def item(): if 'username' not in session: username = CASClient().authenticate().strip() check_user(username) else: username = session.get('username').strip() #username = '******' itemid = request.args.get('itemid') string = request.cookies.get('lastSearch') if string is None: string = '' maxP = request.cookies.get('maxPrice') if maxP is None: maxP = '' minP = request.cookies.get('minPrice') if minP is None: minP = '' ntags = request.cookies.get('ntags') tags = [] for i in range(int(ntags)): tags.append(request.cookies.get(f'tag{i + 1}')) database = Database() database.connect() # check if item still exists in available database # if not, check if it was sold if not str(itemid).isnumeric(): errormsg = 'Sorry, this item does not exist.' html = render_template('error.html', errormsg=errormsg) response = make_response(html) return response if not (database.check_exists_item(itemid)): if not (database.check_exists_solditem(itemid)): errormsg = 'Sorry, this item does not exist.' html = render_template('error.html', errormsg=errormsg) response = make_response(html) return response else: entry = database.get_solditem(itemid) database.disconnect() errormsg = 'Sorry, this item has already been sold.' html = render_template('itemsold.html', entry=entry[0], errormsg=errormsg) response = make_response(html) return response if request.method == 'POST': bid = request.form['bid'] # check if bid is numeric try: bid = float(bid) except Exception as e: database = Database() database.connect() entry = database.get_item(itemid) database.disconnect() msg = 'Please enter a valid bid.' html = render_template('item.html', entry=entry[0], msg=msg, lastSearch=string, maxPrice=maxP, minPrice=minP, tags=tags) response = make_response(html) return response # round bid to nearest 0.5 bid = math.floor(bid) #if netid is None: netid = username database = Database() database.connect() # add bid to database entry = database.get_item(itemid) seller_id = (entry[0])[2] print(seller_id) if (seller_id == netid): database.disconnect() msg = 'Sorry, you may not bid on an item you are selling.' html = render_template('item.html', entry=entry[0], msg=msg, lastSearch=string, maxPrice=maxP, minPrice=minP, tags=tags) response = make_response(html) return response entry = database.get_item(itemid) current_price = (entry[0])[3] if (float(bid) <= current_price): database.disconnect() msg = 'Please enter a bid higher than the current price.' html = render_template('item.html', entry=entry[0], msg=msg, lastSearch=string, maxPrice=maxP, minPrice=minP, tags=tags) response = make_response(html) return response database.bid(itemid, bid, netid) entry = database.get_item(itemid) database.disconnect() msg = 'Your bid has been processed. Thank you!' html = render_template('item.html', entry=entry[0], msg=msg, lastSearch=string, maxPrice=maxP, minPrice=minP, tags=tags) response = make_response(html) return response else: try: database = Database() database.connect() entry = database.get_item(itemid) database.disconnect() html = render_template('item.html', entry=entry[0], lastSearch=string, maxPrice=maxP, minPrice=minP, tags=tags) response = make_response(html) return response except Exception as e: print("error" + str(e), file=stderr) exit(1)
def track(): bidconsistency = True print("arriveddddddddddddddddddd!!!!!!!!!!!!!!!!!!!") if 'username' not in session: username = CASClient().authenticate().strip() check_user(username) else: username = session.get('username').strip() #username = '******' database = Database() database.connect() if request.method == 'POST': print( "arrived at POSTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT" ) if (request.form.get('deletebid') is not None): delete_bid_itemid = request.form.get('deletebid') database.remove_bid(delete_bid_itemid, username) elif (request.form.get('deleteitem') is not None): delete_item_itemid = request.form.get('deleteitem') if (len(database.get_item(delete_item_itemid)) > 0): delete_item_filename = ( database.get_item(delete_item_itemid)[0])[4] if (delete_item_filename != ''): os.remove( os.path.join(IMAGE_DIR_AVAILABLE, delete_item_filename)) database.delete_image(delete_item_itemid) database.delete_from_db(delete_item_itemid) database.delete_from_bids(delete_item_itemid) if str(delete_item_itemid) in itemid_hashset: itemid_hashset.remove(str(delete_item_itemid)) else: # print("accepted bid!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!1") itemid = request.form['accept'] price = request.form['seller_sees'] selldate = datetime.date.today() entry = database.get_item(itemid)[0] max_bid_user = entry[7] print("itemid: " + str(itemid)) current_max_bid = database.get_max_bid(itemid) print("current max bid: " + str(current_max_bid[2])) print("price: " + str(price)) current_max_bidder = current_max_bid[1] print("max bid user: "******"current max bidder: " + str(current_max_bidder)) print("tttttttttttttttttttttttttttttttttttttttt") print(str(current_max_bid[2])) print(price) if (max_bid_user != None and str(current_max_bid[2]) == price): # print("yes!!!!