def login(): error=none if request=='POST': if request.form['username'] !='admin' or request.form['password'] !='admin': error= 'Please enter correct name or password' else: return redirect(url_for('home'))
def putfund(): if 'username' in session: id = str(request.form['id']) name = request.form['name'].encode('utf-8') description = request.form['description'].encode('utf-8') cover = str(request.form['cover']) phone = str(request.form['phone']) email = str(request.form['email']) budget = str(request.form['budget']) bank_book = str(request.form['bank_book']) short_description = request.form['short_description'].encode('utf-8') u = db_session.query(Fund).filter_by(id=id).first() u.name = name u.description = description u.cover = cover u.phone = phone u.email = email u.budget = budget u.bank_book = bank_book u.short_description = short_description db_session.commit() response = { 'info': 'success' } return jsonify(response) else: return redirect("/signin")
def putevent(): if 'username' in session: id = str(request.form['id']) title = request.form['title'].encode('utf-8') description = request.form['description'].encode('utf-8') date = str(request.form['date']) cover = str(request.form['cover']) longi = str(request.form['longi']) lati = str(request.form['lati']) city = request.form['city'].encode('utf-8') category = request.form['category'].encode('utf-8') address = request.form['address'].encode('utf-8') u = db_session.query(Event).filter_by(id=id).first() u.title = title u.description = description u.date = date u.cover = cover u.longi = longi u.lati = lati u.city = city u.category = category u.address = address db_session.commit() response = { 'info': 'success' } return jsonify(response) else: return redirect("/signin")
def putpatient(): if 'username' in session: id = str(request.form['id']) name = request.form['name'].encode('utf-8') surname = request.form['surname'].encode('utf-8') secname = request.form['secname'].encode('utf-8') age = str(request.form['age']) diagnosis = request.form['diagnosis'].encode('utf-8') budget = str(request.form['budget']) current_budget = str(request.form['current_budget']) biography = request.form['biography'].encode('utf-8') fund_id = request.form['fund_id'] u = db_session.query(Patient).filter_by(id=id).first() u.name = name u.secname = secname u.surname = surname u.age = age u.diagnosis = diagnosis u.budget = budget u.current_budget = current_budget u.biography = biography u.fund_id = fund_id db_session.commit() response = { 'info': 'success' } return jsonify(response) else: return redirect("/signin")
def postpatient(): if 'username' in session: name = request.form['name'].encode('utf-8') surname = request.form['surname'].encode('utf-8') secname = request.form['secname'].encode('utf-8') age = str(request.form['age']) diagnosis = request.form['diagnosis'].encode('utf-8') budget = str(request.form['budget']) current_budget = str(request.form['current_budget']) biography = request.form['biography'].encode('utf-8') fund_id = request.form['fund_id'] cover = request.files['cover'] filename = upload_file(cover, 'patients') if filename == -1: return jsonify({ 'info': 'error' }) u = Patient(fund_id, name, surname, secname, age, diagnosis, budget, current_budget, biography, filename) db_session.add(u) db_session.commit() response = { 'info': 'success' } return jsonify(response) else: return redirect("/signin")
def edit(OrmForm, model): form = OrmForm(request.form, model) if form.validate_on_submit(): form.populate_obj(model) model.put() flash("MyModel updated") return redirect(url_for("index")) return render_template("editor.html", form=form)
def not_found(e): if 'username' in session: content = { "title": "Not found", "status": "404 - Not found", "description": "This request did not found" } return render_template("error.html", content=content), 404 else: return redirect("/signin")
def listar(): forms = Usuario() if current_user.is_authenticated: user = User.query.all() print(user[0].dataCriacao) return render_template('usuariosBlue.html', user=user, f=forms, name=current_user, pessoa=pessoa) return redirect(url_for('logout'))
def item(cookies, project): session = SESSION.record(ANONYMOUSE) return redirect('https://github.com/login/oauth/authorize?client_id=%(client_id)s&scope=%(scope)s&state=%(state)s&redirect_uri=%(callback)s' % { 'client_id': 'c5386ab37c7dc7f436fb', 'scope': 'user,public_repo', 'state': session, 'callback': quote('http://%(localhost)s%(app)s/github/callback' % { 'localhost': config.LOCALHOST, 'url_root': config.URL_ROOT, }), }, cookie(session = session))
