def login(): # Output message if something goes wrong... msg = '' # Check if "username" and "password" POST requests exist (user submitted form) if request.method == 'POST' and 'username' in request.form and 'password' in request.form: # Create variables for easy access username = request.form['username'] password = request.form['password'] # Check if account exists using MySQL cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor) cursor.execute( 'SELECT * FROM accounts WHERE username = %s AND password = %s', ( username, password, )) # Fetch one record and return result account = cursor.fetchone() # If account exists in accounts table in out database if account: # Create session data, we can access this data in other routes session['loggedin'] = True session['id'] = account['id'] session['username'] = account['username'] # Redirect to home page return flask.render_template('master.xhtml', username=session['username'], pagina=Connect.body("", "chisiamo"), luogo="index", menu=Connect.menu(""), submenu=Connect.submnu("")) else: # Account doesnt exist or username/password incorrect msg = 'Incorrect username/password!' # Show the login form with message (if any) return render_template('index.html', msg=msg)
def get(self): self.render('news.xhtml', pagina=Connect.body("", "index"), luogo="index", menu=Connect.menu(""), submenu=Connect.submnu(""), news=Connect.news(""))
def upload(): return flask.render_template('upload_form.html', pagina=Connect.body("", "upload"), luogo="upload", menu=Connect.menu(""), submenu=Connect.submnu(""))
def mugello(): """Handle the front-page.""" return flask.render_template('master.xhtml', pagina=Connect.body("", "mugello"), luogo="mugello", menu=Connect.menu(""), submenu=Connect.submnu(""))
def arrivare(): return flask.render_template('comearrivare.xhtml', pagina=Connect.body("", "upload"), luogo="upload", menu=Connect.menu(""), submenu=Connect.submnu(""))
def upload_form(): """ show upload form with multiple scenarios """ return flask.render_template('upload_form.html', pagina=Connect.body("", "upload"), luogo="upload", menu=Connect.menu(""), submenu=Connect.submnu(""))
def chisiamo(): return flask.render_template('master.xhtml', pagina=Connect.body("", "chisiamo"), luogo="index", menu=Connect.menu(""), submenu=Connect.submnu(""))
def get(self): self.render('master.xhtml', pagina=Connect.body("", "sanpiero"), luogo="sanpiero", menu=Connect.menu(""), submenu=Connect.submnu(""))
def get(self): luogo = self.get_argument('luogo') self.render('nivo.xhtml', pagina=Connect.body("", "index"), luogo="index", menu=Connect.menu(""), submenu=Connect.submnu(""), slider=Connect.slider("", luogo))
def get(self): titolo = self.get_argument('titolo') id = self.get_argument('id') self.render('news_one.xhtml', news=Connect.news_one("", titolo, id), pagina=Connect.body("", "sanpiero"), titolo=titolo, id=id)
def menu(): return flask.render_template('menu.xhtml', username=session['username'], pagina=Connect.body("", "menu"), luogo="index", menu=Connect.menu(""), submenu=Connect.submnu(""))
def news_one(): titolo = request.args['titolo'] id = request.args['id'] """Handle the front-page.""" return flask.render_template('news_one.xhtml', news=Connect.news_one("", titolo, id), pagina=Connect.body("", "sanpiero"), titolo=titolo, id=id)
def entry_point(): """ simple entry for test """ return flask.render_template('master.xhtml', luogo="index", pagina=Connect.body("", "index"), tempdir="/srv/http/proloco_flask/static/img/", menu=Connect.menu(""), submenu=Connect.submnu(""), submenu2=Connect.submnu2(""))
def get(self): self.render('manifesta.xhtml', titolo="Manifestazioni", per='5%', go="more", pagina=Connect.body("", "sanpiero"), manifestazione="manifestazioni", news=Connect.manifesta(""), menu=Connect.menu(""), submenu=Connect.submnu(""))
def manifestazioni(): return flask.render_template('manifesta.xhtml', username=session['username'], titolo="Manifestazioni", per='5%', go="more", pagina=Connect.body("", "sanpiero"), manifestazione="manifestazioni", news=Connect.manifesta(""), menu=Connect.menu(""), submenu=Connect.submnu(""))
def logout(): # Remove session data, this will log the user out session.pop('loggedin', None) session.pop('id', None) session.pop('username', None) # Redirect to login page return flask.render_template('master.xhtml', luogo="index", pagina=Connect.body("", "index"), tempdir="/srv/http/proloco_flask/static/img/", menu=Connect.menu(""), submenu=Connect.submnu(""), submenu2=Connect.submnu2(""))
def manifestazioni_one(): titolo = request.args['titolo'] id = request.args['id'] """Handle the front-page.""" return flask.render_template('manifesta.xhtml', username=session['username'], per='30%', go="back", news=Connect.manifesta_one("", titolo, id), pagina=Connect.body("", "sanpiero"), titolo=titolo, id=id, menu=Connect.menu(""), submenu=Connect.submnu(""))
def get(self): self.render('menu.xhtml', pagina=Connect.body("", "menu"), luogo="index", menu=Connect.menu(""), submenu=Connect.submnu(""))
