#controllers/signup.py
import config, lib, datetime, uuid
from bottle import route, template, request, redirect
from models import userdb
@route('/signup')
def signup():
config.kargs['blogTitle'] = "ទំព័រសមាជិក"
config.kargs['posts'] = userdb.select(config.kargs['dashboardPostLimit'])
config.kargs['thumbs'] = lib.getPostThumbs(config.kargs['posts'], type="user")
config.kargs['page'] = 1
return template('dashboard/signup', data=config.kargs)
@route('/user/<id:int>')
def post(id):
config.kargs['blogTitle'] = "ទំព័រសមាជិក"
config.kargs['frontPagePostLimit'] = 20
config.kargs['post'] = userdb.select(1, id)
config.kargs['posts'] = userdb.select(config.kargs['frontPagePostLimit'])
config.kargs['thumbs'] = lib.getPostThumbs(config.kargs['posts'], "user")
config.kargs['page'] = 1
author = request.get_cookie("logged-in", secret=config.kargs['secretKey'])
if author:
config.kargs['showEdit'] = True
return template('user', data=config.kargs)
@route('/signup', method="POST")
def signupPost():
author = request.get_cookie("logged-in", secret=config.kargs['secretKey'])
user = userdb.createTable()
username = request.forms.getunicode('fusername')
password = request.forms.getunicode('fpassword')
rights = request.forms.getunicode('frights')
email = request.forms.getunicode('femail')
profile = request.forms.getunicode('fprofile')
gender = request.forms.getunicode('fgender')
if not user:
userdb.insert(str(uuid.uuid4().int), username, password, "Admin", email, profile, gender)
else:
if ((author != "Guest") and userdb.checkAdmin(author)):
if 'postId' in config.kargs:
id = config.kargs['postId']
userdb.update(username, password, rights, email, profile, gender, id)
del config.kargs['postId']
else:
userdb.insert(str(uuid.uuid4().int), username, password, rights, email, profile, gender)
redirect('/signup')
redirect('/login')
@route('/user/edit/<id:int>')
def edit(id):
author = request.get_cookie("logged-in", secret=config.kargs['secretKey'])
if ((author != "Guest") and userdb.checkAdmin(author)):
config.kargs['blogTitle'] = "ទំព័រកែតំរូវ"
config.kargs['posts'] = userdb.select(config.kargs['dashboardPostLimit'])
config.kargs['thumbs'] = lib.getPostThumbs(config.kargs['posts'], type="user")
config.kargs['post'] = userdb.select(1, id)
config.kargs['edit'] = True
config.kargs['postId'] = id
config.kargs['page'] = 1
return template('dashboard/signup', data=config.kargs)
redirect('/signup')
@route('/user/delete/<id:int>')
def delete(id):
author = request.get_cookie("logged-in", secret=config.kargs['secretKey'])
if ((author != "Guest") and userdb.checkAdmin(author)):
userdb.delete(id)
redirect('/signup')
@route('/user/paginate/<place>')
def paginate(place):
if place == "frontEnd":
postLimit = config.kargs['frontPagePostLimit']
else:
postLimit = config.kargs['dashboardPostLimit']
posts = userdb.select(postLimit, page=config.kargs['page'])
if posts:
config.kargs['page'] += 1
thumbs = lib.getPostThumbs(posts, type='user')
return {'json':posts, 'thumbs':thumbs}
else:
return {'json':0}
#models/userdb.py
import os
import psycopg2
def createTable():
if 'DYNO' in os.environ:
DATABASE_URL = os.environ['DATABASE_URL']
conn = psycopg2.connect(DATABASE_URL, sslmode='require')
cursor = conn.cursor()
else:
conn = psycopg2.connect(
database="postgres",
user="postgres",
password="sokhavuth",
host="localhost",
port="5432"
)
cursor = conn.cursor()
SQL = '''CREATE TABLE IF NOT EXISTS USERS(
