def buyproduct(): if 'email' in session: if request.method == 'POST': em = session['email'] pn = session['productName'] pp = session['productPrice'] code = uuid.uuid1() orderid = code.node cn = request.form['cname'] mn = request.form['mobile'] ad = request.form['address'] city = request.form['city'] state = request.form['state'] zc = request.form['zipcode'] cur = getdbcur() try: cur = getdbcur() sql = "insert into orders(orderID,productName,productPrice,customerName,customerMobileno,customerEmail,deliveryAddress,city,state,zipcode) values(%s,%s,%s,%s,%s,%s,%s,%s,%s,%s) " cur.execute(sql, (orderid, pn, pp, cn, mn, em, ad, city, state, zc)) session.pop('productName', None) session.pop('productPrice', None) return render_template( 'buy.html', bmsg="product confirmation successful..goto payment page") except: return render_template( 'buy.html', bmsg="There is an error ,please try again.") else: return redirect(url_for('home')) else: flash('login first to buy the product.') return redirect(url_for('login'))
def upload(): if 'email' in session: if request.method == 'POST': nm = request.form['name'] ca = request.form['category'] pr = request.form['price'] ds = request.form['description'] im = request.files['file'] filename = secure_filename(im.filename) im.save(os.path.join(app.config['UPLOAD_FOLDER'], filename)) cur = getdbcur() sql = "insert into product(name,category,price,description,filename) values(%s,%s,%s,%s,%s)" cur.execute(sql, (nm, ca, pr, ds, im.filename)) n = cur.rowcounts if n == 1: msg = "Uploaded Successful!" return render_template('upload.html', msg=msg) else: msg = "Upload Failed!" return render_template('upload.html', msg=msg) else: return render_template('upload.html') else: return render_template('upload.html', msg="You can't upload products ..Login first!")
def beauty(): sql = "select * from product where category='skin care' " cur = getdbcur() cur.execute(sql) data = cur.fetchall() return render_template("category.html", data=data, msg="skin care")
def bags(): sql = "select * from product where category='bags' " cur = getdbcur() cur.execute(sql) data = cur.fetchall() return render_template("category.html", data=data, msg="bags")
def kids_fashion(): sql = "select * from product where category='kids' " cur = getdbcur() cur.execute(sql) data = cur.fetchall() return render_template("category.html", data=data, msg="kids")
def food(): sql = "select * from product where category='food and vegetables' " cur = getdbcur() cur.execute(sql) data = cur.fetchall() return render_template("category.html", data=data, msg="food and vegetables")
def clean_household(): sql = "select * from product where category='clean_household' " cur = getdbcur() cur.execute(sql) data = cur.fetchall() return render_template("category.html", data=data, msg="cleaning household")
def profile(): if 'email' in session: email = session['email'] sql = "select * from users where email ='" + email + "' " cur = getdbcur() cur.execute(sql) data = cur.fetchall() return render_template("profile.html", data=data) else: flash("you must login first to view your profile") return redirect(url_for('login'))
def myorders(): if 'email' in session: email = session['email'] sql = "select * from orders where customerEmail = '" + email + "' " cur = getdbcur() cur.execute(sql) data = cur.fetchall() return render_template('myorder.html', orderinfo=data) else: flash('login first to view the orders.') return redirect(url_for('login'))
def buy(): if 'email' in session: email = session['email'] if request.method == 'POST': id = request.form['id'] cur = getdbcur() sql1 = "select * from product where id = '" + id + "' " cur.execute(sql1) data = cur.fetchone() pname = data[1] pprice = data[3] session['productName'] = pname session['productPrice'] = pprice sql = "select name,mobileno,address,city,state,zipcode from users where email = '" + email + "' " cur = getdbcur() cur.execute(sql) data = cur.fetchone() return render_template('buy.html', userinfo=data) else: return redirect(url_for('home')) else: flash('login first to buy the product.') return redirect(url_for('login'))
def verify(): if request.method == 'POST': try: em = request.form['email'] cd = request.form['code'] sql = "update users set email_confirm=1 where email = '" + em + "' AND verifcode = '" + cd + "' " cur = getdbcur() cur.execute(sql) return render_template('verify.html', successmsg="email confirmation successful") except: return render_template('verify.html', errormsg="Email or code is incorrect") else: return render_template('verify.html')
def editprofile(): if 'email' in session: email = session['email'] if request.method == 'POST': nm = request.form['name'] ph = request.form['number'] sql = "update users set name='" + nm + "' , mobileno= '" + ph + "' where email='" + email + "'" cur = getdbcur() cur.execute(sql) return redirect(url_for('profile')) else: return render_template('editprofile.html') else: render_template('editprofile.html', errormsg="You can't change password ..Login first!")
