ERROR: All fields need to be filled and don't play with their names!
Go back and try again."
+ return errorpage("All fields need to be filled and don't play with their names!")
try:
postdict["size"]=postdict["size"]*int(request.form['size_multiplier'])
except Exception as e:
- return "
ERROR: All fields need to be filled and don't play with their names!
Go back and try again."
+ return errorpage("All fields need to be filled and don't play with their names!")
postdict["owner"]=userdata[0]
res,archid=db.add_archive(postdict)
if res:
return make_response(redirect(f"/view/{str(archid)}"))
else:
- return f"
ERROR: {archid}
Go back and try again.", 400
+ return errorpage(archid), 400
# GET: return normal page
htmlcatlist=get_category_selection(False)
@@ -88,7 +88,7 @@ def loginpage():
resp=setcookie("session",sesskey,lifetime)
return resp
else:
- return "
You've entered the wrong password. This incident will be reported.
Go back and try again."
+ return errorpage("You've entered the wrong password. This incident will be reported.")
# GET: Login form
else:
return render_template("login.html", title="Login")
@@ -99,6 +99,20 @@ def viewpage(archid:int):
archive,category,labels=db.get_archive_info(archid)
return render_template("view.html", title="View Archive",userdata=userdata,login=logged_in,archive=archive,category=category,labels=labels)
+@app.route('/delete/', methods=["GET","POST"])
+def deletepage(archid:int):
+ logged_in,userdata=get_login_info(request.cookies.get('session'))
+ archive,category,labels=db.get_archive_info(archid)
+ if not logged_in or userdata[0] != archive[8]:
+ return make_response(redirect(f"/view/{archid}"))
+ if request.method == 'POST':
+ if not request.form['archname'] == archive[1]:
+ return errorpage("The name input doesn't match!")
+ db.delete_archive(archid)
+ return make_response(redirect('/'))
+ # GET: return normal deletion page
+ return render_template("delete.html", title="Delete Archive",userdata=userdata,login=logged_in,archive=archive)
+
@app.route('/labels/', methods=["GET","POST"])
def labeleditpage(archid:int):
logged_in,userdata=get_login_info(request.cookies.get('session'))
@@ -115,17 +129,15 @@ def labeleditpage(archid:int):
on_labels.append(i)
res, data=db.update_labels(archid, on_labels)
if not res:
- return f"
ERROR: {data}
Go back and try again"
+ return errorpage(data)
return make_response(redirect(f"/view/{archid}"))
-
# GET: return normal labels page
labels_name_list=[]
for i in labels:
labels_name_list.append(i[0])
return render_template("labels.html", title="Edit Labels",userdata=userdata,login=logged_in,archive=archive,res_labels=label_dict,labels_names=labels_name_list)
-
@app.route('/search')
def searchpage():
# try to get userdata, else logout state
@@ -157,6 +169,9 @@ def searchpage():
## FUNCTIONS
+def errorpage(message):
+ return "
ERROR: " + message + "
Go back and try again"
+
## Checks if given sesskey is valid and returns user data
## OUTPUT: (if sesskey valid) logged_in:bool=True, userdata:tuple
## (if sesskey invalid) logged_in:bool=False, userdata:tuple=()
diff --git a/flask/func.py b/flask/func.py
index 9ec92fa..e31bf22 100644
--- a/flask/func.py
+++ b/flask/func.py
@@ -31,7 +31,7 @@ class db:
);""")
self.cur.execute("""CREATE TABLE IF NOT EXISTS Users(
ID int PRIMARY KEY AUTO_INCREMENT,
- UNAME text NOT NULL,
+ UNAME text NOT NULL UNIQUE,
DNAME text NOT NULL,
CREATED int NOT NULL,
STATE text,
@@ -39,7 +39,7 @@ class db:
);""")
self.cur.execute("""CREATE TABLE IF NOT EXISTS Sessions(
ID int PRIMARY KEY AUTO_INCREMENT,
- SESSKEY text NOT NULL,
+ SESSKEY text NOT NULL UNIQUE,
USERID int NOT NULL,
CREATED int NOT NULL,
LIFE int
@@ -124,6 +124,9 @@ class db:
archid=self.cur.fetchone()
return True,archid[0]
+ def delete_archive(self, archid:int):
+ self.cur.execute(f"""DELETE FROM Archs WHERE ID={archid}""")
+ self.cur.execute(f"""DELETE FROM ArchLab WHERE ARCHID={archid}""")
## Returns all relevant information about one (1) archive
## OUTPUT: archive:tuple=(ID:int,NAME:str,HASH:str,SIZE:int,IMPORTED[UNIX]:int,CATEGORY.ID:int,CATEGORY,str,CATEGORY.DESCRIPTION:str,USER.ID:int,DNAME:str),
@@ -188,7 +191,7 @@ class db:
## get a list of enabled labels and update the DB to reflect that state
## OUTPUT: (if on_labels empty) bool=False, str
## (else)
- def update_labels(self, archid:int, on_labels:list): # TODO: CLEAN!!!!
+ def update_labels(self, archid:int, on_labels:list):
# fail if no labels passed
if len(on_labels) == 0:
return False, "You have to select at least one label!"
diff --git a/flask/templates/delete.html b/flask/templates/delete.html
new file mode 100644
index 0000000..6227bbe
--- /dev/null
+++ b/flask/templates/delete.html
@@ -0,0 +1,14 @@
+{% extends "base.html" %}
+
+{% block meta %}
+
+{% endblock %}
+
+{% block content %}
+
{{archive[1]}}
+
Are you sure?
+
+{% endblock %}
\ No newline at end of file
diff --git a/flask/templates/view.html b/flask/templates/view.html
index f837e1d..8cf5627 100644
--- a/flask/templates/view.html
+++ b/flask/templates/view.html
@@ -5,7 +5,7 @@
{% endblock %}
{% block content %}
-
{{archive[1]}}
+{% if login and userdata[0] == archive[8] %}{% endif %}