mrp

1. import sqlite3
2. from flask import Flask, flash, redirect, render_template, request, session, url_for
3. from flask_session import Session
4. from passlib.apps import custom_app_context as pwd_context
5. from tempfile import gettempdir
6. from sqlalchemy import *
7.  
8. from helpers import *
9.  
10. from cs50 import SQL
11.  
12. # configure application
13. app = Flask(__name__)
14.  
15. # set up SQLAlchemy
16. # app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///signme.db'
17. # db = SQLAlchemy(app)
18.  
19. # configure CS50 Library to use SQLite database
20. # db = SQL("sqlite:///signme.db")
21.  
22. db = create_engine('sqlite:///signme.db', echo=True)
23. metadata = MetaData(bind=db)
24. users = Table('users', metadata, autoload=True)
25. events = Table('events', metadata, autoload=True)
26. registrants = Table('registrants', metadata, autoload=True)
27.  
28. # ensure responses aren't cached
29. if app.config["DEBUG"]:
30.     @app.after_request
31.     def after_request(response):
32.         response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate"
33.         response.headers["Expires"] = 0
34.         response.headers["Pragma"] = "no-cache"
35.         return response
36.  
37. # configure session to use filesystem (instead of signed cookies)
38. app.config["SESSION_FILE_DIR"] = gettempdir()
39. app.config["SESSION_PERMANENT"] = False
40. app.config["SESSION_TYPE"] = "filesystem"
41. Session(app)
42.  
43. # connect to database
44. # conn = sqlite3.connect('signme.db', check_same_thread=False)
45. # db = conn.cursor()
46.  
47.  
48. @app.route("/")
49. def home():
50.     return render_template("home.html")
51.    
52. @app.route("/profile")
53. @login_required
54. def profile():
55.     """User profile page"""
56.     # select row from users table corresponding to the user
57.     user = db.execute("SELECT * FROM users WHERE id = :id", id=session["user_id"])
58.    
59.     # select events from events table corresponding to the user
60.     myevents = db.execute("SELECT title FROM events WHERE host = :host", host=session["user_id"])
61.    
62.     # select events from registrants table corresponding to the user
63.     #registeredevents = db.execute("SELECT title from ")
64.    
65.     return render_template("profile.html", user=user, myevents=myevents)
66.  
67. @app.route("/newevent", methods=["GET", "POST"])
68. @login_required
69. def newevent():
70.     """Create new event."""
71.    
72.     # if user reached route via POST
73.     if request.method == "POST":
74.    
75.         # update events table
76.         event = db.execute("INSERT INTO events (title, host) VALUES (:title, :host)", title=request.form.get("title"),
77.         host=session["user_id"])
78.        
79.         return redirect(url_for("myevent") + event.id)
80.    
81.     # else if user reached route via GET
82.     else:
83.         return render_template("newevent.html")
84.        
85. @app.route("/myevent/<int:event_id>")
86. @login_required
87. def myevent(event_id):
88.     """Show information related to the event."""
89.    
90.     registrants = db.execute("SELECT * FROM registrants JOIN users ON users.id = registrants.user_id WHERE event_id=:eventid",
91.     eventid=event_id)
92.    
93.     return render_template("newevent.html", registrants=registrants)
94.    
95.  
96. @app.route("/login", methods=["GET", "POST"])
97. def login():
98.     """Log user in."""
99.  
100.     # forget any user_id
101.     session.clear()
102.  
103.     # if user reached route via POST (as by submitting a form via POST)
104.     if request.method == "POST":
105.  
106.         # ensure username was submitted
107.         if not request.form.get("email"):
108.             return render_template("error.html", message = "Must provide email")
109.  
110.         # ensure password was submitted
111.         elif not request.form.get("password"):
112.             return render_template("error.html", message = "Must provide password")
113.  
114.         # query database for username
115.         row = db.execute("SELECT * FROM users WHERE email = :email", email=request.form.get("email"))
116.        
117.         user = row.fetchone()
118.         print(row)
119.  
120.         # ensure username exists and password is correct
121.         if user == [] or not pwd_context.verify(request.form.get("password"), user.password):
122.             return render_template("error.html", message = "Invalid username and/or password")
123.  
