def rate(id_val):
form = RatingForm(request.form)
if request.method == 'POST' and form.validate():
movieId = id_val
audienceId = current_user.get_id()
rating = form.rating.data
add_rating(db, movieId, audienceId, rating)
flash('Rating successfully entered.')
return redirect(url_for('show_movie_info',id_val= id_val))
return render_template('Rating_page.html', form=form)
def rate_show():
form = RatingForm(request.form)
if request.method == 'POST' and form.validate():
# Check if the rater is a buyer
cnx = mysql.connector.connect(user='******',
password='******',
host='104.197.213.149',
database='wgzzdb')
cursor = cnx.cursor()
checker = "SELECT BuyerSSN FROM Buyers WHERE BuyerSSN = " + str(
form.data['ssn']) + ";"
cursor.execute(checker)
results = cursor.fetchall()
if not results:
flash('Not eligible to rate!')
return redirect('/')
# Check if the rater's name and SSN match
checker = "SELECT BuyerSSN, BuyerName FROM Buyers WHERE BuyerSSN = " + str(
form.data['ssn']
) + " AND BuyerName = " + "'" + form.data['name'] + "';"
cursor.execute(checker)
results = cursor.fetchall()
if not results:
flash('Name and SSN did not match!')
return redirect('/')
# Add a piece of rating info
date = datetime.today()
rating = dict(RatingForm.rate).get(form.rate_choice.data)
query = "INSERT INTO Rating (BuyerSSN, ShowName, Rating, RatingDate) VALUES (%s, %s, %s, %s)"
val = (form.data['ssn'], form.data['show'], int(rating), date)
cursor.execute(query, val)
cnx.commit()
cursor.close()
cnx.close()
flash('Rate successful!')
return redirect('/')
return render_template('rate_show.html', form=form)