def single_upload_chunked(filename=None): """Saves single file uploaded from <input type="file">, uses stream to read in by chunks When using direct access to flask.request.stream you cannot access request.file or request.form first, otherwise stream is already parsed and empty This is because of internal workings of werkzeug Positive test: curl -X POST http://localhost:8080/singleuploadchunked/car.jpg -d "@tests/car.jpg" Negative test (no file uploaded, no Content-Length header): curl -X POST http://localhost:8080/singleuploadchunked/car.jpg Negative test (not whitelisted file extension): curl -X POST http://localhost:8080/singleuploadchunked/testdoc.docx -d "@tests/testdoc.docx" """ if "Content-Length" not in flask.request.headers: add_flash_message("did not sense Content-Length in headers") return flask.redirect(flask.url_for("upload_form"), pagina=Connect.body("", "upload"), luogo="upload", menu=Connect.menu(""), submenu=Connect.submnu("")) if filename is None or filename == '': add_flash_message("did not sense filename in form action") return flask.redirect( flask.url_for("upload_form", pagina=Connect.body("", "upload"), luogo="upload", menu=Connect.menu(""), submenu=Connect.submnu(""))) if not allowed_file(filename): add_flash_message("not going to process file with extension " + filename) return flask.redirect( flask.url_for("upload_form", pagina=Connect.body("", "upload"), luogo="upload", menu=Connect.menu(""), submenu=Connect.submnu(""))) print("Total Content-Length: " + flask.request.headers['Content-Length']) fileFullPath = os.path.join(app.config[request.form['uploaddir']], filename) chunk_size = app.config['CHUNK_SIZE'] try: with open(fileFullPath, "wb") as f: reached_end = False while not reached_end: chunk = flask.request.stream.read(chunk_size) if len(chunk) == 0: reached_end = True else: sys.stdout.write(".") sys.stdout.flush() # the idea behind this chunked upload is that large content could be persisted # somewhere besides the container: S3, NFS, etc... # So we use a container with minimal mem/disk, that can handle large files # #f.write(chunk) #f.flush() #print("wrote chunk of {}".format(len(chunk))) except OSError as e: add_flash_message("ERROR writing file " + filename + " to disk: " + StringIO(str(e)).getvalue()) return flask.redirect( flask.url_for("upload_form", pagina=Connect.body("", "upload"), luogo="upload", menu=Connect.menu(""), submenu=Connect.submnu(""))) print("") add_flash_message("SUCCESS uploading single file: " + filename) return flask.redirect( flask.url_for("upload_form", pagina=Connect.body("", "upload"), luogo="upload", menu=Connect.menu(""), submenu=Connect.submnu("")))
def newss(): return flask.render_template('news.xhtml', pagina=Connect.body("", "sanpiero"), manifestazione="news", news=Connect.news(""))
def multiple_upload(file_element_name="files[]"): ###upload_folder = request.form['uploaddir'] UPLOAD_FOLDER = request.form['uploaddir'] """Saves files uploaded from <input type="file">, can be multiple files Positive Test (single file): curl -X POST http://localhost:8080/multipleupload -F "files[]=@tests/car.jpg" Positive Test (multiple files): curl -X POST http://localhost:8080/multipleupload -F "files[]=@tests/car.jpg" -F "files[]=@tests/testdoc.pdf" Negative Test (using GET method): curl -X GET http://localhost:8080/multipleupload Negative Test (no input file element): curl -X POST http://localhost:8080/multipleupload Negative Test (not whitelisted file extension): curl -X POST http://localhost:8080/multipleupload -F "files[]=@tests/testdoc.docx" """ # must be POST/PUT if flask.request.method not in ['POST', 'PUT']: add_flash_message("Can only upload on POST/PUT methods") return flask.redirect( flask.url_for("upload_form", pagina=Connect.body("", "upload"), luogo="upload", menu=Connect.menu(""), submenu=Connect.submnu(""))) # files will be materialized as soon as we touch request.files, # so check for errors right up front try: flask.request.files except OSError as e: print("ERROR ON INITIAL TOUCH OF request.files") add_flash_message("ERROR materializing files to disk: " + StringIO(str(e)).getvalue()) return flask.redirect( flask.url_for("upload_form", pagina=Connect.body("", "upload"), luogo="upload", menu=Connect.menu(""), submenu=Connect.submnu(""))) # must have <input type="file"> element if file_element_name not in flask.request.files: add_flash_message('No files uploaded') return flask.redirect( flask.url_for("upload_form", pagina=Connect.body("", "upload"), luogo="upload", menu=Connect.menu(""), submenu=Connect.submnu(""))) # get list of files uploaded files = flask.request.files.getlist(file_element_name) # if user did not select file, filename will be empty if len(files) == 1 and files[0].filename == '': add_flash_message('No selected file') return flask.redirect( flask.url_for("upload_form", pagina=Connect.body("", "upload"), luogo="upload", menu=Connect.menu(""), submenu=Connect.submnu(""))) # loop through uploaded files, saving for ufile in files: try: filename = secure_filename(ufile.filename) UPLOAD_FOLDER = request.form['uploaddir'] if allowed_file(filename): print("uploading file {} of type {}".format( filename, ufile.content_type)) ##ufile.save(os.path.join(app.config['UPLOAD_FOLDER'], filename)) ufile.save(os.path.join(UPLOAD_FOLDER, filename)) #ufile.save(request.form['uploaddir'], filename) flask.flash("Just uploaded: " + request.form['uploaddir'] + filename) else: add_flash_message("not going to process file with extension " + filename) except OSError as e: add_flash_message("ERROR writing file " + filename + " to disk: " + StringIO(str(e)).getvalue()) return flask.render_template('ins_manifestazioni.html', luogo="index", pagina=Connect.body("", "index"), tempdir="/srv/http/proloco_flask/static/img/", menu=Connect.menu(""), submenu=Connect.submnu(""), submenu2=Connect.submnu2(""))