def showlist():
rows = db.execute("SELECT * FROM markers")
for x in range(0, len(rows)):
names = db.execute("SELECT username FROM users where id=:id",
id=rows[x]['user'])
rows[x]['user'] = names[0]['username']
return render_template("lists.html", data=rows)
def listid(page_id):
marker = page_id
table = db.execute("SELECT * FROM markers WHERE id=:id", id=int(marker))
if len(table) == 0:
return redirect(url_for("marks.lists"))
if request.method == "POST":
if request.form.get("text_name"):
hajde = str(request.form["text_name"])
result = db.execute(
"INSERT INTO commets (user, marker,text) VALUES (:username,:marker, :ipsisi )",
username=session["user_id"],
marker=marker,
ipsisi=hajde)
return showpage(marker)
elif request.form.get("prodId"):
result = db.execute("DELETE FROM commets WHERE id=:id",
id=int(request.form.get("prodId")))
return showpage(marker)
elif request.form.get("all"):
result = db.execute("DELETE FROM commets WHERE marker=:id",
id=int(marker))
table = db.execute("DELETE FROM markers WHERE id=:id",
id=int(marker))
ispisfile = str(marker) + ".jpg"
os.remove(os.path.join(UPLOAD_FOLDER, ispisfile))
return redirect(url_for("marks.lists"))
else:
return redirect(url_for("marks.lists"))
else:
return showpage(marker)
def Comments(marker):
comm = db.execute("SELECT * FROM commets WHERE marker=:per", per=marker)
for x in range(0, len(comm)):
names = db.execute("SELECT username,avatar FROM users where id=:id",
id=comm[x]['user'])
comm[x]['user'] = names[0]['username']
comm[x]['avatar'] = names[0]['avatar']
return comm
def showpage(marker):
rows = db.execute("SELECT * FROM markers WHERE id=:id", id=marker)
names = db.execute("SELECT * FROM users WHERE id=:per",
per=int(rows[0]['user']))
user = db.execute("SELECT * FROM users WHERE id=:per",
per=session["user_id"])
pozicija = str(rows[0]['latitude']) + " " + str(rows[0]['longitude'])
vreme = str(rows[0]['time']) + " " + str(rows[0]['date'])
return render_template("listsbyid.html",image=marker,person=names[0]['avatar']\
,name=names[0]['username'],lat=pozicija,time=vreme,data=Comments(marker),user=user)
def login():
error = None
if request.method == "POST":
if not request.form.get("name"):
error = 'insert username'
if not request.form.get("pass"):
if error == None:
error = 'insert password'
else:
error += ' and password'
if error == None:
name = request.form.get("name")
sifra = request.form.get("pass")
rows = db.execute("SELECT * FROM users WHERE username = :username",
username=name)
if len(rows) != 1 or not check_password_hash(
rows[0]["password"], sifra):
error = "wrong password or username"
if error == None:
session["user_id"] = rows[0]["id"]
return redirect(url_for("maps.index"))
else:
return render_template("login.html", error=error)
else:
return render_template("login.html", error=error)
else:
return render_template("login.html", error=error)
def toclose(latids,longit):
rows = db.execute("""SELECT * FROM markers
WHERE latitude > :latdmin AND latitude < :latdmax AND longitude > :longitmin AND longitude < :longitmax
""",
latdmin=latids-0.01,latdmax=latids+0.01, longitmin=longit-0.01,longitmax=longit+0.01)
if len(rows) < 1:
return 1
else:
return 0
def update():
"""Find up to 10 places within view."""
# ensure parameters are present
if not request.args.get("sw"):
raise RuntimeError("missing sw")
if not request.args.get("ne"):
raise RuntimeError("missing ne")
# ensure parameters are in lat,lng format
if not re.search(r"^-?\d+(?:\.\d+)?,-?\d+(?:\.\d+)?$", request.args.get("sw")):
raise RuntimeError("invalid sw")
if not re.search(r"^-?\d+(?:\.\d+)?,-?\d+(?:\.\d+)?$", request.args.get("ne")):
raise RuntimeError("invalid ne")
# explode southwest corner into two variables
(sw_lat, sw_lng) = [float(s) for s in request.args.get("sw").split(",")]
# explode northeast corner into two variables
(ne_lat, ne_lng) = [float(s) for s in request.args.get("ne").split(",")]
# find 10 cities within view, pseudorandomly chosen if more within view
if (sw_lng <= ne_lng):
# doesn't cross the antimeridian
rows = db.execute("""SELECT * FROM markers
WHERE :sw_lat <= latitude AND latitude <= :ne_lat AND (:sw_lng <= longitude AND longitude <= :ne_lng)
LIMIT 10""",
sw_lat=sw_lat, ne_lat=ne_lat, sw_lng=sw_lng, ne_lng=ne_lng)
else:
# crosses the antimeridian
rows = db.execute("""SELECT * FROM markers
WHERE :sw_lat <= latitude AND latitude <= :ne_lat AND (:sw_lng <= longitude OR longitude <= :ne_lng)
LIMIT 10""",
sw_lat=sw_lat, ne_lat=ne_lat, sw_lng=sw_lng, ne_lng=ne_lng)
# output places as JSON
return jsonify(rows)
def register():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
error = None
if not username:
error = 'Username is required.'
elif not password:
error = 'Password is required.'
