def addAlbum(artist_id): data = request.get_json(force=True) if userAuth(data['username'], data['password']) == False: return jsonify({'error': True, 'message': 'You are not logged in!'}) print 1 try: album = {} print 2 album['artist_id'] = str(artist_id) album['title'] = data['title'] album['genre'] = data['genre'] album['year'] = str(data['year']) print 3 c, conn = connection() c.execute( "INSERT INTO albums ( artist_id, title, genre, year_released) VALUES(%s, %s, %s, %s)", [ sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year']) ]) # Close Connection conn.commit() c.close() conn.close() print 4 return jsonify({'error': False, "message": "Album added!"}) except Exception as e: return (str(e))
def resetVerifyCheck(key): url_serial = URLSafeSerializer( "XHhkMVx4OTgzXFxceDhmZilceDk2Ilx4MTZceDhkXHhhYlx4ZGFceDlkXHhiYUNHXHhlM1x4YTRceDFiK0RceGNhfg==" ) timed_serial = TimedSerializer( "XHhkMVx4OTgzXFxceDhmZilceDk2Ilx4MTZceDhkXHhhYlx4ZGFceDlkXHhiYUNHXHhlM1x4YTRceDFiK0RceGNhfg==" ) status = None try: key = timed_serial.loads(key, max_age=300) key = url_serial.loads(key) username = str(sanitize(key[0])) password = sha512_crypt.encrypt(sanitize(key[1])) except: status = "Oops, The Link Has Expired..!!" return status cursor, dbconn = dbConnection() query = "UPDATE users SET password = %s WHERE username = %s" try: cursor.execute(query, (password, username)) dbconn.commit() status = "Password Updated Successfully..!!" except: dbconn.rollback() status = "Oops, Something Went Wrong Please Try Again..!!" cursor.close() dbconn.close() return status
def processLogin(form): username = sanitize(form.username.data) password = sanitize(form.password.data) persistent = form.persistent.data status = False try: cursor, dbconn = dbConnection() query = "SELECT user_id, username, password FROM users WHERE username = %s" query_result = cursor.execute(query, [username]) query_result = cursor.fetchone() user_id = query_result[0] query_result = query_result[2] except: status = "No Such User Exists..!!" else: if sha512_crypt.verify(password, query_result): session['logged_in'] = True session['username'] = username if persistent: session.permanent = True status = True else: status = "Invalid Credentials..!!" query = "SELECT reviewer_id, subject from reviewers where user_id = %s" query_result = cursor.execute(query, [user_id]) if int(query_result) > 0: query_result = cursor.fetchone() session['reviewer'] = query_result[0] session['subject'] = query_result[1] cursor.close() dbconn.close() return status
def register(): data = request.get_json(force=True) email = data['email'] username = data['username'] password = data['password'] password2 = data['confirmPassword'] try: password = sha256_crypt.encrypt(str(password)) # Check if username is available c, conn = connection() db_username = c.execute("SELECT * FROM users WHERE username = (%s)", [sanitize(username)]) if int(db_username) > 0: return jsonify({ "userdata": False, "error": "Username Taken." }) # Check if email is already used. db_email = c.execute("SELECT * FROM users WHERE email = (%s)", [sanitize(email)]) if int(db_email) > 0: return jsonify({ "userdata": False, "error": "Email already used by another account." }) # Credentials are good! Add new user and close the connection. c.execute("INSERT INTO users (username, password, email) VALUES (%s, %s, %s)", [sanitize(username), sanitize(password), sanitize(email)]) conn.commit() c.close() conn.close() return jsonify({ "userdata": True, "message": "You are now registered!" }) except Exception as e: return(str(e))
def signup(): title = "Sign Up" try: if request.method == "POST": email = request.form['email'] username = request.form['username'] password = request.form['password'] password2 = request.form['repeatpassword'] #flash(username) #flash(password) # confirm password if password != password2: flash("Passwords do not match.") return render_template('pages/signup.html', title = title) if len(password) < 8: flash("Password not long enough.") return render_template('pages/signup.html', title = title) password = sha256_crypt.encrypt(str(password)) # Check if username is available c, conn = connection() db_username = c.execute("SELECT * FROM users WHERE username = (%s)", [sanitize(username)]) if int(db_username) > 0: flash("Username taken.") return render_template('pages/signup.html', title = title) # Check if email is already used. db_email = c.execute("SELECT * FROM users WHERE email = (%s)", [sanitize(email)]) if int(db_email) > 0: flash("An account already exists with that email.") return render_template('pages/signup.html', title = title) # Credentials are good! Add new user and close the connection. c.execute("INSERT INTO users (username, password, email) VALUES (%s, %s, %s)", [sanitize(username), sanitize(password), sanitize(email)]) conn.commit() c.close() conn.close() #gc.collect() flash("You are now Registered!") session['logged_in'] = True session['user_id'] = 1 session['username'] = username session['user_email'] = email session['user_type'] = 0 session['user_active'] = 0 session['user_image'] = 'placeholder.jpg' return redirect(url_for('home')) return render_template('pages/signup.html', title = title) except Exception as e: flash(e) return(str(e))
