Пример #1
0
def confirm_email(token):

    try:
        email= confirm_token(token)
    except:
        return render_template('error.html', message = 'The confirmation link is invalid or has expired.')

    data = runSQLQuery("""SELECT * FROM USERS WHERE USERNAME = '******'""".format(email), 0)
    if data[0][7] == "Y":
        return render_template('error.html', username = str(data[0][3]),
            message='You have already successfully verified this account [' + str(data[0][8]) + ']')
    else:
        if runSQLQuery("""UPDATE USERS SET VERIFIED ='Y', DATE_VERIFIED = now() WHERE USERNAME = '******'""".format(email), 1):
            return render_template('welcome.html', message='Email successfully verified, please log into to continue!')
Пример #2
0
def register():
	
    _forename = str(request.form['form-first-name'])
    _surname = str(request.form['form-last-name'])
    _email = str(request.form['form-email'])
    _password = str(generate_password_hash(request.form['form-password']))
    _type = request.form['form-select-type']

    target = open('server.log', 'w')
    target.write('FORM ACCEPTED')

    if _type == '1':
        _type = 'Y'
    else:
        _type = 'N'

    target.write('FORM ACCEPTED')

    _sql = "SELECT * FROM USERS WHERE USERNAME = '******'".format(_email)
    data = runSQLQuery(_sql, 0)


    target.write(_sql)

    if len(data) > 0:
        return jsonify({'status': 'EXIST'})
    else:
    	print("Got to here")
        # Python SQL is very sensitive to column ordering. Use null for ID value
        _sql_insert = """INSERT INTO USERS VALUES (null, '{0}','{1}','{2}','{3}','{4}', now(), 'N', null)""".format(_forename,
                _surname, _email, _password, _type)

        if runSQLQuery(_sql, 1) == True:

            data = runSQLQuery(_sql_insert, 1)

            mail_token = generate_confirmation_token(_email)
            confirm_url = url_for('confirm_email', token=mail_token, _external=True)
            html = render_template('mail.html', _name = str(_forename), confirm_url=confirm_url)
            subject = "Please confirm your email"
            send_email(_email, subject, html)
            return jsonify({'status': 'OK'})
        else:
            return jsonify({'status': 'ERROR'})
Пример #3
0
def login():

    _email = str(request.form['form-email'])
    _password = str(request.form['form-password'])
    _sql = "SELECT * FROM USERS WHERE USERNAME = '******'".format(_email)
    data = runSQLQuery(_sql, 0)

    try:
        if len(runSQLQuery(_sql, 0)) > 0:
            if str(data[0][7]) == 'N':
                return jsonify({'status': 'NON_VERIFIED'})
            elif check_password_hash(str(data[0][4]), _password):
                session['logged_in'] = True
                session['username'] = _email
                if data[0][5] == 'Y':
                    session['admin'] = True
                session['vernacular_name'] = str(data[0][1]) + ' ' + str(data[0][2])
                return jsonify({'status': 'OK'})
            else:
                return jsonify({'status': 'WRONG'})
        else:
            return jsonify({'status': 'NONE'})
    except Exception:
        return jsonify({'status': 'ERROR'})
Пример #4
0
def home():
    message = str(session['username'])
    name = str(session['vernacular_name'])
    try:
        if 'admin' in session:
            _sql="SELECT FORENAME, SURNAME, USERNAME FROM USERS"
            data = runSQLQuery(_sql, 0)
            entries = []
            for x in data:
                entry = {'title': str(x[0]) + " " + str(x[1]),'email': str(x[2])}
                entries.append(entry)
            return render_template('home.html',
                message=message,name=name, entries=entries)
        else:
            #standard users will not see a dictionary of users
            return render_template('home.html', message=message, name=name)
    except Exception as e:
        return render_template('error.html', message=str(e))