def showlist(): rows = db.execute("SELECT * FROM markers") for x in range(0, len(rows)): names = db.execute("SELECT username FROM users where id=:id", id=rows[x]['user']) rows[x]['user'] = names[0]['username'] return render_template("lists.html", data=rows)
def listid(page_id): marker = page_id table = db.execute("SELECT * FROM markers WHERE id=:id", id=int(marker)) if len(table) == 0: return redirect(url_for("marks.lists")) if request.method == "POST": if request.form.get("text_name"): hajde = str(request.form["text_name"]) result = db.execute( "INSERT INTO commets (user, marker,text) VALUES (:username,:marker, :ipsisi )", username=session["user_id"], marker=marker, ipsisi=hajde) return showpage(marker) elif request.form.get("prodId"): result = db.execute("DELETE FROM commets WHERE id=:id", id=int(request.form.get("prodId"))) return showpage(marker) elif request.form.get("all"): result = db.execute("DELETE FROM commets WHERE marker=:id", id=int(marker)) table = db.execute("DELETE FROM markers WHERE id=:id", id=int(marker)) ispisfile = str(marker) + ".jpg" os.remove(os.path.join(UPLOAD_FOLDER, ispisfile)) return redirect(url_for("marks.lists")) else: return redirect(url_for("marks.lists")) else: return showpage(marker)
def Comments(marker): comm = db.execute("SELECT * FROM commets WHERE marker=:per", per=marker) for x in range(0, len(comm)): names = db.execute("SELECT username,avatar FROM users where id=:id", id=comm[x]['user']) comm[x]['user'] = names[0]['username'] comm[x]['avatar'] = names[0]['avatar'] return comm
def showpage(marker): rows = db.execute("SELECT * FROM markers WHERE id=:id", id=marker) names = db.execute("SELECT * FROM users WHERE id=:per", per=int(rows[0]['user'])) user = db.execute("SELECT * FROM users WHERE id=:per", per=session["user_id"]) pozicija = str(rows[0]['latitude']) + " " + str(rows[0]['longitude']) vreme = str(rows[0]['time']) + " " + str(rows[0]['date']) return render_template("listsbyid.html",image=marker,person=names[0]['avatar']\ ,name=names[0]['username'],lat=pozicija,time=vreme,data=Comments(marker),user=user)
def login(): error = None if request.method == "POST": if not request.form.get("name"): error = 'insert username' if not request.form.get("pass"): if error == None: error = 'insert password' else: error += ' and password' if error == None: name = request.form.get("name") sifra = request.form.get("pass") rows = db.execute("SELECT * FROM users WHERE username = :username", username=name) if len(rows) != 1 or not check_password_hash( rows[0]["password"], sifra): error = "wrong password or username" if error == None: session["user_id"] = rows[0]["id"] return redirect(url_for("maps.index")) else: return render_template("login.html", error=error) else: return render_template("login.html", error=error) else: return render_template("login.html", error=error)
def toclose(latids,longit): rows = db.execute("""SELECT * FROM markers WHERE latitude > :latdmin AND latitude < :latdmax AND longitude > :longitmin AND longitude < :longitmax """, latdmin=latids-0.01,latdmax=latids+0.01, longitmin=longit-0.01,longitmax=longit+0.01) if len(rows) < 1: return 1 else: return 0
def update(): """Find up to 10 places within view.""" # ensure parameters are present if not request.args.get("sw"): raise RuntimeError("missing sw") if not request.args.get("ne"): raise RuntimeError("missing ne") # ensure parameters are in lat,lng format if not re.search(r"^-?\d+(?:\.\d+)?,-?\d+(?:\.\d+)?$", request.args.get("sw")): raise RuntimeError("invalid sw") if not re.search(r"^-?\d+(?:\.\d+)?,-?\d+(?:\.\d+)?$", request.args.get("ne")): raise RuntimeError("invalid ne") # explode southwest corner into two variables (sw_lat, sw_lng) = [float(s) for s in request.args.get("sw").split(",")] # explode northeast corner into two variables (ne_lat, ne_lng) = [float(s) for s in request.args.get("ne").split(",")] # find 10 cities within view, pseudorandomly chosen if more within view if (sw_lng <= ne_lng): # doesn't cross the antimeridian rows = db.execute("""SELECT * FROM markers WHERE :sw_lat <= latitude AND latitude <= :ne_lat AND (:sw_lng <= longitude AND longitude <= :ne_lng) LIMIT 10""", sw_lat=sw_lat, ne_lat=ne_lat, sw_lng=sw_lng, ne_lng=ne_lng) else: # crosses the antimeridian rows = db.execute("""SELECT * FROM markers WHERE :sw_lat <= latitude AND latitude <= :ne_lat AND (:sw_lng <= longitude OR longitude <= :ne_lng) LIMIT 10""", sw_lat=sw_lat, ne_lat=ne_lat, sw_lng=sw_lng, ne_lng=ne_lng) # output places as JSON return jsonify(rows)
def register(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] error = None if not username: error = 'Username is required.' elif not password: error = 'Password is required.' elif db.User.query.filter_by(username=username).first() is not None: error = 'User {} is already registered.'.format(username) if error is None: db.execute('INSERT INTO user (username, password) VALUES (?, ?)', (username, generate_password_hash(password))) db.commit() return redirect(url_for('auth.login')) flash(error) return render_template('auth/register.html')
