mirror of
https://github.com/tmdinosaurcenter/kiosk-guestbook.git
synced 2025-04-04 03:11:23 -06:00
4ba6a77ff2
- Hide comment field by default. - Add JavaScript to reveal comment field when first name, last name, and location have at least 3 characters. - Update form instructions to inform users about the comment field.
124 lines
4.5 KiB
Python
124 lines
4.5 KiB
Python
from flask import Flask, render_template, request, redirect, url_for
|
|
import sqlite3
|
|
import re
|
|
import logging
|
|
import os
|
|
|
|
# Set up basic logging
|
|
logging.basicConfig(level=logging.INFO)
|
|
logger = logging.getLogger(__name__)
|
|
|
|
app = Flask(__name__)
|
|
DATABASE = 'guestbook.db'
|
|
|
|
def load_banned_words():
|
|
"""Load a set of banned words from a local file.
|
|
|
|
Expects 'en.txt' to be in the same directory as this script.
|
|
If the file is missing, a minimal fallback set is used.
|
|
"""
|
|
banned_words = set()
|
|
file_path = os.path.join(os.path.dirname(__file__), 'en.txt')
|
|
if os.path.exists(file_path):
|
|
try:
|
|
with open(file_path, 'r', encoding='utf-8') as f:
|
|
for line in f:
|
|
word = line.strip().lower()
|
|
if word:
|
|
banned_words.add(word)
|
|
logger.info("Loaded %d banned words from file.", len(banned_words))
|
|
except Exception as e:
|
|
logger.error("Error reading banned words file: %s", e)
|
|
banned_words = {"fuck", "shit", "damn", "bitch", "asshole", "cunt", "dick", "piss", "crap", "hell"}
|
|
else:
|
|
logger.warning("Banned words file not found. Using fallback minimal list.")
|
|
banned_words = {"fuck", "shit", "damn", "bitch", "asshole", "cunt", "dick", "piss", "crap", "hell"}
|
|
return banned_words
|
|
|
|
# Load the banned words using the helper function.
|
|
BANNED_WORDS = load_banned_words()
|
|
|
|
def contains_banned_words(text):
|
|
"""Check if the provided text contains any banned words."""
|
|
words = text.lower().split()
|
|
for word in words:
|
|
word_clean = word.strip(".,!?;:\"'")
|
|
if word_clean in BANNED_WORDS:
|
|
return True
|
|
return False
|
|
|
|
def init_db():
|
|
conn = sqlite3.connect(DATABASE)
|
|
c = conn.cursor()
|
|
c.execute('''
|
|
CREATE TABLE IF NOT EXISTS guests (
|
|
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
|
first_name TEXT NOT NULL,
|
|
last_name TEXT NOT NULL,
|
|
email TEXT,
|
|
location TEXT NOT NULL,
|
|
comment TEXT,
|
|
timestamp DATETIME DEFAULT CURRENT_TIMESTAMP
|
|
)
|
|
''')
|
|
conn.commit()
|
|
conn.close()
|
|
logger.info("Database initialized.")
|
|
|
|
def is_valid_email(email):
|
|
pattern = r'^[\w\.-]+@[\w\.-]+\.\w+$'
|
|
return re.match(pattern, email)
|
|
|
|
@app.route('/', methods=['GET', 'POST'])
|
|
def index():
|
|
error = None
|
|
if request.method == 'POST':
|
|
logger.info("Received POST request with form data.")
|
|
first_name = request.form.get('first_name', '').strip()
|
|
last_name = request.form.get('last_name', '').strip()
|
|
email = request.form.get('email', '').strip()
|
|
location = request.form.get('location', '').strip()
|
|
comment = request.form.get('comment', '').strip()
|
|
|
|
if not (first_name and last_name and location):
|
|
error = "First name, last name, and location are required."
|
|
logger.warning("Validation error: Missing required fields.")
|
|
elif email and not is_valid_email(email):
|
|
error = "Invalid email address."
|
|
logger.warning("Validation error: Invalid email address '%s'.", email)
|
|
elif comment and contains_banned_words(comment):
|
|
error = "Your comment contains inappropriate language. Please revise."
|
|
logger.warning("Validation error: Inappropriate language detected in comment.")
|
|
|
|
if error:
|
|
conn = sqlite3.connect(DATABASE)
|
|
c = conn.cursor()
|
|
c.execute('SELECT first_name, location FROM guests ORDER BY id DESC')
|
|
guests = c.fetchall()
|
|
conn.close()
|
|
return render_template('index.html', error=error, guests=guests)
|
|
|
|
conn = sqlite3.connect(DATABASE)
|
|
c = conn.cursor()
|
|
c.execute(
|
|
'INSERT INTO guests (first_name, last_name, email, location, comment) VALUES (?, ?, ?, ?, ?)',
|
|
(first_name, last_name, email, location, comment)
|
|
)
|
|
conn.commit()
|
|
conn.close()
|
|
logger.info("New guest entry added: %s from %s.", first_name, location)
|
|
return redirect(url_for('index'))
|
|
|
|
conn = sqlite3.connect(DATABASE)
|
|
c = conn.cursor()
|
|
c.execute('SELECT first_name, location FROM guests ORDER BY id DESC')
|
|
guests = c.fetchall()
|
|
conn.close()
|
|
logger.info("Rendering guestbook page with %d entries.", len(guests))
|
|
return render_template('index.html', error=error, guests=guests)
|
|
|
|
if __name__ == '__main__':
|
|
init_db()
|
|
logger.info("Starting Flask app on host 0.0.0.0, port 5000.")
|
|
app.run(host='0.0.0.0', port=5000)
|