Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from flask import Flask,render_template,flash,request,url_for,redirect,session
- from dbconnect import connection
- from wtforms import Form,TextField,PasswordField,validators,DecimalField,SelectField
- from passlib.hash import sha256_crypt
- from MySQLdb import escape_string as thwart
- import gc
- from functools import wraps
- app=Flask(__name__)
- @app.route('/')
- def homepage():
- if 'logged_in' in session:
- form=UploadForm(request.form)
- return render_template("upload.html",form=form)
- else:
- return render_template("main.html")
- def login_required(f):
- @wraps(f)
- def wrap(*args,**kwargs):
- if 'logged_in' in session:
- return f(*args,**kwargs)
- else:
- flash("you need to login first")
- return redirect(url_for('login'))
- return wrap
- @app.route("/search/",methods=["POST","GET"])
- def search():
- c,conn=connection()
- x=''
- try:
- flash("try")
- if request.method=="POST":
- city=request.form['city']
- flash(city)
- select=request.form.get('select')
- flash(type(select))
- d={1:"bb",2:"pt",3:"hk",4:"ga",5:"pr",6:"ec",7:"cp",8:"ct",9:"eo",10:"sg"}
- flash("before")
- x=int(select)
- data=c.execute("SELECT * FROM user where city=%s and categoryid=%s",[thwart(city),thwart(d[x])])
- flash("after")
- return render_template("search.html",c=c)
- except Exception as e:
- flash(e)
- return render_template("search.html",c=c)
- @app.route("/logout/")
- @login_required
- def logout():
- session.clear()
- flash("you have been logged out")
- gc.collect()
- return redirect(url_for("homepage"))
- @app.route('/login/',methods=['GET','POST'] )
- def login():
- error=' '
- try:
- c,conn=connection()
- if request.method=="POST":
- data=c.execute("SELECT * FROM account WHERE username=(%s)",[thwart(request.form['username'])])
- data=c.fetchone()[2]
- if sha256_crypt.verify(request.form['password'],data):
- session['logged_in']=True
- session['username']=request.form['username']
- flash("you are logged in")
- flash(session['username'])
- return redirect(url_for("upload"))
- else:
- error="invalid credentials"
- gc.collect()
- return render_template("login.html",error=error)
- except Exception as e:
- error="invalid credentials"
- return render_template("login.html",error=error)
- @app.route("/upload/",methods=["GET","POST"])
- def upload():
- error=''
- try:
- form=UploadForm(request.form)
- if request.method=="POST" and form.validate():
- name=form.name.data
- city=form.city.data
- contact=form.contact.data
- select=form.select.data
- email=form.email.data
- c,conn=connection()
- x=c.execute("SELECT userid from account WHERE username=(%s)",[thwart(session['username'])])
- userid=int(c.fetchone()[0])
- username=thwart(session['username'])
- #d={"garage":"ga","plumber":"pr","painter":"pt","catering":"ct","electrician":"ec","bloodbank":"bb","eventorganiser":"eo","carpenter":"cp","housekeeper":"hk","securityguard":"sg"}
- city=request.form['city']
- email=request.form['email']
- contact=request.form['contact']
- x=c.execute("SELECT * FROM user where username=%s and city=%s and categoryid=%s",[thwart(username),thwart(city),thwart(d[select])])
- if int(x)>0:
- flash("you cannot have more than one account in any city")
- return render_template("upload.html",form=form)
- else:
- c.execute("INSERT INTO user(userid,username,categoryid,city,contact,email) VALUES(%s,%s,%s,%s,%s,%s)",[thwart(str(userid)),thwart(username),thwart(d[select]),thwart(city),thwart(contact),thwart(email)])
- conn.commit()
- flash("upload done")
- c.close()
- conn.close()
- return render_template("upload.html",form=form)
- return render_template("upload.html",form=form)
- except Exception as e:
- return (str(e))
- @app.route('/regester/',methods=['GET','POST'] )
- def regester_page():
- y=0
- try:
- form=RegestrationForm(request.form)
- if request.method=="POST" and form.validate():
- username=form.username.data
- password=sha256_crypt.encrypt((str(form.password.data)))
- c,conn=connection()
- x=c.execute("SELECT * FROM account where username = %s ",[thwart(username)])
- if int(x)>0:
- flash("username already exists choose other name")
- return render_template('regester.html',form=form)
- else:
- y=c.execute('SELECT * FROM account ')
- z=int(y)
- c.execute("INSERT INTO account (username,userid,password) VALUES (%s, %s, %s)",[thwart(username),(z+1),thwart(password)])
- conn.commit()
- flash("thanks for regestering")
- c.close()
- conn.close()
- gc.collect()
- session['logged_in']=True
- session['username']=username
- return redirect(url_for("upload"))
- return render_template("regester.html",form=form)
- except Exception as e:
- return (str(e))
- class RegestrationForm(Form):
- username=TextField('Username',[validators.Length(min=4,max=20)])
- password=PasswordField('Password',[validators.Required(),validators.EqualTo('confirm',message='password must match')])
- confirm=PasswordField('Repeat password')
- class UploadForm(Form):
- name=TextField('name')
- city=TextField("City")
- contact=DecimalField("Contact")
- email=TextField("email")
- select=SelectField('select',choices=[('bb','blood donor'),('pt','painter'),('pl','plumber')])
- if __name__=="__main_":
- app.run()
Add Comment
Please, Sign In to add comment