def user_confirmation(token):
try:
ts = URLSafeTimedSerializer(app.config["SECRET_KEY"])
user_id = ts.loads(token, salt="email-confirm-key")
except:
abort(403)
dbUser = DBAccess.GetDBUserById(user_id)
DBAccess.ExecuteUpdate('update users set level=1 where id=%s', (user_id, ))
email_text = f'''<html> Dobrý den,
<br>
<br> Váš účet byl ověřen a nyní se můžete <a href="https://app.seniore.org/login/">přihlásit </a>. (Pokud odkaz nefunguje, prosíme, je nutné ho zkopírovat a celý vložit do vašeho prohlížeče.)<br>
<br>
Věnujte prosím chviličku instrukcím, jak aplikaci používat. <br>
1. Na mapce uvidíte svojí polohu. V blízkosti se zobrazí lidé, kteří mohou pomoci, nebo pomoc potřebují. <br>
Je možné, že se ve Vaší lokalitě zatím nikdo nepřihlásil. Kontaktujte prosím kohokoliv, kdo by se mohl zapojit. <br>
2. Pro ostatní uživatele jste zatím neviditení! Abyste se i vy zobrazil jiným uživatelům, je potřeba kliknout na tlačítko “Zobrazit mě na mapě” na kartě "Vyhledat".<br>
V následujícím kroku vyplníte, zda pomoc potřebujete, nebo jí můžete poskytnout.<br>
3. Kliknutím na Pin (znaménko v mapě) u jiného uživatele jej můžete kontaktovat. Přijde Vám i jí/jemu mail, který Vás vzájemně propojí. Domluvíte se potom už sami.<br>
<br>
Budete-li mít jakékoliv dotazy, pište na [email protected].<br>
Pojďme společně obnovit svět, kde si sousedé pomáhají.<br>
<br>
Váš tým Seniore
</html>'''
SendMail(GetEmail('noreplyMail'), dbUser.email,
'Seniore.org - ověření účtu', email_text)
return f'Uživatel {dbUser.first_name} {dbUser.surname} byl nastaven jako schválený a byl mu odeslán informační email.'
def match():
id_users_services = request.args.get("id", type=int)
user_service_requested = DBAccess.ExecuteSQL(
"""
SELECT d.demand_offer, s.category,d.id,u.id
FROM users u
LEFT JOIN users_services us on us.id_users = u.id
LEFT JOIN services s on s.id = us.id_services
LEFT JOIN demand_offer d on d.id = us.id_demand_offer
WHERE us.id = %s
""",
(id_users_services, ),
)[0]
demand_offer_text = 'poptává' if user_service_requested[
2] == 1 else 'nabízí'
tomorrowStr = (date.today() + timedelta(days=1)).strftime('%Y-%m-%d')
dbUser = DBAccess.GetDBUserById(user_service_requested[3])
headerText = f'{dbUser.first_name} {dbUser.surname} {demand_offer_text} činnost {user_service_requested[1]}'
kwargs = {
"demand_offer": user_service_requested[0],
"id_demand_offer": user_service_requested[2],
"services": user_service_requested[1],
"id": id_users_services,
"headerText": headerText
}
return render_template("/match.html", **kwargs)
def login():
form = LoginForm()
if form.validate_on_submit():
sleep(3)
user = form.user.data.strip()
userRow = DBAccess.ExecuteSQL(
"select email, password, first_name, surname, id, level,salt from "
"users where trim(email) ilike %s",
(user, ),
)
if userRow is None:
flash("Uživatel nenalezen", FlashStyle.Danger)
return render_template("login.html", form=form)
userRow = userRow[0]
# execute sql gets list with one item, ie:[(email, password, first_name,
# surname, id)], we need just (), ie tuple
salt = userRow[6]
def addSalt(passwordArg):
return passwordArg + salt
#md5Pass = hashlib.md5(addSalt(str(form.password.data)).encode()).hexdigest()
bcrypt = Bcrypt()
#bcryptHash = bcrypt.generate_password_hash(addSalt(str(form.password.data)))
# check if second item is equal to hashed password
try:
if bcrypt.check_password_hash(userRow[1],
form.password.data) == False:
flash("Špatné heslo", FlashStyle.Danger)
return render_template("login.html", form=form)
except:
flash("Špatné heslo", FlashStyle.Danger)
return render_template("login.html", form=form)
if userRow[5] == 0:
flash(
"Uživatel není ověřen, počkejte prosím na ověření"
" administrátorem stránek.", FlashStyle.Danger)
return render_template("login.html", form=form)
session["user"] = user
session["id_user"] = userRow[4]
session["level_user"] = userRow[5]
