Esempio n. 1
0
def login():
    """Log user in."""

    # Forget any user_id
    session.clear()

    # POST
    if request.method == "POST":

        # Validate form submission
        if not request.form.get("username") or not request.form.get(
                "password"):
            return uhoh("must provide username and password", 400)

        # Query database for username
        rows = db.execute("SELECT * FROM users WHERE username = :username",
                          username=request.form.get("username"))

        # Ensure username exists and password is correct
        if len(rows) != 1 or not check_password_hash(
                rows[0]["hash"], request.form.get("password")):
            return uhoh("invalid username and/or password", 400)

        # Remember which user has logged in
        session["user_id"] = rows[0]["id"]

        return redirect("/")

    # GET
    else:
        return render_template("login.html")
Esempio n. 2
0
def language():

    # POST
    if request.method == "POST":

        # Get language_id based language selected
        language_id = db.execute(
            "SELECT language_id FROM languages WHERE language_name=:name",
            name=request.form.get("language"))[0]["language_id"]

        # Get relevant posts from posts table
        languageposts = db.execute(
            """SELECT user_id, title, category_id, advice, timestamp FROM posts
                                   WHERE language_id=:language_id ORDER BY timestamp DESC""",
            language_id=language_id)
        if not languageposts:
            return uhoh("no posts in this language yet", 400)

        # Get information about categories
        category_ids = db.execute(
            "SELECT category_id, category_name FROM categories")

        # Get nicknames
        nicknames = db.execute("SELECT id, nickname FROM users")

        return render_template("language.html",
                               language=request.form.get("language"),
                               languageposts=languageposts,
                               category_ids=category_ids,
                               nicknames=nicknames)

    # GET
    else:
        return render_template("languages.html")
Esempio n. 3
0
def addevent():
    """Add event."""

    # POST
    if request.method == "POST":

        # Validate form submission
        if not request.form.get("event_url") or not request.form.get(
                "description"):
            return uhoh("missing event image url or description", 400)

        # Insert event into events table
        db.execute("""INSERT INTO events (user_id, description, event_url)
                   VALUES (:user_id, :description, :event_url)""",
                   user_id=session["user_id"],
                   description=request.form.get("description"),
                   event_url=request.form.get("event_url"))

        # Show user event they added
        return render_template("added.html",
                               description=request.form.get("description"),
                               event_url=request.form.get("event_url"))

    # GET
    else:
        return render_template("addevent.html")
Esempio n. 4
0
def register():
    """Register user for an account."""

    # User reached route via POST (as by submitting a form via POST)
    if request.method == "POST":

        # Ensure username and nickname were submitted
        if not request.form.get("username") or not request.form.get(
                "nickname"):
            return uhoh("missing username or nickname", 400)

        # Initiate correct PAF code
        pafcode = "Fre5h50!"

        # Ensure PAF code was submitted and is correct
        if request.form.get("pafcode") != pafcode:
            return uhoh("PAF code is missing or incorrect", 400)

        # Ensure password was submitted
        elif not request.form.get("password"):
            return uhoh("missing password", 400)

        # Ensure password confirmation was submitted and matches password
        elif request.form.get("password") != request.form.get("confirmation"):
            return uhoh(
                "confirmation either wasn't submitted or doesn't match password",
                400)

        # Add user to database
        id = db.execute(
            "INSERT INTO users (username, hash, nickname) VALUES(:username, :hash, :nickname)",
            username=request.form.get("username"),
            hash=generate_password_hash(request.form.get("password")),
            nickname=request.form.get("nickname"))
        if not id:
            return uhoh("username or nickname taken", 400)

        # Log user in
        session["user_id"] = id

        # Let user know they're registered
        flash("Registered!")
        return redirect("/")

    # User reached route via GET (as by clicking a link or via redirect)
    else:
        return render_template("register.html")
Esempio n. 5
0
def category():

    # POST
    if request.method == "POST":

        # User would like to see all posts
        if request.form.get("category") == "Allposts":

            # Get all posts from posts table
            categoryposts = db.execute(
                """SELECT user_id, title, language_id, advice, timestamp FROM posts
                                       ORDER BY timestamp DESC""")
            if not categoryposts:
                return uhoh("no posts yet", 400)

