'].encode('utf-8')
        
        c, conn = connection()
        c.execute("INSERT INTO tracks (album_id, track_no, title, lyrics, media_link) VALUES (%s, %s, %s, %s, %s);", [sanitize(song['album_id']), sanitize(song['track_number']), sanitize(song['title']), song['lyrics'], sanitize(song['media_link'])])
        c.execute("SELECT LAST_INSERT_ID();")
        data = c.fetchone()
        # Close Connection
        conn.commit()
        c.close()
        conn.close()
        print data
        return jsonify({"error": False, "message": "Song added!", "track_id": data['LAST_INSERT_ID()']})

    except Exception as e:
        print "err: " + str(e)
        return jsonify({'error': True, 'message': 'Something went wrong... Content may not have saved.'} )
Exemple #30
0
def editSong(artist_id, album_id, track_id):
    
    data = request.get_json(force=True)
    
    if userAuth(data['username'], data['password']) == False:
        print "sup"
        return jsonify({'error': True, 'message': 'You are not logged in!'} )
       
    try:
        song = {}
        song['id'] = str(track_id)
        #song['album_id'] = data[1]
        song['track_number'] = str(data['track_number'])
        song['title'] = data['title'].encode('utf-8')
        song['lyrics'] = data['lyrics'].encode('utf-8')
        song['media_link'] = data['media_link'].encode('utf-8')
        
        c, conn = connection()
        c.execute("UPDATE tracks SET title = (%s), track_no = (%s), lyrics = (%s), media_link = (%s) WHERE track_id = (%s);", [sanitize(song['title']), sanitize(song['track_number']), song['lyrics'], sanitize(song['media_link']),sanitize(song['id'])])
        # Close Connection
        conn.commit()
        c.close()
        conn.close()
        
        return jsonify({'error': False, 'message': 'Save successful!'} )

    except Exception as e:
        print "err: " + str(e)
        return jsonify({'error': True, 'message': 'Something went wrong... Content may not have saved.'} )
Exemple #31
0
def settings():
    
    title = "Settings"
    try:
        if request.method == "POST":
            email = request.form['email']
            username = request.form['username']
            password = request.form['password']
            password2 = request.form['repeatpassword']
            
            # Establish connection
            c, conn = connection()
            
            file = request.files['image']
            if file and allowed_file(file.filename):
                image = secure_filename("user_img" + str(session['user_id']) + "." + file.filename.rsplit('.', 1)[1])
                file.save(os.path.join(app.config['UPLOAD_FOLDER'], image))
                c.execute("UPDATE users SET image_url = (%s) WHERE user_id = (%s)", [sanitize(image), session['user_id']])
                session['user_image'] = image
            
            # ------------------------------
            #   New Username
            # ------------------------------
            if username != session['username']:
                db_username = c.execute("SELECT username FROM users WHERE username = (%s) AND user_id != (%s)", [sanitize(username), session['user_id']])
                if int(db_username) > 0:
                    flash("Username taken.")
                    #return render_template('pages/settings.html', title = title)
                else:
                    c.execute("UPDATE users SET username = (%s) WHERE user_id = (%s)", [sanitize(username), session['user_id']])
                    #conn.commit()
                    session['username'] = username
                    flash("Username successfully changed!")
            
            # ------------------------------
            #   New Email Address
            # ------------------------------
            if email != session['user_email']:
                # Check if email is already used.
                db_email = c.execute("SELECT email FROM users WHERE email = (%s) AND user_id != (%s)", [sanitize(email), session['user_id']])
                if int(db_email) > 0:
                    flash("An account already exists with that email.")
                    #return render_template('pages/settings.html', title = title)
                else:
                    c.execute("UPDATE users SET email = (%s) WHERE user_id = (%s)", [sanitize(email), session['user_id']])
                    session['user_email'] = email
                    flash("Email successfully changed!")
            
            # ------------------------------
            #   New Password
            # ------------------------------
            if len(password) > 0:
                 # confirm password
                if password != password2:
                    flash("Passwords do not match.")
                    #return render_template('pages/signup.html', title = title)
                elif len(password) < 8:
                    flash("Password not long enough.")
                    #return render_template('pages/signup.html', title = title)
                else:
                    password = sha256_crypt.encrypt(str(password))
                    c.execute("UPDATE users SET password = (%s) WHERE user_id = (%s)", [sanitize(password), session['user_id']])
                    flash("Password successfully changed!")
            
            # ------------------------------
            
            # Close Connection
            conn.commit()
            c.close()
            conn.close()
            #gc.collect()

        return render_template('pages/settings.html', title = title)
    except Exception as e:
        flash(e)
        return(str(e))
Exemple #32
0
def addAlbum(artist_id):
    
    data = request.get_json(force=True)
    
    if userAuth(data['username'], data['password']) == False:
        return jsonify({'error': True, 'message': 'You are not logged in!'} )
    print 1
    try:   
        album = {}
        print 2
        album['artist_id'] = str(artist_id)
        album['title'] = data['title']
        album['genre'] = data['genre']
        album['year'] = str(data['year'])
        print 3
            
        c, conn = connection()

        c.execute("INSERT INTO albums ( artist_id, title, genre, year_released) VALUES(%s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year'])])
        # Close Connection
        conn.commit()
        c.close()
        conn.close()
        print 4
        return jsonify({'error': False, "message": "Album added!"})
    except Exception as e:
        
        return(str(e))
Exemple #33
0
def addSong():
    try:
        title = "Edit Song"
        song = {}
        if request.method == "POST":
            

