-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.py
191 lines (171 loc) · 8.22 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
# Import flask stuff
from flask import Flask, render_template, redirect, request, session, jsonify
# import mysql module
from flaskext.mysql import MySQL
import bcrypt
# set up mysql later
mysql = MySQL()
app = Flask(__name__)
app.config['MYSQL_DATABASE_USER'] = 'x'
app.config['MYSQL_DATABASE_PASSWORD'] = 'x'
#the name of the database we want to connect to at the DB server
app.config['MYSQL_DATABASE_DB'] = 'bawk'
#where the mysql server is at
app.config['MYSQL_DATABASE_HOST'] = '127.0.0.1'
#use the mysql objects method init_app and pass it the flask object
mysql.init_app(app)
conn = mysql.connect()
cursor = conn.cursor()
app.secret_key = 'hpiuadfnadf938498h087y3ry087yafhgbhfb8y08y08yqwer342134'
#create route
@app.route('/')
def index():
current_posts_query = "SELECT buzzes.id, pid, post_content, date, username, SUM(vote_type) as total from buzzes left join user on buzzes.uid = user.id left join votes on votes.pid = buzzes.id group by buzzes.id, votes.pid, post_content, date, username order by date DESC"
# vote_count_query = "SELECT pid, SUM(vote_type) from votes group by pid"
cursor.execute(current_posts_query)
current_posts_result = cursor.fetchall()
followers_query = "SELECT username, uid_of_user_being_followed, count(uid_of_user_following) from follow left join user on user.id = follow.uid_of_user_being_followed group by uid_of_user_being_followed"
cursor.execute(followers_query)
followers_result = cursor.fetchall()
return render_template('index.html',
posts = current_posts_result,
followers = followers_result
)
@app.route('/process_vote', methods=['POST'])
def process_vote():
# check to see has the user voted on this particular item
pid = request.form['vid'] #the post they voted on. THis came from jquery ajax
vote_type = request.form['voteType']
check_user_votes_query = "SELECT * FROM votes inner join user on user.id = votes.uid where user.username = '%s' and votes.pid ='%s'" % (session['username'], pid)
cursor.execute(check_user_votes_query)
check_user_votes_result = cursor.fetchone()
# its possible we get none back because the user hasnt voted on this post_content
if check_user_votes_result is None:
insert_user_vote_query = "INSERT into votes (pid, uid, vote_type) values ('"+str(pid)+"', '"+str(session['id'])+"', '"+str(vote_type)+"')"
cursor.execute(insert_user_vote_query)
conn.commit()
return jsonify("voteCounted")
else:
check_user_vote_direction_query = "SELECT * FROM votes INNER JOIN user ON user.id = votes.uid WHERE user.username = '%s' AND votes.pid = '%s' AND votes.vote_type = %s" % (session['username'], pid, vote_type)
cursor.execute(check_user_vote_direction_query)
check_user_vote_direction_result = cursor.fetchone()
if check_user_vote_direction_result is None:
# User has voted, but not this direction. Update
update_user_vote_query = "UPDATE votes SET vote_type = %s WHERE uid = '%s' AND pid = '%s'" % (vote_type, session['id'], pid)
cursor.execute(update_user_vote_query)
conn.commit()
get_new_total_query = "SELECT sum(vote_type) as vote_total from votes where pid = '%s' group by pid" % pid
cursor.execute(get_new_total_query)
get_new_total_result = cursor.fetchone()
return jsonify({'message': "voteChanged", 'vote_total': int(get_new_total_result[0])})
else:
# User has already voted this directino on this post. No dice.
return jsonify({'message': "alreadyVoted"})
# @app.route('/vote', methods=['POST'])
# def vote():
# update_current_vote = "UPDATE buzzes set current_vote = 'current_vote + 1' where id = 2"
# cursor.execute(update_current_vote)
# return redirect('/')
@app.route('/register')
def register():
if request.args.get('username'):
return render_template('register.html',
message = "That username is already taken.")
