def forgetPassword():
if request.method == "GET":
return flask.send_from_directory("HTML", "ForgetRequest.html")
else:
inEmail = request.form['email']
if Checking.CheckEamilFormat(inEmail) == False:
return "Wrong email address format"
db = SqlConn.ConnectToDB()
para = {"inEmail": inEmail}
# Check if email is there
r = SqlConn.SendSQL(
db,
"SELECT concat(`firstname`,' ',`lastname`) as FullName, `ourusers`.`userid` \
FROM `employee`, `ourusers` WHERE `ourusers`.`userid` = `employee`.`userid` \
AND `ourusers`.`email`=%(inEmail)s LIMIT 1", para)
if 'err' in r:
db.close()
return "email not found"
# Generate the Verfication code
# Create the Verifcation code
VirifcationCode = str(SqlConn.GenerateRadom(5)) + inEmail
VirifcationCode = Hashing.sha3_256(
VirifcationCode.encode()).hexdigest()[3:13]
VirifcationCode = VirifcationCode.upper()
# Save the code to the database
para = {"vcode": VirifcationCode, "userID": r[0][1]}
SqlConn.SendSQL(
db,
"UPDATE `verifications` SET `vercode`=%(vcode)s, `enddate`=DATE_ADD(NOW(), INTERVAL 4 HOUR_MINUTE) WHERE UserID = %(userID)s limit 1",
para, False)
db.close()
# Send the email
with app.app_context():
msg = eMail.Message(subject="Forget account password with eCards",
sender=app.config.get("*****@*****.**"),
recipients=[inEmail],
body="Hi Mr. " + str(r[0][0]) +
", \n You have register with us and complete your registration please click the line bellow or use this Code:\n" + \
str(VirifcationCode) + " \n Thank you ...")
mail.send(msg)
return flask.send_from_directory("HTML", "ForgetVerifcation.html")
def CallFor(callingAddress: str, parametersList: str, TableName: str, ExtraData: dict = {}, IdName: str = "",
inCondation="", idGenSize=7):
if comFunc.checkLogin() == False:
return redirect(url_for('login'))
# Parse the data
ReqnData = json.dumps(request.form)
if ExtraData != "":
ExtraData = json.dumps(ExtraData)
ReqnData = ReqnData[0:len(ReqnData) - 1] + ", " + ExtraData[1:]
ReqnData = json.loads(ReqnData)
FullInData = ReqnData
# Clean up
for x in FullInData:
FullInData[x] = Checking.RemoveUnwantedChar(FullInData[x])
# React with DB
db = SqlConn.ConnectToDB()
if 'newC' in request.form:
# Generate a new ID
FullInData[IdName] = SqlConn.GenerateRadom(idGenSize)
# Create the list of paramter accordingly
InsertList = SqlConn.makeHTML(WhatYouWant="INSERT", ParaList=parametersList)
SQLs = "INSERT INTO " + TableName + " (" + parametersList + ") VALUES " + "(" + InsertList + ")"
r = SqlConn.InsertSQL(db, SQLs, FullInData, returnID=False)
elif 'editC' in request.form:
# Create the list of paramter accordingly
#print("^^^", FullInData)
UpdateList = SqlConn.makeHTML(WhatYouWant="UPDATE", ParaList=parametersList)
SQLs = "UPDATE " + TableName + " SET " + UpdateList + " WHERE " + inCondation
r = SqlConn.SendSQL(db, SQLs, FullInData, returnDate=False)
db.close()
# Check Result
if r[0] == "OK":
return redirect("/home")
else:
return '<center>' + r[1] + '<center>"<meta http-equiv="refresh" content="3";url=' + url_for(
callingAddress) + '" />"'
def resendVerifcaiton(UserID):
#Clean the Passed UserID
UserID = Checking.RemoveUnwantedChar(UserID)
# Connect to the SQL server
dbConn = SqlConn.ConnectToDB()
# Check if the user exisits and get its data
para = {"userID": UserID}
ur = SqlConn.SendSQL(dbConn, "SELECT ourusers.`email` as email, `firstname`, `lastname` FROM ourusers, `employee` " + \
"WHERE ourusers.`userid`=%(userID)s AND verified = 0 AND ourusers.userid = employee.userid", para)
if ur == None:
print("Fail")
return beecFunc.ReturnResponse("Fail")
# Create new Verifcation code
VirifcationCode = str(SqlConn.GenerateRadom(3))
VirifcationCode = Hashing.sha3_256(
VirifcationCode.encode()).hexdigest()[2:10]
VirifcationCode = VirifcationCode.upper()
# Update the code to the database
para = {"vcode": VirifcationCode, "userID": UserID}
SqlConn.InsertSQL(
dbConn,
"UPDATE `verifications` SET `vercode`= %(vcode)s WHERE `UserID`=%(userID)s",
para, False)
# Close DB Connection
SqlConn.CloseConnection(dbConn)
# Send the email
try:
beecFunc.SendEmail(emailSubject="Avtivate you account with eCards", emailTo=ur[0][0],
emailBody="Hi Mr. " + ur[0][1] + " " + ur[0][2] + \
", \n You have register with us and complete your registration please click the line bellow or use this Code:\n" + \
VirifcationCode + " \n Thank you ...")
