Exemple #1
0
def printReceipt():
    purchase_id = request.form.get('checkPrint')

    purchase = get_db().execute(
        'SELECT * FROM pembelian WHERE id_pembelian = ?',
        (purchase_id, )).fetchone()

    products = get_products(get_db().execute(
        'SELECT id_produk FROM pembelian WHERE id_pembelian = ?',
        (purchase_id, )).fetchone()[0])

    return render_template('purchase/receipt.html',
                           purchase=purchase,
                           products=products)
Exemple #2
0
def login():
    if request.method == 'POST':
        email = request.form['email']
        password = request.form['password']
        db = get_db()
        error = None
        user = db.execute('SELECT * FROM user WHERE email = ?',
                          (email, )).fetchone()

        if not email:
            error = 'Email is Empty.'
        elif not password:
            error = 'Password is Empty.'
        elif db.execute(  #note -db.execute-
                'SELECT id FROM user WHERE email = ?',
            (email, )).fetchone() is None:  #note -fetchone()-
            error = 'Email {} is incorrect.'.format(email)
        elif not check_password_hash(user['password'], password):
            error = 'Incorrect Password.'

        if error is None:
            session.clear()
            session['user_id'] = user['id']
            return redirect(url_for('index'))

        flash(error)

    return render_template('auth/login.html')
Exemple #3
0
def register():
    if request.method == 'POST':
        nama = request.form[
            'name']  #Request the data from tag input with name = name
        email = request.form['email']  #note -request.form-
        password = request.form['password']
        db = get_db()
        error = None

        if not nama:
            error = 'Name is required.'
        elif not email:
            error = 'Email is required.'
        elif not password:
            error = 'Password is required.'
        elif db.execute(  #note -db.execute-
                'SELECT id FROM user WHERE email = ?',
            (email, )).fetchone() is not None:  #note -fetchone()-
            error = 'Email {} is already registered.'.format(email)

        if error is None:
            db.execute(
                'INSERT INTO user (email, password, login_status, nama, role) VALUES (?, ?, ?, ?, ?)',
                (email, generate_password_hash(password), False, nama,
                 'karyawan')  #note -generate_password_hash()-
            )
            db.commit()  #note -db.commit()-
            return redirect(
                url_for('auth.login'))  #note -redirect()-, -url_for()-

        flash(error)  #note -flash()-

    return render_template('auth/register.html')  #note -render_template()-
Exemple #4
0
def edit_product(id):
    products = get_products(id)

    if request.method == 'POST':
        nama_barang = request.form['product_name']
        tipe_barang = request.form['product_type']
        harga = request.form['price']
        stock = request.form['stock']
        error = None

        if not nama_barang:
            error = 'Product name is required.'
        elif not tipe_barang:
            error = 'Product type is required.'
        elif not harga:
            error = 'Product price is required.'
        elif not stock:
            error = 'Product stock is required.'

        if error is not None:
            flash(error)
        else:
            db = get_db()
            db.execute(
                'UPDATE barang SET nama_barang = ?, tipe_barang = ?, harga = ?, stock = ?'
                ' WHERE id_barang = ?',
                (nama_barang, tipe_barang, harga, stock, id))
            db.commit()
            return redirect(url_for('product.list_product'))

    return render_template('product/edit_product.html', products=products)
Exemple #5
0
def add_user():
    if request.method == 'POST':
        nama = request.form['name']
        email = request.form['email']
        password = request.form['password']
        role = request.form['role']
        db = get_db()
        error = None

        if not nama:
            error = 'Name is required.'
        elif not email:
            error = 'Email is required.'
        elif not password:
            error = 'Password is required.'
        elif not role:
            error = 'Role is required.'
        elif db.execute(  #note -db.execute-
                'SELECT id FROM user WHERE email = ?',
            (email, )).fetchone() is not None:  #note -fetchone()-
            error = 'Email {} is already registered.'.format(email)

        if error is None:
            db.execute(
                'INSERT INTO user (email, password, login_status, nama, role) VALUES (?, ?, ?, ?, ?)',
                (email, generate_password_hash(password), False, nama, role))
            db.commit()
            return redirect(url_for('user.list_user'))

        flash(error)

    return render_template('user/add_user.html')
Exemple #6
0
def register():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None

        if not username:
            error = 'Username is required.'
        elif not password:
            error = 'Password is required.'
        elif db.execute('SELECT id FROM user WHERE username = ?',
                        (username, )).fetchone() is not None:
            error = 'User {} is already registered.'.format(username)

        if error is None:
            db.execute('INSERT INTO user (username, password) VALUES (?, ?)',
                       (username, generate_password_hash(password)))
            db.commit()
            return redirect(url_for('auth.login'))

        flash(error)
        # If validation fails, the error is shown to the user. Flask.flash() stores messages that can be retrieved when rendering the template.

