kitoy/pywallter
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Amélioration des post-it Ajout supp son compte

Browse Source
This commit is contained in:
kitoy
2023-07-06 05:07:34 +02:00
parent 2eb2d7fe98
commit 1ce6020bff
17 changed files with 486 additions and 130 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
views/blog.py
View File

@@ -35,48 +35,55 @@ def racine_blog():
content = request.form['content']
#category = request.form['category']
status = request.form['status']
TIME=time.strftime("%A %d %B %Y %H:%M:%S")
post_date = time.strftime("%A %d %B %Y %H:%M:%S")
conn = sqlite3.connect(DATABASE) # Connexion la base de donne
cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""INSERT INTO posts(title, content, time, author, status) VALUES(?, ?, ?, ?, ?)""",
(title, content, TIME, UTILISATEUR, status)) # Insérer des valeurs
cursor.execute("""INSERT INTO posts(title, content, time, author, status) VALUES(?, ?, ?, ?, ?)""", (title, content, post_date, UTILISATEUR, status)) # Insérer des valeurs
conn.commit()
cursor.execute("""SELECT title, content, time, author, status, avatar, nom, prenom, age FROM posts INNER JOIN users ON author = name""")
posts = [dict(title=row[0], content=row[1], time=row[2], author=row[3],
status=row[4], avatar=row[5], nom=row[6], prenom=row[7], age=row[8])
for row in reversed(cursor.fetchall())]
cursor.execute("""SELECT avatar FROM users WHERE name=? """, (UTILISATEUR,))
user_info = cursor.fetchone()
cursor.execute("""SELECT title, content, time, author, status FROM posts where author=?""" , (UTILISATEUR,))
list_posts = cursor.fetchall()
conn.close()
posts=list()
id=0
for post in list_posts:
posts.append(dict(title=post[0], id_postit=id ,content=markdown(post[1]), time=post[2], author=post[3],status=post[4], avatar=user_info[0]))
id=id+1
return render_template('blog.html', posts=posts)
else:
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""SELECT title, content, time, author, status, avatar, nom, prenom, age FROM posts INNER JOIN users ON author = name""")
posts = [dict(title=row[0], content=row[1], time=row[2], author=row[3],
status=row[4], avatar=row[5], nom=row[6], prenom=row[7], age=row[8])
for row in reversed(cursor.fetchall())]
cursor.execute("""SELECT avatar FROM users WHERE name=?""", (UTILISATEUR,))
user_info = cursor.fetchone()
cursor.execute("""SELECT title, content, time, author, status FROM posts WHERE author=?""" , (UTILISATEUR,))
list_posts = cursor.fetchall()
conn.close()
for post in posts:
post['content'] = markdown(post['content'])
posts=list()
id=0
for post in list_posts:
posts.append(dict(title=post[0], id_postit=id, content=markdown(post[1]), time=post[2], author=post[3],status=post[4], avatar=user_info[0]))
id=id+1
return render_template('blog.html', section='Post-it', posts=posts)
else:
return redirect(BASE_URL, code=401)
@postit.route('/delete/<post>')
def delete(post):
@postit.route('/delete/<title>/<time>')
def delete(title, time):
if 'username' in session :
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""DELETE FROM posts WHERE title=?""", (post,))
cursor.execute("""DELETE FROM posts WHERE title=? AND time=?""", (title, time))
conn.commit()
conn.close()
return redirect(url_for('post-it.racine_blog'))
else:
return redirect(BASE_URL, code=401) # sinon on redirige vers login
@postit.route('/edit/<post>', methods=['GET', 'POST'])
def edit(post):
@postit.route('/edit/<title>/<time>', methods=['GET', 'POST'])
def edit(title, time):
if 'username' in session :
if request.method == 'POST' :
newtitle = request.form['title']
@@ -84,15 +91,15 @@ def edit(post):
newstatus = request.form['status']
conn = sqlite3.connect(DATABASE)
cursor = conn.cursor()
cursor.execute("""UPDATE posts SET title=?, content=?, status=? WHERE title=?""",
(newtitle, newcontent, newstatus, post,))
cursor.execute("""UPDATE posts SET title=?, content=?, status=? WHERE title=? AND time=?""",
(newtitle, newcontent, newstatus, title, time))
conn.commit()
conn.close()
return redirect(url_for('post-it.racine_blog'))
else:
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""SELECT title, content FROM posts WHERE title=?""", (post,))
cursor.execute("""SELECT title, content FROM posts WHERE title=? AND time =?""", (title, time))
oldpost = cursor.fetchone()
conn.close()
return render_template('postedit.html',
@@ -102,18 +109,31 @@ def edit(post):
return redirect(BASE_URL, code=401)
@postit.route('/postit/board', methods=['GET'])
def viewsheet():
if 'username' in session:
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""SELECT title, content, time, author, status, avatar, nom, prenom, age FROM posts INNER JOIN users where status='public' """)
posts = [dict(title=row[0], content=row[1], time=row[2], author=row[3],
status=row[4], avatar=row[5], nom=row[6], prenom=row[7], age=row[8])
for row in reversed(cursor.fetchall())]
cursor.execute("""SELECT title, content, time, author, status FROM posts WHERE status='public' """)
list_posts=cursor.fetchall()
posts=list()
id=0
for post in list_posts:
author = post[3]
cursor.execute("""SELECT avatar FROM users WHERE name=?""", (author,))
tmp = cursor.fetchone()
if tmp != None :
author_avatar = tmp[0]
else:
author_avatar = tmp
posts.append(dict(title=post[0], id_postit=id, content=markdown(post[1]), time=post[2], author=post[3],status=post[4], avatar=author_avatar))
id=id+1
conn.close()
for post in posts:
post['content'] = markdown(post['content'])
return render_template('board.html', section='Post-it', posts=posts)
else:
return redirect(BASE_URL, code=401)

