Merge pull request #38 from DogukanUrker/main

UI fixes

README.md

@@ -85,9 +85,10 @@ Password: admin
 
 ### Contributors 💕
 
-<a href="https://github.com/dogukanurker"><img src="https://avatars.githubusercontent.com/u/62756402" title="ngryman" width="80" height="80"></a>
-<a href="https://github.com/adindrabkin"><img src="https://avatars.githubusercontent.com/u/47116975" title="ngryman" width="80" height="80"></a>
-<a href="https://github.com/codehwang"><img src="https://avatars.githubusercontent.com/u/26578588" title="ngryman" width="80" height="80"></a>
+<a href="https://github.com/dogukanurker"><img src="https://avatars.githubusercontent.com/u/62756402" title="dogukanurker" width="80" height="80"></a>
+<a href="https://github.com/adindrabkin"><img src="https://avatars.githubusercontent.com/u/47116975" title="adindrabkin" width="80" height="80"></a>
+<a href="https://github.com/codehwang"><img src="https://avatars.githubusercontent.com/u/26578588" title="codehwang" width="80" height="80"></a>
+<a href="https://github.com/dkashkarev"><img src="https://avatars.githubusercontent.com/u/67013355" title="dkashkarev" width="80" height="80"></a>
 
 ### Stars ⭐
 

app.py

@@ -48,6 +48,7 @@
     APP_ROOT_PATH,
     APP_SECRET_KEY,
     SESSION_PERMANENT,
+    APP_PORT,
 )
 
 from UISelector import TEMPLATE_FOLDER, STATIC_FOLDER
@@ -66,6 +67,7 @@
 message("1", f"APP DEBUG MODE: {DEBUG_MODE}")
 message("3", f"APP NAME: {APP_NAME}")
 message("3", f"APP HOST: {APP_HOST}")
+message("3", f"APP PORT: {APP_PORT}")
 message("3", f"APP SECRET KEY: {APP_SECRET_KEY}")
 message("3", f"APP SESSION PERMANENT: {SESSION_PERMANENT}")
 message("3", f"APP ROOT PATH: {APP_ROOT_PATH}")
@@ -132,11 +134,7 @@ def handle_csrf_error(e):
 
 match __name__:
     case "__main__":
-        try:
-            message("2", "APP STARTED SUCCESSFULLY")
-            app.run(debug=DEBUG_MODE, host=APP_HOST)
-        except:
-            message("1", "ERROR: APP IS DOWN")
-            app.run(debug=DEBUG_MODE, host=APP_HOST)
-        finally:
-            message("3", "APP SHUT DOWN")
+        message("2", "APP STARTED SUCCESSFULLY")
+        message("2", f"RUNNING ON http://{APP_HOST}:{APP_PORT}")
+        app.run(debug=DEBUG_MODE, host=APP_HOST, port=APP_PORT)
+        message("1", "APP SHUT DOWN")

constants.py

@@ -1,8 +1,11 @@
 from helpers import secrets, socket
 
-APP_NAME = "flaskBlog"  # NAME OF THE FLASK APP.
+APP_NAME = "flaskblog"  # NAME OF THE FLASK APP.
 APP_ROOT_PATH = "."  # THE PATH TO THE ROOT OF THE APP FILES.
-APP_HOST = socket.gethostbyname(socket.gethostname())  # FLASK APP'S HOST/PORT.
+APP_HOST = socket.gethostbyname(
+    socket.gethostname()
+)  # FLASK APP'S HOST (OR USE "localhost")
+APP_PORT = 5000  # FLASK APP'S PORT.
 DEBUG_MODE = True  # TURN ON/OFF FLASK DEBUG MODE.
 TAILWIND_UI = False  # SELECT TAILWIND-UI/STANDARD-UI.
 LOG_IN = True  # TURN ON/OFF USER LOG IN UP.

