Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import sqlite3
- from flask import Flask, flash, redirect, render_template, request, session, url_for
- from flask_session import Session
- from passlib.apps import custom_app_context as pwd_context
- from tempfile import gettempdir
- from sqlalchemy import *
- from helpers import *
- from cs50 import SQL
- # configure application
- app = Flask(__name__)
- # set up SQLAlchemy
- # app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///signme.db'
- # db = SQLAlchemy(app)
- # configure CS50 Library to use SQLite database
- # db = SQL("sqlite:///signme.db")
- db = create_engine('sqlite:///signme.db', echo=True)
- metadata = MetaData(bind=db)
- users = Table('users', metadata, autoload=True)
- events = Table('events', metadata, autoload=True)
- registrants = Table('registrants', metadata, autoload=True)
- # ensure responses aren't cached
- if app.config["DEBUG"]:
- @app.after_request
- def after_request(response):
- response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate"
- response.headers["Expires"] = 0
- response.headers["Pragma"] = "no-cache"
- return response
- # configure session to use filesystem (instead of signed cookies)
- app.config["SESSION_FILE_DIR"] = gettempdir()
- app.config["SESSION_PERMANENT"] = False
- app.config["SESSION_TYPE"] = "filesystem"
- Session(app)
- # connect to database
- # conn = sqlite3.connect('signme.db', check_same_thread=False)
- # db = conn.cursor()
- @app.route("/")
- def home():
- return render_template("home.html")
- @app.route("/profile")
- @login_required
- def profile():
- """User profile page"""
- # select row from users table corresponding to the user
- user = db.execute("SELECT * FROM users WHERE id = :id", id=session["user_id"])
- # select events from events table corresponding to the user
- myevents = db.execute("SELECT title FROM events WHERE host = :host", host=session["user_id"])
- # select events from registrants table corresponding to the user
- #registeredevents = db.execute("SELECT title from ")
- return render_template("profile.html", user=user, myevents=myevents)
- @app.route("/newevent", methods=["GET", "POST"])
- @login_required
- def newevent():
- """Create new event."""
- # if user reached route via POST
- if request.method == "POST":
- # update events table
- event = db.execute("INSERT INTO events (title, host) VALUES (:title, :host)", title=request.form.get("title"),
- host=session["user_id"])
- return redirect(url_for("myevent") + event.id)
- # else if user reached route via GET
- else:
- return render_template("newevent.html")
- @app.route("/myevent/<int:event_id>")
- @login_required
- def myevent(event_id):
- """Show information related to the event."""
- registrants = db.execute("SELECT * FROM registrants JOIN users ON users.id = registrants.user_id WHERE event_id=:eventid",
- eventid=event_id)
- return render_template("newevent.html", registrants=registrants)
- @app.route("/login", methods=["GET", "POST"])
- def login():
- """Log user in."""
- # forget any user_id
- session.clear()
- # if user reached route via POST (as by submitting a form via POST)
- if request.method == "POST":
- # ensure username was submitted
- if not request.form.get("email"):
- return render_template("error.html", message = "Must provide email")
- # ensure password was submitted
- elif not request.form.get("password"):
- return render_template("error.html", message = "Must provide password")
- # query database for username
- row = db.execute("SELECT * FROM users WHERE email = :email", email=request.form.get("email"))
- user = row.fetchone()
- print(row)
- # ensure username exists and password is correct
- if user == [] or not pwd_context.verify(request.form.get("password"), user.password):
- return render_template("error.html", message = "Invalid username and/or password")
- # remember which user has logged in
- session["user_id"] = user.id
- # redirect user to home page
- return redirect(url_for("home"))
- # else if user reached route via GET (as by clicking a link or via redirect)
- else:
- return render_template("login.html")
- @app.route("/logout")
- def logout():
- """Log user out."""
- # forget any user_id
- session.clear()
- # redirect user to login form
- return redirect(url_for("login"))
- @app.route("/register", methods=["GET", "POST"])
- def register():
- """Register user."""
- # if user reached route via POST
- if request.method == "POST":
- # ensure email is not blank
- if not request.form.get("email"):
- return render_template("error.html", message="Must provide email")
- # ensure email isn't already taken
- # s = users.select()
- # rs = s.execute()
- s = users.select(users.c.email == request.form.get("email"))
- email = s.execute()
- #email = db.execute("SELECT * FROM users WHERE email = :email", email=request.form.get("email"))
- if email != []:
- return render_template("error.html", message="Sorry, this email is taken :(")
- # ensure password is not blank
- elif not request.form.get("password"):
- return render_template("error.html", message="Must provide password")
- # ensure same password entered again
- elif request.form.get("password") != request.form.get("passwordconfirm"):
- return render_template("error.html", message="Passwords must match")
- # hash password
- hash=pwd_context.encrypt(request.form.get("password"))
- # enter new user into users
- user = db.execute("INSERT INTO users (email, password, first_name, last_name, birthdate, phone, school, major, grad_year,\
- address, zipcode, city, state) VALUES (:email, :password, :first_name, :last_name, :birthdate, :phone, :school, :major, \
- :grad_year, :address, :zipcode, :city, :state)", email=request.form.get("email"), password=hash,
- first_name=request.form.get("first_name"), last_name=request.form.get("last_name"), birthdate=request.form.get("birthdate"),
- phone=request.form.get("phone"), school=request.form.get("school"), major=request.form.get("major"),
- grad_year=request.form.get("grad_year"), address=request.form.get("address"), zipcode=request.form.get("zipcode"),
- city=request.form.get("city"), state=request.form.get("state"))
- # with engine.begin() as connection:
- # user = connection.execute(users.insert(), email=request.form.get("email"), password=hash,
- # first_name=request.form.get("first_name"), last_name=request.form.get("last_name"), birthdate=request.form.get("birthdate"),
- # phone=request.form.get("phone"), school=request.form.get("school"), major=request.form.get("major"),
- # grad_year=request.form.get("grad_year"), address=request.form.get("address"), zipcode=request.form.get("zipcode"),
- # city=request.form.get("city"), state=request.form.get("state"))
- #i = users.insert()
- # user = users.insert().execute(email=request.form.get("email"), password=hash,
- # first_name=request.form.get("first_name"), last_name=request.form.get("last_name"), birthdate=request.form.get("birthdate"),
- # phone=request.form.get("phone"), school=request.form.get("school"), major=request.form.get("major"),
- # grad_year=request.form.get("grad_year"), address=request.form.get("address"), zipcode=request.form.get("zipcode"),
- # city=request.form.get("city"), state=request.form.get("state"))
- # a connectionless way to Insert a user
- # ins = users_table.insert()
- # result = engine.execute(ins, name="Shinji", age=15, password="nihongo")
- # # another connectionless Insert
- # result = users_table.insert().execute(name="Martha", age=45, password="dingbat")
- # remember the user who has just registered
- session["user_id"] = user
- # redirect user to home page
- return redirect(url_for("home"))
- # else if user reached route via GET
- else:
- return render_template("register.html")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement