def updateCustomer(request): Authorizer.authorizeCustomer(request) postVars = request.POST validKeys = ['lastName', 'firstName', 'address', 'city', 'state', 'zipCode', 'telephone', 'email', 'creditCardNumber'] acceptedValues = [] queryAppend = [] query = "UPDATE Customers SET " for key in validKeys: if key in postVars: queryAppend.append(key + " = %s") acceptedValues.append(postVars[key]) acceptedValues.append(request.matchdict['id']) query = query + ', '.join(queryAppend) + " WHERE ID = %s" try: cnx = mysql.connector.connect(user='******', password='******', host='127.0.0.1', database='305') cursor = cnx.cursor() cursor.execute(query, tuple(acceptedValues)) cursor.close() cnx.commit() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err)) Authorizer.refreshSession(request) raise exc.HTTPOk()
def apiGetMailingList(request): Authorizer.authorizeEmployee(request) mailingListID = request.matchdict["id"] mailingLists = {} try: cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305") cursor = cnx.cursor(dictionary=True) query = "SELECT * FROM MailingLists where id = %s" cursor.execute(query, tuple([str(mailingListID)])) for row in cursor: mailingList = {"id": row["id"], "createdBy": row["createdBy"], "name": row["name"]} query = "SELECT C.* from MailingListsMappings LEFT JOIN (SELECT id, firstName, lastName, email FROM Customers) as C ON C.id = MailingListsMappings.customerID and MailingListsMappings.listID = %s" cursor.execute(query, tuple([str(mailingList["id"])])) customers = [] for row in cursor: customers.append({"id": row["id"], "name": row["firstName"] + " " + row["lastName"], "email": row["email"]}) mailingList["customers"] = customers cursor.close() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err), status=500) return mailingLists
def employeeDashboard(request): Authorizer.authorizeEmployee(request) values = { 'currentUser': None, } if('currentUser' in request.session): values["currentUser"] = request.session['currentUser'] return values
def managerDashboard(request): Authorizer.authorizeManager(request) values = { 'currentUser': None, } if('currentUser' in request.session): values["currentUser"] = request.session['currentUser'] return values
def sold(request): Authorizer.authorizeEmployee(request) postVars = request.POST requiredKeys = ['bidID', 'customerID', 'auctionID', 'itemID'] for key in requiredKeys: if(key not in postVars): raise exc.HTTPBadRequest() try: cnx = mysql.connector.connect(user='******', password='******', host='127.0.0.1', database='305') cursor = cnx.cursor(dictionary=True) query = """ INSERT INTO Wins (BidID, Time, CustomerID, AuctionID) VALUES (%s,NOW(),%s, %s); """ cursor.execute(query, tuple([str(postVars['bidID']), str(postVars['customerID']), str(postVars['auctionID'])])) query = """ UPDATE Items SET CopiesSold = CopiesSold + 1, Stock=Stock-1 WHERE ID= %s """ cursor.execute(query, tuple([str(postVars['itemID'])])) query = """ UPDATE Customers SET ItemsSold=ItemsSold+1 WHERE ID = (SELECT SellerID FROM Auctions WHERE ID = %s); """ cursor.execute(query, tuple([str(postVars['auctionID'])])) query = """ UPDATE Customers SET ItemsPurchased=ItemsPurchased+1 WHERE ID = %s """ cursor.execute(query, tuple([str(postVars['customerID'])])) cursor.close() cnx.commit() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err), status=500) raise exc.HTTPOk()
def salesReport(request): Authorizer.authorizeManager(request) getVars = request.GET validKeys = ["month", "year", "itemID", "customerID", "itemType"] acceptedValues = [] queryAppend = [] report = [] query = "SELECT * FROM Sales_Report WHERE " for key in validKeys: if key in getVars: if key == "month": queryAppend.append("MONTH(time) = %s") acceptedValues.append(getVars[key]) elif key == "year": queryAppend.append("YEAR(time) = %s") acceptedValues.append(getVars[key]) else: queryAppend.append(key + " = %s") acceptedValues.append(getVars[key]) query = query + " AND ".join(queryAppend) try: cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305") cursor = cnx.cursor(dictionary=True) cursor.execute(query, tuple(acceptedValues)) for row in cursor: reportValues = {} for key in row: if isinstance(row[key], datetime): reportValues[key] = row[key].isoformat() elif isinstance(row[key], Decimal): reportValues[key] = str(row[key]) else: reportValues[key] = row[key] report.append(reportValues) cursor.close() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err), status=500) return report
