def addAlbum(artist_id):
data = request.get_json(force=True)
if userAuth(data['username'], data['password']) == False:
return jsonify({'error': True, 'message': 'You are not logged in!'})
print 1
try:
album = {}
print 2
album['artist_id'] = str(artist_id)
album['title'] = data['title']
album['genre'] = data['genre']
album['year'] = str(data['year'])
print 3
c, conn = connection()
c.execute(
"INSERT INTO albums ( artist_id, title, genre, year_released) VALUES(%s, %s, %s, %s)",
[
sanitize(album['artist_id']),
sanitize(album['title']),
sanitize(album['genre']),
sanitize(album['year'])
])
# Close Connection
conn.commit()
c.close()
conn.close()
print 4
return jsonify({'error': False, "message": "Album added!"})
except Exception as e:
return (str(e))
def resetVerifyCheck(key):
url_serial = URLSafeSerializer(
"XHhkMVx4OTgzXFxceDhmZilceDk2Ilx4MTZceDhkXHhhYlx4ZGFceDlkXHhiYUNHXHhlM1x4YTRceDFiK0RceGNhfg=="
)
timed_serial = TimedSerializer(
"XHhkMVx4OTgzXFxceDhmZilceDk2Ilx4MTZceDhkXHhhYlx4ZGFceDlkXHhiYUNHXHhlM1x4YTRceDFiK0RceGNhfg=="
)
status = None
try:
key = timed_serial.loads(key, max_age=300)
key = url_serial.loads(key)
username = str(sanitize(key[0]))
password = sha512_crypt.encrypt(sanitize(key[1]))
except:
status = "Oops, The Link Has Expired..!!"
return status
cursor, dbconn = dbConnection()
query = "UPDATE users SET password = %s WHERE username = %s"
try:
cursor.execute(query, (password, username))
dbconn.commit()
status = "Password Updated Successfully..!!"
except:
dbconn.rollback()
status = "Oops, Something Went Wrong Please Try Again..!!"
cursor.close()
dbconn.close()
return status
def processLogin(form):
username = sanitize(form.username.data)
password = sanitize(form.password.data)
persistent = form.persistent.data
status = False
try:
cursor, dbconn = dbConnection()
query = "SELECT user_id, username, password FROM users WHERE username = %s"
query_result = cursor.execute(query, [username])
query_result = cursor.fetchone()
user_id = query_result[0]
query_result = query_result[2]
except:
status = "No Such User Exists..!!"
else:
if sha512_crypt.verify(password, query_result):
session['logged_in'] = True
session['username'] = username
if persistent:
session.permanent = True
status = True
else:
status = "Invalid Credentials..!!"
query = "SELECT reviewer_id, subject from reviewers where user_id = %s"
query_result = cursor.execute(query, [user_id])
if int(query_result) > 0:
query_result = cursor.fetchone()
session['reviewer'] = query_result[0]
session['subject'] = query_result[1]
cursor.close()
dbconn.close()
return status
def register():
data = request.get_json(force=True)
email = data['email']
username = data['username']
password = data['password']
password2 = data['confirmPassword']
try:
password = sha256_crypt.encrypt(str(password))
# Check if username is available
c, conn = connection()
db_username = c.execute("SELECT * FROM users WHERE username = (%s)", [sanitize(username)])
if int(db_username) > 0:
return jsonify({ "userdata": False, "error": "Username Taken." })
# Check if email is already used.
db_email = c.execute("SELECT * FROM users WHERE email = (%s)", [sanitize(email)])
if int(db_email) > 0:
return jsonify({ "userdata": False, "error": "Email already used by another account." })
# Credentials are good! Add new user and close the connection.
c.execute("INSERT INTO users (username, password, email) VALUES (%s, %s, %s)",
[sanitize(username), sanitize(password), sanitize(email)])
conn.commit()
c.close()
conn.close()
return jsonify({ "userdata": True, "message": "You are now registered!" })
except Exception as e:
return(str(e))
def signup():
title = "Sign Up"
try:
if request.method == "POST":
email = request.form['email']
username = request.form['username']
password = request.form['password']
password2 = request.form['repeatpassword']
#flash(username)
#flash(password)
# confirm password
if password != password2:
flash("Passwords do not match.")
return render_template('pages/signup.html', title = title)
if len(password) < 8:
flash("Password not long enough.")
return render_template('pages/signup.html', title = title)
password = sha256_crypt.encrypt(str(password))
# Check if username is available
c, conn = connection()
db_username = c.execute("SELECT * FROM users WHERE username = (%s)", [sanitize(username)])
if int(db_username) > 0:
flash("Username taken.")
return render_template('pages/signup.html', title = title)
# Check if email is already used.
db_email = c.execute("SELECT * FROM users WHERE email = (%s)", [sanitize(email)])
if int(db_email) > 0:
flash("An account already exists with that email.")
return render_template('pages/signup.html', title = title)
# Credentials are good! Add new user and close the connection.
c.execute("INSERT INTO users (username, password, email) VALUES (%s, %s, %s)",
[sanitize(username), sanitize(password), sanitize(email)])
conn.commit()
c.close()
conn.close()
#gc.collect()
flash("You are now Registered!")
session['logged_in'] = True
session['user_id'] = 1
session['username'] = username
session['user_email'] = email
session['user_type'] = 0
session['user_active'] = 0
session['user_image'] = 'placeholder.jpg'
return redirect(url_for('home'))
return render_template('pages/signup.html', title = title)
except Exception as e:
flash(e)
return(str(e))
def commentArticle(form, article_id):
status = "Thanks For Your Comment..!!"
