def get(self):
Username = self.read_secure_cookie('username')
if not self.validate(Username):
self.logout()
self.redirect('/')
option = self.request.get('option')
if Username:
if option == 'Delete Your Account':
u=db.GqlQuery('SELECT * FROM User WHERE name=:1',Username)
user = u[0]
log=model.Log(from_user=user,log_type="Delete_All",lid=model.next_log_id())
log.put()
posts = user.posts
db.delete(posts)
us=db.GqlQuery('SELECT * FROM User WHERE name=:1',Username).get()
db.delete(us)
self.logout()
self.redirect('/')
if option == 'Delete All Your User Data':
u=db.GqlQuery('SELECT * FROM User WHERE name=:1',Username)
user = u[0]
posts = user.posts
db.delete(posts)
log=model.Log(from_user=user,log_type="Delete_All_Data",lid=model.next_log_id())
log.put()
self.redirect('/account')
else:
self.redirect('/')
def post(self):
have_error = False
username = self.request.get('username')
password = self.request.get('password')
verify = self.request.get('verify')
email = self.request.get('email')
question=self.request.get("question")
answer=self.request.get('answer')
params = dict(username = username,
email = email, PageTitle="Sign Up")
u=model.User.all().filter('name =',username).get()
if u:
params['error_username'] = "******"
have_error = True
if not valid_username(username):
params['error_username'] = "******"
have_error = True
if not valid_password(password):
params['error_password'] = "******"
have_error = True
elif password != verify:
params['error_verify'] = "Password not match."
have_error = True
if not valid_email(email):
params['error_email'] = "Email not vaild."
have_error = True
if not question:
params['error_question']="Please enter your question"
have_error=True
if not answer:
params['error_answer']='Please enter answer to your question'
have_error=True
if have_error:
self.render('signup-form.html', **params)
else:
u = model.User(name = username, pw = str(hashlib.sha256(secret+password+secret).hexdigest()),auth=1, email = email,question=question,answer=str(hashlib.sha256(secret+answer+secret).hexdigest()))
u.uid=model.next_user_id()
u.put()
log=model.Log(from_user=u,log_type="Signup",lid=model.next_log_id())
log.put()
log=model.Log(from_user=u,log_type="Login",lid=model.next_log_id())
log.put()
self.redirect('/?username=' + username)
self.set_secure_cookie(str(username))
self.set_password_cookie(str(username))
def post(self):
Username = self.read_secure_cookie('username')
if not self.validate(Username):
self.logout()
self.redirect('/')
have_error=False
error=""
title=self.request.get('title')
content=self.request.get('content')
price=self.request.get('price')
expire=30
'''
if expire.month==12:
expire=expire.replace(year=expire.year+1,month=1)
else:
expire=expire.replace(month=expire.month+1)
'''
Username = self.read_secure_cookie('username')
if not valid_price(price):
error="That's not a vaild price"
self.render("add_post.html",title=title,content=content,error=error,PageTitle="Add Items")
elif title and content:
u=db.GqlQuery('SELECT * FROM User WHERE name=:1',Username)
user = u[0]
p=model.Post(title=title,content=content,user=user,price=int(price),like=0,expire=expire,strcontent=str(title)+str(content))
p.pid=model.next_post_id()
p.put()
log=model.Log(from_user=user,log_type="Add_Item",relevant_post=p,lid=model.next_log_id())
log.put()
self.redirect('/')
'''
def get(self):
Username=self.read_secure_cookie('username')
u=db.GqlQuery('SELECT * FROM User WHERE name=:1',Username)
user = u[0]
log=model.Log(from_user=user,log_type="Logout",lid=model.next_log_id())
log.put()
self.logout()
self.redirect('/')
def post(self):
username = self.request.get('username')
password = self.request.get('password')
u = model.User.login(username, password)
if u:
self.login(u.name)
log=model.Log(from_user=u,log_type="Login",lid=model.next_log_id())
log.put()
self.redirect('/?username='******'Invalid login'
self.render('login-form.html', error = msg,PageTitle="Login")
def post(self):
username=self.read_secure_cookie('username')
answer=self.request.get("answer")
user=db.GqlQuery("SELECT * FROM User WHERE name = :1",username).get()
if not answer:
error_answer="Please enter your answer"
self.render("reset_password_2.html",username=username,question=user.question,error_answer=error_answer)
if str(hashlib.sha256(secret+answer+secret).hexdigest())!=user.answer:
error="Answer NOT correct"
self.render("reset_password_2.html",username=username,question=user.question,error_answer=error)
else:
password=self.request.get("password")
verify=self.request.get('verify')
have_error=False
params = dict(username = username,question=user.question,answer=answer)
if not valid_password(password):
params['error_password'] = "******"
have_error = True
elif password != verify:
params['error_verify'] = "Your passwords didn't match."
have_error = True
if have_error:
self.render("reset_password_2.html",**params)
else:
user.pw=str(hashlib.sha256(secret+password+secret).hexdigest())
user.put()
log=model.Log(from_user=user,log_type="Reset_Password",lid=model.next_log_id())
log.put()
sender_email="Metallica_Project [email protected]"
mailbody=("""
Dear """+user.name+""":
You have changed your password. Please reset your password if this is not your own action.
Please let us know if you have any queries.
Regards,
The Metallica Team
""")
mail.send_mail(sender=sender_email,
to=user.email,
subject="Your password has been reset!",
body=mailbody)
self.redirect('/')
def post(self,pid):
Username = self.read_secure_cookie("username")
if not self.validate(Username):
self.logout()
self.redirect('/')
u=db.GqlQuery('SELECT * FROM User WHERE name=:1',Username)
user = u[0]
title=self.request.get("title")
content=self.request.get('content')
price=self.request.get('price')
#pid=self.request.get("post_id")
if title and content:
p=db.GqlQuery("SELECT * FROM Post WHERE pid =:1",int(pid))
acc=p.get()
model.update_post(acc.key(),title,content,int(price))
log=model.Log(from_user=user,log_type="Edit_Item",relevant_post=acc,lid=model.next_log_id())
log.put()
self.redirect("/")
else:
error="title and content please"
self.render("edit_post.html",title=title,user=Username, content=content,price=price,error=error,PageTitle="Edit a Post")
