def login_user(): data = request.get_json() or {} if data['email'] == '': return bad_request("Please provide email.") elif data['password'] == '': return bad_request("Please provide password.") else: jwt_token = create_access_token(identity={'email': data['email']}) db_password_res = (c.execute( "SELECT PASSWORD FROM USERS WHERE email == '{}'".format( data['email']))).fetchone() if db_password_res is None: return bad_request("User with this email not registered.") else: db_password = db_password_res[0] if data['password'] == db_password: c.execute( "UPDATE users SET rand_str = '{}', logged_in = 1 WHERE email == '{}'" .format(jwt_token, data['email'])) conn.commit() response = jsonify({'token': jwt_token}) response.headers.add('Access-Control-Allow-Origin', '*') else: return bad_request("Invalid password.") return response
def changePassword(): cursor.execute( 'select name, login, passwordHash from account where id = %s', (current_user.id, )) user = cursor.fetchone() form = ChangePasswordForm() if form.validate_on_submit(): if check_password_hash( user[2], form.passwordOld.data ) and form.passwordNew1.data == form.passwordNew2.data: cursor.execute( 'update account set passwordHash = %s where id = %s', ( generate_password_hash(form.passwordNew1.data), current_user.id, )) conn.commit() flash('Пароль был успешно изменен') return redirect(url_for('account')) else: flash('Старый пароль введен неверно или новые пароли не совпадают') return redirect(url_for('changePassword')) return render_template('changePassword.html', title='Сменить пароль', form=form, user=user)
def delete(self, fields): try: sql = AllQuery.delete(self.table_name(self), fields) cursor.execute(sql) conn.commit() except ConnectionError as error: pass
def postAuth(): username = session['username'] filepath = request.form['filepath'] Followers = request.form['allFollowers'] Tag = request.form['tag'] time = datetime.now() if Followers == 'accept': allFollowers = 1 else: allFollowers = 0 caption = request.form['caption'] cursor = conn.cursor() cursor.execute('INSERT INTO Photo (postingDate, filepath, allFollowers, caption, photoPoster) VALUES(%s,%s,%s,%s,%s)', (time, filepath, allFollowers, caption, username)) cursor.execute('SELECT photoID FROM Photo WHERE photoID = (SELECT MAX(photoID) FROM Photo)') data = cursor.fetchone() photoID = data.get('photoID') cursor.execute('SELECT groupName, owner_username FROM BelongTo WHERE member_username = %s', (username)) data = cursor.fetchall() for line in data: groupName = line.get('groupName') owner = line.get('owner_username') if request.form[groupName] == 'accept': cursor.execute('INSERT INTO SharedWith VALUES(%s,%s,%s)', (owner, groupName, photoID)) if len(Tag) != 0: cursor.execute('SELECT * FROM Person WHERE username = %s', (Tag)) user = cursor.fetchone() if not (user): error = 'This user doesn\'t exist.' return render_template('post.html', data = data, error = error) cursor.execute('INSERT INTO Tagged VALUES(%s,%s,%s)', (Tag, photoID, 0)) conn.commit() cursor.close() return render_template('home.html')
def login(): if request.method == 'POST': if request.form['type'] == 'signin': # Query Database cur = conn.cursor() cur.execute("select email, username, password from accounts where email=%s", [request.form['email']]) data = cur.fetchone() # Fail conditions [no user by that email or password does not match] if data == None: return '', 298 if not bcrypt.verify(request.form['pass'], data[2]): return '', 299 # If good go to home page login_user(User(data[0], data[1]), remember=True, duration=timedelta(days=1)) return redirect(url_for('home'), 303) elif request.form['type'] == 'signup': try: albums = json.dumps([{ 'album_name': "My Gallery", 'images': [] }]) #Query Database cur = conn.cursor() # Attempt to add new user and login password = bcrypt.hash(request.form['pass']) cur.execute("insert into accounts (email, username, password, albums) values (%s, %s, %s, %s)", [request.form['email'], request.form['user'], password, albums]) conn.commit() login_user(User(request.form['email'], request.form['user']), remember=True, duration=timedelta(days=1)) return redirect(url_for('home'), 303) except psycopg2.IntegrityError: cur.execute('ROLLBACK') return '', 299 if current_user.is_authenticated: return redirect(url_for('home')) else: return render_template('login.html')
