def delete_item():
if not logged_in():
flash('You are not logged in.')
return redirect(url_for('index'))
elif request.method == 'GET':
db.remove_item(int(request.args.get('i_id')))
return redirect(url_for('profile'))
def profile():
if auth.logged_in():
name = session['username']
return render_template('profile.html', name=name) #likes, places
else:
flash('Access error. You are not logged in.')
return redirect('index')
def logout():
if auth.logged_in():
auth.logout()
flash('You have been logged out.')
else:
flash('Logout Error: You are not logged in.')
return redirect('index')
def categories():
if auth.logged_in():
#flash('Welcome to the categories page. Select a category to play!')
return render_template('categories.html')
else:
flash('Access error. You are not logged in.')
return redirect('index')
def messenger():
if request.method == 'POST':
return redirect(url_for('messenger'))
if auth.logged_in(g_username):
fList = database.f_getlist(g_username)
#print fList
fpDict = {}
for userName in fList:
#print (userName)
userIndex = 0
if userName[0] == g_username:
userIndex = 1
pictureString = database.get_picture(userName[userIndex],
g_username)
fpDict[userName] = pictureString
#print fpDict
#print "SPAMMMMM"
#print fpDict
database.del_picture(g_username)
#print "del --------------"
return render_template("messenger.html",
username=g_username,
friendPicDict=fpDict)
else:
session['alert-type'] = 'error'
flash('Please log in before checking your messages')
return redirect(url_for('login'))
def logout():
if logged_in():
flash('You have been logged out.')
auth.logout()
else:
flash('You are not logged in!')
return redirect(url_for('index'))
def change_item():
if not logged_in():
flash('You are not logged in.')
return redirect(url_for('index'))
elif request.method == 'GET':
db.change_status(int(request.args.get('i_id')),int(request.args.get('status')))
return redirect(url_for('profile'))
def change_name():
if not logged_in():
flash('You are not logged in.')
return redirect(url_for('index'))
elif request.method == 'POST':
db.change_name(session['u_id'], request.form.get('name'))
flash('Name changed!')
return redirect(url_for('profile'))
def settings():
if request.method == 'POST':
return redirect(url_for('settings'))
if auth.logged_in(g_username):
return render_template('settings.html')
else:
session['alert-type'] = 'error'
flash('Please log in before changing your settings')
return redirect(url_for('login'))
def gchat():
if request.method == 'POST':
return redirect(url_for('gchat'))
if auth.logged_in(g_username):
return render_template('gchat.html')
else:
session['alert-type'] = 'error'
flash('Please log in before joining the global chat')
return redirect(url_for('login'))
def friendslist():
if request.method == 'POST':
return redirect(url_for('friendslist'))
if auth.logged_in(g_username):
f_list = database.f_getlist(g_username)
return render_template('friendslist.html', f_list=f_list)
else:
session['alert-type'] = 'error'
flash('Please log in before checking your friends list')
return redirect(url_for('login'))
def results():
if auth.logged_in():
name = session['username']
if request.method == "POST":
score = request.form.get('t-points')
category = request.form.get('category')
database.addStat(name, category, score)
return render_template('results.html', score=score, category=category)
else:
flash('Access error. You are not logged in.')
return redirect('index')
def change_pass():
if not logged_in():
flash('You are not logged in.')
return redirect(url_for('index'))
elif request.method == 'POST':
if request.form.get('password1') == request.form.get('password2'):
db.change_pass(session['u_id'], request.form.get('password1'))
flash('Password changed!')
else:
flash('Passwords do not match.')
return redirect(url_for('profile'))
def find_friends():
if auth.logged_in():
if request.method == 'POST':
#place = request.form.get('search_places')
#users = database.get_users(place)
users = ['Lisa',
'Christina'] #hardcoded in, database doesn't exist
return render_template('find_friends.html', users=users)
else:
flash('Access error. You are not logged in.')
return redirect('index')
def profile():
if auth.logged_in():
name = session['username']
stats = database.getStats(name)
statsHTML = []
for i in stats:
item = dict(category=i[0], score=i[1])
statsHTML.append(item)
return render_template('profile.html', name=name, statsHTML=statsHTML)
else:
flash('Access error. You are not logged in.')
return redirect('index')
def upload():
if not logged_in():
flash('You are not logged in.')
return redirect(url_for('index'))
if request.method == 'POST':
is_selling = True if request.form.get('type') == 'sell' else False
item = request.form.get('item')
price = request.form.get('price')
description = request.form.get('description')
if not item or not price or not description:
flash('You must fill out all fields.')
return redirect(url_for('upload'))
price = float(price)
# sanitizing price inputs
if price < 0:
flash('Price must be greater than $0.')
return redirect(url_for('upload'))
if price > 9999.99:
flash('Price must be less than $10,000.')
return redirect(url_for('upload'))
# handle uploaded images
f = request.files.getlist('pictures[]')
if not f:
flash('You must upload a picture.')
return redirect(url_for('upload'))
for pic in f:
if not allowed_file(pic.filename):
flash('Pictures must be in .jpg or .jpeg format.')
return redirect(url_for('upload'))
i = 0
i_id = db.add_item(item, price, description, is_selling, int(session['u_id']))
for pic in f:
timestamp = str(time.time()).replace(".", "_")
filename = str(session['u_id']) + '_' + timestamp + '_' + str(i) + '.jpg'
path = app.config['UPLOAD_FOLDER'] + '/' + filename
pic.save(path)
db.add_picture(i_id, path.strip('static/'))
i += 1
return redirect(url_for('profile'))
return render_template('upload.html')
def logout():
# Delete session cookie etc.
if auth.logged_in(g_username):
auth.logout(g_username)
global g_username
g_username = ""
app.jinja_env.globals.update(g_username="")
session['alert-type'] = 'notice'
flash('You have been logged out.')
