def edit_categories(): perimeter_check("CMSCATEGORY") newname = request.form['rename_cat'] oldname = request.form['old_name'] cat_info = read_categories() if newname in cat_info: return render_template("cms.html", editname="Edit Categories", cat_info=cat_info, ins="error") db = getattr(g, 'db', None) query = "UPDATE tbl_category SET name=%s WHERE name=%s;" with db as cursor: cursor.execute(query, (newname, oldname)) db.commit() cat_info = read_categories() return render_template("cms.html", editname="Edit Categories", cat_info=cat_info, ins="success")
def remove_category(): perimeter_check("CMSCATEGORY") cats = read_categories() to_remove = [] status = "error" for c in cats: try: temp = request.form[c] to_remove.append(temp) except Exception: pass for c in to_remove: if category_remover(c): status = "success" else: status = "error" cat_info = read_categories() return render_template("cms.html", editname="Remove Category", ins=status, cat_info=cat_info)
def show_order(orderid): order_detail = read_order_detail(orderid) product_rows = read_product_rows(orderid) user_details = read_user_details(orderid) order_status = read_order_status() perimeter_check("CMSCATEGORY") return render_template("cms.html", editname="Browse Orders", order_detail=order_detail, product_rows=product_rows, user_details=user_details, order_status=order_status)
def edit_specific_product(oldname): perimeter_check("CMSPRODUCT") prodname = request.form['prodname'] prodprice = request.form['prodprice'] proddesc = request.form['proddesc'] prodcat = request.form['prodcat'] prodstock = request.form['prodstock'] prodfile = request.files['prodfile'] produrl = "" existing_products = read_products() cat_info = read_categories() db = getattr(g, 'db', None) query = "UPDATE tbl_product SET name=%s, description=%s, price=%s, cat_id=(SELECT id FROM " \ "tbl_category WHERE tbl_category.name=%s) WHERE name=%s;" with db as cursor: data = (prodname, proddesc, prodprice, prodcat, oldname) cursor.execute(query, data) db.commit() query = "UPDATE tbl_stock SET amount=%s WHERE product_id=(SELECT id FROM tbl_product WHERE name=%s);" with db as cursor: data = (prodstock, prodname) cursor.execute(query, data) db.commit() query = "SELECT id, image_url FROM tbl_product WHERE name = %s;" id = None old_url = "" with db as cursor: data = (prodname, ) cursor.execute(query, data) db.commit() temp = cursor.fetchone() id = temp[0] old_url = temp[1] #attempt fileupload if id: filename = str(id) + "_" + secure_filename(prodfile.filename) if prodfile: add_file(prodfile, filename) remove_file(old_url) produrl = filename query = "UPDATE tbl_product SET image_url=%s WHERE id=%s;" with db as cursor: data = (produrl, id) cursor.execute(query, data) db.commit() return render_template("cms.html", editname="Add Product", cat_info=cat_info, ins="success")
def add_product(): perimeter_check("CMSPRODUCT") prodname = request.form['prodname'] prodprice = request.form['prodprice'] proddesc = request.form['proddesc'] prodcat = request.form['prodcat'] prodstock = request.form['prodstock'] prodfile = request.files['prodfile'] produrl = "" existing_products = read_products() cat_info = read_categories() if prodname in existing_products: return render_template("cms.html", editname="Add Product", cat_info=cat_info, ins="error") db = getattr(g, 'db', None) query = "INSERT INTO tbl_product (name, description,price, cat_id) VALUES (%s, %s, %s, (SELECT id from tbl_category WHERE name=%s));" with db as cursor: data = (prodname, proddesc, prodprice, prodcat) cursor.execute(query, data) db.commit() query = "INSERT INTO tbl_stock (product_id, amount) VALUES ((SELECT id FROM tbl_product WHERE name = %s), %s);" with db as cursor: data = (prodname, prodstock) cursor.execute(query, data) db.commit() query = "SELECT id FROM tbl_product WHERE name = %s;" id = None with db as cursor: data = (prodname, ) cursor.execute(query, data) db.commit() id = cursor.fetchone()[0] #attempt fileupload if id: filename = str(id) + "_" + secure_filename(prodfile.filename) add_file(prodfile, filename) produrl = filename query = "UPDATE tbl_product SET image_url=%s WHERE id=%s;" with db as cursor: data = (produrl, id) cursor.execute(query, data) db.commit() return render_template("cms.html", editname="Add Product", cat_info=cat_info, ins="success")
