def addstudent(): try: if request.method == "POST": cond = request.form["customRadio"] if (cond == 'addstudent'): name = request.form['name'] roll = request.form['roll'] year = request.form.get('acyear') branch = request.form.get('branch') c, conn = connection() try: c.execute("INSERT INTO student VALUES (%s,%s, %s,%s)", (roll, name, branch, year)) conn.commit() conn.close() flash(roll + ' Added Successfully') except Exception: flash('Invalid Credentials') if (cond == 'viewstudent'): c, conn = connection() year = request.form.get('acyear') branch = request.form.get('branch') try: c.execute( "SELECT roll,name,branch,acyear FROM student WHERE acyear=%s AND branch=%s", ( year, branch, )) data = c.fetchall() if data: colname = [desc[0] for desc in c.description] data.insert(0, colname) return render_template('view.html', data=data, down=down, type=session['type'], year=yea, subj=subj) except Exception as e: flash('Invalid Credentials') if (cond == 'deletestudent'): c, conn = connection() roll = request.form['roll'] try: c.execute("DELETE FROM student WHERE roll = ('%s')" % (roll)) conn.commit() conn.close() flash(roll + ' Deleted Successfully') except Exception: flash('Unable to find given details') except Exception as e: flash('Unable to connect Please try again') return render_template('home.html', type=session['type'], year=yea, subj=subj)
def login(): error = '' error1 = '' try: if request.method == "POST": username = request.form['username'] password = request.form['password'] conn, cur = connection() x = cur.execute("SELECT * FROM user WHERE username=(%s)", (username, )) if int(x) == 0: error = 'User Not found' elif int(x) > 0: conn, cur = connection() cur.execute("SELECT password FROM user WHERE username=(%s)", (username, )) record = cur.fetchone() for row in record: if (password) == (row): session['name'] = username return redirect(url_for('main')) else: error1 = 'Wrong password' return render_template("login.html", error=error, error1=error1) except Exception as e: return render_template("login.html", error=error, error1=error1)
def add_specs(brand, model_name): if request.method == 'POST': model_name = request.form.get('model_name') brand = request.form.get('brand') print(brand) print(model_name) processor = request.form.get('processor') graphics = request.form.get('graphics') os = request.form.get('os') battery_cap = request.form.get('battery_cap') quick_charge = request.form.get('quick_charge') front_camera = request.form.get('front_camera') rear_camera = request.form.get('rear_camera') display_type = request.form.get('display_type') display_size = request.form.get('display_size') aspect_ratio = request.form.get('aspect_ratio') weight = request.form.get('weight') build = request.form.get('build') dimensions = request.form.get('dimensions') colours = request.form.get('colours').split(",") print(colours) # inserting colors for colour in colours: # create cursor cur, conn = connection() cur.execute( "INSERT INTO colours (model_name, colour) VALUES ('%s','%s')" % (model_name, colour)) # commit conn.commit() # close connection cur.close() # create cursor cur, conn = connection() # inserting specs cur.execute( """INSERT INTO specifications(model_name, processor, graphics, os, battery_cap, quick_charge, front_camera, rear_camera, display_type, display_size, aspect_ratio,dimensions, weight, build) VALUES(%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)""", (model_name, processor, graphics, os, battery_cap, quick_charge, front_camera, rear_camera, display_type, display_size, aspect_ratio, dimensions, weight, build)) # commit conn.commit() # close connection cur.close() flash('Specs are saved successfully...') return redirect( url_for('add_variants', brand=brand, model_name=model_name)) return render_template('addSpecs.html', brand=brand, model_name=model_name)
def registration(): try: if request.method == "POST" : if 'submit_button' in request.form: name = request.form['name'] clgname = request.form['clgname'] email=request.form['email'] branch = request.form['branch'] paper_title=request.form['papertitle'] x=mailverify(email) if x == 1: c, conn = connection() c.execute("SELECT MAX(id) FROM festusers") id=c.fetchone() c.execute("INSERT INTO festusers VALUES (%s,%s, %s,%s, %s, %s)",(id[0]+1,name,clgname,email,paper_title,branch)) conn.commit() z=send_mail(str(email),id[0]+1) c.close() conn.close() gc.collect() flash("Successfully Registered !! Please check your email for further communication!!") return render_template("resonance.html") else: flash("Invalid email!!") return render_template('register.html') return render_template("register.html") except Exception as e: return render_template("home.html", error = e)
