def login_submit(): record_requests(get_instanceId()) cnx = get_db() cursor = cnx.cursor() if 'username' in request.form and \ 'password' in request.form: query = "SELECT * FROM user_information WHERE username='******';" % ( request.form['username']) cursor.execute(query) c = cursor.fetchall() if len(c) == 1 and checkPassWord(c[0][2], request.form['password']): session['authenticated'] = True session.permanent = True session['username'] = request.form['username'] session['error_dis'] = None session['user_id'] = c[0][0] login_success = 'You have successfully logged in!' return render_template("upload.html", login_success=login_success) if 'username' in request.form: session['username'] = request.form['username'] session['authenticated'] = False session['error'] = "Error! Incorrect username or password!" return redirect(url_for('login'))
def uploadTA(): record_requests(get_instanceId()) username = request.values['username'] password = request.values['password'] message, permission = loginTA(username, password) if permission == 0: return message else: return file_uploadTA()
def register(): record_requests(get_instanceId()) uname_r = None e_r = None if 'username_r' in session: uname_r = session['username_r'] if 'error_r' in session: e_r = session['error_r'] return render_template("register.html", error=e_r, username=uname_r)
def register_submit(): record_requests(get_instanceId()) cnx = get_db() cursor = cnx.cursor() if 'username' in request.form and \ 'password' in request.form and \ 'confirm_password' in request.form: query = "SELECT * FROM user_information WHERE username='******';" % ( request.form['username']) cursor.execute(query) c = cursor.fetchall() # Judge if the username has duplicate if len(c) == 1 and c[0][1] == request.form['username']: session[ 'error_r'] = "This user had registered, change another username!" return redirect(url_for('register')) # Judge if the username is longer than 100 chars if len(request.form['username']) >= 100: session['error_r'] = "Username is too long!" return redirect(url_for('register')) # Judge whether the two passwords are same if request.form['password'] != request.form['confirm_password']: session[ 'error_r'] = "The two passwords are not the same, please confirm!" return redirect(url_for('register')) # Assign unique user_id query = "SELECT * FROM user_information" cursor.execute(query) c = cursor.fetchall() id = len(c) saltedPS = enPassWord(request.form['password']) query = "INSERT INTO user_information VALUES ('%d','%s','%s');" % ( id + 1, request.form['username'], saltedPS) try: cursor.execute(query) cnx.commit() except: cnx.rollback() success = "Create account Success, please login!" return render_template("login.html", register_success=success) session['error_r'] = "Every box should have value!" return redirect(url_for('register'))
def login(): shutil.rmtree('app/static') os.mkdir('app/static') record_requests(get_instanceId()) uname = None e = None if 'username' in session: uname = session['username'] if 'error' in session: e = session['error'] if 'authenticated' in session: if session['authenticated']: return redirect(url_for('disPhoto')) return render_template("login.html", error=e, username=uname)
def view(): record_requests(get_instanceId()) if 'username' not in session: return redirect(url_for('user')) username = str(session['username']) path = os.path.join('app', 'static', username) mkdir(path) cnx = get_db() cursor = cnx.cursor() query = "SELECT origin_path,thumb_path,text_path from user_information,image where image.user_id = user_information.user_id and username = '******';" % username cursor.execute(query) allphotos = cursor.fetchall() if not allphotos: session[ 'error_dis'] = "No photo in your account, Please upload photos first!" return redirect(url_for('disPhoto')) else: session['error_dis'] = None # download user's all files to local for row in allphotos: for col in row: s3.download_file('a2homework', col[16:], col[16:]) listphoto = [] #insert filename to form new list for row in allphotos: listtemp = [] for col in row: listtemp.append(col[16:]) #print(listtemp) #print(row[1]) fpath = os.path.split(row[1]) listtemp.append(fpath[1]) listphoto.append(listtemp) print(listphoto) return render_template('view.html', listphoto=listphoto)
def registerTA(): record_requests(get_instanceId()) try: username = str(request.args.get('username')) password = str(request.args.get('password')) cnx = get_db() cursor = cnx.cursor() # Judge if the args are empty if len(username) == 0 or len(password) == 0: return "None of the username or password should be empty!" query = "SELECT * FROM user_information WHERE username='******';" % ( username) cursor.execute(query) c = cursor.fetchall() # Judge if the username has duplicate if len(c) == 1 and c[0][1] == username: return "This user had registered, change another username!" # Judge if the username is longer than 100 chars if len(username) >= 100: return "Username is too long!" # Assign unique user_id query = "SELECT * FROM user_information" cursor.execute(query) c = cursor.fetchall() id = len(c) saltedPS = enPassWord(password) query = "INSERT INTO user_information VALUES ('%d','%s','%s');" % ( id + 1, username, saltedPS) try: cursor.execute(query) cnx.commit() except: cnx.rollback() return "Create account Success, please login!" except Exception as e: traceback.print_tb(e.__traceback__) return "Create new account failed!"
def loginTA(username, password): record_requests(get_instanceId()) cnx = get_db() cursor = cnx.cursor() if len(username) == 0 or len(password) == 0: message = "None of the username and password should be empty!" permission = 0 else: query = "SELECT * FROM user_information WHERE username='******';" % ( username) cursor.execute(query) c = cursor.fetchall() if len(c) == 1 and checkPassWord(c[0][2], password): session['authenticated'] = True session.permanent = True session['username'] = username session['user_id'] = c[0][0] message = "Login success!" permission = 1 else: session['authenticated'] = False message = "Error! Incorrect username or password!" permission = 0 return message, permission
def disPhoto(): record_requests(get_instanceId()) error_dis = None if 'error_dis' in session: error_dis = session['error_dis'] return render_template("upload.html", error_dis=error_dis)
def user(): record_requests(get_instanceId()) return render_template("user.html")
def logout(): record_requests(get_instanceId()) session.clear() return render_template("base.html")
def show(): record_requests(get_instanceId()) return render_template("show.html")