cursor, dbconn = dbConnection()
article_id = sanitize(str(article_id))
reviewer_id = session['reviewer']
comment = sanitize(str(form.comment.data))
try:
if not (addComment(article_id, reviewer_id, comment, cursor, dbconn)):
status = "You've Already Provided Your Comment..!!"
except:
dbconn.rollback()
status = "Oops, Something Went Wrong Please Try Again..!!"
return status
def addSong(artist_id, album_id):
data = request.get_json(force=True)
if userAuth(data['username'], data['password']) == False:
print "sup"
return jsonify({'error': True, 'message': 'You are not logged in!'})
try:
song = {}
song['album_id'] = str(album_id)
#song['album_id'] = data[1]
song['track_number'] = str(data['track_number'])
song['title'] = data['title'].encode('utf-8')
song['lyrics'] = data['lyrics'].encode('utf-8')
song['media_link'] = data['media_link'].encode('utf-8')
c, conn = connection()
c.execute(
"INSERT INTO tracks (album_id, track_no, title, lyrics, media_link) VALUES (%s, %s, %s, %s, %s);",
[
sanitize(song['album_id']),
sanitize(song['track_number']),
sanitize(song['title']), song['lyrics'],
sanitize(song['media_link'])
])
c.execute("SELECT LAST_INSERT_ID();")
data = c.fetchone()
# Close Connection
conn.commit()
c.close()
conn.close()
print data
return jsonify({
"error": False,
"message": "Song added!",
"track_id": data['LAST_INSERT_ID()']
})
except Exception as e:
print "err: " + str(e)
return jsonify({
'error':
True,
'message':
'Something went wrong... Content may not have saved.'
})
def editAlbum(artist_id, album_id):
data = request.get_json(force=True)
if userAuth(data['username'], data['password']) == False:
return jsonify({'error': True, 'message': 'You are not logged in!'})
print 1
try:
album = {}
print 2
album['id'] = str(album_id)
album['artist'] = str(artist_id)
album['title'] = data['title']
#album['artwork'] = request.form['artwork']
album['genre'] = data['genre']
album['year'] = str(data['year'])
print 3
c, conn = connection()
'''
file = request.files['artwork']
if file and allowed_file(file.filename):
image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1])
file.save(os.path.join(app.config['UPLOAD_FOLDER'], image))
c.execute("UPDATE albums SET artwork = (%s) WHERE album_id = (%s)", [sanitize(image), sanitize(album['id'])])
'''
print 4
c.execute(
"UPDATE albums SET title = (%s), genre = (%s), year_released = (%s) WHERE album_id = (%s)",
[
sanitize(album['title']),
sanitize(album['genre']),
sanitize(album['year']),
sanitize(album['id'])
])
# Close Connection
conn.commit()
c.close()
conn.close()
print 5
return jsonify({"error": False, "message": "Album Updated!"})
except Exception as e:
return (str(e))
def register():
data = request.get_json(force=True)
email = data['email']
username = data['username']
password = data['password']
password2 = data['confirmPassword']
try:
password = sha256_crypt.encrypt(str(password))
# Check if username is available
c, conn = connection()
db_username = c.execute("SELECT * FROM users WHERE username = (%s)",
[sanitize(username)])
if int(db_username) > 0:
return jsonify({"userdata": False, "error": "Username Taken."})
# Check if email is already used.
db_email = c.execute("SELECT * FROM users WHERE email = (%s)",
[sanitize(email)])
if int(db_email) > 0:
return jsonify({
"userdata": False,
"error": "Email already used by another account."
})
# Credentials are good! Add new user and close the connection.
c.execute(
"INSERT INTO users (username, password, email) VALUES (%s, %s, %s)",
[sanitize(username),
sanitize(password),
sanitize(email)])
conn.commit()
c.close()
conn.close()
return jsonify({
"userdata": True,
"message": "You are now registered!"
})
except Exception as e:
return (str(e))
def reviewArticle(form, article_id):
article_status = sanitize(str(form.status.data))
article_id = sanitize(str(article_id))
reviewer_id = session['reviewer']
status = None
cursor, dbconn = dbConnection()
try:
query = "UPDATE articles SET status = %s, review_date = CURRENT_TIMESTAMP WHERE article_id = %s;"
query1 = "INSERT INTO article_reviewer VALUES(%s, %s);"
cursor.execute(query, (article_status, article_id))
cursor.execute(query1, (article_id, reviewer_id))
status = "Review Submitted Successfully..!!"
dbconn.commit()
except:
dbconn.rollback()
status = "Oops, Something Went Wrong Please Try Again..!!"
cursor.close()
dbconn.close()
return status
def artist():
try:
artist_id = request.args.get('artist')
# Establish connection
c, conn = connection()
result = c.execute("SELECT * FROM artists WHERE artist_id = (%s)", [sanitize(artist_id)])
data = c.fetchone()
artist = {}
artist['id'] = data[0]
artist['name'] = data[2]
artist['bio'] = nl2br(data[1].decode('utf-8'))
artist['genre'] = data[3]
artist['country'] = data[4]
artist['year'] = data[5]
title = artist['name']
result = c.execute("SELECT name, role FROM members WHERE artist_id = (%s)", [sanitize(artist_id)])
data = c.fetchall()
members = []
for member in data:
members.append({'name': member[0], 'role': member[1]})
result = c.execute("SELECT * FROM albums WHERE artist_id = (%s) ORDER BY year_released DESC;", [artist['id']])
data = c.fetchall()
albums = []
for album in data:
result = c.execute("SELECT track_id, title, track_no FROM tracks WHERE album_id = (%s) ORDER BY track_no;", [album[0]])
data2 = c.fetchall()
tracklist = []
for track in data2:
tracklist.append({'id': track[0], 'title': track[1], 'track_no': track[2]})
albums.append({'id': album[0], 'title': album[2], 'genre': album[3], 'year': album[4], 'artwork': album[5], 'tracklist': tracklist})
return render_template('pages/artist.html', title = title, artist = artist, members = members, albums = albums)
except Exception as e:
flash(e)
return(str(e))
def editSong():
try:
title = "Edit Song"
if request.method == "POST":
#flash("one!")
