def login():
if request.method == "GET":
return render_template('login.html')
else:
try:
email = request.form["email"]
password = request.form["password"]
emailsuccess = functions.emailcorrect(conn, email)
if emailsuccess:
row = functions.gethashed(conn, email)
if row is None:
message = Markup(
functions.dangerMarkup(
'Incorrect login. Try again or sign up'))
flash(message)
return redirect(url_for('login'))
else:
hashed = row['hashed']
#Checks if the password matches
if ((bcrypt.hashpw(password.encode('utf-8'),
hashed.encode('utf-8')))[:50]) == hashed:
session['email'] = email
session['logged_in'] = True
bidRow = functions.getBID(conn, email)
session['BID'] = bidRow
msg = functions.successMarkup("Logged in as " + email)
message = Markup(msg)
flash(message)
return redirect(url_for('insert', email=email))
else:
#no match between username and password
message = Markup(
functions.dangerMarkup(
'Your password is incorrect. Please try again.'))
flash(message)
return redirect(url_for('login'))
else:
#the email does not exist
message = Markup(
functions.dangerMarkup(
'The email you entered does not exist. Please try again.'
))
flash(message)
return redirect(url_for('login'))
except Exception as err:
message = Markup(
functions.errorMarkup('form submission error ' + str(err)))
flash(message)
return redirect(url_for('login'))
def signup():
if request.method == "GET":
return render_template('signup.html')
else:
try:
#get user registration info
email = request.form['email']
password1 = request.form['password1']
password2 = request.form['password2']
bid = request.form['bid']
classyear = request.form['classyear']
if password1 != password2:
message = Markup(
functions.dangerMarkup(
'The passwords you entered do not match.'))
flash(message)
return redirect(url_for('signup'))
hashed = bcrypt.hashpw(password1.encode('utf-8'), bcrypt.gensalt())
row = functions.emailexists(conn, email)
if row is not None:
message = Markup(
functions.dangerMarkup(
'That user is already taken. Please choose a different one.'
))
flash(message)
return redirect(url_for('signup'))
else:
#signup successful, add information to table
functions.insertinfo(conn, email, password1, bid, classyear)
functions.inserthashed(conn, bid, hashed)
session['email'] = email
session['logged_in'] = True
session['BID'] = bid
message = Markup(functions.successMarkup('Successful Login!'))
flash(message)
#lead user back to home page or to search page
return redirect(url_for('insert', email=email))
except Exception as err:
message = Markup(
functions.errorMarkup('form submission error ' + str(err)))
flash(message)
return redirect(url_for('signup'))
def delete():
try:
dormID = request.form['dormID']
roomNumber = request.form['roomNumber']
functions.deleteReview(conn, session['BID'], dormID, roomNumber)
message = Markup(
functions.successMarkup(dormID + ' ' + roomNumber +
' was succesfully deleted'))
flash(message)
return redirect(url_for('account'))
except Exception as err:
message = Markup(functions.errorMarkup('error {}'.format(err)))
flash(message)
return redirect(url_for('account'))
def review(dormID, roomNumber):
# check if user logged in:
if "logged_in" in session and session["logged_in"] is True:
BID = session['BID']
if request.method == "GET":
# check if review exists in database by bid
row = functions.reviewExists(conn, dormID, roomNumber, BID)
if row is not None:
message = Markup(
functions.dangerMarkup(
"You have already reviewed this room! Please go to your account to edit!"
))
flash(message)
return redirect(url_for('search'))
else:
return render_template('review.html',
dormID=dormID,
roomNumber=roomNumber)
else:
try:
room_rating = request.form['stars']
except Exception as err:
message = Markup(functions.errorMarkup('Please rate the room'))
flash(message)
if len(request.form['comment']) != 0:
comment = request.form['comment']
else:
comment = ""
if 'pic' in request.files:
file = request.files['pic']
sfname = str(secure_filename(file.filename))
else:
file = ""
return render_template('review.html',
dormID=dormID,
roomNumber=roomNumber,
comment=comment,
fileName=sfname)
if len(request.form['comment']) == 0:
message = Markup(
functions.errorMarkup('Please write a comment'))
flash(message)
if 'pic' in request.files:
file = request.files['pic']
sfname = str(secure_filename(file.filename))
else:
file = ""
return render_template('review.html',
dormID=dormID,
roomNumber=roomNumber,
rating=room_rating,
fileName=sfname)
else:
comment = request.form['comment']
if 'pic' in request.files:
file = request.files['pic']
sfname = 'images/' + str(secure_filename(file.filename))
if sfname != 'images/':
file.save('static/images/' + str(
secure_filename(dormID + '_' + roomNumber + '_' + BID +
'.jpg')))
if len(request.form['alt']) == 0:
message = Markup(
functions.errorMarkup(
'Please fill the image description'))
flash(message)
return render_template('review.html',
dormID=dormID,
roomNumber=roomNumber,
comment=comment,
rating=room_rating,
fileName=file)
else:
alt = request.form['alt']
functions.addPhotos(conn, dormID, roomNumber, BID,
sfname, alt)
functions.insertReview(conn, dormID, roomNumber, BID, room_rating,
comment)
functions.updateRating(conn, room_rating, dormID, roomNumber)
message = Markup(
functions.successMarkup("Review succesfully written for " +
dormID + " " + roomNumber))
flash(message)
return redirect(url_for('search'))
else:
message = Markup(functions.dangerMarkup('Please log in!'))
