PageRenderTime 58ms CodeModel.GetById 25ms RepoModel.GetById 0ms app.codeStats 0ms

/server.py

https://bitbucket.org/kelrlu/q
Python | 891 lines | 754 code | 69 blank | 68 comment | 52 complexity | ac9ec1f33b24292ce6fd4e4ab7e4c34e MD5 | raw file
Possible License(s): Apache-2.0 
    

  1. #!/usr/bin/env python2.7
    2. 

  2. 

  3. """
    4. 

  4. Q Server
    5. 

  5. To run locally
    6. 

  6.     python server.py
    7. 

  7. Go to http://localhost:8111 in your browser
    8. 

  8. """
    9. 

    10. 

  10. import os
    11. 

  11. from sqlalchemy import *
    12. 

  12. from sqlalchemy.pool import NullPool
    13. 

  13. from urlparse import urlparse, urljoin
    14. 

  14. from flask import Flask, request, render_template, g, redirect, Response,flash, url_for
    15. 

  15. 

  16. tmpl_dir = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'templates')
    17. 

  17. app = Flask(__name__, template_folder=tmpl_dir)
    18. 

  18. 

  19. 

  20. # XXX: The URI should be in the format of: 
    21. 

  21. #
    22. 

  22. #     postgresql://USER:PASSWORD@<IP_OF_POSTGRE_SQL_SERVER>/postgres
    23. 

  23. 

  24. DATABASEURI = "postgresql://krl2130:vt6jr@104.196.175.120:5432/postgres"
    25. 

  25. 

  26. engine = create_engine(DATABASEURI)
    27. 

  27. 

  28. @app.before_request
    29. 

  29. def before_request():
    30. 

  30.   """
    31. 

  31.   This function is run at the beginning of every web request 
    32. 

  32.   (every time you enter an address in the web browser).
    33. 

  33.   We use it to setup a database connection that can be used throughout the request
    34. 

  34.   The variable g is globally accessible
    35. 

  35.   """
    36. 

  36.   try:
    37. 

  37.     g.conn = engine.connect()
    38. 

  38.   except:
    39. 

  39.     print "uh oh, problem connecting to database"
    40. 

  40.     import traceback; traceback.print_exc()
    41. 

  41.     g.conn = None
    42. 

  42. 

  43. @app.teardown_request
    44. 

  44. def teardown_request(exception):
    45. 

  45.   """
    46. 

  46.   At the end of the web request, this makes sure to close the database connection.
    47. 

  47.   If you don't the database could run out of memory!
    48. 

  48.   """
    49. 

  49.   try:
    50. 

  50.     g.conn.close()
    51. 

  51.   except Exception as e:
    52. 

  52.     pass
    53. 

  53. 

  54. 

  55. 

  56. def redirect_url(default='index'):
    57. 

  57.     return request.args.get('next') or \
    58. 

  58.            request.referrer or \
    59. 

  59.            url_for(default)
    60. 

  60. #
    61. 

  61. # @app.route is a decorator around index() that means:
    62. 

  62. #   run index() whenever the user tries to access the "/" path using a GET request
    63. 

  63. #
    64. 

  64. # If you wanted the user to go to e.g., localhost:8111/foobar/ with POST or GET then you could use
    65. 

  65. #
    66. 

  66. #       @app.route("/foobar/", methods=["POST", "GET"])
    67. 

  67. #
    68. 

  68. # PROTIP: (the trailing / in the path is important)
    69. 

  69. # 
    70. 

  70. # see for routing: http://flask.pocoo.org/docs/0.10/quickstart/#routing
    71. 

  71. # see for decorators: http://simeonfranklin.com/blog/2012/jul/1/python-decorators-in-12-steps/
    72. 

  72. #
    73. 

  73. @app.route('/')
    74. 

  74. def index():
    75. 

  75.   """
    76. 

  76.   request is a special object that Flask provides to access web request information:
    77. 

  77.   request.method:   "GET" or "POST"
    78. 

  78.   request.form:     if the browser submitted a form, this contains the data in the form
    79. 

  79.   request.args:     dictionary of URL arguments e.g., {a:1, b:2} for http://localhost?a=1&b=2
    80. 

  80.   See its API: http://flask.pocoo.org/docs/0.10/api/#incoming-request-data
    81. 

  81.   """
    82. 

  82.   
    83. 

  83.   top_cmd = "SELECT q.qid as qid, q.content as content, a.aid as aid, a.name as author, w.wid as wid, w.name as work FROM quotes q INNER JOIN authors a ON q.author = a.aid LEFT JOIN works w on q.work = w.wid WHERE q.qid IN (SELECT qid FROM saved_quotes GROUP BY qid ORDER BY count(*) DESC LIMIT 5) and q.num_approvals >= 10"
    84. 

  84.   top_cursor = g.conn.execute(text(top_cmd))
    85. 

  85.   top_quotes = []
    86. 

  86.   for result in top_cursor:
    87. 

  87.     top_quotes.append((result['qid'],result['content'],result['aid'],result['author'],result['wid'],result['work']))
    88. 

  88.   top_cursor.close()
    89. 

  89.   
    90. 

  90.   recent_cmd = "SELECT q.qid as qid, q.content as content, a.aid as aid, a.name as author, w.wid as wid, w.name as work FROM quotes q INNER JOIN authors a ON q.author = a.aid LEFT JOIN works w on q.work = w.wid WHERE q.num_approvals >= 10 ORDER BY q.added_time ASC LIMIT 5"
    91. 

  91.   recent_cursor = g.conn.execute(text(recent_cmd))
    92. 

  92.   recent_quotes = []
    93. 

  93.   for result in recent_cursor:
    94. 

  94.     recent_quotes.append((result['qid'],result['content'],result['aid'],result['author'],result['wid'],result['work']))
    95. 

  95.   recent_cursor.close()
    96. 

  96.   
    97. 

  97.   context = dict(top_quotes = top_quotes, recent_quotes = recent_quotes)
    98. 

  98.   return render_template("q.html", **context)
    99. 

  99.   # DEBUG: this is debugging code to see what request looks like
    100. 

  100. 

  101. 

  102.   #
    103. 

  103.   # example of a database query
    104. 

  104.   #
    105. 

  105.   # cursor = g.conn.execute("SELECT name FROM test")
    106. 

  106.   # names = []
    107. 

  107.   # for result in cursor:
    108. 

  108.   #   names.append(result['name'])  # can also be accessed using result[0]
    109. 

  109.   # cursor.close()
    110. 

  110. 

  111.   #
    112. 

  112.   # Flask uses Jinja templates, which is an extension to HTML where you can
    113. 

  113.   # pass data to a template and dynamically generate HTML based on the data
    114. 

  114.   # (you can think of it as simple PHP)
    115. 

