anton/matekasse
1
1
Fork 1
Code Issues 8 Pull requests Packages Projects Releases Wiki Activity

Compare commits

base: anton:master
Branches Tags
anton:master
j3d1:j3d1-patch-1
j3d1:master
..
compare: j3d1:master
Branches Tags
j3d1:j3d1-patch-1
j3d1:master
anton:master

No commits in common. "master" and "master" have entirely different histories.
master ... master

23 changed files with 313 additions and 6507 deletions
Show stats Expand all files Collapse all files

4
.gitignore vendored
View file

@ -1,4 +1,5 @@
*.db
socket.io.js
__pycache__/
logs/*
venv/*
@ -9,5 +10,4 @@ flask_session/
/test/.pytest_cache/
/test/flask_session/
/Website/__pycache__/
/Website/.pytest_cache/
/.idea
/Website/.pytest_cache/

6
README
View file

@ -5,6 +5,8 @@ How to get started:
source venv/bin/activate
install requiremens:
pip install -r requirements.txt
create the log folder:
mkdir logs
start the program:
venv/bin/gunicorn -b "127.0.0.1:5000" -k geventwebsocket.gunicorn.workers.GeventWebSocketWorker -w 1 main:app
You can now accses the Website on http://127.0.0.1:5000
python main.py
You can now accses the Website on http://127.0.0.1:5000