def commentArticle(form, article_id): status = "Thanks For Your Comment..!!" cursor, dbconn = dbConnection() article_id = sanitize(str(article_id)) reviewer_id = session['reviewer'] comment = sanitize(str(form.comment.data)) try: if not (addComment(article_id, reviewer_id, comment, cursor, dbconn)): status = "You've Already Provided Your Comment..!!" except: dbconn.rollback() status = "Oops, Something Went Wrong Please Try Again..!!" return status
def addSong(artist_id, album_id): data = request.get_json(force=True) if userAuth(data['username'], data['password']) == False: print "sup" return jsonify({'error': True, 'message': 'You are not logged in!'}) try: song = {} song['album_id'] = str(album_id) #song['album_id'] = data[1] song['track_number'] = str(data['track_number']) song['title'] = data['title'].encode('utf-8') song['lyrics'] = data['lyrics'].encode('utf-8') song['media_link'] = data['media_link'].encode('utf-8') c, conn = connection() c.execute( "INSERT INTO tracks (album_id, track_no, title, lyrics, media_link) VALUES (%s, %s, %s, %s, %s);", [ sanitize(song['album_id']), sanitize(song['track_number']), sanitize(song['title']), song['lyrics'], sanitize(song['media_link']) ]) c.execute("SELECT LAST_INSERT_ID();") data = c.fetchone() # Close Connection conn.commit() c.close() conn.close() print data return jsonify({ "error": False, "message": "Song added!", "track_id": data['LAST_INSERT_ID()'] }) except Exception as e: print "err: " + str(e) return jsonify({ 'error': True, 'message': 'Something went wrong... Content may not have saved.' })
def editAlbum(artist_id, album_id): data = request.get_json(force=True) if userAuth(data['username'], data['password']) == False: return jsonify({'error': True, 'message': 'You are not logged in!'}) print 1 try: album = {} print 2 album['id'] = str(album_id) album['artist'] = str(artist_id) album['title'] = data['title'] #album['artwork'] = request.form['artwork'] album['genre'] = data['genre'] album['year'] = str(data['year']) print 3 c, conn = connection() ''' file = request.files['artwork'] if file and allowed_file(file.filename): image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1]) file.save(os.path.join(app.config['UPLOAD_FOLDER'], image)) c.execute("UPDATE albums SET artwork = (%s) WHERE album_id = (%s)", [sanitize(image), sanitize(album['id'])]) ''' print 4 c.execute( "UPDATE albums SET title = (%s), genre = (%s), year_released = (%s) WHERE album_id = (%s)", [ sanitize(album['title']), sanitize(album['genre']), sanitize(album['year']), sanitize(album['id']) ]) # Close Connection conn.commit() c.close() conn.close() print 5 return jsonify({"error": False, "message": "Album Updated!"}) except Exception as e: return (str(e))
def register(): data = request.get_json(force=True) email = data['email'] username = data['username'] password = data['password'] password2 = data['confirmPassword'] try: password = sha256_crypt.encrypt(str(password)) # Check if username is available c, conn = connection() db_username = c.execute("SELECT * FROM users WHERE username = (%s)", [sanitize(username)]) if int(db_username) > 0: return jsonify({"userdata": False, "error": "Username Taken."}) # Check if email is already used. db_email = c.execute("SELECT * FROM users WHERE email = (%s)", [sanitize(email)]) if int(db_email) > 0: return jsonify({ "userdata": False, "error": "Email already used by another account." }) # Credentials are good! Add new user and close the connection. c.execute( "INSERT INTO users (username, password, email) VALUES (%s, %s, %s)", [sanitize(username), sanitize(password), sanitize(email)]) conn.commit() c.close() conn.close() return jsonify({ "userdata": True, "message": "You are now registered!" }) except Exception as e: return (str(e))
def reviewArticle(form, article_id): article_status = sanitize(str(form.status.data)) article_id = sanitize(str(article_id)) reviewer_id = session['reviewer'] status = None cursor, dbconn = dbConnection() try: query = "UPDATE articles SET status = %s, review_date = CURRENT_TIMESTAMP WHERE article_id = %s;" query1 = "INSERT INTO article_reviewer VALUES(%s, %s);" cursor.execute(query, (article_status, article_id)) cursor.execute(query1, (article_id, reviewer_id)) status = "Review Submitted Successfully..!!" dbconn.commit() except: dbconn.rollback() status = "Oops, Something Went Wrong Please Try Again..!!" cursor.close() dbconn.close() return status
def artist(): try: artist_id = request.args.get('artist') # Establish connection c, conn = connection() result = c.execute("SELECT * FROM artists WHERE artist_id = (%s)", [sanitize(artist_id)]) data = c.fetchone() artist = {} artist['id'] = data[0] artist['name'] = data[2] artist['bio'] = nl2br(data[1].decode('utf-8')) artist['genre'] = data[3] artist['country'] = data[4] artist['year'] = data[5] title = artist['name'] result = c.execute("SELECT name, role FROM members WHERE artist_id = (%s)", [sanitize(artist_id)]) data = c.fetchall() members = [] for member in data: members.append({'name': member[0], 'role': member[1]}) result = c.execute("SELECT * FROM albums WHERE artist_id = (%s) ORDER BY year_released DESC;", [artist['id']]) data = c.fetchall() albums = [] for album in data: result = c.execute("SELECT track_id, title, track_no FROM tracks WHERE album_id = (%s) ORDER BY track_no;", [album[0]]) data2 = c.fetchall() tracklist = [] for track in data2: tracklist.append({'id': track[0], 'title': track[1], 'track_no': track[2]}) albums.append({'id': album[0], 'title': album[2], 'genre': album[3], 'year': album[4], 'artwork': album[5], 'tracklist': tracklist}) return render_template('pages/artist.html', title = title, artist = artist, members = members, albums = albums) except Exception as e: flash(e) return(str(e))