  115.   # documentation: https://realpython.com/blog/python/primer-on-jinja-templating/
    116. 

  116.   #
    117. 

  117.   # You can see an example template in templates/index.html
    118. 

  118.   #
    119. 

  119.   # context are the variables that are passed to the template.
    120. 

  120.   # for example, "data" key in the context variable defined below will be 
    121. 

  121.   # accessible as a variable in index.html:
    122. 

  122.   #
    123. 

  123.   #     # will print: [u'grace hopper', u'alan turing', u'ada lovelace']
    124. 

  124.   #     <div>{{data}}</div>
    125. 

  125.   #     
    126. 

  126.   #     # creates a <div> tag for each element in data
    127. 

  127.   #     # will print: 
    128. 

  128.   #     #
    129. 

  129.   #     #   <div>grace hopper</div>
    130. 

  130.   #     #   <div>alan turing</div>
    131. 

  131.   #     #   <div>ada lovelace</div>
    132. 

  132.   #     #
    133. 

  133.   #     {% for n in data %}
    134. 

  134.   #     <div>{{n}}</div>
    135. 

  135.   #     {% endfor %}
    136. 

  136.   #
    137. 

  137.   # context = dict(data = names)
    138. 

  138. 

  139. 

  140.   #
    141. 

  141.   # render_template looks in the templates/ folder for files.
    142. 

  142.   # for example, the below file reads template/index.html
    143. 

  143.   #
    144. 

  144.   # return render_template("q.html", **context)
    145. 

  145. 

  146. #
    147. 

  147. # This is an example of a different path.  You can see it at
    148. 

  148. # 
    149. 

  149. #     localhost:8111/another
    150. 

  150. #
    151. 

  151. # notice that the functio name is another() rather than index()
    152. 

  152. # the functions for each app.route needs to have different names
    153. 

  153. 

  154. # Displays profile page for a user
    155. 

  155. @app.route('/profile',methods=['GET'])
    156. 

  156. def profile():
    157. 

  157.   # Get uid from url 
    158. 

  158.   uid = request.args.get('uid')
    159. 

  159.   # Check if username is for user themselves, their friend's profile, or stranger's profile
    160. 

  160.   self_uid = request.cookies.get('uid')
    161. 

  161.   self_username = request.cookies.get('username')
    162. 

  162. 

  163.   # See if uid in friends or friend_requests or self ( means can't send friend request )
    164. 

  164.   cmd = 'SELECT EXISTS( SELECT 1 FROM ( (SELECT uid2 AS uid FROM is_friends WHERE uid1 = :self_uid ) UNION  (SELECT uid1 AS uid FROM is_friends WHERE uid2 = :self_uid ) ) AS uids WHERE uid=:uid)'
    165. 

  165.   cursor = g.conn.execute(text(cmd),self_uid = self_uid,uid=uid)
    166. 

  166.   exists_friends = []
    167. 

  167.   for result in cursor:
    168. 

  168.     exists_friends.append(result[0])
    169. 

  169.   cursor.close()
    170. 

  170.   is_friends = exists_friends[0] 
    171. 

  171. 

  172.    # See if uid in friends or friend_requests or self ( means can't send friend request )
    173. 

  173.   cmd = 'SELECT EXISTS( SELECT 1 FROM ( (SELECT sender as uid FROM friend_requests WHERE receiver = :self_uid ) UNION (SELECT receiver as uid FROM friend_requests WHERE sender=:self_uid) ) AS uids WHERE uid=:uid)'
    174. 

  174.   cursor = g.conn.execute(text(cmd),self_uid = self_uid,uid=uid)
    175. 

  175.   exists_pending_friends = []
    176. 

  176.   for result in cursor:
    177. 

  177.     exists_pending_friends.append(result[0])
    178. 

  178.   cursor.close()
    179. 

  179.   is_pending_friends = exists_pending_friends[0] 
    180. 

  180. 

  181. 

  182.   # Show the user's own saved quotes and recommended quotes
    183. 

  183.   if(uid == self_uid):
    184. 

  184.     cmd = 'SELECT q.qid as qid, q.content as content, a.aid as aid, a.name as author FROM saved_quotes sq INNER JOIN quotes q ON sq.qid = q.qid INNER JOIN users u ON sq.uid = u.uid INNER JOIN authors a on q.author = a.aid WHERE u.uid = :uid and q.num_approvals >= 10 LIMIT 5'
    185. 

  185.     cursor = g.conn.execute(text(cmd),uid=uid)
    186. 

  186.     profile_quotes = []
    187. 

  187.     for result in cursor:
    188. 

  188.       profile_quotes.append((result['qid'],result['content'],result['aid'],result['author']))  # can also be accessed using result[0]
    189. 

  189.     cursor.close()
    190. 

  190. 

  191.     # Get all friend requests
    192. 

  192.     cmd = 'SELECT friend_requests.sender AS sender, users.username AS username, users.name AS name from friend_requests,users WHERE friend_requests.sender = users.uid and friend_requests.receiver = :uid'
    193. 

  193.     cursor = g.conn.execute(text(cmd),uid=uid)
    194. 

  194.     friend_requests = []
    195. 

  195.     for result in cursor:
    196. 

  196.       friend_requests.append((result['sender'],result['username'],result['name']))  # can also be accessed using result[0]
    197. 

  197.     cursor.close()
    198. 

  198.     # Render
    199. 

  199.     context = dict(username = self_username, uid=uid,profile_quotes = profile_quotes,user_relation='self',friend_requests = friend_requests)
    200. 

  200.     return render_template("profile.html", **context)
    201. 

  201.   # Show friend's saved quotes and shared quotes
    202. 

  202.   elif(is_friends == True):
    203. 

  203.     # Get friend username
    204. 

  204.     cmd = 'SELECT username FROM users WHERE users.uid = :uid '
    205. 

  205.     cursor = g.conn.execute(text(cmd),uid=uid)
    206. 

  206.     names = []
    207. 

  207.     for result in cursor:
    208. 

  208.       names.append(result['username'])
    209. 

  209.     cursor.close()
    210. 

  210.     friend_name = names[0]
    211. 

  211. 

  212.     # Select friend's saved quotes
    213. 

  213.     cmd = 'SELECT q.qid as qid, q.content as content, a.aid as aid, a.name as author FROM saved_quotes sq INNER JOIN quotes q ON sq.qid = q.qid INNER JOIN users u ON sq.uid = u.uid INNER JOIN authors a on q.author = a.aid WHERE u.uid = :uid and q.num_approvals >= 10 LIMIT 5'
    214. 

  214.     cursor = g.conn.execute(text(cmd),uid=uid)
    215. 

  215.     profile_quotes = []
    216. 

  216.     for result in cursor:
    217. 