def edit_specific_product(oldname): perimeter_check("CMSPRODUCT") prodname = request.form['prodname'] prodprice = request.form['prodprice'] proddesc = request.form['proddesc'] prodcat = request.form['prodcat'] prodstock = request.form['prodstock'] prodfile = request.files['prodfile'] produrl = "" existing_products = read_products() cat_info = read_categories() db = getattr(g, 'db', None) query = "UPDATE tbl_product SET name=%s, description=%s, price=%s, cat_id=(SELECT id FROM " \ "tbl_category WHERE tbl_category.name=%s) WHERE name=%s;" with db as cursor: data = (prodname, proddesc, prodprice,prodcat, oldname) cursor.execute(query, data) db.commit() query = "UPDATE tbl_stock SET amount=%s WHERE product_id=(SELECT id FROM tbl_product WHERE name=%s);" with db as cursor: data = (prodstock,prodname) cursor.execute(query, data) db.commit() query = "SELECT id, image_url FROM tbl_product WHERE name = %s;" id = None old_url = "" with db as cursor: data = (prodname,) cursor.execute(query, data) db.commit() temp = cursor.fetchone() id = temp[0] old_url = temp[1] #attempt fileupload if id: filename = str(id) + "_" + secure_filename(prodfile.filename) if prodfile: add_file(prodfile, filename) remove_file(old_url) produrl = filename query = "UPDATE tbl_product SET image_url=%s WHERE id=%s;" with db as cursor: data = (produrl, id) cursor.execute(query, data) db.commit() return render_template("cms.html", editname = "Add Product", cat_info=cat_info, ins = "success")
def update_status(orderid): perimeter_check("CMSCATEGORY") status = request.form['status'] db = getattr(g, 'db', None) query = "update tbl_order set tbl_order.order_status = %s where tbl_order.id = %s;" with db as cursor: cursor.execute(query, (status,orderid)) db.commit() return show_order(orderid)
def update_status(orderid): perimeter_check("CMSCATEGORY") status = request.form['status'] db = getattr(g, 'db', None) query = "update tbl_order set tbl_order.order_status = %s where tbl_order.id = %s;" with db as cursor: cursor.execute(query, (status, orderid)) db.commit() return show_order(orderid)
def add_product(): perimeter_check("CMSPRODUCT") prodname = request.form['prodname'] prodprice = request.form['prodprice'] proddesc = request.form['proddesc'] prodcat = request.form['prodcat'] prodstock = request.form['prodstock'] prodfile = request.files['prodfile'] produrl = "" existing_products = read_products() cat_info = read_categories() if prodname in existing_products: return render_template("cms.html", editname = "Add Product", cat_info=cat_info, ins = "error") db = getattr(g, 'db', None) query = "INSERT INTO tbl_product (name, description,price, cat_id) VALUES (%s, %s, %s, (SELECT id from tbl_category WHERE name=%s));" with db as cursor: data = (prodname, proddesc, prodprice, prodcat) cursor.execute(query, data) db.commit() query = "INSERT INTO tbl_stock (product_id, amount) VALUES ((SELECT id FROM tbl_product WHERE name = %s), %s);" with db as cursor: data = (prodname, prodstock) cursor.execute(query, data) db.commit() query = "SELECT id FROM tbl_product WHERE name = %s;" id = None with db as cursor: data = (prodname,) cursor.execute(query, data) db.commit() id = cursor.fetchone()[0] #attempt fileupload if id: filename = str(id) + "_" + secure_filename(prodfile.filename) add_file(prodfile, filename) produrl = filename query = "UPDATE tbl_product SET image_url=%s WHERE id=%s;" with db as cursor: data = (produrl, id) cursor.execute(query, data) db.commit() return render_template("cms.html", editname = "Add Product", cat_info=cat_info, ins = "success")
def update_status_2(): perimeter_check("CMSCATEGORY") orderid = request.form['orderid'] status = request.form['status'] db = getattr(g, 'db', None) query = "update tbl_order set tbl_order.order_status = %s where tbl_order.id = %s;" with db as cursor: cursor.execute(query, (status,orderid)) db.commit() order_row = read_orders() order_status = read_order_status() return render_template("cms.html", editname="Browse Orders", order_row=order_row, order_status=order_status)
