def flask_upload():
# request.files内容是ImmutableMultiDict([('filename', <FileStorage: 'name.PNG' ('image/png')>)])
print("图片上传操作", request.files)
file = request.files["file"]
if "file" not in request.files or file.filename == "":
# 如果没有文件, 表示上传失败
return "0"
# 如果file存在,且满足allowed_file()函数,则进入该函数
if file and allowed_file(file.filename):
# 调用”werkzeug.secure_filename()”来使文件名安全,但是会过滤中文名
filename = secure_filename(file.filename)
# 更换图片名为用户名+时间戳
name = session.get("ID")
sql = SQL("shopping_flask")
img_name = name + str(int(time.time()))
filename = filename.replace(filename, img_name + ".jpg")
# 先删除用户原来的图片头像,再上传新的头像
head = sql.select("select chat_head from user where phone='%s'" %
name)[0][0]
try:
os.remove(head)
except Exception:
pass
# 把上传的图片保存到指定的目录
file.save(os.path.join(app.config["UPLOAD_FOLDER"], filename))
path = os.path.join(app.config["UPLOAD_FOLDER"], filename)
# 将用户的头像相对地址存储到数据库中
sql.IDU("update user set chat_head='%s' where phone='%s'" %
(path, name))
print(os.path.join(app.config["UPLOAD_FOLDER"], filename))
return "1"
else:
return "0"
def history():
name = session.get("ID")
sql = SQL("shopping_flask")
result = sql.select("select * from user_history where user_id='%s'" %
name)[0:8]
sql.close()
return json.dumps(result)
def update_cart():
name = session.get("ID")
sql = SQL("shopping_flask")
shop_id = request.values.get("shop_id")
sql.IDU("update cart set state='-1' where u_name='%s' and shop_id='%s'" %
(name, shop_id))
sql.close()
return "1"
def collect():
sql = SQL("shopping_flask")
store = request.values.get("store")
result = sql.select(
"select * from commodity where stores='%s' order by collect desc" %
store)
sql.close()
return json.dumps(result)
def find_name():
name = request.values.get("name")
# 连接数据库,到数据库中查找是否存在账号
db = SQL("shopping_flask")
result = db.select("select * from user where email='%s' or phone='%s'" % (name, name))
if result:
return "1"
return "0"
def sales_kind():
sql = SQL("shopping_flask")
page = request.values.get("page")
kind = request.values.get("kind")
search_data = sql.select(
"select * from commodity where kind='%s' order by Sales limit %s,20" %
(kind, int(page) * 20))
sql.close()
return json.dumps(search_data)
def del_history():
name = session.get("ID")
sql = SQL("shopping_flask")
history = request.values.get("history")
sql.IDU("delete from user_history where user_id='%s' and history='%s'" %
(name, history))
result = sql.select("select * from user_history where user_id='%s'" %
name)[0:8]
return json.dumps(result)
def del_store():
sql = SQL("shopping_flask")
name = session.get("ID")
store_name = request.values.get("store_name")
# 删除对应的店铺
sql.IDU("delete from collect_store where username='******' and store='%s'" %
(name, store_name))
sql.close()
return "1"
def del_shop():
sql = SQL("shopping_flask")
name = session.get("ID")
shop_id = request.values.get("shop_id")
# 删除商品收藏表中的用户收藏
sql.IDU("delete from collect_shop where u_name='%s' and shop_id='%s'" %
(name, shop_id))
sql.close()
return "1"
def add_shop():
sql = SQL("shopping_flask")
name = session.get("ID")
shop_id = request.values.get("shop_id")
# 往收藏表中添加商品id
sql.IDU("insert into collect_shop(u_name, shop_id) values('%s','%s')" %
(name, shop_id))
sql.close()
return "1"
def sales_sou():
sql = SQL("shopping_flask")
page = request.values.get("page")
shop_name = request.values.get("shop_name")
trade_name = "%" + shop_name + "%"
search_data = sql.select(
"select * from commodity where titles like '%s' order by Sales limit %s,20"
% (trade_name, int(page) * 20))
sql.close()
return json.dumps(search_data)
def details():
sql = SQL("shopping_flask")
# 获取商品id,通过id来查询商品
id = request.args.get("id")
# 从session中获取用户ID,昵称
name = session.get("ID")
nick_name = session.get("nick_name")
# 获取商品所有数据
result = sql.select("select * from commodity where shop_id='%s'" % id)
