def Get(filterExpression=None):
connection, cursor = basehandler.DbConnect()
myQuery = "SELECT * FROM USER_DBT"
if filterExpression is None:
cursor = basehandler.DbExecute(myQuery, connection, cursor)
else:
myQuery += filterExpression.GetWhere()
cursor = basehandler.DbExecute(myQuery, connection, cursor,
filterExpression.GetParameters())
userList = []
for user in cursor.fetchall():
tempUser = User()
tempUser.userId = user[0]
tempUser.firstName = user[1]
tempUser.lastName = user[2]
tempUser.username = user[3]
tempUser.password = user[4]
tempUser.email = user[5]
tempUser.userType = user[6]
userList.append(tempUser)
basehandler.DbClose(connection, cursor)
return userList
def user_register():
if request.method == 'GET':
return render_template('user_register.html')
if request.method == 'POST':
user = User()
user.firstName = request.form['register_firstName']
user.lastName = request.form['register_lastName']
user.username = request.form['register_username']
user.password = request.form['register_password']
userhandler.Insert(user)
return redirect('/')
def UpdateUser():
if not IsAuthenticated():
return redirect('/')
try:
user = User()
user.firstName = request.args.get('usersettings_firstName',
"",
type=STRING)
user.lastName = request.args.get('usersettings_lastName',
"",
type=STRING)
user.username = request.args.get('usersettings_username',
"",
type=STRING)
user.email = request.args.get('usersettings_email', "", type=STRING)
user.password = request.args.get('usersettings_password',
"",
type=STRING)
user.userId = GetUserIdSession()
validationMessage = user.IsValid()
if validationMessage != "":
return jsonify(validationMessage)
filterParameter = FilterParameter("USERUSERNAME", "LIKE",
user.username)
filterExpression = FilterExpression()
filterExpression.AddParameter(filterParameter)
users = userhandler.Get(filterExpression)
if len(users) > 0 and users[0].userId != GetUserIdSession():
return jsonify("This username is already taken")
filterParameter = FilterParameter("USEREMAIL", "LIKE", user.email)
filterExpression = FilterExpression()
filterExpression.AddParameter(filterParameter)
users = userhandler.Get(filterExpression)
if len(users) > 0 and users[0].userId != GetUserIdSession():
return jsonify("This e-mail address is already taken")
userhandler.Update(user)
SetUserIdSession(user.userId)
SetFullNameSession(user.firstName + " " + user.lastName)
SetUsernameSession(user.username)
return jsonify("")
except:
return jsonify("Unexpected error occured")
def Account():
if IsAuthenticated():
return redirect('/')
return render_template('loginregister.html',
currentUser=User(),
authenticated=IsAuthenticated(),
fullName=GetFullNameSession())
def Get(filterExpression = None):
connection, cursor = basehandler.DbConnect()
myQuery = "SELECT * FROM USERS_DBT"
if filterExpression is None:
cursor = basehandler.DbExecute(myQuery, connection, cursor)
else:
myQuery += filterExpression.GetWhere()
cursor = basehandler.DbExecute(myQuery, connection, cursor, filterExpression.GetParameters())
userList = []
for user in cursor.fetchall():
tempUser = User()
tempUser.userId = user[0]
tempUser.firstName = user[1]
tempUser.lastName = user[2]
tempUser.username = user[3]
tempUser.password = user[4]
userList.append(tempUser)
basehandler.DbClose(connection, cursor)
return userList
def user_account():
if UserSession.currentUser is None:
return redirect('/')
if request.method == 'POST':
if request.form['button'] == "delete":
userhandler.Delete(UserSession.currentUser.userId)
UserSession.currentUser.userId = -1
return redirect('/')
user = User()
user.firstName = request.form['account_firstName']
user.lastName = request.form['account_lastName']
user.username = request.form['account_username']
user.password = request.form['account_password']
user.userId = UserSession.currentUser.userId
if request.form['button'] == "update":
userhandler.Update(user)
UserSession.currentUser = user
return redirect('/')
elif request.method == 'GET':
return render_template('user_account.html', currentUser=UserSession.currentUser, isAuthenticated = user_is_authenticated())
def GetByUsernameOrEmail(usernameEmail):
filterParameter1 = FilterParameter("USERUSERNAME", "LIKE", usernameEmail,
"OR ")
filterParameter2 = FilterParameter("USEREMAIL", "LIKE", usernameEmail)
filterExpression = FilterExpression()
filterExpression.AddParameter(filterParameter1)
filterExpression.AddParameter(filterParameter2)
userList = Get(filterExpression)
if len(userList) > 0:
return userList[0]
return User()
def Register():
if IsAuthenticated():
return redirect('/')
user = User()
user.firstName = request.args.get('registerFirstName', "", type=STRING)
user.lastName = request.args.get('registerLastName', "", type=STRING)
user.username = request.args.get('registerUsername', "", type=STRING)
user.email = request.args.get('registerEmail', "", type=STRING)
user.password = request.args.get('registerPassword', "", type=STRING)
user.userType = 2
validationMessage = user.IsValid()
if validationMessage != "":
return jsonify(validationMessage)
filterParameter = FilterParameter("USERUSERNAME", "LIKE", user.username)
filterExpression = FilterExpression()
filterExpression.AddParameter(filterParameter)
users = userhandler.Get(filterExpression)
if len(users) > 0:
return jsonify("Username already exists")
filterParameter = FilterParameter("USEREMAIL", "LIKE", user.email)
filterExpression = FilterExpression()
filterExpression.AddParameter(filterParameter)
users = userhandler.Get(filterExpression)
if len(users) > 0:
return jsonify("Email already exists")
user = userhandler.Insert(user)
SetUserIdSession(user.userId)
SetFullNameSession(user.firstName + " " + user.lastName)
SetUsernameSession(user.username)
return jsonify("")