Exemplo n.º 1
0
def rate():
    user_email = session['userEmail']
    cursor = conn.cursor()
    page = 'index'
    item = list(request.form.keys())[0]

    # if the user is rating on the shared page, make page = sharedPosts
    # otherwise, it is already initialized to index page
    if 'share' in item:
        page = 'sharedPosts'
    cursor.rownumber = 0
    # retrieve the item_id of what is being rated
    rate_id = int(item.split('te')[-1])

    # determine whether the rating already exists
    query = "SELECT * FROM Rate WHERE item_id = %s AND email = %s"
    cursor.execute(query, (rate_id, user_email))
    rate_exist = cursor.fetchone()
    cursor.rownumber = 0

    # if rating already exists, uopdate the row
    if rate_exist:
        query = "UPDATE Rate SET rate_time = CURRENT_TIMESTAMP, emoji = %s WHERE item_id = %s AND email = %s"
        cursor.execute(query, (request.form[item], rate_id, user_email))
    # otherwise, insert a new row for the rating
    else:
        query = "INSERT INTO Rate (email, item_id, rate_time, emoji) VALUES (%s, %s, CURRENT_TIMESTAMP, %s)"
        cursor.execute(query, (user_email, rate_id, request.form[item]))
    conn.commit()
    cursor.close()
    return redirect(url_for(page))
Exemplo n.º 2
0
def shareAction(owner_email, fg_name, postid):
    query = "INSERT INTO share VALUES (%s, %s, %s)"
    cursor = conn.cursor()
    cursor.execute(query, (owner_email, fg_name, postid))
    conn.commit()
    cursor.close()
    return redirect('/')
Exemplo n.º 3
0
def post():
    user_email = session['userEmail']
    cursor = conn.cursor()
    blog = request.form['content']
    pub = request.form.get('pub')
    file = request.files.getlist('image')

    destination = None
    if file:
        contentType = "image"
        # the three lines below are to create the path if it doesn't exist already
        target = app.config['UPLOAD_FOLDER'] + '/images'
        if not os.path.isdir(target):
            os.makedirs(target)
        # loop through submitted images
        for file in request.files.getlist('image'):
            filename = file.filename
            destination = "/".join([target, filename])

    else:
        contentType = "text"

    pub = True if pub else False
    # This query just throws the post info we got into the contentitem table
    query = 'INSERT INTO ContentItem(email_post, file_path, content_type, item_name, is_pub) VALUES(%s, %s, %s, %s, %s)'
    cursor.execute(query, (user_email, destination, contentType, blog, pub))
    # if there was a photo, make sure we saved it
    if file:
        file.save(destination)
    # commit our changes
    conn.commit()
    cursor.close()
    return redirect(url_for('index'))
Exemplo n.º 4
0
def registerAuth():
    # grabs information from the forms
    fname = request.form['fname']
    lname = request.form['lname']
    user_email = request.form['userEmail']
    password = request.form['password']

    # cursor used to send queries
    cursor = conn.cursor()
    # executes query
    query = 'SELECT * FROM PERSON WHERE email = %s'
    cursor.execute(query, user_email)

    data = cursor.fetchone()
    if data:
        error = "This user already exists"
        cursor.close()
        return render_template('signup.html', error=error)
    else:
        ins = 'INSERT INTO PERSON VALUES(%s, SHA2(%s, 256), %s, %s)'
        cursor.execute(ins, (user_email, password, fname, lname))

        conn.commit()
        cursor.close()
        return render_template('index.html')
Exemplo n.º 5
0
def commentsubmit(postid):
    if 'userEmail' in session:
        comment_content = request.form['content']

        query = 'INSERT INTO comments (content, commentor_email, item_id) VALUES (%s, %s, %s)'
        cursor = conn.cursor()
        cursor.execute(query, (comment_content, session['userEmail'], postid))
        conn.commit()
        cursor.close()
    return redirect(url_for('comments', postid=postid))
Exemplo n.º 6
0
def tag_auth():
    user_email = session['userEmail']
    cursor = conn.cursor()
    item = list(request.form.keys())[0]
    lst = item.split('@nyu.edu')
    tagger, item_id = lst[0], int(lst[1])
    status = request.form[item]