except:
print("Email Failer")
return beecFunc.ReturnResponse("EmailFail")
return beecFunc.ReturnResponse("OK")
def RegisterNewUser():
if request.method == 'POST':
# Convert the input to JSON object
FullInData = json.dumps(request.form)
FullInData = json.loads(FullInData)
# print("Resived:", FullInData)
try:
# return FullInData;
# Check email format
if Checking.CheckEamilFormat(FullInData['email']):
# Check email Match
if (FullInData['email']) == (FullInData['Reenter']
or 'WEB' not in FullInData):
print("email check passed")
pass
else:
if 'WEB' not in FullInData:
return beecFunc.ReturnResponse("Email Match")
else:
return Msgs.getErrorMessage(0, "EN")
else:
if 'WEB' not in FullInData:
return beecFunc.ReturnResponse("Email Format")
else:
return Msgs.getErrorMessage(1, "EN")
# Check Password Match
if FullInData['Passowrd'] == FullInData[
'pReenter'] or 'WEB' not in FullInData:
# Password Complexity
d = Checking.passwordComplexity(FullInData['Passowrd'])
if d == "OK":
print("Password Complexity Passed")
pass
else:
print("Password Complexity FAILD")
if 'WEB' not in FullInData:
return beecFunc.ReturnResponse("Pwd Complexity")
else:
return Msgs.getErrorMessage(2, "EN")
else:
if 'WEB' not in FullInData:
return beecFunc.ReturnResponse("Pwd Match")
else:
return Msgs.getErrorMessage(3, "EN")
# Virify the username
# FullInData['UserName'] = Checking.RemoveUnwantedChar(FullInData['UserName'])
# Clean all input data
for x in FullInData:
if x != "Passowrd" and x != "email":
FullInData[x] = Checking.RemoveUnwantedChar(FullInData[x])
except KeyError:
if 'WEB' not in FullInData:
return beecFunc.ReturnResponse("Passed Key error: " +
str(KeyError))
else:
return "Passed Key error: " + str(KeyError)
except:
if 'WEB' not in FullInData:
return beecFunc.ReturnResponse("Other Error")
else:
return "Some error in you request"
# ----------------------------------------
# Everything is ok
# ----------------------------------------
print("Everything is OK")
ErrorArray = []
# Create User ID
FullInData['userid'] = str(SqlConn.GenerateRadom(8))
FullInData['password'] = beecFunc.hasPassword(FullInData['Passowrd'])
# Connect to the SQL serer
dbConn = SqlConn.ConnectToDB()
# 1 Insert the user
ResultData = SqlConn.InsertSQL(
dbConn,
"INSERT INTO `ourusers`(`CanLogin`,`points`,`userroleid`,`userid`, `email`,`password`) VALUES (1, 0, 122, %(userid)s, %(email)s, %(password)s )",
FullInData, False)
# Check if result is ok
if ResultData == None or ResultData[0] != "OK":
# If the error was becuse exisiting email, change the 'err' title to exisit
# This is to dispaly the correct error message on the app
if 'WEB' not in FullInData:
if "exisits" in ResultData[1]:
return beecFunc.ReturnResponse("Exisit")
else:
return beecFunc.ReturnResponse(ResultData[1])
else:
return str(ResultData)
# 2 Get the new created Licese ID
# LicSQL = SqlConn.SendSQL(dbConn, "SELECT `licencesid` FROM `licences` WHERE `type`='E' AND `CreatedFor`=' " + str(UserID) + "'")
para = {"username": FullInData['userid']}
LicSQL = SqlConn.SendSQL(
dbConn,
"SELECT `licencesid` FROM `licences` WHERE `type`='E' AND `CreatedFor`=%(username)s",
para)
# print(FullInData['userid'])
FullInData["LicenceID"] = str(LicSQL[0][0])
# 3 Create and employee
# print("FullInData[1LicenceID1]=", FullInData["LicenceID"])
myInsert = "INSERT INTO `employee`(`empid`, `nickname`, `firstname`, `middlename`, `grandname`, `lastname`, `abuname`, " + \
"`phone`, `mobile`, `hometel`, `email`, `workphone`, `notes`, `userid`, `licencesid`) VALUES ('1'," + \
" %(Nickname)s , %(FirstName)s, %(MiddleName)s , %(GrandFatherName)s , %(FamilyName)s ,%(AbuName)s , %(PhoneNumber)s" + \
", %(MobileNumber)s , %(HomePhone)s , %(email)s , %(Workphone)s , %(notes)s , %(userid)s , %(LicenceID)s )"
ResultData = SqlConn.InsertSQL(dbConn, myInsert, FullInData, True)
# ------------
# 4 SEND EMAIL
if ResultData[0] == "OK":
# Create the Verifcation code
VirifcationCode = str(SqlConn.GenerateRadom(3))
VirifcationCode = Hashing.sha3_256(
VirifcationCode.encode()).hexdigest()[2:10]
VirifcationCode = VirifcationCode.upper()
# Save the code to the database
para = {"vcode": VirifcationCode, "userID": FullInData['userid']}
SqlConn.InsertSQL(
dbConn,
"INSERT INTO `verifications`(`vercode`, `UserID`) VALUES (%(vcode)s,%(userID)s )",
para, False)
# Send the email
try:
beecFunc.SendEmail(emailSubject="Avtivate you account with eCards", emailTo=FullInData['email'],
emailBody="Hi Mr. " + FullInData['FirstName'] + \
", \n You have register with us and complete your registration please click the line bellow or use this Code:\n" + \
VirifcationCode + " \n Thank you ...")