124.         # remember which user has logged in
125.         session["user_id"] = user.id
126.  
127.         # redirect user to home page
128.         return redirect(url_for("home"))
129.  
130.     # else if user reached route via GET (as by clicking a link or via redirect)
131.     else:
132.         return render_template("login.html")
133.  
134. @app.route("/logout")
135. def logout():
136.     """Log user out."""
137.  
138.     # forget any user_id
139.     session.clear()
140.  
141.     # redirect user to login form
142.     return redirect(url_for("login"))
143.    
144.  
145. @app.route("/register", methods=["GET", "POST"])
146. def register():
147.     """Register user."""
148.    
149.     # if user reached route via POST
150.     if request.method == "POST":
151.        
152.          # ensure email is not blank
153.         if not request.form.get("email"):
154.             return render_template("error.html", message="Must provide email")
155.        
156.         # ensure email isn't already taken
157.         # s = users.select()
158.         # rs = s.execute()
159.         s = users.select(users.c.email == request.form.get("email"))
160.         email = s.execute()
161.         #email = db.execute("SELECT * FROM users WHERE email = :email", email=request.form.get("email"))
162.         if email != []:
163.             return render_template("error.html", message="Sorry, this email is taken :(")
164.        
165.         # ensure password is not blank
166.         elif not request.form.get("password"):
167.             return render_template("error.html", message="Must provide password")
168.        
169.         # ensure same password entered again
170.         elif request.form.get("password") != request.form.get("passwordconfirm"):
171.             return render_template("error.html", message="Passwords must match")
172.        
173.         # hash password
174.         hash=pwd_context.encrypt(request.form.get("password"))
175.        
176.         # enter new user into users
177.         user = db.execute("INSERT INTO users (email, password, first_name, last_name, birthdate, phone, school, major, grad_year,\
178.        address, zipcode, city, state) VALUES (:email, :password, :first_name, :last_name, :birthdate, :phone, :school, :major, \
179.        :grad_year, :address, :zipcode, :city, :state)", email=request.form.get("email"), password=hash,
180.         first_name=request.form.get("first_name"), last_name=request.form.get("last_name"), birthdate=request.form.get("birthdate"),
181.         phone=request.form.get("phone"), school=request.form.get("school"), major=request.form.get("major"),
182.         grad_year=request.form.get("grad_year"), address=request.form.get("address"), zipcode=request.form.get("zipcode"),
183.         city=request.form.get("city"), state=request.form.get("state"))
184.        
185.         # with engine.begin() as connection:
186.         #     user = connection.execute(users.insert(), email=request.form.get("email"), password=hash,
187.         #     first_name=request.form.get("first_name"), last_name=request.form.get("last_name"), birthdate=request.form.get("birthdate"),
188.         #     phone=request.form.get("phone"), school=request.form.get("school"), major=request.form.get("major"),
189.         #     grad_year=request.form.get("grad_year"), address=request.form.get("address"), zipcode=request.form.get("zipcode"),
190.         #     city=request.form.get("city"), state=request.form.get("state"))
191.        
192.         #i = users.insert()
193.         # user = users.insert().execute(email=request.form.get("email"), password=hash,
194.         # first_name=request.form.get("first_name"), last_name=request.form.get("last_name"), birthdate=request.form.get("birthdate"),
195.         # phone=request.form.get("phone"), school=request.form.get("school"), major=request.form.get("major"),
196.         # grad_year=request.form.get("grad_year"), address=request.form.get("address"), zipcode=request.form.get("zipcode"),
197.         # city=request.form.get("city"), state=request.form.get("state"))
198.        
199.        
200.         # a connectionless way to Insert a user
201. # ins = users_table.insert()
202. # result = engine.execute(ins, name="Shinji", age=15, password="nihongo")
203.  
204. # # another connectionless Insert
205. # result = users_table.insert().execute(name="Martha", age=45, password="dingbat")
206.        
207.        
208.         # remember the user who has just registered
209.         session["user_id"] = user
210.        
211.         # redirect user to home page
212.         return redirect(url_for("home"))
213.        
214.     # else if user reached route via GET
215.     else:
216.         return render_template("register.html")