Add application file88

app.py

@@ -0,0 +1,225 @@
+from flask import Flask, render_template, request, redirect, url_for, session, flash, send_from_directory
+from flask_sqlalchemy import SQLAlchemy
+from werkzeug.utils import secure_filename
+import os
+os.system("python dummy_user.py")
+app = Flask(__name__)
+app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///database.db'
+app.config['SECRET_KEY'] = 'your_secret_key'
+app.config['UPLOAD_FOLDER'] = 'uploads'
+
+if not os.path.exists(app.config['UPLOAD_FOLDER']):
+    os.makedirs(app.config['UPLOAD_FOLDER'])
+
+db = SQLAlchemy(app)
+
+# User model
+class User(db.Model):
+    id = db.Column(db.Integer, primary_key=True)
+    role = db.Column(db.String(10))  # student, staff, admin
+    username = db.Column(db.String(50), unique=True, nullable=False)
+    dob = db.Column(db.String(10))
+
+# File model
+class File(db.Model):
+    id = db.Column(db.Integer, primary_key=True)
+    file_name = db.Column(db.String(200))
+    subject_name = db.Column(db.String(100))
+    category = db.Column(db.String(50))
+    subject_code = db.Column(db.String(20))
+    year = db.Column(db.String(10))
+    author_name = db.Column(db.String(100))
+    uploaded_by = db.Column(db.Integer, db.ForeignKey('user.id'))
+
+# Bookmark model
+class Bookmark(db.Model):
+    id = db.Column(db.Integer, primary_key=True)
+    user_id = db.Column(db.Integer, db.ForeignKey('user.id'))
+    file_id = db.Column(db.Integer, db.ForeignKey('file.id'))
+
+@app.route('/')
+def index():
+    files = File.query.all()
+    return render_template('index.html', files=files)
+
+@app.route('/login', methods=['GET', 'POST'])
+def login():
+    if request.method == 'POST':
+        username = request.form['username']
+        dob = request.form['dob']
+        user = User.query.filter_by(username=username, dob=dob).first()
+        if user:
+            session['user_id'] = user.id
+            session['role'] = user.role
+            if user.role == 'admin':
+                return redirect(url_for('admin_dashboard'))
+            elif user.role == 'student':
+                return redirect(url_for('student_dashboard'))
+            elif user.role == 'staff':
+                return redirect(url_for('staff_dashboard'))
+        else:
+            flash("Invalid credentials!")
+    return render_template('login.html')
+
+@app.route('/student_dashboard')
+def student_dashboard():
+    if 'user_id' in session and session['role'] == 'student':
+        user_id = session['user_id']
+        all_files = File.query.all()
+        user_uploaded_files = File.query.filter_by(uploaded_by=user_id).all()
+        bookmarked_files = File.query.join(Bookmark).filter(Bookmark.user_id == user_id).all()
+        return render_template(
+            'student_dashboard.html',
+            all_files=all_files,
+            user_uploaded_files=user_uploaded_files,
+            bookmarked_files=bookmarked_files
+        )
+    return redirect(url_for('login'))
+
+@app.route('/staff_dashboard')
+def staff_dashboard():
+    if 'user_id' in session and session['role'] == 'staff':
+        user_id = session['user_id']
+        all_files = File.query.all()
+        user_uploaded_files = File.query.filter_by(uploaded_by=user_id).all()
+        bookmarked_files = File.query.join(Bookmark).filter(Bookmark.user_id == user_id).all()
+        return render_template(
+            'staff_dashboard.html',
+            all_files=all_files,
+            user_uploaded_files=user_uploaded_files,
+            bookmarked_files=bookmarked_files
+        )
+    return redirect(url_for('login'))
+
+@app.route('/admin_dashboard', methods=['GET', 'POST'])
+def admin_dashboard():
+    if 'user_id' in session and session['role'] == 'admin':
+        users = User.query.all()
+        files = File.query.all()
+        return render_template('admin_dashboard.html', users=users, files=files)
+    return redirect(url_for('login'))
+
+@app.route('/upload', methods=['GET', 'POST'])
+def upload():
+    if 'user_id' in session and session['role'] in ['student', 'staff']:
+        if request.method == 'POST':
+            file = request.files['file']
+            subject_name = request.form['subject_name']
+            category = request.form['category']
+            subject_code = request.form['subject_code']
+            year = request.form['year']
+            author_name = request.form['author_name']
+
+            if file and subject_name and category and subject_code and year and author_name:
+                filename = secure_filename(file.filename)