        # Display posts from specific category
        else:

            # Get category_id based on category selected
            category_id = db.execute(
                "SELECT category_id FROM categories WHERE category_name=:name",
                name=request.form.get("category"))[0]["category_id"]

            # Get relevant posts from posts table
            categoryposts = db.execute(
                """SELECT user_id, title, language_id, advice, timestamp FROM posts
                                       WHERE category_id=:category_id ORDER BY timestamp DESC""",
                category_id=category_id)
            if not categoryposts:
                return uhoh("no posts in this category yet", 400)

        # Get information about languages
        language_ids = db.execute(
            "SELECT language_id, language_name FROM languages")

        # Get nicknames
        nicknames = db.execute("SELECT id, nickname FROM users")

        return render_template("category.html",
                               category=request.form.get("category"),
                               categoryposts=categoryposts,
                               language_ids=language_ids,
                               nicknames=nicknames)
    # GET
    else:
        return render_template("categories.html")
Esempio n. 6
0
def home():
    """Home screen displays events."""

    # Get all events
    events = db.execute(
        "SELECT description, time_added, event_url FROM events ORDER BY time_added DESC"
    )
    if not events:
        return uhoh("no events yet", 400)

    return render_template("home.html", events=events)
Esempio n. 7
0
def postadvice():
    """Post advice."""

    # POST
    if request.method == "POST":

        # Validate form submission
        if not request.form.get("title") or not request.form.get("advice"):
            return uhoh("missing title or advice", 400)

        # Get language id based on what language was selected
        language_id = db.execute(
            "SELECT language_id FROM languages WHERE language_name=:name",
            name=request.form.get("language"))[0]["language_id"]

        # Get category id based on what category was selected
        category_id = db.execute(
            "SELECT category_id FROM categories WHERE category_name=:name",
            name=request.form.get("category"))[0]["category_id"]

        # Insert post into posts table
        db.execute(
            """INSERT INTO posts (user_id, category_id, language_id, title, advice)
                   VALUES (:user_id, :category_id, :language_id, :title, :advice)""",
            user_id=session["user_id"],
            category_id=category_id,
            language_id=language_id,
            title=request.form.get("title"),
            advice=request.form.get("advice"))

        # Show user what they posted
        return render_template("posted.html",
                               title=request.form.get("title"),
                               language=request.form.get("language"),
                               category=request.form.get("category"),
                               advice=request.form.get("advice"))

    # GET
    else:
        return render_template("postadvice.html")
Esempio n. 8
0
def myposts():
    """Display user's posts."""

    # Get all of users posts
    myposts = db.execute(
        """SELECT title, language_id, category_id, advice, timestamp
                         FROM posts WHERE user_id=:user_id ORDER BY timestamp DESC""",
        user_id=session["user_id"])
    if not myposts:
        return uhoh("no posts yet", 400)

    # Get information about languages
    language_ids = db.execute(
        "SELECT language_id, language_name FROM languages")

    # Get information about categories
    category_ids = db.execute(
        "SELECT category_id, category_name FROM categories")

    return render_template("myposts.html",
                           myposts=myposts,
                           language_ids=language_ids,
                           category_ids=category_ids)
Esempio n. 9
0
def paf():

    # POST
    if request.method == "POST":

        # Get user_id based on paf selected
        user_id = db.execute("SELECT id FROM users WHERE nickname=:nickname",
                             nickname=request.form.get("nickname"))[0]["id"]

        # Get relevant posts from posts table
        pafposts = db.execute(
            """SELECT category_id, title, language_id, advice, timestamp FROM posts
                              WHERE user_id=:user_id ORDER BY timestamp DESC""",
            user_id=user_id)
        if not pafposts:
            return uhoh("no posts from this user yet", 400)

        # Get information about categories
        category_ids = db.execute(
            "SELECT category_id, category_name FROM categories")

        # Get information about languages
        language_ids = db.execute(
            "SELECT language_id, language_name FROM languages")

        return render_template("paf.html",
                               nickname=request.form.get("nickname"),
                               category_ids=category_ids,
                               language_ids=language_ids,
                               pafposts=pafposts)
    # GET
    else:

        # Get nicknames
        pafs = db.execute("SELECT nickname FROM users ORDER BY nickname")

        return render_template("pafs.html", pafs=pafs)
Esempio n. 10
0
def errorhandler(e):
    """Handle error"""
    return uhoh(e.name, e.code)