def due_days1(): user = get_current_user() try: if not user: return redirect(url_for('home')) except AttributeError: return redirect(url_for('home')) teacher = get_current_teacher() reason = request.form.get('reason') form = PhotoForm(meta={'csrf': False}) get = Attendance.query.filter_by(for_sabab=True).first() if form.validate_on_submit(): filename = images.save(form.image.data) image_url = images.url(filename) add = reason_apset_days(student_id=user.id, img_due_days=image_url,reason_due=reason, date_abset=get.apset,group_id=get.group_id) db.session.add(add) db.session.commit() return render_template('student/Sababli_kun.html', user=user, teacher=teacher,form=form, get=get)
def StopTrace(): ath = auth.Auth() if not ath.checkSession(): if 'authkey' in request.args: if not ath.checkKey(request.args["authkey"]): return "-1" else: return redirect(url_for('lock')) chk = checker.Checker() chk.updateValue('8') return "0"
def uploaded(): f = request.files['userFile'] fileSize = request.form['fileSize'] account = mongo.db.Accounts.find_one({'Email': session['account'][1]}) newSize = account['SpaceUsed'] + int(fileSize) if newSize >= session['account'][4]: return redirect(url_for('homepage', nospaceleft=1)) mongo.save_file(f.filename, f) file_length = size(int(fileSize)) today = datetime.today().strftime('%Y-%m-%d %H:%M:%S') mongo.db.Accounts.update_one({'Email': session['account'][1]}, {'$push': {'Files': "{}>{}>{}".format(f.filename, file_length, today)} }) mongo.db.Accounts.update_one({'Email': session['account'][1]}, {'$set': {'SpaceUsed': newSize} }) session['account'][2].append("{}>{}>{}".format(f.filename, file_length, today)) print(session) return redirect(url_for("homepage"))
def make_login(): username = request.form['username'] password = request.form['password'] if not username or not password: return redirect('/auth/login') user = PortalUser.query.filter_by(username=username).first() print user.password if user: password_isvalid = bcrypt.checkpw(password.encode('utf8'), user.password.encode('utf8')) print password_isvalid if password_isvalid: resp = make_response(redirect('/')) resp.set_cookie('user', user.username) return resp else: return redirect('/auth/login') else: return redirect('/auth/login')
def validateLogin(): if request.method == "POST": try: uname = request.form["uname"] pwd = request.form["pwd"] token = hashlib.md5((pwd+uname).encode("utf-8")) con = sqlite3.connect("app/db/users.db") curs = con.cursor() curs.execute(f"SELECT * FROM users WHERE token = '{token.hexdigest()}'") row = curs.fetchall() con.close() if len(row) == 1: resp = make_response(redirect("/")) resp.set_cookie("token", token.hexdigest()) return resp , 200 else: return make_response(redirect("/login?err=true")), 400 # return str(row) except Exception as e: return str(e), 400
def login(): contexto = {} if request.method == 'POST': usuario = request.form.get('usuario') senha = request.form.get('senha') if usuario == 'admin' and senha == '123': session['login'] = True return redirect(url_for('index')) else: contexto['tipo_mensagem'] = u'danger' contexto['mensagem'] = u'Usuário ou senha inválidos' return render_template('login.html', **contexto), 200
def inside_of_group2(id): user = get_current_user() try: if not user.gazalkent_admin and not user.director: return redirect(url_for('home')) except AttributeError: return redirect(url_for('home')) groups = Groups.query.filter_by(id=id).all() experts = Teachers.query.filter_by(teacher=True).all() for group in groups: student = Student.query.filter( or_(Student.group1 == group.id, Student.group2 == group.id, Student.group3 == group.id)) return render_template('Groups/Inside of Group2.html', students=student, groups=groups, user=user, teachers=experts) return render_template('Groups/Inside of Group2.html', groups=groups, user=user, teachers=experts)
def updatemedlist(ssn): if (current_user.role != 'pharm'): return render_template('auth/accessDenied.html') for med in newMed: quantity_med = Med.query.get(med['medId']) quantity_med.quantity = int(quantity_med.quantity)-int(med['quant']) db.session.commit() obj = Pmed(pid=med['pid'],medicineId=med['medId'],quant=med['quant'],amount=med['amount']) db.session.add(obj) db.session.commit() newMed.clear() flash('Medicines Issued Succesfully !',"success") return redirect(url_for('patientmedinfo',ssn=ssn))
def makeclean(): ath = auth.Auth() if not ath.checkSession(): if 'authkey' in request.form: if not ath.checkKey(request.form["authkey"]): return "-1" else: return redirect(url_for('lock')) if 'clean' in request.form or 'authkey' in request.form: chk = checker.Checker() chk.updateValue('c') return "0" return "-1"
