def login():
if request.method == 'GET':
if not 'user_id' in session:
return render_template('login.html')
else:
return redirect(url_for('index'))
elif request.method == 'POST':
db = mysqlDB()
username = request.form['username'].strip()
password = request.form['password'].strip()
remember = request.form['remember']
parameters = [username, 0, '']
result = db.callproc('getUser', parameters)
user_id = result[1]
password_db = result[2]
if user_id != None:
if argon2.verify(password, password_db):
if remember == 'on':
session.permanent = True
app.logger.info('session permanent')
else:
session.permanent = False
session['user_id'] = user_id
return redirect(url_for('index'))
else:
return render_template('login.html')
return redirect(url_for('signup'))
def signup():
if request.method == 'GET':
if not 'user_id' in session:
return render_template('signup.html')
else:
return redirect(url_for('index'))
elif request.method == 'POST':
username = request.form['username'].strip()
email = request.form['email'].strip()
password = request.form['password'].strip()
name = request.form['name'].strip()
if password == request.form['password_con'].strip():
password = argon2.hash(password)
else:
flash('Passwords do not match', 'error')
return render_template('signup.html', username=username, email=email, name=name)
db = mysqlDB()
db.callproc('createUser', [username, email, password, name])
result = None
for item in db.cur.stored_results():
result = item
break
if result:
db.close_db()
flash(result.fetchall()[0][0], 'error')
return render_template('signup.html', username=username, email=email, name=name)
db.close_db()
return redirect(url_for('index'))
def profile():
db = mysqlDB()
query = 'SELECT sc.ID, sc.name, sc.Description, su.name FROM Scripts AS sc JOIN Subjects AS su ON su.ID=Subject_ID WHERE User_ID=%s' % session[
'user_id']
db.execute(query)
row = db.cur.fetchone()
script_list = []
while row is not None:
script_list.append({
'id': str(row[0]),
'name': row[1],
'desc': row[2].decode('UTF-8'),
'subj': row[3]
})
row = db.cur.fetchone()
return render_template('profile.html', scripts=script_list)
def file_upload():
if request.method == 'GET':
return render_template('file_upload.html')
elif request.method == 'POST':
db = mysqlDB()
# subject = request.form['subject']
user_id = session['user_id']
subject = '1'
script_name = request.form['script_name'].strip()
description = request.form['description'].strip()
db.execute('INSERT INTO Scripts (name, description, Subject_ID, User_ID) VALUES ("%s", "%s", %s, %s);' % (script_name, description, subject, user_id))
db.execute('SELECT LAST_INSERT_ID();')
lastid = db.cur.fetchone()[0]
file_path_base = ''.join(['/srv/http/scriptar/static/uploads/', str(lastid)])
os.makedirs(file_path_base, mode=0o775, exist_ok=True)
if 'script_link' in request.form:
script_link = request.form['script_link'].strip()
file_name = script_link.rsplit('/', 1)[1].lower()
urllib.request.urlretrieve(script_link, ''.join([file_path_base, "/", file_name]))
for f in request.files:
if request.files[f].filename != '' and f:
filename = secure_filename(request.files[f].filename)
# extension = filename.rsplit('.', 1)[1].lower()
# filename = ''.join(['file_', 'asdf.', extension])
file_path = ''.join([file_path_base,'/', filename])
request.files[f].save(os.path.join(file_path))
db.close_db()
return 'Upload sucessful'
from db import mysqlDB, get_3, get_money_spend
from data_fetch import fetch_3, fetch_money_spend
from figure_plot import draw_3_1, draw_pie_charts, draw_line, draw_3_2
table1 = "task1"
table2 = "task2"
if __name__ == '__main__':
db = mysqlDB()
#建立Table
attrs1 = {
"year": " INT NOT NULL",
"gdp": "FLOAT NOT NULL",
"gdp1": "FLOAT NOT NULL",
"gdp2": "FLOAT NOT NULL",
"gdp3": "FLOAT NOT NULL"
}
attrs2 = {
"year": "INT NOT NULL",
"total": "FLOAT NOT NULL",
"food": "FLOAT NOT NULL",
"cloth": "FLOAT NOT NULL",
"house": "FLOAT NOT NULL",
"trans": "FLOAT NOT NULL",
"play": "FLOAT NOT NULL",
"others": "FLOAT NOT NULL"
}
constraint = "PRIMARY KEY(`id`)"
db.CreateTable(table1, attrs1, constraint)