except:
ErrorArray.append("Email")
# Close DB Connection
SqlConn.CloseConnection(dbConn)
# 5 Redirect to verificaiton
RR = flask.send_from_directory("HTML", "EmailVerifcation.html")
if 'WEB' not in FullInData:
if len(ErrorArray) > 0:
if "Email" in ErrorArray:
return beecFunc.ReturnResponse(
{
"Result": "Email",
"UserID": ResultData[1]
}, True)
else:
return beecFunc.ReturnResponse(
{
"Result": "OK",
"UserID": ResultData[1]
}, True)
else:
return str(RR)
# Close DB Connection
SqlConn.CloseConnection(dbConn)
if 'WEB' not in FullInData:
return beecFunc.ReturnResponse(ResultData)
else:
return str(ResultData)
# return Msgs.getErrorMessage(4, "EN") + FullInData['UserName']
elif request.method == 'GET':
# If it get, simply return the registration form
return flask.send_from_directory("HTML", "Register.html")
def CardsEdit():
if comFunc.checkLogin() == False:
return redirect(url_for('login'))
if request.method == 'POST':
ReqnData = json.dumps(request.form)
ReqnData = json.loads(ReqnData)
FullInData = ReqnData
# Clean up
for x in FullInData:
FullInData[x] = Checking.RemoveUnwantedChar(FullInData[x])
# React with DB
db = SqlConn.ConnectToDB()
if 'newC' in request.form:
# Generate a new ID
FullInData['cardid'] = SqlConn.GenerateRadom(5)
# Fix the checkbox input
if FullInData['isprivate'] == 'on':
FullInData['isprivate'] = "1"
else:
FullInData['isprivate'] = "0"
##############################
# Fix the INFO feild to JSON object
##############################
# Get the Theam HTML
para = {"applytheamid": FullInData['applytheamid']}
ThemSQL_Result = SqlConn.SendSQL(db, "SELECT `HTMLcode` FROM `theam` WHERE `theamid`=%(applytheamid)s", para)
# Extart the requried data
inHTML_ParaList = re.findall(r"\{[a-zA-Z]*\}", ThemSQL_Result[0][0])
# Remove the {} from the results
for x in range(0, len(inHTML_ParaList)):
inHTML_ParaList[x] = inHTML_ParaList[x][1:len(inHTML_ParaList[x]) - 1]
##################
# Get the full data JSON
FullDataJSON = GetUserFullData(session['UserID'], app, True)
FullDataJSON = json.loads(FullDataJSON)
ResultJSON: dict = {}
# Match the needed data with the data in FullDataJSON
for oneEntry in FullDataJSON:
if oneEntry in inHTML_ParaList:
ResultJSON[oneEntry] = FullDataJSON[oneEntry]
# Fix Full Name `firstname``middlename``grandname``lastname`
ResultJSON['FullName'] = FullDataJSON['firstname']
if "middlename" in FullDataJSON:
ResultJSON['FullName'] = ResultJSON['FullName'] + " " + FullDataJSON['middlename']
if "grandname" in FullDataJSON:
ResultJSON['FullName'] = ResultJSON['FullName'] + " " + FullDataJSON['grandname']
ResultJSON['FullName'] = str(ResultJSON['FullName'] + " " + FullDataJSON['lastname'])
# Assign the JSON object
FullInData['INFO'] = json.dumps(ResultJSON, ensure_ascii=False)
###############################################
# Create the Insert SQL
SQLs = "INSERT INTO cards (`cardid`, `cardname`, `hashlink`, `isprivate`, `visitcounter`, `htmllink`, `foremployee`, `applytheamid`, `INFO`, `QRCodeImg`) VALUES " \
+ "('" + str(FullInData['cardid']) + "','" + FullInData['cardname'] + "','" + FullInData[
'hashlink'] + "','" + \
FullInData['isprivate'] + "','0','" + FullInData['htmllink'] + "','" + \
str(FullInData['foremployee']) + "','" + str(FullInData['applytheamid']) + "','" + FullInData[
'INFO'] + "','" + \
str(FullInData['QRCodeImg']) + "')"
r = SqlConn.InsertSQL(db, SQLs, FullInData, returnID=False)
return str(r)
elif 'editC' in request.form:
# Create the list of paramter accordingly
print("^^^", FullInData)
db.close()
else:
return flask.render_template("EditCard.html")