Пример #1
0
def login():
    if g.user is not None:
        return redirect(url_for('project.index'))

    if request.method == 'POST':
        email = request.form['email']
        password = request.form['password']
        cursor = get_cursor()
        error = None

        cursor.execute('SELECT * FROM users WHERE email = %s', (email, ))
        user = cursor.fetchone()

        if user is None:
            error = 'Incorrect email.'
        elif not check_password_hash(user['password_hash'], password):
            error = 'Incorrect password.'

        if error is None:
            session.clear()
            session['user_id'] = user['id']
            return redirect(url_for('index'))

        flash(error)

    return render_template('auth/login.html')
Пример #2
0
def load_logged_user():
    user_id = session.get('user_id')
    if user_id is None:
        g.user = None
    else:
        cursor = get_cursor()
        cursor.execute("SELECT * FROM users WHERE id = %s", (user_id, ))
        g.user = cursor.fetchone()
Пример #3
0
def insert_row(table, obj):
    db = get_db()
    cursor = get_cursor()
    pholders = ', '.join(['%s'] * len(obj))
    columns = ', '.join(obj.keys())
    query = 'INSERT INTO %s (%s) VALUES (%s)' % (table, columns, pholders)
    print(query)
    print(obj.values())
    cursor.execute(query, tuple(obj.values()))
    db.commit()
Пример #4
0
def get_project_by_id(project_id, check_author=False):
    cursor = get_cursor()
    cursor.execute('SELECT * FROM projects WHERE id = %s', (project_id, ))
    project = cursor.fetchone()

    if project is None:
        abort(404, 'Project id {0} doesn\'t exist.'.format(project_id))

    if check_author and project['posted_by'] != g.user['id']:
        abort(403)

    return project
Пример #5
0
def update(id):
    project = get_project_by_id(id, check_author=True)

    if request.method == 'POST':
        project = project_from_request()
        error = validate_project(project)

        if error is None:
            cursor = get_cursor()
            cursor.execute(
                'UPDATE projects SET project_name = %s, link = %s, complexity = %s, description = %s'
                ' WHERE id = %s',
                (project['project_name'], project['link'],
                 project['complexity'], project['description'], id))
            get_db().commit()
            return redirect(url_for('project.index'))

        flash(error)

    return render_template('project/update.html', project=project)
Пример #6
0
def register():
    if request.method == 'POST':
        username = request.form['username']
        email = request.form['email']
        password = request.form['password']
        db = get_db()
        cursor = get_cursor()
        error = None

        if not username:
            error = 'Username is required.'
        elif not password:
            error = 'Password is required.'
        elif not email:
            error = 'Email is required.'

        cursor.execute('SELECT id FROM users WHERE email = %s', (email, ))

        if cursor.fetchone() is not None:
            error = 'User with email {} is already registered.'.format(email)

        cursor.execute('SELECT id FROM users WHERE username = %s',
                       (username, ))

        if cursor.fetchone() is not None:
            error = 'User with username {} is already registered.'.format(
                email)

        if error is None:
            cursor.execute(
                'INSERT INTO users (username, password_hash, email) VALUES (%s, %s, %s)',
                (username, generate_password_hash(password), email))
            db.commit()
            return redirect(url_for('auth.login'))

        flash(error)

    return render_template('auth/register.html')
Пример #7
0
def get_all_projects_by_user_id(user_id):
    cursor = get_cursor()
    cursor.execute('SELECT * FROM projects WHERE posted_by = %s', (user_id, ))
    return cursor.fetchall()
Пример #8
0
def delete(id):
    get_project_by_id(id, check_author=True)
    cursor = get_cursor()
    cursor.execute('DELETE FROM projects WHERE id = %s', (id, ))
    get_db().commit()
    return redirect(url_for('project.index'))
Пример #9
0
def get_all_projects():
    cursor = get_cursor()
    cursor.execute('SELECT * FROM projects')
    return cursor.fetchall()