Skill-Forge-Project
diff --git a/‎Dockerfile‎
Lines changed: 2 additions & 2 deletions b/‎Dockerfile‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎app/forms.py‎
Lines changed: 11 additions & 10 deletions b/‎app/forms.py‎
Lines changed: 11 additions & 10 deletions
diff --git a/‎app/routes/routes.py‎
Lines changed: 15 additions & 5 deletions b/‎app/routes/routes.py‎
Lines changed: 15 additions & 5 deletions
diff --git a/‎app/routes/user_routes.py‎
Lines changed: 50 additions & 28 deletions b/‎app/routes/user_routes.py‎
Lines changed: 50 additions & 28 deletions
diff --git a/‎app/static/css/user_profile.css‎
Lines changed: 3 additions & 0 deletions b/‎app/static/css/user_profile.css‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎app/templates/register.html‎
Lines changed: 1 addition & 1 deletion b/‎app/templates/register.html‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎app/templates/user_profile_view.html‎
Lines changed: 0 additions & 3 deletions b/‎app/templates/user_profile_view.html‎
Lines changed: 0 additions & 3 deletions
diff --git a/‎old-build/Dockerfile.postgres‎
Lines changed: 0 additions & 5 deletions b/‎old-build/Dockerfile.postgres‎
Lines changed: 0 additions & 5 deletions
diff --git a/‎old-build/Dockerfile.skill_forge‎
Lines changed: 0 additions & 36 deletions b/‎old-build/Dockerfile.skill_forge‎
Lines changed: 0 additions & 36 deletions
diff --git a/‎old-build/achievements.sql‎
Lines changed: 0 additions & 42 deletions b/‎old-build/achievements.sql‎
Lines changed: 0 additions & 42 deletions
@@ -3,9 +3,9 @@ FROM python:latest
 
 # Image Labels. Update values for each build
 LABEL Name="Skill-Forge"
-LABEL Version="1.4.2"
+LABEL Version="1.4.3"
 LABEL Release="public"
-LABEL ReleaseDate="06.10.2024"
+LABEL ReleaseDate="08.10.2024"
 LABEL Description="Skill Forge is a open-source platform for learning and practicing programming languages."
 LABEL Maintainer="Aleksandar Karastoyanov <karastoqnov.alexadar@gmail.com>"
 LABEL License="GNU GPL v3.0 license"
 
@@ -1,4 +1,5 @@
 from flask_wtf import FlaskForm
+from flask_wtf.file import FileField, FileAllowed
 from flask import flash
 from wtforms import StringField, PasswordField, SubmitField, HiddenField, SelectField, TextAreaField, RadioField, FileField, BooleanField
 from wtforms.validators import Email, Length, EqualTo, DataRequired, ValidationError, Regexp, Optional
@@ -190,16 +191,16 @@ class ContactForm(FlaskForm):
 
 ########### User Profile Form - update user's profile ###########
 class UserProfileForm(FlaskForm):
-    about_me = TextAreaField('About Me', validators=[Optional()])
-    first_name = StringField('First Name', validators=[Optional()])
-    last_name = StringField('Last Name', validators=[Optional()])
-    email = StringField('Email', validators=[Optional(), Email(), latin_characters_only])
-    facebook_profile = StringField('Facebook Profile', validators=[Optional()])
-    instagram_profile = StringField('Instagram', validators=[Optional()])
-    github_profile = StringField('GitHub', validators=[Optional()])
-    discord_id = StringField('Discord ID', validators=[Optional()])
-    linked_in = StringField('LinkedIn', validators=[Optional()])
-    avatar = FileField('Upload Avatar', name="update_avatar", validators=[Optional()])
+    about_me = TextAreaField('About Me', validators=[Optional(), Length(max=500)])
+    first_name = StringField('First Name', validators=[Optional(), Length(max=30)])
+    last_name = StringField('Last Name', validators=[Optional(), Length(max=30)])
+    email = StringField('Email', validators=[Optional(), Email(), latin_characters_only, Length(max=120)])
+    facebook_profile = StringField('Facebook Profile', validators=[Optional(), Length(max=120)])
+    instagram_profile = StringField('Instagram', validators=[Optional(), Length(max=120)])
+    github_profile = StringField('GitHub', validators=[Optional(), Length(max=120)])
+    discord_id = StringField('Discord ID', validators=[Optional(), Length(max=120)])
+    linked_in = StringField('LinkedIn', validators=[Optional(), Length(max=120)])
+    avatar = FileField('Upload Avatar', name="update_avatar", validators=[Optional(), FileAllowed(['jpg', 'jpeg', 'png'], "File type not allowed! Please upload an image file(jpg, jpeg, png).")])  
     submit = SubmitField('Update Profile', name="submit")
 