song = {}
song['id'] = request.args.get('song')
#song['album_id'] = data[1]
song['track_number'] = request.form['track_number']
song['title'] = request.form['title'].encode('utf-8')
song['lyrics'] = request.form['lyrics'].encode('utf-8')
song['media_link'] = request.form['media_link']
title = song['title']
#flash("two!")
c, conn = connection()
c.execute("UPDATE tracks SET title = (%s), track_no = (%s), lyrics = (%s), media_link = (%s) WHERE track_id = (%s)", [sanitize(song['title']), sanitize(song['track_number']), song['lyrics'], sanitize(song['media_link']),sanitize(song['id'])])
# Close Connection
conn.commit()
c.close()
conn.close()
#gc.collect()
flash("Updated!")
return redirect('/song/?song=' + str(song['id']))
elif request.method == "GET":
track_id = request.args.get('song')
# Establish connection
c, conn = connection()
result = c.execute("SELECT * FROM tracks WHERE track_id = (%s)", [sanitize(track_id)])
data = c.fetchone()
# Close Connection
conn.commit()
c.close()
conn.close()
#gc.collect()
song = {}
song['id'] = data[0]
song['album_id'] = data[1]
song['track_number'] = data[2]
song['title'] = data[3].decode('utf-8')
song['lyrics'] = data[4].decode('utf-8')
song['media_link'] = data[5]
return render_template('pages/edit-song.html', title = title, song = song)
except Exception as e:
flash(e)
return(str(e))
def editSong(artist_id, album_id, track_id):
data = request.get_json(force=True)
if userAuth(data['username'], data['password']) == False:
print "sup"
return jsonify({'error': True, 'message': 'You are not logged in!'})
try:
song = {}
song['id'] = str(track_id)
#song['album_id'] = data[1]
song['track_number'] = str(data['track_number'])
song['title'] = data['title'].encode('utf-8')
song['lyrics'] = data['lyrics'].encode('utf-8')
song['media_link'] = data['media_link'].encode('utf-8')
c, conn = connection()
c.execute(
"UPDATE tracks SET title = (%s), track_no = (%s), lyrics = (%s), media_link = (%s) WHERE track_id = (%s);",
[
sanitize(song['title']),
sanitize(song['track_number']), song['lyrics'],
sanitize(song['media_link']),
sanitize(song['id'])
])
# Close Connection
conn.commit()
c.close()
conn.close()
return jsonify({'error': False, 'message': 'Save successful!'})
except Exception as e:
print "err: " + str(e)
return jsonify({
'error':
True,
'message':
'Something went wrong... Content may not have saved.'
})
def song():
try:
track_id = request.args.get('song')
# Establish connection
c, conn = connection()
song = {}
result = c.execute("SELECT * FROM tracks WHERE track_id = (%s)", [sanitize(track_id)])
data = c.fetchone()
#flash("hi")
song['id'] = data[0]
song['album_id'] = data[1]
song['track_number'] = data[2]
song['title'] = data[3].decode('utf-8')
song['lyrics'] = nl2br(data[4].decode('utf-8'))
if data[5] != None and 'youtube' in data[5]:
song['media_link'] = data[5].split("=")[1]
else:
song['media_link'] = ''
result = c.execute("SELECT t.track_id, t.track_no, t.title, a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM tracks T JOIN albums a ON t.album_id=a.album_id JOIN artists ar ON a.artist_id=ar.artist_id WHERE t.album_id=(%s) ORDER BY t.track_no", [song['album_id']])
data = c.fetchall()
album = {}
album['id'] = data[0][3]
album['title'] = data[0][4]
album['artwork'] = data[0][7]
album['genre'] = data[0][5]
album['year'] = data[0][6]
album['tracklist'] = {}
album['tracklist']['tracks'] = []
for track in data:
album['tracklist']['tracks'].append({'title': track[2], 'track_no': track[1], 'id': track[0]})
# Close Connection
conn.commit()
c.close()
conn.close()
#gc.collect()
title = song['title']
artist = {}
artist['id'] = data[0][8]
artist['name'] = data[0][9]
return render_template('pages/song.html', title = title, song = song, album = album, artist = artist)
except Exception as e:
flash(e)
return(str(e))
def processRegistration(form):
username = sanitize(form.username.data)
password = sha512_crypt.encrypt(sanitize(form.password.data))
email = sanitize(form.email.data)
fullname = sanitize(form.fullname.data)
contact = (sanitize(form.contact.data)) or None
reviewer = form.reviewer.data
reviewer_choice = sanitize(str(form.reviewer_choice.data))
cursor, dbconn = dbConnection()
status = None
query = "SELECT * FROM users WHERE username = %s"
query_result = cursor.execute(query, [username])
if int(query_result) > 0:
status = "Plz..Choose A Different Username..!!"
else:
try:
query = "INSERT INTO users(username, password, fullname, email_id, contact_no) VALUES(%s, %s, %s, %s, IFNULL(%s, DEFAULT(contact_no)));"
query_result = cursor.execute(
query, (username, password, fullname, email, contact))
if reviewer == True:
query = "INSERT INTO reviewers(user_id, subject) VALUES(LAST_INSERT_ID(), %s)"
query_result = cursor.execute(query, [reviewer_choice])
dbconn.commit()
status = 0
except:
dbconn.rollback()
status = "Oops.!! Something Went Wrong, Plz Try Again..!!"
cursor.close()
dbconn.close()
return status
def add_Artist():
data = request.get_json(force=True)
if userAuth(data['username'], data['password']) == False:
return jsonify({'error': True, 'message': 'You are not logged in!'})
print 1
try:
artist = {}
artist['name'] = data['name']
artist['bio'] = data['bio'].encode('utf-8')
artist['genre'] = data['genre']
artist['country'] = data['country']
artist['year'] = str(data['year'])
print 2
c, conn = connection()
c.execute(
"INSERT INTO artists(name, biography, genre, country, year_formed) VALUES ((%s), (%s), (%s), (%s), (%s))",
[
sanitize(artist['name']), artist['bio'],
sanitize(artist['genre']),
sanitize(artist['country']),
sanitize(artist['year'])
])
c.execute("SELECT LAST_INSERT_ID();")
data = c.fetchone()
# Close Connection
conn.commit()
c.close()
conn.close()
print 3
return jsonify({
'error': False,
'message': 'Updated artist!',
"artist_id": data['LAST_INSERT_ID()']
})
except Exception as e:
return (str(e))
def processReset(form):
username = sanitize(form.username.data)
password = sanitize(form.password.data)
email = None
status = None
token = None
cursor, dbconn = dbConnection()
query = "SELECT * FROM users WHERE username = %s"
query_result = cursor.execute(query, [username])
if int(query_result) <= 0:
status = "No Such User Exists..!!"
else:
email = cursor.fetchone()[4]
url_serial = URLSafeSerializer(
"XHhkMVx4OTgzXFxceDhmZilceDk2Ilx4MTZceDhkXHhhYlx4ZGFceDlkXHhiYUNHXHhlM1x4YTRceDFiK0RceGNhfg=="
)
timed_serial = TimedSerializer(
"XHhkMVx4OTgzXFxceDhmZilceDk2Ilx4MTZceDhkXHhhYlx4ZGFceDlkXHhiYUNHXHhlM1x4YTRceDFiK0RceGNhfg=="
)
token = timed_serial.dumps(url_serial.dumps([username, password]))
cursor.close()
dbconn.close()
return status, email, token
def editArtist(artist_id):
data = request.get_json(force=True)
if userAuth(data['username'], data['password']) == False:
return jsonify({'error': True, 'message': 'You are not logged in!'})
try:
artist = {}
artist['id'] = str(artist_id)
artist['name'] = data['name']
artist['bio'] = data['bio'].encode('utf-8')
artist['genre'] = data['genre']
artist['country'] = data['country']
artist['year'] = str(data['year'])
c, conn = connection()
c.execute(
"UPDATE artists SET name = (%s), biography = (%s), genre = (%s), country = (%s), year_formed = (%s) WHERE artist_id = (%s)",
[
sanitize(artist['name']), artist['bio'],
sanitize(artist['genre']),
sanitize(artist['country']),
sanitize(artist['year']),
sanitize(artist['id'])
])
# Close Connection
conn.commit()
c.close()
conn.close()
return jsonify({'error': False, 'message': 'Updated artist!'})
except Exception as e:
return (str(e))
def login():
#error = "Hey"
title = "Login"
request.form.email = "test"
try:
if request.method == "POST":
attempted_username = request.form['email']
attempted_password = request.form['password']
#flash(attempted_username)
#flash(attempted_password)
#TODO check username and password with db; set session vars
c, conn = connection()
res = c.execute("SELECT * FROM users WHERE username = (%s)", [sanitize(attempted_username)])
data = c.fetchone()
conn.commit()
c.close()
conn.close()
#gc.collect()
if int(res) > 0:
db_password = data[2]
if sha256_crypt.verify(attempted_password, db_password):
session['logged_in'] = True
session['user_id'] = data[0]
session['username'] = data[1]
session['user_email'] = data[3]
session['user_type'] = data[4]
session['user_fname'] = data[5]
session['user_lname'] = data[6]
session['user_active'] = data[7]
session['user_image'] = data[8]
#flash(data)
return redirect(url_for('home'))
flash("Username or password was incorrect. Please try again.")
#TODO end --------------------------------------------------
return render_template("pages/login.html", title=title)
except Exception as e:
flash(e)
error = "Failed."
return render_template("pages/login.html", title=title, error = error)
def search():
search = request.args.get('search')
try:
title = "Search"
query = "%" + search + "%"
# Establish connection
c, conn = connection()
result = c.execute(
"SELECT t.track_id, t.title, a.album_id, a.title, a.artwork, ar.artist_id, ar.name FROM tracks t, albums a, artists ar WHERE (t.title LIKE (%s) OR t.lyrics LIKE (%s)) AND t.album_id = a.album_id AND a.artist_id = ar.artist_id ORDER BY t.title;",
[sanitize(query), sanitize(query)])
songResults = c.fetchall()
result = c.execute(
"SELECT a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM albums a, artists ar WHERE (a.title LIKE (%s) OR a.genre LIKE (%s) OR a.year_released LIKE (%s)) AND a.artist_id = ar.artist_id;",
[sanitize(query),
sanitize(query),
sanitize(query)])
albumResults = c.fetchall()
result = c.execute(
"SELECT ar.artist_id, ar.name, ar.genre, ar.country, a.artwork FROM artists ar LEFT JOIN albums a ON a.artist_id = ar.artist_id WHERE (name LIKE (%s) OR ar.genre LIKE (%s) OR country LIKE (%s)) GROUP BY ar.artist_id;",
[sanitize(query),
sanitize(query),
sanitize(query)])
artistResults = c.fetchall()
conn.commit()
c.close()
conn.close()
return jsonify({
"tracks": songResults,
"albums": albumResults,
"artists": artistResults
})
except Exception as e:
return str(e)
def viewArticle(filename):
UPLOAD_FOLDER = "articles"
article = None
status = True
filename = sanitize(filename)
cursor, dbconn = dbConnection()
query = "SELECT articles.article_id, articles.title, articles.subject, articles.status, articles.submit_date, articles.review_date, authors.fullname FROM articles INNER JOIN article_author ON articles.article_id = article_author.article_id INNER JOIN authors ON article_author.author_id = authors.author_id WHERE articles.article_id = %s"
article_details = cursor.execute(query, [filename])
article_details = cursor.fetchone()
try:
filepath = path.join(UPLOAD_FOLDER, str(filename))
article = open(filepath, 'r')
article = article.read()
except:
status = "Oops, Something Went Wrong Please Try Again..!!"