delete.py

@@ -1,4 +1,5 @@
 from helpers import (
+    flash,
     sqlite3,
     message,
     session,
@@ -12,30 +13,56 @@
 def deletePost(postID):
     connection = sqlite3.connect(DB_POSTS_ROOT)
     cursor = connection.cursor()
-    cursor.execute(f"select author from posts where id = {postID}")
-    cursor.execute(f"delete from posts where id = {postID}")
-    cursor.execute(f"update sqlite_sequence set seq = seq-1")
+    cursor.execute(
+        """select author from posts where id = ? """,
+        [(postID)],
+    )
+    cursor.execute(
+        """delete from posts where id = ? """,
+        [(postID)],
+    )
+    cursor.execute("update sqlite_sequence set seq = seq-1")
     connection.commit()
     connection.close()
     connection = sqlite3.connect(DB_COMMENTS_ROOT)
     cursor = connection.cursor()
-    cursor.execute(f"select count(*) from comments where post = {postID}")
+    cursor.execute(
+        """select count(*) from comments where post = ? """,
+        [(postID)],
+    )
     commentCount = list(cursor)[0][0]
-    cursor.execute(f"delete from comments where post = {postID}")
-    cursor.execute(f"update sqlite_sequence set seq = seq - {commentCount}")
+    cursor.execute(
+        """delete from comments where post = ? """,
+        [(postID)],
+    )
+    cursor.execute(
+        """update sqlite_sequence set seq = seq - ? """,
+        [(commentCount)],
+    )
     connection.commit()
+    flash("post deleted", "error")
     message("2", f'POST: "{postID}" DELETED')
 
 
 def deleteUser(userName):
     connection = sqlite3.connect(DB_USERS_ROOT)
     cursor = connection.cursor()
-    cursor.execute(f'select * from users where lower(userName) = "{userName.lower()}"')
-    cursor.execute(f'select role from users where userName = "{session["userName"]}"')
+    cursor.execute(
+        """select * from users where lower(userName) = ? """,
+        [(userName.lower())],
+    )
+    cursor.execute(
+        """select role from users where userName = ? """,
+        [(session["userName"])],
+    )
     perpetrator = cursor.fetchone()
-    cursor.execute(f'delete from users where lower(userName) = "{userName.lower()}"')
-    cursor.execute(f"update sqlite_sequence set seq = seq-1")
+    cursor.execute(
+        """delete from users where lower(userName) = ? """,
+        [(userName.lower())],
+    )
+    cursor.execute("update sqlite_sequence set seq = seq-1")
     connection.commit()
+    flash(f"user: {userName} deleted", "error")
     message("2", f'USER: "{userName}" DELETED')
     match perpetrator[0] == "admin":
         case True:
@@ -48,8 +75,15 @@ def deleteUser(userName):
 def deleteComment(commentID):
     connection = sqlite3.connect(DB_COMMENTS_ROOT)
     cursor = connection.cursor()
-    cursor.execute(f"select user from comments where id = {commentID}")
-    cursor.execute(f"delete from comments where id = {commentID}")
-    cursor.execute(f"update sqlite_sequence set seq = seq-1")
+    cursor.execute(
+        """select user from comments where id = ? """,
+        [(commentID)],
+    )
+    cursor.execute(
+        """delete from comments where id = ? """,
+        [(commentID)],
+    )
+    cursor.execute("update sqlite_sequence set seq = seq-1")
     connection.commit()
+    flash("comment deleted", "error")
     message("2", f'COMMENT: "{commentID}" DELETED')

helpers.py

@@ -5,6 +5,7 @@
 import secrets
 import sqlite3
 from os import mkdir
+from time import tzname
 from random import randint
 from os.path import exists
 from datetime import datetime
@@ -26,6 +27,7 @@
 from flask import (
     Flask,
     flash,
+    url_for,
     request,
     session,
     redirect,
@@ -35,6 +37,10 @@
 )
 
 
+def currentTimeZone():
+    return tzname[0]
+
+
 def currentDate():
     return datetime.now().strftime("%d.%m.%y")
 