 ########### Submit Quest Form - as a Regular User ###########
 
@@ -6,6 +6,7 @@
 from app.mailtrap import send_reset_email, send_welcome_mail, send_contact_email
 # Import the database instance
 from app.database.db_init import db
+from sqlalchemy import func
 from app import bcrypt
 # Import the forms and models
 from app.forms import LoginForm, RegistrationForm, EmailResetForm, PasswordResetForm, ContactForm
@@ -24,7 +25,11 @@
 def login():
     form = LoginForm()
     if form.validate_on_submit():
-        user = User.query.filter((User.username==form.username.data) | (User.email==form.username.data)).first()
+        # Convert the input (username or email) to lowercase
+        input_lower = form.username.data.lower()
+        
+        # Check for a user by username or email (case-insensitive check for email)
+        user = User.query.filter((User.username == input_lower) | (func.lower(User.email) == input_lower)).first()
         if user:
             if not user.is_banned:
                 if bcrypt.check_password_hash(user.password, form.password.data):
@@ -62,14 +67,19 @@ def logout():
 def register():
     form = RegistrationForm()
     if form.validate_on_submit():
+        # Convert the email and the username to lowercase
+        email_lower = form.email.data.lower()
+        username_lower = form.username.data.lower()
         # Check if the email or username is already in use
-        existing_user = User.query.filter((User.email == form.email.data) | (User.username == form.username.data)).first()
+        existing_user = User.query.filter((User.email == email_lower) | (User.username == username_lower)).first()
+        
         if existing_user:
             flash('Email or username already in use', 'error')
             return render_template('register.html', form=form)
+        
         # Create a new user
         hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
-        new_user = User(email=form.email.data, username=form.username.data, 
+        new_user = User(email=email_lower, username=username_lower, 
                         first_name=form.first_name.data, last_name=form.last_name.data, 
                         password=hashed_password)
 
@@ -90,7 +100,7 @@ def register():
 
         db.session.add(new_user)
         db.session.commit()
-        send_welcome_mail(form.email.data, form.username.data)
+        send_welcome_mail(email_lower, username_lower)
         flash('Your account has been created! You are now able to log in.', 'success')
         return render_template('index.html', form=LoginForm())
     else:
@@ -112,7 +122,7 @@ def open_forgot_password():
 def send_email_token():
     form = EmailResetForm()
     if form.validate_on_submit():
-        email = form.email_address.data
+        email = form.email_address.data.lower()
         current_user = User.query.filter_by(email=email).first()
         all_token = ResetToken.query.filter_by(user_email=email).first()
 
 
@@ -3,6 +3,7 @@
 from bson import ObjectId
 from flask import Blueprint, redirect, url_for, request, flash, render_template, abort, send_file, jsonify
 from flask_login import login_required, current_user
+from sqlalchemy import func
 from sqlalchemy.orm import joinedload
 # Import the forms and models
 from app.models import SubmitedSolution, User, UserAchievement, Quest, ReportedQuest, SubmitedQuest, Achievement
@@ -19,7 +20,7 @@
 
 bp_usr = Blueprint('usr', __name__)
 
-#  Get the user's avatar, used in the comments section
+#  Open the user profile page
 @bp_usr.route('/my_profile', methods=['GET', 'POST'])
 @login_required
 def open_user_profile():
@@ -28,28 +29,42 @@ def open_user_profile():
     user = User.query.get(user_id)
 
     if form.validate_on_submit():
+        new_email = form.email.data.lower()
+        current_email = user.email.lower()
+        if new_email != current_email:
+            is_email_taken = User.query.filter(func.lower(User.email) == new_email).first()
+            if is_email_taken:
+                flash('This email is already taken. Please choose another one.', 'danger')
+                return redirect(url_for('usr.open_user_profile'))
+            
         if 'submit' in request.form:
-            user.about_me = form.about_me.data
-            user.first_name = form.first_name.data
-            user.last_name = form.last_name.data
-            user.email = form.email.data
-            user.facebook_profile = form.facebook_profile.data
-            user.instagram_profile = form.instagram_profile.data
-            user.github_profile = form.github_profile.data
-            user.discord_id = form.discord_id.data
-            user.linked_in = form.linked_in.data
+            try:
+                user.about_me = form.about_me.data
+                user.first_name = form.first_name.data
+                user.last_name = form.last_name.data
+                user.email = form.email.data
+                user.facebook_profile = form.facebook_profile.data
+                user.instagram_profile = form.instagram_profile.data
+                user.github_profile = form.github_profile.data
+                user.discord_id = form.discord_id.data
+                user.linked_in = form.linked_in.data
 
-            db.session.commit()
+                db.session.commit()
 
-            mongo_transaction(
-                'user_info_update',
-                action=f'User {user.username} updated their info',
-                user_id=user_id,
-                username=user.username,
-                timestamp=datetime.now().strftime('%Y-%m-%d %H:%M:%S')
-            )
-            flash('Profile updated successfully', 'success')
-            return redirect(url_for('usr.open_user_profile'))
+                mongo_transaction(
+                    'user_info_update',
+                    action=f'User {user.username} updated their info',
+                    user_id=user_id,
+                    username=user.username,
+                    timestamp=datetime.now().strftime('%Y-%m-%d %H:%M:%S')
+                )
+                flash('Profile updated successfully', 'success')
+                return redirect(url_for('usr.open_user_profile'))
+            except Exception as e:
+                flash(f'Error during updating user\'s profile!', 'danger')
+                return redirect(url_for('usr.open_user_profile'))
+            
+            
         if 'update_avatar' in request.form:
             if form.avatar.data:
                 avatar_data = form.avatar.data.read()
@@ -118,7 +133,7 @@ def open_user_profile():
 