def lewis_t(text): try: print("db_result") c, conn = connection() c.execute("SELECT * FROM structures where element ='" + text + "'") db_result = c.fetchall() lwis = str(db_result).split("', '") lenth = len(lwis) xxx = "" for i in range(lenth): if i == 0: lwis[0] = lwis[0][3:] elif i == lenth - 1: size = len(lwis[i]) lwis[i] = lwis[i][:size - 4] final_answer = ",".join(lwis) c.close() conn.close() gc.collect() except Exception as e: return (str(e)) return final_answer
def login_page(): error = None try: if request.method == 'POST': c, conn = connection() username = c.execute("SELECT * FROM users WHERE username=(%s)", (thwart(request.form['username']), )) if username == 0: #error=" Username doesn't exist" flash("Username doesn't exist") return render_template('login.html', error=error) data = c.fetchone()[2] if sha256_crypt.verify(request.form['password'], data): session['logged_in'] = True session['username'] = request.form['username'] return redirect(url_for('dashboard')) else: # error=" Incorrect Password" flash("Incorrect Password") return render_template('login.html', error=error) c.close() conn.close() gc.collect() return render_template('login.html', error=error) except Exception as e: return render_template("login.html", error=e)
def register(): try: form = RegistrationForm(request.form) if request.method == 'POST' and form.validate(): username = form.username.data email = form.email.data password = sha256_crypt.encrypt((str(form.password.data))) c, conn = connection() x = c.execute("SELECT * from users where username=(%s)", [thwart(username)]) if int(x) > 0: flash("That username is already taken.Please choose another") return render_template('register.html', form=form) else: c.execute( "INSERT INTO users (username,password,email) VALUES (%s,%s,%s)", (thwart(username), thwart(password), thwart(email))) conn.commit() flash("Thanks for registering!!!") c.close() conn.close() gc.collect() return redirect('/') return render_template('register.html', form=form) except Exception as e: return (str(e))
def login(): c,conn = connection() try: if request.method == "POST" : if 'adminsubmit' in request.form: c.execute("SELECT * FROM admin WHERE email = ('%s')" %request.form["adminmail"]) data = c.fetchone() if sha256_crypt.verify(request.form['password'],data[1] ): c.execute("SELECT * FROM festusers WHERE branch = %s",(data[2],)) colname=[desc[0] for desc in c.description] tab_data=c.fetchall() l=len(tab_data) tab_data.insert(0,colname) c.close() session['logged_in'] = True session['username'] = request.form['adminmail'] conn.commit() conn.close() gc.collect() return render_template("home.html",data = tab_data,l=l) except Exception as e: return render_template("admin.html") return render_template("admin.html")
def add_variants(brand, model_name): if request.method == 'POST': model_name = request.form.get('model_name') brand = request.form.get('brand') print("inside variants") print(brand) print(model_name) variant = request.form.get('variant') price = request.form.get('price') # creating cursor cur, conn = connection() cur.execute( """INSERT INTO variants (model_name, variant, price) VALUES (%s,%s,%s)""", (model_name, variant, price)) # commit conn.commit() # close cursor cur.close() flash("A new variant is added successfully...", 'success') return redirect( url_for('add_variants', brand=brand, model_name=model_name)) return render_template('addVariants.html', brand=brand, model_name=model_name)
def user_registration(): try: c, conn = connection() c.execute("SELECT * FROM users where email =%s", (request.json['email'], )) data = c.fetchall() edata = str(data).replace("'", "").replace("(", "").replace( "),)", "").replace(" ", "").replace(")", "") if (len(edata) == 0): c.execute( "INSERT INTO users(email,password,f_name,l_name) VALUES (%s,%s,%s,%s)", (request.json['email'], request.json['password'], request.json['f_name'], request.json['l_name'])) conn.commit() c.close() conn.close() gc.collect() return "1" else: return "0" except Exception as e: return (str(e))
def home(): c,conn = connection() query = "SELECT * FROM posts" c.execute(query) post = c.fetchall() print(type(post)) print(post) last = math.ceil(len(post)/int(params['no_of_posts'])) print(last) #[0: params['no_of_posts']] #posts = posts[] page = request.args.get('page') if(not str(page).isnumeric()): page = 1 page= int(page) post = post[(page-1)*int(params['no_of_posts']): (page-1)*int(params['no_of_posts'])+ int(params['no_of_posts'])] #Pagination Logic #First if (page==1): prev = "#" next = "/?page="+ str(page+1) elif(page==last): prev = "/?page=" + str(page - 1) next = "#" else: prev = "/?page=" + str(page - 1) next = "/?page=" + str(page + 1) return render_template("index.html", params=params, post=post, prev=prev, next=next)
