def payment(id, amount): db = Db() account = request.form['acc'] ifc = request.form['i'] total = request.form['textfield3'] a = db.selectOne("select * from account where account_no='" + account + "' and ifsc_code='" + ifc + "'") o_account = db.selectOne("select * from account where account_id='2'") if a is not None: balance = a['balance'] if float(balance) > float(total): available_balance = float(balance) - float(total) o_balance = o_account['balance'] o_cbalance = float(o_balance) + float(total) db.update("update account set balance='" + str(available_balance) + "' where account_no='" + account + "'") db.update("update account set balance='" + str(o_cbalance) + "' where account_id='3'") db.update( "update payment set status='salary_paid' where workid='" + str(id) + "'") qry2 = db.select( "select * from scheduleworker where scheduleworker.workid='" + str(id) + "'") for i in qry2: worker_id = i['worker_id'] q = db.insert("insert into salary values ('','" + str(amount) + "','" + str(worker_id) + "',curdate())") return '<script>alert("Payment successfully");window.location="/confirmwork"</script>' else: return '<script>alert("Insufficent Balance");window.location="/confirmwork"</script>' else: return '<script>alert("Invalid Account");window.location="/confirmwork"</script>'
def change(): c = Db() crntpswrd = request.form['textfield'] newpswrd = request.form['textfield2'] cnfrmpswrd = request.form['textfield3'] x = session['userid'] if newpswrd == cnfrmpswrd: qry = "select password from login where lid='" + str(x) + "'" res = c.selectOne(qry) if res is not None: if res['password'] == crntpswrd: q = "update login set password='******' where lid='" + str( x) + "'" c.update(q) y = "select * from login where lid='" + str(x) + "'" r = c.selectOne(y) if r is not None: type = r['type'] if type == 'admin': return adm_home() else: return user_home() else: return '''<script>alert('incorrect current password');window.location='/chpswrd';</script>''' else: return '''<script>alert('passwords not matching');window.location='/chpswrd';</script>'''
def view_user_pro_bank2(): d = Db() print("mr") uid = request.form["uid"] ac = request.form["ac"] pwd = request.form["pwd"] prd_pr = request.form["price"] print("mr") q = "select amt from bank where login_id='" + str( uid) + "' and ac_no='" + ac + "' and pwd='" + pwd + "'" print(q) r = d.selectOne(q) print("r=", r) bnk_blc = int(r["amt"]) pri = int(prd_pr) new_bl = 0 print("b1=", bnk_blc) print("b2=", pri) if bnk_blc > pri: print("mmm22") new_bl = bnk_blc - pri print("now ba=", new_bl) qq2 = "update bank set amt='" + str( new_bl) + "' where ac_no='" + ac + "' and pwd='" + pwd + "'" d.insert(qq2) q11 = "select order_master_id from order_master where customer_id='" + str( uid) + "' and status='pending'" print(q11) rm = d.selectOne(q11) print("rm=", rm) qq2 = "update order_master set status='ok' where order_master_id='" + str( rm['order_master_id']) + "'" print(qq2) d.update(qq2) new_ot_bl = 0 qr3 = "select amt from bank where login_id='1'" print(qr3) rrk = d.selectOne(qr3) othr_bl = int(rrk["amt"]) print("othr=", othr_bl) print("pp=", pri) new_ot_bl = othr_bl + pri qr4 = "update bank set amt='" + str(new_ot_bl) + "' where login_id='1'" print(qr4) d.update(qr4) qq2 = "delete from cart where cust_id='" + str(uid) + "'" d.update(qq2) return jsonify(status="ok") else: return jsonify(status="no")
def view_user_pro_bank(): d = Db() print("mr") uid = request.form["uid"] ac = request.form["ac"] pwd = request.form["pwd"] prd_pr = request.form["price"] tid = request.form["tid"] print("mr") q = "select amt from bank where login_id='" + str( uid) + "' and ac_no='" + ac + "' and pwd='" + pwd + "'" print(q) r = d.selectOne(q) print("r=", r) bnk_blc = int(r["amt"]) pri = int(prd_pr) new_bl = 0 print("b1=", bnk_blc) print("b2=", pri) if bnk_blc > pri: print("mmm22") new_bl = bnk_blc - pri print("now ba=", new_bl) qq2 = "update bank set amt='" + str( new_bl) + "' where ac_no='" + ac + "' and pwd='" + pwd + "'" d.insert(qq2) qq25 = "update table_hotel set status='ok' where table_hotel_id='" + str( tid) + "'" print("qqq") d.insert(qq25) qq23 = "INSERT INTO `table_booking`(`table_hotel_id`,`cust_id`,`date`,`time`,`status`)VALUES('" + str( tid) + "','" + str(uid) + "',CURDATE(),CURTIME(),'pending')" print("qqq") d.insert(qq23) new_ot_bl = 0 qr3 = "select amt from bank where login_id='1'" print(qr3) rrk = d.selectOne(qr3) othr_bl = int(rrk["amt"]) print("othr=", othr_bl) print("pp=", pri) new_ot_bl = othr_bl + pri qr4 = "update bank set amt='" + str(new_ot_bl) + "' where login_id='1'" print(qr4) d.update(qr4) return jsonify(status="ok") else: return jsonify(status="no")
def adm_edit_table(id): db = Db() qry = "select * from table_hotel where table_hotel_id='" + id + "'" res = db.selectOne(qry) print(res) session['rid'] = id return render_template("Admin/edit add table.html", data=res)
def login_page(): db = Db() username = request.form['username'] password = request.form['password'] type = "" qr = "select * from login where username='******' and password='******'" res = db.selectOne(qr) if res is not None: type = res['type'] session['id'] = res['login_id'] session['typeu'] = res['type'] if type == "admin": return redirect('/adm_Homepage') elif type == "manager": return redirect('/ManagerHomepage') elif type == "waitor": return redirect('/WaitorHomepage') elif type == "transport": return redirect('/TransportHomepage') elif type == "billing": return redirect('/BillingHomepage') else: return "Invalid Username or Password" else: return "Invalid Username or Password"
def adm_edit_staff(fid): session['rid'] = fid qr = "select * from staff where staff_id='" + str(session['rid']) + "'" db = Db() res = db.selectOne(qr) return render_template("Admin/edit staff.html", values=res)
def and_payment(): acc = request.form['acnt'] val = request.form['mmyy'] pinno = request.form['pin'] ccv = request.form['ccv'] tid = request.form['t_id'] total = request.form['amnt'] lid = request.form['custid'] qry = "select * from bank where customer_id='" + lid + "' and card_number='" + acc + "' and valid_thru='" + val + "' and cvv='" + ccv + "' and pin='" + pinno + "'" d = Db() res = d.selectOne(qry) if res is None: return jsonify(status="invalid") else: balance = res['bal'] session['a'] = balance if int(balance) < int(total): return jsonify(status="insuff") else: oid = d.insert( "insert into `table_booking`(`table_hotel_id`,`cust_id`,`date`,`time`,`status`)values('" + tid + "','" + lid + "',curdate(),curtime(),'alloted')") d.update("update bank set bal='" + str(session['a']) + "'-'" + str(total) + "' where bank_id='" + str(res['bank_id']) + "'") return jsonify(status="ok")
def user_profile(): c = Db() x = session['userid'] if session["userid"] != None: q = "select * from user where loginid='" + str(x) + "'" result = c.selectOne(q) return render_template('user/my profile.html', data=result) else: return render_template('form.html')
def user_profile(): if session['lin'] == "lin": obj=Db() x=session['userid'] qry="select fname,lname,gender,dob,email from user where login_id='"+str(x)+"' " res=obj.selectOne(qry) return render_template("user/profile.html",data=res) else: return render_template("login.html")
def view_profile(): db = Db() lid = request.form['lid'] q = db.selectOne("select * from client WHERE client_id='" + str(lid) + "' ") res = {} res['status'] = "ok" res['data'] = q return demjson.encode(res)
def reply(id): if session['lin'] == "lin": session['com']=id print(session) db = Db() qry="select * from complaint where c_id='"+id+"' " res=db.selectOne(qry) return render_template('admin/reply.html',data=res) else: return render_template("login.html")
def adm_view_food_items_edit(fid): qr = "select food_items.food_item_id,food_items.food_name,food_items.price,food_items.picture,food_items.description,category.* from food_items inner join category on food_items.category_id=category.category_id where food_items.food_item_id='" + fid + "' " db = Db() res = db.selectOne(qr) qr2 = "select * from category" res2 = db.select(qr2) return render_template("Admin/edit food items.html", data=res, cat=res2)
def and_login_post(): db = Db() db = Db() Username = request.form['Email'] password = request.form['Password'] qry = "select * from login where username='******' and password='******'" res = db.selectOne(qry) print(res) if res != None: qry1 = "SELECT * FROM `customer` WHERE `login_id`='" + str( res['login_id']) + "'" res1 = db.selectOne(qry1) return jsonify(status="ok", lid=res['login_id'], type=res['type'], uname=res1['customer_name'], usid=res1['customer_id'], usemail=res1['email']) else: return jsonify(status="no")
