1
0
Fork 0
forked from bton/matekasse

get zu post, wo sinnvoll

This commit is contained in:
2000-Trek 2023-11-24 18:26:54 +01:00
parent 81a45392e8
commit 4d5d228b32
2 changed files with 22 additions and 22 deletions

View file

@ -76,7 +76,7 @@ def create_app(test_config=None):
users = c.fetchall() users = c.fetchall()
text = "" text = ""
for i in users: for i in users:
text = text + f'<p><a href="list/user?id={i[0]}">{escape(i[1])}</a>: {i[2]}€ <form action="/change" method="get"><input name="id" type="hidden" value="{i[0]}"> <input name="change" type="number" step="0.1" placeholder="change balance"></form></p> <br style="line-height: 50%;"></br>' text = text + f'<p><a href="list/user?id={i[0]}">{escape(i[1])}</a>: {i[2]}€ <form action="/change" method="post"><input name="id" type="hidden" value="{i[0]}"> <input name="change" type="number" step="0.1" placeholder="change balance"></form></p> <br style="line-height: 50%;"></br>'
return '''<!DOCTYPE html> return '''<!DOCTYPE html>
<html lang="en"> <html lang="en">
<script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.0.1/socket.io.js" integrity="sha512-q/dWJ3kcmjBLU4Qc47E4A9kTB4m3wuTY7vkFJDTZKjTs8jhyGQnaUrxa0Ytd0ssMZhbNua9hE+E7Qv1j+DyZwA==" crossorigin="anonymous"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.0.1/socket.io.js" integrity="sha512-q/dWJ3kcmjBLU4Qc47E4A9kTB4m3wuTY7vkFJDTZKjTs8jhyGQnaUrxa0Ytd0ssMZhbNua9hE+E7Qv1j+DyZwA==" crossorigin="anonymous"></script>
@ -89,7 +89,7 @@ def create_app(test_config=None):
<title>Strichliste</title> <title>Strichliste</title>
<p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p> <p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p>
<form action="/list/user" method="get"><input name="user" type="search" placeholder="Search for user"><button>Search</button></form> <form action="/list/user" method="get"><input name="user" type="search" placeholder="Search for user"><button>Search</button></form>
<form action="/adduser" method="get"><button type="submit">Add User</button></form> <form action="/adduser" method="post"><button type="submit">Add User</button></form>
<br></br> <br></br>
''' + text + '</html>' ''' + text + '</html>'
@ -117,29 +117,29 @@ def create_app(test_config=None):
<title>{escape(user[1])}</title> <title>{escape(user[1])}</title>
<p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p> <p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p>
<p> {escape(user[1])} : {user[2]} <p> <p> {escape(user[1])} : {user[2]} <p>
<form action="/addtag" method="get"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Add Tag</button></form> <form action="/addtag" method="post"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Add Tag</button></form>
<form action="/removetag" method="get"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Remove Tag</button></form> <form action="/removetag" method="post"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Remove Tag</button></form>
</p><form action="/change" method="get"><input name="id" type="hidden" value="{user[0]}"> <input name="change" type="number" step="0.1" placeholder="change balance"></form> </p><form action="/change" method="post"><input name="id" type="hidden" value="{user[0]}"> <input name="change" type="number" step="0.1" placeholder="change balance"></form>
</p> </p>
<br></br> <br></br>
<p>Tags:</p> <p>Tags:</p>
{text} {text}
<br></br> <br></br>
<form action="/removeuser" method="get"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Remove User</button></form> <form action="/removeuser" method="post"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Remove User</button></form>
</html> </html>
""" """
else: else:
return render_template("error.html", error_code="043") return render_template("error.html", error_code="043")
@app.route("/adduser") @app.route("/adduser", methods=['POST'])
def new_user(): def new_user():
return render_template("adduser.html") return render_template("adduser.html")
@app.route("/removeuser", methods=['GET']) @app.route("/removeuser", methods=['POST'])
def remove_user(): def remove_user():
db = get_db() db = get_db()
c = db.cursor() c = db.cursor()
user_id = request.args.get("id") user_id = request.form["id"]
c.execute(f"SELECT * FROM users WHERE id=?", [user_id]) c.execute(f"SELECT * FROM users WHERE id=?", [user_id])
users = c.fetchall() users = c.fetchall()
