def login(before_page=None):
form = UserLoginForm()
if request.method == 'POST' and form.validate_on_submit():
error = None
db = Database()
user = db.executeAll("SELECT id,password FROM user WHERE id = '%s'" %
(form.username.data))
if len(user) == 0:
user = 0
else:
password = user[0]['password']
user = user[0]['id']
if user == 0:
error = "존재하지 않는 사용자입니다"
elif not password == form.password.data:
error = "비밀번호가 올바르지 않습니다."
if error is None:
session.clear()
session['user_id'] = user
print("이전 페이지:", before_page)
if before_page == 'checklist':
return redirect(url_for(before_page + '.checklist'))
elif before_page != None:
return redirect(url_for(before_page + '.list'))
return redirect(url_for('main.index'))
flash(error)
return render_template('/main/login.html', form=form)
def load_logged_in_user():
user_id = session.get('user_id')
if user_id is None:
g.user = None
g.idx = None
else:
db = Database()
g.user = db.executeOne("SELECT id,idx FROM user WHERE id = '%s' " %
(user_id))
g.idx = g.user['idx']
g.user = g.user['id']
def select():
db_class = Database()
sql = "SELECT idx, test \
FROM testDB.testTable"
row = db_class.executeAll(sql)
print(row)
return render_template('/test/test.html',
result=None,
resultData=row[0],
resultUPDATE=None)
def add():
db = Database()
form = ContentAddForm()
if request.method == 'POST' and not form.validate_on_submit():
error = "데이터 양식이 맞지 않습니다"
flash(error)
elif request.method == 'POST':
title = form.content_title.data.replace("%", "%%")
text = form.content_text.data.replace("%", "%%")
username = form.username.data
password = form.password.data
if isLogged() == '1':
password = db.executeAll(
"""SELECT password FROM user WHERE id='%s'""" %
(session.get('user_id')))[0]['password']
sql = """INSERT INTO board_content_table (board_content,board_content_title,write_time,write_user_name,content_password,write_ip,login_user)
VALUES ('%s','%s','%s','%s','%s','%s','%s');""" % (
text, title, datetime.now(), username, password, get_covered_ip(),
isLogged())
print(sql)
db.executeAll(sql)
db.commit()
return redirect(url_for("clone_board.list"))
return render_template('/main/board_add.html',
form=form,
modify=0,
username=session.get('user_id'))
def content(board_content_idx):
data = None
comment = None
db = Database()
form = CommentAddForm()
if request.method == 'POST' and ((form.validate_on_submit()) or
(session.get('user_id'))):
username = form.username.data
password = form.password.data
comment = form.content_text.data
comment_idx = db.executeAll(
"""SELECT COUNT(*) FROM comment_table WHERE board_idx='%s'""" %
(board_content_idx))
ip = get_covered_ip()
#로그인한 유저
if username == session.get('user_id'):
password = db.executeAll(
"""SELECT password FROM user WHERE id='%s'""" %
(username))[0]['password']
db.executeAll(
"""INSERT INTO comment_table (comment,username,password,write_time,board_idx,comment_idx,write_ip,login_user)
VALUES ('%s','%s','%s','%s','%s','%s','%s','%s')""" %
(comment, username, password, datetime.now(), board_content_idx,
comment_idx[0]['COUNT(*)'] + 1, ip, isLogged()))
db.commit()
return redirect(
url_for('clone_board.content',
board_content_idx=board_content_idx))
data = db.executeAll(
"""SELECT * FROM board_content_table WHERE board_content_idx = %s""" %
str(board_content_idx))
comment = db.executeAll(
"""SELECT * FROM comment_table WHERE board_idx = %s""" %
str(board_content_idx))
return render_template(
'/main/board_content.html',
content_test_list=data[0]['board_content'].split('\n'),
content=data,
form=form,
board_content_idx=board_content_idx,
comment_data=comment)
def list():
db = Database()
page = request.args.get('page', type=int, default=1)
page_unit = 30
if page == 1:
page = 0
searchMode = request.args.get('searchMode')
searchContent = request.args.get('content')
pageSQL, getCountSQL = getPageQuery(page, page_unit, searchMode,
searchContent)
contentCount = db.executeAll(getCountSQL)
contentCount = contentCount[0]['COUNT(write_user_name)']
content_list = db.executeAll(pageSQL)
#contentCount= db.executeAll(getAutoIncrementQuery())[0]['AUTO_INCREMENT'] -1
maxPage = int(contentCount / page_unit) + 1
if page > maxPage:
page = maxPage
flash("존재하지 않는 페이지입니다")
return redirect(url_for('clone_board.list'))
if page == 0:
page = 1
if page + 9 < maxPage:
maxPage = page + 9
page_btn_list = getPageBtnList(page, maxPage)
return render_template('/main/board.html',
content_list=content_list,
max_page=maxPage,
cur_page=page,
page_btn_list=page_btn_list,
searchMode=searchMode,
searchContent=searchContent)
def insert():
db_class = Database()
sql = "INSERT INTO test_db.testTable(test) \
VALUES ('%s')" % ('testData')
db_class.execute(sql)