@@ -54,14 +60,17 @@ def currentTime(seconds=False, microSeconds=False):
 def message(color, message):
     print(
         f"\n\033[94m[{currentDate()}\033[0m"
-        f"\033[95m {currentTime(seconds=True)}]\033[0m"
+        f"\033[95m {currentTime(seconds=True)}\033[0m"
+        f"\033[94m {currentTimeZone()}] \033[0m"
         f"\033[9{color}m {message}\033[0m\n"
     )
     logFile = open(LOG_FILE_ROOT, "a", encoding="utf-8")
     logFile.write(
         f"[{currentDate()}"
-        f"|{currentTime(seconds=True,microSeconds=True)}]"
-        f" {message}\n"
+        f"|{currentTime(seconds=True,microSeconds=True)}"
+        f"|{currentTimeZone()}]"
+        "\t"
+        f"{message}\n"
     )
     logFile.close()
 
@@ -70,7 +79,8 @@ def addPoints(points, user):
     connection = sqlite3.connect(DB_USERS_ROOT)
     cursor = connection.cursor()
     cursor.execute(
-        f'update users set points = points+{points} where userName = "{user}"'
+        """update users set points = points+? where userName = ? """,
+        [(points), (user)],
     )
     connection.commit()
     message("2", f'{points} POINTS ADDED TO "{user}"')
@@ -80,6 +90,7 @@ def getProfilePicture(userName):
     connection = sqlite3.connect(DB_USERS_ROOT)
     cursor = connection.cursor()
     cursor.execute(
-        f'select profilePicture from users where lower(userName) = "{userName.lower()}"'
+        """select profilePicture from users where lower(userName) = ? """,
+        [(userName.lower())],
     )
     return cursor.fetchone()[0]

routes/accountSettings.py

@@ -19,13 +19,16 @@ def accountSettings():
             connection = sqlite3.connect(DB_USERS_ROOT)
             cursor = connection.cursor()
             cursor.execute(
-                f'select userName from users where userName = "{session["userName"]}"'
+                """select userName from users where userName = ? """,
+                [(session["userName"])],
             )
             user = cursor.fetchall()
-            if request.method == "POST":
-                if "userDeleteButton" in request.form:
-                    deleteUser(user[0][0])
-                    return redirect(f"/")
+            match request.method == "POST":
+                case True:
+                    match "userDeleteButton" in request.form:
+                        case True:
+                            deleteUser(user[0][0])
+                            return redirect(f"/")
             return render_template("accountSettings.html", user=user)
         case False:
             return redirect("/login/redirect=&accountsettings")

routes/adminPanel.py

@@ -17,7 +17,8 @@ def adminPanel():
             connection = sqlite3.connect(DB_USERS_ROOT)
             cursor = connection.cursor()
             cursor.execute(
-                f'select role from users where userName = "{session["userName"]}"'
+                """select role from users where userName = ? """,
+                [(session["userName"])],
             )
             role = cursor.fetchone()[0]
             match role == "admin":

routes/adminPanelComments.py

@@ -21,12 +21,15 @@ def adminPanelComments():
             connection = sqlite3.connect(DB_USERS_ROOT)
             cursor = connection.cursor()
             cursor.execute(
-                f'select role from users where userName = "{session["userName"]}"'
+                """select role from users where userName = ? """,
+                [(session["userName"])],
             )
             role = cursor.fetchone()[0]
-            if request.method == "POST":
-                if "commentDeleteButton" in request.form:
-                    deleteComment(request.form["commentID"])
+            match request.method == "POST":
+                case True:
+                    match "commentDeleteButton" in request.form:
+                        case True:
+                            deleteComment(request.form["commentID"])
                     return redirect(f"/admin/comments")
             match role == "admin":
                 case True:

routes/adminPanelPosts.py

@@ -21,12 +21,15 @@ def adminPanelPosts():
             connection = sqlite3.connect(DB_USERS_ROOT)
             cursor = connection.cursor()
             cursor.execute(
-                f'select role from users where userName = "{session["userName"]}"'
+                """select role from users where userName = ? """,
+                [(session["userName"])],
             )
             role = cursor.fetchone()[0]
-            if request.method == "POST":
-                if "postDeleteButton" in request.form:
-                    deletePost(request.form["postID"])
+            match request.method == "POST":
+                case True:
+                    match "postDeleteButton" in request.form:
+                        case True:
+                            deletePost(request.form["postID"])
             match role == "admin":
                 case True:
                     connection = sqlite3.connect(DB_POSTS_ROOT)

