Exemplo n.º 1
0
def test_get_close_db(app):
    with app.app_context():
        db = get_db()
        assert db is get_db()

    with pytest.raises(sqlite3.ProgrammingError) as e:
        db.execute('SELECT 1')

    assert 'closed' in str(e)
Exemplo n.º 2
0
def index():
    
    add_post_form = PostForm()

    if request.method == "GET":

        # get the DB connection
        db = get_db()

        # retrieve all posts
        posts = db.execute(
            'SELECT p.id, title, body, created, author_id, firstname , lastname, likes, dislikes'
            ' FROM post p JOIN user u ON p.author_id = u.id'
            ' ORDER BY created DESC'
        ).fetchall()

        # render 'blog' blueprint with posts
        # return render_template('blog/index.html', posts = posts )

    else :
        
        if add_post_form.validate_on_submit():

            # read post values from the form
            title = add_post_form.title.data
            body = add_post_form.body.data 

            # read the 'uid' from the session for the current logged in user
            author_id = session['uid']

            # get the DB connection
            db = get_db()
            
            # insert post into database
            try:
                # execute the SQL insert statement
                db.execute("INSERT INTO post (author_id, title, body) VALUES (?, ?,?);", (author_id, title, body))
                
                # commit changes to the database
                db.commit()
                flash('You were successfully Add')
                return redirect('/posts') 

            except sqlite3.Error as er:
                print(f"SQLite error: { (' '.join(er.args)) }")
                return redirect("/404")

        # if the user is not logged in, redirect to '/login' 
        if "uid" not in session:
            return redirect('/login')
        
        # else, render the template
    return render_template("blog/index.html", form = add_post_form , posts = posts)
Exemplo n.º 3
0
def app():
    db_fd, db_path = tempfile.mkstemp()

    app = create_app({
        'TESTING': True,
        'DATABASE': db_path,
    })

    with app.app_context():
        init_db()
        get_db().executescript(_data_sql)

    yield app

    os.close(db_fd)
    os.unlink(db_path)
Exemplo n.º 4
0
def login():
    """Log in a registered user by adding the user id to the session."""
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None
        user = db.execute(
            'SELECT * FROM user WHERE username = ?', (username,)
        ).fetchone()

        if user is None:
            error = 'Incorrect username.'
        elif not check_password_hash(user['password'], password):
            error = 'Incorrect password.'

        if error is None:
            # store the user id in a new session and return to the index
            session.clear()
            session['user_id'] = user['id']
            return redirect(url_for('index'))

        flash(error)

    return render_template('auth/login.html')
Exemplo n.º 5
0
def add_user():

    if request.method == 'GET':
        # render add user blueprint
        return render_template('user/index.html')
    else:
        username = request.form['username']
        first_name = request.form['first_name']
        last_name = request.form['last_name']
        password = request.form['password']

        # get the DB connection
        db = get_db()

        # insert user into DB
        try:
            # execute our insert SQL statement
            db.execute(
                "INSERT INTO user (username, password, firstname, lastname) VALUES (?, ?, ?, ?);",
                (username, password, first_name, last_name))

            # write changes to DB
            db.commit()

            return redirect(url_for('/home'))

        except sqlite3.Error as er:
            print('SQLite error: %s' % (' '.join(er.args)))
            return redirect("/404")
Exemplo n.º 6
0
def add_post():
    add_post_form = AddPostForm
    if add_post.validate_on_submit():

        # read post values from the form
        title = add_post_form.title.data
        body = add_post_form.body.data
        # read the 'uid' from the session for the current logged in user
        author_id = session['uid']

        # get the DB connection
        db = get_db()
        
        # insert post into database
        try:
            # execute the SQL insert statement
            db.execute("INSERT INTO post (author_id, title, body) VALUES (?, ?,?);", (author_id,title, body))
            
            # commit changes to the database
            db.commit()
            
            return redirect('/posts') 

        except sqlite3.Error as er:
            print('SQLite error: %s' % (' '.join(er.args)))
            return redirect("/404")
    else:
        # if the user is not logged in, redirect to '/login' 
        if "uid" not in session:
            return redirect('/login')
        