----------------------------------------------") database.copy_to_purchased(itemid, selldate, max_bid_user) delete_item_filename = (database.get_item(itemid)[0])[4] database.delete_from_db(itemid) database.delete_from_bids(itemid) # print("222222222222222222222222222222222222222!!!!----------------------------------------------") send_purchase_mail( str(current_max_bidder).strip() + '@princeton.edu', str(username).strip() + '@princeton.edu', str(entry[6]), str(current_max_bid[2])) if (delete_item_filename != ''): os.rename( os.path.join(IMAGE_DIR_AVAILABLE, delete_item_filename), os.path.join(IMAGE_DIR_PURCHASED, delete_item_filename)) database.copy_image_to_purchased_images(itemid) database.delete_image(itemid) if str(itemid) in itemid_hashset: itemid_hashset.remove(str(itemid)) bidconsistency = True else: print("elsssssseeeeeeeeeeeeee!!!!!!!!!!!!!!!") bidconsistency = False print("elsebid:", bidconsistency) errormsg = "The bid you were trying to accept was removed by the bidder right before you hit accept, so we could not process the transaction. Sorry for the inconvenience." html = render_template('track.html', errormsg=errormsg) response = make_response(html) return response if request.args.get('action') == None: print("first arrivalllllllllll") html = render_template('track.html', errormsg='') response = make_response(html) return response else: netid_results = database.get_all_items_from_netid(username) bidder_results = database.get_all_items_from_maxbidder(username) database.disconnect() results = [] sell_list = [] for item in netid_results: item_dict = { "item_id": str(item[0]), "price": str(item[3]), "item_title": str(item[6]), "max_bidder": str(item[7]) } sell_list.append(item_dict) results.append(sell_list) bid_list = [] for item in bidder_results: item_dict = { "item_id": str(item[0]), "price": str(item[3]), "item_title": str(item[6]) } bid_list.append(item_dict) results.append(bid_list) print("secondbid:", bidconsistency) # if (bidconsistency is False): # print("notttttttt") # results.append("f") # else: # print("trueeee") # results.append("t") print("results: " + str(results)) bidconsistency = True jsonStr = dumps(results) response = make_response(jsonStr) response.headers['Content-Type'] = 'application/json' return response
def modify_item(): print("server reached") print(request) if 'username' not in session: username = CASClient().authenticate().strip() check_user(username) else: username = session.get('username').strip() database = Database() database.connect() itemid = None if (request.method == "GET" and request.args.get('modify') != None): print("get reached") itemid = request.args.get('modify') print("itemid: " + str(itemid)) print(request) entry = (database.get_item(itemid))[0] html = render_template('modify_item.html', entry=entry) response = make_response(html) return response # a confirm_change button (let them know it will reset bids), a cancel button (redirect to track page) # confirm_change redirects back here, with a get_request elif (request.method == "POST" and request.form['item_id'] != None): print("post reached") title = request.form['title'] print("title") image = request.files['image'] print(image) print("img") description = request.form['description'] print("desc") price = request.form['price'] print("pr") tag = request.form['tag'] print("tag") postdate = datetime.date.today() netid = username old_item_id = request.form['item_id'] print("id") # new_item_id = int(random.uniform(100, 1000000)) # error handling on the above in case it comes from a non web browser source print("getting stuff reached") prev_info = (database.get_item(old_item_id))[0] # send e-mail to bidders before deleting the bids item_bids = database.get_item_bids(old_item_id) send_modify_mail(item_bids, prev_info[6], old_item_id) database.delete_from_bids(old_item_id) # delete the old item entry data database.delete_from_db(old_item_id) new_img_bool = True # if new image is null and previous image is not null if image.filename == '' and prev_info[4] != '': safefilename = prev_info[4] new_img_bool = False print("db stuff") # insert the new image into the db if new_img_bool == True: # delete the old image if there was one if (prev_info[4] != ''): os.remove(os.path.join(IMAGE_DIR_AVAILABLE, prev_info[4])) database.delete_image(old_item_id) if (image.filename == ''): image = '' image_read = None safefilename = '' else: # print(image) safefilename = secure_filename(randstr() + '-' + image.filename) imgpath = '{}/{}'.format(IMAGE_DIR_AVAILABLE, safefilename) image.save(imgpath) image.seek(0) image_read = image.read() database.add_image(old_item_id, image_read, safefilename) # print(database.image_table_size()) # add new db info for the item database.add_to_db(old_item_id, postdate, netid, price, safefilename, description, title, tag) # add to bid database with null bidder netid database.bid(old_item_id, price, None) print("work done") return redirect("/item?itemid={}".format(old_item_id)) else: return redirect('/index')