301
Website/__init__.py
View file

@ -1,15 +1,28 @@
import queue, time, uuid, json, logging, datetime, os
from flask import Flask, render_template, render_template_string, request, make_response, session, send_file, g
from flask import Flask, render_template, request, make_response, session, send_file, g
from flask_socketio import SocketIO, join_room, leave_room
from flask_session import Session
from Website.db import get_db
import Website.db as db_handler
from markupsafe import escape
from .db import get_db
from datetime import datetime
finished = None
preis = -150 #Ein Getraenk
#flask_config
DATABASE = './Website/mate.db'
#def create_logs(app):
# now = datetime.datetime.now().strftime('%d-%m-%Y-%H-%M-%S')
# logging.basicConfig(filename=f"logs/matekasse-{now}.log",filemode='w', format='%(asctime)s - %(name)s - %(levelname)s - %(message)s' ,encoding='utf-8', level=logging.INFO)
# app.logger = logging.getLogger('db')
#
# app.logger.info("Website is starting")
def log(type=None, userid=None, before=None, after=None):
db = get_db()
c = db.cursor()
c.execute("INSERT or IGNORE INTO transaction_log (timestamp, userid, type, before, after) VALUES (?, ?, ?, ?, ?)", [datetime.now(), userid, type, before, after])
db.commit()
def create_app(test_config=None):
app = Flask(__name__)
key = str(uuid.uuid4().hex)
@ -22,9 +35,10 @@ def create_app(test_config=None):
try:
os.makedirs(app.instance_path)
except OSError:
pass
#with app.app_context():
# create_logs(app)
Session(app)
socketio = SocketIO(app)
@ -41,21 +55,25 @@ def create_app(test_config=None):
#website
@app.route('/favicon.ico')
@app.route('/ccc_logo.png')
def favicon():
return send_file("../static/Logo_CCC.svg.png")
@app.route('/socket.io.js')
def socketiojs():
return send_file('../static/socket.io.js')
@app.route('/new.css')
def newcss():
return send_file('../static/new.min.css')
#@app.route('/socket.io.js')
#def socketiojs():
# return url_for('static', filename='socket.io.js')
@app.route("/")
def index():
return render_template("index.html")
return """
<a href="/list">user and tag list</a>
<p>The creator of this website accepts no liability for any linguistic or technical errors!</p>
<br style="line-height: 500%;"></br>
<a href="/documentation">Doumentation</a><script src="/socket.io.js" integrity="sha512-q/dWJ3kcmjBLU4Qc47E4A9kTB4m3wuTY7vkFJDTZKjTs8jhyGQnaUrxa0Ytd0ssMZhbNua9hE+E7Qv1j+DyZwA==" crossorigin="anonymous">
</script>
<script type="text/javascript" charset="utf-8">
window.location="/list"
</script>
"""
@app.route("/list")
def list():
@ -63,54 +81,34 @@ def create_app(test_config=None):
c = db.cursor()
c.execute("SELECT * FROM users")
users = c.fetchall()
return render_template("list.html", users=users, preis=(preis/100))
text = ""
for i in users:
text = text + f'<p><a href="list/user?id={i[0]}">{escape(i[1])}</a>: {i[2]/100}€ <form action="/change" method="post"><input name="id" type="hidden" value="{i[0]}"> <input name="change" type="number" step="0.1" placeholder="add to balance"></form></p> <br style="line-height: 50%;"></br>'
return '''<!DOCTYPE html>
<html lang="en">
<script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.0.1/socket.io.js" integrity="sha512-q/dWJ3kcmjBLU4Qc47E4A9kTB4m3wuTY7vkFJDTZKjTs8jhyGQnaUrxa0Ytd0ssMZhbNua9hE+E7Qv1j+DyZwA==" crossorigin="anonymous"></script>
<script type="text/javascript" charset="utf-8">
var socket = io();
socket.on("update", function(){
window.location="http://matekasse.server.c3h/list"
});
</script>
<title>Strichliste</title>
<p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p>
<form action="/list/user" method="get"><input name="user" type="search" placeholder="Search for user"><button>Search</button></form>
<form action="/adduser" method="post"><button type="submit">Add User</button></form>
<br></br>
''' + text + '</html>'
@app.route("/transactionlist")
def transactionlist():
db = get_db()
c = db.cursor()
text = ""
c.execute("SELECT * FROM transaction_log ORDER BY ROWID DESC LIMIT 1000")
c.execute("SELECT * FROM transaction_log ORDER BY ROWID DESC LIMIT 100")
transactionlist = c.fetchall()
for i in transactionlist:
statement = i[0]
user_id = i[1]
before = i[2]
after = i[3]
change = i[4]
if statement == "balance":
reverse_statement = "balance"
reverse_user_id = user_id
reverse_before = None
reverse_after = None
reverse_change = change *(-1)
elif statement == "add_user":
reverse_statement = "remove_user"
reverse_user_id = user_id
reverse_before = after
reverse_after = None
reverse_change = None
elif statement == "remove_user":
reverse_statement = "add_user"
reverse_user_id = user_id
reverse_before = None
reverse_after = before
reverse_change = None
elif statement == "add_tag":
reverse_statement = "remove_tag"
reverse_user_id = user_id
reverse_before = after
reverse_after = None
reverse_change = None
elif statement == "remove_tag":
reverse_statement = "add_tag"
reverse_user_id = user_id
reverse_before = None
reverse_after = before
reverse_change = None
else:
raise Exception(statement)
text = text + f'<form action="/api/change" method="post"><p style="display: inline;">{statement} userid:{user_id} {before} {after} {change}</p><input type="hidden" name="statement" value={reverse_statement}><input type="hidden" name="user_id" value={reverse_user_id}><input type="hidden" name="before" value={reverse_before}><input type="hidden" name="after" value={reverse_after}><input type="hidden" name="change" value={reverse_change}><button type="submit">rollback</button></form><br></br>'
text = text + f"<p>{i[0]} userid: {i[1]} {i[2]} {i[3]} to {i[4]}</p>"
return text
@app.route("/list/user", methods=['GET'])
@ -119,18 +117,41 @@ def create_app(test_config=None):
c = db.cursor()
id = request.args.get("id")
c.execute(f"SELECT * FROM users WHERE id=?", [id])
user = c.fetchone()
if user != None :
user_list = c.fetchall()
if user_list != []:
user = user_list[0]
c.execute(f"SELECT * FROM tags WHERE userid={user[0]}")
tags = c.fetchall()
return render_template("user.html", user=user, tags=tags)
text = ""
for tag in tags:
text = text + f'<p><form action="/removetag" method="post"><label for="removetag">{tag[0]} </label><input name="id" type="hidden" value="{user[0]}"><input name="tagid" type="hidden" value="{tag[0]}"><button id="removetag" type="submit">Remove Tag</button></form> </p>'
return f"""<!DOCTYPE html>
<html lang="en">
<script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.0.1/socket.io.js" integrity="sha512-q/dWJ3kcmjBLU4Qc47E4A9kTB4m3wuTY7vkFJDTZKjTs8jhyGQnaUrxa0Ytd0ssMZhbNua9hE+E7Qv1j+DyZwA==" crossorigin="anonymous"></script>
<script type="text/javascript" charset="utf-8">
var socket = io();
""" + 'socket.on("update", function(){ window.location="http://matekasse.server.c3h/list/user?id=' + id + '"});' + f"""
</script>
<title>{escape(user[1])}</title>
<p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p>
<p> {escape(user[1])} : {escape(user[2]/100)} <p>
<form action="/addtag" method="post"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Add Tag</button></form>
<form action="/removetag" method="post"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Remove Tag</button></form>
</p><form action="/change" method="post"><input name="id" type="hidden" value="{user[0]}"> <input name="change" type="number" step="0.1" placeholder="change balance"></form>
</p>
<br></br>
<p>Tags:</p>
{text}
<br></br>
<form action="/removeuser" method="post"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Remove User</button></form>
</html>
"""
else:
return render_template("error.html", error_code="043")
@app.route("/adduser", methods=['POST'])
def new_user():
return render_template("adduser.html")
return render_template("adduser.html")
@app.route("/removeuser", methods=['POST'])
def remove_user():
@ -138,12 +159,16 @@ def create_app(test_config=None):
c = db.cursor()
user_id = request.form["id"]
c.execute(f"SELECT * FROM users WHERE id=?", [user_id])
user = c.fetchone()
if user != None:
user_name = user[1]
db_handler.remove_user(user_id)
users = c.fetchall()
if users != []:
user_name = users[0][1]
c.execute(f"DELETE FROM tags WHERE userid=?", [user_id])