        # else, render the template
        return render_template("blog/add-post.html")
Exemplo n.º 7
0
def login():
    #create an instance of the form
    login=LoginForm()

    if login.validate_on_submit():
        #read values from loginform 
        username=login.username.data
        password=login.password.data
        # get the DB connection
        db = get_db()
        
        # insert user into db
        try:
            # get user by username
            user= db.execute('SELECT * FROM user WHERE username LIKE ?',(username,)).fetchone()
            # check if username exists
            if user  != None:
                # check if credentials are valid
                if user['username'] == username and user['password'] == password:
                    # store the user ID in the session  
                    session['uid']= user['id']  
                    session['username'] = user['username']
                    return redirect("/posts")

        except sqlite3.Error as er:
            print('SQLite error: %s' % (' '.join(er.args)))
            return redirect("/404")
Exemplo n.º 8
0
def edit_user():
    form = UserForm()
    eform = EditForm()
    if request.method == 'GET':
        # render add user blueprint
        return render_template('user/edit.html', formn=eform, formo=form)
    else:

        n_f_n = eform.first_name.data
        n_l_n = eform.last_name.data
        o_f_n = form.first_name.data
        o_l_n = form.last_name.data
        db = get_db()
        # get all users from the db
        try:
            # execute our insert SQL statement
            # db.execute("UPDATE user SET first_name=? ,last_name=?  WHERE first_name=? ",(n_f_n,n_l_n,o_f_n))
            # sql = "UPDATE user SET first_name = %s WHERE last_name = %s"
            # val = ("hiiii","blus")
            db.execute(
                "UPDATE user SET first_name = 'hiii' WHERE last_name = 'blus'")

            # write changes to DB
            db.commit()

            return redirect("/users")

        except sqlite3.Error as er:
            print('SQLite error: %s' % (' '.join(er.args)))
            return redirect("/404")
Exemplo n.º 9
0
def add_user():

    form = UserForm()
    if request.method == 'GET':
        # render add user blueprint
        return render_template('user/index.html', form=form)
    else:

        first_name = form.first_name.data
        last_name = form.last_name.data
        password = form.password.data

        # get the DB connection
        db = get_db()

        # insert user into DB
        try:
            # execute our insert SQL statement
            db.execute(
                "INSERT INTO user (first_name,last_name,password) VALUES (?,?,?);",
                (first_name, last_name, password))

            # write changes to DB
            db.commit()

            return redirect("/users")

        except sqlite3.Error as er:
            print('SQLite error: %s' % (' '.join(er.args)))
            return redirect("/404")
Exemplo n.º 10
0
def add_user():

    #create an instance of the form
    signup_form = SignupForm()
    #  add user blueprint

    if signup_form.validate_on_submit():
        #read the username from the form
        username = signup_form.username.data

        password = signup_form.password.data
        # get the DB connection
        db = get_db()

        # insert user into DB
        try:
            print(f"trying to add {username}:{password}")
            # execute our insert SQL statement
            db.execute("INSERT INTO user (username, password) VALUES (?, ?);",
                       (username, password))

            # write changes to DB
            db.commit()

            return redirect("/users")

        except sqlite3.Error as er:
            print('SQLite error: %s' % (' '.join(er.args)))
            return redirect("/404")
    return render_template('user/index.html', form=signup_form)
def login():
    if request.method == "GET":
        # render the login template
        return render_template('login/login.html')
    else:
        # read values from the login form
        username = request.form['username']
        password = request.form['password']

        # get the DB connection
        db = get_db()

        # insert user into db
        try:
            user = db.execute('SELECT * FROM user WHERE username LIKE ?',
                              (username, )).fetchone()
            if user != None:
                if user['username'] == username and user[
                        'password'] == password:
                    session['uid'] = user['id']
                    return redirect("/posts")

        except sqlite3.Error as er:
            print('SQLite error: %s' % (' '.join(er.args)))
            return redirect("/404")
Exemplo n.º 12
0
def add_user():

    user = AddUserForm()

    if user.validate_on_submit():

        username = user.username.data
        password = user.password.data
        first_name = user.first_name.data
        last_name = user.last_name.data
        biography = user.biography.data
        # get the DB connection
        db = get_db()

