def signUp():
try:
# read the posted values from the UI
address = request.form['inputAddress']
email = request.form['inputEmail']
# validate the received values
if address and email:
conn = mysql.connect()
cursor = conn.cursor()
# adds user to db
if cursor.execute('select (1) from users where email = %s limit 1', (email)):
return render_template("alreadyused.html")
else:
# creates user
cursor.execute('insert into users (email,zone) values (%s,%s)', (email,address))
# sends confirmation email
token = key.dumps(email, salt='email-confirm-key')
confirm_url = url_for('confirm_email',token=token,_external=True)
subject = "Confirm Your Email"
html = render_template('emailconfirm.html',confirm_url=confirm_url)
send_email(email, subject, html)
conn.commit()
return render_template('confirmation.html')
else:
return json.dumps({'html':'<span>Enter the required fields</span>'})
except Exception as e:
return json.dumps({'error2':str(e)})
finally:
cursor.close()
conn.close()
def users():
data = sql_pull(
'''SELECT NAME_FIRST || " " || NAME_LAST AS FULL_NAME, EMAIL, RIGHTS, INSERT_DTTM FROM USERS'''
)
form = AddUser()
error = None
if form.validate_on_submit():
usercheck = sql_pull(
f'''SELECT USERID FROM USERS WHERE EMAIL="{form.email.data}"''')
if usercheck != []:
error = 'User already exists'
else:
rtoken = ''.join(
random.choices(string.ascii_letters + string.digits, k=8))
send_email(
form.email.data, 'Data Entry Registration',
f'''Hi {form.firstname.data} {form.lastname.data},\n\nYou've been registered to use the Credit Card Data Entry website. You'll need to enter the below information into the site {host + 'resetpw'} below to access the site for the first time.\n\nUser ID: {form.userid.data}\nConfirmation Code: {rtoken}'''
)
sql_edit(
f'''INSERT INTO USERS(NAME_FIRST, NAME_LAST, EMAIL, PASSWORD, RIGHTS, TOKEN, CONFIRMED, INSERT_DTTM) VALUES("{form.firstname.data}", "{form.lastname.data}", "{form.email.data}", "{generate_password_hash('temp')}", "Normal", "{generate_password_hash(rtoken)}", "FALSE", datetime("now", "localtime"))'''
)
return redirect(url_for('tables.users'))
return render_template("users.html",
data=data,
form=form,
error=error,
permissions=session['rights'])
def resend_confirmation():
token = current_user.generate_confirmation_token()
send_email(current_user.email,
'Confirm Your Account',
'auth/em/confirm',
user=current_user,
token=token)
flash('A new confirmation email has been sent to you by email.')
return redirect(url_for('main.index'))
def welcome():
error = None
form = LoginForm(request.form)
if request.method == 'POST':
if form.validate_on_submit():
user = sql_pull('''SELECT * FROM USERS WHERE EMAIL = "%s"''' %
request.form['username'])
if 'Forgot Password' in request.form:
if user == []:
error = 'Cannot find username. Please try again or sign up for account.'
else:
sql_edit(
'UPDATE USERS SET CONFIRMED = "RESET" WHERE EMAIL = "%s"'
% request.form['username'])
rtoken = ''.join(
random.choices(string.ascii_letters + string.digits,
k=8))
sql_edit(
'UPDATE USERS SET TOKEN = "%s" WHERE EMAIL = "%s"' %
(generate_password_hash(rtoken),
request.form['username']))
send_email(
form.username.data,
'Credit Card Data Entry - Reset Password',
"Hi %s %s,\n\nTo reset your password, please enter your confimation code provided below into the prompted screen.\n\nConfirmation Code: %s"
%
(user[0]['NAME_FIRST'], user[0]['NAME_LAST'], rtoken))
return redirect(url_for('login.resetpw'))
else:
if user == []:
error = 'Invalid Credentials. Please try again.'
elif check_password_hash(user[0]['PASSWORD'],
request.form['password']) == False:
error = 'Invalid Credentials. Please try again.'
elif user[0]['CONFIRMED'] != 'TRUE':
if user[0]['CONFIRMED'] == 'RESET':
error = 'Password must be reset.'
else:
error = 'Please finish registering account with confirmation code.'
