def query_product_categories(performDbQuery=0, onLoad=None, queryFields=None): table_data = declarations.define_tables() print "<HTML>" print "<HEAD>" ecommerce.javaScript("product_categories_admin", 1) ecommerce.title("Product Categories Administration") print "</HEAD>" ecommerce.bodySetup(onLoad) ecommerce.mainHeading('Product Categories Administration') ecommerce.subHeading('Product Category Values') ecommerce.formSetup("product_categories_admin","product_categories_admin","return submitForm(document.product_categories_admin)",declarations.store_info['db_name']) if form.has_key("username"): username = form["username"].value else: if form.has_key("uHidden"): username = form["uHidden"].value else: username = '' if form.has_key("password"): password = form["password"].value else: if form.has_key("pHidden"): password = form["pHidden"].value else: password = '' ecommerce.usernamePasswordDisplay(username, password) if form.has_key("performDbQuery") or performDbQuery == 1: dbResult = ecommerce.connectDB(username, password, declarations.store_info['db_name']) # could not connect to db if dbResult['status'] != 'success': ecommerce.alertsArea(form, "Can not connect to database,\n" + dbResult['message']) # connected to db ecommerce.queryFunctionButtons(0, declarations.store_info['help_file']) else: db = dbResult['result'] # check to see if a query has been performed with at least one column queryFields, whereFields = ecommerce.getQueryWhereFields(form, table_data, 'product_categories') if queryFields == None or queryFields == []: queryFields = [] whereFields = None queryFields.append('category') dbResult, queryStatement = ecommerce.executeQuery(db, table_data, 'product_categories', queryFields, whereFields, 'query', ecommerce.queryItemFunctionsHtmlNoEdit, 'ORDER by category','category') # if query was not successful if dbResult['status'] != 'success': ecommerce.alertsArea(form, "Could not retrieve category values data from database,\n" + dbResult['message']); # else category values data was retrieved ok else: ecommerce.alertsArea(form, "Last Query Statement: " + queryStatement + "\n" + `len(dbResult['result'])` + " category value items retrieved from database"); ecommerce.queryFunctionButtons(1, declarations.store_info['help_file']) else: ecommerce.queryFunctionButtons(0, declarations.store_info['help_file']) ecommerce.queryHiddenFields(username, password) print "</FORM>" try: ecommerce.trailer(table_data, db) db.close() except NameError: pass print "</BODY>" print "</HTML>" if form.has_key("performDbQuery") or performDbQuery == 1: return dbResult else: return {'status' : 'success', 'message' : 'query successful', 'result' : 0}
def query_orders(performDbQuery=0, onLoad=None, queryFields=None): table_data = declarations.define_tables() print "<HTML>" print "<HEAD>" ecommerce.javaScript("order_admin", 1) ecommerce.title("Order Administration") print "</HEAD>" ecommerce.bodySetup(onLoad) print '<CENTER>' print '<TABLE COLS=1 WIDTH=585>' print '<TR><TD>' ecommerce.mainHeading('Order Administration') ecommerce.subHeading('Order Listing') ecommerce.formSetup("order_admin","order_admin","return submitForm(document.order_admin)",declarations.store_info['db_name']) if form.has_key("username"): username = form["username"].value else: if form.has_key("uHidden"): username = form["uHidden"].value else: username = '' if form.has_key("password"): password = form["password"].value else: if form.has_key("pHidden"): password = form["pHidden"].value else: password = '' ecommerce.usernamePasswordDisplay(username, password) if form.has_key("performDbQuery") or performDbQuery == 1: dbResult = ecommerce.connectDB(username, password, declarations.store_info['db_name']) # could not connect to db if dbResult['status'] != 'success': ecommerce.alertsArea(form, "Can not connect to database,\n" + dbResult['message']) # connected to db ecommerce.queryFunctionButtons(0, declarations.store_info['help_file']) else: db = dbResult['result'] # check to see if a query has been performed with at least one column queryFields, whereFields = ecommerce.getQueryWhereFields(form, table_data, 'orders') if queryFields == None or queryFields == []: queryFields = [] whereFields = None queryFields.append('id') queryFields.append('customer_id') queryFields.append('creation_date') queryFields.append('shipped_date') queryFields.append('total') dbResult, queryStatement = ecommerce.executeQuery(db, table_data, 'orders', queryFields, whereFields, 'query', ecommerce.queryItemFunctionsHtml) # if query was not successful if dbResult['status'] != 'success': ecommerce.alertsArea(form, "Invalid query where clause specified,\n" + dbResult['message'] + '\nLast Query Statement: ' + queryStatement) # else orders were retrieved ok else: ecommerce.alertsArea(form, "Last Query Statement: " + queryStatement + "\n" + `len(dbResult['result'])` + " orders retrieved from database") ecommerce.queryFunctionButtons(1, declarations.store_info['help_file']) else: ecommerce.queryFunctionButtons(0, declarations.store_info['help_file']) ecommerce.queryHiddenFields(username, password) print "</FORM>" try: ecommerce.trailer(table_data, db) db.close() except NameError: pass print '</TD>' print '</TR>' print '</TABLE>' print '</CENTER>' print "</BODY>" print "</HTML>" if form.has_key("performDbQuery") or performDbQuery == 1: return dbResult else: return {'status' : 'success', 'message' : 'query successful', 'result' : 0}
ecommerce.generate_form_javascript(table_data,'product_categories','product_categories_admin',0,0) ecommerce.title("Product Categories Administration") print "</HEAD>" ecommerce.bodySetup() ecommerce.mainHeading('Product Categories Administration') ecommerce.subHeading('Edit Product Categories Values') ecommerce.formSetup("product_categories_admin","product_categories_admin","return submitForm(document.product_categories_admin)",declarations.store_info['db_name']) dbResult = ecommerce.connectDB(form["uHidden"].value, form["pHidden"].value,declarations.store_info['db_name']) if dbResult['status'] != 'success': ecommerce.alertsArea(form, "Could not connect to the database\n" + dbResult['message']); else: db = dbResult['result'] sqlStatement = ecommerce.selectAllColumnsSqlStatement(table_data,'product_categories',form["key_id"].value,'category') #print sqlStatement dbResult = ecommerce.executeSQL(db, sqlStatement) if dbResult['status'] != 'success':
def query_properties(performDbQuery=0, onLoad=None, queryFields=None): table_data = declarations.define_tables() print "<HTML>" print "<HEAD>" ecommerce.javaScript("view_properties", 1) ecommerce.title("Property Listing") print "</HEAD>" ecommerce.bodySetup(onLoad) print '<CENTER>' print '<TABLE COLS=1 WIDTH=585>' print '<TR><TD>' ecommerce.mainHeading('Property Listing') ecommerce.subHeading('View Properties') ecommerce.formSetup("view_properties", "view_properties", "return submitForm(document.view_properties)", declarations.store_info['db_name']) if form.has_key("performDbQuery") or performDbQuery == 1: dbResult = ecommerce.connectDB( declarations.store_info['browser_username'], declarations.store_info['browser_password'], declarations.store_info['db_name']) # could not connect to db if dbResult['status'] != 'success': ecommerce.alertsArea( form, "Can not connect to database,\n" + dbResult['message']) # connected to db ecommerce.queryFunctionButtons( 0, declarations.store_info['help_file']) else: db = dbResult['result'] queryFields, whereFields = ecommerce.getQueryWhereFields( form, table_data, 'properties') if queryFields == None or queryFields == []: queryFields = [] whereFields = None queryFields.append('town') queryFields.append('price') queryFields.append('square_footage') dbResult, queryStatement = ecommerce.executeQuery( db, table_data, 'properties', queryFields, whereFields, 'query', ecommerce.viewPropertiesFunctionsHtml, 'ORDER BY id', 'id', "display_property = 't'", ['order_id', 'customer_id', 'display_property', 'image']) # if query was not successful if dbResult['status'] != 'success': ecommerce.alertsArea( form, "Could not retrieve properties from database,\n" + dbResult['message']) # else properties were retrieved ok else: ecommerce.alertsArea( form, "Last Query Statement: " + queryStatement + "\n" + ` len(dbResult['result']) ` + " properties retrieved from database") ecommerce.viewPropertiesFunctionButtons( declarations.store_info['help_file']) else: ecommerce.viewPropertiesFunctionButtons( declarations.store_info['help_file']) ecommerce.viewPropertiesHiddenFields( declarations.store_info['browser_username'], declarations.store_info['browser_password']) print "</FORM>" try: ecommerce.trailer(table_data, db) db.close() except NameError: pass print '</TD>' print '</TR>' print '</TABLE>' print '</CENTER>' print "</BODY>" print "</HTML>" if form.has_key("performDbQuery") or performDbQuery == 1: return dbResult else: return { 'status': 'success', 'message': 'query successful', 'result': 0 }