def addAuction(request): Authorizer.authorizeCustomer(request) requiredKeys = ["itemID", "sellerID", "closingTime", "openingBid", "reserve", "increment"] postVars = request.POST acceptedKeys = [] for key in requiredKeys: if key in postVars: acceptedKeys.append(postVars[key]) else: print(key) raise exc.HTTPBadRequest() # print(postVars['password']) try: cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305") cursor = cnx.cursor(dictionary=True) employees = [] query = "SELECT id FROM Employees WHERE type = 1" cursor.execute(query) for row in cursor: employees.append(row["id"]) acceptedKeys.append(employees[randint(0, len(employees) - 1)]) query = "INSERT INTO Auctions(itemID, sellerID, openingTime, closingTime, openingBid, reserve, increment, employeeID)\ VALUES (%s, %s, NOW(), %s, %s, %s, %s, %s);" cursor.execute(query, tuple(acceptedKeys)) cursor.close() cnx.commit() cnx.close() except mysql.connector.Error as err: cursor.close() cnx.close() return Response("Something went wrong: {}".format(err)) raise exc.HTTPOk()
def addEmployee(request): Authorizer.authorizeManager(request) requiredKeys = ['ssn', 'lastName', 'firstName', 'address', 'city', 'state', 'zipCode', 'telephone', 'startDate', 'hourlyRate', 'type'] requiredUserKeys = ['username','password'] postVars = request.POST acceptedKeys = [] accepteduserKeys = [] for key in requiredKeys: if(key in postVars): acceptedKeys.append(postVars[key]) else: print(key) raise exc.HTTPBadRequest() for key in requiredUserKeys: if(key not in postVars): raise exc.HTTPBadRequest() salt = 'qwerty' postVars['password'] = crypt.crypt(postVars['password'], salt) query = ("INSERT INTO Employees(ssn, lastName, firstName, address, city, state, zipCode, telephone, startDate, hourlyRate, type)\ VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s);") try: cnx = mysql.connector.connect(user='******', password='******', host='127.0.0.1', database='305') cursor = cnx.cursor() cursor.execute(query, tuple(acceptedKeys)) query = ("INSERT INTO Users(username, password, type, id) VALUES (%s, %s, 1, LAST_INSERT_ID())") cursor.execute(query, tuple([postVars['username'], postVars['password']])) cursor.close() cnx.commit() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err), 500) raise exc.HTTPOk()
def deleteCustomer(request): Authorizer.authorizeEmployee(request) query = "DELETE FROM Customers WHERE id= %s" try: cnx = mysql.connector.connect(user='******', password='******', host='127.0.0.1', database='305') cursor = cnx.cursor() cursor.execute(query, tuple([request.matchdict['id']])) cursor.close() cnx.commit() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err)) raise exc.HTTPOk()
def getEmployee(request): Authorizer.authorizeManager(request) employeeID = request.matchdict['id'] try: cnx = mysql.connector.connect(user='******', password='******', host='127.0.0.1', database='305') cursor = cnx.cursor(dictionary=True) query = ("SELECT * FROM Employees WHERE id = %s") cursor.execute(query, tuple([str(employeeID)])) employee = {} for employee in cursor: employee = { 'type': employee['type'], 'id': employee['id'], 'name': employee['firstName'] + " " + employee['lastName'], 'firstName' : employee['firstName'], 'lastName' : employee['lastName'], 'address': employee['address'], 'city': employee['city'], 'state': employee['state'], 'zipCode': employee['zipCode'], 'telephone': employee['telephone'], 'startDate': employee['startDate'].isoformat(), 'hourlyRate': str(employee['hourlyRate']), } cursor.close() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err), status=500) if(len(employee) == 0): raise exc.HTTPNoContent() return employee
def allCustomers(request): Authorizer.authorizeEmployee(request) try: cnx = mysql.connector.connect(user='******', password='******', host='127.0.0.1', database='305') cursor = cnx.cursor(dictionary=True) query = ("SELECT * FROM Customers") cursor.execute(query) items = [] for customer in cursor: items.append({ 'id': customer['id'], 'name': customer['firstName'] + customer['lastName'], 'firstName': customer['firstName'], 'lastName': customer['lastName'], 'address': customer['address'], 'city': customer['city'], 'state': customer['state'], 'zipCode': customer['zipCode'], 'telephone': customer['telephone'], 'email': customer['email'], 'creditCardNumber': customer['creditCardNumber'], 'itemsSold': customer['itemsSold'], 'itemsPurchased': customer['itemsPurchased'], 'rating': str(customer['rating']) }) cursor.close() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err), status=500) if(len(items) == 0): raise exc.HTTPNoContent() return items
def apiAddMailingList(request): Authorizer.authorizeEmployee(request) postVars = request.POST print(postVars) if "name" not in postVars: raise exc.HTTPBadRequest() try: cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305") cursor = cnx.cursor(dictionary=True) query = "INSERT INTO MailingLists(name, createdBy) VALUES(%s, %s)" cursor.execute(query, tuple([postVars["name"], Authorizer.getCurrentUser(request)["id"]])) if "customers[]" in postVars: # postVars.getall('customers[]') query = "SELECT LAST_INSERT_ID() as id" cursor.execute(query) mailingListID = cursor.fetchone()["id"] print(mailingListID) for customerID in postVars.getall("customers[]"): print(customerID) query = "SELECT COUNT(*) as count FROM Customers where id = %s" cursor.execute(query, tuple([str(customerID)])) count = cursor.fetchone()["count"] if count != 0: query = "INSERT INTO MailingListsMappings(listID, customerID) VALUES (%s, %s)" cursor.execute(query, tuple([mailingListID, customerID])) else: raise exc.HTTPBadRequest() cursor.close() cnx.commit() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err), status=500) raise exc.HTTPOk()
def mailingList(request): Authorizer.authorizeEmployee(request) query = """SELECT email, concat(lastName, ' ', firstName) AS name FROM Customers""" mailingList = [] try: cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305") cursor = cnx.cursor(dictionary=True) cursor.execute(query) for row in cursor: customer = {} for key in row: customer[key] = row[key] mailingList.append(customer) except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err), status=500) return mailingList
def itemSuggestions(request): Authorizer.authorizeCustomer(request) session = request.session customerID = None if(Authorizer.getCurrentUserType(request) == 0): customerID = Authorizer.getCurrentUser(request)['id'] else: if('customerID' in request.GET): customerID = request.GET['customerID'] else: raise exc.HTTPBadRequest() query = """ SELECT * FROM Items WHERE type IN ( SELECT type FROM Items WHERE id IN ( SELECT itemID FROM Searches WHERE customerID = %s ) ) AND Items.name NOT IN ( SELECT name FROM Items WHERE id IN ( SELECT itemID FROM Auctions WHERE id IN ( SELECT auctionID FROM Bids WHERE customerID = %s ) ) ) LIMIT 5 """ suggestedItems = [] try: cnx = mysql.connector.connect(user='******', password='******', host='127.0.0.1', database='305') cursor = cnx.cursor(dictionary=True) cursor.execute(query, tuple([str(customerID), str(customerID)])) for row in cursor: item = {} for key in row: if(isinstance(row[key], datetime)): item[key] = row[key].isoformat() elif(isinstance(row[key], Decimal)): item[key] = str(row[key]) else: item[key] = row[key] suggestedItems.append(item) for item in suggestedItems: query = ("SELECT url FROM ItemsImages WHERE itemID = %s") cursor.execute(query, tuple([str(item['id'])])) urls = [] for row in cursor: urls.append(row['url']) item['images'] = urls cursor.close() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err), status=500) return suggestedItems