else:
return render_template('register.html')
@app.route('/register_submit', methods=['POST'])
def register_submit():
# check to see if username is already take. This means select statement.
check_username_query = "select * from user where username = '%s'" % request.form['user_name']
print check_username_query
cursor.execute(check_username_query)
check_username_result = cursor.fetchone()
if check_username_result is None:
# no match. insert
real_name = request.form['name']
username = request.form['user_name']
email = request.form['email']
password = request.form['password'].encode('utf-8')
hashed_password = bcrypt.hashpw(password, bcrypt.gensalt())
username_insert = "insert into user values (default, '"+real_name+"', '"+username+"', '"+hashed_password+"', '"+email+"')"
cursor.execute(username_insert)
conn.commit()
session['username'] = request.form['user_name']
hashed_password_from_mysql = "select password, id from user where username = '%s'" % session['username']
cursor.execute(hashed_password_from_mysql)
session_id = cursor.fetchone()
session['id'] = session_id[1]
return redirect('/')
else:
return redirect('/register?username=taken')
print check_username_result
return "done"
# Second if it is take send them back to register page with a message
# If it is take then insert user into MySQL
@app.route('/sign_in')
def sign_in():
return render_template('sign_in.html')
@app.route('/sign_in_submit', methods = ['POST'])
def sign_in_submit():
password = request.form['password'].encode('utf-8')
hashed_password_from_mysql = "select password, id from user where username = '%s'" % request.form['username']
cursor.execute(hashed_password_from_mysql)
hashed_password = cursor.fetchone()
# To check a hash against english:
if hashed_password == None:
return render_template("sign_in.html", message = "Wrong Username.")
if bcrypt.checkpw(password, hashed_password[0].encode('utf-8')):
session['username'] = request.form['username']
session['id'] = hashed_password[1]
return redirect('/')
else:
return render_template("sign_in.html", message = "Wrong Password.")
@app.route('/logout')
def logout():
#nuke their session vars. This will end the session which is what we use to let them into the portal
session.clear()
return redirect('/sign_in?message=LoggedOut')
@app.route('/post_submit', methods=['POST'])
def post_submit():
post_content = request.form['post_content']
get_user_id_query = "select id from user where username = '%s'" % session['username']
cursor.execute(get_user_id_query)
get_user_id_result = cursor.fetchone()
user_id = get_user_id_result[0]
insert_post_query = "insert into buzzes (post_content, uid, current_vote) values ('"+post_content+"', "+str(user_id)+", 0)"
cursor.execute(insert_post_query)
conn.commit()
return redirect('/')
@app.route('/follow')
def follow():
get_all_not_me_users_query = "SELECT * from users where id != '%s'" % session['id']
# who user is following
# we want username and id
get_all_following_query = "SELECT f.uid_of_user_being_followed, u.username from follow f left join user u on u.id = f.uid_of_user_being_followed where f.uid_of_user_following = '%s'" % session['id']
cursor.execute(get_all_following_query)
get_all_following_result = cursor.fetchall()
# all users in user table minus those user is following
get_all_not_following_query = "SELECT id, username from user where id not in (select uid_of_user_being_followed from follow where uid_of_user_following = '%s') and id != '%s'" % (session['id'], session['id'])
cursor.execute(get_all_not_following_query)
get_all_not_following_result = cursor.fetchall()
# get_all_following_query = "SELECT * from follow inner join user on follow.uid_of_user_following = '%s'" % session['id']
return render_template ('follow.html',
following_list = get_all_following_result,
not_following_list = get_all_not_following_result
)
@app.route('/follow_user')
def follow_user():
user_id_to_follow = request.args.get('user_id')
follow_query = "INSERT into follow (uid_of_user_being_followed, uid_of_user_following) values ('%s', '%s')" % (user_id_to_follow, session['id'])
cursor.execute(follow_query)
conn.commit()
return redirect('/follow')
@app.route('/unfollow_user')
def unfollow_user():
user_id_to_unfollow = request.args.get('user_id')
unfollow_query = "DELETE from follow where uid_of_user_being_followed = '%s' and uid_of_user_following = '%s'" % (user_id_to_unfollow, session['id'])
cursor.execute(unfollow_query)
conn.commit()
return redirect('/follow')
if __name__ == "__main__":
app.run(debug=True)