· 6 years ago · Sep 25, 2019, 10:00 PM
1from flask import Flask
2from flask import render_template
3from flask import request
4from flask import redirect
5from string import Template
6import sqlite3
7import os
8from sys import exit
9import random
10from random import shuffle
11
12app = Flask(__name__)
13#Check for users.db . If doesn't exist, create it.
14#if os.path.exists('webapp.db') == False:
15# print("\n\t\tWomp! You're DB doesnt exist. Make it and try again.")
16# exit(0)
17
18#Creates the user table and adds admin acct.
19conn = sqlite3.connect("webapp.db")
20c = conn.cursor()
21c.execute("""CREATE TABLE IF NOT EXISTS users (id integer primary key, username text NOT NULL, password text NOT NULL)""")
22c.execute("""INSERT INTO users VALUES(1,"admin","admin");""")
23conn.commit()
24conn.close()
25
26register_template = ("""
27<html lang="en" dir="ltr">
28 <head><title>Register</title></head>
29 <body>
30 <h1>Welcome to the Register Page!</h1>
31 <h2>Choose a username & password. <br>
32 <form method="post">
33 Username: <br>
34 <input type="text" name="username" value=""> <br>
35 Password: <br>
36 <input type="password" name="password" value=""> <br>
37 Confirm Password: <br>
38 <input type="confirm password" name="confirm_password" value=""> <br>
39 <br>
40 <input type="submit" name="" value="Submit!"> <br>
41 </form>
42 </body>
43</html>
44""")
45
46table_template = Template("""
47<table style="border:1px solid black">
48 <tr>
49 <td style="border:1px solid black">ID</td>
50 <td style="border:1px solid black">Name</td>
51 <td style="border:1px solid black">Description</td>
52 <td style="border:1px solid black">Action</td>
53 <td style="border:1px solid black">List Name:</td>
54 </tr>
55 ${data}
56</table>
57""")
58
59row_template = Template("""
60 <tr>
61 <td style="border:1px solid black">${id}</td>
62 <td style="border:1px solid black">${name}</td>
63 <td style="border:1px solid black">${description}</td>
64 <td style="border:1px solid black"><a href="/todo/delete/${id}">Delete</a></td>
65 <td style="border:1px solid black"><a href="/todo/update/${id}">Update</a></td>
66 </tr>
67""")
68
69add_row_template = Template("""
70<form method="POST" action="/todo/add">
71Table Name: Test! |
72ID #:<input type="number" name="id"></input>
73Task Name:<input name="task_name"></input>
74Task Description:<input name="task_description"></input>
75<input type="submit" name="send" value="Create task">
76</form>
77""")
78
79change_template = Template("""
80<form method="POST" action="/todo/update/${id}">
81ID # Being Edited:<h2>${id}</h2>
82Task Name:<input name="task_name"></input>
83Task Description:<input name="task_description"></input>
84<input type="submit" name="send" value="Update Task">
85</form>
86""")
87
88def check_existent_id():
89 existing_IDs = []
90 for l in open("todolists_names.txt").readlines():
91 (existent_id, name, description) = l.strip('\n').split('-', 2)
92 existing_IDs.append(int(existent_id))
93 return existing_IDs
94
95def sanitize_for_dash(user_parameter):
96 broken_up = list(user_parameter)
97 bad_chars = ["-","=","<",">","[","]","/","&","`","|","^","\\","\'","\"","^","$","%","\a","\b","\f","\n","\r","\t","\v"]
98 new_line = []
99 for c in broken_up:
100 if c not in bad_chars:
101 new_line.append(c)
102 return ''.join(new_line)
103
104def username_taken(desired_username):
105 conn = sqlite3.connect("webapp.db")
106 c = conn.cursor()
107 c.execute("""SELECT username FROM users""")
108 rows = c.fetchall()
109 conn.close()
110 print("desired_username: "+desired_username)
111 print("rows: "+str(rows))
112 print("each row: ")
113 usr_list = []
114 for a in rows:
115 usr_list.append(a[0])
116 print(usr_list)
117 if desired_username in usr_list:
118 return True
119 else:
120 return False
121
122
123@app.route('/')
124def index():
125 greeting = "Hello World"
126 return render_template("index.html") #greeting=greeting)