  217.       profile_quotes.append((result['qid'],result['content'],result['aid'],result['author'])) # can also be accessed using result[0]
    218. 

  218.     cursor.close()
    219. 

  219. 

  220.     # Select friend's shared quotes
    221. 

  221.     cmd = 'SELECT qid, content, aid, name FROM ((SELECT quotes.qid, content, aid, name FROM saved_quotes,quotes,authors WHERE saved_quotes.uid = :self_uid and saved_quotes.qid = quotes.qid and authors.aid = quotes.author) INTERSECT (SELECT quotes.qid, content, aid, name FROM saved_quotes,quotes,authors WHERE saved_quotes.uid = :uid and saved_quotes.qid = quotes.qid and authors.aid = quotes.author)) AS shared_quotes LIMIT 5'
    222. 

  222.     cursor = g.conn.execute(text(cmd),self_uid=self_uid,uid=uid)
    223. 

  223.     shared_quotes = []
    224. 

  224.     for result in cursor:
    225. 

  225.       saved_quotes.append((result['qid'],result['content'],result['aid'],result['name'])) # can also be accessed using result[0]
    226. 

  226.     cursor.close()
    227. 

  227. 

  228.     # Render
    229. 

  229.     context = dict(username = friend_name,self_uid = self_uid,uid=uid, profile_quotes = profile_quotes, shared_quotes = shared_quotes,user_relation='friend')
    230. 

  230.     return render_template("profile.html", **context)
    231. 

  231.   
    232. 

  232.   elif(is_pending_friends):
    233. 

  233.     # Get friend username
    234. 

  234.     cmd = 'SELECT username FROM users WHERE users.uid = :uid '
    235. 

  235.     cursor = g.conn.execute(text(cmd),uid=uid)
    236. 

  236.     names = []
    237. 

  237.     for result in cursor:
    238. 

  238.       names.append(result['username'])
    239. 

  239.     cursor.close()
    240. 

  240.     friend_name = names[0]
    241. 

  241. 

  242.     # Select friend's saved quotes
    243. 

  243.     cmd = 'SELECT q.qid as qid, q.content as content, a.aid as aid, a.name as author FROM saved_quotes sq INNER JOIN quotes q ON sq.qid = q.qid INNER JOIN users u ON sq.uid = u.uid INNER JOIN authors a on q.author = a.aid WHERE u.uid = :uid and q.num_approvals >= 10 LIMIT 5'
    244. 

  244.     cursor = g.conn.execute(text(cmd),uid=uid)
    245. 

  245.     profile_quotes = []
    246. 

  246.     for result in cursor:
    247. 

  247.       profile_quotes.append((result['qid'],result['content'],result['aid'],result['author'])) # can also be accessed using result[0]
    248. 

  248.     cursor.close()
    249. 

  249. 

  250.     # Select friend's shared quotes
    251. 

  251.     cmd = 'SELECT qid, content, aid, name FROM ((SELECT quotes.qid, content, aid, name FROM saved_quotes,quotes,authors WHERE saved_quotes.uid = :self_uid and saved_quotes.qid = quotes.qid and authors.aid = quotes.author) INTERSECT (SELECT quotes.qid, content, aid, name FROM saved_quotes,quotes,authors WHERE saved_quotes.uid = :uid and saved_quotes.qid = quotes.qid and authors.aid = quotes.author)) AS shared_quotes LIMIT 5'
    252. 

  252.     cursor = g.conn.execute(text(cmd),self_uid=self_uid,uid=uid)
    253. 

  253.     shared_quotes = []
    254. 

  254.     for result in cursor:
    255. 

  255.       saved_quotes.append((result['qid'],result['content'],result['aid'],result['name'])) # can also be accessed using result[0]
    256. 

  256.     cursor.close()
    257. 

  257.     # Render
    258. 

  258.     context = dict(username = friend_name,self_uid = self_uid,uid=uid, profile_quotes = profile_quotes, shared_quotes = shared_quotes,user_relation='is_pending_friends')
    259. 

  259.     return render_template("profile.html", **context)
    260. 

  260.   # Show stranger's saved_quotes and shared quotes
    261. 

  261.   else:
    262. 

  262. 

  263.     # Get stranger username
    264. 

  264.     cmd = 'SELECT username FROM users WHERE users.uid = :uid '
    265. 

  265.     cursor = g.conn.execute(text(cmd),uid=uid)
    266. 

  266.     names = []
    267. 

  267.     for result in cursor:
    268. 

  268.       names.append(result['username'])
    269. 

  269.     cursor.close()
    270. 

  270.     stranger_name = names[0]
    271. 

  271. 

  272.     # Select stranger's saved quotes
    273. 

  273.     cmd = 'SELECT q.qid as qid, q.content as content, a.aid as aid, a.name as author FROM saved_quotes sq INNER JOIN quotes q ON sq.qid = q.qid INNER JOIN users u ON sq.uid = u.uid INNER JOIN authors a on q.author = a.aid WHERE u.uid = :uid and q.num_approvals >= 10 LIMIT 5'
    274. 

  274.     cursor = g.conn.execute(text(cmd),uid=uid)
    275. 

  275.     profile_quotes = []
    276. 

  276.     for result in cursor:
    277. 

  277.       profile_quotes.append((result['qid'],result['content'],result['aid'],result['author']))  # can also be accessed using result[0]
    278. 

  278.     cursor.close()
    279. 

  279.     # Select stranger's shared quotes
    280. 

  280.     cmd = 'SELECT qid, content, aid, name FROM ((SELECT quotes.qid, content, aid, name FROM saved_quotes,quotes,authors WHERE saved_quotes.uid = :self_uid and saved_quotes.qid = quotes.qid and authors.aid = quotes.author) INTERSECT (SELECT quotes.qid, content, aid, name FROM saved_quotes,quotes,authors WHERE saved_quotes.uid = :uid and saved_quotes.qid = quotes.qid and authors.aid = quotes.author)) AS shared_quotes LIMIT 5'
    281. 

  281.     cursor = g.conn.execute(text(cmd),self_uid=self_uid,uid=uid)
    282. 

  282.     shared_quotes = []
    283. 

  283.     for result in cursor:
    284. 

  284.       shared_quotes.append((result['qid'],result['content'],result['aid'],result['author']))  # can also be accessed using result[0]
    285. 

  285.     cursor.close()
    286. 

  286. 

  287.     # Render
    288. 

  288.     context = dict(username = stranger_name,self_uid = self_uid,uid=uid,profile_quotes = profile_quotes, shared_quotes = shared_quotes,user_relation='stranger')
    289. 

  289.     return render_template("profile.html", **context)
    290. 

  290. 

  291. 

  292. # Displays page for search results
    293. 

  293. @app.route('/search',methods=['GET'])
    294. 

