def deletePostlist(postid, host): try: if session.get('username') != host: return render_template('notlogin.html') else: try: #delete post sql_del = 'DELETE FROM message WHERE message_id = %s;' parm_del = (postid, ) Post().set_Post(sql_del, parm_del) #udate the number of post sql_update = 'UPDATE users SET postnum = postnum - 1 WHERE user_name = %s;' parm = (host, ) User().set_User(sql_update, parm) #delete the like of post sql_del1 = 'DELETE FROM likes WHERE message_id = %s;' parm_del1 = (postid, ) Like().del_Like(sql_del1, parm_del1) #delete comments of post sql_del2 = 'DELETE FROM comment WHERE message_id = %s;' parm_del2 = (postid, ) Comment().set_Comment(sql_del2, parm_del2) except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') return redirect(url_for('postlist', host=host)) except: traceback.print_exc() return render_template('error.html')
def editPost(postid, host): try: if session.get('username') != host: return render_template('notlogin.html') else: content = request.form['posteditbox'] if content.strip() == '': error = 'you left nothing' return render_template('post_edit.html', host=host, postid=postid, error=error) else: try: # update post to datebase sql = 'UPDATE message SET message_info = %s WHERE message_id = %s;' parm = (request.form['posteditbox'], postid) Post().set_Post(sql, parm) except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') return redirect(url_for('home', host=host)) except: traceback.print_exc() return render_template('error.html')
def addPost(host): try: if session.get('username') != host: return render_template('notlogin.html') else: try: sql = 'SELECT * FROM users WHERE user_name = %s;' parm = (host, ) rows = User().get_User(sql, parm) hostid = rows[0] print(hostid) content = request.form['postbox'] except: traceback.print_exc() return render_template('error1.html') if content.strip() == '': error = 'You can not send nothing!' # can not send nothing try: sql = 'SELECT * FROM message WHERE user_id = %s ORDER BY message_id DESC;' parm = (hostid, ) posts = Post().get_AllPost(sql, parm) except: traceback.print_exc() return render_template('error1.html') return render_template('homeopage.html', hosts=rows, posts=posts, error=error) else: try: # insert a post sql_add = 'INSERT INTO message (message_info,message_time,user_id) VALUES (%s,%s,%s);' # get now time import datetime now = datetime.datetime.now() otherStyleTime = now.strftime("%Y-%m-%d %H:%M:%S") parm_add = (request.form['postbox'], otherStyleTime, hostid) Post().set_Post(sql_add, parm_add) except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') return redirect(url_for('home', host=host)) except: traceback.print_exc() return render_template('error.html')
def comment(postid, host): try: if session.get('username') != host: return render_template('notlogin.html') else: try: # 获取post内容,在评论页面显示 sql1 = 'SELECT * FROM message WHERE message_id = %s;' parm1 = (postid, ) rows = Post().get_Post(sql1, parm1) post = rows[1] posttime = rows[2] # 获取发post的用户信息,传递给页面 posthostid = rows[6] sql2 = 'SELECT * FROM users WHERE user_id = %s;' parm2 = (posthostid, ) row = User().get_User(sql2, parm2) posthost = row[1] posthostpic = row[6] # 获取post的所有评论,把信息返回给评论页面 sql2 = 'SELECT comment.*,users.userpic FROM comment,users WHERE message_id = %s AND users.user_id = comment.user_id ORDER BY comment_id DESC;;' parm2 = (postid, ) comms = Comment().get_AllComment(sql2, parm2) # 查询post的评论数量 sql3 = 'SELECT COUNT(user_id) FROM comment WHERE message_id = %s;' parm3 = (postid, ) commnum = Comment().get_Comment(sql3, parm3) # 更新到数据库 sql4 = 'UPDATE message SET message_commentnum = %s WHERE message_id = %s;' parm4 = (commnum[0], postid) Post().set_Post(sql4, parm4) except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') return render_template('comments.html', postid=postid, host=host, post=post, posthost=posthost, posthostpic=posthostpic, posttime=posttime, comms=comms) except: traceback.print_exc() return render_template('error.html')