app.logger.info(f"Deleted all tags from user ?", [user_id])
c.execute(f"DELETE FROM users WHERE id=?", [user_id])
db.commit()
log(type="removeuser", userid=user_id, before=user_name)
socketio.emit("update", "update")
return render_template("removeuser.html", user_name=user_name)
return f'<title>remove user</title><p><p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p> <p>Deleted user {escape(user_name)}</p><a href="/list">return to the tags and user list</a></p>'
else:
return render_template("error.html", error_code="043")
@ -156,11 +181,20 @@ def create_app(test_config=None):
return render_template("error.html", error_code="418")
c.execute("SELECT * FROM users WHERE username=?", [username])
if c.fetchall() == []:
db_handler.add_user(username)
c.execute("INSERT or IGNORE INTO users (username, balance) VALUES (?, 0)", [username])
db.commit()
socketio.emit("update", "update")
c.execute(f"SELECT * FROM users WHERE username=?", [username])
user = c.fetchone()
return render_template("redirect.html")
log(type="adduser", userid=user[0], after=user[1])
return """<html>
<script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.0.1/socket.io.js" integrity="sha512-q/dWJ3kcmjBLU4Qc47E4A9kTB4m3wuTY7vkFJDTZKjTs8jhyGQnaUrxa0Ytd0ssMZhbNua9hE+E7Qv1j+DyZwA==" crossorigin="anonymous"></script>
<script type="text/javascript" charset="utf-8">
window.location="/list";
</script>
<p>tag was sucsesfully added</p>
</html>
"""
else:
return render_template("error.html", error_code="757")
@ -171,16 +205,27 @@ def create_app(test_config=None):
c = db.cursor()
try:
user_id = request.form["id"]
change = int(float(request.form["change"]) * float(100))
change = float(request.form["change"])
print(change)
except:
return render_template("error.html", error_code="095")
c.execute(f"SELECT * FROM users WHERE id=?", [user_id])
users = c.fetchall()
if users != []:
balance_old = users[0][2]
db_handler.change_balance(user_id, change)
c.execute(f"UPDATE users SET balance = balance + {change*100} WHERE id={user_id}")
db.commit()
c.execute(f"SELECT * FROM users WHERE id={user_id}")
user = c.fetchone()
log(type="balance", userid=user[0], before=balance_old, after=user[2])
socketio.emit("update", "update")
return render_template("redirect.html")
return """<html>
<script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.0.1/socket.io.js" integrity="sha512-q/dWJ3kcmjBLU4Qc47E4A9kTB4m3wuTY7vkFJDTZKjTs8jhyGQnaUrxa0Ytd0ssMZhbNua9hE+E7Qv1j+DyZwA==" crossorigin="anonymous"></script>
<script type="text/javascript" charset="utf-8">
window.location="/list";
</script>
</html>
"""
else:
return render_template("error.html", error_code="043")
@ -240,9 +285,17 @@ def create_app(test_config=None):
c = db.cursor()
c.execute(f"SELECT * FROM tags WHERE (tagid = ? AND userid = ?)", [tag_id, user_id])
if c.fetchall != []:
db_handler.remove_tag(tag_id)
c.execute(f"DELETE FROM tags WHERE (tagid = ? AND userid = ?)", [tag_id, user_id])
db.commit()
message = f"Removed {tag_id} from user {user_id}"
return render_template("redirect.html")
log(type="removetag", userid=user_id, before=tag_id)
return f"""
<html>
<script>
window.location="/"
</script>
</html>
"""
else:
return render_template("error.html", error_code="054")
@ -273,50 +326,44 @@ def create_app(test_config=None):
socketio.emit("error", "418", to=session[id])
leave_room(session[id])
@app.route("/api/balance", methods=['POST', 'GET'])
#api
@app.route("/api/change", methods=['GET', 'POST'])
def api_change():
if request.method == 'POST':
db = get_db()
c = db.cursor()
userid = request.form["id"]
c.execute("SELECT * FROM users WHERE id=?", [userid])
user_list = c.fetchall()
if user_list != []:
user = user_list[0]
try:
change = int(request.args.get("change"))
except:
change = preis
db_handler.change_balance(userid, change)
socketio.emit("update", "update")
c.execute("SELECT * FROM users WHERE id=?",[userid])
return make_response(json.dumps({"mode":"balance", "username":user[1], "balance":c.fetchone()[2]}))
else:
return make_response(json.dumps({"mode":"error","error":"043"}))
elif request.method == 'GET':
db = get_db()
c = db.cursor()
userid = request.args.get("id")
c.execute("SELECT * FROM users WHERE id=?", [userid])
user = c.fetchone()
if user != None:
return make_response(json.dumps({"mode":"balance", "username":user[1], "balance":user[2]}))
else:
return make_response(json.dumps({"mode":"error", "error":"043"}))
@app.route("/api/tag_id", methods=['POST'])
def get_id():
db = get_db()
c = db.cursor()
try:
userid = request.form["id"]
except:
userid = request.args.get("id")
c.execute("SELECT * FROM users WHERE id=?", [userid])
user_list = c.fetchall()
if user_list != []:
user = user_list[0]
try:
change = int(request.args.get("change"))
except:
change = -1.5
c.execute(f"UPDATE users SET balance = balance + {change*100} WHERE id={user[0]}")
db.commit()
c.execute(f"SELECT * FROM users WHERE id = {userid}")
user_new = c.fetchone()
log(type="balance", userid=user[0], before=user[2], after=user_new[2])
socketio.emit("update", "update")
return make_response(json.dumps({"mode":"balance", "username":user[1], "balance":user_new[2]}))
else:
return make_response(json.dumps({"mode":"error","error":"043"}))
@app.route("/api/tag_id", methods=['GET', 'POST'])
def get_id():
global finished
global message
db = get_db()
c = db.cursor()
try:
tag_id = request.form["id"]
except:
return make_response(json.dumps({"mode":"error", "error":"638"}))
tag_id = request.args.get("id")
c.execute(f"SELECT * FROM tags WHERE tagid=?", [tag_id])
tag_list = c.fetchall()
@ -336,16 +383,20 @@ def create_app(test_config=None):
finished = queue_item
return make_response(json.dumps({"mode":"error","error":"170"}))
else:
db_handler.add_tag(user_id, tag_id)
c.execute(f"INSERT OR IGNORE INTO tags (tagid, userid) VALUES ({tag_id}, ?)", [user_id])
db.commit()
message = f"Added {tag_id} to {username}"
log(type="addtag", userid=user_id ,after=tag_id)
finished = queue_item
return make_response(json.dumps({"mode":"message","username":"{}".format(username),"message":"A tag was added"}))
elif state == "remove":
c.execute(f"SELECT * FROM tags WHERE (tagid = {tag_id} AND userid = ?)", [user_id])
tags = c.fetchall()
if tags != []:
c.execute(f"DELETE FROM tags WHERE (tagid = {tag_id} AND userid = ?)", [user_id])
db.commit()
message = f"Removed {tag_id} from {username}"
log(type="removetag", userid=user_id, before=tag_id)
finished = queue_item
return make_response(json.dumps({"mode":"message","username":"{}".format(username),"message":"A tag was removed"}))
else:
@ -363,9 +414,11 @@ def create_app(test_config=None):
if user_list != []:
balance_old = user_list[0][2]
if user_queue.qsize() == 0:
db_handler.change_balance(tag[1], preis)
c.execute(f"UPDATE users SET balance = balance - 150 WHERE id={tag[1]}")
db.commit()
c.execute(f"SELECT * FROM users WHERE id={tag[1]}")
user = c.fetchone()
log(type="balance", userid=user[0], before=balance_old, after=user[2])
socketio.emit("update", "update")
return make_response(json.dumps({"mode":"balance", "username":user[1], "balance":user[2]/100}))
else:
@ -373,35 +426,9 @@ def create_app(test_config=None):
socketio.emit("update", "update")
return make_response(json.dumps({"mode":"error","error":"054"}))
@app.route("/api/change", methods=['POST'])
def reroll():
statement = request.form["statement"]
user_id = request.form["user_id"]
before = request.form["before"]
after = request.form["after"]
change = request.form["change"]
if statement == "add_user":
db_handler.add_user(after)
elif statement == "remove_user":
db_handler.remove_user(user_id)
elif statement == "add_tag":
db_handler.add_tag(user_id, after)
elif statement == "remove_tag":
db_handler.remove_tag(befor)
elif statement == "balance":
db_handler.change_balance(user_id, change)
else:
return make_response(json.dumps({"mode":"error", "error":"418"})) #Error code
socketio.emit("update", "update")
return render_template("index.html")
#Documentation
@app.route("/documentation")
def documentation():
return render_template("documentation.html")
return {"app":app,"socketio":socketio}
return {"app":app,"socketio":socketio}