def and_payment_food(): acc = request.form['acnt'] val = request.form['mmyy'] pinno = request.form['pin'] ccv = request.form['ccv'] total = request.form['amnt'] lid = request.form['custid'] qry = "select * from bank where customer_id='" + lid + "' and card_number='" + acc + "' and valid_thru='" + val + "' and cvv='" + ccv + "' and pin='" + pinno + "'" d = Db() res = d.selectOne(qry) if res is None: return jsonify(status="invalid") else: balance = res['bal'] session['a'] = balance if int(balance) < int(total): return jsonify(status="insuff") else: print("ok") qry2 = "select * from cart where cust_id='" + lid + "'" res2 = d.select(qry2) qqq = "select table_hotel_id from table_booking where cust_id='" + lid + "'" rrr = d.selectOne(qqq) session['ti'] = rrr['table_hotel_id'] oid = d.insert( "insert into order_master(`customer_id`,`total`,`date`,`status`,`type`,`table_hotel_id`) values('" + lid + "','" + total + "',curdate(),'success','food','" + str(session['ti']) + "')") for i in res2: qry3 = "insert into order_table(`food_items_id`,`quantity`,`order_master_id`) values('" + str( i['food_id']) + "','" + str( i['quantity']) + "','" + str(oid) + "')" d.insert(qry3) d.delete("delete from cart where cart_id='" + str(i['cart_id']) + "'") d.update("update bank set bal='" + str(session['a']) + "'-'" + str(total) + "' where bank_id='" + str(res['bank_id']) + "'") return jsonify(status="ok")
def login(): username = request.form['username'] password = request.form['password'] db = Db() qry = db.selectOne("select * from login where username='******' and password='******'") if qry is not None: if qry['type'] == "admin": return render_template("Admin/admin_home.html") else: return '<script>alert("Logging in...." );window.location="/adminhome"</script>'
def login_pst(): usernam=request.form["email"] passwor=request.form["pass"] db=Db() qry=db.selectOne("SELECT * FROM login WHERE username='******' AND password='******' ") if qry is not None: if qry["type"]=="admin": session['lin']="lin" return ''' <script> alert('login success');window.location="/adm_home"; </script> ''' elif(qry["type"]=="user"): q=db.selectOne("SELECT * FROM user WHERE user.login_id='"+str(qry["login_id"])+"'") if q is not None: session["userid"]=qry["login_id"] session['lin'] = "lin" return ''' <script>alert('login success');window.location="/u_panel"; </script> ''' else: return ''' <script>alert('Invalid Username or Password');window.location="/"; </script> ''' else: return ''' <script>alert('Invalid Username or Password');window.location="/"; </script> '''
def adm_view_spl_food_items_edit(fid): session['fid'] = fid qr = "select special_food_id,spl_food_name,description,price,week,picture,category.category_name,category.category_id from spl_food INNER JOIN category ON category.category_id=spl_food.category_id where special_food_id='" + fid + "' " db = Db() res = db.selectOne(qr) qr2 = "select * from category" res2 = db.select(qr2) return render_template("Admin/edit special food items.html", data=res, cat=res2)
def login_post(): username = request.form['username'] password = request.form['password'] db = Db() qry = db.selectOne("select * from login where user_name='" + username + "' and password='******'") if qry is not None: if qry['user_type'] == "serviceagency": return redirect("/service_header") else: return '<script>alert("logging in...");window.location="/home"</script>' return render_template("login.html")
def chpswrd(): c = Db() x = session['userid'] if session["userid"] != None: y = "select * from login where lid='" + str(x) + "'" r = c.selectOne(y) if r is not None: type = r['type'] if type == 'admin': return render_template('admin/change pswrd.html') else: return render_template('user/user pswrd.html') else: return render_template('form.html')
def login(): username = request.form['username'] password = request.form['password'] db = Db() res = {} qry = db.selectOne("select * from login where username='******' and password='******'") if qry is None: res['status'] = "Not a valid user" else: res['lid'] = qry['logID'] res['usertype'] = qry['type'] res['status'] = "ok" return demjson.encode(res)
def payment(): db = Db() # lid=request.form['lid'] workid = request.form['workid'] qry1 = db.selectOne( "select * from payment where status='paid' and workid='" + str(workid) + "' ") res = {} if qry1 is not None: res['status'] = "Oops! Already paid" else: qry = db.update("update payment set status='paid' WHERE workid='" + workid + "'") res['status'] = "OK" return demjson.encode(res)