def register(): try: sql = 'SELECT * FROM users WHERE user_name = %s;' parm = (request.form['username'], ) rows = User().get_User(sql, parm) except: traceback.print_exc() return render_template('error1.html') try: if rows is not None: error = 'user is already exist!' return render_template('register.html', error1=error) else: if len(request.form['username']) < 2: error = 'length of username is too short!' return render_template('register.html', error1=error) if len(request.form['password']) < 6: error = 'length of password should be more than six!' return render_template('register.html', error1=error) else: if request.form['password'] == request.form['repassword']: try: salt_value = 'Ecm6' md5 = create_md5(request.form['password'], salt_value) sql_add = 'INSERT INTO users (user_name,user_password) VALUES (%s,%s);' parm_add = (request.form['username'], md5) User().set_User(sql_add, parm_add) return render_template('success.html') except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') else: error = 'password is not same!' return render_template('register.html', error1=error) except: traceback.print_exc() return render_template('error.html')
def delComment(postid, commid, host): try: if session.get('username') != host: return render_template('notlogin.html') else: try: # 删除comment sql_del = 'DELETE FROM comment WHERE comment_id = %s;' parm_del = (commid, ) Comment().set_Comment(sql_del, parm_del) except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') return redirect( url_for('comment', postid=postid, commid=commid, host=host)) except: traceback.print_exc() return render_template('error.html')
def uploadPhoto(host): try: if session.get('username') != host: return render_template('notlogin.html') else: try: # get infomation of host sql = 'SELECT * FROM users WHERE user_name = %s;' parm = (host,) hosts = User().get_User(sql, parm) except: traceback.print_exc() return render_template('error1.html') # 获取文件,判断格式 avatar = request.files['avatar'] fname = avatar.filename flag = '.' in fname and fname.rsplit('.', 1)[1] in ALLOWED_EXTENSIONS if not flag: error = 'the type of file is wrong' return render_template('photo.html', hosts=hosts, type_error=error) # 添加文件到本地文件库 avatar.save('{}{}_{}'.format(UPLOAD_FOLDER, hosts[1], fname)) avatar_url = '/static/avatar/{}_{}'.format(hosts[1], fname) #更新 try: sql_add = 'UPDATE users SET userpic = %s WHERE user_id = %s;' parm_add = (avatar_url,hosts[0]) User().set_User(sql_add,parm_add) except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') return redirect(url_for('home', host=host)) except: traceback.print_exc() return render_template('error.html')
def unFollow(host, userid): try: if session.get('username') != host: return render_template('notlogin.html') else: try: # get host info sql = 'SELECT * FROM users WHERE user_name = %s;' parm = (host, ) hosts = User().get_User(sql, parm) except: traceback.print_exc() return render_template('error1.html') try: # delete relation sql_del = 'DELETE FROM relation WHERE user_id = %s AND follow_id = %s;' parm_del = (hosts[0], userid) Relation().set_Relation(sql_del, parm_del) # update the number of host follow sql_update = 'UPDATE users SET follownum = follownum - 1 WHERE user_id = %s;' parm = (hosts[0], ) User().set_User(sql_update, parm) # update the number of user fans sql_update1 = 'UPDATE users SET fansnum = fansnum - 1 WHERE user_id = %s;' parm1 = (userid, ) User().set_User(sql_update1, parm1) except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') return redirect(url_for('friend', host=host)) except: traceback.print_exc() return render_template('error.html')
def editComment(commid, host): try: if session.get('username') != host: return render_template('notlogin.html') else: try: sql = 'SELECT * FROM comment WHERE comment_id = %s;' parm = (commid, ) row = Comment().get_Comment(sql, parm) postid = row[3] content = request.form['commeditbox'] except: traceback.print_exc() return render_template('error1.html') if content.strip() == '': error = 'you left nothing' return render_template('comm_edit.html', host=host, commid=commid, error=error) else: try: # 更改后的comment更新到数据库 sql = 'UPDATE comment SET comment_info = %s WHERE comment_id = %s;' parm = (request.form['commeditbox'], commid) Comment().set_Comment(sql, parm) except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') return redirect(url_for('comment', postid=postid, host=host)) except: traceback.print_exc() return render_template('error.html')
