def SignInSubmit(): cnx = sql.get_db() cursor = cnx.cursor() user_name = request.form["username"] query = "SELECT * FROM userInfo WHERE userName = %s" cursor.execute(query, (user_name, )) row = cursor.fetchone() sql.close_db() if row == None: session["resubmit"] = True session["error"] = "username don't exsist!" return redirect(url_for("SignIn")) currentUser = {"username": row[0], "pwd": row[2], "salt": row[3]} if "username" in request.form and request.form["username"] == currentUser["username"] \ and "password" in request.form and Pwd2Hash(request.form["password"],currentUser["salt"])[0] == currentUser["pwd"]: session['authenticated'] = True session["username"] = request.form["username"] session["error"] = None return redirect(url_for("HomePage")) if 'username' in request.form: session["username"] = request.form["username"] session["resubmit"] = True session["error"] = "username or password incorrect!" return redirect(url_for("SignIn"))
def Del(): cnx = sql.get_db() cursor = cnx.cursor() # delete mysql query_1 = "select concat('kill ' ,id ,';') from information_schema.PROCESSLIST where User = '******';" cursor.execute(query_1) querys = cursor.fetchall() if querys: for query in querys: cursor.execute(query[0]) query_2 = 'truncate `user2Images`' query_3 = 'truncate `userInfo`' cursor.execute(query_2) cnx.commit() cursor.execute(query_3) cnx.commit() # delete S3 query_4 = "SELECT userName FROM userInfo" cursor.execute(query_4) row = cursor.fetchall() sql.close_db() name_list = [] for i in range(len(row)): name_list.append(row[i][0]) if name_list: delete() session['error'] = 'all data in database has been deleted!' return redirect(url_for('manager'))
def testUploadSubmit(): if "userID" not in request.form or "password" not in request.form or \ "uploadedfile" not in request.files: session["error"] = "upload form not compelete!" return redirect(url_for("testUpload")) myFile = request.files["uploadedfile"] cnx = sql.get_db() cursor = cnx.cursor() query = "SELECT * FROM user2Images WHERE userName = %s AND original = %s" cursor.execute(query,(request.form["userID"],os.path.join(os.path.join(webapp.config["UPLOAD_FOLDER"],request.form["userID"]),myFile.filename))) row = cursor.fetchone() if row != None: session["error"] = "Image with same name has already been uploaded!" return redirect(url_for("testUpload")) if myFile and ImageProcess.allowed_file(myFile.filename): userPath = os.path.join(webapp.config['UPLOAD_FOLDER'],request.form["userID"]) if not os.path.exists(userPath): os.makedirs(userPath) filename = secure_filename(myFile.filename) path_original = os.path.join(userPath,filename) myFile.save(path_original) path_thumbnail,path_a,path_b,path_c = ImageProcess.ImageTransSave(userPath, filename) ImageProcess.DBImageSave(request.form["userID"],path_thumbnail,path_original,path_a,path_b,path_c) session["error"] = "the file has been uploaded!" return redirect(url_for("testUpload")) else: session["error"] = "can not recognize the file, please reupload" return redirect(url_for("testUpload"))
def HomePage(): images = [] # check if user info are valid and sub if "error" in session: error = session["error"] else: error = None session["error"] = None if session["authenticated"]: cnx = sql.get_db() cursor = cnx.cursor() query = "SELECT * FROM user2Images WHERE userName = %s" cursor.execute(query, (session["username"], )) row = cursor.fetchall() sql.close_db() if row == None: return render_template("homepage.html", title=session["username"], images=images, error=error) lens = len(row) print(row) for i in range(lens): # file_name = row[i][1].split("/")[-1] images.append(row[i][1]) print(images) return render_template("homepage.html", title=session["username"], images=images, error=error) else: session["error"] = "unauthenticated log In" return redirect(url_for("SignIn"))
def DBImageSave(userName, thumbnail, original, trans_a, trans_b, trans_c): cnx = sql.get_db() cursor = cnx.cursor() query = ''' INSERT INTO user2Images (userName, Thumbnail, original, trans_a, trans_b, trans_c) VALUES (%s,%s,%s,%s,%s,%s) ''' cursor.execute(query, (userName, thumbnail, original, trans_a, trans_b, trans_c)) cnx.commit()
def imgDetail(imgId): if session["authenticated"]: path ="/".join(webapp.config["UPLOAD_FOLDER"].split("/")[:-1]) images = [] cnx = sql.get_db() cursor = cnx.cursor() query = "SELECT * FROM user2Images WHERE userName = %s AND Thumbnail = %s" cursor.execute(query,(session["username"],os.path.join(path,imgId))) row = cursor.fetchone() if row == None: flash("Can't find images, please reupload!") return redirect(url_for("HomePage")) for i in [2,3,4,5]: images.append(os.path.join(os.path.join("upload_images",session["username"]),row[i].split("/")[-1])) return render_template("imgdetail.html",title = session["username"],images = images) else: session["error"] = "unauthenticated log In" return redirect(url_for("SignIn"))