13
views/inscription.py
View File

@@ -12,11 +12,11 @@ bcrypt = Bcrypt(app)
#### Variables ##################################################################################
DOSSIER_PERSO= app.config['DOSSIER_APP']
DATAS_USER = app.config['DOSSIER_APP']
extensionimg = app.config['EXT_IMG']
DATABASE = app.config['DATABASE']
MAIL_SERVER = app.config['MAIL_SERVER']
XMMP_SERVER = app.config['XMPP_SERVER']
XMPP_SERVER = app.config['XMPP_SERVER']
SETUID = app.config['SETUID']
BASE_URL = app.config['BASE_URL']
@@ -72,7 +72,7 @@ def signin(token) :
user = request.form['user']
passwd = request.form['passwd']
mail = ""
mail = user+'@'+hostname
passwdconfirm = request.form['passwdconfirm']
bcrypt_passwd = bcrypt.generate_password_hash(request.form['passwd'])
mail_passwd_change = 0
@@ -91,7 +91,6 @@ def signin(token) :
flash(u'Non d\'utilisateur déjà utilisé, merci d\'en choisir un autre', 'error')
not_error = False
if not(password_valid):
flash (u'Les caractère & et " ne sont pas autorisé dans les mots de passe', 'error')
not_error = False
@@ -101,7 +100,7 @@ def signin(token) :
if not(email_disp(mail)) :
flash(u'Adresse email déjà utilisé ou invalide, merci d\'en choisir une autre', 'error')
not_error = False
if not_error:
confirmation = bcrypt.check_password_hash(bcrypt_passwd, passwdconfirm)
if confirmation is False:
@@ -120,7 +119,7 @@ def signin(token) :
flash(u'Il y a eu une problème lors du changement de mot passe pour le compte Mail', 'error')
# On change le mot de passe du compte XMPP
if XMMP_SERVER:
if XMPP_SERVER:
tmp = mail.split('@')
cmd = SETUID+ ' prosodyctl register ' "'"+tmp[0]+"' " + "'"+tmp[1]+"' " + "'"+passwd+"'"
res = os.system(cmd)
@@ -128,7 +127,7 @@ def signin(token) :
flash(u'Il y a eu un problème pour la création du compte XMPP !', 'error')
# on créé les dossier de l'utilisateur
userracine = DOSSIER_PERSO + user
userracine = DATAS_USER + user
userfiles = userracine + '/files'
userimages = userracine + '/images'
userthumbnails = userracine + '/images/thumbnails'

