def friends(username):
if username != current_user.username:
return redirect(current_user.username)
form = FriendsForm()
user = User.query.filter_by(username = username).first()
if username == current_user.username and form.is_submitted():
friends = db.session.query(Friend).filter(user.id == Friend.u_id).filter(user.id != Friend.f_id).all()
friend = User.query.filter_by(username = form.username.data).first()
allrd = False
for f in friends:
if friend is not None:
if f.f_id == friend.id:
allrd = True
if friend is None:
flash('User does not exist')
elif friend.id == user.id:
flash('You cant add yourself')
elif allrd == True:
flash("User is already added")
else:
friend = Friend(u_id = user.id, f_id = friend.id)
db.session.add(friend)
db.session.commit()
friends = db.session.query(User, Friend).join(Friend, User.id == Friend.u_id).filter(user.id == Friend.u_id).filter(user.id != Friend.f_id).all()
all_friends = []
for friend in friends:
all_friends.append(User.query.filter(User.id == friend[1].f_id).first())
return render_template('friends.html', title='Friends', username=username,form=form, friends=all_friends)
def friends(username):
if (current_user.username != username):
return redirect(url_for('friends', username=current_user.username))
else:
form = FriendsForm()
user = query_db('SELECT * FROM Users WHERE username=?',
username,
one=True)
if form.is_submitted():
userSearch = sanitizeStr(form.username.data)
friend = query_db('SELECT * FROM Users WHERE username=?',
userSearch,
one=True)
if friend is None:
flash('User does not exist')
else:
query_db('INSERT INTO Friends (u_id, f_id) VALUES(?, ?)',
user['id'], friend['id'])
all_friends = query_db(
'SELECT * FROM Friends AS f JOIN Users as u ON f.f_id=u.id WHERE f.u_id=? AND f.f_id!=?',
user['id'], user['id'])
return render_template('friends.html',
title='Friends',
username=username,
friends=all_friends,
form=form)
def friends(username):
user = query_db(
'SELECT * FROM Users WHERE username="******";'.format(username), one=True)
if user == None:
flash('You are not logged in')
return redirect(url_for('index'))
elif user['password'] == session.get('password'):
form = FriendsForm()
user = query_db(
'SELECT * FROM Users WHERE username="******";'.format(username),
one=True)
if form.is_submitted():
friend = query_db(
'SELECT * FROM Users WHERE username="******";'.format(
form.username.data),
one=True)
if friend is None:
flash('User does not exist')
else:
query_db(
'INSERT INTO Friends (u_id, f_id) VALUES({}, {});'.format(
user['id'], friend['id']))
all_friends = query_db(
'SELECT * FROM Friends AS f JOIN Users as u ON f.f_id=u.id WHERE f.u_id={} AND f.f_id!={} ;'
.format(user['id'], user['id']))
return render_template('friends.html',
title='Friends',
username=username,
friends=all_friends,
form=form)
else:
return redirect(url_for('stream', username=session.get('username')))
def friends(username):
if username != session["user"]:
session["err"] = "trying to get into anothers friendlist"
return redirect(url_for('error'))
form = FriendsForm()
query = ('SELECT * FROM Users WHERE username=?;', (username, ))
user = query_db(query, one=True)
if form.is_submitted():
query = ('SELECT * FROM Users WHERE username=?;',
(form.username.data, ))
friend = query_db(query, one=True)
if friend is None:
flash('User does not exist')
else:
query = ('INSERT INTO Friends (u_id, f_id) VALUES(?, ?);',
(user['id'], friend['id']))
query_db(query)
query = (
'SELECT * FROM Friends AS f JOIN Users as u ON f.f_id=u.id WHERE f.u_id=? AND f.f_id!=? ;',
(user['id'], user['id']))
all_friends = query_db(query)
return render_template('friends.html',
title='Friends',
username=username,
friends=all_friends,
sessionuser=session["user"],
form=form)
def friends(username):
form = FriendsForm()
user = query_db(
'SELECT * FROM Users WHERE username="******";'.format(username), one=True)
if form.is_submitted():
friend = query_db('SELECT * FROM Users WHERE username="******";'.format(
form.username.data),
one=True)
if friend is None:
flash('User does not exist')
else:
query_db('INSERT INTO Friends (u_id, f_id) VALUES({}, {});'.format(
user['id'], friend['id']))
all_friends = query_db(
'SELECT * FROM Friends AS f JOIN Users as u ON f.f_id=u.id WHERE f.u_id={} AND f.f_id!={} ;'
.format(user['id'], user['id']))
return render_template('friends.html',
title='Friends',
username=username,
friends=all_friends,
form=form)
def friends():
form = FriendsForm()
preparedQuery = 'SELECT * FROM Users WHERE id=?;'
user = safe_query(preparedQuery, (current_user.id,), one=True)
if form.validate_on_submit():
preparedQuery = 'SELECT * FROM Users WHERE username=?;'
friend = safe_query(preparedQuery, (form.username.data.lower(),), one=True)
if friend is None:
flash('User does not exist')
else:
try:
preparedQuery = 'INSERT INTO Friends (u_id, f_id) VALUES(?, ?);'
data = (user['id'], friend['id'])
safe_query(preparedQuery, data)
except sqlite3.IntegrityError:
flash('Already friends')
preparedQuery = 'SELECT * FROM Friends AS f ' \
'JOIN Users as u ON f.f_id=u.id ' \
'WHERE f.u_id=? AND f.f_id !=? ;'
data = (current_user.id, current_user.id)
all_friends = safe_query(preparedQuery, data)
return render_template('friends.html', title='Friends', friends=all_friends, form=form)