def newgroup():
if request.method == "POST":
vcfuncs.new_group(get_db(), sanitise(request.form['GroupName']), sanitise(request.form['Description']))
return redirect(url_for('listgroups'))
elif request.method == "GET":
return render_template("new_group.html", title="Create A New Group")
else:
return render_template("new_group.html", title="Create A New Group")
def newuser():
if request.method == "POST":
vcfuncs.new_user(get_db(), sanitise(request.form['UserName']), sanitise(request.form['Pass']), sanitise(request.form['Bio']), sanitise(request.form['FirstName']), sanitise(request.form['LastName']))
return redirect(url_for('listusers'))
elif request.method == "GET":
return render_template("new_user.html", title="Create A New User")
else:
return render_template("new_user.html", title="Create A New User")
def login():
#This will either display the login form to the users (GET method) or log in the user through args passed by the login
#form (POST)
if request.method == "POST":
if vcfuncs.authenticate_user(get_db(), sanitise(request.form['UserName']), sanitise(request.form['Pass'])):
session['username'] = request.form['UserName']
session['logged_in'] = True
session['user_id'] = vcfuncs.get_user_id(get_db(), session['username'])
#There needs to be a better way to validate admin users, but for the minute this will work.
if session['username'] == "admin":
session['is_admin'] = True
return redirect(url_for('home'))
else:
return "Incorrect Login Credentials"
elif request.method == "GET":
return render_template('login.html', title="Login")
def newgroupmembership():
if request.method == "POST":
if vcfuncs.new_group_membership(get_db(), sanitise(request.form['GroupID']), sanitise(request.form['UserID'])):
return redirect(url_for('home'))
#change this.
return "lol"
else:
return render_template('new_group_membership.html', title="Add A User to A Group")