def edit_products(): perimeter_check("CMSPRODUCT") alt = request.form['edit'] if alt == "edit_prod": oldname = request.form['old_name'] edit_specific_product(oldname) info = read_stock() others = read_not_stock() return render_template("cms.html", editname="Edit Products", info=info, others=others, ins="success") unchecked = read_products() checked = [] for p in unchecked: try: temp = request.form["check_" + p] checked.append(temp) except Exception: pass for p in checked: if p in unchecked: unchecked.remove(p) if alt == "set_unavaliable": for p in unchecked: remove_from_stock(p) for p in checked: stock_value = request.form["stock_" + p] add_to_stock(p, stock_value) elif alt == "set_avaliable": for p in checked: stock_value = request.form["stock_" + p] add_to_stock(p, stock_value) info = read_stock() others = read_not_stock() return render_template("cms.html", editname="Edit Products", info=info, others=others, ins="success")
def remove_product(): perimeter_check("CMSPRODUCT") prods = read_products() to_remove = [] for p in prods: try: temp = request.form[p] to_remove.append(temp) except Exception: pass for p in to_remove: product_remover(p) info = read_products_and_categories() return render_template("cms.html", editname = "Remove Product", info=info, ins = "success")
def add_category(): perimeter_check("CMSCATEGORY") catname = request.form['catname'] categories = read_categories() if catname in categories: cat_info = read_categories() return render_template("cms.html", editname="Add Category", ins="error") db = getattr(g, 'db', None) query = "insert into tbl_category (name) VALUES (%s);" with db as cursor: cursor.execute(query, (catname,)) db.commit() cat_info = read_categories() return render_template("cms.html", editname="Add Category", ins="success")
def update_status_2(): perimeter_check("CMSCATEGORY") orderid = request.form['orderid'] status = request.form['status'] db = getattr(g, 'db', None) query = "update tbl_order set tbl_order.order_status = %s where tbl_order.id = %s;" with db as cursor: cursor.execute(query, (status, orderid)) db.commit() order_row = read_orders() order_status = read_order_status() return render_template("cms.html", editname="Browse Orders", order_row=order_row, order_status=order_status)
def remove_product(): perimeter_check("CMSPRODUCT") prods = read_products() to_remove = [] for p in prods: try: temp = request.form[p] to_remove.append(temp) except Exception: pass for p in to_remove: product_remover(p) info = read_products_and_categories() return render_template("cms.html", editname="Remove Product", info=info, ins="success")
def add_category(): perimeter_check("CMSCATEGORY") catname = request.form['catname'] categories = read_categories() if catname in categories: cat_info = read_categories() return render_template("cms.html", editname="Add Category", ins="error") db = getattr(g, 'db', None) query = "insert into tbl_category (name) VALUES (%s);" with db as cursor: cursor.execute(query, (catname, )) db.commit() cat_info = read_categories() return render_template("cms.html", editname="Add Category", ins="success")
def edit_categories(): perimeter_check("CMSCATEGORY") newname = request.form['rename_cat'] oldname = request.form['old_name'] cat_info = read_categories() if newname in cat_info: return render_template("cms.html", editname="Edit Categories", cat_info = cat_info, ins="error") db = getattr(g, 'db', None) query = "UPDATE tbl_category SET name=%s WHERE name=%s;" with db as cursor: cursor.execute(query, (newname, oldname)) db.commit() cat_info = read_categories() return render_template("cms.html", editname="Edit Categories", cat_info = cat_info, ins="success")
