guestbook/app.py

49 lines
1.7 KiB
Python
Raw Normal View History

2024-09-17 20:02:37 +03:00
import hashlib, os
import time
from flask import Flask, redirect, render_template, request
import sqlite3
import re
app = Flask(__name__)
db = sqlite3.connect('guestbook.db', check_same_thread=False)
cs = db.cursor()
app.secret_key = hashlib.md5(os.urandom(32)).hexdigest()
@app.template_filter('parsetime')
def parsetime(value):
return time.strftime('%Y-%m-%d %H:%M', time.localtime(value))
@app.route('/')
def index():
statement = 'SELECT "id", "name", "website", "comment", "date", "ip" FROM "entries" ORDER BY id DESC'
cs.execute(statement)
return render_template("index.html", comments=cs.fetchall())
@app.route('/submit', methods=["POST"])
def submit():
errors = []
name = request.form.get("name")
website = request.form.get("website")
comment = request.form.get("comment")
if name != "":
if name.isalnum() != True:
errors.append("Your name must not contain any non-alphanumeric characters")
else:
name = "Anonymous"
if website !="":
if not re.fullmatch(r"^[a-zA-Z0-9]+(\.[a-zA-Z0-9]+)*\.[a-zA-Z]{2,3}(\.[a-zA-Z]{2,3})?$", website):
errors.append("Your site doesn't look valid.")
if comment == "":
errors.append("You must write something.")
elif len(comment) > 512:
errors.append("You wrote more than 512 characters")
if errors != []:
response = ""
for error in errors:
response += f"{error}<br>"
return response
statement = 'INSERT INTO "entries" ("name", "website", "comment", "date", "ip") VALUES (?, ?, ?, ?, ?);'
values = (name, website, comment, int(time.time()), str(request.remote_addr))
cs.execute(statement, values)
db.commit()
return redirect("/")