51
Website/db.py
View file

@ -1,58 +1,9 @@
from re import M
from markupsafe import escape
import sqlite3
from datetime import datetime
import click
from flask import current_app, g
def log(statement, user_id=None, before=None, after=None, change=None):
db = get_db()
c = db.cursor()
c.execute("INSERT INTO transaction_log (type, user_id, before, after, change) VALUES (?, ?, ?, ?, ?)", [ statement, user_id, before, after, change])
db.commit()
def add_user(after):
db = get_db()
c = db.cursor()
c.execute("INSERT or IGNORE INTO users (username, balance) VALUES (?, 0)", [after])
user_id = c.lastrowid
log("add_user", user_id=user_id, after=after)
db.commit()
def remove_user(user_id):
db = get_db()
c = db.cursor()
c.execute("SELECT * FROM users WHERE id = ?", [user_id])
user_name = c.fetchone()[1]
c.execute("SELECT * FROM tags WHERE userid = ?", [user_id])
for tag in c.fetchall():
remove_tag(tag[0])
c.execute("DELETE FROM users WHERE id = ?", [user_id])
log("remove_user", user_id=user_id, before=user_name)
db.commit()
def add_tag(user_id, tag_id):
db = get_db()
c = db.cursor()
c.execute("INSERT OR IGNORE INTO tags (tagid, userid) VALUES (?, ?)", [tag_id, user_id])
db.commit()
log("add_tag", after=tag_id, user_id=user_id)
def remove_tag(tag_id):
db = get_db()
c = db.cursor()
c.execute("SELECT * FROM tags WHERE tagid = ?", [tag_id])
user_id = c.fetchone()[1]
c.execute("DELETE FROM tags WHERE tagid = ?", [tag_id])
log("remove_tag", before=tag_id, user_id=user_id)
db.commit()
def change_balance(user_id, change):
db = get_db()
c = db.cursor()
c.execute("UPDATE users SET balance = balance + ? WHERE id=?", [change, user_id])
log("balance", user_id=user_id, change=change)
db.commit()
def get_db():
if 'db' not in g:

14
Website/mate.db.sql.txt Normal file
View file

@ -0,0 +1,14 @@
BEGIN TRANSACTION;
CREATE TABLE IF NOT EXISTS "users" (
"id" INTEGER NOT NULL,
"username" TEXT NOT NULL,
"balance" INTEGER NOT NULL,
PRIMARY KEY("id")
);
CREATE TABLE IF NOT EXISTS "tags" (
"tagid" INEGER NOT NULL,
"userid" INTEGER,
FOREIGN KEY("userid") REFERENCES "users"("id"),
PRIMARY KEY("tagid")
);
COMMIT;