def login_page(): '''The login page. If the user inputs a login&password, first check if the username exists, if so check the password and send the user to the chat room after updating the session and active_users. Else, display "invalid credentials" and render the template again. It's easy to flash different error messages for invalid username and invalid password, but that feels hacker-friendly. Easy to change anyway.''' try: if request.method == "POST": cursor, conn = connection() user_exists = cursor.execute( "SELECT * FROM users WHERE username = (%s)", [request.form["username"]]) # first see if the username exists if int(user_exists) > 0: # puts together the namespace and the values from the db... safer than doing things like row[2] assuming order etc. user = dict( zip(map(lambda x: x[0], cursor.description), cursor.fetchone())) # see if the password also checks out if sha256_crypt.verify(request.form['password'], user['password']): session['logged_in'] = True session['name'] = user['username'] active_users['lobby'].add(session['name']) flash("You are now logged in") return redirect(url_for("chat")) else: flash('Invalid credentials, please try again.') return render_template("login.html") return render_template("login.html") except Exception as e: return render_template("500.html", error=e)
def login(): error = '' try: c, conn = connection() if request.method == "POST": #request_data = request.form.to_dict(flat=False) username = request.form['username'] data = c.execute("SELECT * FROM users WHERE username=(%s)", (username, )) data = c.fetchone()[2] if sha256_crypt.verify(request.form['password'], data): session['logged_in'] = True session['username'] = request.form['username'] flash("You are now logged in") return redirect(url_for("dashboard")) else: error = "Invaild credentials, try again." gc.collect() return render_template("login.html", error=error) except Exception as e: #flash(e) error = "Invaild credentials, try again." return render_template('login.html', error=error)
def user_signup(): if request.method == 'POST': name = request.form.get('name') email = request.form.get('email') password = sha256_crypt.encrypt(str(request.form.get('password'))) # password = form.password.data print(name) print(email) print(password) # creating cursor cur, conn = connection() # check if email exists result = cur.execute("""SELECT * FROM users WHERE email=%s""", (email, )) if result > 0: flash("user already exist use another email", 'danger') return redirect(url_for("home")) cur.execute( """INSERT INTO users(name, email, password) VALUES(%s, %s, %s)""", (name, email, password)) # commit conn.commit() # close connection cur.close() flash('You are now registered and you can log in', 'success') return redirect(url_for('home'))
def upload_img(brand, model_name): if request.method == 'POST': model_name = request.form.get('model_name') brand = request.form.get('brand') f = request.files.getlist('img_file') print(f) for img in f: img_url = img.filename print(img_url) img.save( os.path.join(app.config['UPLOAD_FOLDER'], secure_filename(img.filename))) # create cursor cur, conn = connection() cur.execute( "INSERT INTO images (model_name, img_url) VALUES ('%s','%s')" % (model_name, img_url)) # commit conn.commit() # close connection cur.close() print(brand) print(model_name) flash('Image uploaded successfully...', 'success') return redirect( url_for('add_specs', brand=brand, model_name=model_name)) return render_template('uploader.html', brand=brand, model_name=model_name)
def dashboard(): c,conn = connection() if ('user' in session and session['user']==params['admin_user']): query = "SELECT * FROM posts" c.execute(query) post = c.fetchall() print(post) print(type(post)) return render_template('admin_pannel.html', params=params, post=post) if request.method == 'POST': username = request.form.get('uname') password = request.form.get('pass') if (username==params['admin_user'] and password==params['admin_password']): #set session variable session['user']= username query = "SELECT * FROM posts" c.execute(query) post = c.fetchall() print(post) print(type(post)) return render_template('admin_pannel.html', post=post, params=params) return render_template('login.html', params=params)
def add_gadget(): if request.method == 'POST': model_name = request.form.get('model_name') print(model_name) brand = request.form.get('brand') print(brand) price = request.form.get('price') # create cursor cur, conn = connection() cur.execute( "INSERT INTO mobile (model_name, brand, price) VALUES ('%s', '%s','%s')" % (model_name, brand, price)) # commit conn.commit() # close connection cur.close() flash('Gadget added successfully...', 'success') return redirect( url_for('upload_img', brand=brand, model_name=model_name)) return render_template('addGadget.html')