def account(): if current_user.idTypeAccountOne == 1: form = ChangeAccountTypeForm() else: form = ChangeAccountPriceForm() if current_user.idFirm != 1 and current_user.idTypeAccountTwo == 2: cursor.execute('select * from firm where id = %s;', (current_user.idFirm, )) firm = cursor.fetchone() else: firm = None if form.validate_on_submit(): if current_user.idTypeAccountOne == 1: cursor.execute( 'update account set idTypeAccountOne = %s where id = %s;', (form.typeAccountOne.data, current_user.id)) conn.commit() login_user(load_user(current_user.id)) flash('Тип учетной записи записан.') return redirect(url_for('account')) else: cursor.execute( 'update account set servicePrice = %s where id = %s;', (form.servicePrice.data, current_user.id)) conn.commit() login_user(load_user(current_user.id)) flash('Цена за услуги изменена.') return redirect(url_for('account')) return render_template('account.html', title='Личный кабинет', form=form, firm=firm)
def newAdvertisement(): if checkDataAccountFull() == 0: flash('Вы не заполнили данные профиля') return redirect(url_for('fillAccount')) if current_user.idTypeAccountOne != 3: flash('Вы не рекламодатель') return redirect(url_for('account')) form = NewAdvertisementForm() if form.validate_on_submit(): cursor.execute( 'insert into advertisement (title, image, numberDay, dateStart, dateFinish, idAccount, description) values (%s, %s, %s, %s, %s, %s, %s);', ( form.title.data, form.image.data, form.numberDay.data, date.today(), date.today() + timedelta(30), current_user.id, form.description.data, )) conn.commit() flash('Ваше объявление добавлено на 30 дней.') return redirect(url_for('advertisements')) return render_template('newAdvertisement.html', title='Новое объявление', form=form)
def add_mark(): with conn.cursor() as cursor: cursor.execute('select id, name from student;') students = [{'id': x[0], 'name': x[1]} for x in cursor.fetchall()] cursor.execute('select * from task;') tasks = [{'id': x[0]} for x in cursor.fetchall()] if request.method == 'POST' and is_admin: if request.form["stop"] == 'true': return render_template('add_mark.html', is_admin=is_admin) with conn.cursor() as cursor: cursor.execute(f'INSERT INTO mark (student_id, task_id, mark)\ VALUES (\'{int(request.form["student_id"])}\', {int(request.form["task_id"])},\ {request.form["mark"]});') cursor.execute('select mark.id, mark, name\ from (select max(id) as maxid from mark) as foo\ join mark on maxid=mark.id join student on mark.student_id = student.id;' ) try: x = cursor.fetchall() flash(f'Добавлена оценка: id: {x[0][0]}, оценка: {x[0][1]},\ имя: {x[0][2]}') except: flash('Что-то пошло не так, обратитесь к разработчику') conn.commit() return render_template('add_mark.html', students=students, tasks=tasks, is_admin=is_admin)
def setupprofile(): createprofile = CreateProfile() if request.method == "POST" and createprofile.validate_on_submit(): username = createprofile.username.data location= createprofile.location.data biography=createprofile.biography.data photo= createprofile.profilepic.data created_date=format_date_joined(datetime.datetime.now()) filename=secure_filename(photo.filename) photo.save(os.path.join(app.config['UPLOAD_FOLDER'],filename)) lastuserid= db.engine.execute("select userid from users order by userid desc limit 1") for last in lastuserid: userid=last.userid # insert into gallery and addphoto , get the id from that for profilepic db.engine.execute("insert into gallery(photourl) values('"+'/static/uploads/'+filename+"')") lastphotoid= db.engine.execute("select photoid from gallery order by photoid desc limit 1") for last in lastphotoid: photoid=last.photoid # db.engine.execute("insert into addphoto(photoid ,userid) values ('"+str(photoid)+"','"+str(userid)+"')") cur.execute("CALL addphotos("+str(photoid)+",'"+str(userid)+"')") conn.commit() db.engine.execute("insert into Profiles (userid,profilepic,username,biography,countryliving,createddate) values('"+str(userid)+"','"+str(photoid)+"','"+username+"','"+biography+"','"+location+"','"+format_date_joined(datetime.datetime.now())+"')") return redirect(url_for('login')) else: flash_errors(createprofile) return render_template('setupprofile.html',form=createprofile)