flash(message)
return redirect(url_for('login'))
def insert():
# check if user logged in:
if not ("logged_in" in session and session["logged_in"] is True):
message = Markup(functions.dangerMarkup('Please log in!'))
flash(message)
return redirect(url_for('login'))
data = functions.getListOfDorms(conn)
if request.method == 'GET':
return render_template('insert.html', data=data)
try:
roomNumber = request.form['roomNumber']
roomType = request.form['menu-room-type']
dormID = request.form['menu-dorm']
#updating if/else notifications for correct input
if dormID == "none" and roomType == 'none' and not roomNumber:
message = Markup(
functions.dangerMarkup(
'Please choose a dorm, room type, and room number.'))
flash(message)
return render_template('insert.html', data=data)
elif dormID == "none" and roomType == 'none':
message = Markup(
functions.dangerMarkup('Please choose a dorm and room type.'))
flash(message)
return render_template('insert.html', data=data)
elif dormID == "none" and not roomNumber:
message = Markup(
functions.dangerMarkup(
'Please choose a dorm and room number.'))
flash(message)
return render_template('insert.html', data=data)
elif not roomNumber and roomType == 'none':
message = Markup(
functions.dangerMarkup(
'Please choose a room number and room type.'))
flash(message)
return render_template('insert.html', data=data)
elif dormID == 'none':
message = Markup(functions.dangerMarkup('Please choose a dorm.'))
flash(message)
return render_template('insert.html', data=data)
elif not roomNumber:
message = Markup(
functions.dangerMarkup('Please choose a room number.'))
flash(message)
return render_template('insert.html', data=data)
else:
msg = dormID + " " + roomNumber
row = functions.roomExists(conn, dormID, roomNumber, roomType)
if row is not None:
message = Markup(
functions.dangerMarkup(msg + ' already exists'))
flash(message)
return render_template('insert.html', data=data)
else:
functions.addRoom(conn, dormID, roomNumber, roomType)
message = Markup(
functions.successMarkup(
msg + ' will be added once you submit a review.'))
flash(message)
return redirect(
url_for('review', dormID=dormID, roomNumber=roomNumber))
except Exception as err:
message = Markup(functions.errorMarkup('Sorry, an error occurred.'))
flash(message)
return render_template('insert.html', data=data)
def update():
try:
if request.method == "GET":
dormID = request.args.get('dormID')
roomNumber = request.args.get('roomNumber')
session['dormID'] = dormID
session['roomNumber'] = roomNumber
if functions.loadPhoto(conn, session['BID'], dormID,
roomNumber) is not None:
photo = functions.loadPhoto(conn, session['BID'], dormID,
roomNumber)
filename = photo.get('path')
else:
filename = "N/A"
return render_template(
'update.html',
review=functions.loadReview(conn, session['BID'], dormID,
roomNumber),
photo=functions.loadPhoto(conn, session['BID'], dormID,
roomNumber),
filename=filename)
else:
#retrieve new rating, comment, and photo description
room_rating = request.form['stars']
comment = request.form['comment']
alt = request.form['alt']
photo = functions.loadPhoto(conn, session['BID'],
session['dormID'],
session['roomNumber'])
#retrieve new photo
newpicture = request.files['pic']
sfname = 'images/' + str(secure_filename(newpicture.filename))
#old photo
oldpicture = photo.get('path')
#update the review in the database
functions.updateReview(conn, session['dormID'],
session['roomNumber'], comment, room_rating,
session['BID'])
if newpicture is not None:
#update path and alt of photo
#save the picture with a unique name of dormID_roomNumber_BID
newpicture.save('static/images/' +
str(session['dormID'] + '_' +
session['roomNumber'] + '_' +
session['BID'] + '.jpg'))
functions.updatePhoto(conn, session['BID'], session['dormID'],
session['roomNumber'], alt, sfname)
else:
#update alt of photo
functions.updatePhoto(conn, session['BID'], session['dormID'],
session['roomNumber'], alt, oldpicture)
return redirect(url_for('account'))
except Exception as err:
message = Markup(functions.errorMarkup('error {}'.format(err)))
flash(message)
return redirect(url_for('account'))