dbUser = DBAccess.GetDBUserById(userRow[4])
dbUser.SaveToSession('dbUser')
# flash("Uživatel/ka {0} {1} přihlášen/a".format(userRow[2], userRow[3]), FlashStyle.Success)
return redirect(url_for("overview_bp.prehled_all"))
return render_template("login.html", form=form)
def profil():
dbUser = DBAccess.GetDBUserById(session["id_user"])
name = f'{dbUser.first_name} {dbUser.surname}'
info = dbUser.info
mail = dbUser.email
phone = dbUser.telephone
latitude = str(
DBAccess.ExecuteScalar("select latitude from users where id = %s",
(session["id_user"], )))
longitude = str(
DBAccess.ExecuteScalar("select longitude from users where id = %s",
(session["id_user"], )))
username = session["user"]
imgCloudUrl = GetImageUrl(session["id_user"])
if request.method == "GET":
users_services = DBAccess.ExecuteSQL(
"select s.category as category, d.demand_offer as demand_offer,us.id from users_services us"
" left join users u on us.id_users = u.id"
" left join services s on s.id = us.id_services"
" left join demand_offer d on d.id = us.id_demand_offer where u.id = %s",
(session["id_user"], ))
addServiceText = 'Přidat službu'
if (users_services is None):
users_services = []
addServiceText = 'Zobrazit mě na mapě'
sndmap = Map(
identifier="sndmap",
style="height:100%;width:100%;margin:0;",
lat=latitude,
lng=longitude,
report_clickpos=True,
clickpos_uri="/clickpost/",
markers=[{
"icon":
"https://maps.google.com/mapfiles/kml/pal2/icon10.png",
"lat":
latitude,
"lng":
longitude,
"infobox":
f"<b>{username}</b><img class=img_mapa src= {imgCloudUrl} />"
}])
requests = DBAccess.ExecuteSQL(
"""select
ud.first_name,
ud.surname,
ud.email,
ud.telephone,
uo.first_name,
uo.surname,
uo.email,
uo.telephone,
s.category,
to_char(r.date_time, 'DD-MM-YYYY HH24:MI'),
r.add_information,
r.timestamp,
rs.status,
r.id
from requests r
inner join services s on r.id_services = s.id
inner join users ud on r.id_users_demand = ud.id
inner join users uo on r.id_users_offer = uo.id
inner join requests_status rs on r.id_requests_status = rs.id
where ud.id = %s or uo.id =%s """,
(session["id_user"], session["id_user"]))
if requests == None:
requests = []
return render_template("profil.html",
users_services=users_services,
nazev=imgCloudUrl,
sndmap=sndmap,
requests=requests,
name=name,
info=info,
mail=mail,
phone=phone,
addServiceText=addServiceText)
def prehled_all():
services = DBAccess.ExecuteSQL("select * from services order by pageorder")
onMap = DBAccess.ExecuteScalar(
'select 1 from users_services where id_users = %s',
(session['id_user'], )) != None
checked_services_id_list = []
for service in services:
checked_services_id_list.append(service[0])
form = regFormBuilder(
services
) # put all services to form, but I need to display it - by for cycle below
form.checkBoxes.clear()
form.demandOffer.choices = [('2', 'poskytují pomoc'),
('1', 'potřebují pomoc')]
for index in form.checkBoxIndexes:
checkbox = getattr(form, "checkbox%d" % index)
if (request.method == 'GET'):
checkbox.data = True
form.checkBoxes.append(getattr(
form, "checkbox%d" % index)) # displaying checkboxes on website
if form.validate_on_submit():
checked_services_id_list = []
for index in form.checkBoxIndexes:
checkbox = getattr(form, "checkbox%d" % index)
if checkbox.data:
checked_services_id_list.append(checkbox.id)
result = DBAccess.ExecuteSQL(
'''
SELECT u.id, u.first_name, u.surname, u.info, d.demand_offer, u.latitude, u.longitude, us.id,s.category
FROM users u
LEFT JOIN users_services us on us.id_users = u.id
LEFT JOIN services s on s.id = us.id_services
LEFT JOIN demand_offer d on d.id = us.id_demand_offer
WHERE d.id = %s AND
us.id_services in %s
ORDER BY u.id, us.id
''', (int(form.demandOffer.data), tuple(checked_services_id_list)))
if result is None:
result = []
flash(
"Bohužel v systému nejsou zadány žádné služby dle vašeho filtru.")