12
Website/schema.sql
View file

@ -12,10 +12,10 @@ CREATE TABLE IF NOT EXISTS "tags" (
PRIMARY KEY("tagid")
);
CREATE TABLE IF NOT EXISTS "transaction_log" (
"type" TEXT NOT NULL,
"user_id" INTEGER,
"before" TEXT,
"after" TEXT,
"change" INTEGER
"timestamp" INTEGER NOT NULL,
"userid" INTEGER NOT NULL,
"type" TEXT NOT NULL,
"before" TEXT,
"after" TEXT
);
COMMIT;
COMMIT;

51
Website/templates/addtag.html
View file

@ -1,25 +1,26 @@
{% extends "base.html" %}
{% block customscript %}
<script type="text/javascript" charset="utf-8">
var socket = io();
var user = {{ user }}
socket.on('connect', function() {
socket.emit('addtag', {data: user});
});
socket.on("busy", function(){
document.write('<p>the nfc reader is busy at the moment. Pleas Wait ...</p>')
socket.emit('addtag', {data: user})
});
socket.on("wait", function(){
document.write('<p>Pleas hold your tag on to the nfc reader</p>')
});
socket.on("error", function(data) {
alert(data)
window.location="http://matekasse.server.c3h/"
});
socket.on("finished", function(data){
alert(data)
window.location="http://matekasse.server.c3h/"
});
</script>
{% endblock %}
<!DOCTYPE html>
<html lang="en">
<script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.0.1/socket.io.js" integrity="sha512-q/dWJ3kcmjBLU4Qc47E4A9kTB4m3wuTY7vkFJDTZKjTs8jhyGQnaUrxa0Ytd0ssMZhbNua9hE+E7Qv1j+DyZwA==" crossorigin="anonymous"></script>
<script type="text/javascript" charset="utf-8">
var socket = io();
var user = {{ user }}
socket.on('connect', function() {
socket.emit('addtag', {data: user});
});
socket.on("busy", function(){
document.write('<p>the nfc reader is busy at the moment. Pleas Wait ...</p>')
socket.emit('addtag', {data: user})
});
socket.on("wait", function(){
document.write('<p>Pleas hold your tag on to the nfc reader</p>')
});
socket.on("error", function(data) {
alert(data)
window.location="http://matekasse.server.c3h/"
});
socket.on("finished", function(data){
alert(data)
window.location="http://matekasse.server.c3h/"
});
</script>
</html>

18
Website/templates/adduser.html
View file

@ -1,10 +1,8 @@
{% extends "base.html" %}
{% block title %}
add user
{% endblock %}
{% block content %}
<form action="/adduser/user" method="post"><input name="username" type="search" placeholder="Username">
<button>Add user</button>
</form>
</p>
{% endblock %}
<!DOCTYPE html>
<html lang="en">
<title>add user</title>
<p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p>
<p>
<form action="/adduser/user" method="post"><input name="username" type="search" placeholder="Username"><button>Add user</button></form>
</p>
</html>

40
Website/templates/base.html
View file

@ -1,27 +1,17 @@
<!DOCTYPE html>
<html lang="en">
<head>
<title>{% block title %}{% endblock %}</title>
<script src="/socket.io.js"
integrity="sha512-q/dWJ3kcmjBLU4Qc47E4A9kTB4m3wuTY7vkFJDTZKjTs8jhyGQnaUrxa0Ytd0ssMZhbNua9hE+E7Qv1j+DyZwA=="
crossorigin="anonymous"
></script>
<link rel="stylesheet" href="/new.css">
<link rel="shortcut icon" type="Logo/png" href="/ccc_logo.png"/>
{% block customscript %}{% endblock %}
</head>
<body>
<nav>
<p><a href="/">index page</a>
| <a href="/list">user and tag list</a>
| <a href="/documentation">Documentation</a>
| <a href="/transactionlist">transactionlist</a>
</p>
</nav>
<hr>
<div class="conntent">
{% block content %} {% endblock %}
</div>
</body>
</html>
<head>
<title>
{% block title %} {% endblock %} - FlaskApp
</title>
</head>
<body>
<nav>
<p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p>
</nav>
<hr>
<div class="conntent">
{% block content %} {% endblock %}
</div>
</body>
</html>

11
Website/templates/change.html
View file

@ -1,5 +1,6 @@
{% extends "base.html" %}
{% block customscript %}
<!DOCTYPE html>
<html lang="en">
<script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.0.1/socket.io.js" integrity="sha512-q/dWJ3kcmjBLU4Qc47E4A9kTB4m3wuTY7vkFJDTZKjTs8jhyGQnaUrxa0Ytd0ssMZhbNua9hE+E7Qv1j+DyZwA==" crossorigin="anonymous"></script>
<script type="text/javascript" charset="utf-8">
var socket = io();
var change = {{change}}
@ -15,11 +16,11 @@
});
socket.on("error", function(data) {
alert(data)
window.location="/list"
window.location="http://matekasse.server.c3h/"
});
socket.on("finished", function(data){
alert(data)
window.location="/list"
window.location="http://matekasse.server.c3h/"
});
</script>
{% endblock %}
</html>

16
Website/templates/confirmation.html
View file

@ -1,16 +0,0 @@
{% extends "base.html" %}
{% block customscript %}
<script type="text/javascript" charset="utf-8">
if (confirm("{message}") == true) {
fetch("{{destination}}", {
method: "POST",
body: JSON.stringify({data}),
headers: {
"Content-type": "application/json; charset=UTF-8"
}
})
} else {
window.location = "/list"
}
</script>
{% endblock %}