comment = viewComment(filename, cursor)
cursor.close()
dbconn.close()
return article_details, article, status, comment
def uploadArticle(form, file_obj):
author = sanitize(form.author.data)
email = sanitize(form.email.data)
contact = sanitize(form.contact.data) or None
address = sanitize(form.address.data)
title = sanitize(form.title.data)
article_subject = sanitize(str(form.article_subject.data))
cursor, dbconn = dbConnection()
query = "SELECT `AUTO_INCREMENT` FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = 'articles'"
article_id = cursor.execute(query)
article_id = cursor.fetchone()[0]
status = uploadFiles(file_obj, article_id)
if status == True:
try:
query = "INSERT INTO articles(title, subject, review_date) VALUES(%s, %s, DEFAULT(review_date));"
cursor.execute(query, (title, article_subject))
query = "SELECT author_id FROM authors WHERE email_id = %s;"
author_status = cursor.execute(query, [email])
if int(author_status) > 0:
author_id = cursor.fetchone()[0]
query1 = "INSERT INTO article_author VALUES(%s, %s);"
cursor.execute(query1, (article_id, author_id))
else:
query1 = "INSERT INTO authors(fullname, email_id, address, contact_no) VALUES(%s, %s, %s, IFNULL(%s, DEFAULT(contact_no)));"
query2 = "INSERT INTO article_author VALUES(%s, LAST_INSERT_ID());"
cursor.execute(query1, (author, email, address, contact))
cursor.execute(query2, [article_id])
dbconn.commit()
status = "Article Uploaded Successfully"
except:
dbconn.rollback()
status = "Oops, Something Went Wrong Please Try Again..!!"
cursor.close()
dbconn.close()
return status
def search():
try:
title = "Search"
search = request.args.get('search')
query = "%" + request.args.get('search') + "%"
# Establish connection
c, conn = connection()
result = c.execute("SELECT t.track_id, t.title, a.album_id, a.title, a.artwork, ar.artist_id, ar.name FROM tracks t, albums a, artists ar WHERE (t.title LIKE (%s) OR t.lyrics LIKE (%s)) AND t.album_id = a.album_id AND a.artist_id = ar.artist_id ORDER BY t.title;", [sanitize(query), sanitize(query)])
songResults = c.fetchall()
result = c.execute("SELECT a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM albums a, artists ar WHERE (a.title LIKE (%s) OR a.genre LIKE (%s) OR a.year_released LIKE (%s)) AND a.artist_id = ar.artist_id;", [sanitize(query), sanitize(query), sanitize(query)])
albumResults = c.fetchall()
result = c.execute("SELECT ar.artist_id, ar.name, ar.genre, ar.country, a.artwork FROM artists ar LEFT JOIN albums a ON a.artist_id = ar.artist_id WHERE (name LIKE (%s) OR ar.genre LIKE (%s) OR country LIKE (%s)) GROUP BY ar.artist_id;", [sanitize(query), sanitize(query), sanitize(query)])
artistResults = c.fetchall()
conn.commit()
c.close()
conn.close()
#gc.collect()
#flash(data)
songs = []
albums = []
artists = []
for song in songResults:
songs.append({'id': song[0], 'title': song[1], 'album_id': song[2], 'album_title': song[3], 'artwork': song[4], 'artist_id': song[5], 'artist_name': song[6]})
for album in albumResults:
albums.append({'id': album[0], 'title': album[1], 'genre': album[2], 'year': album[3], 'artwork': album[4], 'artist_id': album[5], 'artist_name': album[6]})
for artist in artistResults:
artists.append({'id': artist[0], 'name': artist[1], 'genre': artist[2], 'country': artist[3], 'artwork': artist[4]})
#TODO search albums
#TODO search artists
return render_template("pages/search.html", title = title, search = search, songs = songs, albums = albums, artists = artists)
except Exception as e:
#flash(e)
return str(e)
def addAlbumToArtist(artist_id):
try:
title = "Add Album"
album = {}
if request.method == "POST":
# TODO modify to recieve JSON data.
album['title'] = request.form['title']
#album['artwork'] = request.form['artwork']
album['genre'] = request.form['genre']
album['year'] = request.form['year']
file = request.files['artwork']
title = album['title']
c, conn = connection()
if file and allowed_file(file.filename):
image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1])
file.save(os.path.join(app.config['UPLOAD_FOLDER'], image))
c.execute("INSERT INTO albums ( artist_id, title, genre, year_released, artwork) VALUES(%s, %s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year']), sanitize(image)])
else:
c.execute("INSERT INTO albums ( artist_id, title, genre, year_released) VALUES(%s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year'])])
# Close Connection
conn.commit()
c.close()
conn.close()
#gc.collect()
return redirect('/artist/?artist=' + str(album['artist_id']) + "#album" + str(album['id']))
elif request.method == "GET":
title = "Add Album"
album = {}
artist = {}
# ------------------------------
return render_template('pages/edit-album.html', title = title, album = album, artist = artist)
else:
return render_template('err/404.html', title = title)
except Exception as e:
return(str(e))
def addAlbum():
try:
title = "Add Album"
album = {}
if request.method == "POST":
album['id'] = request.args.get('artist')
album['artist_id'] = request.args.get('artist')
album['title'] = request.form['title']
#album['artwork'] = request.form['artwork']
album['genre'] = request.form['genre']
album['year'] = request.form['year']
file = request.files['artwork']
title = album['title']
c, conn = connection()
if file and allowed_file(file.filename):
image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1])
file.save(os.path.join(app.config['UPLOAD_FOLDER'], image))
c.execute("INSERT INTO albums ( artist_id, title, genre, year_released, artwork) VALUES(%s, %s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year']), sanitize(image)])
else:
c.execute("INSERT INTO albums ( artist_id, title, genre, year_released) VALUES(%s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year'])])
# Close Connection
conn.commit()
c.close()
conn.close()
#gc.collect()
flash("Updated!")
return redirect('/artist/?artist=' + str(album['artist_id']) + "#album" + str(album['id']))
elif request.method == "GET":
title = "Add Album"
album = {}
artist = {}
# ------------------------------
return render_template('pages/edit-album.html', title = title, album = album, artist = artist)
else:
return render_template('err/404.html', title = title)
except Exception as e:
flash(e)
return(str(e))
def add_Artist():
data = request.get_json(force=True)
if userAuth(data['username'], data['password']) == False:
return jsonify({'error': True, 'message': 'You are not logged in!'} )
print 1
try:
artist = {}
artist['name'] = data['name']
artist['bio'] = data['bio'].encode('utf-8')
artist['genre'] = data['genre']
artist['country'] = data['country']
artist['year'] = str(data['year'])
print 2
c, conn = connection()
c.execute("INSERT INTO artists(name, biography, genre, country, year_formed) VALUES ((%s), (%s), (%s), (%s), (%s))", [sanitize(artist['name']), artist['bio'], sanitize(artist['genre']), sanitize(artist['country']),sanitize(artist['year'])])
c.execute("SELECT LAST_INSERT_ID();")
data = c.fetchone()
# Close Connection
conn.commit()
c.close()
conn.close()
print 3
return jsonify({'error': False, 'message': 'Updated artist!', "artist_id": data['LAST_INSERT_ID()']})
except Exception as e:
return(str(e))
def editAlbum():
try:
title = "Edit Album"
if request.method == "POST":
album = {}
album['id'] = request.args.get('album')
album['artist'] = request.args.get('artist')
album['title'] = request.form['title']
#album['artwork'] = request.form['artwork']
album['genre'] = request.form['genre']
album['year'] = request.form['year']
title = album['title']
c, conn = connection()
file = request.files['artwork']
if file and allowed_file(file.filename):
image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1])
file.save(os.path.join(app.config['UPLOAD_FOLDER'], image))
c.execute("UPDATE albums SET artwork = (%s) WHERE album_id = (%s)", [sanitize(image), sanitize(album['id'])])
c.execute("UPDATE albums SET title = (%s), genre = (%s), year_released = (%s) WHERE album_id = (%s)", [sanitize(album['title']), sanitize(album['genre']), sanitize(album['year']), sanitize(album['id'])])
# Close Connection
conn.commit()
c.close()
conn.close()
#gc.collect()
flash("Updated!")
return redirect('/artist/?artist=' + str(album['artist']) + "#album" + str(album['id']))
elif request.method == "GET":
album_id = request.args.get('album')
# Establish connection
c, conn = connection()
result = c.execute("SELECT a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM albums a JOIN artists ar ON a.artist_id=ar.artist_id WHERE a.album_id=(%s)", [sanitize(album_id)])
data = c.fetchone()
# Close Connection
conn.commit()
c.close()
conn.close()
#gc.collect()
album = {}
album['id'] = data[0]
album['title'] = data[1]
album['artwork'] = data[4]
album['genre'] = data[2]
album['year'] = data[3]
artist = {}
artist['id'] = data[5]
artist['name'] = data[6]
title = album['title']
# ------------------------------
return render_template('pages/edit-album.html', title = title, album=album, artist = artist)
else:
return render_template('err/404.html', title = title)
except Exception as e:
flash(e)
return(str(e))
def editAlbum(artist_id, album_id):
data = request.get_json(force=True)
if userAuth(data['username'], data['password']) == False:
