def get_assembly_subset(pen_id, children, parents=None): # All assemblies if children and parents is None: return app.query_db( "select * from nodes where num_children>0 and pen_id=?;", (pen_id, )) # All top-level assemblies elif children and not parents: return app.query_db( "select * from nodes where num_children>0 and num_parents<1 and pen_id=?;", (pen_id, )) # All subassemblies elif children and parents: return app.query_db( "select * from nodes where num_children>0 and num_parents>0 and pen_id=?;", (pen_id, )) # All component parts elif not children and parents: return app.query_db( "select * from nodes where num_children<1 and num_parents>0 and pen_id=?;", (pen_id, )) # All orphan parts elif not children and not parents: return app.query_db( "select * from nodes where num_children<1 and num_parents<1 and pen_id=?;", (pen_id, ))
def stream(username): form = PostForm() user = query_db('SELECT * FROM Users WHERE username= ?;', (username, ), one=True) if not user: return error() if form.is_submitted(): if form.image.data: path = os.path.join(app.config['UPLOAD_PATH'], form.image.data.filename) form.image.data.save(path) query_db( 'INSERT INTO Posts (u_id, content, image, creation_time) VALUES (?, ?, ?, ?);', (user['id'], form.content.data, form.image.data.filename, datetime.now())) return redirect(url_for('stream', username=username)) posts = query_db( 'SELECT p.*, u.*, (SELECT COUNT(*) FROM Comments WHERE p_id=p.id) AS cc FROM Posts AS p JOIN Users AS u ON u.id=p.u_id WHERE p.u_id IN (SELECT u_id FROM Friends WHERE f_id={0}) OR p.u_id IN (SELECT f_id FROM Friends WHERE u_id={0}) OR p.u_id={0} ORDER BY p.creation_time DESC;' .format(user['id'])) return render_template('stream.html', title='Stream', username=username, form=form, posts=posts)
def stream(username): if (current_user.username != username): return redirect(url_for('stream', username=current_user.username)) else: form = PostForm() user = query_db('SELECT * FROM Users WHERE username=?', username, one=True) if form.is_submitted() and form.validate_on_submit(): content = sanitizeStr(form.content.data, strip=False) if form.image.data: filename = photos.save(form.image.data) else: filename = None # if both content and image is blank. if form.content.data == '' and not form.image.data: return redirect( url_for('stream', username=current_user.username)) query_db( 'INSERT INTO Posts (u_id, content, image, creation_time) VALUES(?, ?, ?, ?)', user['id'], content, filename, datetime.now()) return redirect(url_for('stream', username=current_user.username)) posts = query_db( 'SELECT p.*, u.*, (SELECT COUNT(*) FROM Comments WHERE p_id=p.id) AS cc FROM Posts AS p JOIN Users AS u ON u.id=p.u_id WHERE p.u_id IN (SELECT u_id FROM Friends WHERE f_id=?) OR p.u_id IN (SELECT f_id FROM Friends WHERE u_id=?) OR p.u_id=? ORDER BY p.creation_time DESC', user['id'], user['id'], user['id']) return render_template('stream.html', title='Stream', username=username, form=form, posts=posts)
def load_user(self,login_user, password, ambient): #Verifica se Ambiente é válido cmd = "SELECT string_to_array(string_agg(replace(banco_dados,'softrans_sb','softlog_sb'),','),',') FROM string_conexoes" ambients = query_db(1,cmd,None,True) if ('softlog_' + ambient) not in ambients[0]: return None #Verifica usuario cmd = """SELECT id_usuario, trim(nome_usuario) as nome_usuario, trim(email) as email, id_usuario as id_usuario, trim(login_name) as login, senha FROM usuarios WHERE id_usario = '%i' """ % current_user.id_usuario user = query_db('softlog_' + ambient, cmd, None, True) if user is None: self.user = None return None if user['senha'] != password: return None else: return user
