def write_review(request, domain):
if request.POST:
review_form = forms.ReviewForm(request.POST)
if review_form.is_valid():
user = request.user if request.user.is_authenticated() else None
dating_site = get_object_or_404(models.DatingSite, domain=domain)
profile_obj, prof_created = models.Profile.objects.get_or_create(
dating_site=dating_site,
name=review_form.cleaned_data['of_profile'])
review = models.Review.objects.create(
rating=review_form.cleaned_data['rating'],
text=review_form.cleaned_data['text'],
title=review_form.cleaned_data['title'],
by_critic=models.Critic.objects.get_or_create(
user=user, ip=request.META['REMOTE_ADDR'])[0],
of_profile=profile_obj,
)
return redirect(reviews_of,domain=domain, \
profile=review_form.cleaned_data['of_profile'])
else:
review_form = forms.ReviewForm()
return render_to_response('write_review.html', {
'review_form': review_form,
'domain': domain
}, RequestContext(request))
def product_details(data_name):
if current_user.is_authenticated:
user = current_user
cartq = cart_quantity(user)
else:
cartq = 0
form = forms.ReviewForm()
user = current_user
product = models.Product.get(models.Product.data_name == data_name)
reviews = models.Review.select().where(
models.Review.product_id == product.id).order_by(
models.Review.date_posted.desc())
if form.validate_on_submit() and current_user.is_authenticated:
models.Review.create(user=user.id,
product=product,
title=form.title.data,
rating=form.rating.data,
content=form.content.data)
avg = "%.2f" % average(reviews)
product.average_rating = avg
product.save()
return redirect(url_for("product_details", data_name=data_name))
# print(product)
return render_template("productDetails.html",
product=product,
form=form,
reviews=reviews,
cartq=cartq)
def createreview(parkingid):
parking = models.Parking.get(models.Parking.id == parkingid)
review_form = forms.ReviewForm()
if review_form.validate_on_submit():
models.Review.create(user=g.user._get_current_object(),
content=review_form.content.data,
parking=parking)
return redirect('/parking/{}'.format(parkingid))
def edit_rev(revid):
review = models.Review.get(models.Review.id == revid)
form = forms.ReviewForm()
if form.validate_on_submit():
review.content = form.content.data
review.save()
flash('Your review has been updated!')
return redirect(
url_for('profilepage',
username=g.user._get_current_object().username))
return render_template('review.html', form=form, review=review)
def edit_review(productid, userid):
form = forms.ReviewForm()
user_id = int(userid)
product_id = int(productid)
review = models.Review.select().where(
models.Review.user == user_id,
models.Review.product_id == product_id).get()
if form.validate_on_submit():
if form.buy_again.data == True:
review.buy_again = 1
elif form.buy_again.data == False:
review.buy_again = 0
review.content = form.content.data
review.save()
return redirect(url_for('product', productid=productid))
return render_template('edit-review.html', form=form, userid=user_id)
def parking(parkingid):
parking = models.Parking.get_by_id(int(parkingid))
reviews = models.Review.select().where(
models.Review.parking_id == int(parkingid))
reservations = models.Reservation.select().where(
models.Reservation.parking_id == int(parkingid))
review_form = forms.ReviewForm()
form = forms.ResForm()
if form.validate_on_submit():
models.Reservation.create(user=g.user._get_current_object(),
resDate=form.resDate.data,
parking=parking)
return redirect(url_for('payment', parkingid=parking))
return render_template('parkingspace.html',
parking=parking,
form=form,
reviews=reviews,
review_form=review_form,
reservations=reservations)
def review(username):
form_r = forms.ReviewForm()
if form_r.is_submitted():
result = request.form
values = list(result.values()) # 0 is rating, 1 is URL
temp = values[0].encode('ascii')
try:
values[0] = float(values[1])
except ValueError:
return 'Invalid value entered for rating. Must be a float.'
values[1] = temp
values[2] = values[2].encode('ascii')
if sql_inj(values[1]):
return 'No SQL injection for you good sir.'
if float(values[0]) < 0 or float(values[0]) > 5:
return 'Invalid rating, review not processed.'
vids_matching_url = []
imgs_matching_url = []
txts_matching_url = []
db_result = g.conn.execute('SELECT * FROM Videos V WHERE V.vurl=\'' +
values[1] + '\'')
vids_matching_url.append(db_result.fetchall())
db_result = g.conn.execute('SELECT * FROM Images I WHERE I.iurl=\'' +
values[1] + '\'')
imgs_matching_url.append(db_result.fetchall())
db_result = g.conn.execute('SELECT * FROM Text T WHERE T.turl=\'' +
values[1] + '\'')
txts_matching_url.append(db_result.fetchall())
if not (
(len(vids_matching_url[0]) == 1 and len(imgs_matching_url[0]) == 0
and len(txts_matching_url[0]) == 0) or
(len(vids_matching_url[0]) == 0 and len(imgs_matching_url[0]) == 1
and len(txts_matching_url[0]) == 0) or
(len(vids_matching_url[0]) == 0 and len(imgs_matching_url[0]) == 0
and len(txts_matching_url[0]) == 1)):
return 'Invalid URL, review not processed.'