    return render_template('auth/register.html')
Exemple #7
0
def edit_user(id):
    users = get_user(id)

    if request.method == 'POST':
        nama = request.form['name']
        email = request.form['email']
        password = request.form['password']
        role = request.form['role']
        error = None

        if not nama:
            error = 'Name is required.'
        elif not email:
            error = 'Email is required.'
        elif not password:
            error = 'Password is required.'
        elif not role:
            error = 'Role is required.'

        if error is not None:
            flash(error)
        else:
            db = get_db()
            db.execute(
                'UPDATE user SET email = ?, password = ?, nama = ?, role = ?'
                ' WHERE id = ?', (email, password, nama, role, id))
            db.commit()
            return redirect(url_for('user.list_user'))

    return render_template('user/edit_user.html', users=users)
Exemple #8
0
def add_product():
    if request.method == 'POST':
        nama_barang = request.form['product_name']
        tipe_barang = request.form['product_type']
        harga = request.form['price']
        stock = request.form['stock']
        db = get_db()
        error = None

        if not nama_barang:
            error = 'Product name is required.'
        elif not tipe_barang:
            error = 'Product type is required.'
        elif not harga:
            error = 'Product price is required.'
        elif not stock:
            error = 'Product stock is required.'
        elif db.execute(  #note -db.execute-
                'SELECT id_barang FROM barang WHERE nama_barang = ?',
            (nama_barang, )).fetchone() is not None:  #note -fetchone()-
            error = 'Product name {} is already registered.'.format(
                nama_barang)

        if error is not None:
            flash(error)
        else:
            db.execute(
                'INSERT INTO barang (nama_barang, tipe_barang, harga, stock) VALUES (?, ?, ?, ?)',
                (nama_barang, tipe_barang, harga, stock))
            db.commit()
            return redirect(url_for('product.list_product'))

    return render_template('product/add_product.html')
Exemple #9
0
def index():
    db = get_db()
    purchases = db.execute(
        'SELECT id_pembelian, tgl_pembelian, barang.nama_barang, barang.harga, bayar, user.nama'
        ' FROM pembelian, barang, user WHERE barang.id_barang = pembelian.id_produk AND user.id = pembelian.id_karyawan'
        ' ORDER BY id_pembelian DESC').fetchall()
    return render_template('purchase/index.html', purchases=purchases)
Exemple #10
0
def index():
    db = get_db()
    posts = db.execute(
            'SELECT p.id, title, body, created, author_id, username'
            ' FROM post p JOIN user u ON p.author_id = u.id'
            ' ORDER BY created DESC'
            ).fetchall()
    return render_template('blog/index.html', posts=posts)
Exemple #11
0
def load_logged_in_user():
    user_id = session.get('user_id')

    if user_id is None:
        g.user = None
    else:
        g.user = get_db().execute('SELECT * FROM user WHERE id = ?',
                                  (user_id, )).fetchone()
Exemple #12
0
def delete(id):