        # insert user into DB
        try:
            # execute our insert SQL statement
            db.execute(
                "INSERT INTO user (username, password , firstname , lastname , biography ) VALUES (?, ? , ? , ?, ?);",
                (username, password, first_name, last_name, biography))

            # write changes to DB
            db.commit()

            return redirect("/users")

        except sqlite3.Error as er:
            print('SQLite error: %s' % (' '.join(er.args)))
            return redirect("/404")

    return render_template('user/index.html', form=user)
Exemplo n.º 13
0
def add_post():

    # create instance of our form
    add_post_form = AddPostForm()

    # handle form submission
    if add_post_form.validate_on_submit():
        # read post values from the form
        title = add_post_form.title.data
        body = add_post_form.body.data

        # read the 'uid' from the session for the current logged in user
        author_id = session['uid']

        # get the DB connection
        db = get_db()

        try:
            # insert post into database
            db.execute(
                "INSERT INTO post (author_id, title, body) VALUES (?, ?,?);",
                (author_id, title, body))

            # commit changes to the database
            db.commit()

            return redirect('/posts')

        except sqlite3.Error as er:
            print('SQLite error: %s' % (' '.join(er.args)))
            return redirect("/404")

    # render the template
    return render_template("blog/add-post.html", form=add_post_form)
Exemplo n.º 14
0
def register():
    """Register a new user.

    Validates that the username is not already taken. Hashes the
    password for security.
    """
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None

        if not username:
            error = 'Username is required.'
        elif not password:
            error = 'Password is required.'
        elif db.execute(
            'SELECT id FROM user WHERE username = ?', (username,)
        ).fetchone() is not None:
            error = 'User {0} is already registered.'.format(username)

        if error is None:
            # the name is available, store it in the database and go to
            # the login page
            db.execute(
                'INSERT INTO user (username, password) VALUES (?, ?)',
                (username, generate_password_hash(password))
            )
            db.commit()
            return redirect(url_for('auth.login'))

        flash(error)

    return render_template('auth/register.html')
Exemplo n.º 15
0
def register():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        # Initializa db connection
        db = get_db()
        error = None

        # Validate register form input and if user exists on the database
        if not username:
            error = 'Username is required'
        elif not password:
            error = 'Password is required'
        elif db.execute('SELECT id FROM user WHERE username = ?',
                        (username, )).fetchone() is not None:
            error = 'User {} is already registered'.format(username)

        if error is None:
            db.execute('INSERT INTO user (username, password) VALUES (?, ?)',
                       (username, generate_password_hash(password)))
            db.commit()
            return redirect(url_for('auth.login'))

        flash(error)

    return render_template('auth/register.html')
Exemplo n.º 16
0
def register():

    if request.method == 'POST':

        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None

        # if username is not set
        if not username:
            error = 'Username is required.'
        # if password is not set
        elif not password:
            error = 'Password is required.'

        elif db.execute('SELECT id from user WHERE username = ?',
                        (username, )).fetchone() is None:
            error = 'User {} is already registered.'.format(username)

        if error is None:
            db.execute('INSERT INTO user(username, password) VALUES (?,?)',
                       (username, generate_password_hash(password)))
            db.commit()
            return redirect(url_for('auth.login'))
        flash(error)
    return render_template('auth/register.html')
Exemplo n.º 17
0
def full_post(id):
    db = get_db()
    posts = db.execute("select title, body,created from post where id = ?",
                       (id, ))
    if posts is None:
        abort(404, "Post doesn't exist.".format(id))
    return render_template('article.html', posts=posts)
Exemplo n.º 18
0
def delete_user(user_id):
    # get the DB connection
    db = get_db()

    db.execute(f"DELETE FROM user WHERE id = {user_id} ")
    db.commit()

    return redirect(url_for("user.get_users"))
Exemplo n.º 19
0
def create_entry():
    db = get_db()
    db.execute(
        'insert into posts (title, content, created_at, updated_at) \
        values (?, ?, date(\'now\'), date(\'now\'))',
        [request.form['title'], request.form['content']])
    db.commit()
    return redirect(url_for('index'))
Exemplo n.º 20
0
def load_logged_in_user():
    user_id = session.get('user_id')

