コード例 #1
0
def login():
    form = LoginForm(request.form)

    if request.method == 'POST' and form.validate:
        email = form.email.data
        password = form.password.data

        command = """ SELECT *
                      FROM User
                      WHERE User.email = "{e}"
        """.format(e=email)
        cursor.execute(command)
        login_verified = cursor.fetchone()

        if login_verified != None:
            if email == login_verified[1] and password == login_verified[3]:
                session['logged_in'] = True
                # session['email_address'] = email_address
                flash('You are logged in as %s!' %(email), 'success')
                # return '<h1> Login Successful </h1>'
                return redirect(url_for('app.home'))
            else:
                # flash('Wrong Email Address','danger')
                return render_template('login.html', form=form)
        else:
            flash('Wrong Email Address','danger')
            return render_template('login.html', form=form)
    return render_template('login.html', form=form)
コード例 #2
0
def review_edit(key):
    command = """SELECT {a}.review_id, {a}.first_name, {a}.last_name, {a}.organization_name, {a}.user_review, {a}.organization_id
                 FROM {a}
                 WHERE review_id = {p1}
              """.format(a='review', p1=key)
    cursor.execute(command)
    single_review = cursor.fetchone()
    org_id = single_review[5]

    form = ReviewForm(request.form,
                      csrf_enabled=False,
                      first_name=single_review[1],
                      last_name=single_review[2],
                      organization_name=single_review[3],
                      user_review=single_review[4])

    command = """ SELECT {a}.organization_name, {a}.organization_name
                  FROM {a} INNER JOIN {b} ON {a}.organization_id = {b}.organization_id
                  WHERE {b}.review_id = {id}
              """.format(a='organization', b='review', id=key)
    cursor.execute(command)
    org_name = cursor.fetchall()
    form.org_name.choices = org_name

    if request.method == 'POST' and form.validate():
        first_name = form.first_name.data
        last_name = form.last_name.data  # This variable is linked to the models
        org_name = form.org_name.data
        user_review = form.user_review.data  # This command only works when if request.method == POST

        command = """
            UPDATE review SET first_name='{f}', last_name='{l}',organization_name='{o}',user_review='{u}'
            WHERE review_id ={i}
            """.format(f=first_name,
                       l=last_name,
                       o=org_name,
                       u=user_review,
                       i=key)
        cursor.execute(command)
        conn.commit()

        flash('Your Review has been edited', 'success')
        return redirect(url_for('app.organization_detail', key=org_id))

    if form.errors:
        flash(form.errors, 'danger')

    return render_template('review-edit.html', form=form, review_id=key)
コード例 #3
0
def review_delete(key):

    command = """ SELECT organization_id
                  FROM review
                  WHERE review_id = {id}
              """.format(id=key)
    cursor.execute(command)
    selected_org_id = cursor.fetchone()
    org_id = selected_org_id[0]

    command = """ SELECT *
                  FROM review
                  WHERE review_id = {id}
              """.format(id=key)
    cursor.execute(command)

    command = """ DELETE FROM review
                    WHERE review_id = {id}
            """.format(id=key)
    cursor.execute(command)
    conn.commit()

    flash('Your Review has been deleted')
    return redirect(url_for('app.organization_detail', key=org_id))
コード例 #4
0
def sign_up():
    # 1) Select the table to fetch all data from the database
    # command = """SELECT {a}.user_id, {a}.email, {a}.username, {a}.password
    #              FROM {a}
    #           """.format(a='User')
    # cursor.execute(command)
    # user_data = cursor.fetchall()

    # 2) Select the MAX(user_id) to make the id increment. If it's None then return 1.
    command = """ SELECT MAX(user_id)
                  FROM User
              """
    cursor.execute(command)
    next_user_id = cursor.fetchone()

    if next_user_id[0] == None:
        user_id = 1
    else:
        user_id = next_user_id[0]+1

    # 3) create the form function
    form = RegisterForm(request.form, crsf_enabled=False)

    # 4) creata an IF function if method = POST and create variable for form database
    if request.method == 'POST' and form.validate():
        email = form.email.data
        username = form.username.data
        password = form.password.data

        command = """ SELECT {a}.email, {a}.username
                      FROM {a}
                      WHERE {a}.email = '{e}' OR {a}.username = '******'
                  """.format(e=email, u=username, a="User")
        cursor.execute(command)
        sign_up_verification = cursor.fetchone()

        if sign_up_verification == None:
            command = """ INSERT INTO {a} (user_id, email, username, password)
                          VALUES ({id}, '{e}','{un}', '{p}')
                      """.format(a='User', id=user_id, e=email, un=username, p=password)
            cursor.execute(command)
            conn.commit()

            session['logged_in'] = True
            flash('The user %s has been created' % (email), 'success')
            return redirect(url_for('app.home'))

        email_data = sign_up_verification[0]
        username_data = sign_up_verification[1]

        if email_data != None and username_data != None:
            if username == username_data and email == email_data:
                flash('Your email and username has been taken. Please choose another')
                return redirect(url_for('app.sign_up'))
            if email == email_data:
                flash('Your email has been taken. Please choose another')
                return redirect(url_for('app.sign_up'))
            if username == username_data:
                flash('Your username has been taken. Please choose another')
                return redirect(url_for('app.sign_up'))

        # 5) Insert data into database (INSERT INTO ... VALUES ...)



    #5) Create an error form
    if form.errors:
        flash(form.errors, 'danger')

    return render_template('sign_up.html', form=form)
コード例 #5
0
def review_detail(key):
    command = """SELECT {a}.review_id, {a}.first_name, {a}.last_name, {a}.organization_name, {a}.user_review
                 FROM {a}
              """.format(a='review')
    cursor.execute(command)
    review_data = cursor.fetchall()

    # This queries the review_id and make it autoincrement
    command = """ SELECT MAX(review_id)
                    FROM review
              """
    cursor.execute(command)
    next_id = cursor.fetchone()
    if next_id[0] == None:
        review_id = 1
    else:
        review_id = next_id[0] + 1

    command = """ SELECT {a}.organization_id
                  FROM {a}
                  WHERE {a}.organization_id = {id}
    """.format(a='organization', id=key)
    cursor.execute(command)
    selected_org_id = cursor.fetchone()

    form = ReviewForm(
        request.form,
        crsf_enabled=False)  # This variable is linked to models.py

    command = """ SELECT organization_name, organization_name
                  FROM organization
                  WHERE {a}.organization_id = {id}
              """.format(a='organization', id=key)
    cursor.execute(command)
    org_name = cursor.fetchall()
    form.org_name.choices = org_name

    if request.method == 'POST' and form.validate():
        first_name = form.first_name.data
        last_name = form.last_name.data  # This variable is linked to the models
        org_name = form.org_name.data
        user_review = form.user_review.data
        org_id = selected_org_id[0]

        command = """ INSERT INTO review (review_id, first_name, last_name, organization_name, user_review, organization_id)
                      VALUES ({i},'{f}','{l}','{n}','{r}',{o})
                  """.format(
            i=review_id,
            f=first_name,
            l=last_name,
            n=org_name,
            r=user_review,
            o=org_id)  #This format matches the models and if POST statement
        cursor.execute(command)
        conn.commit()
        # flash is a pop up?
        flash('Your Review has been added', 'success')
        return redirect(url_for('app.organization_detail', key=org_id))

    if form.errors:
        flash(form.errors, 'danger')
        # This request's syntax is the router.(html file)
        # The user will be directed to this URL. The database should already be inserted and able to be viewed once redirected

    return render_template('reviewpage.html',
                           form=form,
                           review_list=review_data)