-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapp.py
128 lines (116 loc) · 5.6 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
from flask import Flask, render_template, request, redirect, url_for, session
from flask_mysqldb import MySQL
import MySQLdb.cursors
import re
app = Flask(__name__)
# Secret key for session management
app.secret_key = 'your secret key'
# MySQL configurations
app.config['MYSQL_HOST'] = 'localhost'
app.config['MYSQL_USER'] = 'root'
app.config['MYSQL_PASSWORD'] = 'pramod2805'
app.config['MYSQL_DB'] = 'geekprofile'
# Initialize MySQL
mysql = MySQL(app)
@app.route('/')
@app.route('/login', methods=['GET', 'POST'])
def login():
msg = ''
if request.method == 'POST' and 'username' in request.form and 'password' in request.form:
username = request.form['username']
password = request.form['password']
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM accounts WHERE username = %s AND password = %s', (username, password,))
account = cursor.fetchone()
if account:
session['loggedin'] = True
session['id'] = account['id']
session['username'] = account['username']
msg = 'Logged in successfully!'
return render_template('index.html', msg=msg)
else:
msg = 'Incorrect username/password!'
return render_template('login.html', msg=msg)
@app.route('/logout')
def logout():
session.pop('loggedin', None)
session.pop('id', None)
session.pop('username', None)
return redirect(url_for('login'))
@app.route('/register', methods=['GET', 'POST'])
def register():
msg = ''
if request.method == 'POST' and all(k in request.form for k in ('username', 'password', 'email', 'address', 'city', 'country', 'postalcode', 'organisation')):
username = request.form['username']
password = request.form['password']
email = request.form['email']
organisation = request.form['organisation']
address = request.form['address']
city = request.form['city']
state = request.form['state']
country = request.form['country']
postalcode = request.form['postalcode']
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM accounts WHERE username = %s', (username,))
account = cursor.fetchone()
if account:
msg = 'Account already exists!'
elif not re.match(r'[^@]+@[^@]+\.[^@]+', email):
msg = 'Invalid email address!'
elif not re.match(r'[A-Za-z0-9]+', username):
msg = 'Username must contain only characters and numbers!'
else:
cursor.execute('INSERT INTO accounts (username, password, email, organisation, address, city, state, country, postalcode) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)',
(username, password, email, organisation, address, city, state, country, postalcode))
mysql.connection.commit()
msg = 'You have successfully registered!'
elif request.method == 'POST':
msg = 'Please fill out the form!'
return render_template('register.html', msg=msg)
@app.route('/index')
def index():
if 'loggedin' in session:
return render_template('index.html', msg='Welcome to the index page!')
return redirect(url_for('login'))
@app.route('/display')
def display():
if 'loggedin' in session:
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM accounts WHERE id = %s', (session['id'],))
account = cursor.fetchone()
return render_template('display.html', account=account)
return redirect(url_for('login'))
@app.route('/update', methods=['GET', 'POST'])
def update():
msg = ''
if 'loggedin' in session:
if request.method == 'POST' and all(k in request.form for k in ('username', 'password', 'email', 'address', 'city', 'country', 'postalcode', 'organisation')):
username = request.form['username']
password = request.form['password']
email = request.form['email']
organisation = request.form['organisation']
address = request.form['address']
city = request.form['city']
state = request.form['state']
country = request.form['country']
postalcode = request.form['postalcode']
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM accounts WHERE username = %s AND id != %s', (username, session['id'],))
account = cursor.fetchone()
if account:
msg = 'Username already exists!'
elif not re.match(r'[^@]+@[^@]+\.[^@]+', email):
msg = 'Invalid email address!'
elif not re.match(r'[A-Za-z0-9]+', username):
msg = 'Username must contain only characters and numbers!'
else:
cursor.execute('UPDATE accounts SET username = %s, password = %s, email = %s, organisation = %s, address = %s, city = %s, state = %s, country = %s, postalcode = %s WHERE id = %s',
(username, password, email, organisation, address, city, state, country, postalcode, session['id']))
mysql.connection.commit()
msg = 'You have successfully updated your profile!'
elif request.method == 'POST':
msg = 'Please fill out the form!'
return render_template('update.html', msg=msg)
return redirect(url_for('login'))
if __name__ == "__main__":
app.run(host="localhost", port=5000, debug=True)