def editSong(): try: title = "Edit Song" if request.method == "POST": #flash("one!") song = {} song['id'] = request.args.get('song') #song['album_id'] = data[1] song['track_number'] = request.form['track_number'] song['title'] = request.form['title'].encode('utf-8') song['lyrics'] = request.form['lyrics'].encode('utf-8') song['media_link'] = request.form['media_link'] title = song['title'] #flash("two!") c, conn = connection() c.execute("UPDATE tracks SET title = (%s), track_no = (%s), lyrics = (%s), media_link = (%s) WHERE track_id = (%s)", [sanitize(song['title']), sanitize(song['track_number']), song['lyrics'], sanitize(song['media_link']),sanitize(song['id'])]) # Close Connection conn.commit() c.close() conn.close() #gc.collect() flash("Updated!") return redirect('/song/?song=' + str(song['id'])) elif request.method == "GET": track_id = request.args.get('song') # Establish connection c, conn = connection() result = c.execute("SELECT * FROM tracks WHERE track_id = (%s)", [sanitize(track_id)]) data = c.fetchone() # Close Connection conn.commit() c.close() conn.close() #gc.collect() song = {} song['id'] = data[0] song['album_id'] = data[1] song['track_number'] = data[2] song['title'] = data[3].decode('utf-8') song['lyrics'] = data[4].decode('utf-8') song['media_link'] = data[5] return render_template('pages/edit-song.html', title = title, song = song) except Exception as e: flash(e) return(str(e))
def editSong(artist_id, album_id, track_id): data = request.get_json(force=True) if userAuth(data['username'], data['password']) == False: print "sup" return jsonify({'error': True, 'message': 'You are not logged in!'}) try: song = {} song['id'] = str(track_id) #song['album_id'] = data[1] song['track_number'] = str(data['track_number']) song['title'] = data['title'].encode('utf-8') song['lyrics'] = data['lyrics'].encode('utf-8') song['media_link'] = data['media_link'].encode('utf-8') c, conn = connection() c.execute( "UPDATE tracks SET title = (%s), track_no = (%s), lyrics = (%s), media_link = (%s) WHERE track_id = (%s);", [ sanitize(song['title']), sanitize(song['track_number']), song['lyrics'], sanitize(song['media_link']), sanitize(song['id']) ]) # Close Connection conn.commit() c.close() conn.close() return jsonify({'error': False, 'message': 'Save successful!'}) except Exception as e: print "err: " + str(e) return jsonify({ 'error': True, 'message': 'Something went wrong... Content may not have saved.' })
def song(): try: track_id = request.args.get('song') # Establish connection c, conn = connection() song = {} result = c.execute("SELECT * FROM tracks WHERE track_id = (%s)", [sanitize(track_id)]) data = c.fetchone() #flash("hi") song['id'] = data[0] song['album_id'] = data[1] song['track_number'] = data[2] song['title'] = data[3].decode('utf-8') song['lyrics'] = nl2br(data[4].decode('utf-8')) if data[5] != None and 'youtube' in data[5]: song['media_link'] = data[5].split("=")[1] else: song['media_link'] = '' result = c.execute("SELECT t.track_id, t.track_no, t.title, a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM tracks T JOIN albums a ON t.album_id=a.album_id JOIN artists ar ON a.artist_id=ar.artist_id WHERE t.album_id=(%s) ORDER BY t.track_no", [song['album_id']]) data = c.fetchall() album = {} album['id'] = data[0][3] album['title'] = data[0][4] album['artwork'] = data[0][7] album['genre'] = data[0][5] album['year'] = data[0][6] album['tracklist'] = {} album['tracklist']['tracks'] = [] for track in data: album['tracklist']['tracks'].append({'title': track[2], 'track_no': track[1], 'id': track[0]}) # Close Connection conn.commit() c.close() conn.close() #gc.collect() title = song['title'] artist = {} artist['id'] = data[0][8] artist['name'] = data[0][9] return render_template('pages/song.html', title = title, song = song, album = album, artist = artist) except Exception as e: flash(e) return(str(e))
def processRegistration(form): username = sanitize(form.username.data) password = sha512_crypt.encrypt(sanitize(form.password.data)) email = sanitize(form.email.data) fullname = sanitize(form.fullname.data) contact = (sanitize(form.contact.data)) or None reviewer = form.reviewer.data reviewer_choice = sanitize(str(form.reviewer_choice.data)) cursor, dbconn = dbConnection() status = None query = "SELECT * FROM users WHERE username = %s" query_result = cursor.execute(query, [username]) if int(query_result) > 0: status = "Plz..Choose A Different Username..!!" else: try: query = "INSERT INTO users(username, password, fullname, email_id, contact_no) VALUES(%s, %s, %s, %s, IFNULL(%s, DEFAULT(contact_no)));" query_result = cursor.execute( query, (username, password, fullname, email, contact)) if reviewer == True: query = "INSERT INTO reviewers(user_id, subject) VALUES(LAST_INSERT_ID(), %s)" query_result = cursor.execute(query, [reviewer_choice]) dbconn.commit() status = 0 except: dbconn.rollback() status = "Oops.!! Something Went Wrong, Plz Try Again..!!" cursor.close() dbconn.close() return status