def postlistLike(postid, host): try: if session.get('username') != host: return render_template('notlogin.html') else: try: #查找当前用户ID print(postid, host) sql = 'SELECT * FROM users WHERE user_name = %s;' parm = (host, ) rows = User().get_User(sql, parm) hostid = rows[0] #如果用户没有点过赞,那么添加一条点赞 sql_search = 'SELECT * FROM likes WHERE message_id = %s AND user_id = %s;' parm = (postid, hostid) result = Like().get_Like(sql_search, parm) except: traceback.print_exc() return render_template('error1.html') if result is not None: try: # 对应post点赞数-1 sql1 = 'SELECT * FROM message WHERE message_id = %s;' parm1 = (postid, ) rows = Post().get_Post(sql1, parm1) likenum = rows[4] likenew = likenum - 1 # 更新点赞数的值 sql2 = 'UPDATE message SET message_likenum = %s WHERE message_id = %s;' parm2 = (likenew, postid) Post().set_Post(sql2, parm2) #删除点赞信息 sql_del = 'DELETE FROM likes WHERE message_id = %s and user_id = %s;' parm_del = (postid, hostid) Like().del_Like(sql_del, parm_del) except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') return redirect(url_for('postlist', host=host)) else: try: sql_add = 'INSERT INTO likes (message_id,user_id) VALUES (%s,%s);' parm_add = (postid, hostid) Like().add_Like(sql_add, parm_add) #对应post点赞数+1 sql1 = 'SELECT * FROM message WHERE message_id = %s;' parm1 = (postid, ) rows = Post().get_Post(sql1, parm1) likenum = rows[4] likenew = likenum + 1 #更新点赞数的值 sql2 = 'UPDATE message SET message_likenum = %s WHERE message_id = %s;' parm2 = (likenew, postid) Post().set_Post(sql2, parm2) except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') return redirect(url_for('postlist', host=host)) except: traceback.print_exc() return render_template('error.html')
def doFollow(state, host, username, key): try: if session.get('username') != host: return render_template('notlogin.html') else: try: # get id of host follow or unfollow sql = 'SELECT * FROM users WHERE user_name = %s;' parm = (username, ) # users = User().get_AllUser(sql, parm) userinfo = User().get_User(sql, parm) # get host info parm2 = (host, ) hosts = User().get_User(sql, parm2) # get userinfo which host search sql = 'SELECT * FROM users WHERE user_name LIKE %s ORDER BY user_id DESC;' parm = ("%" + key + "%", ) users = User().get_AllUser(sql, parm) # get userinfo which host follow sql1 = 'SELECT users.* FROM users,relation WHERE relation.user_id = %s AND users.user_id = relation.follow_id;' parm1 = (hosts[0], ) follows = Relation().get_AllRelation(sql1, parm1) except: traceback.print_exc() return render_template('error1.html') if state == 'FOLLOW': # can not follow hostself if host == username: error = 'you can not follow yourself' return render_template('friend.html', hosts=hosts, users=users, key=key, follows=follows, error=error) else: try: # add relation sql_add1 = 'INSERT INTO relation (user_id,follow_id) VALUES (%s,%s);' parm_add1 = (hosts[0], userinfo[0]) Relation().set_Relation(sql_add1, parm_add1) # update the num of follow sql_update = 'UPDATE users SET follownum = follownum + 1 WHERE user_id = %s;' parm = (hosts[0], ) User().set_User(sql_update, parm) # update the number of fans sql_update = 'UPDATE users SET fansnum = fansnum + 1 WHERE user_id = %s;' parm = (userinfo[0], ) User().set_User(sql_update, parm) except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') return redirect(url_for('follow', key=key, host=host)) else: try: # delete relation sql_del = 'DELETE FROM relation WHERE user_id = %s AND follow_id = %s;' parm_del = (hosts[0], userinfo[0]) Relation().set_Relation(sql_del, parm_del) # update the number of host follow sql_update = 'UPDATE users SET follownum = follownum - 1 WHERE user_id = %s;' parm = (hosts[0], ) User().set_User(sql_update, parm) # update the number of user fans sql_update1 = 'UPDATE users SET fansnum = fansnum - 1 WHERE user_id = %s;' parm1 = (userinfo[0], ) User().set_User(sql_update1, parm1) except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') return redirect(url_for('follow', key=key, host=host)) except: traceback.print_exc() return render_template('error.html')