            song['album_id'] = request.args.get('album')
            #song['album_id'] = data[1]
            song['track_number'] = request.form['track_number']
            song['title'] = request.form['title'].encode('utf-8')
            song['lyrics'] = request.form['lyrics'].encode('utf-8')
            song['media_link'] = request.form['media_link']
            
            title = song['title']
            #flash("two!")
            c, conn = connection()
            c.execute("INSERT INTO tracks (album_id, track_no, title, lyrics, media_link) VALUES (%s, %s, %s, %s, %s);", [sanitize(song['album_id']), sanitize(song['track_number']), sanitize(song['title']), song['lyrics'], sanitize(song['media_link'])])
            c.execute("SELECT LAST_INSERT_ID();")
            data = c.fetchone()
            # Close Connection
            conn.commit()
            c.close()
            conn.close()
            #gc.collect()
            flash("Saved!")
            #flash(data)
            return redirect('/song/?song=' + str(data[0]))
        
        return render_template('pages/edit-song.html', title = title, song = song)
    except Exception as e:
        flash(e)
        return(str(e))
Exemple #34
0
def search():
    search = request.args.get('search')
    try:
        title = "Search"
        query = "%" + search + "%"
        
        # Establish connection
        c, conn = connection()
        
        result = c.execute("SELECT t.track_id, t.title, a.album_id, a.title, a.artwork, ar.artist_id, ar.name  FROM tracks t, albums a, artists ar WHERE (t.title LIKE (%s) OR t.lyrics LIKE (%s)) AND t.album_id = a.album_id AND a.artist_id = ar.artist_id ORDER BY t.title;", [sanitize(query), sanitize(query)])
        songResults = c.fetchall()
        
        result = c.execute("SELECT a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM albums a, artists ar WHERE (a.title LIKE (%s) OR a.genre LIKE (%s) OR a.year_released LIKE (%s)) AND a.artist_id = ar.artist_id;", [sanitize(query), sanitize(query), sanitize(query)])
        albumResults = c.fetchall()
        
        result = c.execute("SELECT ar.artist_id, ar.name, ar.genre, ar.country, a.artwork FROM artists ar LEFT JOIN albums a ON a.artist_id = ar.artist_id WHERE (name LIKE (%s) OR ar.genre LIKE (%s) OR country LIKE (%s)) GROUP BY ar.artist_id;", [sanitize(query), sanitize(query), sanitize(query)])
        artistResults = c.fetchall()
        
        conn.commit()
        c.close()
        conn.close()
        
        return jsonify({ "tracks": songResults, "albums": albumResults, "artists": artistResults })
    
    except Exception as e:
        
        return str(e)
Exemple #35
0
def editArtist(artist_id):
    
    data = request.get_json(force=True)
    
    if userAuth(data['username'], data['password']) == False:
        return jsonify({'error': True, 'message': 'You are not logged in!'} )
    
    try: 
        artist = {}
        artist['id'] = str(artist_id)
        artist['name'] = data['name']
        artist['bio'] = data['bio'].encode('utf-8')
        artist['genre'] = data['genre']
        artist['country'] = data['country']
        artist['year'] = str(data['year'])
        
        c, conn = connection()
        c.execute("UPDATE artists SET name = (%s), biography = (%s), genre = (%s), country = (%s), year_formed = (%s) WHERE artist_id = (%s)", [sanitize(artist['name']), artist['bio'], sanitize(artist['genre']), sanitize(artist['country']),sanitize(artist['year']), sanitize(artist['id'])])
        # Close Connection
        conn.commit()
        c.close()
        conn.close()
        
        return jsonify({'error': False, 'message': 'Updated artist!'})
       
    except Exception as e:
        
        return(str(e))
Exemple #36
0
def addArtist():
    try:
        if request.method == "POST":
            #flash("POST")
            artist = {}
            artist['id'] = request.args.get('artist')
            artist['name'] = request.form['name']
            artist['bio'] = request.form['bio'].encode('utf-8')
            artist['genre'] = request.form['genre']
            artist['country'] = request.form['country']
            artist['year'] = request.form['year']
            title = artist['name']
            c, conn = connection()
            c.execute("UPDATE artists SET name = (%s), biography = (%s), genre = (%s), country = (%s), year_formed = (%s) WHERE artist_id = (%s)", [sanitize(artist['name']), artist['bio'], sanitize(artist['genre']), sanitize(artist['country']),sanitize(artist['year']), sanitize(artist['id'])])
            # Close Connection
            conn.commit()
            c.close()
            conn.close()
            #gc.collect()
            flash("Updated!")
            return redirect('/artist/?artist=' + str(artist['id']))
        elif request.method == "GET":
            artist_id = request.args.get('artist')
            
            # Establish connection
            c, conn = connection()
            
            
            result = c.execute("SELECT * FROM artists WHERE artist_id = (%s)", [sanitize(artist_id)])
            data = c.fetchone()
            
            artist = {}
            artist['id'] = data[0]
            artist['name'] = data[2]
            artist['bio'] = data[1].decode('utf-8')
            artist['genre'] = data[3]
            artist['country'] = data[4]
            artist['year'] = data[5]
            title = artist['name']
            result = c.execute("SELECT member_id, name, role FROM members WHERE artist_id = (%s)", [sanitize(artist_id)])
            data = c.fetchall()
            members = []
            for member in data:
                members.append({'id': member[0], 'name': member[1], 'role': member[2]})
            
            # ------------------------------
           
            # Close Connection
            conn.commit()
            c.close()
            conn.close()
            #gc.collect()
            
            #title = "Edit Artist"
            
            return render_template('pages/edit-artist.html', title = title, artist = artist, members = members)
        else:
            return render_template('err/404.html', title = title)
    except Exception as e:
        flash(e)
        return(str(e))