def friends(username): if username != session["user"]: session["err"] = "trying to get into anothers friendlist" return redirect(url_for('error')) form = FriendsForm() query = ('SELECT * FROM Users WHERE username=?;', (username, )) user = query_db(query, one=True) if form.is_submitted(): query = ('SELECT * FROM Users WHERE username=?;', (form.username.data, )) friend = query_db(query, one=True) if friend is None: flash('User does not exist') else: query = ('INSERT INTO Friends (u_id, f_id) VALUES(?, ?);', (user['id'], friend['id'])) query_db(query) query = ( 'SELECT * FROM Friends AS f JOIN Users as u ON f.f_id=u.id WHERE f.u_id=? AND f.f_id!=? ;', (user['id'], user['id'])) all_friends = query_db(query) return render_template('friends.html', title='Friends', username=username, friends=all_friends, sessionuser=session["user"], form=form)
def friends(username): if (current_user.username != username): return redirect(url_for('friends', username=current_user.username)) else: form = FriendsForm() user = query_db('SELECT * FROM Users WHERE username=?', username, one=True) if form.is_submitted(): userSearch = sanitizeStr(form.username.data) friend = query_db('SELECT * FROM Users WHERE username=?', userSearch, one=True) if friend is None: flash('User does not exist') else: query_db('INSERT INTO Friends (u_id, f_id) VALUES(?, ?)', user['id'], friend['id']) all_friends = query_db( 'SELECT * FROM Friends AS f JOIN Users as u ON f.f_id=u.id WHERE f.u_id=? AND f.f_id!=?', user['id'], user['id']) return render_template('friends.html', title='Friends', username=username, friends=all_friends, form=form)
def stream(username): user = query_db( 'SELECT * FROM Users WHERE username="******";'.format(username), one=True) if user == None: flash('You are not logged in') return redirect(url_for('index')) elif user['password'] == session.get('password'): # show page form = PostForm() user = query_db( 'SELECT * FROM Users WHERE username="******";'.format(username), one=True) if form.validate_on_submit(): if form.image.data: path = os.path.join(app.config['UPLOAD_PATH'], form.image.data.filename) form.image.data.save(path) query_db( 'INSERT INTO Posts (u_id, content, image, creation_time) VALUES({}, "{}", "{}", \'{}\');' .format(user['id'], form.content.data, form.image.data.filename, datetime.now())) return redirect(url_for('stream', username=username)) posts = query_db( 'SELECT p.*, u.*, (SELECT COUNT(*) FROM Comments WHERE p_id=p.id) AS cc FROM Posts AS p JOIN Users AS u ON u.id=p.u_id WHERE p.u_id IN (SELECT u_id FROM Friends WHERE f_id={0}) OR p.u_id IN (SELECT f_id FROM Friends WHERE u_id={0}) OR p.u_id={0} ORDER BY p.creation_time DESC;' .format(user['id'])) return render_template('stream.html', title='Stream', username=username, form=form, posts=posts) else: return redirect(url_for('stream', username=session.get('username')))
def get_chaves_cte(lst_id_nfs, parceiro_cnpj, redespachador_cnpj): #Identifica o id do banco de dados do parceiro cmd = qry_db % ("'" + parceiro_cnpj.strip() + "'") r = query_db(1,cmd) if len(r) > 0: id_db_parceiro = r[0]['id_bd'] else: return '' cmd = qry_cte % (lst_id_nfs,redespachador_cnpj) nfes = query_db(id_db_parceiro,cmd) if len(nfes) == 0: return '' lista_chaves = [] for nf in nfes: print(nf['chave_cte']) lista_chaves.append(str(nf['id_nota_fiscal_imp']) + '_' + nf['chave_cte']) #print('Lista Chaves', str(lista_chaves)) return ','.join(lista_chaves)
def load_empresa(self,empresa,ambient): cmd = "SELECT * FROM empresa WHERE codigo_empresa = '%s'" % (empresa) if ambient not in ['softrans_sb','softlog']: r = query_db('softlog_' + ambient, cmd, None, True) else: r = query_db(ambient, cmd, None, True) self.reg_empresa = r return r
def load_filial(self,empresa,filial,ambient): cmd = "SELECT * FROM filial WHERE codigo_empresa = '%s' AND codigo_filial = '%s'" % (empresa, filial) if ambient not in ['softrans_sb','softlog']: r = query_db('softlog_' + ambient, cmd, None, True) else: r = query_db(ambient, cmd, None, True) self.reg_filial = r return r
def remove_part(id): app.edit_db("delete from nodes where id=?;", (id, )) parent_edges = app.query_db( "select from_node_id, to_node_id from edges where to_node_id=?", (id, )) for edge in parent_edges: remove_edge(edge['from_node_id'], edge['to_node_id']) child_edges = app.query_db( "select from_node_id, to_node_id from edges where from_node_id=?", (id, )) for edge in child_edges: remove_edge(edge['from_node_id'], edge['to_node_id'])