def cart(): if 'email' in session: email = session['email'] sql = "select * from cart where email ='" + email + "' " cur = getdbcur() cur.execute(sql) n = cur.rowcount if n >= 1: data = cur.fetchall() return render_template('cart.html', cartdata=data) else: return render_template( 'cart.html', cartemptymsg= "Looks like you have no items in your shopping cart.") else: flash('login first to view cart') return redirect(url_for('login'))
def removeitem(): if 'email' in session: if request.method == 'POST': cur = getdbcur() email = session['email'] pname = request.form['pname'] try: sql = "delete from cart where email ='" + email + "' AND productName = '" + pname + "' " cur.execute(sql) flash('item is removed from cart') return redirect(url_for('cart')) except: flash('There is some error while removing') return redirect(url_for('cart')) else: flash('Direct access to this page is not allowed.') return redirect(url_for('cart')) else: flash('Login first') return redirect(url_for('login'))
def search(): if request.method == 'POST': items = request.form['searchtext'] cur = getdbcur() sql = "select * from product where name like '%" + items + "%' OR description like '%" + items + "%' " cur.execute(sql) n = cur.rowcount if n >= 1: data = cur.fetchall() return render_template('searchitems.html', searchdata=data, searchmsg="products related to search!") else: return render_template( 'searchitems.html', searchmsg= "There is no item is available that you search,try different name." ) else: return redirect(url_for('home'))
def forget(): if request.method == 'POST': try: em = request.form['email'] cur = getdbcur() sql = "select password from users where email = '" + em + "' " cur.execute(sql) forgpass = cur.fetchone() cmsg = Message('forgeted password', sender='*****@*****.**', recipients=['{}'.format(em)]) cmsg.body = "Your forgeted password is: {}".format(forgpass[0]) mail.send(cmsg) return render_template('forget.html', lmsg='password sent to your mail') except: return render_template( 'forget.html', lmsg="Either email is not registered or there is some error") else: return render_template('forget.html')
def login(): if request.method == 'POST': em = request.form['email'] ps = request.form['password'] cur = getdbcur() sql = "select email_confirm from users where email = '" + em + "' and password = '******' " cur.execute(sql) n = cur.rowcount if n == 1: data = cur.fetchone() if data[0] == 1: session['email'] = em return redirect(url_for('profile')) else: return render_template( 'login.html', lmsg="please verify your email first before login!") else: return render_template('login.html', lmsg="Incorrect Email or password!") else: return render_template('login.html')
def register(): if request.method == 'POST': try: nm = request.form['name'] em = request.form['email'] ph = request.form['mobileno'] ps = request.form['pass'] uc = randint(100000, 999999) cmsg = Message('verification code', sender='*****@*****.**', recipients=['{}'.format(em)]) cmsg.body = "Your verification code is: {}".format(uc) mail.send(cmsg) cur = getdbcur() sql = "insert into users(email,name,mobileno,password,verifcode) values(%s,%s,%s,%s,%s)" cur.execute(sql, (em, nm, ph, ps, uc)) rsmsg = "Registration Successful please confirm your email!" return render_template('register.html', rsmsg=rsmsg) except: msg = "Registration Failed!" return render_template('register.html', rmsg=msg) else: return render_template('register.html')
def addtocart(): if 'email' in session: email = session['email'] pid = request.form['id'] cur = getdbcur() sql1 = "select * from product where id = '" + pid + "' " cur.execute(sql1) data = cur.fetchone() pname = data[1] pdescription = data[4] pprice = data[3] pimg = data[5] try: sql = "insert into cart values( '" + email + "','" + pname + "','" + pdescription + "','" + pprice + "','" + pimg + "','" + pid + "' )" #sql = "insert into cart values( '"+email+"','"+pname+"','"+pdescription+"','"+pprice+"' )" cur.execute(sql) return redirect(url_for('cart')) except: return render_template('category.html', addtocartmsg="item is not added to cart") else: flash('Login first to add an item in your cart') return redirect(url_for('login'))
def changepassword(): if request.method == 'POST': if 'email' in session: email = session['email'] oldpass = request.form['oldpass'] newpass = request.form['newpass'] sql = "update users set password='******' where email='" + email + "' AND password='******' " cur = getdbcur() cur.execute(sql) n = cur.rowcount if n == 1: session.pop('email', None) return render_template('changepassword.html', cmsg="password changed successfully!") else: return render_template( 'changepassword.html', incorroldpassmsg="Incorrect old password!") else: return render_template( 'changepassword.html', errormsg="You can not change password ..Login first!") else: return render_template('changepassword.html')
def table_chair(): sql = "select * from product where category='tables & chair' " cur = getdbcur() cur.execute(sql) data = cur.fetchall() return render_template("category.html", data=data, msg="tables & chair")