def add_student(): with conn.cursor() as cursor: cursor.execute('select * from "group";') groups = [{'id': x[0], 'chair': x[1]} for x in cursor.fetchall()] if request.method == 'POST' and is_admin: if request.form["stop"] == 'true': print('stop') return render_template('add_student.html', is_admin=is_admin) with conn.cursor() as cursor: cursor.execute( f'INSERT INTO student (group_id, name, birth, admission)\ VALUES ({int(request.form.get("group_id"))},\'{request.form["name"]}\',\ \'{request.form["bith"]}\', \'{request.form["admission"]}\');') cursor.execute('select id, group_id, name, birth, admission from\ (select max(id) as maxid from student) as foo\ join student on id = maxid;') try: x = cursor.fetchall() print(x) flash( f'Добавлен студент, id: {x[0][0]}, номер группы: {x[0][1]},\ ФИО: {x[0][2]}, дата рождения: {x[0][3]}, \ дата поступления: {x[0][0]}') except: flash('Что-то пошло не так, обратитесь к разработчику') conn.commit() return render_template('add_student.html', groups=groups, is_admin=is_admin)
def add_curr(): with conn.cursor() as cursor: cursor.execute('select * from subject;') subjects = [{'id': x[0], 'title': x[1]} for x in cursor.fetchall()] with conn.cursor() as cursor: cursor.execute('select * from "group";') groups = [{'id': x[0], 'title': x[1]} for x in cursor.fetchall()] if request.method == 'POST' and is_admin: try: if request.form["stop"] == 'true': return render_template('add_curr.html', is_admin=is_admin) with conn.cursor() as cursor: cursor.execute(f'INSERT INTO curriculum (subject_id, group_id)\ VALUES ({int(request.form.get("subject_id"))}, {int(request.form.get("group_id"))});' ) cursor.execute(f'select subject_id, group_id from curriculum \ where subject_id={int(request.form.get("subject_id"))}, group_id = {int(request.form.get("group_id"))};' ) x = cursor.fetchall() flash( f'Добавлена связь, номер предмета: {x[0][1]}, номер группы: {x[0][2]}' ) conn.commit() except: flash('Что-то пошло не так, обратитесь к разработчику') return render_template('add_curr.html', subjects=subjects, groups=groups, is_admin=is_admin)
def salvaEstimativa(): req = request.get_json() codProj = req['codProj'] modelo = req['modelo'] modo = req['modo'] loc = req['loc'] kloc = req['kloc'] esforco = req['esforco'] prazo = req['prazo'] produtividade = req['produtividade'] tam = req['tam'] cursor = conn.cursor() cursor.execute( "DELETE FROM bancoprojeto2020.estimativa WHERE Proj_Cod = %s", (codProj)) conn.commit() cursor.close() cursor = conn.cursor() cursor.execute( "INSERT INTO bancoprojeto2020.estimativa(Est_Modelo,Est_Modo,Est_Loc,Est_Kloc,Est_Esforco,Est_Prazo,Est_Produtividade,Est_TamEquipe,Proj_Cod) VALUES (%s,%s,%s,%s,%s,%s,%s,%s,%s)", (modelo, modo, loc, kloc, esforco, prazo, produtividade, tam, codProj)) conn.commit() cursor.close() operacao = True return jsonify(operacao=operacao)
def alterarproj(): if request.method == "POST": id = request.form['id'] nome = request.form['nome'] gerente = request.form['gerente'] descricao = request.form['descricao'] cod = request.form.get('tc') tempocontagem = request.form['tempocontagem'] temporeal = request.form['temporeal'] datainicio = request.form['datainicio'] dataprevista = request.form['dataprevista'] fct = request.form['fct'] lingcod = request.form.get('ling') escopo = request.form.get('escopo') cursor = conn.cursor() cursor.execute( "UPDATE bancoprojeto2020.projeto SET TC_Cod=%s,Proj_Nome=%s,Proj_Descricao=%s,Proj_TempoContagem=%s,Proj_TempoReal=%s,Proj_Gerente=%s,Proj_DataInicio=%s,Proj_DataP=%s,Proj_FCT=%s, Ling_Cod=%s, Proj_Escopo=%s WHERE Proj_Cod=%s", (cod, nome, descricao, tempocontagem, temporeal, gerente, datainicio, dataprevista, fct, lingcod, escopo, id)) conn.commit() cursor.close() flash("Alterado com Sucesso!") return redirect(url_for('projeto.cadProjeto'))