else:
session['alert-type'] = 'error'
flash('You can\'t log out if you aren\'t logged in.')
return redirect(url_for('index'))
def login():
if logged_in():
flash('You are already logged in!')
return redirect(url_for('index'))
if request.method == 'POST':
email = request.form.get('email')
if auth.login(email, request.form.get('password')):
flash('Welcome back, ' + db.get_user_name(email) + '!')
return redirect(url_for('index'))
else:
flash('Invalid credentials, please try again.')
return redirect(url_for('login'))
return render_template('login.html')
def index():
if auth.logged_in(g_username):
fList = database.f_getlist(g_username)
#print fList
return render_template("index.html",
friendList=fList,
username=g_username)
else:
session['alert-type'] = 'notice'
flash('Please login to the site before using it')
return redirect(url_for('login'))
if request.method == 'POST':
return redirect(url_for('index'))
return render_template('index.html')
def profile(name):
if request.method == 'POST':
name = request.form['search-name']
return redirect(url_for('profile', name=name))
if auth.logged_in(g_username):
if auth.u_exists(name):
bio = database.get_bio(name)
status = database.f_getstatus(g_username, name)
return render_template('profile.html',
name=name,
status=status,
bio=bio)
else:
return render_template('noprofile.html')
else:
session['alert-type'] = 'error'
flash('Please log in before checking your profile')
return redirect(url_for('login'))
def profile():
if not logged_in():
flash('You are not logged in.')
return redirect(url_for('index'))
user = session['u_id']
## make a dict where all Uitems = items where items['u_id'] == session['u_id']
items = None
if request.args.get('query'):
items = db.get_items_search(request.args.get('query'))
else:
items = db.get_all_items()
Uitems ={}
Bitems={}
for i in items:
if items[i]['user_id'] == user:
Uitems[i] = items[i]
if (items[i]['user_id']!=user & items[i]['status'] != 0):
Bitems[i]=items[i]
return render_template("profile.html", Uitems = Uitems, Bitems=Bitems, user=user )
def question():
if auth.logged_in():
if request.method == 'POST':
catNum = request.form.get('subject')
response = trivia.call_api(catNum)
category = response[0]['category']
question = response[0]['question']
answers = trivia.randomize(response[0])
canswer = response[0]['correct_answer']
bots = json.dumps(game.gen_bots(request.form.get('b-difficulty')))
return render_template('question.html',
question=question,
answers=answers,
canswer=canswer,
category=category,
bots=bots)
else:
flash('Access error. You are not logged in.')
return redirect('index')
def settings():
if auth.logged_in():
if request.method == "POST":
currentpassword = request.form.get('currentpassword')
newpassword = request.form.get('newpassword')
vertify = request.form.get('vertify')
if auth.encrypt(currentpassword) == database.get_password(
session['username']):
if newpassword == vertify:
database.change_password(session['username'],
auth.encrypt(newpassword))
flash('Successful password change.')
else:
flash('Failed. Passwords do not match.')
return redirect('/settings')
else:
flash('Failed. Wrong old password.')
return redirect('/settings')
else:
return redirect('index')
return render_template('settings.html')
def create():
if logged_in():
flash('You are already logged in!')
return redirect(url_for('index'))
if request.method == 'POST':
password1 = request.form.get('password1')
password2 = request.form.get('password2')
email = request.form.get('email')
fname = request.form.get('fname')
lname = request.form.get('lname')
name = fname + ' ' + lname
terms = request.form.get('terms')
if (password1 == '' or password2 == '' or fname == '' or lname == '' or email == ''):
flash('Please fill in all fields')
return redirect(url_for('create'))
if not password1 == password2:
flash('Passwords do not match.')
return redirect(url_for('create'))
if not email.endswith('@stuy.edu'):
flash('Email is invalid.')
return redirect(url_for('create'))
if not terms:
flash('Please read and accept the terms of service')
return redirect(url_for('create'))
if not auth.add_user(email, password1, name):
flash('Email already in use.')
return redirect(url_for('login'))
flash('Welcome ' + fname + '!')
return redirect(url_for('index'))
return render_template('create.html')
def send_email():
if not logged_in():
flash('You are not logged in!')
return redirect(url_for('index'))
seller_email = None
email_body = None
if request.method == 'POST':
seller_email = db.get_user_email(int(request.args.get('u_id')))
email_body = request.form.get('email')
else:
seller_email = session['seller_email']
email_body = session['email_body']
if 'credentials' not in session:
session['seller_email'] = seller_email
session['email_body'] = email_body
return redirect(url_for('authorize'))
# Load credentials from the session.
credentials = google.oauth2.credentials.Credentials(
**session['credentials']
)
service = googleapiclient.discovery.build('gmail', 'v1', credentials=credentials)
message = gmail.create_message("me", seller_email, "Item Inquiry", email_body)
gmail.send_message(service, "me", message)
# Save credentials back to session in case access token was refreshed.
# ACTION ITEM: In a production app, you likely want to save these
# credentials in a persistent database instead.
session['credentials'] = gmail.credentials_to_dict(credentials)
flash('Email sent!')
return redirect(url_for('index'))
def index():
if logged_in():
return redirect(url_for('market'))
return render_template('index.html')