def add_Artist(): data = request.get_json(force=True) if userAuth(data['username'], data['password']) == False: return jsonify({'error': True, 'message': 'You are not logged in!'}) print 1 try: artist = {} artist['name'] = data['name'] artist['bio'] = data['bio'].encode('utf-8') artist['genre'] = data['genre'] artist['country'] = data['country'] artist['year'] = str(data['year']) print 2 c, conn = connection() c.execute( "INSERT INTO artists(name, biography, genre, country, year_formed) VALUES ((%s), (%s), (%s), (%s), (%s))", [ sanitize(artist['name']), artist['bio'], sanitize(artist['genre']), sanitize(artist['country']), sanitize(artist['year']) ]) c.execute("SELECT LAST_INSERT_ID();") data = c.fetchone() # Close Connection conn.commit() c.close() conn.close() print 3 return jsonify({ 'error': False, 'message': 'Updated artist!', "artist_id": data['LAST_INSERT_ID()'] }) except Exception as e: return (str(e))
def processReset(form): username = sanitize(form.username.data) password = sanitize(form.password.data) email = None status = None token = None cursor, dbconn = dbConnection() query = "SELECT * FROM users WHERE username = %s" query_result = cursor.execute(query, [username]) if int(query_result) <= 0: status = "No Such User Exists..!!" else: email = cursor.fetchone()[4] url_serial = URLSafeSerializer( "XHhkMVx4OTgzXFxceDhmZilceDk2Ilx4MTZceDhkXHhhYlx4ZGFceDlkXHhiYUNHXHhlM1x4YTRceDFiK0RceGNhfg==" ) timed_serial = TimedSerializer( "XHhkMVx4OTgzXFxceDhmZilceDk2Ilx4MTZceDhkXHhhYlx4ZGFceDlkXHhiYUNHXHhlM1x4YTRceDFiK0RceGNhfg==" ) token = timed_serial.dumps(url_serial.dumps([username, password])) cursor.close() dbconn.close() return status, email, token
def editArtist(artist_id): data = request.get_json(force=True) if userAuth(data['username'], data['password']) == False: return jsonify({'error': True, 'message': 'You are not logged in!'}) try: artist = {} artist['id'] = str(artist_id) artist['name'] = data['name'] artist['bio'] = data['bio'].encode('utf-8') artist['genre'] = data['genre'] artist['country'] = data['country'] artist['year'] = str(data['year']) c, conn = connection() c.execute( "UPDATE artists SET name = (%s), biography = (%s), genre = (%s), country = (%s), year_formed = (%s) WHERE artist_id = (%s)", [ sanitize(artist['name']), artist['bio'], sanitize(artist['genre']), sanitize(artist['country']), sanitize(artist['year']), sanitize(artist['id']) ]) # Close Connection conn.commit() c.close() conn.close() return jsonify({'error': False, 'message': 'Updated artist!'}) except Exception as e: return (str(e))
def login(): #error = "Hey" title = "Login" request.form.email = "test" try: if request.method == "POST": attempted_username = request.form['email'] attempted_password = request.form['password'] #flash(attempted_username) #flash(attempted_password) #TODO check username and password with db; set session vars c, conn = connection() res = c.execute("SELECT * FROM users WHERE username = (%s)", [sanitize(attempted_username)]) data = c.fetchone() conn.commit() c.close() conn.close() #gc.collect() if int(res) > 0: db_password = data[2] if sha256_crypt.verify(attempted_password, db_password): session['logged_in'] = True session['user_id'] = data[0] session['username'] = data[1] session['user_email'] = data[3] session['user_type'] = data[4] session['user_fname'] = data[5] session['user_lname'] = data[6] session['user_active'] = data[7] session['user_image'] = data[8] #flash(data) return redirect(url_for('home')) flash("Username or password was incorrect. Please try again.") #TODO end -------------------------------------------------- return render_template("pages/login.html", title=title) except Exception as e: flash(e) error = "Failed." return render_template("pages/login.html", title=title, error = error)
def search(): search = request.args.get('search') try: title = "Search" query = "%" + search + "%" # Establish connection c, conn = connection() result = c.execute( "SELECT t.track_id, t.title, a.album_id, a.title, a.artwork, ar.artist_id, ar.name FROM tracks t, albums a, artists ar WHERE (t.title LIKE (%s) OR t.lyrics LIKE (%s)) AND t.album_id = a.album_id AND a.artist_id = ar.artist_id ORDER BY t.title;", [sanitize(query), sanitize(query)]) songResults = c.fetchall() result = c.execute( "SELECT a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM albums a, artists ar WHERE (a.title LIKE (%s) OR a.genre LIKE (%s) OR a.year_released LIKE (%s)) AND a.artist_id = ar.artist_id;", [sanitize(query), sanitize(query), sanitize(query)]) albumResults = c.fetchall() result = c.execute( "SELECT ar.artist_id, ar.name, ar.genre, ar.country, a.artwork FROM artists ar LEFT JOIN albums a ON a.artist_id = ar.artist_id WHERE (name LIKE (%s) OR ar.genre LIKE (%s) OR country LIKE (%s)) GROUP BY ar.artist_id;", [sanitize(query), sanitize(query), sanitize(query)]) artistResults = c.fetchall() conn.commit() c.close() conn.close() return jsonify({ "tracks": songResults, "albums": albumResults, "artists": artistResults }) except Exception as e: return str(e)
