q3k
/
cutedb
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2023-10-10. You can view files and clone it, but cannot push or open issues/pull-requests.
cutedb/webapp/views.py

143 lines
5.1 KiB
Python
Raw Blame History

import flask
import time
import hashlib
from webapp import app, config, database, forms
def get_quotes():
quotes = []
for _id, _up, _down, _text, _meta, _date in database.fetchall():
quote = {}
quote["id"] = str(_id)
score = _up - _down
quote["score"] = "+" if score >= 0 else ""
quote["score"] += str(score)
quote["votes"] = str(_up + _down)
quote["date"] = time.strftime("%y-%m-%d %H:%M %Z", time.localtime(_date))
quote["text"] = unicode(flask.escape(_text)).replace("\r\n", "<br />").replace("\r", "<br \>")
quote["user_score"] = get_user_votes(_id)
quotes.append(quote)
return quotes
def get_user_votes(_id):
"""Get user votes (if any) for quote id."""
database.execute("SELECT _approved FROM quotes WHERE _id = ?;", _id)
approved = database.fetchall()[0][0]
if approved:
key = "vote_%i" % _id
else:
key = "uvote_%i" % _id
if key in flask.session:
return int(flask.session[key])
return 0
def set_user_votes(_id, votes):
database.execute("SELECT _approved FROM quotes WHERE _id = ?;", _id)
approved = database.fetchall()[0][0]
if approved:
key = "vote_%i" % _id
else:
key = "uvote_%i" % _id
flask.session[key] = str(votes)
def upvote(_id):
if get_user_votes(_id) < 1:
if get_user_votes(_id) < 0:
# correcting vote
database.execute("UPDATE quotes SET _down = _down - 1 WHERE _id = ?;", _id)
else:
# normal vote
database.execute("UPDATE quotes SET _up = _up + 1 WHERE _id = ?;", _id)
set_user_votes(_id, get_user_votes(_id) + 1)
def downvote(_id):
if get_user_votes(_id) > -1:
if get_user_votes(_id) > 0:
# correcting vote
database.execute("UPDATE quotes SET _up = _up - 1 WHERE _id = ?;", _id)
else:
# normal vote
database.execute("UPDATE quotes SET _down = _down + 1 WHERE _id = ?;", _id)
set_user_votes(_id, get_user_votes(_id) - 1)
@app.route("/quotes/")
def recent_quotes():
database.execute("SELECT _id, _up, _down, _text, _meta, _date FROM quotes WHERE _approved = 1;")
quotes = get_quotes()
return flask.render_template("list.html", quotes=quotes, title="Recent Quotes")
@app.route("/quotes/queue")
def queue_quotes():
database.execute("SELECT _id, _up, _down, _text, _meta, _date FROM quotes WHERE _approved = 0;")
quotes = get_quotes()
return flask.render_template("list.html", quotes=quotes, title="Moderation Queue", admin = "username" in flask.session)
@app.route("/quotes/view/<int:_id>")
def quote_view(_id):
database.execute("SELECT _id, _up, _down, _text, _meta, _date FROM quotes WHERE _id = ?;", _id)
quotes = get_quotes()
return flask.render_template("list.html", quotes=quotes, title="Quote #%i" % _id)
@app.route("/quotes/up/<int:_id>")
def upvote_quote(_id):
upvote(_id)
return quote_view(_id)
@app.route("/quotes/down/<int:_id>")
def downvote_quote(_id):
downvote(_id)
return quote_view(_id)
@app.route("/quotes/approve/<int:_id>")
def approve_quote(_id):
if "username" not in flask.session:
return quote_view(_id)
database.execute("UPDATE quotes SET _approved = 1 WHERE _id = ?", _id)
database.execute("UPDATE quotes SET _up = 0 WHERE _id = ?", _id)
database.execute("UPDATE quotes SET _down = 0 WHERE _id = ?", _id)
return quote_view(_id)
@app.route("/quotes/delete/<int:_id>")
def delete_quote(_id):
if "username" not in flask.session:
return quote_view(_id)
database.execute("DELETE FROM quotes WHERE _id = ?", _id)
return quote_view(_id)
@app.route("/new", methods=["GET", "POST"])
def new_quote():
form = forms.NewQuote(flask.request.form)
if flask.request.method == "POST" and form.validate():
database.execute("INSERT INTO quotes (_text, _meta, _date) VALUES (?, ?, ?);", form.text.data, form.meta.data, time.time())
flask.flash("Quote added to moderation queue.")
return flask.redirect(flask.url_for('recent_quotes'))
return flask.render_template('new_quote.html', form=form)
@app.route("/login", methods=["GET", "POST"])
def login():
if flask.request.method == "POST":
username = flask.request.form["username"]
password = flask.request.form["password"]
database.execute("SELECT _password, _salt FROM users WHERE _username = ?;", username)
users = database.fetchall()
if len(users) != 1:
flask.flash("Invalid login data.")
return flask.redirect(flask.url_for('recent_quotes'))
_hash, salt = users[0]
hashed = hashlib.sha256(password + salt).hexdigest()
if hashed != _hash:
flask.flash("Invalid login data.")
return flask.redirect(flask.url_for('recent_quotes'))
flask.session["username"] = username
flask.flash("Succesfully logged in.")
return flask.redirect(flask.url_for('queue_quotes'))
return """<form action="/login" method="post">
<input type="text" name="username" />
<input type="password" name="password" />
<input type="submit" />
</form>"""
Reference in New Issue View Git Blame Copy Permalink