def getData(query):
cursor = conn.cursor()
cursor.execute(query)
data = cursor.fetchall()
conn.commit()
cursor.close()
return (data)
def main():
# if the user is logged in, have all the used textfiles available to the user display
if (session.get('logged_in') == True):
# query to get all the texts available to the user & feed to dictionary API
textQuery = 'SELECT Content.id, Content.username, Content.timest, Content.file_path, Content.content_name, Content.file_text\
FROM Content\
WHERE Content.username= %s\
ORDER BY timest desc'
spellQuery = 'SELECT Wrong.id, Wrong.incorrect_word FROM Wrong'
try:
cursor = conn.cursor()
username = session['username']
#ids of all the visible posts
cursor.execute(textQuery, (username))
textData = cursor.fetchall()
cursor.execute(spellQuery)
spellData = cursor.fetchall()
cursor.close()
except pymysql.Error as err:
app.logger.error(err)
userInfo.initiate()
return render_template("index.html", data=textData, spellData=spellData)
return render_template("index.html")
def texts():
if (not session.get('logged_in')):
return redirect(url_for('main'))
try:
query = "SELECT * FROM Content WHERE username=%s"
cursor = conn.cursor()
cursor.execute(query, (session['username']))
data = cursor.fetchall()
cursor.close()
return render_template('texts.html', data=data)
except pymysql.Error as err:
app.logger.error(err)
def loginAuth():
username = request.form['username']
password = request.form['password']
try:
cursor = conn.cursor()
query = 'SELECT * FROM Person WHERE username = %s and password = SHA2(%s, 256)'
cursor.execute(query, (username, password))
#stores results in var
data = cursor.fetchone()
cursor.close()
if (data):
session['logged_in'] = True
session['username'] = username
session.permanent = False
app.logger.info('%s logged in successfully', username)
return redirect(url_for('main', username=session['username']))
else:
error = "Invalid login or username/password"
app.logger.info('%s failed to log in', username)
return render_template('login.html', error=error)
except pymysql.Error as err:
app.logger.error(err)
def registerProcessing():
username = request.form['username']
if username in session['users'].keys():
errormsg = "Username already taken."
app.logger.warning('ERR: Duplicate username (%s)', username)
return render_template('register.html', error=errormsg)
if len(username) < 6:
errormsg = "Username is too short. Must be more than 5 characters."
app.logger.warning('ERR: Short username (%s)', username)
return render_template('register.html', error=errormsg)
elif len(username) > 50:
errormsg = "Username and/or other fields are too long. 50 characters max."
app.logger.warning('ERR: Long username (%s)', username)
return render_template('register.html', error=errormsg)
password = request.form['password']
if len(password) < 8:
errormsg = "Password is too short (needs to be greater than 7 characters)."
app.logger.warning('ERR: Short password (%s)', username)
return render_template('register.html', error=errormsg)
upperCase = 0
lowerCase = 0
num = 0
for x in password:
if x.isupper():
upperCase = upperCase + 1
elif x.islower():
lowerCase = lowerCase + 1
elif x.isdigit():
num = num + 1
if upperCase == 0:
errormsg = "Password needs to contain at least one uppercase letter."
app.logger.warning('ERR: Invalid password creation (%s)', password)
return render_template('register.html', error=errormsg)
if lowerCase == 0:
errormsg = "Password needs to contain at least one lowercase letter."
app.logger.warning('ERR: Invalid password creation (%s)', password)
return render_template('register.html', error=errormsg)
if num == 0:
errormsg = "Password needs to contain at least one number."
app.logger.warning('ERR: Invalid password creation (%s)', password)
return render_template('register.html', error=errormsg)
elif len(password) > 50:
errormsg = "Password is too long. 50 characters max."
app.logger.warning('ERR: Invalid password creation (%s)', password)
return render_template('register.html', error=errormsg)
retype = request.form['retype']
if retype != password:
errormsg = "Passwords do not match."
app.logger.warning('ERR: Invalid password match (%s, %s)', retype,
password)
return render_template('register.html', error=errormsg)
firstname = request.form['firstname']
lastname = request.form['lastname']
try:
cursor = conn.cursor()
query = 'INSERT INTO Person (username, password, first_name, last_name) VALUES (%s, SHA2(%s, 256), %s, %s)'
cursor.execute(query, (username, password, firstname, lastname))
conn.commit()
cursor.close()
session['logged_in'] = True
session['username'] = username
session['users'][username] = {}
session['users'][username]['first_name'] = firstname
session['users'][username]['last_name'] = lastname
app.logger.info('User (%s) registered successfully', username)
return redirect(url_for('main', username=session['username']))
except pymysql.Error as err:
app.logger.error(err)
def checkTextProcessed():
if (not session.get('logged_in')):
return redirect(url_for('main'))
content_name = request.form['content_name']
if len(content_name) > 50:
error = 'Title is too long. 50 characters max.'
app.logger.warning('ERR: Long title error (%s)', content_name)
return render_template('checkText.html', error=error)
txt_filepath = '/static/'
try:
file = request.files['text']
except:
file = None
if not allowed_file(file.filename):
error = 'Please attach text files only.'
app.logger.warning('ERR: Not a text file (%s)', file.filename)
return render_template('checkText.html', error=error)
wrong_words = set()
if request.method == 'POST' and file != None:
# save the text file in static folder
submitted_file = secure_filename(file.filename)
file.save(os.path.join(app.config['UPLOAD_FOLDER'], submitted_file))
txt_filepath = txt_filepath + submitted_file
# read the file and retrieve text
with open(os.path.join(app.config['UPLOAD_FOLDER'], submitted_file),
'r') as input_file:
file_text = input_file.read()
word_list = file_text.split() # extract all words into arr
for word in word_list:
if (isWordInDictionary(word.lower()) != 200):
wrong_words.add(word)
username = session['username']
try:
cursor = conn.cursor()
timest = datetime.datetime.now().strftime('%y-%m-%d %H:%M:%S')
query = 'SELECT max(id) as textID FROM Content' #to get the id of this post
cursor.execute(query)
textID = cursor.fetchone()['textID'] # + 1
if (textID is None):
textID = 1
else:
textID += 1
query = 'INSERT into Content (id, username, timest, file_path, content_name, file_text) values (%s, %s, %s, %s, %s, %s)'
cursor.execute(
query,
(textID, username, timest, txt_filepath, content_name, file_text))
# retrieve set of incorrectly spelled words and push into Wrong
for word in wrong_words:
query = 'INSERT into Wrong (id, incorrect_word) values (%s, %s)'
cursor.execute(query, (textID, word))
conn.commit()
cursor.close()
except pymysql.Error as err:
app.logger.error(err)
return redirect(url_for('main'))