127
128@app.route('/login')
129def login():
130 return render_template("login.html")
131
132unshuffled_list = list(range(1000))
133random_id_list = random.sample(unshuffled_list, len(unshuffled_list))
134@app.route('/register', methods=['GET','POST'])
135def register():
136 if request.method == "GET":
137 return register_template
138 if request.method == "POST":
139 username = sanitize_for_dash(request.form['username'])
140 password = sanitize_for_dash(request.form['password'])
141 confirm_password = sanitize_for_dash(request.form['confirm_password'])
142 if confirm_password != password:
143 return ('Sorry! Passwords do not match. Try again.<a href="/register">Go Back.</a>')
144 elif username_taken(username) == True:
145 return('Sorry! Username taken. <a href="/register">Try again.</a>')
146 elif username_taken(username) == False:
147 random_id = random_id_list.pop()
148 conn = sqlite3.connect("webapp.db")
149 c = conn.cursor()
150 c.execute(f"""INSERT INTO users VALUES ({random_id},'{username}','{password}');""")
151 conn.commit()
152 return (f'Welcome! {username}!' + '<a href="/dbtable">See Users.</a>')
153
154@app.route('/dbtable')
155def dbtable():
156 conn = sqlite3.connect('webapp.db')
157 c = conn.cursor()
158 c.execute("SELECT * FROM users")
159 return (str(c.fetchall()) + '<a href="/">Go To Main.</a>')
160
161
162@app.route('/todo/view', methods=['GET'])
163def todolist():
164 data = ''
165 lines = open('todolists_names.txt').readlines()
166 for l in lines:
167 (id, name, description) = l.strip('\n').split('-', 2)
168 data += row_template.substitute(id=id, name=name, description=description)
169 return (add_row_template.substitute(table_name="test")+
170 table_template.substitute(data=data))
171
172@app.route('/todo/add', methods=["POST"])
173def add():
174 if int(request.form['id']) > 0:
175 id = int(request.form['id'])
176 task_name = sanitize_for_dash(request.form['task_name'])
177 task_description = sanitize_for_dash(request.form['task_description'])
178 existing_IDs = check_existent_id()
179 if int(id) in existing_IDs:
180 return('Sorry! Please use a unique ID. <a href="/todo/view">Go Back.</a>')
181 else:
182 f = open("todolists_names.txt","a")
183 f.write(f"{id} - {task_name} - {task_description}" + "\n")
184 f.close()
185 return redirect('/todo/view')
186 else:
187 return "No Negative Integers! Stay positive dude!!"
188
189@app.route('/todo/delete/<some_id>', methods=["GET"])
190def delete(some_id):
191 existing_IDs=check_existent_id()
192 if request.method == "GET" and (int(some_id) in existing_IDs):
193 with open("todolists_names.txt","r+") as f:
194 new_f = f.readlines()
195 f.seek(0)
196 for line in new_f:
197 if some_id not in line:
198 f.write(line)
199 f.truncate()
200 return redirect('/todo/view')
201 else:
202 return('Hmm. Invalid ID#!<a href="../view">Go Back.</a>')
203
204@app.route('/todo/update/<id>', methods=["GET","POST"])
205def change(id):
206 try:
207 new_id = int(id)
208 if new_id < 0:
209 return("Sorry dude! Positive #s only.")
210 else:
211 existing_IDs = check_existent_id()
212 if request.method == "GET" and (new_id in existing_IDs):
213 return(change_template.substitute(id=new_id))
214
215 elif request.method == "POST":
216 task_name = sanitize_for_dash(request.form['task_name'])
217 task_description = sanitize_for_dash(request.form['task_description'])
218 with open("todolists_names.txt","r+") as f:
219 new_f = f.readlines()
220 f.seek(0)
221 for line in new_f:
222 if new_id not in line:
223 f.write(line)
224 f.truncate()
225 f.write(f"{new_id} - {task_name} - {task_description}" + "\n")
226 return redirect('/todo/view')
227 else:
228 return('Hmm. Invalid ID#!<a href="/todo/view">Go Back.</a>')
229 except:
230 return('Uhh. Please use an integer and not a string! <a href="/todo/view">Go Back.</a>')
231
232if __name__ == "__main__":
233 app.run()