def register(): error = None if request.method == "POST": if not request.form.get("name"): error = "insert username" if not request.form.get("pass"): if error != None: error += " password" else: error = "insert password" if not request.form.get("adresa"): if error != None: error += " and email" else: error = "insert email" if error == None: if len(request.form.get("name")) < 5: error = "username is too short" if len(request.form.get("pass")) < 8: if error == None: error = "password is too short" if len(request.form.get("adresa")) < 5: if error == None: error = "email is too short" if error == None: name = request.form.get("name") email = request.form.get("adresa") hash = generate_password_hash(request.form.get("pass")) locat = "def" + str(random.randint(1, 9)) + ".jpg" result = db.execute( "INSERT INTO users (username, password,email,avatar) VALUES (:username,:hash,:email,:av)", username=name, hash=hash, email=email, av=locat) if not result: error = "username taken" if error == None: session["user_id"] = result return redirect(url_for("maps.index")) else: return render_template("register.html", error=error) else: return render_template("register.html", error=error) else: return render_template("register.html", error=error)
def login(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] db = get_db() error = None user = db.execute('SELECT * FROM user WHERE username = ?', (username, )).fetchone() if user is None: error = 'Incorrect username.' elif not check_password_hash(user['password'], password): error = 'Incorrect password.' if error is None: session.clear() session['user_id'] = user['id'] return redirect(url_for('index')) flash(error) return render_template('auth/login.html')
def index(): error = None if request.method == "POST": if 'file' not in request.files: error='No file part' file = request.files['file'] if file.filename == '': error='No selected file' if file and allowed_file(file.filename): lat=float(request.form.get("sirina")) longi=float(request.form.get("duzina")) if toclose(lat,longi) == 1: result = db.execute("INSERT INTO markers (user, latitude,longitude) VALUES (:user,:lat,:longi)", user=session["user_id"],lat=lat,longi=longi) ispisfile=str(result)+".jpg" file.save(os.path.join(UPLOAD_FOLDER ,ispisfile)) else: error="marker is too close" else: error="The file format must be .jpg" return render_template("index.html",error=error) else: return render_template("index.html",error=error)
def account(): error = None if request.method == "POST": rows = db.execute("SELECT * FROM users WHERE id = :id", id=session["user_id"]) name = request.form.get("username") email = request.form.get("email") passw = request.form.get("pass") newpassw = request.form.get("newpass") suc1 = 0 suc2 = 0 suc3 = 0 suc4 = 0 if name and name != rows[0]['username']: if len(name) < 5: return loadpage(error="Username is too short!") suc1 = 1 if email and email != rows[0]['email']: if len(email) < 5: return loadpage(error="Email is too short!") suc2 = 1 if passw: if not check_password_hash(rows[0]["password"], passw): return loadpage(error="You entered the wrong password!") if newpassw: if len(newpassw) < 8: return loadpage(error="Password is too short!") suc3 = 1 file = "" if 'file' in request.files: file = request.files['file'] if file.filename != '': if file and allowed_file(file.filename): suc4 = 1 else: return loadpage(error="Image format is not supported!") if suc1 == 1: update = db.execute( "UPDATE users SET username=:username WHERE id = :id", username=name, id=session["user_id"]) if not update: return loadpage(error="Username is already taken!") if suc2 == 1: update = db.execute("UPDATE users SET email=:email WHERE id = :id", email=email, id=session["user_id"]) if not update: return loadpage(error="Email is already taken!") if suc3 == 1: hash = generate_password_hash(newpassw) update = db.execute( "UPDATE users SET password=:passw WHERE id = :id", passw=hash, id=session["user_id"]) if suc4 == 1: extenzija = file.filename.rsplit('.', 1)[1].lower() id = session["user_id"] rows = db.execute("SELECT * FROM users WHERE id = :id", id=session["user_id"]) preavat = rows[0]['avatar'] inc = 0 if preavat[0] == 'd' and preavat[1] == 'e' and preavat[2] == 'f': inc = 1 else: preavat = preavat.replace('-', '.') preavat = preavat.split('.') if len(preavat) == 3: inc = int(preavat[1]) inc = inc + 1 else: inc = 1 ispisfile = str(id) + "-" + str(inc) + "." + extenzija file.save(os.path.join(UPLOAD_FOLDER, ispisfile)) update = db.execute("UPDATE users SET avatar=:avet WHERE id = :id", avet=ispisfile, id=session["user_id"]) return loadpage(error="Changes saved successfully!") else: return loadpage(error)
def loadpage(error): rows = db.execute("SELECT * FROM users WHERE id = :id", id=session["user_id"]) return render_template("profile.html",avatar=rows[0]['avatar'],\ name=rows[0]['username'],email=rows[0]['email'],error=error)