  294. def search():
    295. 

  295.   query = request.args.get('query').lower()
    296. 

  296.   quotes_cmd = "SELECT * FROM quotes WHERE LOWER(quotes.content) LIKE LOWER(:query) and quotes.num_approvals >= 10"
    297. 

  297.   quotes_cursor = g.conn.execute(text(quotes_cmd),query='%' + query + '%')
    298. 

  298.   quotes = []
    299. 

  299.   for result in quotes_cursor:
    300. 

  300.     quotes.append((result['qid'],result['content']))
    301. 

  301.   quotes_cursor.close()
    302. 

  302. 

  303.   authors_cmd = "SELECT * FROM authors WHERE LOWER(authors.name) LIKE LOWER(:query)"
    304. 

  304.   authors_cursor = g.conn.execute(text(authors_cmd),query='%' + query + '%')
    305. 

  305.   authors = []
    306. 

  306.   for result in authors_cursor:
    307. 

  307.     authors.append((result['aid'],result['name']))
    308. 

  308.   authors_cursor.close()
    309. 

  309. 

  310.   works_cmd = "SELECT * FROM works WHERE LOWER(works.name) LIKE LOWER(:query)"
    311. 

  311.   works_cursor = g.conn.execute(text(works_cmd),query='%' + query + '%')
    312. 

  312.   works = []
    313. 

  313.   for result in works_cursor:
    314. 

  314.     works.append((result['wid'],result['name']))
    315. 

  315.   works_cursor.close()
    316. 

  316. 

  317.   users_cmd = "SELECT * FROM users WHERE LOWER(users.username) LIKE LOWER(:query) or LOWER(users.name) LIKE LOWER(:query)"
    318. 

  318.   users_cursor = g.conn.execute(text(users_cmd),query='%' + query + '%')
    319. 

  319.   users = []
    320. 

  320.   for result in users_cursor:
    321. 

  321.     users.append((result['uid'],result['name'],result['username']))
    322. 

  322.   users_cursor.close()
    323. 

  323. 

  324.   tags_cmd = "SELECT * FROM tags WHERE LOWER(tags.name) LIKE LOWER(:query)"
    325. 

  325.   tags_cursor = g.conn.execute(text(tags_cmd),query='%' + query + '%')
    326. 

  326.   tags = []
    327. 

  327.   for result in tags_cursor:
    328. 

  328.     tags.append(result['name'])
    329. 

  329.   tags_cursor.close()
    330. 

  330. 

  331. 

  332.   context = dict(quotes = quotes, authors = authors,works = works,query=query,users=users,tags=tags)
    333. 

  333.   return render_template("search.html", **context)
    334. 

  334. 

  335. 

  336. # Displays page for a quote 
    337. 

  337. @app.route('/quote',methods=['GET'])
    338. 

  338. def quote():
    339. 

  339.   qid = request.args.get('qid')
    340. 

  340.   cmd = 'SELECT q.content as content, a.aid as aid, a.name as author, w.wid as wid, w.name as work FROM quotes q INNER JOIN authors a ON q.author = a.aid LEFT JOIN works w ON q.work = w.wid WHERE q.qid = (:qid)'
    341. 

  341.   cursor = g.conn.execute(text(cmd),qid=qid)
    342. 

  342.   quotes = []
    343. 

  343.   for result in cursor:
    344. 

  344.     quotes.append((result['content'],result['aid'],result['author'],result['wid'],result['work']))  
    345. 

  345.   cursor.close()
    346. 

  346. 

  347.   # Get tags
    348. 

  348.   cmd = 'SELECT tag FROM quote_tags WHERE quote_tags.qid =:qid' 
    349. 

  349.   cursor = g.conn.execute(text(cmd),qid=qid)
    350. 

  350.   tags = []
    351. 

  351.   for result in cursor:
    352. 

  352.     tags.append(result[0])  
    353. 

  353.   cursor.close()
    354. 

  354. 

  355. 

  356.   # Check if quote is saved in your quotes
    357. 

  357.   uid = request.cookies.get('uid')
    358. 

  358.   cmd= 'SELECT EXISTS(SELECT * FROM saved_quotes WHERE saved_quotes.qid= :qid and saved_quotes.uid = :uid)'
    359. 

  359.   cursor = g.conn.execute(text(cmd),qid=qid,uid=uid)
    360. 

  360.   is_saveds = []
    361. 

  361.   for result in cursor:
    362. 

  362.     is_saveds.append(result[0])
    363. 

  363.   cursor.close()
    364. 

  364.   is_saved= is_saveds[0]
    365. 

  365. 

  366.   context = dict(data = quotes[0], tags = tags,is_saved=is_saved,uid=uid,qid=qid)
    367. 

  367.   return render_template("quote.html", **context)
    368. 

  368. 

  369. # Lets user save quotes to profile 
    370. 

  370. @app.route('/saveQuote',methods=['POST'])
    371. 

  371. def saveQuote():
    372. 

  372.   uid=request.form['uid']
    373. 

  373.   qid=request.form['qid']
    374. 

  374. 

  375. 

  376.   # Check quote not saved
    377. 

  377.   cmd = 'SELECT EXISTS (SELECT 1 FROM saved_quotes WHERE saved_quotes.qid=:qid and saved_quotes.uid=:uid)'
    378. 

  378.   cursor = g.conn.execute(text(cmd),qid=qid,uid=uid)
    379. 

  379.   not_saveds = []
    380. 

  380.   for result in cursor:
    381. 

  381.     not_saveds.append(result[0])  
    382. 

  382.   cursor.close()
    383. 

  383.   not_saved = not not_saveds[0]
    384. 

  384.   # Perform appropriate actions
    385. 

  385.   if(not_saved):
    386. 

  386.     # Insert 
    387. 

  387.     cmd='INSERT INTO saved_quotes VALUES( :uid, :qid)'
    388. 

  388.     cursor = g.conn.execute(text(cmd),uid=uid,qid=qid)
    389. 

  389.     cursor.close()
    390. 

  390. 

  391.     # flash('Successfully saved quote to your profile!')
    392. 

  392.     return redirect('/profile?uid=' + uid)
    393. 

  393.   else:
    394. 

  394.     # flash('Error: quote is already saved to your profile.')
    395. 

  395.     return redirect('/quote?qid=' + qid)
    396. 

  396. 

  397. @app.route('/shareQuote',methods=['POST'])
    398. 

  398. def shareQuote():
    399. 

  399.   friend_username = request.form['friend_username']
    400. 

  400.   uid = request.form['uid']
    401. 

  401.   qid = request.form['qid']
    402. 

  402.   mtimestamp = request.form['mtimestamp']
    403. 

  403. 

  404.   # Get friend_uid from username
    405. 