def home(host): try: if session.get('username') == host: try: # get infomation of host sql = 'SELECT * FROM users WHERE user_name = %s;' parm = (host, ) host1 = User().get_User(sql, parm) #get post number sql = 'SELECT COUNT(message_id) FROM message WHERE user_id = %s;' parm = (host1[0], ) postnum = Post().get_Post(sql, parm) # update host's number of post sql_update = 'UPDATE users SET postnum = %s WHERE user_id = %s;' parm = ( postnum[0], host1[0], ) User().set_User(sql_update, parm) # get follower number sql = 'SELECT COUNT(follow_id) FROM relation WHERE user_id = %s;' parm = (host1[0], ) follownum = Relation().get_Relation(sql, parm) # update number of follower sql_update = 'UPDATE users SET follownum = %s WHERE user_id = %s;' parm = ( follownum[0], host1[0], ) User().set_User(sql_update, parm) #get fans number sql = 'SELECT COUNT(user_id) FROM relation WHERE follow_id = %s;' parm = (host1[0], ) fansnum = Relation().get_Relation(sql, parm) # update host's number of fans sql_update = 'UPDATE users SET fansnum = %s WHERE user_id = %s;' parm = ( fansnum[0], host1[0], ) User().set_User(sql_update, parm) # get infomation of host sql = 'SELECT * FROM users WHERE user_name = %s;' parm = (host, ) hosts = User().get_User(sql, parm) # get infomation the posts of host and friend sql1 = 'SELECT message.*,users.user_name,users.userpic FROM message,relation,users WHERE relation.user_id = %s AND message.user_id = relation.follow_id AND message.user_id = users.user_id;' parm1 = (hosts[0], ) posts1 = Post().get_AllPost(sql1, parm1) sql2 = 'SELECT message.*,users.user_name,users.userpic FROM message,users WHERE message.user_id = %s and message.user_id = users.user_id;' parm2 = (hosts[0], ) posts2 = Post().get_AllPost(sql2, parm2) posts = sorted(posts1 + posts2, reverse=True) except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') return render_template('homeopage.html', hosts=hosts, posts=posts) else: return render_template('notlogin.html') except: traceback.print_exc() return render_template('error.html')
def addComment(postid, host): try: if session.get('username') != host: return render_template('notlogin.html') else: try: # 查询登录用户的ID sql = 'SELECT * FROM users WHERE user_name = %s;' parm = (host, ) rows = User().get_User(sql, parm) hostid = rows[0] hostname = rows[1] content = request.form['commbox'] except: traceback.print_exc() return render_template('error1.html') if content.strip() == '': try: error = 'You left nothing!' # 发送内容如果为空,提示并返回主页 sql = 'SELECT * FROM comment WHERE message_id = %s ORDER BY comment_id DESC;' parm = (postid, ) comms = Comment().get_AllComment(sql, parm) # 显示post sql1 = 'SELECT * FROM message WHERE message_id = %s;' parm1 = (postid, ) rows = Post().get_Post(sql1, parm1) post = rows[1] # 获取posthost和posttime posthostid = rows[6] sql2 = 'SELECT * FROM users WHERE user_id = %s;' parm2 = (posthostid, ) row = User().get_User(sql2, parm2) posthost = row[1] posttime = rows[2] except: traceback.print_exc() return render_template('error1.html') return render_template('comments.html', postid=postid, posttime=posttime, posthost=posthost, host=host, error=error, post=post, comms=comms) else: try: # 添加评论 sql_add = 'INSERT INTO comment (comment_info,comment_time,message_id,user_id,user_name) VALUES (%s,%s,%s,%s,%s);' # 获取当前时间 import datetime now = datetime.datetime.now() # 转换为指定的格式 otherStyleTime = now.strftime("%Y-%m-%d %H:%M:%S") parm_add = (request.form['commbox'], otherStyleTime, postid, hostid, hostname) Comment().set_Comment(sql_add, parm_add) except: conn = connect_db() conn.rollback() conn.close() traceback.print_exc() return render_template('error1.html') return redirect(url_for('comment', postid=postid, host=host)) except: traceback.print_exc() return render_template('error.html')