+                file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
+
+                new_file = File(
+                    file_name=filename,
+                    subject_name=subject_name,
+                    category=category,
+                    subject_code=subject_code,
+                    year=year,
+                    author_name=author_name,
+                    uploaded_by=session['user_id']
+                )
+                db.session.add(new_file)
+                db.session.commit()
+                flash("File uploaded successfully!")
+                return redirect(url_for('student_dashboard' if session['role'] == 'student' else 'staff_dashboard'))
+            else:
+                flash("All fields are required!")
+        return render_template('upload.html')
+    return redirect(url_for('login'))
+
+@app.route('/delete/<int:file_id>')
+def delete_file(file_id):
+    if 'user_id' in session:
+        file = File.query.get(file_id)
+        if not file:
+            flash("File not found!")
+        elif file.uploaded_by == session['user_id'] or session['role'] == 'admin':
+            try:
+                # Remove associated bookmarks
+                Bookmark.query.filter_by(file_id=file_id).delete()
+
+                # Delete the file from the file system
+                file_path = os.path.join(app.config['UPLOAD_FOLDER'], file.file_name)
+                if os.path.exists(file_path):
+                    os.remove(file_path)
+
+                # Delete the file record from the database
+                db.session.delete(file)
+                db.session.commit()
+                flash("File deleted successfully!")
+            except Exception as e:
+                flash(f"An error occurred while deleting the file: {str(e)}")
+        else:
+            flash("You do not have permission to delete this file!")
+        return redirect(url_for('student_dashboard' if session['role'] == 'student' else 'staff_dashboard'))
+    return redirect(url_for('login'))
+
+@app.route('/admin/delete_user/<int:user_id>', methods=['GET'])
+def delete_user(user_id):
+    if 'user_id' in session and session['role'] == 'admin':
+        user = User.query.get(user_id)
+        if not user:
+            flash("User not found!")
+        elif user.role == 'admin':
+            flash("You cannot delete another admin!")
+        else:
+            try:
+                # Check if the user has uploaded any files
+                files = File.query.filter_by(uploaded_by=user_id).all()
+                for file in files:
+                    # Remove associated bookmarks
+                    Bookmark.query.filter_by(file_id=file.id).delete()
+
+                    # Delete file from the file system
+                    file_path = os.path.join(app.config['UPLOAD_FOLDER'], file.file_name)
+                    if os.path.exists(file_path):
+                        os.remove(file_path)
+
+                    # Delete the file record
+                    db.session.delete(file)
+
+                # Delete the user record
+                db.session.delete(user)
+                db.session.commit()
+                flash("User and their uploaded files deleted successfully!")
+            except Exception as e:
+                flash(f"An error occurred while deleting the user: {str(e)}")
+        return redirect(url_for('admin_dashboard'))
+    flash("You do not have permission to perform this action!")
+    return redirect(url_for('login'))
+
+@app.route('/bookmark/<int:file_id>')
+def bookmark(file_id):
+    if 'user_id' in session:
+        user_id = session['user_id']
+        bookmark = Bookmark.query.filter_by(user_id=user_id, file_id=file_id).first()
+        if bookmark:
+            db.session.delete(bookmark)
+            db.session.commit()
+            flash("Bookmark removed!")
+        else:
+            new_bookmark = Bookmark(user_id=user_id, file_id=file_id)
+            db.session.add(new_bookmark)
+            db.session.commit()
+            flash("Bookmark added!")
+        return redirect(url_for('student_dashboard' if session['role'] == 'student' else 'staff_dashboard'))
+    return redirect(url_for('login'))
+
+@app.route('/uploads/<filename>')
+def uploaded_file(filename):
+    return send_from_directory(app.config['UPLOAD_FOLDER'], filename)
+
+@app.route('/logout')
+def logout():
+    session.clear()
+    return redirect(url_for('login'))
+
+if __name__ == '__main__':
+    with app.app_context():
+        db.create_all()
+    app.run(debug=True)