return jsonify({'error': True, 'message': 'You are not logged in!'} )
print 1
try:
album = {}
print 2
album['id'] = str(album_id)
album['artist'] = str(artist_id)
album['title'] = data['title']
#album['artwork'] = request.form['artwork']
album['genre'] = data['genre']
album['year'] = str(data['year'])
print 3
c, conn = connection()
'''
file = request.files['artwork']
if file and allowed_file(file.filename):
image = secure_filename("album_img" + str(album['id']) + "." + file.filename.rsplit('.', 1)[1])
file.save(os.path.join(app.config['UPLOAD_FOLDER'], image))
c.execute("UPDATE albums SET artwork = (%s) WHERE album_id = (%s)", [sanitize(image), sanitize(album['id'])])
'''
print 4
c.execute("UPDATE albums SET title = (%s), genre = (%s), year_released = (%s) WHERE album_id = (%s)", [sanitize(album['title']), sanitize(album['genre']), sanitize(album['year']), sanitize(album['id'])])
# Close Connection
conn.commit()
c.close()
conn.close()
print 5
return jsonify({"error": False, "message": "Album Updated!"})
except Exception as e:
return(str(e))
def addSong(artist_id, album_id):
data = request.get_json(force=True)
if userAuth(data['username'], data['password']) == False:
print "sup"
return jsonify({'error': True, 'message': 'You are not logged in!'} )
try:
song = {}
song['album_id'] = str(album_id)
#song['album_id'] = data[1]
song['track_number'] = str(data['track_number'])
song['title'] = data['title'].encode('utf-8')
song['lyrics'] = data['lyrics'].encode('utf-8')
song['media_link'] = data['media_link'].encode('utf-8')
c, conn = connection()
c.execute("INSERT INTO tracks (album_id, track_no, title, lyrics, media_link) VALUES (%s, %s, %s, %s, %s);", [sanitize(song['album_id']), sanitize(song['track_number']), sanitize(song['title']), song['lyrics'], sanitize(song['media_link'])])
c.execute("SELECT LAST_INSERT_ID();")
data = c.fetchone()
# Close Connection
conn.commit()
c.close()
conn.close()
print data
return jsonify({"error": False, "message": "Song added!", "track_id": data['LAST_INSERT_ID()']})
except Exception as e:
print "err: " + str(e)
return jsonify({'error': True, 'message': 'Something went wrong... Content may not have saved.'} )
def editSong(artist_id, album_id, track_id):
data = request.get_json(force=True)
if userAuth(data['username'], data['password']) == False:
print "sup"
return jsonify({'error': True, 'message': 'You are not logged in!'} )
try:
song = {}
song['id'] = str(track_id)
#song['album_id'] = data[1]
song['track_number'] = str(data['track_number'])
song['title'] = data['title'].encode('utf-8')
song['lyrics'] = data['lyrics'].encode('utf-8')
song['media_link'] = data['media_link'].encode('utf-8')
c, conn = connection()
c.execute("UPDATE tracks SET title = (%s), track_no = (%s), lyrics = (%s), media_link = (%s) WHERE track_id = (%s);", [sanitize(song['title']), sanitize(song['track_number']), song['lyrics'], sanitize(song['media_link']),sanitize(song['id'])])
# Close Connection
conn.commit()
c.close()
conn.close()
return jsonify({'error': False, 'message': 'Save successful!'} )
except Exception as e:
print "err: " + str(e)
return jsonify({'error': True, 'message': 'Something went wrong... Content may not have saved.'} )
def settings():
title = "Settings"
try:
if request.method == "POST":
email = request.form['email']
username = request.form['username']
password = request.form['password']
password2 = request.form['repeatpassword']
# Establish connection
c, conn = connection()
file = request.files['image']
if file and allowed_file(file.filename):
image = secure_filename("user_img" + str(session['user_id']) + "." + file.filename.rsplit('.', 1)[1])
file.save(os.path.join(app.config['UPLOAD_FOLDER'], image))
c.execute("UPDATE users SET image_url = (%s) WHERE user_id = (%s)", [sanitize(image), session['user_id']])
session['user_image'] = image
# ------------------------------
# New Username
# ------------------------------
if username != session['username']:
db_username = c.execute("SELECT username FROM users WHERE username = (%s) AND user_id != (%s)", [sanitize(username), session['user_id']])
if int(db_username) > 0:
flash("Username taken.")
#return render_template('pages/settings.html', title = title)
else:
c.execute("UPDATE users SET username = (%s) WHERE user_id = (%s)", [sanitize(username), session['user_id']])
#conn.commit()
session['username'] = username
flash("Username successfully changed!")
# ------------------------------
# New Email Address
# ------------------------------
if email != session['user_email']:
# Check if email is already used.
db_email = c.execute("SELECT email FROM users WHERE email = (%s) AND user_id != (%s)", [sanitize(email), session['user_id']])
if int(db_email) > 0:
flash("An account already exists with that email.")
#return render_template('pages/settings.html', title = title)
else:
c.execute("UPDATE users SET email = (%s) WHERE user_id = (%s)", [sanitize(email), session['user_id']])
session['user_email'] = email
flash("Email successfully changed!")
# ------------------------------
# New Password
# ------------------------------
if len(password) > 0:
# confirm password
if password != password2:
flash("Passwords do not match.")
#return render_template('pages/signup.html', title = title)
elif len(password) < 8:
flash("Password not long enough.")
#return render_template('pages/signup.html', title = title)
else:
password = sha256_crypt.encrypt(str(password))
c.execute("UPDATE users SET password = (%s) WHERE user_id = (%s)", [sanitize(password), session['user_id']])
flash("Password successfully changed!")