def viewArticle(filename): UPLOAD_FOLDER = "articles" article = None status = True filename = sanitize(filename) cursor, dbconn = dbConnection() query = "SELECT articles.article_id, articles.title, articles.subject, articles.status, articles.submit_date, articles.review_date, authors.fullname FROM articles INNER JOIN article_author ON articles.article_id = article_author.article_id INNER JOIN authors ON article_author.author_id = authors.author_id WHERE articles.article_id = %s" article_details = cursor.execute(query, [filename]) article_details = cursor.fetchone() try: filepath = path.join(UPLOAD_FOLDER, str(filename)) article = open(filepath, 'r') article = article.read() except: status = "Oops, Something Went Wrong Please Try Again..!!" comment = viewComment(filename, cursor) cursor.close() dbconn.close() return article_details, article, status, comment
def uploadArticle(form, file_obj): author = sanitize(form.author.data) email = sanitize(form.email.data) contact = sanitize(form.contact.data) or None address = sanitize(form.address.data) title = sanitize(form.title.data) article_subject = sanitize(str(form.article_subject.data)) cursor, dbconn = dbConnection() query = "SELECT `AUTO_INCREMENT` FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = 'articles'" article_id = cursor.execute(query) article_id = cursor.fetchone()[0] status = uploadFiles(file_obj, article_id) if status == True: try: query = "INSERT INTO articles(title, subject, review_date) VALUES(%s, %s, DEFAULT(review_date));" cursor.execute(query, (title, article_subject)) query = "SELECT author_id FROM authors WHERE email_id = %s;" author_status = cursor.execute(query, [email]) if int(author_status) > 0: author_id = cursor.fetchone()[0] query1 = "INSERT INTO article_author VALUES(%s, %s);" cursor.execute(query1, (article_id, author_id)) else: query1 = "INSERT INTO authors(fullname, email_id, address, contact_no) VALUES(%s, %s, %s, IFNULL(%s, DEFAULT(contact_no)));" query2 = "INSERT INTO article_author VALUES(%s, LAST_INSERT_ID());" cursor.execute(query1, (author, email, address, contact)) cursor.execute(query2, [article_id]) dbconn.commit() status = "Article Uploaded Successfully" except: dbconn.rollback() status = "Oops, Something Went Wrong Please Try Again..!!" cursor.close() dbconn.close() return status
def search(): try: title = "Search" search = request.args.get('search') query = "%" + request.args.get('search') + "%" # Establish connection c, conn = connection() result = c.execute("SELECT t.track_id, t.title, a.album_id, a.title, a.artwork, ar.artist_id, ar.name FROM tracks t, albums a, artists ar WHERE (t.title LIKE (%s) OR t.lyrics LIKE (%s)) AND t.album_id = a.album_id AND a.artist_id = ar.artist_id ORDER BY t.title;", [sanitize(query), sanitize(query)]) songResults = c.fetchall() result = c.execute("SELECT a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM albums a, artists ar WHERE (a.title LIKE (%s) OR a.genre LIKE (%s) OR a.year_released LIKE (%s)) AND a.artist_id = ar.artist_id;", [sanitize(query), sanitize(query), sanitize(query)]) albumResults = c.fetchall() result = c.execute("SELECT ar.artist_id, ar.name, ar.genre, ar.country, a.artwork FROM artists ar LEFT JOIN albums a ON a.artist_id = ar.artist_id WHERE (name LIKE (%s) OR ar.genre LIKE (%s) OR country LIKE (%s)) GROUP BY ar.artist_id;", [sanitize(query), sanitize(query), sanitize(query)]) artistResults = c.fetchall() conn.commit() c.close() conn.close() #gc.collect() #flash(data) songs = [] albums = [] artists = [] for song in songResults: songs.append({'id': song[0], 'title': song[1], 'album_id': song[2], 'album_title': song[3], 'artwork': song[4], 'artist_id': song[5], 'artist_name': song[6]}) for album in albumResults: albums.append({'id': album[0], 'title': album[1], 'genre': album[2], 'year': album[3], 'artwork': album[4], 'artist_id': album[5], 'artist_name': album[6]}) for artist in artistResults: artists.append({'id': artist[0], 'name': artist[1], 'genre': artist[2], 'country': artist[3], 'artwork': artist[4]}) #TODO search albums #TODO search artists return render_template("pages/search.html", title = title, search = search, songs = songs, albums = albums, artists = artists) except Exception as e: #flash(e) return str(e)
def addAlbumToArtist(artist_id): try: title = "Add Album" album = {} if request.method == "POST": # TODO modify to recieve JSON data. album['title'] = request.form['title'] #album['artwork'] = request.form['artwork'] album['genre'] = request.form['genre'] album['year'] = request.form['year'] file = request.files['artwork'] title = album['title'] c, conn = connection() if file and allowed_file(file.filename): image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1]) file.save(os.path.join(app.config['UPLOAD_FOLDER'], image)) c.execute("INSERT INTO albums ( artist_id, title, genre, year_released, artwork) VALUES(%s, %s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year']), sanitize(image)]) else: c.execute("INSERT INTO albums ( artist_id, title, genre, year_released) VALUES(%s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year'])]) # Close Connection conn.commit() c.close() conn.close() #gc.collect() return redirect('/artist/?artist=' + str(album['artist_id']) + "#album" + str(album['id'])) elif request.method == "GET": title = "Add Album" album = {} artist = {} # ------------------------------ return render_template('pages/edit-album.html', title = title, album = album, artist = artist) else: return render_template('err/404.html', title = title) except Exception as e: return(str(e))