91
Website/templates/documentation.html
View file

@ -1,44 +1,47 @@
{% extends "base.html" %}
{% block title %}
Documentation
{% endblock %}
{% block customscript %}
<link rel="stylesheet" type="text/css" href="documentation.css">
{% endblock %}
{% block content %}
<h1 class="header"> <u>Documentation</u> </h1>
<p>&nbsp;</p>
<div id="text">
<h2>API:</h2>
<p>http://matekasse.server.c3h/api/tag_id</p>
<p>Post method {"id":tag_id}</p>
<p>Response:
{"mode":"error" "error":"{error}"} or
{"mode":"message","username":"{username}","message":"{message}"} or
{"mode":"balance", "username":"{username}", "balance":"{balance}"}
</p>
<br></br>
<p>http://matekasse.server.c3h/api/balance</p>
<p>Post method {"id":user_id, "change":change}</p>
<p>
If change = None or NaN the change will be -1
</p>
<p>Get method ?id=user_id</p>
<p>
Response:
{"mode":"error" "error":"{error}"} or
{"mode":"balance", "username":"{username}", "balance":"{balance}"}
</p>
<br></br>
<h2>Error Codes:</h2>
<p>170: Tag already in use</p>
<p>054: Tag does not exists</p>
<p>757: User already exists</p>
<p>043: User does not exists</p>
<p>352: Timeout</p>
<p>095: Input is not a Number</p>
<p>638: Wrong Input</p>
<P>418: I'm a teapot</P>
</div>
{% endblock %}
<html>
<head>
<title>Documentation</title>
<link rel="stylesheet" type="text/css" href="documentation.css">
<link rel="shortcut icon" type="Logo/png" href="ccc_logo.png"/>
</head>
<body>
<div id="Infos">
<p> <a href="/">index page</a> | <a href="/list">user and tag list</a></p>
<p><a href="https://hannover.ccc.de/gitlab/anton/matekasse">https://hannover.ccc.de/gitlab/anton/matekasse</a></p>
</div>
<h1 class="header"> <u>Documentation</u> </h1>
<p>&nbsp;</p>
<div id="text">
<h2>API:</h2>
<p>http://matekasse.server.c3h/api/tag_id?={tag_id}</p>
<p>Response:
{"mode":"error" "error":"{error}"} or
{"mode":"message","username":"{username}","message":"{message}"} or
{"mode":"balance", "username":"{username}", "balance":"{balance}"}
</p>
<br></br>
<p>http://matekasse.server.c3h/api/change?id={user_id}&?change={change}</p>
<p>
If change = None or NaN the change will be -1
</p>
<p>
Response:
{"mode":"error" "error":"{error}"} or
{"mode":"balance", "username":"{username}", "balance":"{balance}"}
</p>
<br></br>
<h2>Error Codes:</h2>
<p>170: Tag already exists</p>
<p>054: Tag does not exists</p>
<p>757: Usere already exists</p>
<p>043: User does not exists</p>
<p>352: Timeout</p>
<p>095: Input is not a Number</p>
<P>418: I'm a teapot</P>
</div>
</body>
</html>

14
Website/templates/error.html
View file

@ -1,8 +1,8 @@
{% extends "base.html" %}
{% block title %}Error{% endblock %}
{% block customscript %}
<p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p>
<p>
<!DOCTYPE html>
<html lang="en">
<title>Error</title>
<p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p>
<p>
Error: {{error_code}}
</p>
{% endblock %}
</p>
</html>

12
Website/templates/index.html
View file

@ -1,12 +0,0 @@
{% extends "base.html" %}
{% block customscript %}
<script type="text/javascript" charset="utf-8">
window.location="/list"
</script>
{% endblock %}
{% block content %}
<a href="/list">user and tag list</a>
<p>The creator of this website accepts no liability for any linguistic or technical errors!</p>
<br style="line-height: 500%;"></br>
<a href="/documentation">Doumentation</a>
{% endblock %}

35
Website/templates/list.html
View file

@ -1,35 +0,0 @@
{% extends "base.html" %}
{% block title %}
Strichliste
{% endblock %}
{% block customscript %}
<script type="text/javascript" charset="utf-8">
var socket = io();
socket.on("update", function () {
window.location = "http://matekasse.server.c3h/list"
});
</script>
{% endblock %}
{% block content %}
<form action="/list/user" method="get"><input name="user" type="search" placeholder="Search for user">
<button>Search</button>
</form>
<form action="/adduser" method="post">
<button type="submit">Add User</button>
</form>
<br></br>
{% for i in users %}
<form action="/change" method="post" style="display: inline;">
<p style="display: inline;">
<a href="list/user?id={{i[0]}}">{{i[1]}}</a>: {{i[2]/100}}€
</p>
<input name="id" type="hidden" value="{{i[0]}}">
<input name="change" type="number" lang="nb" step="0.01" placeholder="add to balance">
</form>
<form action="/change" method="post" style="display: inline">
<input name="id" type="hidden" value="{{i[0]}}">
<button type="submit" name="change" value={{preis}}>{{preis}}€</button>
</form>
<br style="line-height: 50%;"></br>
{% endfor %}
{% endblock %}

12
Website/templates/redirect.html
View file

@ -1,12 +0,0 @@
{% extends "base.html" %}
{% block title %}
{% endblock %}
{% block content %}
<p>redirekting</p>
<a href="/list">destination</a>
{% endblock %}
{% block customscript %}
<script type="text/javascript" charset="utf-8">
window.location = "/list";
</script>
{% endblock %}