    # if user accepted tag, update row in table to be true
    if status == "Accept":
        query = "UPDATE Tag SET status = 'True' WHERE email_tagger = %s" \
                " AND email_tagged = %s AND item_id = %s"
    # otherwise, delete the row from the table
    else:
        query = "DELETE FROM Tag WHERE email_tagger = %s" \
                "AND email_tagged = %s AND item_id = %s"
    cursor.execute(query, (tagger + '@nyu.edu', user_email, item_id))
    conn.commit()
    cursor.close()
    return redirect(url_for('pending_tag'))
Exemplo n.º 7
0
def createNewGroup():
    user_email = session['userEmail']
    groupName = request.form['groupName']
    groupDesc = request.form['groupDesc']

    cursor = conn.cursor()
    # the query checks is the user already owns a group with the inputted name
    checkQuery = 'SELECT fg_name FROM FriendGroup WHERE owner_email = %s AND fg_name = %s'
    cursor.execute(checkQuery, (user_email, groupName))
    groupData = cursor.fetchone()
    # if group exits, send error
    if groupData:
        cursor.rownumber = 0
        error = "You have already created a group with this name"
        cursor.close()
        return render_template('newGroup.html',
                               displayNewGroup="true",
                               error=error)
    # the group doesn't exist so the group is created with the user as the owner
    # the owner is automatically put into the Belong table so they are a member of the group they own
    else:
        newGroupQuery = 'INSERT INTO FriendGroup(owner_email, fg_name, description) VALUES (%s,%s,%s)'
        cursor.execute(newGroupQuery, (user_email, groupName, groupDesc))
        conn.commit()
        cursor.rownumber = 0
        addSelf = 'INSERT INTO Belong(email,owner_email,fg_name) VALUES (%s,%s,%s)'
        cursor.execute(addSelf, (user_email, user_email, groupName))
        conn.commit()
        cursor.close()
        # allows the user to add members to the group they just created
        if request.form.get('AddMember') == 'AddMember':
            return render_template('newGroup.html',
                                   displayAddMember="true",
                                   dispGroupName=groupName)
    cursor.close()
    return redirect(url_for('index'))
Exemplo n.º 8
0
def removeMember(nameGroup):
    if 'userEmail' in session:
        useremail = session['userEmail']
        cursor = conn.cursor()
        # selects the members of the people who belong in the user's group
        showMemQuery = 'SELECT * FROM Belong WHERE fg_name = %s AND email != %s AND owner_email=%s'
        cursor.execute(showMemQuery, (nameGroup, useremail, useremail))
        memNames = cursor.fetchall()
        # if there are members in the group
        # nameData is an array with the first and last names of people in the group
        if memNames:
            nameData = []
            for x in range(len(memNames)):
                searchEmail = memNames[x]['email']
                # query to select first and last name of associated email
                nameQuery = 'SELECT * FROM Person WHERE email = (%s)'
                cursor.execute(nameQuery, searchEmail)
                nameData.extend(cursor.fetchall())
            cursor.close()
            return render_template('removeMember.html',
                                   memNames=memNames,
                                   nameGroup=nameGroup,
                                   nameData=nameData,
                                   user=useremail)
        else:
            # if there are no members the group will be deleted
            cursor = conn.cursor()
            # delete everyone from belong
            deleteQuery4 = 'DELETE FROM Belong WHERE owner_email = %s AND fg_name = %s'
            cursor.execute(deleteQuery4, (useremail, nameGroup))
            conn.commit()
            conn.rownumber = 0

            # delete the shared content
            deleteQuery5 = 'DELETE FROM Share WHERE owner_email = %s AND fg_name = %s'
            cursor.execute(deleteQuery5, (useremail, nameGroup))
            conn.commit()
            conn.rownumber = 0

            # delete the group
            deleteQuery6 = 'DELETE FROM FriendGroup WHERE owner_email = %s AND fg_name = %s'
            cursor.execute(deleteQuery6, (useremail, nameGroup))
            conn.commit()
            cursor.close()
            # error = "There is no one in this group. Return home to add people"
            return redirect('/')
    else:
        return redirect('/')
Exemplo n.º 9
0
def tag():
    user_email = session['userEmail']
    cursor = conn.cursor()
    item = list(request.form.keys())[0]
    taggee = request.form[item]
    cursor.rownumber = 0
    tag_id = int(item.split('d')[-1])