def setArticle(self, image_name, artic_name, artic_descr, artic_categ): cursor.execute( 'INSERT INTO articles(image_name, artic_name, artic_descr) VALUES(%s, %s, %s)', (image_name, artic_name, artic_descr)) cursor.execute('INSERT INTO categories(artic_categ) VALUES(%s)', (artic_categ)) conn.commit() cursor.execute( 'SELECT artic_id FROM articles WHERE artic_name=%s ORDER By artic_id DESC LIMIT 1', (artic_name)) artic_ind = (cursor.fetchone()) cursor.execute( 'SELECT categ_id FROM categories WHERE artic_categ=%s ORDER By categ_id DESC LIMIT 1', (artic_categ)) categ_ind = cursor.fetchone() cursor.execute( 'INSERT INTO cat_art(artic_id, categ_id) VALUES(%s, %s)', (artic_ind[0], categ_ind[0])) conn.commit()
def newShield(): if checkDataAccountFull() == 0: flash('Вы не заполнили данные профиля') return redirect(url_for('fillAccount')) if current_user.idTypeAccountOne != 4: flash('Вы не установщик') return redirect(url_for('account')) form = NewShieldForm() if form.validate_on_submit(): if form.image.data == "": form.image.data = 'http://manual-m.ru/wp-content/uploads/2019/10/no-image-300x300.jpeg' cursor.execute( 'insert into shield (title, image, address, price, idAccount, description) values (%s, %s, %s, %s, %s, %s);', ( form.title.data, form.image.data, form.address.data, form.price.data, current_user.id, form.description.data, )) conn.commit() flash('Ваш щит добавлен в базу.') return redirect(url_for('shields')) return render_template('newShield.html', title='Новый щит', form=form)
def createpost(option): createpost = CreatePost() textpost=createpost.text.data postDate='2020-04-24' postTime='12:09:00' if request.method == "POST": # print("went into function") if(textpost!=""): print("textpost") db.engine.execute("insert into posts(content,ctype, postDateTime) values('"+textpost+"','text','"+str(datetime.datetime.now())+"')") else: photo= createpost.image.data # created_date=format_date_joined(datetime.datetime.now()) filename=secure_filename(photo.filename) photo.save(os.path.join(app.config['UPLOAD_FOLDER'],filename)) db.engine.execute("insert into gallery(photourl) values('"+'/static/uploads/'+filename+"')") lastphotoid= db.engine.execute("select photoid from gallery order by photoid desc limit 1") for last in lastphotoid: photoid=last.photoid # db.engine.execute("insert into addphoto(photoid ,userid) values ('"+str(photoid)+"','"+session['userid']+"')") cur.execute("CALL addphotos("+str(photoid)+",'"+str(session['userid'])+"')") conn.commit() db.engine.execute("insert into posts(content,ctype, postDateTime) values('"+'/static/uploads/'+filename+"','image','"+str(datetime.datetime.now())+"')") lastpostid= db.engine.execute("select postId from posts order by postid desc limit 1") for last in lastpostid: postId=last.postid # db.engine.execute("insert into user_post_log(postid ,userid) values ('"+str(postId)+"','"+session['userid']+"')") cur.execute("CALL adduserposts("+str(postId)+",'"+str(session['userid'])+"')") conn.commit() return redirect(url_for('posts'))
def newFirm(): form = NewFirmForm() if form.validate_on_submit(): cursor.execute( 'select * from firm where inn = %s or email = %s or phone = %s;', ( form.inn.data, form.email.data, form.phone.data, )) firm = cursor.fetchone() if firm: flash('Фирма с таким ИНН, email или телефоном уже существует.') return redirect(url_for('newFirm')) cursor.execute( 'insert into firm (inn, name, email, phone) values (%s, %s, %s, %s);', ( form.inn.data, form.name.data, form.email.data, form.phone.data, )) conn.commit() flash('Фирма добавлена в базу.') return redirect(url_for('firms')) return render_template('newFirm.html', title='Добавление фирмы', form=form)
