Esempio n. 1
0
def update():
    try:
        if 'loggedin' in session:
            rp = None
            cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
            cursor.execute('SELECT * FROM accounts WHERE id = %s',
                           [session['id']])
            account = cursor.fetchone()

            if account['role'] == 'admin':
                if request.method == 'POST':
                    name = request.form['editDeviceName']
                    serial_number = request.form['editSerialNumber']
                    location = request.form['editLocation']
                    operating_sys = request.form['editOperatingSys']
                    tablet_type = request.form['editDeviceType']
                    model = request.form['editModel']
                    zone = request.form['editZone']
                    state = request.form['editCondition']
                    date_added = request.form['editDateAdded']
                    date_damaged = request.form['editDateDamaged']


                    st = 'UPDATE devices SET name=\"{}\", location=\"{}\", operating_sys=\"{}\", tablet_type=\"{}\", model=\"{}\", zone=\"{}\", state=\"{}\", date_added=\"{}\", '\
                         'date_damaged=\"{}\" WHERE serial_number=\"{}\"'.format(
                         name, location, operating_sys, tablet_type, model, zone, state, date_added, date_damaged, serial_number)

                    cur = mysql.connection.cursor()
                    cur.execute(st)
                    mysql.connection.commit()

                    if location == 'Repair':
                        rp = 'UPDATE `repair` SET repair_count= repair_count+1 WHERE serial_number=\"{}\"'.format(
                            serial_number)
                        cur.execute(rp)
                        cur.execute(rp)
                        mysql.connection.commit()
                    flash("Data Updated Successfully")

            elif account['role'] == 'normal':
                cur = mysql.connection.cursor()
                if request.method == 'POST':
                    serial_number = request.form['editSerialNumber']
                    damageDes = request.form['damageReport']

                rp = 'UPDATE `repair` SET repair_count= repair_count+1 WHERE serial_number=\"{}\"'.format(
                    serial_number)
                rp1 = 'UPDATE `repair` SET damage_report=\"{}\" WHERE serial_number=\"{}\"'.format(
                    damageDes, serial_number)
                email(serial_number, damageDes)
                #notification = "alert(\'Email sent successfully!\')"
                cur.execute(rp)
                mysql.connection.commit()

            return redirect(url_for('dashboard', username=session['username']))
        return redirect(url_for('login'))

    except ValueError as error:
        flash("Failed to insert record into table {}".format(error))
Esempio n. 2
0
def info(id_data):
    if 'loggedin' in session:
        cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
        cursor.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
        account = cursor.fetchone()

        cursor.execute("SELECT * FROM repair WHERE repair_id = %s",
                       (id_data, ))
        info = cursor.fetchone()
        mysql.connection.commit()
        return redirect(
            url_for('dashboard', username=session['username'], info=info))
    return redirect(url_for('login'))
Esempio n. 3
0
def email(id_data, damage):
    if 'loggedin' in session:
        cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
        cursor.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
        account = cursor.fetchone()

        cursor.execute("SELECT * FROM devices WHERE serial_number = %s",
                       (id_data, ))
        data = cursor.fetchone()
        #needed, name, location and
        location = data['location']
        DamagedReport(id_data, location, damage)
        return redirect(url_for('dashboard', username=session['username']))
    return redirect(url_for('login'))
Esempio n. 4
0
def logout():
    # Remove session data, this will log the user out
    session.pop('loggedin', None)
    session.pop('id', None)
    session.pop('username', None)
    # Redirect to login page
    return redirect(url_for('login'))
Esempio n. 5
0
def login():
    # Output message if something goes wrong...
    msg = ''
    # Check if "username" and "password" POST requests exist (user submitted form)
    if request.method == 'POST' and 'username' in request.form and 'password' in request.form:
        # Create variables for easy access
        username = request.form['username']
        password = request.form['password']
        # Check if account exists using MySQL
        cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
        cursor.execute(
            'SELECT * FROM accounts WHERE username = %s AND password = %s',
            (username, password))
        # Fetch one record and return result
        account = cursor.fetchone()
        # If account exists in accounts table in out database
        if account:
            # Create session data, we can access this data in other routes
            session['loggedin'] = True
            session['id'] = account['id']
            session['username'] = account['username']
            # Redirect to home page
            return redirect(url_for('home'))
        else:
            # Account doesnt exist or username/password incorrect
            msg = 'Incorrect username/password!'
    # Show the login form with message (if any)
    return render_template('login.html', msg=msg)
Esempio n. 6
0
def home():
    # Check if user is loggedin
    if 'loggedin' in session:
        # User is loggedin show them the home page
        return render_template('home.html', username=session['username'])
    # User is not loggedin redirect to login page
    return redirect(url_for('login'))
Esempio n. 7
0
def users():
    if 'loggedin' in session:
        cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
        cursor.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
        account = cursor.fetchone()

