def register(): # If already logged in if 'userid' in session: flash(u"You're already logged in. Redirected to your profile page.", 'warning') return redirect(url_for('profile', userid=session['userid'])) else: if request.method == 'GET': return render_template("register.html", session=session) elif request.method == 'POST': # Store inputs (except password) in session to auto-fill the forms when redirected session['name'] = request.form.get("name") session['email'] = request.form.get("email") session['gender'] = request.form.get("gender") # Validate email (has to be unique, and has to contain @, followed by .) if re.fullmatch(emailRegEx, session['email']) == None: flash(u"Invalid email address. Please try again.", 'warning') return redirect(url_for("register")) else: if query_db("SELECT * FROM user WHERE email = ?", (session['email'], ), True) != None: flash( u"Entered email address is already taken. Please try again with other email address.", 'warning') return redirect(url_for("register")) # Validate password (has to be longer than 8 characters, # and has to contain at least one uppercase, lowercase, and digit, respectively) # Also, password is NOT stored in session for security purposes if re.fullmatch(pwRegEx, request.form.get("password")) == None: flash( u"Invalid password. Password has to be longer than or equal to 8 characters, \ and has to contain at least one uppercase, lowercase, and digit.", 'warning') return redirect(url_for("register")) # Store new user in DB only if passed all validations modify_db("INSERT INTO user (name, email, password, gender) VALUES(?, ?, ?, ?)", \ (session['name'], session['email'], request.form.get("password"), session['gender'])) # Store user ID in session just for convenience user = query_db("SELECT * FROM user WHERE email = ?", (session['email'], ), True) session['userid'] = user['id'] flash(u"Signed up successfully.", 'info') return redirect(url_for('profile', userid=session['userid']))
def login(): # If already logged in if 'userid' in session: flash(u"You're already logged in. Redirected to your profile page.", 'warning') return redirect(url_for('profile', userid=session['userid'])) else: if request.method == 'GET': return render_template("login.html", session=session) elif request.method == 'POST': # Store inputs (except password) in session to auto-fill the forms when redirected session['email'] = request.form.get("email") request.form.get("password") # Confirm user exists, and entered password matches the stored password user = query_db("SELECT * FROM user WHERE email = ?", (session['email'], ), True) if user == None: flash(u"Invalid email or password. Please try again.", 'warning') return redirect(url_for("login")) elif request.form.get("password") != user['password']: flash(u"Invalid email or password. Please try again.", 'warning') return redirect(url_for("login")) # Store user info in session just for convenience session['userid'] = user['id'] session['name'] = user['name'] session['gender'] = user['gender'] flash(u"Logged in successfully.", 'info') return redirect(url_for('profile', userid=session['userid']))
def index_users(): # If not logged in if 'userid' not in session: flash(u"You're not logged in. Please log in first to see the content.", 'warning') return redirect(url_for("login")) else: users = query_db("SELECT * FROM user") return render_template("index_users.html", users=users)
def update(userid): # If not logged in if 'userid' not in session: flash(u"You're not logged in. Please log in first to see the content.", 'warning') return redirect(url_for("login")) # Check if it's a valid user elif int(userid) != session['userid']: flash( u"You cannot edit other users' profile. Redirected to your profile page.", 'warning') return redirect(url_for('profile', userid=session['userid'])) else: if request.method == 'GET': return render_template("edit_profile.html", session=session) elif request.method == 'POST': # Validate email (has to be unique, and has to contain @, followed by .) if re.fullmatch(emailRegEx, request.form.get("email")) == None: flash(u"Invalid email address. Please try again.", 'warning') return redirect(url_for("update", userid=session['userid'])) else: user = query_db("SELECT * FROM user WHERE email = ?", (request.form.get("email"), ), True) if (user != None) and (user['id'] != session['userid']): flash( u"Entered email address is already taken. Please try again with other email address.", 'warning') return redirect(url_for("update", userid=session['userid'])) # Validate password (has to be longer than 8 characters, # and has to contain