def adicionaAtributo(codProj, lista): sql = "INSERT INTO bancoprojeto2020.atributo (AT_Descricao,Tab_Cod,Proj_Cod) VALUES " sql2 = "" tam = len(lista) i = 1 while i < tam: j = 0 tam2 = len(lista[i]) sql2 = "SELECT Tab_Cod FROM bancoprojeto2020.tabela WHERE Tab_Nome = '" + lista[ i - 1] + "' AND Proj_Cod = " + codProj cursor = conn.cursor() cursor.execute(sql2) res = cursor.fetchone() cursor.close() Tab_Cod = res[0] while j < tam2: sql += "(" + "'" + lista[i][j] + "'" + "," + str( Tab_Cod) + "," + str(codProj) + ")," j = j + 1 i = i + 2 result = sql.rstrip(',') cursor = conn.cursor() linhasAfetadas = cursor.execute(result) conn.commit() cursor.close() operacao = False if linhasAfetadas > 0: operacao = True return operacao
def createAccount(): if current_user.is_authenticated: flash('Для регистрации нового аккаунта выйдите из существующего') return redirect(url_for('account')) form = CreateAccountForm() if form.validate_on_submit(): cursor.execute('select * from account where login = %s;', (form.login.data, )) user = cursor.fetchone() if user: flash('Учетная запись с таким логином уже существует!') return redirect(url_for('createAccount')) if form.passwordOne.data == form.passwordTwo.data: cursor.execute( 'insert into account (login, passwordHash, idTypeAccountOne, idTypeAccountTwo, idFirm) values (%s, %s, 1, 1, 1);', ( form.login.data, generate_password_hash(form.passwordOne.data), )) conn.commit() cursor.execute('select id from account where login = %s;', (form.login.data, )) user = cursor.fetchone() login_user(load_user(user[0]), remember=0) flash('Учетная запись создана успешно. Заполните данные профиля.') return redirect(url_for('fillAccount')) else: flash('Пароли не совпадают.') return redirect(url_for('createAccount')) return render_template('createAccount.html', title='Создание аккаунта', form=form)
def deletarScript(codProj): cursor = conn.cursor() cursor.execute( "SELECT Tab_Cod FROM bancoprojeto2020.tabela WHERE Proj_Cod=%s", (codProj)) results = cursor.fetchall() cursor.close() for tabelaCod in results: cursor = conn.cursor() cursor.execute( "DELETE FROM bancoprojeto2020.atributo WHERE Tab_Cod = %s", (tabelaCod)) conn.commit() cursor.close() cursor = conn.cursor() linhasAfetadas = cursor.execute( "DELETE FROM bancoprojeto2020.tabela WHERE Proj_Cod = %s", (codProj)) conn.commit() cursor.close() operacao = True if linhasAfetadas == 0: operacao = False return jsonify(operacao=operacao)
def notificationsAuth(): username = session['username'] cursor = conn.cursor() cursor.execute('SELECT username_follower FROM Follow WHERE username_followed = %s AND followstatus = 0', (username)) data = cursor.fetchall() for line in data: follower = line.get('username_follower') if request.form[follower] == 'accept': cursor.execute('UPDATE Follow SET followstatus = 1 WHERE username_followed = %s AND username_follower = %s', (username, follower)) elif request.form[follower] == 'deny': cursor.execute('DELETE FROM Follow WHERE username_followed = %s AND username_follower = %s', (username, follower)) else: pass cursor.execute('SELECT photoID FROM Tagged WHERE username = %s AND tagstatus = 0', (username)) data = cursor.fetchall() for line in data: photoID = line.get('photoID') if request.form[str(photoID)] == 'accept': cursor.execute('UPDATE Tagged SET tagstatus = 1 WHERE username = %s AND photoID = %s', (username, photoID)) elif request.form[str(photoID)] == 'deny': cursor.execute('DELETE FROM Tagged WHERE username = %s AND photoID = %s', (username, photoID)) else: pass conn.commit() cursor.close() return render_template('home.html', username = session['username'])
def buy(oid): if not current_user.is_authenticated: return redirect(url_for('login')) cursor.execute("SELECT prize,users.id,name\ FROM items,market,users\ WHERE items.id = item_id AND users.id = user_id AND items.id=%s" % oid) res = cursor.fetchone() cursor.execute("SELECT * FROM users WHERE id=%s" % res[1]) owner = User(cursor.fetchone()) if res[0] > current_user.gold: flash("金币不足!") return redirect(url_for('market')) gold = current_user.gold - int(res[0]) owner_gold = owner.gold + int(res[0]) cursor.execute("DELETE FROM market WHERE item_id=%s" % oid) cursor.execute("UPDATE users SET gold = %s WHERE id=%s" % (gold, current_user.id)) cursor.execute("UPDATE users SET gold = %s WHERE id=%s" % (owner_gold, owner.id)) cursor.execute("DELETE FROM storage WHERE item_id=%s AND user_id = %s " % (oid, owner.id)) cursor.execute("INSERT INTO storage (user_id,item_id) VALUES (%s,%s)" % (current_user.id, oid)) is_full() conn.commit() flash("成功购买" + res[2] + "!") return redirect(url_for('market'))
