Exemplo n.º 1
0
def register():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        repassword = request.form['repassword']

        db = get_db()
        error = None

        if not username:
            error = 'Username is required.'
        elif not password:
            error = 'Password is required.'
        elif password != repassword:
            error = 'Password do not match'
        elif db.execute('SELECT id FROM user WHERE username = ?',
                        (username, )).fetchone() is not None:
            error = 'User {} is already registered.'.format(username)

        if error is None:
            db.execute('INSERT INTO user (username, password) VALUES (?, ?)',
                       (username, generate_password_hash(password)))
            db.commit()

            create_log("register")
            return redirect(url_for('auth.login'))

        flash(error)

    return render_template('auth/register.html')
Exemplo n.º 2
0
def delete_article(title, id):
    db = get_db()

    count = len(
        db.execute('SELECT id FROM article WHERE title=?',
                   (title, )).fetchall())

    if count > 1:
        turn = int(
            db.execute('SELECT turn FROM article WHERE id=?',
                       (id, )).fetchone()['turn'])

        db.execute('DELETE FROM article WHERE title = ? AND id = ?',
                   (title, id))

        db.execute(
            'UPDATE article SET turn = turn-1 WHERE title = ? AND turn > ?',
            (title, turn))

        db.commit()

        id = db.execute('Select id FROM article WHERE title=? AND turn=0',
                        (title, )).fetchone()

        create_log("delete article")
        return redirect(url_for('admin.edit_article', title=title,
                                id=id['id']))

    return "At least one article"
Exemplo n.º 3
0
def delete_page(title):

    if title != 'home':
        db = get_db()

        db.execute("DELETE FROM article WHERE title=?", (title, ))
        db.execute("DELETE FROM book WHERE title=?", (title, ))

        db.commit()

        create_log("delete page")
        return redirect(url_for('admin.edit_page'))

    return "You cannot delete home page"
Exemplo n.º 4
0
def login():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        remember = request.form.getlist('remember')

        db = get_db()
        error = None
        user = db.execute('SELECT * FROM user WHERE username = ?',
                          (username, )).fetchone()

        if user is None:
            error = 'Incorrect username.'
        elif not check_password_hash(user['password'], password):
            error = 'Incorrect password.'

        if error is None:
            session.clear()
            session['user_id'] = user['id']

            create_log("login")
            resp = make_response(redirect(url_for('index')))
            if not remember:
                resp.set_cookie(key='username', value='', expires=0)
                resp.set_cookie(key='password', value='', expires=0)
                return resp
            else:
                resp.set_cookie(key='username',
                                value=username,
                                expires=time.time() + 7 * 60 * 60 * 24)
                resp.set_cookie(key='password',
                                value=password,
                                expires=time.time() + 7 * 60 * 60 * 24)
                return resp

            return redirect(url_for('index'))

        flash(error)

    if request.method == 'GET':
        username = request.cookies.get('username')
        password = request.cookies.get('password')

        if username is not None and password is not None:
            return render_template('auth/login.html',
                                   username=username,
                                   password=password)

    return render_template('auth/login.html')
Exemplo n.º 5
0
def new_article(title):
    db = get_db()

    count = len(
        db.execute('SELECT id FROM article WHERE title = ?',
                   (title, )).fetchall())

    db.execute(
        "INSERT INTO article (title,topic,body,turn) VALUES (?,'New Article','Some Text',?)",
        (title, count))
    db.commit()

    id = db.execute('Select id FROM article WHERE title=? AND turn=?',
                    (title, count)).fetchone()

    create_log("new article")
    return redirect(url_for('admin.edit_article', title=title, id=id['id']))
Exemplo n.º 6
0
def new_reply(id):

    if request.method == 'POST':
        body = request.form['body']

        error = None
        if not body:
            error = "Body is required"

        if not error:
            db = get_db()
            db.execute('INSERT INTO reply (user_id, post_id, body) VALUES (?,?,?)',(g.user['id'],id,body))
            db.commit()

            create_log("reply")
            return redirect(url_for('forum.post',id=id))
        
        flash(error)

    return render_template('forum/form.html',isPost=False)
Exemplo n.º 7
0
def edit_page():

    db = get_db()