 
 # Get the users avatar
-@bp_usr.route('/avatar/<user_id>')
+@bp_usr.route('/avatar/<user_id>', methods=['GET'])
 def get_user_avatar(user_id):
     user = User.query.filter_by(user_id=user_id).first_or_404()
     if user.avatar:
@@ -129,7 +144,7 @@ def get_user_avatar(user_id):
     return send_file(io.BytesIO(img_data), mimetype='image/jpeg')
 
 # Open user for editing from the Admin Panel
-@bp_usr.route('/edit_user/<user_id>')
+@bp_usr.route('/edit_user/<user_id>', methods=['GET'])
 @login_required
 @admin_required
 def open_edit_user(user_id):
@@ -268,7 +283,7 @@ def open_user_profile_view(username):
             return abort(404)
 
 # Redirect to the Admin Panel (Admin Role in the database is needed)
-@bp_usr.route('/admin_panel')
+@bp_usr.route('/admin_panel', methods=['GET'])
 @login_required
 @admin_required
 def open_admin_panel():
@@ -345,15 +360,23 @@ def convert_objectid_to_string(submission):
     flash('You must be an admin to access this page.', 'error')
     return redirect(url_for('main.login'))
 
-@bp_usr.route('/submissions_logs/<submission_id>')
+@bp_usr.route('/submissions_logs/<submission_id>', methods=['GET'])
 @login_required
 @admin_required
 def submission_log(submission_id):
     with mongo1_client.start_session() as session:
         with session.start_transaction():
             try:
                 db = mongo1_client['skill_forge_logs']
-                submission = db['python_submissions'].find_one({'submission_id': submission_id})
+                collections = ['python_submissions', 'java_submissions', 'csharp_submissions', 'javascript_submissions']
+
+                submission = None
+
+                for collection in collections:
+                    submission = db[collection].find_one({'submission_id': submission_id})
+                    if submission:
+                        break
+                
                 # Convert ObjectId and datetime fields to strings
                 if isinstance(submission['_id'], ObjectId):
                     submission['_id'] = str(submission['_id'])
@@ -367,11 +390,10 @@ def submission_log(submission_id):
                 quest = {}
                 flash(f'An error occurred while fetching the submission. {e}', 'error')
                 return redirect(url_for('usr.open_admin_panel'))
-    
     return render_template('display_submission_log.html', submission=submission_json, quest=quest)
 
 # Ban user route
-@bp_usr.route('/ban_user/<user_id>')
+@bp_usr.route('/ban_user/<user_id>', methods=['POST'])
 @login_required
 @admin_required
 def ban_user(user_id, ban_reason='no reason'):
@@ -386,7 +408,7 @@ def ban_user(user_id, ban_reason='no reason'):
     return redirect(url_for('usr.open_admin_panel'))
 
 # Unban user route
-@bp_usr.route('/unban_user/<user_id>')
+@bp_usr.route('/unban_user/<user_id>', methods=['POST'])
 @login_required
 @admin_required
 def unban_user(user_id):
 
@@ -131,6 +131,9 @@ body {
     margin-bottom: 20px;
     border: 0px;
     text-align: justify;
+    word-wrap: break-word;
+    overflow-wrap: break-word;
+    overflow: hidden;
 }
 
 
 
@@ -58,7 +58,7 @@ <h2 style="font-family: 'JetBrainsMonoBold', sans-serif">Create new account</h2>
                             <div class="user-box">
                                 <h3>Password Requirements:</h3>
                                 <ul>
-                                    <li>At least 8 characters long</li>
+                                    <li>At least 10 characters long</li>
                                     <li>Contains at least one uppercase letter</li>
                                     <li>Contains at least one number</li>
                                     <li>Contains at least one special character (e.g., @, #, $)</li>
 
@@ -107,9 +107,6 @@ <h3 class="font-semibold text-center mt-3 -mb-2 text-xl font-bold mb-4 user_prof
                             Find me on
                         </h3>
                         <div class="flex justify-center items-center gap-6 my-6">
-                            <a href="mailto:{{ user.email }}" target="_blank">
-                                <img src="../static/images/email.jpg" width="32" height="32" alt="Facebook Profile">
-                            </a>
                             {% if user.facebook_profile %}
                             <a href="{{ user.facebook_profile }}" target="_blank">
                                 <img src="../static/images/facebook.svg" width="12" height="12" alt="Facebook Profile">
Original file line number	Diff line number	Diff line change
`@@ -131,6 +131,9 @@ body {`
`131`	`131`	`margin-bottom: 20px;`
`132`	`132`	`border: 0px;`
`133`	`133`	`text-align: justify;`
	`134`	`+ word-wrap: break-word;`
	`135`	`+ overflow-wrap: break-word;`
	`136`	`+ overflow: hidden;`
`134`	`137`	`}`
`135`	`138`
`136`	`139`