else: browser = "No Known Browser" if os.environ.has_key("SCRIPT_NAME"): posturl = os.environ["SCRIPT_NAME"] else: posturl = "" form = cgi.FieldStorage(keep_blank_values=1) if form.has_key('name'): table_data = declarations.define_tables() dbResult = ecommerce.connectDB(declarations.store_info['browser_username'], declarations.store_info['browser_password'], declarations.store_info['db_name']) if dbResult['status'] != 'success': print '<HTML><HEAD><TITLE>ERROR: Can not connect to db.</TITLE><BODY>' print 'Can not connect to database.' print '</BODY></HTML>' sys.exit(1) else: db = dbResult['result'] sqlStatement = ecommerce.selectAllColumnsSqlStatement( table_data, 'store_info', '1')
def create_db(self): import declarations os.system('destroydb %s' % (self.db_name)) os.system("createdb %s" % (self.db_name)) os.system("/usr/bin/destroyuser " + self.db_admin_username) print "Answer NO to the next prompt" os.system("/usr/bin/createuser -i 1000 -D -U " + self.db_admin_username) os.system("/usr/bin/destroyuser " + self.visitor_username) print "Answer NO to the next prompt" os.system("/usr/bin/createuser -i 2000 -D -U " + self.visitor_username) dbResult = ecommerce.connectDB(self.postgres_username, self.postgres_password, self.db_name) if dbResult['status'] != "success": print dbResult['message'] sys.exit(1) db = dbResult['result'] queryResult = ecommerce.executeSQL( db, "DELETE FROM pg_group WHERE groname = 'admins'") queryResult = ecommerce.executeSQL( db, "INSERT INTO pg_group (groname, grosysid, grolist) VALUES ('admins', '1', '{1000}')" ) if queryResult["status"] != 'success': print queryResult["status"] sys.exit(1) queryResult = ecommerce.executeSQL( db, "DELETE FROM pg_group WHERE groname = 'users'") queryResult = ecommerce.executeSQL( db, "INSERT INTO pg_group (groname, grosysid, grolist) VALUES ('users', '2', '{2000}')" ) if queryResult["status"] != 'success': print queryResult["status"] sys.exit(1) queryResult = ecommerce.executeSQL( db, "ALTER USER postgres WITH PASSWORD " + self.postgres_password) if queryResult["status"] != 'success': print queryResult['message'] sys.exit(1) queryResult = ecommerce.executeSQL( db, "ALTER USER %s WITH PASSWORD %s IN GROUP admins" % (self.db_admin_username, self.db_admin_password)) if queryResult["status"] != 'success': print queryResult['message'] sys.exit(1) queryResult = ecommerce.executeSQL( db, "ALTER USER %s WITH PASSWORD %s IN GROUP users" % (self.visitor_username, self.visitor_password)) if queryResult["status"] != 'success': print queryResult['message'] sys.exit(1) queryResult = ecommerce.create_tables(db, declarations.define_tables(), 1) if queryResult["status"] != 'success': print queryResult['message'] sys.exit(1) status, populate_tables = file_io.readFromFile(self.db_name + '.tables') for index in xrange(0, len(populate_tables)): populate_tables[index] = string.strip(populate_tables[index]) if populate_tables[index] == '': del populate_tables[index] elif populate_tables[index][:4] == 'COPY': populate_tables[index] = os.path.expandvars( populate_tables[index]) queryResult = ecommerce.executeSqlItemList(db, populate_tables, 1, 1) if queryResult["status"] != 'success': print queryResult print "Failed to execute all populate table statements" sys.exit(1) grantList = [] privileges = declarations.table_privileges() for table_name in privileges.keys(): for user_name in privileges[table_name].keys(): grantStatement = "GRANT " for privilege in privileges[table_name][user_name]: grantStatement = grantStatement + privilege + ", " grantStatement = grantStatement[: -2] + " ON " + table_name + " TO " + user_name grantList.append(grantStatement) # grant all privileges to the db admin grantList.append("GRANT ALL ON " + table_name + " TO " + self.db_admin_username) queryResult = ecommerce.executeSqlItemList(db, grantList, 1) if queryResult["status"] != 'success': print "Failed to execute all GRANTS" sys.exit(1)