dockerfile

@@ -0,0 +1,23 @@
+# Base image with Python 3.9
+FROM python:3.9
+
+# Create a user and set permissions
+RUN useradd -m -u 1000 user
+
+# Set the working directory in the container
+WORKDIR /app
+
+# Copy requirements file and set ownership
+COPY --chown=user ./requirements.txt requirements.txt
+
+# Install dependencies
+RUN pip install --no-cache-dir --upgrade -r requirements.txt
+
+# Copy the entire application directory and set ownership
+COPY --chown=user . /app
+
+# Expose Flask default port
+EXPOSE 5000
+
+# Run the Flask app
+CMD ["python", "app.py"]

dummy_user.py

@@ -0,0 +1,22 @@
+from app import app, db, User
+
+# Use application context
+with app.app_context():
+    # Create the database
+    db.create_all()
+
+    # Add dummy users
+    dummy_users = [
+        User(role='student', username='12345', dob='2000-01-01'),
+        User(role='staff', username='emp001', dob='1985-12-12'),
+        # User(role='admin', username='admin', dob='admin')  # Admin uses fixed credentials
+    ]
+
+    # Add users to the database
+    for user in dummy_users:
+        db.session.add(user)
+
+    # Commit the changes
+    db.session.commit()
+
+    print("Dummy users created successfully!")

requirements.txt

@@ -0,0 +1,5 @@
+flask
+flask-sqlalchemy
+flask-wtf
+Werkzeug
+

templates/admin_dashboard.html

@@ -0,0 +1,115 @@
+{% extends 'base.html' %}
+{% block content %}
+<h2 class="text-center">Admin Dashboard</h2>
+
+<!-- User Management Section -->
+<div class="mt-4">
+    <h3>Manage Users</h3>
+
+    <!-- Add New User Form -->
+    <h5 class="mt-3">Add New User</h5>
+    <form method="POST" action="/admin/create_user" class="mb-4">
+        <div class="row">
+            <div class="col-md-3">
+                <input type="text" class="form-control" name="username" placeholder="Username" required>
+            </div>
+            <div class="col-md-3">
+                <input type="text" class="form-control" name="dob" placeholder="Date of Birth (YYYY-MM-DD)" required>
+            </div>
+            <div class="col-md-3">
+                <select class="form-control" name="role" required>
+                    <option value="student">Student</option>
+                    <option value="staff">Staff</option>
+                    <option value="admin">Admin</option>
+                </select>
+            </div>
+            <div class="col-md-3">
+                <button type="submit" class="btn btn-primary">Add User</button>
+            </div>
+        </div>
+    </form>
+
+    <!-- Edit Existing User Section -->
+    <h5 class="mt-3">Edit User</h5>
+    {% if edit_user %}
+    <form method="POST" action="/admin/edit_user/{{ edit_user.id }}" class="mb-4">
+        <div class="row">
+            <div class="col-md-3">
+                <input type="text" class="form-control" name="username" value="{{ edit_user.username }}" required>
+            </div>
+            <div class="col-md-3">
+                <input type="text" class="form-control" name="dob" value="{{ edit_user.dob }}" required>
+            </div>
+            <div class="col-md-3">
+                <select class="form-control" name="role" required>
+                    <option value="student" {% if edit_user.role == 'student' %}selected{% endif %}>Student</option>
+                    <option value="staff" {% if edit_user.role == 'staff' %}selected{% endif %}>Staff</option>
+                    <option value="admin" {% if edit_user.role == 'admin' %}selected{% endif %}>Admin</option>
+                </select>
+            </div>
+            <div class="col-md-3">
+                <button type="submit" class="btn btn-warning">Update User</button>
+            </div>
+        </div>
+    </form>
+    {% endif %}
+
+    <!-- User Table -->
+    <table class="table table-striped">
+        <thead>
+            <tr>
+                <th>ID</th>
+                <th>Username</th>
+                <th>Role</th>
+                <th>Date of Birth</th>
+                <th>Actions</th>
+            </tr>
+        </thead>
+        <tbody>
+            {% for user in users %}
+            <tr>
+                <td>{{ user.id }}</td>
+                <td>{{ user.username }}</td>
+                <td>{{ user.role }}</td>
+                <td>{{ user.dob }}</td>
+                <td>
+                    <a href="/admin/edit_user/{{ user.id }}" class="btn btn-warning btn-sm">Edit</a>
+                    <a href="/admin/delete_user/{{ user.id }}" class="btn btn-danger btn-sm">Delete</a>
+                </td>
+            </tr>
+            {% endfor %}
+        </tbody>
+    </table>
+</div>
+
+<!-- File Management Section -->
+<div class="mt-4">
+    <h3>Manage Files</h3>
+    <table class="table table-striped">
+        <thead>
+            <tr>
+                <th>File Name</th>
+                <th>Subject</th>
+                <th>Author</th>
+                <th>Year</th>
+                <th>Actions</th>
+            </tr>
+        </thead>
+        <tbody>
+            {% for file in files %}
+            <tr>
+                <td>{{ file.file_name }}</td>
+                <td>{{ file.subject_name }}</td>
+                <td>{{ file.author_name }}</td>
+                <td>{{ file.year }}</td>
+                <td>
+                    <a href="/uploads/{{ file.file_name }}" class="btn btn-success btn-sm">Download</a>
+                    <a href="/delete/{{ file.id }}" class="btn btn-danger btn-sm">Delete</a>
+                </td>
+            </tr>
+            {% endfor %}
+        </tbody>
+    </table>
+</div>
+
+{% endblock %}