def revenueReport(request): Authorizer.authorizeManager(request) getVars = request.GET query = "SELECT ItemName, SUM(Amount) AS revenue, COUNT(Amount) AS copiesSold FROM Sales_Report WHERE " secondQuery = "SELECT ItemName, SUM(Amount) AS revenue, COUNT(Amount) AS copiesSold FROM Sales_Report WHERE MONTH(time) = MONTH(NOW()) AND YEAR(time) = YEAR(NOW()) AND " value = None if "employeeID" in getVars and "customerID" not in getVars and "itemID" not in getVars: query = query + "monitorID = %s GROUP BY ItemName" secondQuery = secondQuery + "monitorID = %s GROUP BY ItemName" value = getVars["employeeID"] elif "employeeID" not in getVars and "customerID" in getVars and "itemID" not in getVars: query = query + "customerID = %s GROUP BY ItemName" secondQuery = secondQuery + "customerID = %s GROUP BY ItemName" value = getVars["customerID"] elif "employeeID" not in getVars and "customerID" not in getVars and "itemID" in getVars: query = query + "itemID = %s" secondQuery = secondQuery + "itemID = %s" value = getVars["itemID"] else: raise exc.HTTPBadRequest() report = {} totalReport = [] monthReport = [] try: cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305") cursor = cnx.cursor(dictionary=True) cursor.execute(query, tuple([str(value)])) for row in cursor: totalReportValues = {} for key in row: if isinstance(row[key], datetime): totalReportValues[key] = row[key].isoformat() elif isinstance(row[key], Decimal): totalReportValues[key] = str(row[key]) else: totalReportValues[key] = row[key] totalReport.append(totalReportValues) report["total"] = totalReport cursor.execute(secondQuery, tuple([str(value)])) for row in cursor: monthReportValues = {} for key in row: if isinstance(row[key], datetime): monthReportValues[key] = row[key].isoformat() elif isinstance(row[key], Decimal): monthReportValues[key] = str(row[key]) else: monthReportValues[key] = row[key] monthReport.append(monthReportValues) report["month"] = monthReport cursor.close() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err), status=500) return report
def apiRevenueStats(request): Authorizer.authorizeManager(request) getVars = request.GET query1 = "SELECT SUM(Amount) AS revenue, COUNT(Amount) AS copiesSold, Items.* FROM Sales_Report LEFT JOIN Items on Items.id = Sales_Report.itemID GROUP BY itemID ORDER BY revenue DESC LIMIT 1" query2 = "SELECT SUM(Amount) AS revenue, COUNT(Amount) AS copiesSold, Customers.* FROM Sales_Report LEFT JOIN Customers on Customers.id = Sales_Report.sellerID GROUP BY customerID ORDER BY revenue DESC LIMIT 1;" query3 = "SELECT SUM(Amount) AS revenue, COUNT(Amount) AS copiesSold, Employees.* FROM Sales_Report LEFT JOIN Employees on Employees.id = Sales_Report.monitorID GROUP BY monitorID ORDER BY revenue DESC LIMIT 1;" stats = {} try: cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305") cursor = cnx.cursor(dictionary=True) cursor.execute(query1) row = cursor.fetchone() stat = {} for key in row: if isinstance(row[key], datetime): stat[key] = row[key].isoformat() elif isinstance(row[key], Decimal): stat[key] = str(row[key]) else: stat[key] = row[key] stats["item"] = stat query1 = "SELECT * FROM ItemsImages WHERE itemID = %s" cursor.execute(query1, tuple([str(stat["id"])])) images = [] for row in cursor: images.append(row["url"]) stats["item"]["images"] = images cursor.execute(query2) row = cursor.fetchone() stat = {} for key in row: if isinstance(row[key], datetime): stat[key] = row[key].isoformat() elif isinstance(row[key], Decimal): stat[key] = str(row[key]) else: stat[key] = row[key] stats["customer"] = stat cursor.execute(query3) row = cursor.fetchone() stat = {} for key in row: if isinstance(row[key], datetime): stat[key] = row[key].isoformat() if isinstance(row[key], date): stat[key] = row[key].isoformat() elif isinstance(row[key], Decimal): stat[key] = str(row[key]) else: stat[key] = row[key] stats["employee"] = stat cursor.close() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err), status=500) return stats