    if user_id is None:
        g.user = None
    else:
        g.user = get_db().execute('SELECT * FROM user WHERE id = ?',
                                  (user_id, )).fetchone()
Exemplo n.º 21
0
def index():
    db = get_db()
    posts = db.execute(
        'SELECT p.id, title, body, created, author_id, username'
        ' FROM post p JOIN user u ON p.author_id = u.id'
        ' ORDER BY created DESC'
    ).fetchall()
    return render_template('blog/index.html', posts=posts)
Exemplo n.º 22
0
def test_delete(client, auth, app):
    auth.login()
    response = client.post('/1/delete')
    assert response.headers['Location'] == 'http://localhost/'

    with app.app_context():
        db = get_db()
        post = db.execute('SELECT * FROM post WHERE id = 1').fetchone()
        assert post is None
Exemplo n.º 23
0
def test_update(client, auth, app):
    auth.login()
    assert client.get('/1/update').status_code == 200
    client.post('/1/update', data={'title': 'updated', 'body': ''})

    with app.app_context():
        db = get_db()
        post = db.execute('SELECT * FROM post WHERE id = 1').fetchone()
        assert post['title'] == 'updated'
Exemplo n.º 24
0
def delete_post(post_id):

    # get the DB connection
    db = get_db()

    db.execute(f"DELETE FROM post WHERE id = {post_id} ")
    db.commit()

    return redirect(url_for("blog.myposts"))
Exemplo n.º 25
0
def index():
    db = get_db()
    posts = db.execute(
        'SELECT p.id, title, text, date, author_id, username'
        ' FROM post p JOIN user u ON p.author_id = u.id'
        ' ORDER BY date DESC'
    ).fetchall()

    return render_template('site/index.html', posts=posts)
Exemplo n.º 26
0
def test_create(client, auth, app):
    auth.login()
    assert client.get('/create').status_code == 200
    client.post('/create', data={'title': 'created', 'body': ''})

    with app.app_context():
        db = get_db()
        count = db.execute('SELECT COUNT(id) FROM post').fetchone()[0]
        assert count == 2
Exemplo n.º 27
0
def get_users():
    # get the DB connection
    db = get_db()

    # get all users from the db
    users = db.execute('select * from user').fetchall()

    # render 'list.html' blueprint with users
    return render_template('user/list.html', users=users)
Exemplo n.º 28
0
def view_user(id):
    # get the DB connection
    db = get_db()

    # get user by id
    user = db.execute(f'''select * from user  WHERE id = {id}''').fetchone()

    # render 'profile.html' blueprint with user
    return render_template('user/view-user.html', user=user)
Exemplo n.º 29
0
def myposts():
    
    # get the DB connection
    db = get_db()

    # retrieve all posts
    posts = db.execute(f'''select * from post WHERE author_id = {session['uid']}''').fetchall()
    
    # render 'blog' blueprint with posts
    return render_template('blog/myposts.html', posts = posts)
Exemplo n.º 30
0
def edit_post(post_id):

    edit_post_form = EditPostForm() 

    if request.method == "GET":

        db = get_db()

        current_post = db.execute(f"select * from post WHERE id = {post_id}").fetchone()

        edit_post_form.new_title.data = current_post['title']
        edit_post_form.new_body.data = current_post['body']

    
    if edit_post_form.validate_on_submit():
        # read post values from the form
        new_title = edit_post_form.new_title.data
        new_body = edit_post_form.new_body.data 


        # get the DB connection
        db = get_db()
        
        
        try:
            
            db.execute(f"UPDATE post SET title = '{new_title}', body = '{new_body}' WHERE id = '{post_id}' ")    
            
            # commit changes to the database
            db.commit()
            
            return redirect(url_for("blog.myposts")) 

        except sqlite3.Error as er:
            print(f"SQLite error: { (' '.join(er.args)) }")
            return redirect("/404")

    # if the user is not logged in, redirect to '/login' 
    if "uid" not in session:
        return redirect('/login')
    
    # else, render the template
    return render_template("blog/edit_post.html", form = edit_post_form)