Beispiel #1
0
def register():
    """Register a new user.

    Validates that the username is not already taken. Hashes the
    password for security.
    """
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None

        if not username:
            error = 'Username is required.'
        elif not password:
            error = 'Password is required.'
        elif db.execute('SELECT id FROM user WHERE username = ?',
                        (username, )).fetchone() is not None:
            error = 'User {0} is already registered.'.format(username)

        if error is None:
            # the name is available, store it in the database and go to
            # the login page
            db.execute('INSERT INTO user (username, password) VALUES (?, ?)',
                       (username, generate_password_hash(password)))
            db.commit()
            return redirect(url_for('auth.login'))

        flash(error)

    return render_template('auth/register.html')
Beispiel #2
0
def index():
    db = get_db()
    items = db.execute(
        'SELECT id, item_name, cost'
        ' FROM list'
        ' ORDER BY id DESC'
    ).fetchall()
    return render_template('shopper/index.html', list=items)
Beispiel #3
0
def view():
    db = get_db()
    items = db.execute(
        'SELECT id, item_name, cost, quantity'
        ' FROM final'
        ' ORDER BY id DESC'
    ).fetchall()
    return render_template('shopper/view.html', list=items)
Beispiel #4
0
def load_logged_in_user():
    """If a user id is stored in the session, load the user object from
    the database into ``g.user``."""
    user_id = session.get('user_id')

    if user_id is None:
        g.user = None
    else:
        g.user = get_db().execute('SELECT * FROM user WHERE id = ?',
                                  (user_id, )).fetchone()
Beispiel #5
0
def drop(id):
    """Delete an item.

    Ensures that the item exists 
    """
    get_item(id)
    db = get_db()
    db.execute('DELETE FROM list WHERE id = ?', (id,))
    db.commit()
    return redirect(url_for('main.index'))
Beispiel #6
0
def checkout():
    db = get_db()
    selected = request.form.getlist('selected')
    for item in selected:
        db.execute(
            'UPDATE list SET selected = 1 WHERE id = ?',
            (item,)
        )
        db.commit()
    selected = db.execute('SELECT * FROM list WHERE selected = 1').fetchall()
    return redirect(url_for('main.view'))
Beispiel #7
0
def get_item(id):
    post = get_db().execute(
        'SELECT id, item_name, cost'
        ' FROM list'
        ' WHERE id = ?',
        (id,)
    ).fetchone()

    if post is None:
        abort(404, "Item id {0} doesn't exist.".format(id))

    return post
Beispiel #8
0
def add():
    """Create a new item"""
    if request.method == 'POST':
        item = request.form['item']
        cost = request.form['cost']
        error = None

        if not item:
            error = 'Item is required.'

        if error is not None:
            flash(error)
        else:
            db = get_db()
            db.execute(
                'INSERT INTO list (item_name, cost)'
                ' VALUES (?, ?)',
                (item, cost)
            )
            db.commit()
            return redirect(url_for('main.index'))

    return render_template('shopper/add.html')
Beispiel #9
0
def login():
    """Log in a registered user by adding the user id to the session."""
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None
        user = db.execute('SELECT * FROM user WHERE username = ?',
                          (username, )).fetchone()

        if user is None:
            error = 'Incorrect username.'
        elif not check_password_hash(user['password'], password):
            error = 'Incorrect password.'

        if error is None:
            # store the user id in a new session and return to the index
            session.clear()
            session['user_id'] = user['id']
            return redirect(url_for('index'))

        flash(error)

    return render_template('auth/login.html')
Beispiel #10
0
def edit(id):
    """Edit an item"""
    item = get_item(id)

    if request.method == 'POST':
        item = request.form['item']
        cost = request.form['cost']
        error = None

        if not item:
            error = 'Item name is required.'

        if error is not None:
            flash(error)
        else:
            db = get_db()
            db.execute(
                'UPDATE list SET item_name = ?, cost = ? WHERE id = ?',
                (item, cost, id)
            )
            db.commit()
            return redirect(url_for('main.index'))

    return render_template('shopper/edit.html', items=item)