def login_page(): '''The login page. If the user inputs a login&password, first check if the username exists, if so check the password and send the user to the chat room after updating the session and active_users. Else, display "invalid credentials" and render the template again. It's easy to flash different error messages for invalid username and invalid password, but that feels hacker-friendly. Easy to change anyway.''' try: if request.method == "POST": cursor,conn = connection() user_exists = cursor.execute("SELECT * FROM users WHERE username = (%s)", [request.form["username"]]) # first see if the username exists if int(user_exists) > 0: # puts together the namespace and the values from the db... safer than doing things like row[2] assuming order etc. user = dict(zip(map(lambda x:x[0], cursor.description), cursor.fetchone())) # see if the password also checks out if sha256_crypt.verify(request.form['password'], user['password']): session['logged_in'] = True session['name'] = user['username'] active_users['lobby'].add(session['name']) flash("You are now logged in") return redirect(url_for("chat")) else: flash('Invalid credentials, please try again.') return render_template("login.html") return render_template("login.html") except Exception as e: return render_template("500.html", error = e)
def post_reviews(brand, model_name): if request.method == 'POST': print(brand) print(model_name) rating = request.form.get('rating') title = request.form.get('title') comment = request.form.get('comment') print(rating) # create cursor cur, conn = connection() cur.execute( """INSERT INTO reviews (model_name, email, rating, title, comment) VALUES (%s,%s,%s,%s,%s)""", (model_name, session['username'], rating, title, comment)) # commit conn.commit() # close connection cur.close() return redirect( url_for('view_details', brand=brand, model_name=model_name)) return render_template('add_review.html', brand=brand, model_name=model_name)
def upload(): try: c, conn = connection() s = '' if request.method == "POST": for i in st[2:]: for j in i: marks = request.form[j[0]] s = 'UPDATE student SET ' + st[1].replace( ' ', '') + '=%s WHERE roll=%s' print('marks ', marks, j[0]) c.execute(s, (marks, j[0])) conn.commit() conn.close() flash('Successfully Uploaded') return render_template('home.html', type=session['type'], year=yea, subj=subj) except Exception as e: flash('Invalid Credentials') return render_template('home.html', type=session['type'], year=yea, subj=subj)
def login(): c, conn = connection() try: if request.method == "POST": if 'submit' in request.form: c.execute("SELECT * FROM users WHERE id = ('%s')" % request.form["id"]) data = c.fetchone() if sha256_crypt.verify(request.form['password'], data[1]): session.permanent = True session['logged_in'] = True session['username'] = request.form["id"] session['type'] = data[2] conn.commit() conn.close() gc.collect() return render_template("home.html", type=session['type'], year=yea, subj=subj) except Exception as e: flash('Invalid Credentials') session.clear() return render_template("login.html") session.clear() return render_template("login.html")
def delete(id): c, conn = connection() c.execute("DELETE FROM todolist WHERE id=(%s)", (thwart(id), )) conn.commit() c.close() conn.close() flash("Task deleted!!!") return redirect(url_for('dashboard'))
def delete(Sno): if ('user' in session and session['user']==params['admin_user']): c,conn = connection() query = "DELETE FROM posts where sno = '%s'" %(Sno,) print(query) c.execute(query) conn.commit() return redirect('/dashboard')
def sql(id): if request.method == 'DELETE': cur, conn = connection() cur.execute("DELETE FROM log where log_id ='" + id + "'") conn.commit() cur.close() data = {'message': 'deleted', 'success': True} return jsonify(data)
def download(): c, conn = connection() with conn: with c: v = [] v = [list(item) for item in view] return excel.make_response_from_array(v, "csv", file_name="mid_marks")
def download(): c,conn=connection() with conn: with c: c.execute("SELECT * FROM festusers WHERE branch = %s",(session['username'],)) colname=[desc[0] for desc in c.description] tab_data=c.fetchall() tab_data.insert(0,colname) return excel.make_response_from_array(tab_data, "csv",file_name="registered_candidates")
def posts(post_slug): print(post_slug) c,conn = connection() query = "SELECT * FROM posts where slug = '%s'" %(post_slug,) c.execute(query) post = c.fetchone() print(post) print(type(post)) return render_template('post.html', post=post, params=params)
def section_data(): conn, cur = connection() cur.execute('SELECT section FROM section') row_headers = [x[0] for x in cur.description] #this will extract row headers rv = cur.fetchall() json_data = [] for result in rv: json_data.append(dict(zip(row_headers, result))) return (json.dumps(json_data))
def homepage(): if 'logged_in' in session: c,conn = connection() c.execute("SELECT * FROM festusers WHERE branch = %s",(session['username'],)) colname=[desc[0] for desc in c.description] tab_data=c.fetchall() l=len(tab_data) tab_data.insert(0,colname) return render_template("home.html",data=tab_data,l=l) return render_template("home.html")