def apiAuctionWin(request): Authorizer.authorizeEmployee(request) auctionID = request.matchdict["id"] try: cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305") cursor = cnx.cursor(dictionary=True) query = "SELECT * from Auctions where id = %s" cursor.execute(query, tuple([str(auctionID)])) auction = cursor.fetchone() if auction["finished"] == 1: cursor.close() cnx.close() raise exc.HTTPBadRequest() elif auction["closingTime"] > datetime.now(): cursor.close() cnx.close() raise exc.HTTPBadRequest() query = "UPDATE Auctions SET finished=1 WHERE id = %s" cursor.execute(query, tuple([str(auctionID)])) # query = "SELECT COUNT(*) as count, amount, id, customerID FROM Bids where auctionID = 1 ORDER BY amount DESC LIMIT 1" query = "SELECT COUNT(*) as count FROM Bids where auctionID = %s" cursor.execute(query, tuple([str(auctionID)])) bid = cursor.fetchone() if bid["count"] == 0: cursor.close() cnx.commit() cnx.close() raise exc.HTTPOk() query = "SELECT amount, id, customerID FROM Bids WHERE auctionID = %s ORDER BY amount DESC LIMIT 1" cursor.execute(query, tuple([str(auctionID)])) bid = cursor.fetchone() if bid["amount"] < auction["reserve"]: cursor.close() cnx.commit() cnx.close() raise exc.HTTPOk() query = "INSERT INTO Wins (bidID, time, customerID, auctionID)\ VALUES (%s, NOW(), %s, %s);" cursor.execute(query, tuple([bid["id"], bid["customerID"], auction["id"]])) query = "UPDATE Items\ SET CopiesSold = CopiesSold + 1, Stock=Stock-1\ WHERE ID=%s" cursor.execute(query, tuple([str(auction["itemID"])])) print("itemUpdated") query = "UPDATE Customers\ SET ItemsSold=ItemsSold+1\ WHERE ID = %s" cursor.execute(query, tuple([str(auction["sellerID"])])) print("seller") query = "UPDATE Customers\ SET ItemsPurchased=ItemsPurchased+1\ WHERE ID = %s" cursor.execute(query, tuple([str(bid["customerID"])])) print("customer") cursor.close() cnx.commit() cnx.close() except mysql.connector.Error as err: cursor.close() cnx.close() return Response("Something went wrong: {}".format(err), status=500) raise exc.HTTPOk()
def apiAuctionsUnapproved(request): Authorizer.authorizeEmployee(request) auctions = [] try: cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305") cursor = cnx.cursor(dictionary=True) query = "SELECT * FROM Auctions where closingTime<NOW() AND finished=0" cursor.execute(query) for row in cursor: auctionInfo = {} for key in row: if isinstance(row[key], datetime): auctionInfo[key] = row[key].isoformat() elif isinstance(row[key], Decimal): auctionInfo[key] = str(row[key]) else: auctionInfo[key] = row[key] auctions.append(auctionInfo) for auction in auctions: print(auction) query = "SELECT * FROM Customers where id = %s" cursor.execute(query, tuple([str(auction["sellerID"])])) customer = cursor.fetchone() print("hii") auction["sellerName"] = customer["firstName"] + " " + customer["lastName"] query = "SELECT name FROM Items where id=%s" cursor.execute(query, tuple([str(auction["itemID"])])) item = cursor.fetchone() print("hiii") auction["itemName"] = item["name"] query = "SELECT url from ItemsImages where itemID=%s" cursor.execute(query, tuple([str(auction["itemID"])])) # print('hi') imageArray = [] for row in cursor: imageArray.append(row["url"]) auction["itemImage"] = imageArray query = "SELECT COUNT(*) as count FROM Bids where auctionID = %s" # print(tuple(str(auction["id"]))) print(auction["id"]) cursor.execute(query, tuple([str(auction["id"])])) # print('loop started') bid = cursor.fetchone() if bid["count"] == 0: print("no bids") auction["winner"] = None else: query = "SELECT amount, id, customerID FROM Bids WHERE auctionID = %s ORDER BY amount DESC LIMIT 1" cursor.execute(query, tuple([str(auction["id"])])) bid = cursor.fetchone() auction["amount"] = str(bid["amount"]) query = "SELECT * FROM Customers where id = %s" print("h") cursor.execute(query, tuple([str(bid["customerID"])])) print("hi") customer = cursor.fetchone() auction["winnerName"] = customer["firstName"] + " " + customer["lastName"] cursor.close() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err), status=500) return auctions