def imgDetail(imgId): if session["authenticated"]: images = [] cnx = sql.get_db() cursor = cnx.cursor() query = "SELECT * FROM user2Images WHERE userName = %s AND Thumbnail = %s" cursor.execute(query,(session["username"],imgId)) row = cursor.fetchone() sql.close_db() if row == None: flash("Can't find images, please reupload!") return redirect(url_for("HomePage")) for i in [2,3,4,5]: images.append(row[i]) return render_template("imgdetail.html",title = session["username"],images = images) else: session["error"] = "unauthenticated log In" return redirect(url_for("SignIn"))
def UpLoad(): if 'my_file' not in request.files: session["error"] = "didn't receive any file please try again!" return redirect(url_for('HomePage')) myFile = request.files["my_file"] cnx = sql.get_db() cursor = cnx.cursor() query = "SELECT * FROM user2Images WHERE userName = %s AND original = %s" myFile_link = config.S3_ADDRESS + session[ 'username'] + '/' + myFile.filename cursor.execute(query, (session["username"], myFile_link)) row = cursor.fetchone() sql.close_db() if row != None: session["error"] = "Image with same name has already been uploaded!" return redirect(url_for("HomePage")) if myFile.filename == '': session["error"] = "No file selected" return redirect(url_for('HomePage')) if myFile and ImageProcess.allowed_file(myFile.filename): userPath = os.path.join(webapp.config['UPLOAD_FOLDER'], session["username"]) if not os.path.exists(userPath): os.makedirs(userPath) filename = secure_filename(myFile.filename) path_original = os.path.join(userPath, filename) myFile.save(path_original) path_origin, path_thumbnail, path_a, path_b, path_c = ImageProcess.ImageTransSave( session['username'], userPath, filename) ImageProcess.DBImageSave(session["username"], path_thumbnail, path_origin, path_a, path_b, path_c) session["error"] = None return redirect(url_for('HomePage')) else: session["error"] = "can not recognize the file, please reupload" return redirect(url_for("HomePage"))
def SignUpSubmit(): error = "" # check if name is valid if "username" in request.form: if request.form["username"] == "": error += "Please enter a username.\n" elif len(request.form["username"]) > 20: error += "The username is too long. Please retry.\n" for char in request.form["username"]: if char not in "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_": error += "Username should only contain letters, numbers and '_'.\n" break # check if name already exsist cnx = sql.get_db() cursor = cnx.cursor() query = ''' SELECT * FROM userInfo WHERE userName = %s ''' cursor.execute(query, (request.form["username"], )) row = cursor.fetchone() sql.close_db() if row == None: session["username"] = request.form["username"] else: session[ "error"] = "Username has been taken. Please choose another name!\n" return redirect(url_for("SignUp")) # check if email is entered or taken if "email" in request.form: if request.form["email"] == "": error += "Please enter the email address.\n" cnx = sql.get_db() cursor = cnx.cursor() query = ''' SELECT * FROM userInfo WHERE userEmail = %s ''' cursor.execute(query, (request.form["email"], )) row = cursor.fetchone() sql.close_db() if row == None: session["email"] = request.form["email"] else: session[ "error"] = "Email address has been taken. Please choose another!\n" return redirect(url_for("SignUp")) session["email"] = request.form["email"] # check if password are match if "password" in request.form and "com_password" in request.form: if request.form["password"] == "" or request.form["com_password"] == "": error += "Please enter the password or password comfirm.\n" elif request.form["password"] != request.form["com_password"]: error += "password doesn't match the comfirm password.\n" if error != "": session["error"] = error return redirect(url_for("SignUp")) else: session['authenticated'] = True # save userinfo pwd, salt = Pwd2Hash(request.form["password"], salt=None) cnx = sql.get_db() cursor = cnx.cursor() query = ''' INSERT INTO userInfo (userName, userEmail, userPwd, userSalt) VALUES (%s,%s,%s,%s) ''' cursor.execute( query, (request.form["username"], request.form["email"], pwd, salt)) cnx.commit() sql.close_db() create_file(session["username"] + '/') session["error"] = None return redirect(url_for("HomePage"))