    #易忘点:数据库查询要.fetchone(),不要忘了额
    get_post(id)
    db = get_db()
    db.execute('PRAGMA foreign_keys = ON')
    db.execute('DELETE FROM post WHERE id=?', (id, ))
    #易忘点:数据库操作完毕都要commit一下
    db.commit()
    return redirect(url_for('blog.index'))
Exemple #13
0
def load_logged_in_user():
    '''之后可以从g.user判断用户是否处于登录状态
	session有值证明用户已登录,从db获取用户id存到g.user
	没有值则设置g.user=None,说明用户未登录
	'''
    user_id = session.get('user_id')
    if user_id is None:
        g.user = None
    else:
        g.user = get_db().execute('SELECT * FROM user WHERE id=?',
                                  (user_id, )).fetchone()
Exemple #14
0
def get_post(id, check_author=True):
    db = get_db()
    post = db.execute(
        'SELECT p.id,title,body,created, author_id, username'
        ' FROM post p JOIN user u ON p.author_id = u.id'
        ' WHERE p.id=?', (id, )).fetchone()
    if not post:
        abort(404, "Post None")
    if check_author and post['author_id'] != g.user['id']:
        abort(403)
    return post
Exemple #15
0
def article(id):
    post = get_post(id, check_author=False)
    db = get_db()
    '''评论出现两条重复的原因在这里,这个JOIN之后会有重复,要考虑如何去重,还要考虑性能。。
    #评论的userid有问题,,JOIN这种操作还是运用不来
    'SELECT authorid,postid,userid,ctext,ctime,enable_dis,replyid,u.username '
    ' FROM comment c JOIN user u ON c.authorid = ? and c.postid=?'
    ' WHERE u.id=c.authorid',
    (post['author_id'],post['id'])
    '''
    comments = db.execute(
        'SELECT c.id as commentid,postid,userid,ctext,ctime,enable_dis,replyid,u.username,rootid '
        ' FROM comment c JOIN user u'
        ' ON c.userid=u.id'
        ' WHERE c.postid=?'
        ' ORDER BY c.ctime DESC', (post['id'], )).fetchall()
    # try:
    #     for com in comments:
    #         print(com['ctext'])
    # except:
    #     print("comment fetch error")

    if request.method == 'POST':
        #login_required必须
        if not g.user:
            return redirect(url_for('auth.login'))
        form_category = request.form['form_category']
        if form_category == "comment_send":
            comment_msg = request.form['comment_msg']
            db = get_db()
            db.execute(
                'INSERT INTO comment'
                ' (postid,userid,ctext,enable_dis,replyid,rootid)'
                ' VALUES'
                ' (?,?,?,?,?,?)',
                (id, g.user['id'], comment_msg, True, -1, -1))
            db.commit()
            return redirect(url_for('blog.article', id=id))
        elif form_category == "comment_reply":
            pass
    return render_template('blog/article.html', post=post, comments=comments)
Exemple #16
0
def get_post(id, check_author=True):
    post = get_db().execute(
        'SELECT p.id, title, body, created, author_id, username'
        ' FROM post p JOIN user u ON p.author_id = u.id'
        ' WHERE p.id = ?', (id, )).fetchone()

    if post is None:
        abort(404, "Post id {0} doesn't exist.".format(id))

    if check_author and post['author_id'] != g.user['id']:
        abort(403)

    return post
Exemple #17
0
def update(id):
    post = get_post(id)
    if request.method == "POST":
        title = request.form['post_title']
        body = request.form['post_text']
        error = None
        if not title:
            error = 'Title is required'
        if error is not None:
            flash(error)
        else:
            db = get_db()
            db.execute('UPDATE post SET title=?,body=?'
                       ' WHERE id=?', (title, body, id))
            db.commit()
            return redirect(url_for('blog.index'))
    return render_template('blog/create.html', post=post, update="True")
Exemple #18
0
def reply():
    if request.method == "POST":
        postid = request.values.get("postid")
        replyid = request.values.get("commentid")
        userid = request.values.get("userid")
        rootid = request.values.get("rootid")
        re_text = request.values.get("re_text")
        if int(rootid) < 0:
            rootid = userid
        db = get_db()
        db.execute(
            'INSERT INTO comment '
            ' (postid,userid,ctext,enable_dis,replyid,rootid)'
            ' VALUES'
            ' (?,?,?,?,?,?)',
            (postid, g.user['id'], re_text, 1, replyid, rootid))
        db.commit()
    return "OK"
Exemple #19
0
def create():
    if request.method == 'POST':
        # title = request.form['post_title']
        # body = request.form['post_text']
        title = request.form.get('post_title')
        body = request.form.get('ckeditor')
        error = None
        if not title:
            error = 'Title is required'
        if error is not None:
            flash(error)
        else:
            db = get_db()
            db.execute(
                'INSERT INTO post (title,body,author_id) VALUES (?,?,?)',
                (title, body, g.user['id']))
            db.commit()
            return redirect(url_for('blog.index'))
    return render_template('blog/create.html')
Exemple #20
0
def login():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None
        dbuser = db.execute('SELECT * FROM user WHERE username=?',
                            (username, )).fetchone()
        if dbuser is None:
            error = 'Incorrect username'
        elif not check_password_hash(dbuser['password'], password):
            error = 'Incorrect password'
        if error is None:
            session.clear()
            session['user_id'] = dbuser['id']