ID TEXT,
USERNAME TEXT,
PASSWORD TEXT,
RIGHTS TEXT,
EMAIL TEXT,
PROFILE TEXT,
GENDER TEXT
)'''
cursor.execute(SQL)
cursor.execute("SELECT ID FROM USERS LIMIT 1")
result = cursor.fetchone()
conn.commit()
conn.close()
return result
def insert(*user):
if 'DYNO' in os.environ:
DATABASE_URL = os.environ['DATABASE_URL']
conn = psycopg2.connect(DATABASE_URL, sslmode='require')
cursor = conn.cursor()
else:
conn = psycopg2.connect(
database="postgres",
user="postgres",
password="sokhavuth",
host="localhost",
port="5432"
)
cursor = conn.cursor()
cursor.execute("INSERT INTO USERS (ID, USERNAME, PASSWORD, RIGHTS, EMAIL, PROFILE, GENDER) VALUES %s ", (user,))
conn.commit()
conn.close()
def check(username, password):
if 'DYNO' in os.environ:
DATABASE_URL = os.environ['DATABASE_URL']
conn = psycopg2.connect(DATABASE_URL, sslmode='require')
cursor = conn.cursor()
else:
conn = psycopg2.connect(
database="postgres",
user="postgres",
password="sokhavuth",
host="localhost",
port="5432"
)
cursor = conn.cursor()
cursor.execute("SELECT USERNAME, PASSWORD FROM USERS WHERE USERNAME = '"+ username + "' and PASSWORD = '" + password + "' LIMIT 1")
result = cursor.fetchone()
if result:
return True
else:
return False
def checkAdmin(username):
if 'DYNO' in os.environ:
DATABASE_URL = os.environ['DATABASE_URL']
conn = psycopg2.connect(DATABASE_URL, sslmode='require')
cursor = conn.cursor()
else:
conn = psycopg2.connect(
database="postgres",
user="postgres",
password="sokhavuth",
host="localhost",
port="5432"
)
cursor = conn.cursor()
cursor.execute("SELECT USERNAME, RIGHTS FROM USERS WHERE USERNAME = '"+ username + "' and RIGHTS = 'Admin' LIMIT 1")
result = cursor.fetchone()
if result:
return True
else:
return False
def select(amount, id=None, page=0):
createTable()
if 'DYNO' in os.environ:
DATABASE_URL = os.environ['DATABASE_URL']
conn = psycopg2.connect(DATABASE_URL, sslmode='require')
cursor = conn.cursor()
else:
conn = psycopg2.connect(
database="postgres",
user="postgres",
password="sokhavuth",
host="localhost",
port="5432"
)
cursor = conn.cursor()
if id and (amount == 1):
cursor.execute("SELECT * FROM USERS WHERE ID = '" + str(id) +"'")
elif page:
SQL = "SELECT * FROM USERS ORDER BY CTID DESC OFFSET %s ROWS FETCH NEXT %s ROWS ONLY"
cursor.execute(SQL, (amount*page, amount))
else:
cursor.execute("SELECT * FROM USERS ORDER BY CTID DESC LIMIT " + str(amount))
result = cursor.fetchall()
return result
def update(*args):
if 'DYNO' in os.environ:
DATABASE_URL = os.environ['DATABASE_URL']
conn = psycopg2.connect(DATABASE_URL, sslmode='require')
cursor = conn.cursor()
else:
conn = psycopg2.connect(
database="postgres",
user="postgres",
password="sokhavuth",
host="localhost",
port="5432"
)
cursor = conn.cursor()
sql = "UPDATE USERS SET USERNAME = %s, PASSWORD = %s, RIGHTS = %s, EMAIL = %s, PROFILE = %s, GENDER = %s WHERE ID = '%s' "
cursor.execute(sql, args)
conn.commit()
conn.close()
def delete(id):
if 'DYNO' in os.environ:
DATABASE_URL = os.environ['DATABASE_URL']
conn = psycopg2.connect(DATABASE_URL, sslmode='require')
cursor = conn.cursor()
else:
conn = psycopg2.connect(
database="postgres",
user="postgres",
password="sokhavuth",
host="localhost",
port="5432"
)
cursor = conn.cursor()
cursor.execute("DELETE FROM USERS WHERE ID = '" + str(id) + "'")
conn.commit()
conn.close()
GitHub: https://github.com/Sokhavuth/kwblog
Heroku: https://khmerweb-kwblog.herokuapp.com/