def addAlbum(): try: title = "Add Album" album = {} if request.method == "POST": album['id'] = request.args.get('artist') album['artist_id'] = request.args.get('artist') album['title'] = request.form['title'] #album['artwork'] = request.form['artwork'] album['genre'] = request.form['genre'] album['year'] = request.form['year'] file = request.files['artwork'] title = album['title'] c, conn = connection() if file and allowed_file(file.filename): image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1]) file.save(os.path.join(app.config['UPLOAD_FOLDER'], image)) c.execute("INSERT INTO albums ( artist_id, title, genre, year_released, artwork) VALUES(%s, %s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year']), sanitize(image)]) else: c.execute("INSERT INTO albums ( artist_id, title, genre, year_released) VALUES(%s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year'])]) # Close Connection conn.commit() c.close() conn.close() #gc.collect() flash("Updated!") return redirect('/artist/?artist=' + str(album['artist_id']) + "#album" + str(album['id'])) elif request.method == "GET": title = "Add Album" album = {} artist = {} # ------------------------------ return render_template('pages/edit-album.html', title = title, album = album, artist = artist) else: return render_template('err/404.html', title = title) except Exception as e: flash(e) return(str(e))
def add_Artist(): data = request.get_json(force=True) if userAuth(data['username'], data['password']) == False: return jsonify({'error': True, 'message': 'You are not logged in!'} ) print 1 try: artist = {} artist['name'] = data['name'] artist['bio'] = data['bio'].encode('utf-8') artist['genre'] = data['genre'] artist['country'] = data['country'] artist['year'] = str(data['year']) print 2 c, conn = connection() c.execute("INSERT INTO artists(name, biography, genre, country, year_formed) VALUES ((%s), (%s), (%s), (%s), (%s))", [sanitize(artist['name']), artist['bio'], sanitize(artist['genre']), sanitize(artist['country']),sanitize(artist['year'])]) c.execute("SELECT LAST_INSERT_ID();") data = c.fetchone() # Close Connection conn.commit() c.close() conn.close() print 3 return jsonify({'error': False, 'message': 'Updated artist!', "artist_id": data['LAST_INSERT_ID()']}) except Exception as e: return(str(e))
def editAlbum(): try: title = "Edit Album" if request.method == "POST": album = {} album['id'] = request.args.get('album') album['artist'] = request.args.get('artist') album['title'] = request.form['title'] #album['artwork'] = request.form['artwork'] album['genre'] = request.form['genre'] album['year'] = request.form['year'] title = album['title'] c, conn = connection() file = request.files['artwork'] if file and allowed_file(file.filename): image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1]) file.save(os.path.join(app.config['UPLOAD_FOLDER'], image)) c.execute("UPDATE albums SET artwork = (%s) WHERE album_id = (%s)", [sanitize(image), sanitize(album['id'])]) c.execute("UPDATE albums SET title = (%s), genre = (%s), year_released = (%s) WHERE album_id = (%s)", [sanitize(album['title']), sanitize(album['genre']), sanitize(album['year']), sanitize(album['id'])]) # Close Connection conn.commit() c.close() conn.close() #gc.collect() flash("Updated!") return redirect('/artist/?artist=' + str(album['artist']) + "#album" + str(album['id'])) elif request.method == "GET": album_id = request.args.get('album') # Establish connection c, conn = connection() result = c.execute("SELECT a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM albums a JOIN artists ar ON a.artist_id=ar.artist_id WHERE a.album_id=(%s)", [sanitize(album_id)]) data = c.fetchone() # Close Connection conn.commit() c.close() conn.close() #gc.collect() album = {} album['id'] = data[0] album['title'] = data[1] album['artwork'] = data[4] album['genre'] = data[2] album['year'] = data[3] artist = {} artist['id'] = data[5] artist['name'] = data[6] title = album['title'] # ------------------------------ return render_template('pages/edit-album.html', title = title, album=album, artist = artist) else: return render_template('err/404.html', title = title) except Exception as e: flash(e) return(str(e))
def editAlbum(artist_id, album_id): data = request.get_json(force=True) if userAuth(data['username'], data['password']) == False: return jsonify({'error': True, 'message': 'You are not logged in!'} ) print 1 try: album = {} print 2 album['id'] = str(album_id) album['artist'] = str(artist_id) album['title'] = data['title'] #album['artwork'] = request.form['artwork'] album['genre'] = data['genre'] album['year'] = str(data['year']) print 3 c, conn = connection() ''' file = request.files['artwork'] if file and allowed_file(file.filename): image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1]) file.save(os.path.join(app.config['UPLOAD_FOLDER'], image)) c.execute("UPDATE albums SET artwork = (%s) WHERE album_id = (%s)", [sanitize(image), sanitize(album['id'])]) ''' print 4 c.execute("UPDATE albums SET title = (%s), genre = (%s), year_released = (%s) WHERE album_id = (%s)", [sanitize(album['title']), sanitize(album['genre']), sanitize(album['year']), sanitize(album['id'])]) # Close Connection conn.commit() c.close() conn.close() print 5 return jsonify({"error": False, "message": "Album Updated!"}) except Exception as e: return(str(e))