def apiAddBid(request): Authorizer.authorizeCustomer(request) auctionID = request.matchdict["id"] customer = request.session["currentUser"] requiredKeys = ["value", "maxBid"] postVars = request.POST acceptedKeys = [] for key in requiredKeys: if key in postVars: acceptedKeys.append(postVars[key]) else: print(key) raise exc.HTTPBadRequest() try: cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305") cursor = cnx.cursor(dictionary=True, buffered=True) query = "SELECT COUNT(*) as count, itemID, increment, openingBid, sellerID FROM Auctions WHERE id = %s AND closingTime > NOW()" cursor.execute(query, tuple([str(auctionID)])) row = cursor.fetchone() auctionCount = row["count"] if auctionCount == 0: cursor.close() cnx.close() raise exc.HTTPBadRequest() itemID = row["itemID"] increment = row["increment"] if customer["id"] < row["sellerID"]: raise exc.HTTPForbidden() postVars["value"] = Decimal(postVars["value"]) postVars["maxBid"] = Decimal(postVars["maxBid"]) if postVars["value"] < row["openingBid"]: raise exc.HTTPForbidden() # Check if bid already exists query = "SELECT * FROM Bids WHERE customerID = %s AND auctionID = %s" cursor.execute(query, tuple([customer["id"], auctionID])) print("rowcount", cursor.rowcount) if cursor.rowcount > 0: row = cursor.fetchone() query = "UPDATE Bids SET amount = %s, maxBid = %s WHERE id = %s" cursor.execute(query, tuple([postVars["value"], postVars["maxBid"], row["id"]])) else: query = "INSERT INTO Bids(itemID, customerID, maxBid, amount, time, auctionID) VALUES (%s, %s, %s, %s, NOW(), %s)" cursor.execute( query, tuple([str(itemID), str(customer["id"]), postVars["maxBid"], postVars["value"], auctionID]) ) query = "INSERT INTO BidLogs (amount, customerID, auctionID, time) VALUES (%s, %s, %s, NOW())" cursor.execute(query, tuple([postVars["value"], customer["id"], auctionID])) query = "SELECT * from Bids WHERE auctionID = %s" cursor.execute(query, tuple([str(auctionID)])) bids = [] for row in cursor: bid = {} for key in row: if isinstance(row[key], datetime): bid[key] = row[key].isoformat() else: bid[key] = row[key] bids.append(bid) changed = True currentMaxBid = 0 while changed: changed = False currentMaxBid = max([bid["amount"] for bid in bids]) numOccurences = [bid["amount"] for bid in bids].count(currentMaxBid) print(numOccurences) # print(currentMaxBid) if numOccurences == 1: for bid in bids: print("\n") print(bid["amount"]) print(increment) if (bid["amount"] + increment) <= bid["maxBid"] and bid["amount"] < currentMaxBid: bid["changed"] = True changed = True bid["amount"] = bid["amount"] + increment else: for bid in bids: print("\n") print(bid["amount"]) print(increment) if (bid["amount"] + increment) <= bid["maxBid"] and bid["amount"] <= currentMaxBid: bid["changed"] = True changed = True bid["amount"] = bid["amount"] + increment for bid in bids: if "changed" in bid: # print('wut') query = "UPDATE Bids SET amount = %s, time = NOW() WHERE id = %s" cursor.execute(query, tuple([bid["amount"], bid["id"]])) # print('HIIII') query = "INSERT INTO BidLogs (customerID, amount, time, auctionID) VALUES (%s, %s, NOW(), %s)" cursor.execute(query, tuple([bid["customerID"], str(bid["amount"]), auctionID])) query = "UPDATE Auctions SET currentBid = %s WHERE id = %s" cursor.execute(query, tuple([str(currentMaxBid), auctionID])) cursor.close() print("COMMITTING") cnx.commit() cnx.close() except mysql.connector.Error as err: cursor.close() cnx.close() return Response("Something went wrong: {}".format(err), 500) raise exc.HTTPOk()