9
Website/templates/removetag.html
View file

@ -1,6 +1,7 @@
{% extends "base.html" %}
{% block customscript %}
<script type="text/javascript" charset="utf-8">
<!DOCTYPE html>
<html lang="en">
<script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.0.1/socket.io.js" integrity="sha512-q/dWJ3kcmjBLU4Qc47E4A9kTB4m3wuTY7vkFJDTZKjTs8jhyGQnaUrxa0Ytd0ssMZhbNua9hE+E7Qv1j+DyZwA==" crossorigin="anonymous"></script>
<script type="text/javascript" charset="utf-8">
var socket = io();
var user = {{ user }}
socket.on('connect', function() {
@ -22,4 +23,4 @@
window.location="http://matekasse.server.c3h/"
});
</script>
{% endblock %}
</html>

10
Website/templates/removeuser.html
View file

@ -1,10 +0,0 @@
{% extends "base.html" %}
{% block title %}
remove user
{% endblock %}
{% block content %}
<p>
<p>Deleted user {{user_name|safe}}</p>
<a href="/list">return to the tags and user list</a>
</p>
{% endblock %}

45
Website/templates/user.html
View file

@ -1,45 +0,0 @@
{% extends "base.html" %}
{% block customscript %}
<script type="text/javascript" charset="utf-8">
var socket = io();
socket.on("update", function () {
window.location = "/list/user?id={{user[0]}}"
});
</script>
{% endblock %}
{% block title %}
{{user[1]}}
{% endblock %}
{% block content %}
<p> {{user[1]}} : {{user[2]/100}}€ <p>
<form action="/addtag" method="post">
<input name="id" type="hidden" value="{{user[0]}}">
<button type="submit">Add Tag</button>
</form>
<form action="/removetag" method="post">
<input name="id" type="hidden" value="{{user[0]}}">
<button type="submit">Remove Tag</button>
</form>
</p>
<form action="/change" method="post">
<input name="id" type="hidden" value="{{user[0]}}">
<input name="change" type="number" lang="nb" step="0.01" placeholder="change balance">
</form>
</p>
<br></br>
<p>Tags:</p>
{% for tag in tags %}
<p>
<form action="/removetag" method="post">
<label for="removetag">{{tag[0]}} </label>
<input name="id" type="hidden" value="{{user[0]}}">
<input name="tagid" type="hidden" value="{{tag[0]}}">
<button id="removetag" type="submit">Remove Tag</button>
</form>
</p>
{% endfor %}
<br></br>
<form action="/removeuser" method="post"><input name="id" type="hidden" value="{{user[0]}}">
<button type="submit">Remove User</button>
</form>
{% endblock %}

4
main.py
View file

@ -10,9 +10,11 @@ def exit_handler():
sys.exit("Program sucsesfully exited")
def main():
app_data = create_app()
app = app_data["app"]
socketio = app_data["socketio"]
atexit.register(exit_handler)
socketio.run(app, host='0.0.0.0', port=5000)
if __name__ == "__main__":
main()
main()