templates/base.html

@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
+    <title>E-Content Sharing Platform</title>
+</head>
+<body>
+    <nav class="navbar navbar-expand-lg navbar-light bg-light">
+        <div class="container">
+            <a class="navbar-brand" href="/">E-Content</a>
+            <div class="collapse navbar-collapse">
+                <ul class="navbar-nav ms-auto">
+                    {% if 'user_id' in session %}
+                        <li class="nav-item"><a class="nav-link" href="/logout">Logout</a></li>
+                    {% else %}
+                        <li class="nav-item"><a class="nav-link" href="/login">Login</a></li>
+                    {% endif %}
+                </ul>
+            </div>
+        </div>
+    </nav>
+    <div class="container mt-4">
+        {% block content %}{% endblock %}
+    </div>
+</body>
+</html>

templates/index.html

@@ -0,0 +1,37 @@
+{% extends 'base.html' %}
+{% block content %}
+<h1 class="text-center">Welcome to E-Content Sharing Platform</h1>
+<div class="mt-4">
+    <form method="POST" action="/search">
+        <div class="input-group mb-3">
+            <input type="text" class="form-control" name="query" placeholder="Search by name, subject code, author, or year">
+            <button class="btn btn-primary" type="submit">Search</button>
+        </div>
+    </form>
+</div>
+<div class="mt-4">
+    <h3>Available PDFs</h3>
+    <table class="table table-striped">
+        <thead>
+            <tr>
+                <th>File Name</th>
+                <th>Subject</th>
+                <th>Author</th>
+                <th>Year</th>
+                <th>Download</th>
+            </tr>
+        </thead>
+        <tbody>
+            {% for file in files %}
+            <tr>
+                <td>{{ file.file_name }}</td>
+                <td>{{ file.subject_name }}</td>
+                <td>{{ file.author_name }}</td>
+                <td>{{ file.year }}</td>
+                <td><a href="/uploads/{{ file.file_name }}" class="btn btn-success btn-sm">Download</a></td>
+            </tr>
+            {% endfor %}
+        </tbody>
+    </table>
+</div>
+{% endblock %}

templates/login.html

@@ -0,0 +1,15 @@
+{% extends 'base.html' %}
+{% block content %}
+<h2 class="text-center">Login</h2>
+<form method="POST" action="/login" class="mt-4">
+    <div class="mb-3">
+        <label for="username" class="form-label">Username (Enrollment/Employee No)</label>
+        <input type="text" class="form-control" id="username" name="username" required>
+    </div>
+    <div class="mb-3">
+        <label for="dob" class="form-label">Date of Birth (YYYY-MM-DD)</label>
+        <input type="text" class="form-control" id="dob" name="dob" required>
+    </div>
+    <button type="submit" class="btn btn-primary">Login</button>
+</form>
+{% endblock %}