def registerAuth(): #form request username = request.form['username'] password = request.form['password'] firstName = request.form['First Name'] lastName = request.form['Last Name'] bio = request.form['Bio'] #hashing password hashword = hashlib.sha256(password.encode()) newpassword = (hashword.hexdigest()) cursor = conn.cursor() query = 'SELECT * FROM person WHERE username = %s' cursor.execute(query, (username)) data = cursor.fetchone() error = None if(data): error = "This user already exists" return render_template('register.html', error = error) else: ins = 'INSERT INTO person VALUES(%s, %s, %s, %s, %s)' cursor.execute(ins, (username, newpassword, firstName, lastName, bio)) conn.commit() cursor.close() return render_template('index.html')
def is_full(): min = {"_id": "0", "value": 100000} cursor.execute( "select items.id, items.name, items.type, items.value, items.rare\ from items, users, storage\ where items.id=storage.item_id and users.id=storage.user_id and users.id=%s" % current_user.id) res = cursor.fetchall() items = [] for i in res: item = Item(i) items.append(item) if len(items) >= MAX_ITEM: for item in items: if item.value < min["value"]: min["_id"] = item.id min["value"] = item.value cursor.execute( "DELETE FROM storage WHERE item_id=%s AND user_id = %s " % (min['_id'], current_user.id)) cursor.execute("INSERT INTO explore VALUES (%s)" % min['_id']) conn.commit() return True else: return False
def adicionaContagem(): req = request.get_json() contCod = req['contCod'] fCod = req['fCod'] pCod = req['pCod'] tpCod = req['tpCod'] desc = req['desc'] td = req['td'] tr = req['tr'] complexidade = req['complexidade'] pf = req['pf'] cursor = conn.cursor() if contCod == '0': cursor.execute( "INSERT INTO bancoprojeto2020.contagem (Fun_Cod,TP_Cod,Proj_Cod,Cont_Descricao,Cont_TD,Cont_TR,Cont_Complexidade,Cont_Contribuicao) VALUES (%s,%s,%s,%s,%s,%s,%s,%s)", (fCod, tpCod, pCod, desc, td, tr, complexidade, pf)) conn.commit() cursor.close() else: cursor.execute( "UPDATE bancoprojeto2020.contagem SET TP_Cod=%s,Cont_Descricao=%s, Cont_TD=%s, Cont_TR=%s, Cont_Complexidade=%s, Cont_Contribuicao=%s WHERE Cont_Cod=%s", (tpCod, desc, td, tr, complexidade, pf, contCod)) conn.commit() cursor.close cursor = conn.cursor() cursor.execute( "SELECT MAX(Cont_Cod) FROM bancoprojeto2020.contagem WHERE Proj_Cod=%s", (pCod)) cod = cursor.fetchall()[0] cursor.close() return jsonify(cod=cod)
def addRequest(data): if 'authorised' not in session or not session['authorised']: emit('denyRequest', room=request.sid) return # Add skate information to database id = str(uuid.uuid4()) skateInfo = (id, data['time'], float(data['size']), (1 if data['age'] == 'youth' else 0), ('figure', 'hockey', 'speed').index(data['type']), 0) db.execute("INSERT INTO skates VALUES(?, ?, ?, ?, ?, ?)", skateInfo) conn.commit() # Add skate information to memory queue queueItem = { 'time': data['time'], 'size': float(data['size']), 'age': data['age'], 'type': data['type'], 'status': 0 } queue[id] = queueItem print('+ {}: Size {}{} {}'.format(id, data['size'], ('Y' if data['age'] == 'youth' else ''), data['type'])) # Acknowledge addition emit('addSuccess', id, room=request.sid) emit('pubRequest', dict({'id': id}, **queueItem), broadcast=True)