def query_properties(performDbQuery=0, onLoad=None, queryFields=None): table_data = declarations.define_tables() print "<HTML>" print "<HEAD>" ecommerce.javaScript("customer_property_admin", 1) ecommerce.title("Customer Property Administration") print "</HEAD>" ecommerce.bodySetup(onLoad) print '<CENTER>' print '<TABLE COLS=1 WIDTH=585>' print '<TR><TD>' ecommerce.mainHeading('Customer Property Administration') ecommerce.subHeading('Property Listing') ecommerce.formSetup("customer_property_admin", "customer_property_admin", "return submitForm(document.customer_property_admin)", declarations.store_info['db_name']) if form.has_key("customer_id"): customer_id = form["customer_id"].value else: if form.has_key("cHidden"): customer_id = form["cHidden"].value else: customer_id = '' if form.has_key("username"): username = form["username"].value else: if form.has_key("uHidden"): username = form["uHidden"].value else: username = '' if form.has_key("password"): password = form["password"].value else: if form.has_key("pHidden"): password = form["pHidden"].value else: password = '' print '<TABLE><BORDER=0>' print '<TR>' ecommerce.tableColumn('<B>Customer ID:</B>') print '<TD ALIGN=CENTER NOWRAP>' ecommerce.textbox(None, 'customer_id', customer_id, '10', '10', "checkBlankField(this, 'Customer ID')", "displayHint('Enter your customer id')") print '</TD>' ecommerce.tableColumn('<B>Username:</B>') print '<TD ALIGN=CENTER NOWRAP>' ecommerce.textbox(None, 'username', username, '9', '9', "checkBlankField(this, 'Username')", "displayHint('Enter your username')") print '</TD>' ecommerce.tableColumn('<B>Password:</B>') print '<TD ALIGN=CENTER NOWRAP>' ecommerce.textbox(None, 'password', password, '8', '8', "checkBlankField(this, 'Password')", "displayHint('Enter your password')", 'password') print '</TD>' print '</TR>' print '</TABLE>' if form.has_key("performDbQuery") or performDbQuery == 1: dbResult = ecommerce.connectDB( declarations.store_info['browser_username'], declarations.store_info['browser_password'], declarations.store_info['db_name']) # could not connect to db if dbResult['status'] != 'success': ecommerce.alertsArea( form, "Can not connect to database,\n" + dbResult['message']) print '<HR>' print '<TABLE>' print '<TR>' ecommerce.tableColumn( '<INPUT NAME="query" type="button" value=" Query " onClick="return execute(' + "'query'" + ')">') ecommerce.tableColumn( '<INPUT TYPE="button" NAME="help" VALUE=" Help " onClick="return goto_url (' + "'" + help_pdf + "'" + ')">') print '</TR>' print '</TABLE>' else: db = dbResult['result'] # validate username password and customer id dbResult = ecommerce.executeSQL( db, "SELECT count(*) FROM customers WHERE id = '" + string.strip(customer_id) + "' AND account_username = '******' AND account_password = '******'") if dbResult['status'] != 'success': ecommerce.alertsArea( form, "Could not validate customer information provided\n" + dbResult['message']) ecommerce.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden') ecommerce.textbox(None, 'action', '', '10', '10', None, None, 'hidden') ecommerce.textbox(None, 'cHidden', customer_id, '10', '10', None, None, 'hidden') ecommerce.textbox(None, 'uHidden', username, '9', '9', None, None, 'hidden') ecommerce.textbox(None, 'pHidden', password, '8', '8', None, None, 'hidden') print "</FORM>" ecommerce.trailer(table_data, db) print '</TD>' print '</TR>' print '</TABLE>' print '</CENTER>' print "</BODY>" print "</HTML>" else: result = dbResult['result'] if result[0]['count'] != 1: ecommerce.alertsArea( form, "Could not validate customer information provided\n" + dbResult['message']) print '<HR>' print '<TABLE>' print '<TR>' ecommerce.tableColumn( '<INPUT NAME="query" type="button" value=" Query " onClick="return execute(' + "'query'" + ')">') ecommerce.tableColumn( '<INPUT TYPE="button" NAME="help" VALUE=" Help " onClick="return goto_url (' + "'" + help_pdf + "'" + ')">') print '</TR>' print '</TABLE>' ecommerce.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden') ecommerce.textbox(None, 'action', '', '10', '10', None, None, 'hidden') ecommerce.textbox(None, 'cHidden', customer_id, '10', '10', None, None, 'hidden') ecommerce.textbox(None, 'uHidden', username, '9', '9', None, None, 'hidden') ecommerce.textbox(None, 'pHidden', password, '8', '8', None, None, 'hidden') print "</FORM>" ecommerce.trailer(table_data, db) print '</TD>' print '</TR>' print '</TABLE>' print '</CENTER>' print "</BODY>" print "</HTML>" sys.exit(1) queryFields, whereFields = ecommerce.getQueryWhereFields( form, table_data, 'properties') if queryFields == None or queryFields == []: queryFields = [] whereFields = None queryFields.append('id') queryFields.append('town') queryFields.append('style') queryFields.append('bedrooms') queryFields.append('price') dbResult, queryStatement = ecommerce.executeQuery( db, table_data, 'properties', queryFields, whereFields, 'query', queryCustomerItemHtml, 'ORDER BY id', 'id', "customer_id='" + customer_id + "' and display_property = 't'") # if query was not successful if dbResult['status'] != 'success': ecommerce.alertsArea( form, "Could not retrieve properties from database,\n" + dbResult['message']) # else properties were retrieved ok else: ecommerce.alertsArea( form, "Last Query Statement: " + queryStatement + "\n" + ` len(dbResult['result']) ` + " properties retrieved from database") print '<HR>' print '<TABLE>' print '<TR>' ecommerce.tableColumn( '<INPUT NAME="query" type="button" value=" Query " onClick="return execute(' + "'query'" + ')">') ecommerce.tableColumn( '<INPUT TYPE="button" NAME="help" VALUE=" Help " onClick="return goto_url (' + "'" + help_pdf + "'" + ')">') print '</TR>' print '</TABLE>' else: print '<HR>' print '<TABLE>' print '<TR>' ecommerce.tableColumn( '<INPUT NAME="query" type="button" value=" Query " onClick="return execute(' + "'query'" + ')">') ecommerce.tableColumn( '<INPUT TYPE="button" NAME="help" VALUE=" Help " onClick="return goto_url (' + "'" + help_pdf + "'" + ')">') print '</TR>' print '</TABLE>' ecommerce.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden') ecommerce.textbox(None, 'action', '', '10', '10', None, None, 'hidden') ecommerce.textbox(None, 'cHidden', customer_id, '10', '10', None, None, 'hidden') ecommerce.textbox(None, 'uHidden', username, '9', '9', None, None, 'hidden') ecommerce.textbox(None, 'pHidden', password, '8', '8', None, None, 'hidden') print "</FORM>" try: ecommerce.trailer(table_data, db) db.close() except NameError: pass print '</TD>' print '</TR>' print '</TABLE>' print '</CENTER>' print "</BODY>" print "</HTML>" if form.has_key("performDbQuery") or performDbQuery == 1: return dbResult else: return { 'status': 'success', 'message': 'query successful', 'result': 0 }
def edit_store_info(performDbQuery=0, onLoad=None, queryFields=None): table_data = declarations.define_tables() print "<HTML>" print "<HEAD>" ecommerce.javaScript("store_admin", 1) ecommerce.title("Store Administration") print "</HEAD>" ecommerce.bodySetup(onLoad) ecommerce.mainHeading('Store Administration') ecommerce.subHeading('Store Info') ecommerce.formSetup("store_admin", "store_admin", "return submitForm(document.store_admin)", declarations.store_info['db_name']) if form.has_key("username"): username = form["username"].value else: if form.has_key("uHidden"): username = form["uHidden"].value else: username = '' if form.has_key("password"): password = form["password"].value else: if form.has_key("pHidden"): password = form["pHidden"].value else: password = '' ecommerce.usernamePasswordDisplay(username, password) if form.has_key("performDbQuery") or performDbQuery == 1: dbResult = ecommerce.connectDB(username, password, declarations.store_info['db_name']) # could not connect to db if dbResult['status'] != 'success': ecommerce.alertsArea( form, "Can not connect to database,\n" + dbResult['message']) # connected to db storeButtons() else: db = dbResult['result'] sqlStatement = ecommerce.selectAllColumnsSqlStatement( table_data, 'store_info', form["key_id"].value) dbResult = ecommerce.executeSQL(db, sqlStatement) if dbResult['status'] != 'success': ecommerce.alertsArea( form, "Could not retrieve store information\n" + dbResult['message']) else: result = dbResult['result'] table_data = ecommerce.dbToTableData(table_data, 'store_info', result[0]) ecommerce.table_data['store_info']['id']['value'] = '1' ecommerce.display_form(table_data, 'store_info', 1, 'useValues', 1, db) ecommerce.alertsArea( form, "Store Information retrieved successfully") storeButtons(button_name='save') ecommerce.editHiddenFields(form["uHidden"].value, form["pHidden"].value) else: storeButtons(button_name='edit') ecommerce.editHiddenFields(username, password, '1') print "</FORM>" try: ecommerce.trailer(table_data, db) db.close() except NameError: pass print "</BODY>" print "</HTML>" if form.has_key("performDbQuery") or performDbQuery == 1: return dbResult else: return { 'status': 'success', 'message': 'query successful', 'result': 0 }