        if account['role'] == 'admin':
            cursor.execute('SELECT * FROM accounts')
            data = cursor.fetchall()
            # Show the profile page with
            return render_template(
                'users.html', username=session['username'],
                values=data)  # values not transmitting to table
        else:
            return redirect(url_for('home', username=session['username']))
    return redirect(url_for('login'))
Esempio n. 8
0
def dashboard():
    if 'loggedin' in session:
        # We need all the account info for the user so we can display it on the profile page
        cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
        cursor.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
        account = cursor.fetchone()

        if account['role'] == 'normal':
            stmt = 'SELECT * FROM devices WHERE location=\"{}\"'.format(
                account['location'])
            cursor.execute(stmt)
            data = cursor.fetchall()
            length = len(data)
            return render_template('dashboard-user.html',
                                   username=session['username'],
                                   values=data,
                                   length=length)
        #Load table
        cursor.execute('SELECT * FROM devices')
        data = cursor.fetchall()
        length = len(data)
        # Show the profile page with
        return render_template(
            'dashboard.html',
            username=session['username'],
            values=data,
            length=length)  # values not transmitting to table
    return redirect(url_for('login'))
Esempio n. 9
0
def file_import():
    if 'loggedin' in session:
        cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
        cursor.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
        account = cursor.fetchone()
        try:
            if request.method == 'POST':
                file_path = request.files['myfile']
                importfile(file_path)
                return redirect(url_for("dashboard"))
        except ValueError as error:
            return redirect(url_for("dashboard"))

        if file_path != None:
            importfile(file_path)
    else:
        return redirect(url_for('login'))
Esempio n. 10
0
def add():
    if 'loggedin' in session:
        cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
        cursor.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
        account = cursor.fetchone()

        try:
            if request.method == 'POST':
                name = request.form.get('inputDeviceName')
                serialnum = request.form.get('inputSerialNumber')
                location = request.form.get('inputLocation')
                operatingsys = request.form.get('inputOperatingSys')
                devicetype = request.form.get('inputDeviceType')
                inputmodel = request.form.get('inputModel')
                inputzone = request.form.get('inputZone')
                state = request.form.get('inputCondition')
                dateadded = request.form.get('inputDateAdded')
                datedamaged = request.form.get('inputDateDamaged')
                inputuser = request.form.get('inputUser')

                st = 'INSERT INTO `devices` (`name`, `serial_number`, `location`, `operating_sys`, `tablet_type`, `model`, `zone`, `state`, `date_added`, `date_damaged`, `user`)' \
                     'VALUES(\"{}\", \"{}\", \"{}\", \"{}\", \"{}\", \"{}\", \"{}\", \"{}\", \"{}\", \"{}\", \"{}\")'.format(
                name, serialnum, location, operatingsys, devicetype, inputmodel, inputzone, state, dateadded, datedamaged, inputuser)
                cur = mysql.connection.cursor()
                cur.execute(st)
                mysql.connection.commit()

                rpcount = 0
                cmmt = 'NULL'
                rp = 'INSERT INTO `repair` (`repair_count`, `serial_number`, `previous_location`, `comment`)' \
                     'VALUES({}, \"{}\", \"{}\", \"{}\")'.format(rpcount, serialnum ,location, cmmt)

                cur.execute(rp)
                mysql.connection.commit()
            return redirect(url_for("dashboard", username=session['username']))

        except ValueError as error:
            return redirect(url_for("login"))
            #flash("Failed to insert record into table {}".format(error))
    return redirect(url_for('login'))
Esempio n. 11
0
def profile():
    # Check if user is loggedin
    if 'loggedin' in session:
        # We need all the account info for the user so we can display it on the profile page
        cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
        cursor.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
        account = cursor.fetchone()
        # Show the profile page with account info
        return render_template('profile.html',
                               account=account,
                               username=session['username'])
    # User is not loggedin redirect to login page
    return redirect(url_for('login'))
Esempio n. 12
0
def delete_usr(id_data):
    try:
        if 'loggedin' in session:
            cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
            cursor.execute('SELECT * FROM accounts WHERE id = %s',
                           [session['id']])
            account = cursor.fetchone()

            cursor.execute("DELETE FROM accounts WHERE id = %s and id != %s",
                           (id_data, account['id']))
            mysql.connection.commit()
            flash("Record Has Been Deleted Successfully")
        return redirect(url_for("users", username=session['username']))

    except ValueError as error:
        flash("Failed to delete record into table {}".format(error))