In [1]:
from flask import Flask, render_template, request, redirect, url_for, flash
import logging, re, os
from datetime import datetime

app = Flask(__name__)

# In production, set SECRET_KEY via environment variable
app.secret_key = os.environ.get("SECRET_KEY", "dev-change-me")

# ---------- Logging ----------
logging.basicConfig(
    level=logging.INFO,
    format="%(asctime)s [%(levelname)s] %(message)s",
    handlers=[logging.FileHandler("app.log"), logging.StreamHandler()],
)
log = logging.getLogger(__name__)

# ---------- Simple in-memory storage ----------
# (Resets when the server restarts; good for teaching/demo)
REGISTERED_USERS = []   # each item: {"username", "email", "age", "created_at"}

# ---------- Validation patterns ----------
EMAIL_PATTERN = re.compile(r'^[\w\.-]+@[\w\.-]+\.[A-Za-z]{2,}$')
USERNAME_PATTERN = re.compile(r'^[A-Za-z0-9_]{3,16}$')

@app.route("/")
def home():
    # templates/home.html uses: {{ url_for('static', filename='images/1.jpg') }}
    return render_template("home.html")

@app.route("/about")
def about():
    # templates/about.html uses: {{ url_for('static', filename='images/2.jpg') }}
    return render_template("about.html")

@app.route("/data")
def data():
    # Show newest first
    rows = sorted(REGISTERED_USERS, key=lambda r: r["created_at"], reverse=True)
    # templates/data.html can also render an image  {{ url_for('static', filename='images/1.jpg') }}
    return render_template("data.html", users=rows)

@app.route("/register", methods=["GET", "POST"])
def register():
    if request.method == "POST":
        username = (request.form.get("username") or "").strip()
        email    = (request.form.get("email") or "").strip()
        age_raw  = (request.form.get("age") or "").strip()

        try:
            # ----- Type / Format checks -----
            if not USERNAME_PATTERN.fullmatch(username):
                raise ValueError("Username must be 3–16 chars (letters, digits, underscore).")

            if not EMAIL_PATTERN.fullmatch(email):
                raise ValueError("Email format is invalid.")

            if not age_raw.isdigit():
                raise ValueError("Age must be a number.")

            age = int(age_raw)

            # ----- Range / Length checks -----
            if not (1 <= age <= 120):
                raise ValueError("Age must be between 1 and 120.")

            if len(email) > 254:
                raise ValueError("Email too long.")

            # ----- Business rules / Whitelist checks -----
            if username.lower() in {"admin", "root"}:
                raise ValueError("Username is reserved.")

            # ----- Save the user -----
            REGISTERED_USERS.append({
                "username": username,
                "email": email,
                "age": age,
                "created_at": datetime.utcnow()
            })

            flash(f"✅ Registered {username} successfully!", "success")
            log.info("Registration OK: username=%s email=%s age=%d", username, email, age)
            return redirect(url_for("data"))

        except ValueError as e:
            flash(f"⚠ Validation error: {e}", "error")
            log.warning("Validation failed: %s", e)
            return redirect(url_for("register"))

    return render_template("register.html")

@app.errorhandler(404)
def not_found(e):
    # templates/404.html uses: {{ url_for('static', filename='images/3.jpg') }}
    log.warning("404 Not Found: %s", request.path)
    return render_template("404.html"), 404

if __name__ == "__main__":
    app.run(debug=False)


 * Serving Flask app '__main__'
 * Debug mode: off


 * Running on http://127.0.0.1:5000
2025-10-19 20:21:34,718 [INFO] [33mPress CTRL+C to quit[0m
