|
|
@@ -1,9 +1,14 @@
|
|
|
+import os
|
|
|
+
|
|
|
from flask import Blueprint, render_template, request, flash, redirect, url_for
|
|
|
from flask_login import login_required, current_user
|
|
|
from werkzeug.security import generate_password_hash, check_password_hash
|
|
|
+from werkzeug.utils import secure_filename
|
|
|
from .models import User
|
|
|
from . import db
|
|
|
|
|
|
+from . import alphagen as ag
|
|
|
+
|
|
|
dashboards = Blueprint('dashboards', __name__)
|
|
|
|
|
|
# Main Pages
|
|
|
@@ -35,6 +40,26 @@ def profile():
|
|
|
@dashboards.route('/create_art', methods=['GET', 'POST'])
|
|
|
#login_required
|
|
|
def create():
|
|
|
+ UPLOAD_FOLDER = 'app/static/incoming'
|
|
|
+ ALLOWED_EXT = {'png', 'jpg', 'jpeg'}
|
|
|
+
|
|
|
+ # Checks file for allowed extension
|
|
|
+ def allowed_file(filename):
|
|
|
+ return '.' in filename and \
|
|
|
+ filename.rsplit('.', 1)[1].lower() in ALLOWED_EXT
|
|
|
+
|
|
|
+ # check POST req
|
|
|
+ if request.method == "POST":
|
|
|
+ new_art = request.files.get('art_img')
|
|
|
+
|
|
|
+ if new_art and new_art.filename != '' and allowed_file(new_art.filename):
|
|
|
+ sfn = secure_filename(new_art.filename) # strips any slashes
|
|
|
+ ssfn, fx = os.path.splitext(sfn) # ensures that internal filenames are not
|
|
|
+ rsfn = ag.gen_alphanum() # known to users.
|
|
|
+ ffn = f'{rsfn}{fx}'
|
|
|
+ new_art.save(f'{UPLOAD_FOLDER}/{ffn}')
|
|
|
+
|
|
|
+
|
|
|
return render_template('create_art.html', user=current_user)
|
|
|
|
|
|
# Pop Ups
|
control