templates/search_results.html

@@ -0,0 +1,29 @@
+{% extends 'base.html' %}
+{% block content %}
+<h2 class="text-center">Search Results</h2>
+<div class="mt-4">
+    <h3>Results</h3>
+    <table class="table table-striped">
+        <thead>
+            <tr>
+                <th>File Name</th>
+                <th>Subject</th>
+                <th>Author</th>
+                <th>Year</th>
+                <th>Download</th>
+            </tr>
+        </thead>
+        <tbody>
+            {% for file in files %}
+            <tr>
+                <td>{{ file.file_name }}</td>
+                <td>{{ file.subject_name }}</td>
+                <td>{{ file.author_name }}</td>
+                <td>{{ file.year }}</td>
+                <td><a href="/uploads/{{ file.file_name }}" class="btn btn-success btn-sm">Download</a></td>
+            </tr>
+            {% endfor %}
+        </tbody>
+    </table>
+</div>
+{% endblock %}

templates/staff_dashboard.html

@@ -0,0 +1,141 @@
+{% extends 'base.html' %}
+{% block content %}
+<h2 class="text-center">Staff Dashboard</h2>
+
+<!-- All Available PDFs Section -->
+<div class="mt-4">
+    <h3>All Available PDFs</h3>
+    <table class="table table-striped">
+        <thead>
+            <tr>
+                <th>File Name</th>
+                <th>Subject</th>
+                <th>Author</th>
+                <th>Year</th>
+                <th>Actions</th>
+            </tr>
+        </thead>
+        <tbody>
+            {% for file in all_files %}
+            <tr>
+                <td>{{ file.file_name }}</td>
+                <td>{{ file.subject_name }}</td>
+                <td>{{ file.author_name }}</td>
+                <td>{{ file.year }}</td>
+                <td>
+                    <a href="/uploads/{{ file.file_name }}" class="btn btn-success btn-sm">Download</a>
+                    <a href="/bookmark/{{ file.id }}" class="btn btn-warning btn-sm">
+                        {% if file in bookmarked_files %}
+                        Unbookmark
+                        {% else %}
+                        Bookmark
+                        {% endif %}
+                    </a>
+                </td>
+            </tr>
+            {% endfor %}
+        </tbody>
+    </table>
+</div>
+
+<!-- PDFs Uploaded by Staff Section -->
+<div class="mt-4">
+    <h3>Your Uploaded PDFs</h3>
+    {% if user_uploaded_files %}
+    <table class="table table-striped">
+        <thead>
+            <tr>
+                <th>File Name</th>
+                <th>Subject</th>
+                <th>Author</th>
+                <th>Year</th>
+                <th>Actions</th>
+            </tr>
+        </thead>
+        <tbody>
+            {% for file in user_uploaded_files %}
+            <tr>
+                <td>{{ file.file_name }}</td>
+                <td>{{ file.subject_name }}</td>
+                <td>{{ file.author_name }}</td>
+                <td>{{ file.year }}</td>
+                <td>
+                    <a href="/uploads/{{ file.file_name }}" class="btn btn-success btn-sm">Download</a>
+                    <a href="/delete/{{ file.id }}" class="btn btn-danger btn-sm">Delete</a>
+                </td>
+            </tr>
+            {% endfor %}
+        </tbody>
+    </table>
+    {% else %}
+    <p>No PDFs uploaded by you yet.</p>
+    {% endif %}
+</div>
+
+<!-- Bookmarked PDFs Section -->
+<div class="mt-4">
+    <h3>Your Bookmarked PDFs</h3>
+    {% if bookmarked_files %}
+    <table class="table table-striped">
+        <thead>
+            <tr>
+                <th>File Name</th>
+                <th>Subject</th>
+                <th>Author</th>
+                <th>Year</th>
+                <th>Actions</th>
+            </tr>
+        </thead>
+        <tbody>
+            {% for file in bookmarked_files %}
+            <tr>
+                <td>{{ file.file_name }}</td>
+                <td>{{ file.subject_name }}</td>
+                <td>{{ file.author_name }}</td>
+                <td>{{ file.year }}</td>
+                <td>
+                    <a href="/uploads/{{ file.file_name }}" class="btn btn-success btn-sm">Download</a>
+                    <a href="/bookmark/{{ file.id }}" class="btn btn-warning btn-sm">Unbookmark</a>
+                </td>
+            </tr>
+            {% endfor %}
+        </tbody>
+    </table>
+    {% else %}
+    <p>No PDFs bookmarked yet.</p>
+    {% endif %}
+</div>
+
+<!-- Upload New PDF Section -->
+<div class="mt-4">
+    <h3>Upload a New PDF</h3>
+    <form method="POST" action="/upload" enctype="multipart/form-data">
+        <div class="mb-3">
+            <label for="file" class="form-label">File</label>
+            <input type="file" class="form-control" id="file" name="file" required>
+        </div>
+        <div class="mb-3">
+            <label for="subject_name" class="form-label">Subject Name</label>
+            <input type="text" class="form-control" id="subject_name" name="subject_name" required>
+        </div>
+        <div class="mb-3">
+            <label for="category" class="form-label">Category (Book/Material)</label>
+            <input type="text" class="form-control" id="category" name="category" required>
+        </div>
+        <div class="mb-3">
+            <label for="subject_code" class="form-label">Subject Code</label>
+            <input type="text" class="form-control" id="subject_code" name="subject_code" required>
+        </div>
+        <div class="mb-3">
+            <label for="year" class="form-label">Year</label>
+            <input type="text" class="form-control" id="year" name="year" required>
+        </div>
+        <div class="mb-3">
+            <label for="author_name" class="form-label">Author Name</label>
+            <input type="text" class="form-control" id="author_name" name="author_name" required>
+        </div>
+        <button type="submit" class="btn btn-primary">Upload</button>
+    </form>
+</div>
+
+{% endblock %}

