def post():
status = None
if session['group_id'] is not 1:
return redirect(url_for('index'))
if request.method == 'POST':
if request.form['send'] == 'Create bulletin':
subject = request.form['nb_subject']
content = request.form['nb_content']
due = request.form['nb_due']
con = connector()
cur = con.cursor()
cur.execute(
"INSERT INTO bulletins VALUES (DEFAULT,current_timestamp,current_timestamp,'%s','%s','%s')"
% (subject, content, due))
con.commit()
cur.close()
con.close()
status = 'bulletin posted'
return redirect(url_for('index', status=status))
if request.form['send'] == 'Create blog post':
title = request.form['b_subject']
content = request.form['b_content']
con = connector()
cur = con.cursor()
cur.execute(
"INSERT INTO blogs VALUES (DEFAULT,current_timestamp,current_timestamp,'%s','%s')"
% (title, content))
con.commit()
cur.close()
con.close()
status = 'blog posted'
return redirect(url_for('index', status=status))
return render_template('post.html')
def blog(blog_id=None):
if request.method == 'POST':
if request.form['send'] == 'Update blog post':
subject = request.form['subject']
content = request.form['content']
con = connector()
cur = con.cursor()
cur.execute(
"UPDATE blogs SET subject='%s', content='%s' where blog_id='%s'"
% (subject, content, blog_id))
con.commit()
cur.close()
con.close()
status = 'blog post updated'
return redirect(url_for('index', status=status))
if blog_id:
con = connector()
cur = con.cursor()
cur.execute(
"select blog_id,subject,content,created_on from blogs where blog_id='%s'"
% blog_id)
blog = cur.fetchall()
cur.close()
con.close()
else:
return redirect(url_for('index'))
return render_template('blog.html', blog=blog)
def users():
user_id = None
users = None
if session['group_id'] is not 1:
return redirect(url_for('index'))
if request.method == 'POST':
if request.form['send'] == 'Update':
user_id = request.form['user_id']
group_id = request.form['group_id']
username = request.form['username']
name_first = request.form['name_first']
name_last = request.form['name_last']
email = request.form['email']
group = q_cont('group_id', group_id)
username = q_cont(',username', username)
name_first = q_cont(',name_first', name_first)
name_last = q_cont(',name_last', name_last)
email = q_cont(',email', email)
con = connector()
cur = con.cursor()
cur.execute(
"update users set %s %s %s %s %s where user_id='%s'" %
(group, username, name_first, name_last, email, user_id))
con.commit()
cur.close()
con.close()
return redirect(url_for('users'))
else:
user_id = request.form['send']
con = connector()
cur = con.cursor()
cur.execute(
"select user_id,group_id,created_on,modified_on,username,name_first,name_last,email from users where user_id='%s'"
% user_id)
users = cur.fetchall()
cur.close()
con.close()
else:
con = connector()
cur = con.cursor()
cur.execute(
"select user_id,group_id,created_on,modified_on,username,name_first,name_last,email from users"
)
users = cur.fetchall()
cur.close()
con.close()
return render_template('users.html', users=users, user_id=user_id)
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
error = None
con = connector()
cur = con.cursor()
cur.execute(
"select group_id,username,password from users where username='******' fetch first 1 rows only"
% username)
user = cur.fetchone()
cur.close()
con.close()
if user is None:
error = 'Incorrect username.'
elif not check_password_hash(user[2], password):
error = 'Incorrect password.'
if error is None:
session.clear()
session['group_id'] = user[0]
session['user'] = user[1]
status = 'logged in'
return redirect(url_for('index', status=status))
cur.close()
con.close()
flash(error)
return render_template('login.html')
def register():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
con = connector()
cur = con.cursor()
error = None
status = None
if not username:
error = 'Username is required.'
elif not password:
error = 'Password is required.'
else:
cur.execute("SELECT user_id FROM users WHERE username = '******'" %
username)
if cur.fetchone() is not None:
error = "Username '%s' can not be registered for a new account"
if error is None:
cur.execute(
"INSERT INTO users VALUES (DEFAULT,DEFAULT,current_timestamp,current_timestamp,'%s','%s')"
% (username, generate_password_hash(password)))
con.commit()
status = 'user registered'
return redirect(url_for('index', status=status))
cur.close()
con.close()
flash(error % username)
return render_template('register.html')
def __init__(self, db_persist = False):
super(main_frame, self).__init__()
self.db_persist = db_persist
self.init_ui()
self.root = None
self.audio_icons = []
self.folder_icon = None
self.load_icons()
self.db = database.connector("pyid3tools.db") #to do, config file
self.db.open()
def index(status=None):
con = connector()
cur = con.cursor()
results = []
cur.execute(
"select subject,content from bulletins where due_date >= current_date order by bulletin_id desc "
)
results.append(cur.fetchall())
cur.close()
cur = con.cursor()
cur.execute(
"select blog_id,subject,LEFT(content,30),created_on from blogs order by blog_id desc "
)
results.append(cur.fetchall())
cur.close()
con.close()
return render_template('index.html', results=results, status=status)