def login(): if request.method == "GET": return render_template('login.html') else: try: email = request.form["email"] password = request.form["password"] emailsuccess = functions.emailcorrect(conn, email) if emailsuccess: row = functions.gethashed(conn, email) if row is None: message = Markup( functions.dangerMarkup( 'Incorrect login. Try again or sign up')) flash(message) return redirect(url_for('login')) else: hashed = row['hashed'] #Checks if the password matches if ((bcrypt.hashpw(password.encode('utf-8'), hashed.encode('utf-8')))[:50]) == hashed: session['email'] = email session['logged_in'] = True bidRow = functions.getBID(conn, email) session['BID'] = bidRow msg = functions.successMarkup("Logged in as " + email) message = Markup(msg) flash(message) return redirect(url_for('insert', email=email)) else: #no match between username and password message = Markup( functions.dangerMarkup( 'Your password is incorrect. Please try again.')) flash(message) return redirect(url_for('login')) else: #the email does not exist message = Markup( functions.dangerMarkup( 'The email you entered does not exist. Please try again.' )) flash(message) return redirect(url_for('login')) except Exception as err: message = Markup( functions.errorMarkup('form submission error ' + str(err))) flash(message) return redirect(url_for('login'))
def signup(): if request.method == "GET": return render_template('signup.html') else: try: #get user registration info email = request.form['email'] password1 = request.form['password1'] password2 = request.form['password2'] bid = request.form['bid'] classyear = request.form['classyear'] if password1 != password2: message = Markup( functions.dangerMarkup( 'The passwords you entered do not match.')) flash(message) return redirect(url_for('signup')) hashed = bcrypt.hashpw(password1.encode('utf-8'), bcrypt.gensalt()) row = functions.emailexists(conn, email) if row is not None: message = Markup( functions.dangerMarkup( 'That user is already taken. Please choose a different one.' )) flash(message) return redirect(url_for('signup')) else: #signup successful, add information to table functions.insertinfo(conn, email, password1, bid, classyear) functions.inserthashed(conn, bid, hashed) session['email'] = email session['logged_in'] = True session['BID'] = bid message = Markup(functions.successMarkup('Successful Login!')) flash(message) #lead user back to home page or to search page return redirect(url_for('insert', email=email)) except Exception as err: message = Markup( functions.errorMarkup('form submission error ' + str(err))) flash(message) return redirect(url_for('signup'))
def delete(): try: dormID = request.form['dormID'] roomNumber = request.form['roomNumber'] functions.deleteReview(conn, session['BID'], dormID, roomNumber) message = Markup( functions.successMarkup(dormID + ' ' + roomNumber + ' was succesfully deleted')) flash(message) return redirect(url_for('account')) except Exception as err: message = Markup(functions.errorMarkup('error {}'.format(err))) flash(message) return redirect(url_for('account'))
def review(dormID, roomNumber): # check if user logged in: if "logged_in" in session and session["logged_in"] is True: BID = session['BID'] if request.method == "GET": # check if review exists in database by bid row = functions.reviewExists(conn, dormID, roomNumber, BID) if row is not None: message = Markup( functions.dangerMarkup( "You have already reviewed this room! Please go to your account to edit!" )) flash(message) return redirect(url_for('search')) else: return render_template('review.html', dormID=dormID, roomNumber=roomNumber) else: try: room_rating = request.form['stars'] except Exception as err: message = Markup(functions.errorMarkup('Please rate the room')) flash(message) if len(request.form['comment']) != 0: comment = request.form['comment'] else: comment = "" if 'pic' in request.files: file = request.files['pic'] sfname = str(secure_filename(file.filename)) else: file = "" return render_template('review.html', dormID=dormID, roomNumber=roomNumber, comment=comment, fileName=sfname) if len(request.form['comment']) == 0: message = Markup( functions.errorMarkup('Please write a comment')) flash(message) if 'pic' in request.files: file = request.files['pic'] sfname = str(secure_filename(file.filename)) else: file = "" return render_template('review.html', dormID=dormID, roomNumber=roomNumber, rating=room_rating, fileName=sfname) else: comment = request.form['comment'] if 'pic' in request.files: file = request.files['pic'] sfname = 'images/' + str(secure_filename(file.filename)) if sfname != 'images/': file.save('static/images/' + str( secure_filename(dormID + '_' + roomNumber + '_' + BID + '.jpg'))) if len(request.form['alt']) == 0: message = Markup( functions.errorMarkup( 'Please fill the image description')) flash(message) return render_template('review.html', dormID=dormID, roomNumber=roomNumber, comment=comment, rating=room_rating, fileName=file) else: alt = request.form['alt'] functions.addPhotos(conn, dormID, roomNumber, BID, sfname, alt) functions.insertReview(conn, dormID, roomNumber, BID, room_rating, comment) functions.updateRating(conn, room_rating, dormID, roomNumber) message = Markup( functions.successMarkup("Review succesfully written for " + dormID + " " + roomNumber)) flash(message) return redirect(url_for('search')) else: message = Markup(functions.dangerMarkup('Please log in!')) flash(message) return redirect(url_for('login'))