def addSong(artist_id, album_id): data = request.get_json(force=True) if userAuth(data['username'], data['password']) == False: print "sup" return jsonify({'error': True, 'message': 'You are not logged in!'} ) try: song = {} song['album_id'] = str(album_id) #song['album_id'] = data[1] song['track_number'] = str(data['track_number']) song['title'] = data['title'].encode('utf-8') song['lyrics'] = data['lyrics'].encode('utf-8') song['media_link'] = data['media_link'].encode('utf-8') c, conn = connection() c.execute("INSERT INTO tracks (album_id, track_no, title, lyrics, media_link) VALUES (%s, %s, %s, %s, %s);", [sanitize(song['album_id']), sanitize(song['track_number']), sanitize(song['title']), song['lyrics'], sanitize(song['media_link'])]) c.execute("SELECT LAST_INSERT_ID();") data = c.fetchone() # Close Connection conn.commit() c.close() conn.close() print data return jsonify({"error": False, "message": "Song added!", "track_id": data['LAST_INSERT_ID()']}) except Exception as e: print "err: " + str(e) return jsonify({'error': True, 'message': 'Something went wrong... Content may not have saved.'} )
def editSong(artist_id, album_id, track_id): data = request.get_json(force=True) if userAuth(data['username'], data['password']) == False: print "sup" return jsonify({'error': True, 'message': 'You are not logged in!'} ) try: song = {} song['id'] = str(track_id) #song['album_id'] = data[1] song['track_number'] = str(data['track_number']) song['title'] = data['title'].encode('utf-8') song['lyrics'] = data['lyrics'].encode('utf-8') song['media_link'] = data['media_link'].encode('utf-8') c, conn = connection() c.execute("UPDATE tracks SET title = (%s), track_no = (%s), lyrics = (%s), media_link = (%s) WHERE track_id = (%s);", [sanitize(song['title']), sanitize(song['track_number']), song['lyrics'], sanitize(song['media_link']),sanitize(song['id'])]) # Close Connection conn.commit() c.close() conn.close() return jsonify({'error': False, 'message': 'Save successful!'} ) except Exception as e: print "err: " + str(e) return jsonify({'error': True, 'message': 'Something went wrong... Content may not have saved.'} )
def settings(): title = "Settings" try: if request.method == "POST": email = request.form['email'] username = request.form['username'] password = request.form['password'] password2 = request.form['repeatpassword'] # Establish connection c, conn = connection() file = request.files['image'] if file and allowed_file(file.filename): image = secure_filename("user_img" + str(session['user_id']) + "." + file.filename.rsplit('.', 1)[1]) file.save(os.path.join(app.config['UPLOAD_FOLDER'], image)) c.execute("UPDATE users SET image_url = (%s) WHERE user_id = (%s)", [sanitize(image), session['user_id']]) session['user_image'] = image # ------------------------------ # New Username # ------------------------------ if username != session['username']: db_username = c.execute("SELECT username FROM users WHERE username = (%s) AND user_id != (%s)", [sanitize(username), session['user_id']]) if int(db_username) > 0: flash("Username taken.") #return render_template('pages/settings.html', title = title) else: c.execute("UPDATE users SET username = (%s) WHERE user_id = (%s)", [sanitize(username), session['user_id']]) #conn.commit() session['username'] = username flash("Username successfully changed!") # ------------------------------ # New Email Address # ------------------------------ if email != session['user_email']: # Check if email is already used. db_email = c.execute("SELECT email FROM users WHERE email = (%s) AND user_id != (%s)", [sanitize(email), session['user_id']]) if int(db_email) > 0: flash("An account already exists with that email.") #return render_template('pages/settings.html', title = title) else: c.execute("UPDATE users SET email = (%s) WHERE user_id = (%s)", [sanitize(email), session['user_id']]) session['user_email'] = email flash("Email successfully changed!") # ------------------------------ # New Password # ------------------------------ if len(password) > 0: # confirm password if password != password2: flash("Passwords do not match.") #return render_template('pages/signup.html', title = title) elif len(password) < 8: flash("Password not long enough.") #return render_template('pages/signup.html', title = title) else: password = sha256_crypt.encrypt(str(password)) c.execute("UPDATE users SET password = (%s) WHERE user_id = (%s)", [sanitize(password), session['user_id']]) flash("Password successfully changed!") # ------------------------------ # Close Connection conn.commit() c.close() conn.close() #gc.collect() return render_template('pages/settings.html', title = title) except Exception as e: flash(e) return(str(e))