  405.   cmd = 'SELECT uid FROM users WHERE users.username=:friend_username'
    406. 

  406.   cursor = g.conn.execute(text(cmd),friend_username=friend_username)
    407. 

  407.   friend_uids = []
    408. 

  408.   for result in cursor:
    409. 

  409.     friend_uids.append(result['uid'])
    410. 

  410.   cursor.close()
    411. 

  411.   friend_uid = -1
    412. 

  412.   if(len(friend_uids) == 0):
    413. 

  413.     redirect('/quote?qid=' + qid)
    414. 

  414.   else:
    415. 

  415.     friend_uid = friend_uids[0]
    416. 

  416. 

  417. 

  418. # Insert message into table
    419. 

  419.   cmd = 'INSERT INTO messages(sender,receiver,qid,content,mtimestamp) VALUES(:sender,:receiver,:qid,:content,:mtimestamp)'
    420. 

  420.   cursor = g.conn.execute(text(cmd),sender=uid,receiver=friend_uid, qid=qid, content='', mtimestamp = mtimestamp)
    421. 

  421.   cursor.close()
    422. 

  422. 

  423.   # return redirect('/conversation?uid=' + sender + "&friend_uid=" + receiver)
    424. 

  424.   return redirect('/conversation?uid='+str(uid) + "&friend_uid=" + str(friend_uid))
    425. 

  425. 

  426. @app.route('/tag')
    427. 

  427. def tag():
    428. 

  428.   name=request.args.get('name')
    429. 

  429. 

  430. 

  431.   # Get authors
    432. 

  432.   cmd = 'SELECT authors.name AS name,authors.aid AS aid FROM author_tags,authors WHERE author_tags.aid=authors.aid and author_tags.tag=:name'
    433. 

  433.   cursor = g.conn.execute(text(cmd),name=name)
    434. 

  434.   authors = []
    435. 

  435.   for result in cursor:
    436. 

  436.     authors.append((result['aid'],result['name']))
    437. 

  437.   cursor.close()
    438. 

  438. 

  439. 

  440.   # Get quotes
    441. 

  441.   cmd = 'SELECT quotes.qid AS qid, quotes.content AS content FROM quote_tags,quotes WHERE quote_tags.qid=quotes.qid and quote_tags.tag=:name'
    442. 

  442.   cursor = g.conn.execute(text(cmd),name=name)
    443. 

  443.   quotes = []
    444. 

  444.   for result in cursor:
    445. 

  445.     quotes.append((result['qid'],result['content']))
    446. 

  446.   cursor.close()
    447. 

  447. 

  448. 

  449.   # Get works
    450. 

  450.   cmd = 'SELECT works.wid AS wid, works.name AS name FROM work_tags,works WHERE work_tags.wid=works.wid and work_tags.tag=:name'
    451. 

  451.   cursor = g.conn.execute(text(cmd),name=name)
    452. 

  452.   works = []
    453. 

  453.   for result in cursor:
    454. 

  454.     works.append((result['wid'],result['name']))
    455. 

  455.   cursor.close()
    456. 

  456. 

  457. 

  458.   context = dict(tag=name, works=works,quotes=quotes,authors=authors)
    459. 

  459.   return render_template("tag.html",**context);
    460. 

  460. 

  461. # Displays page for a work
    462. 

  462. @app.route('/work',methods=['GET'])
    463. 

  463. def work():
    464. 

  464. 

  465.   wid = request.args.get('wid')
    466. 

  466.   cmd = 'SELECT w.name as work, a.aid as aid, a.name as author FROM works w, authors a WHERE w.wid = (:wid) and w.aid = a.aid'
    467. 

  467.   cursor = g.conn.execute(text(cmd),wid=wid)
    468. 

  468. 

  469.   works = []
    470. 

  470.   for result in cursor:
    471. 

  471.     works.append((result['work'],result['aid'],result['author']))
    472. 

  472.   cursor.close()
    473. 

  473. 

  474.   # Get tags
    475. 

  475.   cmd = 'SELECT tag FROM work_tags WHERE work_tags.wid =:wid' 
    476. 

  476.   cursor = g.conn.execute(text(cmd),wid=wid)
    477. 

  477.   tags = []
    478. 

  478.   for result in cursor:
    479. 

  479.     tags.append(result[0])  
    480. 

  480.   cursor.close()
    481. 

  481. 

  482.   context = dict(data = works[0],tags=tags)
    483. 

  483.   return render_template("work.html", **context)
    484. 

  484. 

  485. # Displays page for an authors
    486. 

  486. @app.route('/author',methods=['GET'])
    487. 

  487. def author():
    488. 

  488.   aid = request.args.get('aid')
    489. 

  489.   cmd = 'SELECT name, bio FROM authors a WHERE a.aid = (:aid)'
    490. 

  490.   cursor = g.conn.execute(text(cmd),aid=aid)
    491. 

  491.   authors = []
    492. 

  492.   for result in cursor:
    493. 

  493.     authors.append((result['name'], result['bio']))
    494. 

  494.   cursor.close()
    495. 

  495.   
    496. 

  496.   cmd = 'SELECT qid, content FROM quotes q, authors a WHERE a.aid = (:aid) and q.author = a.aid and q.num_approvals >= 10 LIMIT 5'
    497. 

  497.   cursor = g.conn.execute(text(cmd),aid=aid)
    498. 

  498.   quotes = []
    499. 

  499.   for result in cursor:
    500. 

  500.     quotes.append((result['qid'],result['content'])) 
    501. 

  501.   cursor.close()
    502. 

  502.   
    503. 

  503.   cmd = 'SELECT wid, w.name as work FROM works w, authors a WHERE a.aid = (:aid) and w.aid = a.aid LIMIT 5'
    504. 

  504.   cursor = g.conn.execute(text(cmd),aid=aid)
    505. 

  505.   works = []
    506. 

  506.   for result in cursor:
    507. 

  507.     works.append((result['wid'],result['work']))
    508. 

  508.   cursor.close()
    509. 

  509. 

  510. 

  511.   # Get tags
    512. 

  512.   cmd = 'SELECT tag FROM author_tags WHERE author_tags.aid =:aid' 
    513. 

  513.   cursor = g.conn.execute(text(cmd),aid=aid)
    514. 

  514.   tags = []
    515. 

  515.   for result in cursor:
    516. 

  516.     tags.append(result[0])  
    517. 

  517.   cursor.close()
    518. 

  518. 

  519.   context = dict(data = authors[0], quotes = quotes, works = works,tags=tags)
    520. 

  520.   return render_template("author.html", **context)
    521. 

  521. 

  522. 

  523. # Example of adding new data to the database
    524. 

  524. @app.route('/add', methods=['POST'])
    525. 

  525. def add():
    526. 

