def vote_page():
if not loggedIn(): #not logged in, make em register
return redirect("/register")
#setup voted variable
voted = False
if request.method == "GET":
curElection = getCurElection()
if curElection:
voted = votedAlready(curElection, session["id"])
if not voted: #didn't vote yet
candidates = getCandidates(curElection)
return render_template("vote.html", logged_in=True, election_happening=True,
listLen=len(candidates), ticket=candidates, voted=False)
else: #already voted
return render_template("vote.html", logged_in=True, election_happening=True,
voted=True)
elif request.method == "POST":
#user voted, now we need to process the data if there's an election today
curElection = getCurElection()
#when this if statement is true, the election being voted in today is valid
if curElection:
voted = votedAlready(curElection, session["id"])
if not voted: #make sure they didn't vote yet
candidates = getCandidates(curElection)
error = None
result = False
candidate_id = request.form["candidate"]
#user should also put their password in to vote
data = {"username" : session["username"], "password" : request.form["password"]}
if not tryLogin(data):
error = "Invalid password."
elif not validCandidateID(curElection, candidate_id):
error = "Invalid candidate ID given. Voter fraud detected - not counting vote."
voted = True
else:
result = vote(curElection, candidate_id, userid=session["id"])
if result: #vote is valid
return redirect("/")
else: #vote is invalid
if not error:
error = "There was a problem with your vote. Please try again."
return render_template("vote.html", logged_in=True, error=error, voted=voted,
election_happening=True, ticket=candidates,
listLen=len(candidates))
#there is no election today or they already voted
return render_template("vote.html", logged_in=True, election_happening=curElection,
voted=voted)
def login():
# if user is logged in already, just send them to the home page
if loggedIn():
return redirect("/")
# validate POST data
error = None
result = False
if not request.form["username"]:
error = "Username must not be left blank."
elif not request.form["password"]:
error = "Password must not be left blank."
else:
result = tryLogin(request.form)
if result: # valid login
# get and setup various session data
setupSession(request.form["username"])
curElection = getCurElection() # get today's election
if curElection:
voted = votedAlready(curElection, session["id"])
else:
voted = False
return render_template("index.html", logged_in=True, election_happening=curElection, voted=voted)
else: # failed login
if not error:
error = "Invalid username/password combination. Try again."
return render_template("index.html", error=error, logged_in=False)
def login():
#if user is logged in already, just send them to the home page
if loggedIn():
return redirect("/")
#validate POST data
error = None
result = False
if not request.form["username"]:
error = "Username must not be left blank."
elif not request.form["password"]:
error = "Password must not be left blank."
else:
result = tryLogin(request.form)
if result: #valid login
#get and setup various session data
setupSession(request.form["username"])
curElection = getCurElection() #get today's election
if curElection:
voted = votedAlready(curElection, session["id"])
else:
voted = False
return render_template("index.html",
logged_in=True,
election_happening=curElection,
voted=voted)
else: #failed login
if not error:
error = "Invalid username/password combination. Try again."
return render_template("index.html", error=error, logged_in=False)
def home():
election_happening = getCurElection()
if loggedIn():
voted = votedAlready(election_happening, session["id"])
else:
voted = False
return render_template("index.html", logged_in=loggedIn(), voted=voted,
election_happening=election_happening)
def vote(election, candidate=None, voted=True, userid=""):
#when we create an election, we need to create the corresponding rows in electionData
#because this function will assume they're just there
mutex.acquire() #get the mutex
try:
#prep for mysql stuff later on
timestamp = getDBTimestamp(getCurTime()) #get a mysql datetime value of the current datetime
cur = db.connection.cursor() #get our mysql cursor
#if user already voted in this election return false
#we're checking this before calling this function so we should be able to remove this
if votedAlready(election, userid):
return False
#update mysql db
if voted:
#should we wrap all of the mysql statements in try/catch blocks in case there's an error?
#update electionData by adding 1 to the vote count for the given condition
cur.execute("UPDATE electionData SET num_votes=num_votes+1 WHERE election_id = %s" +
" AND candidate_id = %s", [election, candidate])
db.connection.commit()
result = cur.fetchall()
#add voter to the voterHistory table with voted=1
cur.execute("INSERT INTO voterHistory (election_id, voter_id, time_stamp, voted) VALUES" +
" (%s, %s, %s, 1)", [election, userid, timestamp])
db.connection.commit()
result = cur.fetchall()
return True
else: #failed vote
#add the vote to voterHistory table but set the voted value to false
cur.execute("INSERT INTO voterHistory (election_id, voter_id, time_stamp, voted) VALUES" +
" (%s, %s, %s, 0)'", [election, userid, timestamp])
result = cur.fetchall()
except: #in case we error, we want internal server error or debugger
raise
finally: #no matter what, release mutex
mutex.release()
return False