    # check to see if email to be tagged exist
    query = "SELECT * FROM Person WHERE email = %s"
    cursor.execute(query, taggee)
    tag_email_exist = cursor.fetchone()

    # generate error if email does not exist on home page
    if not tag_email_exist:
        error = "This email has not been registered."
        flash(error)
        return redirect(url_for('index'))

    # check to see if the tag already exists
    query = "SELECT * FROM Tag WHERE item_id = %s AND email_tagger = %s AND email_tagged = %s"
    cursor.execute(query, (tag_id, user_email, taggee))
    tag_exist = cursor.fetchone()
    cursor.rownumber = 0

    # if tag does not exist
    if not tag_exist:
        # check to see if the content is public
        query = "SELECT is_pub FROM ContentItem WHERE item_id = %s"
        cursor.execute(query, tag_id)
        is_public = cursor.fetchone()
        cursor.rownumber = 0
        if is_public['is_pub']:
            status = "False"

            # if tagging yourself, automatically accept the tag
            if user_email == taggee:
                status = "True"

            # insert the pending/accepted tag into the tag table
            query = "INSERT INTO Tag(email_tagged, email_tagger, item_id, status) VALUES (%s, %s, %s, %s)"
            cursor.execute(query, (taggee, user_email, tag_id, status))

        # if it's a private post, confirm that you are tagging someone who you already shared the post with
        else:
            query = "SELECT * FROM Belong NATURAL JOIN Share WHERE email = %s AND item_id = %s"
            cursor.execute(query, (taggee, tag_id))
            is_shared = cursor.fetchone()
            # if post is shared, insert row into table
            if is_shared:
                query = "INSERT INTO Tag(email_tagged, email_tagger, item_id, status) VALUES (%s, %s, %s, %s)"
                cursor.execute(query, (taggee, user_email, tag_id, "False"))
            # otherwise, all cases failed
            # generate the error to the home page
            else:
                error = "Tag request cannot be done."
                flash(error)
                return redirect(url_for('index'))
    # generate error saying that email is already tagged
    else:
        error = "You already tagged " + taggee + " for this post!"
        flash(error)
        return redirect(url_for('index'))
    conn.commit()
    cursor.close()
    return redirect(url_for('index'))
Exemplo n.º 10
0
def addNewMember():
    user_email = session['userEmail']
    groupName = request.form['groupName']
    newMemberF = request.form['newMemFname']
    newMemberL = request.form['newMemLname']
    duplicateTest = request.form['duplicateTest']

    cursor = conn.cursor()
    # check that the member you're adding exists
    checkExist = 'SELECT * FROM Person WHERE fname = %s AND lname = %s'
    cursor.execute(checkExist, (newMemberF, newMemberL))
    memExist = cursor.fetchall()
    # if there is more than one user, an email is required
    if duplicateTest == "True":
        cursor.rownumber = 0
        newMemEmail = request.form['newMemEmail']
        # check if they're already in your group
        checkInQuery = 'SELECT * FROM Belong WHERE owner_email = %s AND fg_name = %s AND email = %s'
        cursor.execute(checkInQuery, (user_email, groupName, newMemEmail))
        memExistData2 = cursor.fetchall()
        # if the member already in user's group, the user retrieves an error message
        if memExistData2:
            cursor.close()
            error = "This person is already in your group"
            return render_template('newGroup.html',
                                   displayAddMember="true",
                                   dispGroupName=groupName,
                                   error=error)
        # if the user exists and isn't in the group, they are added
        else:
            cursor.rownumber = 0
            addMemQuery2 = 'INSERT INTO Belong (email, owner_email, fg_name) VALUES (%s, %s, %s)'
            cursor.execute(addMemQuery2, (newMemEmail, user_email, groupName))
            message = "you successfully added a member"
            conn.commit()
            cursor.close()
            return render_template('newGroup.html',
                                   displayAddMember="true",
                                   dispGroupName=groupName,
                                   message=message)