if len(vids_matching_url[0]) == 1:
# video avg of resource
rating = float(vids_matching_url[0][0][2])
num_reviews = int(vids_matching_url[0][0][3])
new_rating = (
(rating * num_reviews) + float(values[0])) / (num_reviews + 1)
g.conn.execute(' '.join(
('UPDATE Videos', 'SET vrating=' + str(new_rating) + ',',
'vnumraters=' + str(num_reviews + 1),
'WHERE vurl=\'' + values[1] + '\'')))
# video avg of user
cursor = g.conn.execute(' '.join(
('SELECT avgvideos, percentagevideos, numresourcesused',
'FROM Users', 'WHERE username=\'' + username + '\'')))
cursor = cursor.fetchall()
print(cursor)
avgvideos = float(cursor[0][0])
percentagevideos = float(cursor[0][1])
numresourcesused = int(cursor[0][2])
num_vids = round(percentagevideos * numresourcesused)
new_avgvideos = (
(avgvideos * num_vids) + float(values[0])) / (num_vids + 1)
cursor = g.conn.execute(' '.join(
('UPDATE Users', 'SET avgvideos=' + str(new_avgvideos) + ',',
'percentagevideos=' + str(
(num_vids + 1) / (numresourcesused + 1)) + ',',
'numresourcesused=' + str(numresourcesused + 1),
'WHERE username=\'' + username + '\'')))
elif len(imgs_matching_url[0]) == 1:
# update image resource fields
print(imgs_matching_url[0])
rating = float(imgs_matching_url[0][0][2])
num_reviews = int(imgs_matching_url[0][0][3])
new_rating = (
(rating * num_reviews) + float(values[0])) / (num_reviews + 1)
g.conn.execute(' '.join(
('UPDATE Images', 'SET irating=' + str(new_rating) + ',',
'inumraters=' + str(num_reviews + 1),
'WHERE iurl=\'' + values[1] + '\'')))
# image avg of user
cursor = g.conn.execute(' '.join(
('SELECT avgimages, percentageimages, numresourcesused',
'FROM Users', 'WHERE username=\'' + username + '\'')))
cursor = cursor.fetchall()
print(cursor)
avgimages = float(cursor[0][0])
percentageimages = float(cursor[0][1])
numresourcesused = int(cursor[0][2])
num_imgs = round(percentageimages * numresourcesused)
new_avgimages = (
(avgimages * num_imgs) + float(values[0])) / (num_imgs + 1)
cursor = g.conn.execute(' '.join(
('UPDATE Users', 'SET avgimages=' + str(new_avgimages) + ',',
'percentageimages=' + str(
(num_imgs + 1) / (numresourcesused + 1)) + ',',
'numresourcesused=' + str(numresourcesused + 1),
'WHERE username=\'' + username + '\'')))
else:
# change text resource fields
rating = float(txts_matching_url[0][0][3])
num_reviews = int(txts_matching_url[0][0][4])
new_rating = (
(rating * num_reviews) + float(values[0])) / (num_reviews + 1)
g.conn.execute(' '.join(
('UPDATE Text', 'SET trating=' + str(new_rating) + ',',
'tnumraters=' + str(num_reviews + 1),
'WHERE turl=\'' + values[1] + '\'')))
# text avg of user
cursor = g.conn.execute(' '.join(
('SELECT avgtext, percentagetext, numresourcesused',
'FROM Users', 'WHERE username=\'' + username + '\'')))
cursor = cursor.fetchall()
print(cursor)
avgtext = float(cursor[0][0])
percentagetext = float(cursor[0][1])
numresourcesused = int(cursor[0][2])
num_texts = round(percentagetext * numresourcesused)
new_avgtext = (
(avgtext * num_texts) + float(values[0])) / (num_texts + 1)
cursor = g.conn.execute(' '.join(
('UPDATE Users', 'SET avgtext=' + str(new_avgtext) + ',',
'percentagetext=' + str(
(num_texts + 1) / (numresourcesused + 1)) + ',',
'numresourcesused=' + str(numresourcesused + 1),
'WHERE username=\'' + username + '\'')))
return redirect('http://35.227.74.174:8111/user/{}'.format(username))
return render_template('review.html', form=form_r)
def product(productid):
from models import Review, Vote, User
form = forms.ReviewForm()
product = int(productid)
reviews = (Review.select(Review.content, Review.product_id, User.id,
User.username, Review.id, Review.buy_again,
Review.helpful_votes,
Review.not_helpful_votes).join(User).where(
User.id == Review.user
and Review.product_id == productid)).where(
fn.length(Review.content) > 0)
buy_again_votes_total = reviews.count()
buy_again_votes_true = 0
for review in reviews:
if review.buy_again == 1:
buy_again_votes_true += 1
if buy_again_votes_total > 0:
buy_again_votes_percent = (buy_again_votes_true /
buy_again_votes_total) * 100
elif buy_again_votes_total == 0:
buy_again_votes_percent = 0
votes = (Vote.select(Vote.user, Vote.helpful,
Review.id).join(Review).where(
Vote.review == Review.id
and Review.product_id == productid))
voter_exists = False
if votes:
for vote in votes:
if vote.user.id == current_user.id:
voter_exists = True
if form.validate_on_submit() and 'POST':
if form.buy_again.data == True:
models.Review.create(user=g.user._get_current_object(),
buy_again=1,
content=form.content.data.strip(),
product_id=product,
helpful_votes=0,
not_helpful_votes=0)
flash("Review posted! Thanks!", "success")
return redirect(url_for('product', productid=productid))
else:
models.Review.create(user=g.user._get_current_object(),
buy_again=0,
content=form.content.data.strip(),
product_id=product,
helpful_votes=0,
not_helpful_votes=0)
flash("Review posted! Thanks!", "success")
return redirect(url_for('product', productid=productid))
elif request.method == 'POST':
models.List.create_list_item(current_user.id, productid)
return 'success'
return render_template('product.html',
form=form,
product=product,
reviews=reviews,
currentuser=g.user.id,
votes=votes,
buy_again_votes_percent=buy_again_votes_percent,
voter_exists=voter_exists)