from os import urandom as rand from flaskext.mysql import MySQL import pymysql from flask import Flask, render_template, session, redirect, url_for, request, flash import pprint pp = pprint.PrettyPrinter(indent=4) app = Flask(__name__) # Thank you based StackOverflow def cleanup_string(text): text = text.encode("ascii", "replace").decode() return text.strip() # Load User Table into variable def mysql_do(query): db = pymysql.connect(host='dockerdev', port=3306, user='root', passwd='development', db='QuoteDB') cur = db.cursor() cur.execute(query) data = cur.fetchall() cur.close() db.commit() db.close() return data def app_init(): mysql_do("CREATE TABLE IF NOT EXISTS Users ( uid INT NOT NULL AUTO_INCREMENT PRIMARY KEY, user VARCHAR(255) NOT NULL, realname VARCHAR(255) NOT NULL, password VARCHAR(255), isadmin BIT );") mysql_do("CREATE TABLE IF NOT EXISTS Quotes ( id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, quote VARCHAR(2048) NOT NULL, date VARCHAR(255) NOT NULL, user INT NOT NULL, context VARCHAR(8000), FOREIGN KEY (user) REFERENCES Users(uid) );") app.secret_key = rand(24) global userdb userdb = mysql_do("SELECT * FROM Users") @app.route("/") def index(): if 'username' in session: return render_template("index.html", user=session["username"]) return render_template("index.html") @app.route("/quotes") def quoutepage(): retdata = mysql_do("SELECT * FROM Quotes ORDER BY ID DESC") return render_template("quote_view.html", data=retdata) @app.route("/addquote", methods=['GET','POST']) def addquote(): if request.method == "POST": quotein = pymysql.escape_string(request.form['quote']) contextin = pymysql.escape_string(request.form['context']) userin = pymysql.escape_string(request.form['user']) #Remove Trailing and leading whitespace, strip unicode quotein = cleanup_string(quotein) contextin = cleanup_string(contextin) if not quotein or quotein.isspace(): flash("Error: You must enter a quote!","danger") return redirect(url_for("addquote")) # Check if the