db_class.commit()
return render_template('/test/test.html',
result='insert is done!',
resultData=None,
resultUPDATE=None)
def update():
db_class = Database()
sql = "UPDATE testDB.testTable \
SET test='%s' \
WHERE test='testData'" % ('update_Data')
db_class.execute(sql)
db_class.commit()
sql = "SELECT idx, test \
FROM testDB.testTable"
row = db_class.executeAll(sql)
return render_template('/test/test.html',
result=None,
resultData=None,
resultUPDATE=row[0])
def subCommentAdd(board_content_idx, parent_comment_idx):
db = Database()
form = CommentAddForm()
if request.method == "POST":
if form.validate_on_submit():
username = form.username.data
password = form.password.data
comment = form.content_text.data
comment_idx = db.executeAll(
"""SELECT COUNT(*) FROM comment_table WHERE board_idx='%s'""" %
(board_content_idx))
ip = get_covered_ip()
db.executeAll(
"""INSERT INTO comment_table (comment,username,password,write_time,board_idx,parent_comment_idx,comment_idx,write_ip,login_user)
VALUES ('%s','%s','%s','%s','%s','%s','%s','%s','%s')""" %
(comment, username, password, datetime.now(),
board_content_idx, parent_comment_idx,
comment_idx[0]['COUNT(*)'] + 1, ip, isLogged()))
db.commit()
else:
flash("wrong input")
return redirect(
url_for("clone_board.content", board_content_idx=board_content_idx))
def recommendProcess(board_content_idx, mode):
curIp = socket.gethostbyname(socket.gethostname())
db = Database()
#중복 체크
recommend_mode = "recommend"
if mode != 1:
recommend_mode = "unrecommend"
if session.get('user_id'):
data = db.executeAll(
"""SELECT * FROM recommend_table WHERE board_content_idx ='%s' and %s_ip='%s' and login_user='******'"""
% (str(board_content_idx), recommend_mode, str(curIp),
session.get('user_id')))
else:
data = db.executeAll(
"""SELECT * FROM recommend_table WHERE board_content_idx ='%s' and %s_ip='%s'"""
% (str(board_content_idx), recommend_mode, str(curIp)))
if len(data) != 0:
flash("중복된 요청입니다.")
else:
if session.get('user_id') != None:
db.executeAll(
"""INSERT INTO recommend_table (board_content_idx, %s_ip,login_user) VALUES (%s,'%s','%s') """
% (recommend_mode, board_content_idx, curIp,
session.get('user_id')))
else:
db.executeAll(
"""INSERT INTO recommend_table (board_content_idx, %s_ip) VALUES (%s,'%s') """
% (recommend_mode, board_content_idx, curIp))
db.executeAll(
"""UPDATE board_content_table SET %s=%s+1 WHERE board_content_idx='%s' """
% (recommend_mode, recommend_mode, str(board_content_idx)))
db.commit()
return redirect(
url_for("clone_board.content", board_content_idx=board_content_idx))
def delComment(board_content_idx, comment_password, comment_idx):
db = Database()
if session.get('user_id'):
data = db.executeAll(
"""SELECT username,login_user FROM comment_table WHERE board_idx = '%s' and comment_idx = '%s' """
% (str(board_content_idx), str(comment_idx)))
if (data[0]['username']
== session.get('user_id')) and data[0]['login_user'] == 1:
db.execute(
"""DELETE FROM comment_table WHERE comment_idx = '%s' """ %
str(comment_idx))
db.execute(
"""DELETE FROM comment_table WHERE parent_comment_idx = '%s' """
% str(comment_idx))
db.autoIncreSet("comment_table", "comment_idx")
db.commit()
else:
flash("wrong user")
else:
ansPassword = db.executeAll(
"""SELECT password FROM comment_table WHERE board_idx = '%s' """ %
str(board_content_idx))
ansPassword = ansPassword[int(comment_idx) - 1]['password']
if str(comment_password) == ansPassword:
db.execute(
"""DELETE FROM comment_table WHERE comment_idx = '%s' """ %
str(comment_idx))
db.execute(
"""DELETE FROM comment_table WHERE parent_comment_idx = '%s' """
% str(comment_idx))
db.autoIncreSet("comment_table", "comment_idx")
db.commit()
else:
flash("wrong password")
return redirect(
url_for("clone_board.content", board_content_idx=board_content_idx))
def delContent(board_content_idx, password=None):
db = Database()
data = db.executeAll(
"""SELECT write_user_name,login_user,content_password FROM board_content_table WHERE board_content_idx = '%s'"""
% str(board_content_idx))
username = data[0]['write_user_name']
loginUser = data[0]['login_user']
ansPassword = data[0]['content_password']
if loginUser == 1:
if username == session.get('user_id'):
db.execute(
"""DELETE FROM board_content_table WHERE board_content_idx = '%s'"""
% str(board_content_idx))
db.execute("""DELETE FROM comment_table WHERE board_idx = '%s'""" %
str(board_content_idx))
db.autoIncreSet("board_content_table", "board_content_idx")
db.commit()
else:
flash("wrong password")
return redirect(
url_for("clone_board.content",
board_content_idx=board_content_idx))
else:
if ansPassword == str(password):
db.execute(