    #if we don't know if there are duplicates, we have to check the how many people have the same name
    else:
        # if there is only one person with the inputted name
        if len(memExist) == 1:
            cursor.rownumber = 0
            # if the member exists - check if they're already in your group
            newMember = memExist[0]['email']
            checkMemQuery = 'SELECT * FROM Belong WHERE owner_email = %s AND fg_name = %s AND email = %s'
            cursor.execute(checkMemQuery, (user_email, groupName, newMember))
            memExistData = cursor.fetchone()
            # if they're already in your group send an error message
            if memExistData:
                error = "This person is already in your group"
                cursor.close()
                return render_template('newGroup.html',
                                       displayAddMember="true",
                                       dispGroupName=groupName,
                                       error=error)
            else:
                # if the member exists and is not in group, add them to your group
                cursor.rownumber = 0
                addMemberQuery = 'INSERT INTO Belong (email, owner_email, fg_name) VALUES (%s, %s, %s)'
                cursor.execute(addMemberQuery,
                               (newMember, user_email, groupName))
                message = "You successfully added a member"
                conn.commit()
                cursor.close()
                return render_template('newGroup.html',
                                       displayAddMember="true",
                                       dispGroupName=groupName,
                                       message=message)
        # if the user doesn't exist, an error message is sent
        elif len(memExist) == 0:
            error = "This person does not exist, try another name"
            cursor.close()
            return render_template('newGroup.html',
                                   displayAddMember="true",
                                   dispGroupName=groupName,
                                   error=error)
        # if the query returns something longer than one, that means there are multiple people with the same name
        # will render the page with an error message and a list of the emails associated with that name
        # the user must enter the correct email to add the person
        else:
            error = "There are multiple people with the same name. Enter the correct email and to move on"
            return render_template('newGroup.html',
                                   displayAddMember="true",
                                   dispGroupName=groupName,
                                   error=error,
                                   duplicate="true",
                                   memExist=memExist)
Exemplo n.º 11
0
def deleteMember():
    if 'userEmail' in session:
        useremail = session['userEmail']
        deletePerson = request.form['memberEmail']
        fromGroup = request.form['deleteGroup']
        # remove deletes a person from the selected group
        if request.form.get('Remove') == 'Remove':
            cursor = conn.cursor()
            # delete a person from your group
            deleteQuery1 = 'DELETE FROM Belong WHERE email = %s AND fg_name = %s AND owner_email = %s'
            cursor.execute(deleteQuery1, (deletePerson, fromGroup, useremail))
            conn.commit()
            cursor.close()
            return removeMember(fromGroup)

        # if you want to completely sever your relationship with the person
        elif request.form.get('Sever') == 'Sever':
            cursor = conn.cursor()
            # removes the person from all their groups
            deleteQuery2 = 'DELETE FROM Belong WHERE email = %s AND owner_email = %s'
            cursor.execute(deleteQuery2, (deletePerson, useremail))
            conn.commit()
            conn.rownumber = 0

            # deletes the user from all of deleted persons group to sever friendship
            deleteQuery3 = 'DELETE FROM Belong WHERE email = %s AND owner_email = %s'
            cursor.execute(deleteQuery3, (useremail, deletePerson))
            conn.commit()
            cursor.close()
            return removeMember(fromGroup)
        # deletes the whole group which also deletes the shared content
        elif request.form.get('Delete') == 'Delete':
            cursor = conn.cursor()
            # query delete everyone from belong table
            deleteQuery4 = 'DELETE FROM Belong WHERE owner_email = %s AND fg_name = %s'
            cursor.execute(deleteQuery4, (useremail, fromGroup))
            conn.commit()
            conn.rownumber = 0

            # query deletes the shared content associated with the user's group
            deleteQuery5 = 'DELETE FROM Share WHERE owner_email = %s AND fg_name = %s'
            cursor.execute(deleteQuery5, (useremail, fromGroup))
            conn.commit()
            conn.rownumber = 0

            # deletes the group from the database
            deleteQuery6 = 'DELETE FROM FriendGroup WHERE owner_email = %s AND fg_name = %s'
            cursor.execute(deleteQuery6, (useremail, fromGroup))
            conn.commit()
            cursor.close()
            return redirect('/')

        else:
            return removeMember(fromGroup)
    else:
        return redirect('/')