if users != []: if users != []:
@ -154,11 +154,11 @@ def create_app(test_config=None):
else: else:
return render_template("error.html", error_code="043") return render_template("error.html", error_code="043")
@app.route("/adduser/user", methods=['GET']) @app.route("/adduser/user", methods=['POST'])
def adduser(): def adduser():
db = get_db() db = get_db()
c = db.cursor() c = db.cursor()
username = request.args.get("username") username = request.form["username"]
if username == None: if username == None:
return render_template("error.html", error_code="418") return render_template("error.html", error_code="418")
c.execute("SELECT * FROM users WHERE username=?", [username]) c.execute("SELECT * FROM users WHERE username=?", [username])
@ -181,12 +181,12 @@ def create_app(test_config=None):
return render_template("error.html", error_code="757") return render_template("error.html", error_code="757")
@app.route("/change", methods=['GET']) @app.route("/change", methods=['POST'])
def change(): def change():
db = get_db() db = get_db()
c = db.cursor() c = db.cursor()
try: try:
user_id = request.args.get("id") user_id = request.form["id"]
change = float(request.args.get("change")) change = float(request.args.get("change"))
except: except:
return render_template("error.html", error_code="095") return render_template("error.html", error_code="095")
@ -210,10 +210,10 @@ def create_app(test_config=None):
else: else:
return render_template("error.html", error_code="043") return render_template("error.html", error_code="043")
@app.route("/addtag", methods=['GET']) @app.route("/addtag", methods=['POST'])
def get_addtag_request(): def get_addtag_request():
try: try:
user_id = int(request.args.get("id")) user_id = int(request.form["id"])
except: #except im Normalen Code! except: #except im Normalen Code!
return render_template("error.html", error_code="095") return render_template("error.html", error_code="095")
session_id = uuid.uuid4() session_id = uuid.uuid4()
@ -248,10 +248,10 @@ def create_app(test_config=None):
socketio.emit("error", "418", to=session[id]) socketio.emit("error", "418", to=session[id])
leave_room(session[id]) leave_room(session[id])
@app.route("/removetag", methods=['GET']) @app.route("/removetag", methods=['POST'])
def get_removetag_request(): def get_removetag_request():
try: try:
user_id = int(request.args.get("id")) user_id = int(request.form["id"])
except: #except im Normalen Code! except: #except im Normalen Code!
return render_template("error.html", error_code="043") return render_template("error.html", error_code="043")
session_id = uuid.uuid4() session_id = uuid.uuid4()
@ -287,11 +287,11 @@ def create_app(test_config=None):
leave_room(session[id]) leave_room(session[id])
#api #api
@app.route("/api/change", methods=['GET']) @app.route("/api/change", methods=['POST'])
def api_change(): def api_change():
db = get_db() db = get_db()
c = db.cursor() c = db.cursor()
userid = request.args.get("id") userid = request.form["id"]
c.execute("SELECT * FROM users WHERE id=?", [userid]) c.execute("SELECT * FROM users WHERE id=?", [userid])
user_list = c.fetchall() user_list = c.fetchall()
if user_list != []: if user_list != []:
@ -311,13 +311,13 @@ def create_app(test_config=None):
return make_response(json.dumps({"mode":"error","error":"043"})) return make_response(json.dumps({"mode":"error","error":"043"}))
@app.route("/api/tag_id", methods=['GET']) @app.route("/api/tag_id", methods=['POST'])
def get_id(): def get_id():
global finished global finished
global message global message
db = get_db() db = get_db()
c = db.cursor() c = db.cursor()
tag_id = request.args.get("id") tag_id = request.form["id"]
c.execute(f"SELECT * FROM tags WHERE tagid=?", [tag_id]) c.execute(f"SELECT * FROM tags WHERE tagid=?", [tag_id])
tag_list = c.fetchall() tag_list = c.fetchall()

View file

@ -3,6 +3,6 @@
<title>add user</title> <title>add user</title>
<p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p> <p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p>
<p> <p>
<form action="/adduser/user" method="get"><input name="username" type="search" placeholder="Username"><button>Add user</button></form> <form action="/adduser/user" method="post"><input name="username" type="search" placeholder="Username"><button>Add user</button></form>
</p> </p>
</html> </html>