  526.   name = request.form['name']
    527. 

  527.   cmd = 'INSERT INTO test(name) VALUES (:name1), (:name2)';
    528. 

  528.   g.conn.execute(text(cmd), name1 = name, name2 = name);
    529. 

  529.   return redirect('/')
    530. 

  530. 

  531. # Retrieves cookie for user information / login
    532. 

  532. @app.route('/getcookie')
    533. 

  533. def getcookie():
    534. 

  534.    uid = request.cookies.get('uid')
    535. 

  535.    username = request.cookies.get('username')
    536. 

  536.    return '<h1>welcome '+ username + ":" + uid +'</h1>'
    537. 

  537. 

  538. 

  539. # Logs user in and redirects
    540. 

  540. @app.route('/setcookie', methods = ['POST', 'GET'])
    541. 

  541. def setcookie():
    542. 

  542.     if request.method == 'POST':
    543. 

  543.       username = request.form['Username']
    544. 

  544.       password = request.form['Password']
    545. 

  545. 

  546.       #  Check username is in table of usernames
    547. 

  547.       cmd = 'SELECT EXISTS(SELECT * FROM users WHERE users.username = :username)'
    548. 

  548.       cursor = g.conn.execute(text(cmd),username = username)
    549. 

  549.       user_exists = []
    550. 

  550.       for result in cursor:
    551. 

  551.         user_exists.append((result[0]))  
    552. 

  552.       cursor.close()
    553. 

  553.       user_exists = user_exists[0]
    554. 

  554.       if(user_exists == False):
    555. 

  555.         context = dict(message = "Incorrect username or password!!")
    556. 

  556.         return render_template("login.html",**context)
    557. 

  557. 

  558.       # Check username and password correct
    559. 

  559.       cmd = 'SELECT uid,password FROM users WHERE users.username = (:username)';
    560. 

  560.       cursor = g.conn.execute(text(cmd),username = username)
    561. 

  561.       uinfo = []
    562. 

  562.       for result in cursor:
    563. 

  563.         uinfo.append((result['password'],result['uid']))  
    564. 

  564.       cursor.close()
    565. 

  565. 

  566.       if(uinfo[0][0] == password):
    567. 

  567. 

  568.         resp = app.make_response(redirect('/'))
    569. 

  569. 

  570.         resp.set_cookie('uid', str(uinfo[0][1]))
    571. 

  571.         resp.set_cookie('username', str(username))
    572. 

  572.         return resp
    573. 

  573.       # Error login page
    574. 

  574.       else:
    575. 

  575.         context = dict(message = "Incorrect username or password!!")
    576. 

  576.         return render_template("login.html",**context)
    577. 

  577. 

  578. # Renders page where users can login
    579. 

  579. @app.route('/login')
    580. 

  580. def login():
    581. 

  581.   return render_template("login.html")
    582. 

  582. 

  583. # Renders page where users can sign up
    584. 

  584. @app.route('/signup')
    585. 

  585. def signup():
    586. 

  586.   return render_template("signup.html")
    587. 

  587. 

  588. # Adds new user to database and redirects to login page 
    589. 

  589. @app.route('/adduser', methods=['POST','GET'])
    590. 

  590. def adduser():
    591. 

  591.   if request.method == 'POST':
    592. 

  592.     # Get information from form
    593. 

  593.     name = request.form['Name']
    594. 

  594.     username = request.form['Username']
    595. 

  595.     password = request.form['Password']
    596. 

  596. 

  597.     # Get unique uid for user
    598. 

  598.     cmd = 'SELECT MAX(uid) FROM users';
    599. 

  599.     cursor = g.conn.execute(text(cmd))
    600. 

  600.     uid_count = []
    601. 

  601.     for result in cursor:
    602. 

  602.       uid_count.append(result[0])
    603. 

  603.     cursor.close()
    604. 

  604.     uid = uid_count[0] + 1
    605. 

  605. 

  606.     # Check username is unique 
    607. 

  607.     cmd = 'SELECT EXISTS(SELECT 1 FROM users WHERE users.username = :username )'
    608. 

  608.     cursor = g.conn.execute(text(cmd),username = username )
    609. 

  609.     unique = []
    610. 

  610.     for result in cursor:
    611. 

  611.       unique.append(result[0]);
    612. 

  612.     if(unique[0] == True):
    613. 

  613.       context = dict(message = "Username is already taken - please choose another! :)")
    614. 

  614.       #flash("Username is already taken - please choose another! :)")
    615. 

  615.       return render_template("signup.html",**context)
    616. 

  616. 

  617.     # Check that password isn't blank and is at least 5 characters
    618. 

  618.     elif(len(password) < 5):
    619. 

  619.       context = dict(message = "Password must be at least 5 characters! Try again please. :)")
    620. 

  620.       return render_template("signup.html", **context)
    621. 

  621. 

  622.     # Render successful sign up if true
    623. 

  623.     else:
    624. 

  624.       cmd = 'INSERT INTO users VALUES( :uid, :name, :username, :password)'
    625. 

  625.       cursor = g.conn.execute(text(cmd),uid = uid,name = name,username = username, password = password)
    626. 

  626.       cursor.close()
    627. 

  627.       context = dict(message = "Successfully signed up! ^-^ Please try logging in right now.")
    628. 

  628.       return render_template("login.html",**context)
    629. 

  629. 

  630. 

  631. 

  632. 

  633. # Displays friends lsit of users
    634. 

  634. @app.route('/friends')
    635. 

  635. def friends():
    636. 

  636.   uid = request.args.get('uid')
    637. 

  637. 

  638. 

  639.   # Get username of user
    640. 

  640.   cmd = 'SELECT username FROM users WHERE users.uid = :uid'
    641. 

  641.   cursor = g.conn.execute(text(cmd),uid=uid )
    642. 

  642.   usernames= []
    643. 

  643.   for result in cursor:
    644. 

  644.     usernames.append(result['username'])
    645. 

  645.   cursor.close()
    646. 

  646.   username = usernames[0]
    647. 

  647. 

  648.   # Select friends
    649. 

  649.   cmd = 'SELECT * FROM users WHERE users.uid IN ((SELECT uid2 FROM is_friends WHERE uid1 = :uid ) UNION  (SELECT uid1 FROM is_friends WHERE uid2 = :uid ))'
    650. 

  650.   cursor = g.conn.execute(text(cmd),uid=uid )
    651. 

  651. 

  652.   friends = [];
    653. 

  653.   for result in cursor:
    654. 

  654.     friends.append((result['name'],result['username'],result['uid']))
    655. 

  655.   cursor.close()
    656. 

  656. 

  657.   context = dict(friends = friends,username = username,uid=uid)
    658. 

  658.   return render_template("friends.html",**context)
    659. 

  659. 

  660. 