65
views/loginlogout.py
View File

@@ -2,6 +2,7 @@ from flask import Blueprint, Flask, request, flash, render_template, url_for, se
import sqlite3
from flask_bcrypt import Bcrypt
from socket import gethostname
from os import remove, system
app = Flask( 'pywallter' )
app.config.from_pyfile('config.py')
@@ -10,15 +11,17 @@ bcrypt = Bcrypt(app)
#### Variables ####################################################################################
bcrypt = Bcrypt(app)
DOSSIER_PERSO= app.config['DOSSIER_APP']
DATAS_USER = app.config['DOSSIER_APP']
extensionimg = app.config['EXT_IMG']
DATABASE = app.config['DATABASE']
BASE_URL = app.config['BASE_URL']
SETUID = app.config['SETUID']
MAIL_SERVER = app.config['MAIL_SERVER']
XMPP_SERVER = app.config['XMPP_SERVER']
BACKUP_TIME = app.config['BACKUP_TIME']
##################################################################################################
@@ -27,7 +30,7 @@ loginlogout = Blueprint('loginlogout', __name__, template_folder='templates')
@loginlogout.route( '/login/', methods=['GET','POST'] )
def login() :
if 'username' in session :
resp = redirect(url_for('filesupload.uploadfiles', _external=True))
resp = redirect(url_for('profil.profile', _external=True))
else :
resp = redirect(url_for('loginlogout.login', _external=True))
if request.method == 'POST' :
@@ -54,10 +57,64 @@ def logout():
session.pop('username', None) # Supprimer username de la session s'il s'y trouve
return redirect(url_for('loginlogout.index'))
@loginlogout.route( '/delete_me/', methods=['GET','POST'])
def delete_account():
if 'username' in session :
UTILISATEUR='%s'% escape(session['username'])
resp = render_template('delete_account.html', time_backup=BACKUP_TIME)
if request.method == 'POST' :
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""SELECT passwd FROM users WHERE name=?""", (UTILISATEUR,))
passwd = cursor.fetchone()[0]
conn.close()
password = request.form['passwd']
if bcrypt.check_password_hash(passwd, password) is True:
not_error = True
try:
cmd = 'rm -r ' + DATAS_USER + '/' + UTILISATEUR
if system(cmd) != 0:
raise TypeError("Remove directory error")
except:
not_error = False
flash(u'Erreur lors de la suppression de votre dossier utilisateur.', 'error')
if MAIL_SERVER:
try:
cmd = SETUID + ' set_mail_passwd del' + '"'+mail+'"'
system(cmd)
except:
not_error = False
flash(u'Erreur lors de la suppression de votre compte Mail.', 'error')
if XMPP_SERVER:
try:
tmp = mail.split('@')
cmd = SETUID+ ' prosodyctl deluser ' "'"+tmp[0]+"' " + "'"+tmp[1]+"'"
system(cmd)
except:
not_error = False
flash(u'Erreur lors de la suppression de votre compte XMPP.', 'error')
if not_error:
try:
conn = sqlite3.connect(DATABASE)
cursor = conn.cursor()
cursor.execute("""DELETE FROM users WHERE name=?""", (UTILISATEUR,))
conn.commit()
conn.close()
except:
flash(u'Erreur lors de la suppression de votre compte.', 'error')
else:
flash(u'Désinscription réalisé avec succés, y\'a plus rien !', 'succes')
resp = redirect(url_for('loginlogout.logout'))
else:
flash(u'Mauvais mot de passe', 'error')
return resp
@loginlogout.route( '/' )
def index():
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""SELECT token passwd FROM users where name=? """, ("pywallter", ))

60
views/profil.py
View File

@@ -22,10 +22,12 @@ DOSSIER_PERSO = app.config['DOSSIER_APP']
extensionimg = app.config['EXT_IMG']
DATABASE = app.config['DATABASE']
DATAS_USER = app.config['DOSSIER_APP']
MAIL_SERVER = app.config['MAIL_SERVER']
XMPP_SERVER = app.config['XMPP_SERVER']
SETUID = app.config['SETUID']
BASE_URL = app.config['BASE_URL']
BACKUP_TIME = app.config['BACKUP_TIME']
##################################################################################################
@@ -312,3 +314,61 @@ def generate_token():
return redirect(BASE_URL+'invitation/')
else:
return redirect(BASE_URL, code=401)
@profil.route( '/delete_me/', methods=['GET','POST'])
def delete_account():
if 'username' in session :
UTILISATEUR='%s'% escape(session['username'])
resp = render_template('delete_account.html', time_backup=BACKUP_TIME)
if request.method == 'POST' :
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""SELECT passwd FROM users WHERE name=?""", (UTILISATEUR,))
passwd = cursor.fetchone()[0]
conn.close()
password = request.form['passwd']
if bcrypt.check_password_hash(passwd, password) is True:
not_error = True
try:
cmd = 'rm -r ' + DATAS_USER + '/' + UTILISATEUR
if system(cmd) != 0:
raise TypeError("Remove directory error")
except:
not_error = False
flash(u'Erreur lors de la suppression de votre dossier utilisateur.', 'error')
if MAIL_SERVER:
try:
cmd = SETUID + ' set_mail_passwd del' + '"'+mail+'"'
system(cmd)
except:
not_error = False
flash(u'Erreur lors de la suppression de votre compte Mail.', 'error')
if XMPP_SERVER:
try:
tmp = mail.split('@')
cmd = SETUID+ ' prosodyctl deluser ' "'"+tmp[0]+"' " + "'"+tmp[1]+"'"
system(cmd)
except:
not_error = False
flash(u'Erreur lors de la suppression de votre compte XMPP.', 'error')
if not_error:
try:
conn = sqlite3.connect(DATABASE)
cursor = conn.cursor()
cursor.execute("""DELETE FROM users WHERE name=?""", (UTILISATEUR,))
cursor.execute("""DELETE FROM posts WHERE author=?""", (UTILISATEUR,))
conn.commit()
conn.close()
except:
flash(u'Erreur lors de la suppression de votre compte.', 'error')
else:
flash(u'Désinscription réalisé avec succés, y\'a plus rien !', 'succes')
resp = redirect(url_for('loginlogout.logout'))
else:
flash(u'Mauvais mot de passe', 'error')
return resp