def insert(): # check if user logged in: if not ("logged_in" in session and session["logged_in"] is True): message = Markup(functions.dangerMarkup('Please log in!')) flash(message) return redirect(url_for('login')) data = functions.getListOfDorms(conn) if request.method == 'GET': return render_template('insert.html', data=data) try: roomNumber = request.form['roomNumber'] roomType = request.form['menu-room-type'] dormID = request.form['menu-dorm'] #updating if/else notifications for correct input if dormID == "none" and roomType == 'none' and not roomNumber: message = Markup( functions.dangerMarkup( 'Please choose a dorm, room type, and room number.')) flash(message) return render_template('insert.html', data=data) elif dormID == "none" and roomType == 'none': message = Markup( functions.dangerMarkup('Please choose a dorm and room type.')) flash(message) return render_template('insert.html', data=data) elif dormID == "none" and not roomNumber: message = Markup( functions.dangerMarkup( 'Please choose a dorm and room number.')) flash(message) return render_template('insert.html', data=data) elif not roomNumber and roomType == 'none': message = Markup( functions.dangerMarkup( 'Please choose a room number and room type.')) flash(message) return render_template('insert.html', data=data) elif dormID == 'none': message = Markup(functions.dangerMarkup('Please choose a dorm.')) flash(message) return render_template('insert.html', data=data) elif not roomNumber: message = Markup( functions.dangerMarkup('Please choose a room number.')) flash(message) return render_template('insert.html', data=data) else: msg = dormID + " " + roomNumber row = functions.roomExists(conn, dormID, roomNumber, roomType) if row is not None: message = Markup( functions.dangerMarkup(msg + ' already exists')) flash(message) return render_template('insert.html', data=data) else: functions.addRoom(conn, dormID, roomNumber, roomType) message = Markup( functions.successMarkup( msg + ' will be added once you submit a review.')) flash(message) return redirect( url_for('review', dormID=dormID, roomNumber=roomNumber)) except Exception as err: message = Markup(functions.errorMarkup('Sorry, an error occurred.')) flash(message) return render_template('insert.html', data=data)
def update(): try: if request.method == "GET": dormID = request.args.get('dormID') roomNumber = request.args.get('roomNumber') session['dormID'] = dormID session['roomNumber'] = roomNumber if functions.loadPhoto(conn, session['BID'], dormID, roomNumber) is not None: photo = functions.loadPhoto(conn, session['BID'], dormID, roomNumber) filename = photo.get('path') else: filename = "N/A" return render_template( 'update.html', review=functions.loadReview(conn, session['BID'], dormID, roomNumber), photo=functions.loadPhoto(conn, session['BID'], dormID, roomNumber), filename=filename) else: #retrieve new rating, comment, and photo description room_rating = request.form['stars'] comment = request.form['comment'] alt = request.form['alt'] photo = functions.loadPhoto(conn, session['BID'], session['dormID'], session['roomNumber']) #retrieve new photo newpicture = request.files['pic'] sfname = 'images/' + str(secure_filename(newpicture.filename)) #old photo oldpicture = photo.get('path') #update the review in the database functions.updateReview(conn, session['dormID'], session['roomNumber'], comment, room_rating, session['BID']) if newpicture is not None: #update path and alt of photo #save the picture with a unique name of dormID_roomNumber_BID newpicture.save('static/images/' + str(session['dormID'] + '_' + session['roomNumber'] + '_' + session['BID'] + '.jpg')) functions.updatePhoto(conn, session['BID'], session['dormID'], session['roomNumber'], alt, sfname) else: #update alt of photo functions.updatePhoto(conn, session['BID'], session['dormID'], session['roomNumber'], alt, oldpicture) return redirect(url_for('account')) except Exception as err: message = Markup(functions.errorMarkup('error {}'.format(err))) flash(message) return redirect(url_for('account'))