else:
session['logged_in'] = True
session['user'] = user[0]['NAME_FIRST'] + ' ' + user[0][
'NAME_LAST']
session['email'] = request.form['username']
session['rights'] = user[0]['RIGHTS']
return redirect(url_for('application.home'))
else:
return render_template('welcome.html', form=form, error=error)
return render_template('welcome.html', form=form, error=error)
def signUp():
try:
conn = mysql.connect()
cursor = conn.cursor()
# read the posted values from the UI
address = request.form['inputAddress']
email = request.form['inputEmail']
# validate the received values
if address and email:
if "'" in email or '"' in email or "(" in email or " )" in email:
raise Exception
if ',' in email or ";" in email or "%" in email:
raise Exception
if '"' in address or "(" in address or " )" in address:
raise Exception
if "'" in address or ";" in address or "%" in address:
raise Exception
query = "SELECT * FROM users WHERE email=%s AND address=%s"
cursor.execute(query, (email, address))
data = cursor.fetchall()
if len(data) is 0:
query = "INSERT INTO users (email, address) values (%s,%s)"
cursor.execute(query, (email, address))
conn.commit()
cursor.close()
conn.close()
if cursor.execute('select (1) from users where email = %s limit 1',
(email)):
return render_template("alreadyused.html")
else:
# creates user
cursor.execute('insert into users (email,zone) values (%s,%s)',
(email, address))
# sends confirmation email
token = key.dumps(email, salt='email-confirm-key')
confirm_url = url_for('confirm_email',
token=token, _external=True)
subject = "Confirm Your Email"
html = render_template('emailconfirm.html',
confirm_url=confirm_url)
send_email(email, subject, html)
return render_template('confirmation.html')
else:
cursor.close()
conn.close()
return json.dumps({'html':
'<span>Enter the required fields</span>'})
except Exception as e:
return json.dumps({'error2': str(e)})
def signUp():
try:
conn = mysql.connect()
cursor = conn.cursor()
# read the posted values from the UI
name = request.form['inputName']
email = request.form['inputEmail']
# validate the received values
if name and email:
if "'" in email or '"' in email or "(" in email or " )" in email:
raise Exception
if ',' in email or ";" in email or "%" in email:
raise Exception
if '"' in name or "(" in name or " )" in name:
raise Exception
if "'" in name or ";" in name or "%" in name:
raise Exception
# checks if user is already registered
if cursor.execute('SELECT (1) FROM users WHERE email = %s LIMIT 1',
(email)):
return render_template("already-used.html")
else:
# sends confirmation email
token = key.dumps(email, salt='email-confirm-key')
confirm_url = url_for('confirm_email',
token=token, _external=True)
subject = "Confirm Your Email"
html = render_template('email-confirm.html',
confirm_url=confirm_url,
confirm_name=name)
send_email(email, subject, html)
#creates user
cursor.execute('INSERT INTO users (name,email) VALUES (%s,%s)',
(name, email))
conn.commit()
return render_template('confirmation.html')
else:
return json.dumps({'html':
'<span>Enter the required fields</span>'})
cursor.close()
conn.close()
except Exception as e:
print e
if "not a valid RFC-5321 address" in str(e):
return render_template('invalid.html')
else:
return json.dumps({'error1': str(e)})
def register():
form_reg = RegistrationForm()
form_log = LoginForm()
if form_reg.validate_on_submit():
user = User(username=form_reg.username.data,
password=form_reg.password.data,
email=form_reg.email.data)
db.session.add(user)
db.session.commit()
# register and login
login_user(user, form_log.remember_me.data)
token = user.generate_confirmation_token()
send_email(user.email,
'Confirm Your Account',
'auth/em/confirm',
user=user,
token=token)
flash('A confirmation email has been sent to you by email.')
return redirect(url_for('main.index'))
return render_template('auth/register.html', form=form_reg)
def main():
create_table_if_not_exists(PARAMETER, conn, c)
fetch_crypto_data_from_binance(PARAMETER, PARAMETER, conn, c)
datetime_now = datetime.now().astimezone().strftime("%d/%m/%Y %H:%M:%S")
send_email(f"{PARAMETER} Successful execution at {datetime_now}", MAIL_LIST)