def load_filiais(self,ambient): if self.empresa is None: cmd = "SELECT * FROM filial ORDER BY codigo_empresa, codigo_filial" else: cmd = "SELECT * FROM filial WHERE codigo_empresa = '%s' ORDER BY codigo_empresa, codigo_filial" % self.empresa if ambient not in ['softrans_sb','softlog']: r = query_db('softlog_' +ambient,cmd,None,False) else: r = query_db(ambient,cmd,None,False) self.filiais = r return r
def post(self): #Consulta todos banco de dados qry_db = """ SELECT id_string_conexao, usuario, senha, port, host, banco_dados FROM string_conexoes WHERE softlog_integracao = 1 """ dbs = query_db(1,qry_db) lista_filial = [] for db in dbs: qry_filial = """ SELECT cnpj, trim(razao_social) as razao_social FROM filial """ filiais = query_db(db['id_string_conexao'],qry_filial) for f in filiais: lista_filial.append(f) qry_parceiro = """ SELECT id FROM edi_parceiros WHERE cnpj_cpf = '%s' AND id_bd = %i """ % (f['cnpj'],db['id_string_conexao']) parceiro = query_db(1,qry_parceiro) if len(parceiro) == 0: #print('Cadastrando parceiro!') upd_parceiro = """ INSERT INTO edi_parceiros (id_bd, cnpj_cpf, razao_social) VALUES (%i,'%s','%s') """ % (db['id_string_conexao'],f['cnpj'],f['razao_social']) db_main = get_db(1) cur = db_main.cursor() cur.execute(upd_parceiro) cur.close() db_main.commit() return lista_filial
def create(req): new_record = req.form['url'] exists = find_by_url(new_record) if exists == []: alias = url_shortener.generator() return_value = app.query_db( 'insert into urls (actual_url, alias_url) values (?, ?);', (new_record, alias)) check_value = app.query_db( 'select actual_url, alias_url from urls where alias_url = (?);', (alias, )) return check_value, 201 else: alias = exists[0][2] return alias, 202
def get_data_dashboard(self, id_dash, empresa, filial, data_ref=None): """Retorna as configuracoes de um dashboard""" if data_ref: p_var_aux = "'" + data_ref + "'" else: p_var_aux = 'NULL' if filial is not None and empresa is not None: cmd = """ SELECT f_dashboard_view(%i, '%s', '%s',%s) as dados """ % (id_dash,empresa,filial, p_var_aux) elif empresa is not None: cmd = """ SELECT f_dashboard_view(%i, '%s',NULL,%s) as dados """ % (id_dash,empresa,p_var_aux) else: cmd = """ SELECT f_dashboard_view(%i, NULL,NULL,%s) as dados """ % (id_dash,p_var_aux) r = query_db(self.id_db, cmd, None, True) return r['dados']
def getOcorrencias(id_acesso): str_sql = """WITH t AS ( WITH temp AS ( SELECT row_to_json(row) as dados FROM ( SELECT codigo_edi as id_ocorrencia, trim(ocorrencia) as ocorrencia, pendencia FROM scr_ocorrencia_edi WHERE ocorrencia_coleta = 0 ORDER BY codigo_edi ) row ) SELECT array_agg(temp.dados) as ocorrencias FROM temp ) SELECT row_to_json(t) FROM t """ r = query_db(id_acesso,str_sql,None,True) return r[0]
def get_veiculos(self, id_acesso): str_sql = """WITH veiculos AS ( WITH temp AS ( SELECT row_to_json(row,true) as veiculos FROM ( SELECT trim(placa_veiculo) as placa_veiculo, (COALESCE(trim(nome_marca),'') || ' - ' || COALESCE(trim(descricao_modelo),'')) as descricao FROM v_veiculos ORDER BY placa_veiculo ) row ) SELECT array_agg(veiculos) as veiculos FROM temp ) SELECT row_to_json(v) as veiculos FROM veiculos v""" r = query_db(id_acesso, str_sql, None, True) ##print(str_sql) try: if r[0] is None: return None except: return None return r[0]
def survey(): if 'logged_in' not in session or not session['logged_in']: return redirect(url_for('login')) qns = query_db('select * from questions_list') # print(':(') if request.method == 'POST': results = {} # print(':)') for i in range(1, len(qns) + 1): # print(i) results[i] = int(request.form[str(i)]) scores = processData(results) # print('hi') code = 'abc' with app.app_context(): db = get_db() query_string = 'INSERT INTO score_list (user_id, code, growth, confidence, strategic, productive, team) VALUES ' data_string = '(' + str( session['id']) + ', "' + code + '", "' + str( scores['growth']) + '", "' + str( scores['confidence']) + '", "' + str( scores['strategic']) + '", "' + str( scores['productive']) + '", "' + str( scores['team']) + '");' db.execute(query_string + data_string) db.commit() return redirect(url_for('index')) return render_template('surveypage.html', questions=qns)