# 获取店铺名,在详情页面的店家推荐中显示数据
result1 = sql.select("select * from commodity where stores = '%s'" %
result[0][2])
# 到数据库中查找用户是否收藏了该商品
result2 = sql.select(
"select * from collect_shop where u_name = '%s' and shop_id='%s'" %
(name, id))
# 店铺收藏表中查找用户是否收藏了该店铺,
result3 = sql.select(
"select * from collect_store where username='******'and store='%s'" %
(name, result[0][2]))
# 详情页图片数据,和高清大图
himg = result[0][8].split(",")
imgs = result[0][9].split(",")
# 详情页右边的瞧了又瞧,首先获取当前商品的种类,对应种类的商品上去
kind = result[0][12]
guess = sql.select(
"select * from commodity where kind='%s' order by Sales desc" %
kind)[0:6]
sql.close()
return render_template("details.html", data=locals())
def sign():
if request.method == "POST":
username = request.values.get("username")
phone = request.values.get("phone")
pwd = generate_password_hash(request.values.get("pwd"))
print(username, "---", phone, "---", pwd)
sql = SQL("shopping_flask")
sql.IDU("insert into user(name,phone,pwd) values ('%s','%s','%s')" % (username, phone, pwd))
sql.close()
return "1"
return render_template("register/register.html")
def reset_password():
if request.method == "POST":
# 获取要重置密码的账号, 重置后将session中保存的账号删除
ID = session.get("reset_ID")
# 获取密码进行加密
pwd = generate_password_hash(request.values.get("pwd"))
sql = SQL("shopping_flask")
sql.IDU("update user set pwd='%s' where phone='%s' or email='%s'" % (pwd, ID, ID))
del session["reset_ID"]
return "0"
return render_template("register/reset_password.html")
def add_store():
sql = SQL("shopping_flask")
name = session.get("ID")
store_name = request.values.get("store_name")
today = datetime.date.today()
print(store_name, today)
# 往店铺收藏表中添加对应的数据
sql.IDU(
"insert into collect_store(username, store, time) values('%s','%s','%s')"
% (name, store_name, str(today)))
sql.close()
return "1"
def search_store():
sql = SQL("shopping_flask")
# nick_name = session.get("nick_name")
store_name = request.values.get("store")
shop_name = request.values.get("shop_name")
trade_name = "%" + shop_name + "%"
result = sql.select(
"select * from commodity where titles like '%s' and stores='%s'" %
(trade_name, store_name))
# result1 = sql.select("select * from collect_store where username='******' and store='%s'" % (name, store_name))
sql.close()
return json.dumps(result)
def judge():
print("asdasdsad")
name = session.get("ID")
sql = SQL("shopping_flask")
password = sql.IDU("select pay_pwd from user where phone='%s'" %
name)[0][0]
pay_pwd = request.values.get("pwd")
print(pay_pwd, password)
if password:
if check_password_hash(password, pay_pwd):
return "1"
else:
return "0"
return "-1"
def receiving():
name = session.get("ID")
sql = SQL("shopping_flask")
# 这个id是购物车表中对应对应商品独有的id,有这个id的话收货就不会把相同商品一起收货了。
id = request.values.get("id")
shop_id = request.values.get("shop_id")
return "1"
def search_price():
name = session.get("ID")
sql = SQL("shopping_flask")
kind = request.args.get("kind")
nick_name = session.get("nick_name")
if kind:
search_data = sql.select(
"select * from commodity where kind='%s' order by Sales" % kind)
sales = kind
else:
shop_name = request.args.get("shop_name")
trade_name = "%" + shop_name + "%"
search_data = sql.select(
"select * from commodity where titles like '%s' order by Sales" %
trade_name)
if shop_name == "":
print("搜索为空")
sales = "all"
else:
sales = shop_name
page = len(search_data)
page_count = math.ceil(page / 20)
# 查找对应种类销量最高的几个数据
Sales_data = sql.select(
"select * from commodity where kind='%s' order by Sales limit 0,5" %
search_data[0][-1])
sql.close()
return render_template("search_data.html", data=locals())
def kind():
sql = SQL("shopping_flask")
name = session.get("ID")
nick_name = session.get("nick_name")
kind = request.args.get("kind")
search_data = sql.select("select * from commodity where kind='%s'" % kind)
page = len(search_data)