"""DELETE FROM board_content_table WHERE board_content_idx = '%s'"""
% str(board_content_idx))
db.execute("""DELETE FROM comment_table WHERE board_idx = '%s'""" %
str(board_content_idx))
db.execute(
"""DELETE FROM recommend_table WHERE board_content_idx = '%s'"""
% str(board_content_idx))
db.autoIncreSet("board_content_table", "board_content_idx")
db.commit()
else:
flash("wrong password")
return redirect(
url_for("clone_board.content",
board_content_idx=board_content_idx))
return redirect(url_for("clone_board.list"))
def modify(board_content_idx, password=None):
db = Database()
data = db.executeAll(
"""SELECT * FROM board_content_table WHERE board_content_idx = %s""" %
str(board_content_idx))
error = None
form = ContentAddForm()
username = data[0]['write_user_name']
loginUser = data[0]['login_user']
ansPassword = data[0]['content_password']
#제출된 사항
if request.method == 'POST':
if form.validate_on_submit():
print(
"""UPDATE board_content_table SET write_time='%s',board_content_title='%s',board_content='%s' WHERE board_content_idx = '%s';"""
% (datetime.now(), form.content_title.data,
form.content_text.data, board_content_idx))
db.execute(
"""UPDATE board_content_table SET write_time='%s',board_content_title='%s',board_content='%s' WHERE board_content_idx = '%s';"""
% (datetime.now(), form.content_title.data,
form.content_text.data, board_content_idx))
db.commit()
return redirect(
url_for('clone_board.content',
board_content_idx=board_content_idx))
else:
error = "수정 데이터 양식이 맞지 않습니다"
flash(error)
return render_template('/main/board_add.html',
form=form,
board_content_idx=board_content_idx,
error=error)
#게시글 작성한 유저인 경우
if loginUser == 1 and (username == session.get('user_id')):
content_title = data[0]['board_content_title']
content_text = data[0]['board_content']
username = data[0]['write_user_name']
password = "******"
form = ContentAddForm(content_title=content_title,
content_text=content_text,
username=username,
password=password,
modify=True)
return render_template('/main/board_add.html',
form=form,
board_content_idx=board_content_idx,
error=error)
#유저긴한데 게시글 작성한 유저는 아님
elif loginUser == 1:
error = "wrong user"
flash(error)
#유동
elif ansPassword == password:
content_title = data[0]['board_content_title']
content_text = data[0]['board_content']
username = data[0]['write_user_name']
password = "******"
form = ContentAddForm(content_title=content_title,
content_text=content_text,
username=username,
password=password,
modify=True)
return render_template('/main/board_add.html',
form=form,
board_content_idx=board_content_idx,
error=error)
else:
error = "wrong password"
flash(error)
return redirect(
url_for('clone_board.content', board_content_idx=board_content_idx))
from flask import Blueprint, url_for, render_template, flash, request, session, g
from werkzeug.utils import redirect
from app.forms.forms import UserLoginForm
from app.module.dbModule import Database
from werkzeug.security import generate_password_hash, check_password_hash
db = Database()
login_bp = Blueprint('login', __name__, url_prefix='/')
@login_bp.route('/login/', methods=['GET', 'POST'])
@login_bp.route('/login/<string:before_page>', methods=['GET', 'POST'])
def login(before_page=None):
form = UserLoginForm()
if request.method == 'POST' and form.validate_on_submit():
error = None
db = Database()
user = db.executeAll("SELECT id,password FROM user WHERE id = '%s'" %
(form.username.data))
if len(user) == 0:
user = 0
else:
password = user[0]['password']
user = user[0]['id']
if user == 0:
error = "존재하지 않는 사용자입니다"
elif not password == form.password.data:
error = "비밀번호가 올바르지 않습니다."
def checklist():
db = Database()
if g.user == None:
return redirect(url_for('login.login',before_page='checklist'))
form = UserAddCheck()
user_idx = g.idx
check_list_data = db.executeAll("SELECT content,content_idx FROM check_list WHERE user_idx = '%s' " % (user_idx))
if request.method == 'POST' and form.content_idx.data != "":
delete_content_idx = int(form.content_idx.data)
db.execute("""DELETE FROM check_list WHERE content_idx='%s'""" % (str(delete_content_idx)))
db.commit()
form.content_idx.data = ""
return redirect(url_for('checklist.checklist'))
elif request.method == 'POST' and form.validate_on_submit():
data = form.checklist_input.data
db.execute("""INSERT INTO check_list (user_idx,content) VALUES ('%s','%s')""" % (user_idx, data))
db.commit()
return redirect(url_for('checklist.checklist'))
elif request.method == 'POST' and not form.validate_on_submit() and form.content_idx.data == "":
error = "입력데이터는 1자이상 100자 미만이어야 합니다."
flash(error)
return render_template('/main/checklist.html',form=form,check_list_data=check_list_data)