def insert_user(detail_dict): keys = list(detail_dict.keys()) prequel_string = 'INSERT INTO `user_details` (' + ','.join( ["`" + str(key) + "`" for key in keys]) + ') ' format_data = [] for x in keys: if is_number(detail_dict[x]): format_data.append(str(detail_dict[x])) else: format_data.append("'" + detail_dict[x] + "'") data_string = 'VALUES (' + ', '.join(format_data) + ');' # print("Prequel") # print(prequel_string) # print("Data") # print(data_string) query_string = prequel_string + data_string with app.app_context(): # insert the user db = get_db() cur = get_db().execute(query_string) # check for debugging print("Newly inserted user") new_user = query_db('select * from user_details where username = ?', [detail_dict['username']], one=True) if new_user is None: print("something is wrong") else: print("Yay new user!") print(new_user)
def index(): if "user" in session.keys(): if session["user"]: return redirect( url_for('stream', username=session["user"], sessionuser=session["user"])) else: session["user"] = None form = IndexForm() if form.login.validate_on_submit(): username_entered = form.login.username.data password_entered = form.login.password.data query = ('SELECT * FROM Users WHERE username=?;', (username_entered, )) user = query_db(query, one=True) if user == None: flash("Username or password incorrect") elif not pbkdf2_sha256.verify(password_entered, user['password']): flash("Username or password incorrect") elif pbkdf2_sha256.verify(password_entered, user['password']): session["user"] = form.login.username.data return redirect( url_for('stream', username=username_entered, sessionuser=session["user"])) elif form.register.validate_on_submit(): username = form.register.username.data password = form.register.password.data encrypt_pswd = pbkdf2_sha256.hash( password ) #Hashes and adds a 16byte salt, by default adds 29000 iterations. query = 'SELECT * FROM Users WHERE username=?;', (username, ) user = query_db(query, one=True) if user == None: query = 'INSERT INTO Users (username, first_name, last_name, password) VALUES(?, ?, ?, ?);', ( form.register.username.data, form.register.first_name.data, form.register.last_name.data, encrypt_pswd) query_db(query, one=True) return redirect(url_for('index')), flash('New user registered!') else: flash('Username already exists.') return render_template('index.html', title='Welcome', form=form)
def profile(username): form = ProfileForm() if form.is_submitted(): query_db( 'UPDATE Users SET education="{}", employment="{}", music="{}", movie="{}", nationality="{}", birthday=\'{}\' WHERE username="******" ;' .format(form.education.data, form.employment.data, form.music.data, form.movie.data, form.nationality.data, form.birthday.data, username)) return redirect(url_for('profile', username=username)) user = query_db( 'SELECT * FROM Users WHERE username="******";'.format(username), one=True) return render_template('profile.html', title='profile', username=username, user=user, form=form)
def set_baixa_entrega_nfe(args): """Realiza Baixa de Entregas""" cmd = qry_db % ("'" + parceiro_cnpj.strip() + "'") r = query_db(1,cmd) if len(r) > 0: id_db = r[0]['id_bd'] else: return '' cmd_upd = qry_upd_baixa_nfe % (args) r = query_db(id_db,cmd_upd) if r is not None: pass return r['numero_nota_fiscal']