elif db.User.query.filter_by(username=username).first() is not None:
error = 'User {} is already registered.'.format(username)
if error is None:
db.execute('INSERT INTO user (username, password) VALUES (?, ?)',
(username, generate_password_hash(password)))
db.commit()
return redirect(url_for('auth.login'))
flash(error)
return render_template('auth/register.html')
def register():
error = None
if request.method == "POST":
if not request.form.get("name"):
error = "insert username"
if not request.form.get("pass"):
if error != None:
error += " password"
else:
error = "insert password"
if not request.form.get("adresa"):
if error != None:
error += " and email"
else:
error = "insert email"
if error == None:
if len(request.form.get("name")) < 5:
error = "username is too short"
if len(request.form.get("pass")) < 8:
if error == None:
error = "password is too short"
if len(request.form.get("adresa")) < 5:
if error == None:
error = "email is too short"
if error == None:
name = request.form.get("name")
email = request.form.get("adresa")
hash = generate_password_hash(request.form.get("pass"))
locat = "def" + str(random.randint(1, 9)) + ".jpg"
result = db.execute(
"INSERT INTO users (username, password,email,avatar) VALUES (:username,:hash,:email,:av)",
username=name,
hash=hash,
email=email,
av=locat)
if not result:
error = "username taken"
if error == None:
session["user_id"] = result
return redirect(url_for("maps.index"))
else:
return render_template("register.html", error=error)
else:
return render_template("register.html", error=error)
else:
return render_template("register.html", error=error)
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
db = get_db()
error = None
user = db.execute('SELECT * FROM user WHERE username = ?',
(username, )).fetchone()
if user is None:
error = 'Incorrect username.'
elif not check_password_hash(user['password'], password):
error = 'Incorrect password.'
if error is None:
session.clear()
session['user_id'] = user['id']
return redirect(url_for('index'))
flash(error)
return render_template('auth/login.html')
def index():
error = None
if request.method == "POST":
if 'file' not in request.files:
error='No file part'
file = request.files['file']
if file.filename == '':
error='No selected file'
if file and allowed_file(file.filename):
lat=float(request.form.get("sirina"))
longi=float(request.form.get("duzina"))
if toclose(lat,longi) == 1:
result = db.execute("INSERT INTO markers (user, latitude,longitude) VALUES (:user,:lat,:longi)", user=session["user_id"],lat=lat,longi=longi)
ispisfile=str(result)+".jpg"
file.save(os.path.join(UPLOAD_FOLDER ,ispisfile))
else:
error="marker is too close"
else:
error="The file format must be .jpg"
return render_template("index.html",error=error)
else:
return render_template("index.html",error=error)
def account():
error = None
if request.method == "POST":
rows = db.execute("SELECT * FROM users WHERE id = :id",
id=session["user_id"])
name = request.form.get("username")
email = request.form.get("email")
passw = request.form.get("pass")
newpassw = request.form.get("newpass")
suc1 = 0
suc2 = 0
suc3 = 0
suc4 = 0
if name and name != rows[0]['username']:
if len(name) < 5:
return loadpage(error="Username is too short!")
suc1 = 1
if email and email != rows[0]['email']:
if len(email) < 5:
return loadpage(error="Email is too short!")
suc2 = 1
if passw:
if not check_password_hash(rows[0]["password"], passw):
return loadpage(error="You entered the wrong password!")
if newpassw:
if len(newpassw) < 8:
return loadpage(error="Password is too short!")
suc3 = 1
file = ""
if 'file' in request.files:
file = request.files['file']
if file.filename != '':
if file and allowed_file(file.filename):
suc4 = 1
else:
return loadpage(error="Image format is not supported!")
if suc1 == 1:
update = db.execute(
"UPDATE users SET username=:username WHERE id = :id",
username=name,
id=session["user_id"])
if not update:
return loadpage(error="Username is already taken!")
if suc2 == 1:
update = db.execute("UPDATE users SET email=:email WHERE id = :id",
email=email,
id=session["user_id"])
if not update:
return loadpage(error="Email is already taken!")
if suc3 == 1:
hash = generate_password_hash(newpassw)
update = db.execute(
"UPDATE users SET password=:passw WHERE id = :id",
passw=hash,
id=session["user_id"])
if suc4 == 1:
extenzija = file.filename.rsplit('.', 1)[1].lower()
id = session["user_id"]
rows = db.execute("SELECT * FROM users WHERE id = :id",
id=session["user_id"])
preavat = rows[0]['avatar']
inc = 0
if preavat[0] == 'd' and preavat[1] == 'e' and preavat[2] == 'f':
inc = 1
else:
preavat = preavat.replace('-', '.')
preavat = preavat.split('.')
if len(preavat) == 3:
inc = int(preavat[1])
inc = inc + 1
else:
inc = 1
ispisfile = str(id) + "-" + str(inc) + "." + extenzija
file.save(os.path.join(UPLOAD_FOLDER, ispisfile))
update = db.execute("UPDATE users SET avatar=:avet WHERE id = :id",
avet=ispisfile,
id=session["user_id"])
return loadpage(error="Changes saved successfully!")
else:
return loadpage(error)
def loadpage(error):
rows = db.execute("SELECT * FROM users WHERE id = :id",
id=session["user_id"])
return render_template("profile.html",avatar=rows[0]['avatar'],\
name=rows[0]['username'],email=rows[0]['email'],error=error)