def edit_products(): perimeter_check("CMSPRODUCT") alt = request.form['edit'] if alt == "edit_prod": oldname = request.form['old_name'] edit_specific_product(oldname) info = read_stock() others = read_not_stock() return render_template("cms.html", editname="Edit Products", info=info, others=others, ins = "success") unchecked = read_products() checked = [] for p in unchecked: try: temp = request.form["check_" + p] checked.append(temp) except Exception: pass for p in checked: if p in unchecked: unchecked.remove(p) if alt == "set_unavaliable": for p in unchecked: remove_from_stock(p) for p in checked: stock_value = request.form["stock_" + p] add_to_stock(p, stock_value); elif alt == "set_avaliable": for p in checked: stock_value = request.form["stock_" + p] add_to_stock(p, stock_value); info = read_stock() others = read_not_stock() return render_template("cms.html", editname="Edit Products", info=info, others=others, ins = "success")
def remove_category(): perimeter_check("CMSCATEGORY") cats = read_categories() to_remove = [] status = "error" for c in cats: try: temp = request.form[c] to_remove.append(temp) except Exception: pass for c in to_remove: if category_remover(c): status = "success" else: status = "error" cat_info = read_categories() return render_template("cms.html", editname = "Remove Category", ins = status, cat_info=cat_info)
def show_cms(): perimeter_check("CMSINDEX") return render_template("cms.html", editname="Content Management")
def show_cms_editor(editname): perimeter_check("CMSINDEX") if editname == "Browse Orders": perimeter_check("CMSCATEGORY") order_row = read_orders() order_status = read_order_status() return render_template("cms.html", editname=editname, order_row=order_row, order_status=order_status) elif editname == "Add Category": perimeter_check("CMSCATEGORY") return render_template("cms.html", editname=editname) elif editname == "Add Product": perimeter_check("CMSPRODUCT") cat_info = read_categories() return render_template("cms.html", editname=editname, cat_info=cat_info) elif editname == "Edit Categories": perimeter_check("CMSCATEGORY") cat_info = read_categories() return render_template("cms.html", editname=editname, cat_info=cat_info) elif editname == "Edit Products": perimeter_check("CMSSTOCK") info = read_stock() others = read_not_stock() cat_info = read_categories() return render_template("cms.html", editname=editname, info=info, others=others, cat_info=cat_info) elif editname == "Remove Category": perimeter_check("CMSCATEGORY") cat_info = read_categories() return render_template("cms.html", editname=editname, cat_info=cat_info) elif editname == "Remove Product": perimeter_check("CMSPRODUCT") info = read_products_and_categories() return render_template("cms.html", editname=editname, info=info) else: return render_template("cms.html", editname="Content Management")
def show_cms_editor(editname): perimeter_check("CMSINDEX") if editname == "Browse Orders": perimeter_check("CMSCATEGORY") order_row = read_orders() order_status = read_order_status() return render_template("cms.html", editname=editname, order_row=order_row, order_status=order_status) elif editname == "Add Category": perimeter_check("CMSCATEGORY") return render_template("cms.html", editname=editname) elif editname == "Add Product": perimeter_check("CMSPRODUCT") cat_info = read_categories() return render_template("cms.html", editname=editname, cat_info = cat_info) elif editname == "Edit Categories": perimeter_check("CMSCATEGORY") cat_info = read_categories() return render_template("cms.html", editname=editname, cat_info = cat_info) elif editname == "Edit Products": perimeter_check("CMSSTOCK") info = read_stock() others = read_not_stock() cat_info = read_categories() return render_template("cms.html", editname=editname, info=info, others=others, cat_info=cat_info) elif editname == "Remove Category": perimeter_check("CMSCATEGORY") cat_info = read_categories() return render_template("cms.html", editname=editname, cat_info=cat_info) elif editname == "Remove Product": perimeter_check("CMSPRODUCT") info = read_products_and_categories() return render_template("cms.html", editname=editname, info=info) else: return render_template("cms.html", editname="Content Management")