templates/student_dashboard.html

@@ -0,0 +1,141 @@
+{% extends 'base.html' %}
+{% block content %}
+<h2 class="text-center">Student Dashboard</h2>
+
+<!-- All Available PDFs Section -->
+<div class="mt-4">
+    <h3>All Available PDFs</h3>
+    <table class="table table-striped">
+        <thead>
+            <tr>
+                <th>File Name</th>
+                <th>Subject</th>
+                <th>Author</th>
+                <th>Year</th>
+                <th>Actions</th>
+            </tr>
+        </thead>
+        <tbody>
+            {% for file in all_files %}
+            <tr>
+                <td>{{ file.file_name }}</td>
+                <td>{{ file.subject_name }}</td>
+                <td>{{ file.author_name }}</td>
+                <td>{{ file.year }}</td>
+                <td>
+                    <a href="/uploads/{{ file.file_name }}" class="btn btn-success btn-sm">Download</a>
+                    <a href="/bookmark/{{ file.id }}" class="btn btn-warning btn-sm">
+                        {% if file in bookmarked_files %}
+                        Unbookmark
+                        {% else %}
+                        Bookmark
+                        {% endif %}
+                    </a>
+                </td>
+            </tr>
+            {% endfor %}
+        </tbody>
+    </table>
+</div>
+
+<!-- PDFs Uploaded by Student Section -->
+<div class="mt-4">
+    <h3>Your Uploaded PDFs</h3>
+    {% if user_uploaded_files %}
+    <table class="table table-striped">
+        <thead>
+            <tr>
+                <th>File Name</th>
+                <th>Subject</th>
+                <th>Author</th>
+                <th>Year</th>
+                <th>Actions</th>
+            </tr>
+        </thead>
+        <tbody>
+            {% for file in user_uploaded_files %}
+            <tr>
+                <td>{{ file.file_name }}</td>
+                <td>{{ file.subject_name }}</td>
+                <td>{{ file.author_name }}</td>
+                <td>{{ file.year }}</td>
+                <td>
+                    <a href="/uploads/{{ file.file_name }}" class="btn btn-success btn-sm">Download</a>
+                    <a href="/delete/{{ file.id }}" class="btn btn-danger btn-sm">Delete</a>
+                </td>
+            </tr>
+            {% endfor %}
+        </tbody>
+    </table>
+    {% else %}
+    <p>No PDFs uploaded by you yet.</p>
+    {% endif %}
+</div>
+
+<!-- Bookmarked PDFs Section -->
+<div class="mt-4">
+    <h3>Your Bookmarked PDFs</h3>
+    {% if bookmarked_files %}
+    <table class="table table-striped">
+        <thead>
+            <tr>
+                <th>File Name</th>
+                <th>Subject</th>
+                <th>Author</th>
+                <th>Year</th>
+                <th>Actions</th>
+            </tr>
+        </thead>
+        <tbody>
+            {% for file in bookmarked_files %}
+            <tr>
+                <td>{{ file.file_name }}</td>
+                <td>{{ file.subject_name }}</td>
+                <td>{{ file.author_name }}</td>
+                <td>{{ file.year }}</td>
+                <td>
+                    <a href="/uploads/{{ file.file_name }}" class="btn btn-success btn-sm">Download</a>