def addAlbum(artist_id): data = request.get_json(force=True) if userAuth(data['username'], data['password']) == False: return jsonify({'error': True, 'message': 'You are not logged in!'} ) print 1 try: album = {} print 2 album['artist_id'] = str(artist_id) album['title'] = data['title'] album['genre'] = data['genre'] album['year'] = str(data['year']) print 3 c, conn = connection() c.execute("INSERT INTO albums ( artist_id, title, genre, year_released) VALUES(%s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year'])]) # Close Connection conn.commit() c.close() conn.close() print 4 return jsonify({'error': False, "message": "Album added!"}) except Exception as e: return(str(e))
def addSong(): try: title = "Edit Song" song = {} if request.method == "POST": song['album_id'] = request.args.get('album') #song['album_id'] = data[1] song['track_number'] = request.form['track_number'] song['title'] = request.form['title'].encode('utf-8') song['lyrics'] = request.form['lyrics'].encode('utf-8') song['media_link'] = request.form['media_link'] title = song['title'] #flash("two!") c, conn = connection() c.execute("INSERT INTO tracks (album_id, track_no, title, lyrics, media_link) VALUES (%s, %s, %s, %s, %s);", [sanitize(song['album_id']), sanitize(song['track_number']), sanitize(song['title']), song['lyrics'], sanitize(song['media_link'])]) c.execute("SELECT LAST_INSERT_ID();") data = c.fetchone() # Close Connection conn.commit() c.close() conn.close() #gc.collect() flash("Saved!") #flash(data) return redirect('/song/?song=' + str(data[0])) return render_template('pages/edit-song.html', title = title, song = song) except Exception as e: flash(e) return(str(e))
def search(): search = request.args.get('search') try: title = "Search" query = "%" + search + "%" # Establish connection c, conn = connection() result = c.execute("SELECT t.track_id, t.title, a.album_id, a.title, a.artwork, ar.artist_id, ar.name FROM tracks t, albums a, artists ar WHERE (t.title LIKE (%s) OR t.lyrics LIKE (%s)) AND t.album_id = a.album_id AND a.artist_id = ar.artist_id ORDER BY t.title;", [sanitize(query), sanitize(query)]) songResults = c.fetchall() result = c.execute("SELECT a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM albums a, artists ar WHERE (a.title LIKE (%s) OR a.genre LIKE (%s) OR a.year_released LIKE (%s)) AND a.artist_id = ar.artist_id;", [sanitize(query), sanitize(query), sanitize(query)]) albumResults = c.fetchall() result = c.execute("SELECT ar.artist_id, ar.name, ar.genre, ar.country, a.artwork FROM artists ar LEFT JOIN albums a ON a.artist_id = ar.artist_id WHERE (name LIKE (%s) OR ar.genre LIKE (%s) OR country LIKE (%s)) GROUP BY ar.artist_id;", [sanitize(query), sanitize(query), sanitize(query)]) artistResults = c.fetchall() conn.commit() c.close() conn.close() return jsonify({ "tracks": songResults, "albums": albumResults, "artists": artistResults }) except Exception as e: return str(e)
def editArtist(artist_id): data = request.get_json(force=True) if userAuth(data['username'], data['password']) == False: return jsonify({'error': True, 'message': 'You are not logged in!'} ) try: artist = {} artist['id'] = str(artist_id) artist['name'] = data['name'] artist['bio'] = data['bio'].encode('utf-8') artist['genre'] = data['genre'] artist['country'] = data['country'] artist['year'] = str(data['year']) c, conn = connection() c.execute("UPDATE artists SET name = (%s), biography = (%s), genre = (%s), country = (%s), year_formed = (%s) WHERE artist_id = (%s)", [sanitize(artist['name']), artist['bio'], sanitize(artist['genre']), sanitize(artist['country']),sanitize(artist['year']), sanitize(artist['id'])]) # Close Connection conn.commit() c.close() conn.close() return jsonify({'error': False, 'message': 'Updated artist!'}) except Exception as e: return(str(e))
def addArtist(): try: if request.method == "POST": #flash("POST") artist = {} artist['id'] = request.args.get('artist') artist['name'] = request.form['name'] artist['bio'] = request.form['bio'].encode('utf-8') artist['genre'] = request.form['genre'] artist['country'] = request.form['country'] artist['year'] = request.form['year'] title = artist['name'] c, conn = connection() c.execute("UPDATE artists SET name = (%s), biography = (%s), genre = (%s), country = (%s), year_formed = (%s) WHERE artist_id = (%s)", [sanitize(artist['name']), artist['bio'], sanitize(artist['genre']), sanitize(artist['country']),sanitize(artist['year']), sanitize(artist['id'])]) # Close Connection conn.commit() c.close() conn.close() #gc.collect() flash("Updated!") return redirect('/artist/?artist=' + str(artist['id'])) elif request.method == "GET": artist_id = request.args.get('artist') # Establish connection c, conn = connection() result = c.execute("SELECT * FROM artists WHERE artist_id = (%s)", [sanitize(artist_id)]) data = c.fetchone() artist = {} artist['id'] = data[0] artist['name'] = data[2] artist['bio'] = data[1].decode('utf-8') artist['genre'] = data[3] artist['country'] = data[4] artist['year'] = data[5] title = artist['name'] result = c.execute("SELECT member_id, name, role FROM members WHERE artist_id = (%s)", [sanitize(artist_id)]) data = c.fetchall() members = [] for member in data: members.append({'id': member[0], 'name': member[1], 'role': member[2]}) # ------------------------------ # Close Connection conn.commit() c.close() conn.close() #gc.collect() #title = "Edit Artist" return render_template('pages/edit-artist.html', title = title, artist = artist, members = members) else: return render_template('err/404.html', title = title) except Exception as e: flash(e) return(str(e))