at least one uppercase, lowercase, and digit, respectively) # Also, password is NOT stored in session for security purposes if re.fullmatch(pwRegEx, request.form.get("password")) == None: flash( u"Invalid password. Password has to be longer than or equal to 8 characters, \ and has to contain at least one uppercase, lowercase, and digit.", 'warning') return redirect(url_for("update", userid=session['userid'])) # Store inputs (except password) in session for convenience session['name'] = request.form.get("name") session['email'] = request.form.get("email") session['gender'] = request.form.get("gender") # Update user info in DB only if passed all validations modify_db( "UPDATE user \ SET name=?, email=?, password=?, gender=? \ WHERE id=?", (session['name'], session['email'], request.form.get("password"), session['gender'], session['userid'])) flash(u"Your profile has been updated successfully.", 'info') return redirect(url_for('profile', userid=session['userid']))
def profile(userid): # If not logged in if 'userid' not in session: flash(u"You're not logged in. Please log in first to see the content.", 'warning') return redirect(url_for("login")) # Check if it's a valid user elif int(userid) != session['userid']: user = query_db("SELECT * FROM user WHERE id = ?", (int(userid), ), True) if user == None: flash(u"User doesn't exist. Redirected to your profile page.", 'warning') return redirect(url_for('profile', userid=session['userid'])) else: return render_template("profile.html", session=session, user=user) else: return render_template("profile.html", session=session)
def init_app(): if not path.exists("models/user.db"): print('Initializing "user.db"...') init_db("user") print('Done.') if not path.exists("models/follower.db"): print('Initializing "follower.db"...') init_db("follower") print('Done.') if not path.exists("models/room.db"): print('Initializing "room.db"...') init_db("room") print('Done.') if not path.exists("models/room_setting.db"): print('Initializing "room_setting.db"...') init_db("room_setting") print('Done.') if not path.exists("models/message.db"): print('Initializing "message.db"...') init_db("message") print('Done.') if not path.exists("models/message_seen.db"): print('Initializing "message_seen.db"...') init_db("message_seen") print('Done.') if not path.exists("models/course_taken.db"): print('Initializing "course_taken.db"...') init_db("course_taken") print('Done.') if not path.exists("models/course_review.db"): print('Initializing "course_review.db"...') init_db("course_review") print('Done.') if not path.exists("models/college.db"): print('Initializing "college.db"...') init_db("college") # should be modified later modify_db('college', "INSERT INTO college (name, link) VALUES(?, ?)", ('Boston University', 'https://www.bu.edu/academics/schools-colleges/')) print('Done.') if not path.exists("models/school.db"): print('Initializing "school.db"...') init_db("school") colleges = query_db('college', "SELECT * FROM college") for college in colleges: schools = scrapeSchools(college['link']) for i in range(len(schools)): modify_db( 'school', "INSERT INTO school (college_id, name, link) VALUES(?, ?, ?)", (college['id'], schools[i]['school'], schools[i]['link'])) print('Done.') if not path.exists("models/department.db"): print('Initializing "department.db"...') init_db("department") colleges = query_db('college', "SELECT * FROM college") for college in colleges: schools = query_db('school', "SELECT * FROM school WHERE college_id=?", (college['id'], )) for school in schools: departments = scrapeDepartments(school['link']) for i in range(len(departments)): modify_db( 'department', "INSERT INTO department (college_id, school_id, name, link) VALUES(?, ?, ?, ?)", (college['id'], school['id'], departments[i]['department'], departments[i]['link'])) print('Done.') if not path.exists("models/course.db"): print('Initializing "course.db"...') init_db("course") colleges = query_db('college', "SELECT * FROM college") for college in colleges: schools = query_db('school', "SELECT * FROM school WHERE college_id=?", (college['id'], )) for school in schools: departments = query_db( 'department', "SELECT * FROM department WHERE college_id=? AND school_id=?", (college['id'], school['id'])) for department in departments: courses = scrapeCourses(department['link']) for i in range(len(courses)): modify_db( 'course', "INSERT INTO course (college_id, school_id, department_id, name, link) \ VALUES(?, ?, ?, ?, ?)", (college['id'], school['id'], department['id'], courses[i]['course'], courses[i]['link'])) print('Done.')