  661. 

  662. 

  663. 

  664. # Shows list of users you've messaged
    665. 

  665. @app.route('/inbox')
    666. 

  666. def messages():
    667. 

  667.   uid = request.args.get('uid')
    668. 

  668.    # Get username of user
    669. 

  669.   cmd = 'SELECT username FROM users WHERE users.uid = :uid '
    670. 

  670.   cursor = g.conn.execute(text(cmd),uid=uid )
    671. 

  671.   usernames= []
    672. 

  672.   for result in cursor:
    673. 

  673.     usernames.append(result['username'])
    674. 

  674.   cursor.close()
    675. 

  675.   username = usernames[0]
    676. 

  676. 

  677.   # Get friends usernames and uid
    678. 

  678.   cmd = 'SELECT * FROM ((SELECT users2.username AS username, users2.uid AS uid FROM messages,quotes,users, users AS users2 WHERE messages.sender = :uid and messages.qid = quotes.qid and messages.sender = users.uid and messages.receiver = users2.uid ORDER BY mtimestamp DESC) UNION (SELECT users.username AS username, users.uid AS uid FROM messages,quotes,users, users AS users2 WHERE messages.receiver = :uid and messages.qid = quotes.qid and messages.sender = users.uid and messages.receiver = users2.uid ORDER BY mtimestamp DESC)) AS messaged_friends'
    679. 

  679.   cursor = g.conn.execute(text(cmd),uid=uid )
    680. 

  680.   friends = [];
    681. 

  681.   for result in cursor:
    682. 

  682.     friends.append((result['username'],result['uid']))
    683. 

  683.   cursor.close()
    684. 

  684. 

  685.   context = dict(username=username, uid=uid, friends = friends,is_friends=True)
    686. 

  686.   return render_template("inbox.html", **context)
    687. 

  687. 

  688. 

  689. # Gets conversations between two users
    690. 

  690. @app.route('/conversation')
    691. 

  691. def conversation():
    692. 

  692.   uid = request.args.get('uid')
    693. 

  693.   friend_uid = request.args.get('friend_uid')
    694. 

  694.   
    695. 

  695. 

  696.   # Get username of user
    697. 

  697.   cmd = 'SELECT username FROM users WHERE users.uid = :uid '
    698. 

  698.   cursor = g.conn.execute(text(cmd),uid=uid )
    699. 

  699.   usernames= []
    700. 

  700.   for result in cursor:
    701. 

  701.     usernames.append(result['username'])
    702. 

  702.   cursor.close()
    703. 

  703.   username = usernames[0]
    704. 

  704. 

  705.   # Get username of friend
    706. 

  706.   cmd = 'SELECT username FROM users WHERE users.uid = :uid '
    707. 

  707.   cursor = g.conn.execute(text(cmd),uid=friend_uid )
    708. 

  708.   friend_usernames= []
    709. 

  709.   for result in cursor:
    710. 

  710.     friend_usernames.append(result['username'])
    711. 

  711.   cursor.close()
    712. 

  712.   friend_username = friend_usernames[0]
    713. 

  713. 

  714.   # Get messages between you and friend
    715. 

  715.   cmd = 'SELECT users.name AS sender, users2.name AS receiver, messages.content AS message,quotes.content AS quote,quotes.qid AS qid, messages.mtimestamp AS mtimestamp FROM messages LEFT JOIN quotes ON messages.qid = quotes.qid INNER JOIN users ON messages.sender = users.uid INNER JOIN users AS users2 ON messages.receiver = users2.uid WHERE ((messages.sender = :uid and messages.receiver = :friend_uid) or (messages.receiver = :uid and messages.sender = :friend_uid)) ORDER BY mtimestamp DESC'
    716. 

  716.   cursor = g.conn.execute(text(cmd),friend_uid=friend_uid,uid = uid )
    717. 

  717. 

  718.   messages = []
    719. 

  719.   for result in cursor:
    720. 

  720.     messages.append((result['sender'],result['receiver'],result['message'],result['quote'],result['qid'],result['mtimestamp']))
    721. 

  721.   cursor.close()
    722. 

  722. 

  723.   # Filter out null quotes
    724. 

  724.   for i in range(0,len(messages)):
    725. 

  725.     if(messages[i][3] == None):
    726. 

  726.       messages[i] = (messages[i][0],messages[i][1],messages[i][2],"",messages[i][4],messages[i][5])
    727. 

  727. 

  728.   context = dict(username=username,uid=uid, friend_username = friend_username,friend_uid=friend_uid, messages = messages)
    729. 

  729.   return render_template("conversation.html", **context)
    730. 

  730. 

  731. @app.route('/sendMessage',methods=['POST'])
    732. 

  732. def sendMessage():
    733. 

  733.   sender = int(request.form['sender'])
    734. 

  734.   receiver = int(request.form['receiver'])
    735. 

  735.   message = request.form['message']
    736. 

  736.   mtimestamp = request.form['mtimestamp']
    737. 

  737. 

  738. 

  739.   # Insert message into table
    740. 

  740.   cmd = 'INSERT INTO messages(sender,receiver,qid,content,mtimestamp) VALUES( :sender, :receiver, NULL, :message, :mtimestamp)'
    741. 

  741.   cursor = g.conn.execute(text(cmd),sender=sender,receiver=receiver, message=message, mtimestamp = mtimestamp)
    742. 

  742.   cursor.close()
    743. 

  743.  
    744. 

  744. 

  745.   # return redirect('/conversation?uid=' + sender + "&friend_uid=" + receiver)
    746. 

  746.   return redirect('/conversation?uid='+str(sender) + "&friend_uid=" + str(receiver))
    747. 

  747. 

  748. @app.route('/addFriend',methods=['POST'])
    749. 

  749. def addFriend():
    750. 

  750. 

  751.   friend_uid = request.form['friend_uid']
    752. 

  752. 

  753.   uid = request.form['uid']
    754. 

  754. 

  755. 

  756.   # Insert friend request into table
    757. 

  757.   cmd = 'INSERT INTO friend_requests VALUES( :sender, :receiver)'
    758. 

  758.   cursor = g.conn.execute(text(cmd),sender=uid,receiver=friend_uid)
    759. 

  759.   cursor.close()
    760. 

  760. 

  761. 

  762.   return redirect('/profile?uid='+friend_uid)
    763. 

  763. 

  764. @app.route('/deleteFriend',methods=['POST'])
    765. 

  765. def deleteFriend():
    766. 

  766. 

  767.   friend_uid = request.form['friend_uid']
    768. 

  768. 

  769.   uid = request.form['uid']
    770. 

  770. 

  771.   # Dlete friend request into table
    772. 

  772.   uid1 = min(uid,friend_uid)
    773. 