def update_post(post_id): post = Post.query.get_or_404(post_id) if post.author != current_user: abort(403) form = PostForm() if form.validate_on_submit(): post.save(form.title.data, form.content.data) flash('Post updated!', 'info') return redirect(url_for('post', post_id=post.id)) elif request.method == 'GET': form.title.data = post.title form.content.data = post.content return render_template('create_post.html', title='Update Post', form=form)
def configServer(): cnf = config.Config() if 'timecheck' in request.form: cnf.updateConfig(request.form["ppslimit"], request.form["mbitslimit"], request.form["timecheck"], request.form["blocktime"], request.form["deleteRegister"]) ath = auth.Auth() if not ath.checkSession(): return redirect(url_for('lock')) return render_template('config.html', title="Configuración del cortafuegos", config=cnf.getConfig())
def unblockport(): ath = auth.Auth() if not ath.checkSession(): if 'authkey' in request.form: if not ath.checkKey(request.form["authkey"]): return "-1" else: return redirect(url_for('lock')) if 'port' in request.form: block = blockPort.BlockPort() block.unBlockPort(request.form["port"]) return "0" return "1"
def addnewmed(ssn): if (current_user.role != 'pharm'): return render_template('auth/accessDenied.html') if request.method == "POST": medName = request.form['mname'] reqQuant = request.form['quantity'] requiredMed= Med.query.filter_by(mname = medName)[0] patId = Patient.query.filter_by(ssnId = ssn)[0].id # Checks medicine's availablility(if quantity is not zero) if (int(requiredMed.quantity) - int(reqQuant))>=0: medDict={} medDict['medId'] = requiredMed.mid medDict['pid'] = patId medDict['name'] = medName medDict['quant'] = reqQuant medDict['rate'] = requiredMed.Rate medDict['amount'] = int(reqQuant) * int(requiredMed.Rate) newMed.append(medDict) return redirect(url_for('patientmedinfo',ssn=ssn)) else: flash("Quantity not availaible! Available quantity of this medicine is {}".format(requiredMed.quantity), "danger") return redirect(url_for('issuemedicine', ssn=ssn))
def shutdown(): ath = auth.Auth() if not ath.checkSession(): if 'authkey' in request.form: if not ath.checkKey(request.form["authkey"]): return "-1" else: return redirect(url_for('lock')) if 'shutdown' in request.form: chk = checker.Checker() chk.updateValue('s') chk.shutdown_server() return render_template('shutdown.html', title="Apagar el cortafuegos")
def login(): e_login = '' usrnm = "" if request.method == 'POST': usrnm = request.form['usrnm'] password = request.form['password'] user = User.query.filter_by(usrnm=usrnm).first() if user and user.password == password: session['usrnm'] = usrnm return redirect('/newpost') else: e_login = "******" return render_template('login.html', e_login=e_login, usrnm = usrnm)
def delete_old_events(): if 'admin' in session: current_date = date.today() events = EventsModel.query.all() num_events = 0 # total number of events deleted for e in events: event_date = datetime.strptime(e.EventDate, '%d/%m/%Y').date() if event_date < current_date: num_events += 1 db.session.delete(e) db.session.commit() if num_events: flash(f"Deleted {num_events} Old Events Successfully", 'success') print(f"Deleted {num_events} Old Events Successfully") else: flash("No Old Events Exist [Date Wise]", 'success') print("No Old Events Exist [Date Wise]") return redirect('/admin') else: flash("Admin Not Logged In", 'danger') print("Admin Not Logged In") return redirect('/login')
def unblock(): ath = auth.Auth() if not ath.checkSession(): if 'authkey' in request.form: if not ath.checkKey(request.form["authkey"]): return "-1" else: return redirect(url_for('lock')) if 'ip' in request.form: block = blockIP.blockIP() block.deleteIP(request.form["ip"], 0) return "0" return "1"
def signup(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] role = request.form['role'] user = User.query.filter_by(username=username).first() if user: flash('user already exists') return redirect('/signup') newUser = User(username=username, password=generate_password_hash(password, method='sha256'), role=role) db.session.add(newUser) db.session.commit() flash('user created') return redirect('/signup') else: return render_template('auth/signup.html')
def show_group(group_id): user = get_current_user() try: if not user.gazalkent_admin and not user.director and not user.xojakent_admin: return redirect(url_for('home')) except AttributeError: return redirect(url_for('home')) teacher = get_current_teacher() query_groups = Groups.query.order_by('id').all() query_students = Student.query.filter_by( for_moved=True).order_by('id').all() if user.locations == 1: return render_template('Groups/Show_group.html', groups=query_groups, old_id=group_id, students=query_students, user=user) elif user.locations == 2: return render_template('Groups/Show_group2.html', groups=query_groups, old_id=group_id, students=query_students, user=user)
