#!/usr/bin/python3
import Helpers.db as db
import Helpers.myparser as parser
import os, sys
import Helpers.validator as validator
import Helpers.structure as structure
import Helpers.nav as nav
db.connectDB()
cookie = parser.parseCookie(os.getenv("HTTP_COOKIE"))
autenticate = db.checkSession(parser.parseCookie(os.getenv("HTTP_COOKIE"))) if validator.validateSession(cookie) else None
if autenticate != None :
referer = os.getenv("HTTP_REFERER")
cartItem = parser.parseData(sys.stdin.read())
result = db.addToCart(cartItem['itemID'], autenticate)
if result == None :
#Error agregando el item
print("Content-Type: text/html\r\n\r\n")
structure.printStartSection()
nav.printNav(autenticate, db.cartCount(autenticate))
print("Error agregando al carrito. Intentelo de nuevo (refresque el sitio) </br> ")
print('<a href="' + referer + '" > Regresar a la página anterior.')
else :
#Redirect a la pagina anterior
print("Location: " + referer)
print()
else :
#Redirect a LOGIN
#print("Location: http://localhost/cgi-bin/MA-Shop/security_ec_shop/login.py")
<label for="name">Item Name*: </label>
<input id="name" name="name" maxlength="50" /><br />
<label for="description">Description*: </label>
<input id="description" name="description"
maxlength="100" /><br />
<label for="price">Price*: </label>
<input id="price" name="price"
maxlength="25" type="number" /><br />
<button id="submit">Submit</button>
</form></div>"""
print(form)
# Post method
if os.getenv("REQUEST_METHOD") == 'POST':
post_params = sys.stdin.read()
item = parser.parseData(post_params)
result = validator.validateItem(item)
if result == True :
db.connectDB()
# Insert into DB Items
db.insertItem("id", item['name'], item['price'], item['description'], autenticate)
print ("""\<div>
<h2>Item added succesfully!
<a href="index.py">Go back to Home</a></h2>""")
elif result == 2 :
print ("""\
<div>
<p>Please, write only numbers and letters.</p></div>
""")
elif result == 3 :
print ("""\
<br />
<button>Submit</button>
</form>
</div>
</div>"""
if os.getenv("REQUEST_METHOD") == 'GET':
print("Content-Type: text/html")
print()
structure.printStartSection()
nav.printNav(None)
print(form)
if os.getenv("REQUEST_METHOD") == 'POST':
post_params = sys.stdin.read()
user = parser.parseData(post_params)
print("Content-Type: text/html")
print()
structure.printStartSection()
nav.printNav(None)
result = validator.validateUser(user)
if result == True:
db.connectDB()
db.insertUser("id", user['firstname'], user['lastname'], user['email'],
user['password'], user['username'], user['telephone'],
user['address'])
print("""\
<div>
<h2>User added succesfully: <a href="login.py">Clic to login</a></h2></div>
""")
elif result == 2:
import Helpers.myparser as parser
import Helpers.db as db
import Helpers.structure as structure
import Helpers.nav as nav
import Helpers.validator as validator
import os, sys
print("Content-Type: text/html\r\n\r\n")
#print(os.getenv("QUERY_STRING"))
#print(os.getenv("REQUEST_METHOD"))
if os.getenv("REQUEST_METHOD") == 'GET':
db.connectDB()
cookie = parser.parseCookie(os.getenv("HTTP_COOKIE"))
autenticate = db.checkSession(parser.parseCookie(os.getenv(
"HTTP_COOKIE"))) if validator.validateSession(cookie) else None
structure.printStartSection()
nav.printNav(autenticate, db.cartCount(autenticate))
structure.printSearchForm()
item = parser.parseData(os.getenv("QUERY_STRING"))
if validator.validateEntryLenght(
item['search'], 1, 50) and validator.validateAplhaNumericEntry(
item['search']) != None:
data = db.search(item['search'])
structure.printItemContents(data, 1)
else:
print(""" <div> <p> The search string recieved unexpected characters.
Please enter only alphabetic characters </p> </div> """)
<input id="email" name="email" maxlength="50" type="text" /><br />
<label for="firstname">Name*: </label>
<input id="firstname" name="firstname" maxlength="25" type="text" /><br />
<label for="lastname">Lastname*: </label>
<input id="lastname" name="lastname" maxlength="25" type="text" /><br />
<br/>
<label for="comment">Your comment/doubt/feedback*: </label>
<br/><br/>
<textarea name="comment" form="commentForm">Enter text here...</textarea> <br/>
<button id="submit">Submit</button>
</form>
<br>
</div>""")
# Post method
if os.getenv("REQUEST_METHOD") == 'POST':
print("Content-Type: text/html\r\n\r\n")
post_params = sys.stdin.read()
feed = parser.parseData(post_params)
send_email(feed['email'], feed['firstname'], feed['lastname'], feed['comment'])
print ("""\<div>
<h2>Your comment was sent succesfully!
<a href="index.py">Go back to Home</a></h2>""")
<br />
<label for="password">Password: </label>
<input id="password" name="password" maxlength="25" type="password" />
<br />
<button>Login</button>
</form></div>"""
if os.getenv("REQUEST_METHOD") == 'GET':
print("Content-Type: text/html;\r\n\r\n")
structure.printStartSection()
nav.printNav(None)
print(login_form)
if os.getenv("REQUEST_METHOD") == 'POST':
post_params = sys.stdin.read()
login_intent = parser.parseData(post_params)
validation = validator.validateLogin(login_intent)
if validation == False :
print("Content-Type: text/html;\r\n\r\n")
structure.printStartSection()
nav.printNav(None)
print(login_form)
print("""\<p style="color:red">Authentication error, try again</p>""")
else :
db.connectDB()
res = db.login(login_intent['username'],login_intent['password'])
if res != None :
if res != -1 :
print("Set-Cookie: SessionID=" + res['sessionID'] + ";")
print("Set-Cookie: Expires=" + res['expiration'] + ";")
#print("Location: http://localhost/cgi-bin/MA-Shop/security_ec_shop/index.py")
<div>
<form method="POST">
<label for="address">Enter the addres to deliver your items: </label>
<input id="address" name="address" maxlength="100" type="text" />
<button>Submit</button>
</form>
<p> Your items to be delivered: </p>
</div>
"""
if os.getenv("REQUEST_METHOD") == 'GET':
print(form)
items = db.getCartItems(autenticate)
if os.getenv("REQUEST_METHOD") == 'POST':
deliveryAddress = parser.parseData(sys.stdin.read())
result = validator.validateAddress(deliveryAddress)
if result == True:
items = db.getCartItems(autenticate)
db.clearCart(autenticate)
print("""\
<div>
<p> Your items will be delivered at:
""" + deliveryAddress['address'] + """\
<br />List of items to be delivered: </p>
</div>
""")
else:
items = db.getCartItems(autenticate)
print("""<div>
<p> The address should contain only letters, numbers, dots or commas, anything else, we think is suspicious</p>