8
static/new.min.css vendored
View file

@ -1,8 +0,0 @@
/**
* Minified by jsDelivr using clean-css v4.2.1.
* Original file: /npm/@exampledev/new.css@1.1.2/new.css
*
* Do NOT use SRI with dynamically generated files! More information: https://www.jsdelivr.com/using-sri-with-dynamic-files
*/
:root{--nc-font-sans:'Inter',-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,Oxygen,Ubuntu,Cantarell,'Open Sans','Helvetica Neue',sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";--nc-font-mono:Consolas,monaco,'Ubuntu Mono','Liberation Mono','Courier New',Courier,monospace;--nc-tx-1:#000000;--nc-tx-2:#1A1A1A;--nc-bg-1:#FFFFFF;--nc-bg-2:#F6F8FA;--nc-bg-3:#E5E7EB;--nc-lk-1:#0070F3;--nc-lk-2:#0366D6;--nc-lk-tx:#FFFFFF;--nc-ac-1:#79FFE1;--nc-ac-tx:#0C4047}@media (prefers-color-scheme:dark){:root{--nc-tx-1:#ffffff;--nc-tx-2:#eeeeee;--nc-bg-1:#000000;--nc-bg-2:#111111;--nc-bg-3:#222222;--nc-lk-1:#3291FF;--nc-lk-2:#0070F3;--nc-lk-tx:#FFFFFF;--nc-ac-1:#7928CA;--nc-ac-tx:#FFFFFF}}*{margin:0;padding:0}address,area,article,aside,audio,blockquote,datalist,details,dl,fieldset,figure,form,iframe,img,input,meter,nav,ol,optgroup,option,output,p,pre,progress,ruby,section,table,textarea,ul,video{margin-bottom:1rem}button,html,input,select{font-family:var(--nc-font-sans)}body{margin:0 auto;max-width:750px;padding:2rem;border-radius:6px;overflow-x:hidden;word-break:break-word;overflow-wrap:break-word;background:var(--nc-bg-1);color:var(--nc-tx-2);font-size:1.03rem;line-height:1.5}::selection{background:var(--nc-ac-1);color:var(--nc-ac-tx)}h1,h2,h3,h4,h5,h6{line-height:1;color:var(--nc-tx-1);padding-top:.875rem}h1,h2,h3{color:var(--nc-tx-1);padding-bottom:2px;margin-bottom:8px;border-bottom:1px solid var(--nc-bg-2)}h4,h5,h6{margin-bottom:.3rem}h1{font-size:2.25rem}h2{font-size:1.85rem}h3{font-size:1.55rem}h4{font-size:1.25rem}h5{font-size:1rem}h6{font-size:.875rem}a{color:var(--nc-lk-1)}a:hover{color:var(--nc-lk-2)}abbr:hover{cursor:help}blockquote{padding:1.5rem;background:var(--nc-bg-2);border-left:5px solid var(--nc-bg-3)}abbr{cursor:help}blockquote :last-child{padding-bottom:0;margin-bottom:0}header{background:var(--nc-bg-2);border-bottom:1px solid var(--nc-bg-3);padding:2rem 1.5rem;margin:-2rem calc(0px - (50vw - 50%)) 2rem;padding-left:calc(50vw - 50%);padding-right:calc(50vw - 50%)}header h1,header h2,header h3{padding-bottom:0;border-bottom:0}header>:first-child{margin-top:0;padding-top:0}header>:last-child{margin-bottom:0}a button,button,input[type=button],input[type=reset],input[type=submit]{font-size:1rem;display:inline-block;padding:6px 12px;text-align:center;text-decoration:none;white-space:nowrap;background:var(--nc-lk-1);color:var(--nc-lk-tx);border:0;border-radius:4px;box-sizing:border-box;cursor:pointer;color:var(--nc-lk-tx)}a button[disabled],button[disabled],input[type=button][disabled],input[type=reset][disabled],input[type=submit][disabled]{cursor:default;opacity:.5;cursor:not-allowed}.button:focus,.button:hover,button:focus,button:hover,input[type=button]:focus,input[type=button]:hover,input[type=reset]:focus,input[type=reset]:hover,input[type=submit]:focus,input[type=submit]:hover{background:var(--nc-lk-2)}code,kbd,pre,samp{font-family:var(--nc-font-mono)}code,kbd,pre,samp{background:var(--nc-bg-2);border:1px solid var(--nc-bg-3);border-radius:4px;padding:3px 6px;font-size:.9rem}kbd{border-bottom:3px solid var(--nc-bg-3)}pre{padding:1rem 1.4rem;max-width:100%;overflow:auto}pre code{background:inherit;font-size:inherit;color:inherit;border:0;padding:0;margin:0}code pre{display:inline;background:inherit;font-size:inherit;color:inherit;border:0;padding:0;margin:0}details{padding:.6rem 1rem;background:var(--nc-bg-2);border:1px solid var(--nc-bg-3);border-radius:4px}summary{cursor:pointer;font-weight:700}details[open]{padding-bottom:.75rem}details[open] summary{margin-bottom:6px}details[open]>:last-child{margin-bottom:0}dt{font-weight:700}dd::before{content:'→ '}hr{border:0;border-bottom:1px solid var(--nc-bg-3);margin:1rem auto}fieldset{margin-top:1rem;padding:2rem;border:1px solid var(--nc-bg-3);border-radius:4px}legend{padding:auto .5rem}table{border-collapse:collapse;width:100%}td,th{border:1px solid var(--nc-bg-3);text-align:left;padding:.5rem}th{background:var(--nc-bg-2)}tr:nth-child(even){background:var(--nc-bg-2)}table caption{font-weight:700;margin-bottom:.5rem}textarea{max-width:100%}ol,ul{padding-left:2rem}li{margin-top:.4rem}ol ol,ol ul,ul ol,ul ul{margin-bottom:0}mark{padding:3px 6px;background:var(--nc-ac-1);color:var(--nc-ac-tx)}input,select,textarea{padding:6px 12px;margin-bottom:.5rem;background:var(--nc-bg-2);color:var(--nc-tx-2);border:1px solid var(--nc-bg-3);border-radius:4px;box-shadow:none;box-sizing:border-box}img{max-width:100%}
/*# sourceMappingURL=/sm/4a51164882967d28a74fabce02685c18fa45a529b77514edc75d708f04dd08b9.map */

6046
static/socket.io.js
View file

File diff suppressed because it is too large Load diff

10
tests/test_website.py
View file

@ -23,14 +23,14 @@ def test_index(client):
#/adduser
def test_adduser(client):
response = client.post('/adduser/user', data={})
response = client.get('/adduser/user')
assert "418" in response.data.decode('utf-8')
def test_adduser_new(app, client):
with app.app_context():
db = get_db()
assert db is get_db()
response = client.post('/adduser/user', data={user_name:"test"})
response = client.get('/adduser/user?username=test')
c = db.cursor()
c.execute("SELECT * FROM users WHERE username = ?", ["test"])
data = c.fetchone()
@ -40,7 +40,7 @@ def test_adduser_new(app, client):
assert data[2] == 0
def test_adduser_allreadyexists(client):
response = client.post('/adduser/user', data={username:"test"})
response = client.get('/adduser/user?username=test')
assert "Error: 757" in response.data.decode('utf-8')
#/addtag
@ -49,7 +49,7 @@ def test_addtag(client):
assert response.data.decode('utf-8') == "Error: 095"
def test_addtag_userid_nan(client):
response = client.post('/addtag', data={id:1})
response = client.get('/addtag?id=test')
assert response.data.decode('utf-8') == "Error: 095"
def test_add_tag_direktli(app):
@ -166,4 +166,4 @@ def test_sqlinjektion_adduser(app, client):
assert data[1] == i
assert data[2] == 0
assert "tag was sucsesfully added" in response.data.decode('utf-8')
count += 1
count += 1