def getTrace(): ath = auth.Auth() if not ath.checkSession(): if 'authkey' in request.args: if not ath.checkKey(request.args["authkey"]): return "-1" else: return redirect(url_for('lock')) if os.path.exists("../data/guardian.pcap"): with open("../data/guardian.pcap", 'rb') as file: return send_file(io.BytesIO(file.read()), attachment_filename='guardian.pcap', mimetype='text/plain') return "1"
def login(): if request.method == 'POST': data_log = json.dumps(dict(request.form)) f = open("filename.log", "a") f.write("{0} -- {1}\n".format( datetime.now().strftime("%Y-%m-%d %H:%M"), data_log)) f.close() requset_data = request.form['reqdesc'] print(requset_data) # return "We will contact you soon on this queires" return render_template('public/templates/index.html') else: user = request.args.get('nm') return redirect(url_for('success', name=user))
def pharmacistinfo(): if (current_user.role != 'pharm'): return render_template('auth/accessDenied.html') if request.method == 'POST': search_ssnId = request.form['ssnId'] try: searched_ssnId = int(search_ssnId) except: flash("Please Enter a valid Integer Id!", "danger") return redirect('/pharmacist_dashboard') patient = Patient.query.filter_by(ssnId=search_ssnId).first() medicine = Pmed.query.filter_by(pid=patient.id).all() medi = [] for med in medicine: medi.append(Med.query.filter_by(mid=med.medicineId).all()) print(medi) allPatients = Patient.query.all() return render_template('pharmacist/searchpatient.html', patient=patient, medicine=zip(medicine, medi), patients=allPatients) return redirect('/pharmacist_dashboard')
def login(): if request.method == 'POST': user = request.form['user'] password = request.form['password'] username = Users.query.filter_by(user=user).first() if username and pw_validate_hash(username.password, password): session['user'] = user flash('Logged In', 'error') return redirect('/') else: # TODO - explain why login failed flash('User password is invalid or the user does not exist', 'error') return render_template('login.html')
def signup(): usrnm = "" if request.method == 'POST': #_______________begin input error handling____________ error = False usrnm = request.form['usrnm'] e_usrnm = "" pw = request.form['password'] e_pw = "" verify = request.form['verify'] # __checking if input variables are okay__ if len(usrnm) < 3 or len(pw) < 3: error = True e_usrnm = "Both your username and password have to be more than 3 characters!" if usrnm == '': error = True e_usrnm = "Please type a user name." if pw == '': error = True e_pw = "Please type a password." if pw != verify: error = True e_pw = "Both password entries must be the same!" # __returning error page if any input is faulty__ if error: return render_template("signup.html", usrnm_ins = usrnm, pw_ins = pw, verify_ins = verify, error_usrnm = e_usrnm, error_pw = e_pw) #_______________end input error handling____________ existing_user = User.query.filter_by(usrnm=usrnm).first() if existing_user: return '<h1>Dupe user yo!</h1>' new_user = User(usrnm, pw) db.session.add(new_user) db.session.commit() session['usrnm'] = usrnm return redirect('/newpost') return render_template('signup.html', title="User signup", h1 = "User signup", usrnm = usrnm)
def add_event_to_favourites(event_id): if 'user' in session: rs = UserModel.query.filter_by(ID=session['user']).first() if event_id in rs.InterestedActivities: flash( f"Event With ID : '{event_id}' Already In {rs.Name}'s Favourites", 'warning') print( f"Event With ID : '{event_id}' Already In {rs.Name}'s Favourites" ) else: rs.InterestedActivities = rs.InterestedActivities + event_id + ',' db.session.commit() flash( f"Event With ID : '{event_id}' Added To {rs.Name}'s Favourites", 'success') print( f"Event With ID : '{event_id}' Added To {rs.Name}'s Favourites" ) return redirect('/events') else: flash("User Not Logged In", 'danger') print("User Not Logged In") return redirect('/login')
def send_reminder_event(event_id): if 'admin' in session: event = EventsModel.query.filter_by(ID=event_id).first() if event is None: # if event does not exist flash(f"Event With ID : '{event_id}' Does Not Exist", 'danger') print(f"Event With ID : '{event_id}' Does Not Exist") return redirect('/admin') else: # get all favourite users for <event_id> rs = UserModel.query.all() recipients = [] for user in rs: if event_id in user.InterestedActivities: recipients.append(user.ID + '@bennett.edu.in') print("Sending Emails ...") sendMail( "REMINDER : " + event.EventHeading, get_event_description(event), recipients, f'Mail Sent Successfully to {len(recipients)} student(s)') return redirect('/admin') else: flash("Admin Not Logged In", 'danger') print("Admin Not Logged In") return redirect('/login')