page_count = math.ceil(page / 20) # 数据的数量,和总页数
# 查找对应种类销量最高的几个数据
Sales_data = sql.select(
"select * from commodity where kind='%s' order by Sales limit 0,5" %
kind)
if request.method == "POST":
kind = request.values.get("kind")
page = int(request.values.get("page")) * 20
result = sql.select(
"select * from commodity where kind='%s' limit %s,20" %
(kind, page))
return json.dumps(result)
return render_template("search_data.html", data=locals())
def pay():
if request.method == "POST":
# id:id,name:name,city:city,address:address,phone:phone,title:title,prices:prices
id = request.values.get("id")
consignee = request.values.get("name")
city = request.values.get("city")
city = city.replace("-", "")
address = request.values.get("address")
phone = request.values.get("phone")
prices = request.values.get("prices")
title = request.values.get("title")
link = buy.pay(title, prices)
session["pay_shop_id"] = id
# 将收货人信息暂时存到session中,如果用户购买了则将数据存到session中
session["consignee"] = consignee
session["city"] = city
session["address"] = address
session["phone"] = phone
return json.dumps(link)
else:
# 如果有用户直接进入到此链接判断session中是否有支付的订单,没有则跳转到购物车页面
if session.get("pay_shop_id"):
print("支付成功,更改属性")
sql = SQL("shopping_flask")
name = session.get("ID")
pay_shop_id = session.get("pay_shop_id")
sql.IDU(
"update cart set state='1' where state='0' and u_name='%s' and shop_id='%s'"
% (name, pay_shop_id))
consignee = session.get("consignee")
city = session.get("city")
address = session.get("address")
phone = session.get("phone")
# 如果用户支付了,则将数据存放到用户地址表,也就是用户的收货地址
sql.IDU(
"insert into user_address(user,name,province,address,phone,shop_id) values "
"('%s','%s','%s','%s','%s','%s')" %
(name, consignee, city, address, phone, pay_shop_id))
return redirect("/home/my_cart")
else:
return redirect("/home/my_cart")
def SAM():
sql = SQL("shopping_flask")
name = session.get("ID")
nick_name = session.get("nick_name")
# 用户表中查找该用户是否绑定了邮箱
email = sql.select("select email from user where phone='%s'" % name)[0][0]
head_img = sql.select("select chat_head from user where phone='%s'" %
name)[0][0][8:]
pay_pwd = sql.select("select pay_pwd from user where phone='%s'" %
name)[0][0]
sql.close()
return render_template("SAM.html", data=locals())
def login():
if request.method == "POST":
name = request.values.get("name")
pwd = request.values.get("pwd")
print(name, "---", pwd)
# 首先查找对应用户名的密码,check_password_hash把密码和数据库中的密码散列值进行匹配
sql = SQL("shopping_flask")
result = sql.select("select * from user where email='%s' or phone='%s'" % (name, name))
print(result, check_password_hash(result[0][2], pwd))
# 在这里如果用户输入的账号不存在的话则获取的数据为空,则在if判断中会有IndexError
try:
# 满足条件登录成功,将用户账号存到session中
if check_password_hash(result[0][4], pwd):
# 这里就算邮箱登录,存到session中的也是用户的电话
session["ID"] = result[0][2]
session["nick_name"] = result[0][1]
return "1"
except IndexError:
# 思路:能进入到这里表示用户输入的账号不存在,而其他的输入都正确就只有账号输入错误,返回-1表示账号输入错误
return "-1"
return "0"
img = auth_code()
return render_template("register/login.html", data=locals())
def index():
name = session.get("ID")
nick_name = session.get("nick_name")
sql = SQL("shopping_flask")
# 首页购物车数据显示,显示5条数据
# 从数据库中获取不同种类的商品数据,1电脑,2手机,3平板,4配件,5硬件
result = sql.select("select * from commodity where kind='%s'" % "1")[0:8]
result1 = sql.select(
"select * from commodity where kind='%s'order by Sales desc" % "2")
result2 = sql.select("select * from commodity where kind='%s'" % "3")[0:8]
result3 = sql.select("select * from commodity where kind='%s'" % "4")[0:8]
result4 = sql.select("select * from commodity where kind='%s'" % "5")[0:8]
result5 = sql.select(
"select * from commodity where kind='%s'order by Sales desc" % "1")
cart = sql.select(
"select * from commodity, cart where commodity.shop_id=cart.shop_id and u_name='%s'"
% name)[0:5]
cart_shop = []
for i in cart:
# 将查询的元组数据转换为列表,放到网页上
shop = list(i)