usersCatDict = {}
for row in result:
key = list(row)
key = tuple(key[:7])
# key = tuple(list(row)[:7])
value = row[-2:]
if (key in usersCatDict):
usersCatDict[key].append(value)
else:
usersCatDict[key] = [value]
demandOfferText = 'nabízené'
mapIconUrl = "https://maps.google.com/mapfiles/ms/icons/green-dot.png"
if (int(form.demandOffer.data) == 1):
demandOfferText = 'poptávané'
mapIconUrl = "https://maps.google.com/mapfiles/ms/icons/blue-dot.png"
dbUser = DBAccess.GetDBUserById(session['id_user'])
# markery pro kazdeho vyhledaneho
markers = []
marker = {}
marker["icon"] = "https://maps.google.com/mapfiles/kml/pal2/icon10.png"
marker["lat"] = str(dbUser.latitude)
marker["lng"] = str(dbUser.longitude)
marker[
"infobox"] = f'<b>{dbUser.first_name} </b><br>{dbUser.info}<img class=img_mapa src= {GetImageUrl(dbUser.id)} />'
markers.append(marker)
for user in usersCatDict.keys():
servicesHTML = '<ul>'
for service in usersCatDict[user]:
servicesHTML = servicesHTML + f'<li> {service[1]} <a href="/match?id={service[0]}">Kontaktovat</a></li>'
servicesHTML = servicesHTML + '</ul>'
pictureUrl = GetImageUrl(user[0])
marker = {}
marker["icon"] = mapIconUrl
marker["lat"] = str(user[5])
marker["lng"] = str(user[6])
marker["infobox"] = f'''<b>{user[1]} </b><p>{user[3]}</p>\
<img class=img_mapa src= {pictureUrl} /><br>\
<p>{demandOfferText} služby: {servicesHTML}</p>'''
markers.append(marker)
map = Map(
identifier="sndmap",
style="height:100%;width:100%;margin:0;",
lat=str(dbUser.latitude),
lng=str(dbUser.longitude),
markers=markers
) # get map, zoom on location of actual user, insert markers from select, ie users who provide specific required service
return render_template("prehled_all.html",
sndmap=map,
form=form,
onMap=onMap)
def prehled_filtr():
form = OverviewFormBase()
services = DBAccess.ExecuteSQL("select * from services")
addresses = DBAccess.ExecuteSQL("select distinct lower(town) from users")
if request.method == "GET":
return render_template("prehled.html",
form=form,
services=services,
addresses=addresses)
elif request.method == "POST":
vysledekselectu = DBAccess.ExecuteSQL(
"""
SELECT u.first_name, u.surname, s.category, d.demand_offer, u.town, us.id, u.latitude, u.longitude, u.id, u.info
FROM users u
LEFT JOIN users_services us on us.id_users = u.id
LEFT JOIN services s on s.id = us.id_services
LEFT JOIN demand_offer d on d.id = us.id_demand_offer
WHERE d.id = %s and s.id = %s and lower(u.town) = lower(%s)
ORDER BY us.id desc
""", (form.demandOffer.data, request.form["category"],
request.form["address"]))
if vysledekselectu is None:
vysledekselectu = []
dbUser = DBAccess.GetDBUserById(session['id_user'])
if len(vysledekselectu) == 0:
flash("Bohužel pro vámi zadanou kombinaci pro vás nemáme parťáka.")
# markery pro kazdeho vyhledaneho
markers = []
marker = {}
marker["icon"] = "https://maps.google.com/mapfiles/kml/pal2/icon10.png"
marker["lat"] = str(dbUser.latitude)
marker["lng"] = str(dbUser.longitude)
marker[
"infobox"] = f'<b>{dbUser.first_name} </b><br>{dbUser.info}<img class=img_mapa src= {GetImageUrl(dbUser.id)} />'
markers.append(marker)
for user in vysledekselectu:
pictureUrl = GetImageUrl(user[8])
marker = {}
marker[
"icon"] = "https://maps.google.com/mapfiles/ms/icons/green-dot.png"
marker["lat"] = str(user[6])
marker["lng"] = str(user[7])
marker[
"infobox"] = f'<b>{user[0]} {user[1]}</b><br>{user[9]}<img class=img_mapa src= {pictureUrl} /> <a href="/match?id={user[5]}">Kontaktovat</a>'
markers.append(marker)
map = Map(
identifier="sndmap",
style="height:100%;width:100%;margin:0;",
lat=str(dbUser.latitude),
lng=str(dbUser.longitude),
markers=markers
) # get map, zoom on location of actual user, insert markers from select, ie users who provide specific required service
return render_template("prehled_success.html",
entries=vysledekselectu,
sndmap=map)