API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 27th, 2018
179
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.20 KB | None | 0 0
raw download clone embed print report
  1. from flask import Flask, render_template, request, make_response, redirect, render_template_string, config, session
  2. import sqlite3
  3. from hashlib import md5
  4. import os
  5.  
  6.  
  7. app = Flask(__name__)
  8.  
  9. f = os.path.join(os.path.abspath(os.path.dirname(__file__)),'example.db') #Local file
  10. conn = sqlite3.connect(f, check_same_thread=False)
  11. db = conn.cursor()
  12. SECRET_NUM = 1337
  13.  
  14.  
  15. def hash_string(s):
  16.     s = s.encode()
  17.     return md5(s).hexdigest()
  18.  
  19.  
  20. def get_login(id):
  21.     query = 'SELECT login FROM users WHERE id = {}'.format(id)
  22.     db.execute(query)
  23.     result = db.fetchone()
  24.     if result is None:
  25.         return None
  26.     else:
  27.         return result[0]
  28.  
  29.  
  30. def get_notes(id):
  31.     query = 'SELECT text FROM notes WHERE creator_id = {}'.format(id)
  32.     result = []
  33.     for row in db.execute(query):
  34.         result.append(row[0])
  35.     return result
  36.  
  37.  
  38. def check_login(user):
  39.     query = 'SELECT * FROM users WHERE login = "{}"'.format(user)
  40.     db.execute(query)
  41.     exist = db.fetchone()
  42.     if exist is None:
  43.         return False
  44.     else:
  45.         return True
  46.  
  47.  
  48. @app.route('/user')
  49. def user():
  50.     id = session.get('id',None)
  51.     if 'id' is None:
  52.         return render_template('user.html')
  53.     login = get_login(id)
  54.     if not login:
  55.         return "Page is not longer avialable"
  56.  
  57.     return render_template('user.html', username=login, notes=get_notes(id), id=id)
  58.  
  59.  
  60. @app.route('/')
  61. def index():
  62.     return render_template('index.html')
  63.  
  64. @app.route('/login', methods=['GET', 'POST'])
  65. def log():
  66.     if request.method == 'GET':
  67.         return render_template('login.html')
  68.     else:
  69.         login = request.form.get('login', '')
  70.         password = request.form.get('password', '')
  71.         if login == '' or password == '':
  72.             return "Login or password is missing"
  73.         password = hash_string(password)
  74.         if '"' in login or '"' in password:
  75.           return "U WOOOOOOOT GTFO PLEZ"
  76.         query = 'SELECT * FROM users WHERE login = "{}" and password = "{}"'.format(login, password)
  77.         print(query)
  78.         db.execute(query)
  79.         result = db.fetchone()
  80.         if result is None:
  81.             return "No such user or password incorrect"
  82.         resp = redirect('/user')
  83.         session["id"] = str(result[0])
  84.         return resp
  85.  
  86.  
  87. @app.route('/add_note', methods=['POST'])
  88. def add_note():
  89.     id = request.cookies.get('id',None)
  90.     if 'id' is None:
  91.         return redirect('/')
  92.     text = request.form.get('note', '')
  93.     text = text.encode('utf-8', 'replace')
  94.     if text == '':
  95.         return "Empty note"
  96.     query = 'INSERT INTO notes (text, creator_id) VALUES ("{}",{})'.format(text,id)
  97.     db.execute(query)
  98.     conn.commit()
  99.     return redirect('/user')
  100.  
  101.  
  102. @app.route('/register', methods=['GET', 'POST'])
  103. def reg():
  104.     if request.method == 'GET':
  105.         return render_template('register.html')
  106.     else:
  107.         login = request.form.get('login', '')
  108.         password = request.form.get('password', '')
  109.  
  110.         if login == '' or password == '':
  111.             return "Login or password is missing"
  112.  
  113.         if check_login(login):
  114.             return "This login already exist"
  115.  
  116.         password = hash_string(password)
  117.         print(login,password)
  118.         query = 'INSERT INTO users (login,password) VALUES ("{}","{}")'.format(login, password)
  119.         db.execute(query)
  120.         conn.commit()
  121.         return "Success"
  122.  
  123. @app.errorhandler(404)
  124. def page_not_found(e):
  125.     template = '''
  126.    <html>
  127.    <head>
  128.    <meta charset="UTF-8">
  129.    <title>404</title>
  130.    </head>
  131.    <body>
  132.    <div class="center-content error">
  133.        <h1>Oops! That page doesn't exist.</h1>
  134.        <h3>%s</h3>
  135.    </div>
  136.    </body>
  137.    </html> ''' % (request.url)
  138.     return render_template_string(template), 404
  139.  
  140. if __name__ == '__main__':
  141.     init_query = 'CREATE TABLE IF NOT EXISTS users(id  integer NOT NULL PRIMARY KEY AUTOINCREMENT,login text,password text)'
  142.     db.execute(init_query)
  143.     init_query = 'CREATE TABLE IF NOT EXISTS notes(id  integer NOT NULL PRIMARY KEY AUTOINCREMENT,text text,creator_id integer)'
  144.     db.execute(init_query)
  145.     conn.commit()
  146.     app.secret_key = "dsakfjospdifopdsifopqweirpoi"
  147.     app.run(host="0.0.0.0", port=5005)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!