            #疑问:这里是怎么找到index的?
            #作为蓝图是继承了db.py,因此能找到db.py里面的函数
            #db.py中用add_url_rule('/',endpoint='index')来关联端点名称
            return redirect(url_for('index'))
    return render_template('auth/login.html')
Exemple #21
0
def login():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None
        user = db.execute('SELECT * FROM user WHERE username = ?',
                          (username, )).fetchone()

        if user is None:
            error = 'Incorrect username.'
        elif not check_password_hash(user['password'], password):
            error = 'Incorrect password.'

        if error is None:
            session.clear()
            session['user_id'] = user['id']
            return redirect(url_for('index'))

        flash(error)

    return render_template('auth/login.html')
Exemple #22
0
def register():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None
        if not username:
            error = 'username error'
        elif not password:
            error = 'password error'
        elif db.execute('SELECT id FROM user WHERE username=?',
                        (username, )).fetchone() is not None:
            error = '{} is already existed'.format(username)

        if error is None:

            db.execute('INSERT INTO user (username,password) VALUES (?,?)',
                       (username, generate_password_hash(password)))
            db.commit()
            #注册成功后重定向的页面
            return redirect(url_for('auth.login'))
        flash(error)
    return render_template('auth/register.html')
Exemple #23
0
def login():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None
        user = db.execute('SELECT * FROM user WHERE username = ?',
                          (username, )).fetchone()

        if user is None:
            error = 'Incorrect username.'
        elif not check_password_hash(user['password'], password):
            error = 'Incorrect password.'

        if error is None:
            session.clear()
            session['user_id'] = user['id']
            return redirect(url_for('index'))
        '''
        session is a dict that stores data across requests. When validation succeeds, the user’s id is stored in a new session. The data is stored in a cookie that is sent to the browser, and the browser then sends it back with subsequent requests. Flask securely signs the data so that it can’t be tampered with.
        '''
        flash(error)

    return render_template('auth/login.html')
Exemple #24
0
def add_purchase():
    if request.method == 'POST':
        id_produk = request.form['id_produk']
        bayar = request.form['bayar']
        id_karyawan = request.form['id_karyawan']
        db = get_db()
        error = None

        if not id_produk:
            error = 'Product is required.'
        elif not bayar:
            error = 'Pay is required.'

        if error is not None:
            flash(error)
        else:
            db.execute(
                'INSERT INTO pembelian (id_produk, bayar, id_karyawan) VALUES (?, ?, ?)',
                (id_produk, bayar, id_karyawan))
            db.commit()
            return redirect(url_for('purchase.index'))

    return render_template('purchase/add_purchase.html',
                           products=getAllProduct())
Exemple #25
0
def getAllProduct():
    products = get_db().execute('SELECT * FROM barang').fetchall()

    return products
Exemple #26
0
def get_products(id, check_author=True):
    products = get_db().execute('SELECT * FROM barang'
                                ' WHERE id_barang = ?', (id, )).fetchone()

    return products
Exemple #27
0
def list_product():
    db = get_db()
    products = db.execute('SELECT * FROM barang'
                          ' ORDER BY id_barang ASC').fetchall()
    return render_template('product/list_product.html', products=products)
Exemple #28
0
def delete_product(id):
    get_products(id)
    db = get_db()
    db.execute('DELETE FROM barang WHERE id_barang = ?', (id, ))
    db.commit()
    return redirect(url_for('product.list_product'))
Exemple #29
0
def delete(id):
    get_post(id)
    db = get_db()
    db.execute('DELETE FROM post WHERE id = ?', (id,))
    db.commit()
    return redirect(url_for('blog.index'))
Exemple #30
0
def delete_purchase(id):
    get_purchase(id)
    db = get_db()
    db.execute('DELETE FROM pembelian WHERE id_pembelian = ?', (id, ))
    db.commit()
    return redirect(url_for('purchase.index'))