+                    <a href="/bookmark/{{ file.id }}" class="btn btn-warning btn-sm">Unbookmark</a>
+                </td>
+            </tr>
+            {% endfor %}
+        </tbody>
+    </table>
+    {% else %}
+    <p>No PDFs bookmarked yet.</p>
+    {% endif %}
+</div>
+
+<!-- Upload New PDF Section -->
+<div class="mt-4">
+    <h3>Upload a New PDF</h3>
+    <form method="POST" action="/upload" enctype="multipart/form-data">
+        <div class="mb-3">
+            <label for="file" class="form-label">File</label>
+            <input type="file" class="form-control" id="file" name="file" required>
+        </div>
+        <div class="mb-3">
+            <label for="subject_name" class="form-label">Subject Name</label>
+            <input type="text" class="form-control" id="subject_name" name="subject_name" required>
+        </div>
+        <div class="mb-3">
+            <label for="category" class="form-label">Category (Book/Material)</label>
+            <input type="text" class="form-control" id="category" name="category" required>
+        </div>
+        <div class="mb-3">
+            <label for="subject_code" class="form-label">Subject Code</label>
+            <input type="text" class="form-control" id="subject_code" name="subject_code" required>
+        </div>
+        <div class="mb-3">
+            <label for="year" class="form-label">Year</label>
+            <input type="text" class="form-control" id="year" name="year" required>
+        </div>
+        <div class="mb-3">
+            <label for="author_name" class="form-label">Author Name</label>
+            <input type="text" class="form-control" id="author_name" name="author_name" required>
+        </div>
+        <button type="submit" class="btn btn-primary">Upload</button>
+    </form>
+</div>
+
+{% endblock %}

templates/upload.html

@@ -0,0 +1,31 @@
+{% extends 'base.html' %}
+{% block content %}
+<h2 class="text-center">Upload File</h2>
+<form method="POST" action="/upload" enctype="multipart/form-data" class="mt-4">
+    <div class="mb-3">
+        <label for="file" class="form-label">File</label>
+        <input type="file" class="form-control" id="file" name="file" required>
+    </div>
+    <div class="mb-3">
+        <label for="subject_name" class="form-label">Subject Name</label>
+        <input type="text" class="form-control" id="subject_name" name="subject_name" required>
+    </div>
+    <div class="mb-3">
+        <label for="category" class="form-label">Category (Book/Material)</label>
+        <input type="text" class="form-control" id="category" name="category" required>
+    </div>
+    <div class="mb-3">
+        <label for="subject_code" class="form-label">Subject Code</label>
+        <input type="text" class="form-control" id="subject_code" name="subject_code" required>
+    </div>
+    <div class="mb-3">
+        <label for="year" class="form-label">Year</label>
+        <input type="text" class="form-control" id="year" name="year" required>
+    </div>
+    <div class="mb-3">
+        <label for="author_name" class="form-label">Author Name</label>
+        <input type="text" class="form-control" id="author_name" name="author_name" required>
+    </div>
+    <button type="submit" class="btn btn-primary">Upload</button>
+</form>
+{% endblock %}