def login(): username=request.form["textfield"] password=request.form["textfield2"] db=Db() qry="select * from login where Login_Name='"+username+"' and Password='******'" res=db.selectOne(qry) if res is not None: session["lid"]=res["Login_id"] if res["Login_type"]=="admin": return render_template("admin_home.html") if res["Login_type"] == "doctor": return render_template("doctor/Dr_home.html") else: return '''<script>alert('Invalid username or Password');window.location="/"</script>''' else: return '''<script>alert('Invalid username or Password');window.location="/"</script>'''
def change_password_post(): current_password =request.form["textfield"] password= request.form["textfield2"] confirm_password=request.form["textfield3"] db=Db() lid=session["lid"] qry2="select Password from login where Login_id ='"+str(lid)+"'" res =db.selectOne(qry2) if res["Password"] == current_password : if password == confirm_password : qry ="update login set Password = '******'WHERE Login_id = '"+str(lid)+"'" res = db.update(qry) return '''<script>alert('Password changed');window.location ='/'</script> ''' else: return '''<script>alert('Password not equal to current password');window.location ='/Change_password'</script> ''' else : return '''<script>alert('Password incorrect');window.location ='/Change_password'</script> '''
def schedule(): db = Db() lid = request.form['lid'] workid = request.form['workid'] res = {} qry = db.selectOne( "select * from schedule,worktable,payment,client WHERE worktable.workid=schedule.workid and worktable.clientid='" + lid + "'and worktable.workid='" + workid + "' and payment.workid=worktable.workid and worktable.clientid=client.client_id " ) if qry is not None: res['data'] = qry res['status'] = "ok" else: res['status'] = "Sorry" return demjson.encode(res)
def view_attendence(id): b = request.form['s'] db = Db() if b == "View Attendence": qry = db.select( "select * from attendance,worker,worktable where worker.workerid=attendance.worker_id and attendance.work_id=worktable.workid order by attendance.date desc " ) if len(qry) > 0: return render_template("Admin/admin_viewAttendance.html", data=qry) else: return render_template("Admin/admin_viewAttendance.html", data=0) else: qry = db.selectOne( "select * from worktable,payment,schedule where schedule.workid=worktable.workid and worktable.workid=payment.workid and payment.workid='" + str(id) + "'") amount = qry['amount'] number = qry['number_workers'] total = float(amount) * float(number) return render_template("Admin/payment.html", data=qry, total=total)
def login_post(): username = request.form['username'] password = request.form['password'] db = Db() qry = db.selectOne("select * from login where user_name='" + username + "' and password='******'") res1 = {} if qry is not None: id = qry['login_id'] type = qry['user_type'] if type == 'user': res1['type1'] = type res1['lid'] = id res1['status'] = 'ok' return demjson.encode(res1) else: res1['status'] = 'none' return demjson.encode(res1) else: res1['status'] = 'none' return demjson.encode(res1)
def pchange(): if session['lin'] == "lin": obj1=Db() crpswd=request.form['cpsw'] newpswd=request.form['newpsw'] cnfpswd = request.form['cpswd'] if newpswd == cnfpswd: qry= "select password from login where login_id='"+str(session["userid"])+"'" res=obj1.selectOne(qry) if res is not None: if res['password']==crpswd: q="update login set password='******' where login_id='"+str( session["userid"])+"'" obj1.update(q) return userhome() else: return '''<script>alert('incorrect current password');window.location='/cpswd';</script>''' else: return '''<script>alert(' passwords not matching ');window.location='/cpswd';</script>''' else: return render_template("login.html")
def login(): try: c = Db() username = request.form['username'] pswrd = request.form['pass'] qry = "select * from login where username='******' and password='******'" result = c.selectOne(qry) if result != None: type = result['type'] session["userid"] = result["lid"] if type == 'admin': return render_template('admin/adminHome.html') elif type == 'user': return render_template('user/user home.html') elif type == 'blocked': return '<script>alert("Login restricted!! You have been blocked by the Admin");window.location="/";</script>' if result is None: return '<script>alert("incorrect username or pssword");window.location="/";</script>' except Exception as e: print(str(e))
def dr_view_profile(): lid = session["lid"] qry ="select * from doctor where Doc_login_id = '"+str(lid)+"'" db=Db() res =db.selectOne(qry) return render_template('doctor/View_profile.html',data=res)