  773.   uid2 = max(uid,friend_uid)
    774. 

  774.   cmd = 'DELETE FROM is_friends WHERE uid1= :uid1 and uid2=:uid2'
    775. 

  775.   cursor = g.conn.execute(text(cmd),uid1=uid1,uid2=uid2)
    776. 

  776.   cursor.close()
    777. 

  777. 

  778.   return redirect('/profile?uid='+friend_uid)
    779. 

  779. 

  780. @app.route('/rejectFriendRequest',methods=['POST'])
    781. 

  781. def rejectFriendRequest():
    782. 

  782.   uid = request.form['uid']
    783. 

  783.   friend_uid = request.form['friend_uid']
    784. 

  784. 

  785.   # Delete from friend request table
    786. 

  786.   cmd = 'DELETE FROM friend_requests WHERE friend_requests.sender = :friend_uid and friend_requests.receiver = :uid'
    787. 

  787.   cursor = g.conn.execute(text(cmd),friend_uid=friend_uid,uid=uid)
    788. 

  788.   cursor.close()
    789. 

  789. 

  790.   return redirect('/profile?uid=' + uid)
    791. 

  791. 

  792. @app.route('/acceptFriendRequest',methods =['POST'])
    793. 

  793. def acceptFriendRequest():
    794. 

  794.   uid = request.form['uid']
    795. 

  795.   friend_uid = request.form['friend_uid']
    796. 

  796. 

  797.   # Delete from friend request table
    798. 

  798.   cmd = 'DELETE FROM friend_requests WHERE friend_requests.sender = :friend_uid and friend_requests.receiver = :uid'
    799. 

  799.   cursor = g.conn.execute(text(cmd),friend_uid=friend_uid,uid=uid)
    800. 

  800.   cursor.close()
    801. 

  801. 

  802.   # Insert into friends table
    803. 

  803.   uid1 = min(uid,friend_uid)
    804. 

  804.   uid2 = max(uid,friend_uid)
    805. 

  805.   cmd = 'INSERT INTO is_friends VALUES( :uid1, :uid2)'
    806. 

  806.   cursor = g.conn.execute(text(cmd),uid1=uid1,uid2=uid2)
    807. 

  807.   cursor.close()
    808. 

  808. 

  809.   return redirect('/profile?uid=' + uid)
    810. 

  810. 

  811. @app.route('/vote')
    812. 

  812. def vote():
    813. 

  813.   """
    814. 

  814.   request is a special object that Flask provides to access web request information:
    815. 

  815.   request.method:   "GET" or "POST"
    816. 

  816.   request.form:     if the browser submitted a form, this contains the data in the form
    817. 

  817.   request.args:     dictionary of URL arguments e.g., {a:1, b:2} for http://localhost?a=1&b=2
    818. 

  818.   See its API: http://flask.pocoo.org/docs/0.10/api/#incoming-request-data
    819. 

  819.   """
    820. 

  820.   uid = request.cookies.get('uid')
    821. 

  821.   unapproved_cmd = "SELECT q.qid as qid, q.content as content, a.aid as aid, a.name as author, w.wid as wid, w.name as work FROM quotes q INNER JOIN authors a ON q.author = a.aid LEFT JOIN works w on q.work = w.wid WHERE q.num_approvals < 10 ORDER BY q.added_time ASC LIMIT 5"
    822. 

  822.   unapproved_cursor = g.conn.execute(text(unapproved_cmd))
    823. 

  823.   unapproved_quotes = []
    824. 

  824.   for result in unapproved_cursor:
    825. 

  825.     unapproved_quotes.append((result['qid'],result['content'],result['aid'],result['author'],result['wid'],result['work']))
    826. 

  826.   unapproved_cursor.close()
    827. 

  827.   
    828. 

  828. 

  829.   cmd = 'SELECT qid FROM user_approves WHERE user_approves.uid = :uid'
    830. 

  830.   cursor = g.conn.execute(text(cmd),uid = uid)
    831. 

  831.   user_approved_quotes = []
    832. 

  832.   for result in cursor:
    833. 

  833.     user_approved_quotes.append(result[0])
    834. 

  834.   cursor.close()
    835. 

  835.   context = dict(unapproved_quotes = unapproved_quotes,uid = uid,user_approved_quotes = user_approved_quotes)
    836. 

  836. 

  837.   return render_template("voting.html", **context)
    838. 

  838.   
    839. 

  839. 

  840. @app.route('/approveQuote',methods=['POST'])
    841. 

  841. def approveQuote():
    842. 

  842.   qid = request.form['qid']
    843. 

  843.   uid = request.form['uid']
    844. 

  844. 

  845.   # updates user approves table
    846. 

  846.   cmd = 'INSERT INTO user_approves VALUES(:uid,:qid)'
    847. 

  847.   cursor = g.conn.execute(text(cmd),qid=qid,uid=uid)
    848. 

  848.   cursor.close()
    849. 

  849.  
    850. 

  850.   # update the quotes table
    851. 

  851.   cmd = 'UPDATE quotes SET num_approvals = num_approvals + 1 WHERE quotes.qid = :qid'
    852. 

  852.   cursor = g.conn.execute(text(cmd),qid=qid)
    853. 

  853.   cursor.close()
    854. 

  854.   return redirect('/vote')
    855. 

  855. 

  856. 

  857. @app.teardown_request
    858. 

  858. def teardown_request(exception):
    859. 

  859.   """
    860. 

  860.   At the end of the web request, this makes sure to close the database connection.
    861. 

  861.   If you don't the database could run out of memory!
    862. 

  862.   """
    863. 

  863.   try:
    864. 

  864.     g.conn.close()
    865. 

  865.   except Exception as e:
    866. 

  866.     pass
    867. 

  867. 

  868. # Main function for running app
    869. 

  869. if __name__ == "__main__":
    870. 

  870.   import click
    871. 

  871. 

  872.   @click.command()
    873. 

  873.   @click.option('--debug', is_flag=True)
    874. 

  874.   @click.option('--threaded', is_flag=True)
    875. 

  875.   @click.argument('HOST', default='0.0.0.0')
    876. 

  876.   @click.argument('PORT', default=8111, type=int)
    877. 

  877.   def run(debug, threaded, host, port):
    878. 

  878.     """
    879. 

  879.     This function handles command line parameters.
    880. 

  880.     Run the server using
    881. 

  881.         python server.py
    882. 

  882.     Show the help text using
    883. 

  883.         python server.py --help
    884. 

  884.     """
    885. 

    886. 

  886.     HOST, PORT = host, port
    887. 

  887.     print "running on %s:%d" % (HOST, PORT)
    888. 

  888.     app.run(host=HOST, port=PORT, debug=debug, threaded=threaded)
    889. 

  889. 

  890. 

  891.   run()
    892.