def user(): try: if request.method == "POST": cond = request.form["customRadio1"] id = request.form["id"] password = sha256_crypt.encrypt(request.form["password"]) typ = request.form.get('type') email = request.form["email"] if (cond == 'adduser'): c, conn = connection() x = mailverify(email) if (x == 1): c.execute("INSERT INTO users VALUES (%s,%s, %s,%s)", (id, password, typ, email)) conn.commit() conn.close() flash('Succeccfully added new user') return render_template("home.html", type=session['type'], year=yea, subj=subj) else: flash('Invalid email') if (cond == 'deluser'): c, conn = connection() c.execute("DELETE FROM users WHERE id=('%s')" % id) conn.commit() conn.close() flash('Succeccfully deleted user') return render_template("home.html", type=session['type'], year=yea, subj=subj) except Exception as e: flash('Invalid Credentials') return render_template("home.html", type=session['type'], year=yea, subj=subj)
def user_profile(): cur, conn = connection() # get user by username cur.execute("""SELECT * FROM users WHERE email= %s""", (session['username'], )) # fetch result data = cur.fetchone() return render_template('user_profile.html', data=data)
def profile_page(): '''Connect to the users database to get the registered time. Connect to the chat logs database to get the recent chat logs of the user''' try: cursor,conn = connection() cursor.execute("SELECT * FROM users WHERE username = (%s)", [session['name']]) user = dict(zip(map(lambda x:x[0], cursor.description), cursor.fetchone())) user["registered_time_displayform"] = user["registered_time"].strftime('%Y-%m-%d') cursor.execute("SELECT * FROM chatlog WHERE (receiver LIKE %s OR sender = %s) ORDER BY messageid DESC LIMIT 20;", ["%"+session['name']+"%", session['name'] ]) namespace = map(lambda x:x[0], cursor.description) user['chatlog'] = cursor.fetchall() return render_template('profile.html',user = user) except Exception as e: return render_template("500.html", error = e)
def sent(message): '''New chat message gets sent to everybody in the room. Also if there are more than one logged in user in the room, log the message''' room = session.get('room') emit('message', {'msg': session.get('name') + ':' + message['msg']}, room=room) #log the message only if the user is not the only logged in user in the room if len(active_users[session['room']]) > 1: # is it too costly to open/close a connection every time? ChatCursor,ChatConn = connection() ChatCursor.execute("INSERT INTO chatlog (sender,receiver,room,message) VALUES (%s, %s, %s, %s)", [session['name'], str(list( active_users[session['room']] - set([session['name']]) )), room, message['msg'] ]) ChatConn.commit() ChatCursor.close() ChatConn.close() gc.collect()
def registration_page(): '''With validated username and password fields from the form, check if the username already exists. After registering update session and active_users and send the user to the chat page.''' try: form = RegistrationForm(request.form) # form.validate checks for the length of the username and password, and two password fields # being equal to each other. if request.method == "POST" and form.validate(): username = str(form.username.data) passwd = sha256_crypt.encrypt((str(form.password.data))) cursor,conn = connection() #check if the user exists user_exists = cursor.execute("SELECT * FROM users WHERE username = (%s)", [username]) if int(user_exists) > 0: flash("Username is already taken, please pick another one.") return render_template('register.html',form = form) else: if username.startswith('Guest_'): flash("Guest_* usernames are for guests, you deserve better.") return render_template('register.html',form = form) cursor.execute("INSERT INTO users (username,password) VALUES (%s, %s)", [username, passwd]) conn.commit() cursor.close() conn.close() gc.collect() session['logged_in'] = True session['name'] = username flash("Thanks for registering!") active_users['lobby'].add(session['name']) return redirect(url_for('chat')) else: return render_template('register.html', form = form) except Exception as e: return render_template("500.html", error = e)
from dbconnection import connection c, conn = connection() def create_person_table(): """Create preson table""" c.execute("CREATE TABLE person (Id INT PRIMARY KEY, firstName VARCHAR(25), lastName VARCHAR(25))") c.close() def enter_new_person(): id = input("id number?: ") firstName = input("First Name?: ") lastName = input("Last Name?: ") c.execute("INSERT INTO person (Id, firstName, lastName) VALUES (%s, %s, %s)", (id, firstName, lastName)) conn.commit() print_table() def delete_person_by_id(id): try: sql = "DELETE FROM person WHERE Id = %s" c.execute(sql, id) conn.commit() print_table() except Exception: print ("Something wrong happened") def print_person_by_id(id):