# ------------------------------
# Close Connection
conn.commit()
c.close()
conn.close()
#gc.collect()
return render_template('pages/settings.html', title = title)
except Exception as e:
flash(e)
return(str(e))
def addAlbum(artist_id):
data = request.get_json(force=True)
if userAuth(data['username'], data['password']) == False:
return jsonify({'error': True, 'message': 'You are not logged in!'} )
print 1
try:
album = {}
print 2
album['artist_id'] = str(artist_id)
album['title'] = data['title']
album['genre'] = data['genre']
album['year'] = str(data['year'])
print 3
c, conn = connection()
c.execute("INSERT INTO albums ( artist_id, title, genre, year_released) VALUES(%s, %s, %s, %s)", [sanitize(album['artist_id']), sanitize(album['title']), sanitize(album['genre']), sanitize(album['year'])])
# Close Connection
conn.commit()
c.close()
conn.close()
print 4
return jsonify({'error': False, "message": "Album added!"})
except Exception as e:
return(str(e))
def addSong():
try:
title = "Edit Song"
song = {}
if request.method == "POST":
song['album_id'] = request.args.get('album')
#song['album_id'] = data[1]
song['track_number'] = request.form['track_number']
song['title'] = request.form['title'].encode('utf-8')
song['lyrics'] = request.form['lyrics'].encode('utf-8')
song['media_link'] = request.form['media_link']
title = song['title']
#flash("two!")
c, conn = connection()
c.execute("INSERT INTO tracks (album_id, track_no, title, lyrics, media_link) VALUES (%s, %s, %s, %s, %s);", [sanitize(song['album_id']), sanitize(song['track_number']), sanitize(song['title']), song['lyrics'], sanitize(song['media_link'])])
c.execute("SELECT LAST_INSERT_ID();")
data = c.fetchone()
# Close Connection
conn.commit()
c.close()
conn.close()
#gc.collect()
flash("Saved!")
#flash(data)
return redirect('/song/?song=' + str(data[0]))
return render_template('pages/edit-song.html', title = title, song = song)
except Exception as e:
flash(e)
return(str(e))
def search():
search = request.args.get('search')
try:
title = "Search"
query = "%" + search + "%"
# Establish connection
c, conn = connection()
result = c.execute("SELECT t.track_id, t.title, a.album_id, a.title, a.artwork, ar.artist_id, ar.name FROM tracks t, albums a, artists ar WHERE (t.title LIKE (%s) OR t.lyrics LIKE (%s)) AND t.album_id = a.album_id AND a.artist_id = ar.artist_id ORDER BY t.title;", [sanitize(query), sanitize(query)])
songResults = c.fetchall()
result = c.execute("SELECT a.album_id, a.title, a.genre, a.year_released, a.artwork, ar.artist_id, ar.name FROM albums a, artists ar WHERE (a.title LIKE (%s) OR a.genre LIKE (%s) OR a.year_released LIKE (%s)) AND a.artist_id = ar.artist_id;", [sanitize(query), sanitize(query), sanitize(query)])
albumResults = c.fetchall()
result = c.execute("SELECT ar.artist_id, ar.name, ar.genre, ar.country, a.artwork FROM artists ar LEFT JOIN albums a ON a.artist_id = ar.artist_id WHERE (name LIKE (%s) OR ar.genre LIKE (%s) OR country LIKE (%s)) GROUP BY ar.artist_id;", [sanitize(query), sanitize(query), sanitize(query)])
artistResults = c.fetchall()
conn.commit()
c.close()
conn.close()
return jsonify({ "tracks": songResults, "albums": albumResults, "artists": artistResults })
except Exception as e:
return str(e)
def editArtist(artist_id):
data = request.get_json(force=True)
if userAuth(data['username'], data['password']) == False:
return jsonify({'error': True, 'message': 'You are not logged in!'} )
try:
artist = {}
artist['id'] = str(artist_id)
artist['name'] = data['name']
artist['bio'] = data['bio'].encode('utf-8')
artist['genre'] = data['genre']
artist['country'] = data['country']
artist['year'] = str(data['year'])
c, conn = connection()
c.execute("UPDATE artists SET name = (%s), biography = (%s), genre = (%s), country = (%s), year_formed = (%s) WHERE artist_id = (%s)", [sanitize(artist['name']), artist['bio'], sanitize(artist['genre']), sanitize(artist['country']),sanitize(artist['year']), sanitize(artist['id'])])
# Close Connection
conn.commit()
c.close()
conn.close()
return jsonify({'error': False, 'message': 'Updated artist!'})
except Exception as e:
return(str(e))
def addArtist():
try:
if request.method == "POST":
#flash("POST")
artist = {}
artist['id'] = request.args.get('artist')
artist['name'] = request.form['name']
artist['bio'] = request.form['bio'].encode('utf-8')
artist['genre'] = request.form['genre']
artist['country'] = request.form['country']
artist['year'] = request.form['year']
title = artist['name']
c, conn = connection()
c.execute("UPDATE artists SET name = (%s), biography = (%s), genre = (%s), country = (%s), year_formed = (%s) WHERE artist_id = (%s)", [sanitize(artist['name']), artist['bio'], sanitize(artist['genre']), sanitize(artist['country']),sanitize(artist['year']), sanitize(artist['id'])])
# Close Connection
conn.commit()
c.close()
conn.close()
#gc.collect()
flash("Updated!")
return redirect('/artist/?artist=' + str(artist['id']))
elif request.method == "GET":
artist_id = request.args.get('artist')
# Establish connection
c, conn = connection()
result = c.execute("SELECT * FROM artists WHERE artist_id = (%s)", [sanitize(artist_id)])
data = c.fetchone()
artist = {}
artist['id'] = data[0]
artist['name'] = data[2]
artist['bio'] = data[1].decode('utf-8')
artist['genre'] = data[3]
artist['country'] = data[4]
artist['year'] = data[5]
title = artist['name']
result = c.execute("SELECT member_id, name, role FROM members WHERE artist_id = (%s)", [sanitize(artist_id)])
data = c.fetchall()
members = []
for member in data:
members.append({'id': member[0], 'name': member[1], 'role': member[2]})
# ------------------------------
# Close Connection
conn.commit()
c.close()
conn.close()
#gc.collect()
#title = "Edit Artist"
return render_template('pages/edit-artist.html', title = title, artist = artist, members = members)
else:
return render_template('err/404.html', title = title)
except Exception as e:
flash(e)
return(str(e))