    if request.method == 'POST':
        domain = request.form['domain']

        error = None
        if not domain:
            error = 'Domain is required.'
        elif db.execute('SELECT * FROM book WHERE title = ?',
                        (domain, )).fetchone() is not None:
            error = 'Domain {} is already registered.'.format(domain)

        if not error:
            db.execute('INSERT INTO book (title,author_id) VALUES (?,?)',
                       (domain, g.user['id']))
            db.execute(
                "INSERT INTO article (title,topic,body,turn) VALUES (?,'New Article','Some Text',0)",
                (domain, ))
            db.commit()

            id = db.execute('Select id FROM article WHERE title=? AND turn=0',
                            (domain, )).fetchone()

            create_log("new page")
            create_log("new article")
            return redirect(
                url_for('admin.edit_article', title=domain, id=id['id']))

        flash(error)

    books = db.execute(
        'SELECT b.title AS title, a.topic AS topic, created, username, a.body AS body, a.id AS id'
        ' FROM book b'
        ' LEFT JOIN user u ON b.author_id = u.id'
        ' LEFT JOIN article a ON (b.title = a.title) AND (a.turn = 0)'
        ' ORDER BY created DESC').fetchall()

    return render_template('admin/editpage.html', books=books)
Exemplo n.º 8
0
def new_post():

    if request.method == 'POST':
        topic = request.form['topic']
        body = request.form['body']

        error = None

        if not topic:
            error = "Topic is required"
        elif not body:
            error = "Body is required"

        if not error:
            db = get_db()
            db.execute('INSERT INTO post (user_id, topic, body) VALUES (?,?,?)',(g.user['id'],topic,body))
            db.commit()

            create_log("post")
            return redirect(url_for('forum.index'))
        
        flash(error)

    return render_template('forum/form.html',isPost=True)
Exemplo n.º 9
0
def logout():
    create_log("logout")
    session.clear()
    return redirect(url_for('index'))
Exemplo n.º 10
0
def edit_article(title, id):

    db = get_db()

    topics = db.execute(
        'SELECT topic,id,turn'
        ' FROM article'
        ' WHERE title = ?'
        ' ORDER BY turn ASC', (title, )).fetchall()

    if request.method == 'POST':
        error = None

        f_topic = request.form['header']
        f_sequence = int(request.form['sequence'])
        f_body = request.form['body']
        f_button = request.form['button']
        f_link = request.form['link']
        f_image = request.form['image']

        if not f_topic:
            error = 'Topic is required.'
        elif not f_sequence and f_sequence != 0:
            error = 'Sequence is required.'
        elif not f_body:
            error = 'Body is required.'
        elif bool(f_button) != bool(f_link):
            error = 'Button Name and Link both required.'

        if error is None:
            biggest_turn = len(topics) - 1
            f_sequence = max(f_sequence, 0)
            f_sequence = min(f_sequence, biggest_turn)

            oturn = db.execute('SELECT turn FROM article WHERE id=?',
                               (id, )).fetchone()['turn']
            if oturn > f_sequence:
                db.execute(
                    'UPDATE article SET turn = turn+1 WHERE title=? AND turn>=? AND turn<?',
                    (title, f_sequence, oturn))
            elif oturn < f_sequence:
                db.execute(
                    'UPDATE article SET turn = turn-1 WHERE title=? AND turn>? AND turn<=?',
                    (title, oturn, f_sequence))

            db.execute(
                'UPDATE article'
                ' SET topic = ?,'
                ' body = ?,'
                ' button = ?,'
                ' link = ?,'
                ' turn = ?,'
                ' image = ?'
                ' WHERE id = ?',
                (f_topic, f_body, f_button, f_link, f_sequence, f_image, id))
            db.commit()

            create_log("edit article")
            return redirect(url_for('admin.edit_article', title=title, id=id))

        flash(error)

    images = os.listdir(os.path.join(bp.static_folder, 'icon'))

    article = db.execute('SELECT * FROM article WHERE id=?', (id, )).fetchone()

    domains = db.execute('SELECT title'
                         ' FROM book'
                         ' ORDER BY created DESC').fetchall()

    return render_template('admin/editarticle.html',
                           topics=topics,
                           domains=domains,
                           article=article,
                           images=images)