def edit_collection_route():
options = {"year": datetime.datetime.now().year}
options = authenticate(options)
collection = request.args.get('collection')
if request.method == 'GET':
img_data = query("SELECT * from Images WHERE collection = '" +
collection + "'")
options['images'] = img_data
return render_template("editCollection.html", **options)
elif request.method == 'POST':
if request.form['op'] == 'add':
file = request.files['file']
comment = request.form['comment']
if file.filename != '':
if file and allowed_file(file.filename):
m = hashlib.md5(
(file.filename + collection +
str(datetime.datetime.now())).encode('utf-8'))
hashed = m.hexdigest()
get_extension = file.filename.rsplit('.', 1)[1].lower()
new_filename = hashed + "." + get_extension
filename = secure_filename(new_filename)
carousel = '1'
if request.form.getlist('carousel'):
carousel = '0'
conn = tinys3.Connection(s3_key, s3_skey, tls=True)
conn.upload(new_filename, file, 'janehardystudio')
query(
"INSERT INTO Images(id, format, caption, collection, carousel) VALUES \
('" + hashed + "', '" + get_extension + "','" + comment + "','" +
collection + "','" + carousel + "')")
return redirect(
url_for('collection.edit_collection_route', collection=collection))
def main_route():
options = {"year": datetime.datetime.now().year}
options = authenticate(options)
data = query("SELECT * from Collections ORDER BY created_time;")
options['collections'] = data
slides = query(
"SELECT * FROM Images WHERE carousel = '0' ORDER BY created_time;")
options['slides'] = slides
return render_template("index.html", **options)
def gallery_route(collection):
options = {"year": datetime.datetime.now().year}
options = authenticate(options)
data = query("SELECT * from Collections ORDER BY created_time;")
images = query("SELECT * FROM Images WHERE collection =\"" +
str(collection) + "\" ORDER BY created_time;")
options['collections'] = data
options['images'] = images
return render_template("gallery.html", **options)
def create_collection_route():
options = {"year": datetime.datetime.now().year}
options = authenticate(options)
if request.method == 'GET':
data = query("SELECT * from Collections ORDER BY created_time DESC")
options['collections'] = data
return render_template("addCollect.html", **options)
elif request.method == 'POST':
new_collection = request.form['new_collection']
m = hashlib.new('md5')
m.update(str(new_collection).encode('utf-8'))
query("INSERT INTO Collections(title, size) values ('" +
new_collection + "'" + ",'" + str(0) + "')")
data = query("SELECT * from Collections ORDER BY created_time DESC")
options['collections'] = data
return render_template("addCollect.html", **options)
else:
return render_template("404.html")
def login_api_route():
json_info = request.get_json()
username = ''
password = ''
if 'username' in json_info and 'password' in json_info:
username = json_info["username"]
password = json_info["password"]
else:
json_errors = {
"errors": [{
"message": "You did not provide the necessary fields"
}]
}
return jsonify(json_errors), 422
passFromDB = ''
user_data = query("SELECT * FROM User Where username = '******'")
if user_data:
passFromDB = user_data[0]['password']
else:
json_errors = {"errors": [{"message": "Username does not exist"}]}
return jsonify(json_errors), 404
m = hashlib.new('sha512')
m.update(str(password).encode('utf-8'))
password_to_check = m.hexdigest()
if passFromDB == password_to_check:
session['username'] = username
return jsonify(username=username)
else:
json_error = {
"errors": [{
"message":
"Password is incorrect for the specified username"
}]
}
return jsonify(json_error), 422
def contact_route():
options = {"year": datetime.datetime.now().year}
options = authenticate(options)
data = query("SELECT * from Collections ORDER BY created_time DESC")
options['collections'] = data
return render_template("contact.html", **options)