cart_shop.append(shop)
sql.close()
return render_template("index.html", data=locals())
def my_collect_store():
name = session.get("ID")
sql = SQL("shopping_flask")
nick_name = session.get("nick_name")
collect_store = sql.select(
"select * from collect_store where username='******'" % name)
head_img = sql.select("select chat_head from user where phone='%s'" %
name)[0][0][8:]
sql.close()
return render_template("my_collect_store.html", data=locals())
def cart():
name = session.get("ID")
sql = SQL("shopping_flask")
nick_name = session.get("nick_name")
# 查找所有订单,待付款,订单取消的数据
paid = sql.select(
"select * from commodity a,cart b where a.shop_id=b.shop_id and b.u_name='%s'"
% name)
obligation = sql.select(
"select * from commodity a,cart b where a.shop_id=b.shop_id and b.u_name='%s' and b.state='0'"
% name)
cancel = sql.select(
"select * from commodity a,cart b where a.shop_id=b.shop_id and b.u_name='%s' and b.state='1'"
% name)
head_img = sql.select("select chat_head from user where phone='%s'" %
name)[0][0][8:]
sql.close()
return render_template("my_cart.html", data=locals())
def goods_collection():
sql = SQL("shopping_flask")
name = session.get("ID")
nick_name = session.get("nick_name")
collect_shop = sql.select(
"select commodity.* from commodity,collect_shop "
"where collect_shop.shop_id=commodity.shop_id and collect_shop.u_name='%s'"
% name)
head_img = sql.select("select chat_head from user where phone='%s'" %
name)[0][0][8:]
sql.close()
return render_template("my_collection.html", data=locals())
def search():
name = session.get("ID")
sql = SQL("shopping_flask")
nick_name = session.get("nick_name")
if request.method == "POST":
shop_name = request.values.get("shop_name")
page = int(request.values.get("page")) * 20
trade_name = "%" + shop_name + "%"
search_data = sql.select(
"select * from commodity where titles like '%s' limit %s,20" %
(trade_name, page))
return json.dumps(search_data)
shop_name = request.args.get("shop_name") # 获取搜索的商品名
trade_name = "%" + shop_name + "%"
search_data = sql.select("select * from commodity where titles like '%s'" %
trade_name)
page = len(search_data)
page_count = math.ceil(page / 20)
# 查找对应种类销量最高的几个数据
if search_data:
Sales_data = sql.select(
"select * from commodity where kind='%s' order by Sales limit 0,5"
% search_data[0][-1])
# 如果用户登录,则将用户的搜索历史存到数据库中
if name and shop_name:
# 在html中没有进行查重操作,所以在数据库中进行查找判断
if sql.select(
"select * from user_history where user_id='%s' and history='%s'"
% (name, shop_name)):
pass
else:
sql.IDU(
"insert into user_history(user_id, history) values('%s','%s')"
% (name, shop_name))
print("存储历史")
sql.close()
return render_template("search_data.html", data=locals())
def amend_email():
name = session.get("ID")
sql = SQL("shopping_flask")
nick_name = session.get("nick_name")
head_img = sql.select("select chat_head from user where phone='%s'" %
name)[0][0][8:]
if request.method == "POST":
new_email = request.values.get("new_email")
sql.IDU("update user set email='%s' where phone='%s'" %
(new_email, name))
sql.close()
return "1"
return render_template("amend_email.html", data=locals())
def my_center():
sql = SQL("shopping_flask")
name = session.get("ID")
nick_name = session.get("nick_name")
if name == "None":
return redirect("/register/login")
# 商品收藏表和商品表进行联查
collect_shop = sql.select(
"select commodity.* from commodity,collect_shop "
"where collect_shop.shop_id=commodity.shop_id and collect_shop.u_name='%s'"
% name)[0:5]
collect_store = sql.select(
"select * from collect_store where username='******'" % name)
cart = sql.select(
"select * from commodity,cart "
"where cart.shop_id=commodity.shop_id and cart.u_name='%s'" %
name)[0:5]
head_img = sql.select("select chat_head from user where phone='%s'" %
name)[0][0][8:]
sql.close()
return render_template("vipcenter.html", data=locals())