def login(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] remember = True if request.form.get('remember') else False user = User.query.filter_by(username=username).first() if not user: flash('Wrong username', 'danger') return redirect('login') elif not check_password_hash(user.password, password): flash('Password incorrect', 'danger') return redirect('login') login_user(user) #Checks if user's role is desk executive if current_user.role == 'desk': flash('Welcome, ' + current_user.username, 'success') return redirect('/home') #Checks if user's role is pharmacist elif current_user.role == 'pharm': flash('Welcome, ' + current_user.username, 'success') return redirect('/pharmacist_dashboard') #Checks if user's role is diagnostic service executive elif current_user.role == 'diag': flash('Welcome, ' + current_user.username, 'success') return redirect('/diagnostic_dashboard') else: return render_template('auth/login.html') else: return render_template('auth/login.html')
def add_olympiad(): title = "Добавление олимпиады" form = EditorOlympiad() if form.validate_on_submit(): new_olympiad = Olympiad(name=form.name.data, max_balls=form.max_balls.data, description=form.description.data) db.session.add(new_olympiad) db.session.commit() flash('Добавлена Олимпиада!') return redirect(url_for("hierarchy")) flash(flash_editor_errors(form)) return render_template("editor.html", form=form, action='/add/olympiad', title=title)
def remove_event_from_favourites(event_id): if 'user' in session: rs = UserModel.query.filter_by(ID=session['user']).first() if event_id in rs.InterestedActivities: rs.InterestedActivities = str(rs.InterestedActivities).replace( event_id + ',', '') db.session.commit() flash( f"Event With ID : '{event_id}' Removed From {rs.Name}'s Favourites", 'success') print( f"Event With ID : '{event_id}' Removed From {rs.Name}'s Favourites" ) else: flash( f"Event With ID : '{event_id}' Not in {rs.Name}'s Favourites", 'danger') print( f"Event With ID : '{event_id}' Not in {rs.Name}'s Favourites") return redirect('/user/' + session['user']) else: flash("User Not Logged In", 'danger') print("User Not Logged In") return redirect('/login')
def signin(): if request.method == 'POST': info = u"Неверный логин или пароль" username = request.form['username'] password = request.form['password'] if username and password: user = get_user(username, password) if user: session['username'] = username session['password'] = password return redirect('/') else: return render_template("signin.html", info=info) else: return render_template("signin.html", info=info) else: return render_template("signin.html")
def deletepatient(): if 'username' in session: id = request.args.get('id') if (id.isdigit()): u = db_session.query(Patient).filter_by(id=id).first() if (u): db_session.delete(u) db_session.commit() response = { 'info': 'success' } else: response = { 'info': 'error' } else: response = { 'info': 'error' } return jsonify(response) else: return redirect("/signin")
def postfund(): if 'username' in session: name = request.form['name'].encode('utf-8') description = request.form['description'].encode('utf-8') short_description = request.form['short_description'].encode('utf-8') cover = request.files['cover'] phone = str(request.form['phone']) email = str(request.form['email']) budget = str(request.form['budget']) bank_book = str(request.form['bank_book']) f = upload_file(cover, 'funds') if (f == -1): return jsonify({ 'info': 'error' }) u = Fund(name, description, budget, phone, email, bank_book, f, short_description) db_session.add(u) db_session.commit() return jsonify({ 'info': 'success' } ) else: return redirect("/signin")
def postevent(): if 'username' in session: title = request.form['title'].encode('utf-8') description = request.form['description'].encode('utf-8') date = str(request.form['date']) cover = request.files['cover'] longi = str(request.form['longi']) lati = str(request.form['lati']) city = request.form['city'].encode('utf-8') category = request.form['category'].encode('utf-8') address = request.form['address'].encode('utf-8') f = upload_file(cover, 'events') if f == -1: return jsonify({ 'info': 'error' }) u = Event(title, description, date, f, longi, lati, city, category, address) db_session.add(u) db_session.commit() return jsonify({ 'info': 'success' }) else: return redirect("/signin")
def docs(): if 'username' in session: return render_template("docs.html") else: return redirect("/signin")
def logout(): session.clear() return redirect("/signin")