routes/adminPanelUsers.py

@@ -20,12 +20,15 @@ def adminPanelUsers():
             connection = sqlite3.connect(DB_USERS_ROOT)
             cursor = connection.cursor()
             cursor.execute(
-                f'select role from users where userName = "{session["userName"]}"'
+                """select role from users where userName = ? """,
+                [(session["userName"])],
             )
             role = cursor.fetchone()[0]
-            if request.method == "POST":
-                if "userDeleteButton" in request.form:
-                    deleteUser(request.form["userName"])
+            match request.method == "POST":
+                case True:
+                    match "userDeleteButton" in request.form:
+                        case True:
+                            deleteUser(request.form["userName"])
             match role == "admin":
                 case True:
                     connection = sqlite3.connect(DB_USERS_ROOT)

routes/changePassword.py

@@ -20,37 +20,47 @@ def changePassword():
     match "userName" in session:
         case True:
             form = changePasswordForm(request.form)
-            if request.method == "POST":
-                oldPassword = request.form["oldPassword"]
-                password = request.form["password"]
-                passwordConfirm = request.form["passwordConfirm"]
-                connection = sqlite3.connect(DB_USERS_ROOT)
-                cursor = connection.cursor()
-                cursor.execute(
-                    f'select password from users where userName = "{session["userName"]}"'
-                )
-                if sha256_crypt.verify(oldPassword, cursor.fetchone()[0]):
-                    if oldPassword == password:
-                        flash("new password can not be same with old password", "error")
-                    elif password != passwordConfirm:
-                        flash("passwords must match", "error")
-                    elif oldPassword != password and password == passwordConfirm:
-                        newPassword = sha256_crypt.hash(password)
-                        connection = sqlite3.connect(DB_USERS_ROOT)
-                        cursor = connection.cursor()
-                        cursor.execute(
-                            f'update users set password = "{newPassword}" where userName = "{session["userName"]}"'
-                        )
-                        connection.commit()
-                        message(
-                            "2", f'USER: "{session["userName"]}" CHANGED HIS PASSWORD'
-                        )
-                        session.clear()
-                        flash("you need login with new password", "success")
-                        return redirect("/login/redirect=&")
-                else:
-                    flash("old password wrong", "error")
-
+            match request.method == "POST":
+                case True:
+                    oldPassword = request.form["oldPassword"]
+                    password = request.form["password"]
+                    passwordConfirm = request.form["passwordConfirm"]
+                    connection = sqlite3.connect(DB_USERS_ROOT)
+                    cursor = connection.cursor()
+                    cursor.execute(
+                        """select password from users where userName = ? """,
+                        [(session["userName"])],
+                    )
+                    match sha256_crypt.verify(oldPassword, cursor.fetchone()[0]):
+                        case True:
+                            match oldPassword == password:
+                                case True:
+                                    flash(
+                                        "new password can not be same with old password",
+                                        "error",
+                                    )
+                            match password != passwordConfirm:
+                                case True:
+                                    flash("passwords must match", "error")
+                            match oldPassword != password and password == passwordConfirm:
+                                case True:
+                                    newPassword = sha256_crypt.hash(password)
+                                    connection = sqlite3.connect(DB_USERS_ROOT)
+                                    cursor = connection.cursor()
+                                    cursor.execute(
+                                        """update users set password = ? where userName = ? """,
+                                        [(newPassword), (session["userName"])],
+                                    )
+                                    connection.commit()
+                                    message(
+                                        "2",
+                                        f'USER: "{session["userName"]}" CHANGED HIS PASSWORD',
+                                    )
+                                    session.clear()
+                                    flash("you need login with new password", "success")
+                                    return redirect("/login/redirect=&")
+                        case _:
+                            flash("old is password wrong", "error")
             return render_template("changePassword.html", form=form)
         case False:
             message("1", "USER NOT LOGGED IN")