def newAccount(): cursor.execute('select name, login, status from account where id = %s', (current_user.id, )) user = cursor.fetchone() if user[2] == 0: flash('Отказано в доступе') return redirect(url_for('account')) form = CreateAccountForm() if form.validate_on_submit(): cursor.execute('select * from account where login = %s', (form.login.data, )) check_user = cursor.fetchone() if check_user: flash('Учетная запись с таким логином уже существует!') return redirect(url_for('newAccount')) cursor.execute( 'insert into account (login, passwordHash, name, status) values (%s, %s, %s, %s);', ( form.login.data, generate_password_hash(form.password.data), form.name.data, form.level.data, )) conn.commit() flash('Учетная запись для {} создана успешно!'.format(form.name.data)) flash('Login: {}'.format(form.login.data)) flash('Password: {}'.format(form.password.data)) return redirect(url_for('account')) return render_template('newAccount.html', title='Создание аккаунта', form=form, user=user)
def add_user(): global name global phone_number global gender global twitter_id global email global password name = request.form.get('username') email = request.form.get('useremail') password = sha256_crypt.encrypt( (str(request.form.get('userpassword')))) # Hashing passwords phone_number = request.form.get('userphone') gender = request.form.get('gender') twitter_id = request.form.get('twitter_id') cursor.execute("""INSERT INTO `users` (`user_id`,`name`,`email`,`password`,`phone_number`,`gender`,`twitter_id`) VALUES (NULL,'{}','{}','{}','{}','{}','{}')""".format( name, email, password, phone_number, gender, twitter_id)) conn.commit() cursor.execute( """SELECT * FROM `users` WHERE `email` LIKE '{}' AND `password` LIKE '{}' """.format(email, password)) user = cursor.fetchone() twitter_id = user[6] # Gets twitter id a = api.twitter_api(twitter_id) # Calls twitter api res = ml.predict(a) # Gets prediction using ML per_map = {0: 'ENFJ', 1: 'ENFP', 2: 'ENTJ', 3: 'ENTP', 4: 'ESFJ', 5: 'ESFP', 6: 'ESTJ', 7: 'ESTP', 8: 'INFJ', 9: 'INFP', 10: 'INTJ', 11: 'INTP', 12: 'ISFJ', 13: 'ISFP', 14: 'ISTJ', 15: 'ISTP'} # Bayers personailty index personality_index = per_map[res] print(personality_index) cursor.execute( """SELECT * FROM `users` WHERE `email` LIKE '{}' AND `password` LIKE '{}' """.format(email, password)) user = cursor.fetchone() cursor.execute("""UPDATE `users` set personality_index='{}' WHERE email='{}' """.format( personality_index, email)) # Stores personality index conn.commit() return redirect('/login')
def change_book(): if current_user.id != 1: flash('Данная страница не доступна для Вас!') return redirect(url_for('index')) global id_book if id_book == None: flash('Вы не выбрали книгу для изменения!') return redirect(url_for('books')) form = ChangeBookForm() if form.validate_on_submit(): cursor.execute( 'update book set price = %s, quantity_in_stock = %s, image = %s, description = %s where id = %s;', ( form.price.data, form.quantity_in_stock.data, form.image.data, form.description.data, id_book, )) conn.commit() flash('Данные изменены!') id_book = None return redirect(url_for('books')) elif request.method == 'GET': cursor.execute( 'select price, quantity_in_stock, image, description from book where id = %s;', (id_book, )) book = cursor.fetchone() form.price.data = book[0] form.quantity_in_stock.data = book[1] form.image.data = book[2] form.description.data = book[3] return render_template('new_book.html', title='Редактирование книги', form=form)
def joingroupAuth(): username = session['username'] group = request.form['Friend Group'] groupleader = request.form['Group Creator'] cursor = conn.cursor() query = 'SELECT * FROM Friendgroup WHERE groupName = %s AND groupOwner = %s' cursor.execute(query, (group, groupleader)) data = cursor.fetchone() error = None if (data): cursor.execute( 'SELECT * FROM BelongTo WHERE member_username = %s AND owner_username = %s AND groupName = %s', (username, groupleader, group)) data = cursor.fetchone() if (data): error = 'You already belong to this group.' return render_template('joingroup.html', error=error) else: cursor.execute('INSERT INTO BelongTo VALUES(%s,%s,%s)', (username, groupleader, group)) conn.commit() cursor.close() return render_template('home.html', username=session['username']) else: error = 'Incorrect Group Name and/or Group Creator' return render_template('joingroup.html', error=error)