def profile(username): user = query_db('SELECT * FROM Users WHERE username="******";'.format( session.get('username')), one=True) if user == None: flash('You are not logged in') return redirect(url_for('index')) elif user['password'] == session.get('password'): form = ProfileForm() if form.is_submitted(): user = query_db( 'SELECT * FROM Users WHERE username="******";'.format(username), one=True) if user == None: flash( 'you are not logged in. Every error shouldnt happen, but this error really extra shouldnt happen' ) return redirect(url_for('index')) elif user['password'] == session.get('password'): query_db( 'UPDATE Users SET education="{}", employment="{}", music="{}", movie="{}", nationality="{}", birthday=\'{}\' WHERE username="******" ;' .format(form.education.data, form.employment.data, form.music.data, form.movie.data, form.nationality.data, form.birthday.data, username)) else: flash( 'You are not logged in as that user you tried to edit the profile of' ) return redirect( url_for('stream', username=session.get('username'))) return redirect(url_for('profile', username=username)) user = query_db( 'SELECT * FROM Users WHERE username="******";'.format(username), one=True) return render_template('profile.html', title='profile', username=username, user=user, form=form) else: flash('You are not logged in') return redirect(url_for('index'))
def exact_results(code): if 'logged_in' not in session or not session['logged_in']: return redirect(url_for('login')) if session['role'] == 0: survey = query_db('select * from score_list where user_id = ' + str(session['id']) + ' and code = "' + code + '"', one=True) return render_template('resultStudent.html', survey=survey) else: return render_template('resultTeacher.html')
def comments(username, p_id): form = CommentsForm() if form.is_submitted(): user = query_db('SELECT * FROM Users WHERE username= ?;', (username, ), one=True) query_db( 'INSERT INTO Comments (p_id, u_id, comment, creation_time) VALUES(?, ?, ?, ?);', (p_id, user['id'], form.comment.data, datetime.now())) post = query_db('SELECT * FROM Posts WHERE id= ?;', (p_id, ), one=True) all_comments = query_db( 'SELECT DISTINCT * FROM Comments AS c JOIN Users AS u ON c.u_id=u.id WHERE c.p_id= ? ORDER BY c.creation_time DESC;', (p_id, )) return render_template('comments.html', title='Comments', username=username, form=form, post=post, comments=all_comments)
def results(): if 'logged_in' not in session or not session['logged_in']: return redirect(url_for('login')) if session['role'] == 0: surveys = query_db('select * from score_list where user_id = ' + str(session['id'])) # benchmark = [4.392084322211362, 4.689655172413798, 5.019002882459691, 4.644646098003628, 5.6243194192377475] return render_template('studentResultHome.html', surveys=surveys) else: return render_template('teacherResultHome.html')
def get_json_clientes(id_db,lst_clientes): cmd = qry_participantes%({'lst_clientes':lst_clientes}) #print(cmd) clientes = query_db(id_db,cmd) if len(clientes) == 0: return None else: resultado = clientes return resultado
def create_dialog(main, add, commands, latency_from, latency_to): if session['user']: q = query_db( 'INSERT INTO dialogs ' '(owner, commands, main_account, add_accounts, ' 'latency_from, latency_to, current_step, is_running, time_start) ' 'VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)', (session['user'][0], commands, main, add, latency_from, latency_to, 0, 1, int(time())) ) return q.lastrowid
def get(self): parser = reqparse.RequestParser() parser.add_argument('id_db',type=int,help='O parâmetro Id_db inválido.') parser.add_argument('token',type=str,help='O parâmetro Token inválido.') parser.add_argument('dados',type=str,help='O parâmetro Dados inválido.') args = parser.parse_args() id_db = args['id_db'] dados = json.loads(args['dados']) #db = get_db(args['id_db']) filial = query_db(args['id_db'],'SELECT row_to_json(filial) as json FROM filial WHERE codigo_filial = %(filial)s AND codigo_empresa = %(empresa)s',dados,True) empresa = query_db(args['id_db'],'SELECT * FROM empresa') #print(str(db.status)) return filial['json'] return marshal(filial,filial_schema),200
def get_parent_assemblies(id): parent_parts = [] curr_id = id while True: parent = app.query_db( "select * from nodes left join edges on nodes.id=edges.from_node_id where edges.to_node_id=?;", (curr_id, ), True) if parent is None: break parent_parts.append(parent) curr_id = parent['id'] return parent_parts
def users(): ''' returns users and get posts request : can edit or add user in page. this funtction uses sqlite3 ''' if 'logged_in' in session: if session['su'] != 'Yes': return abort(403) try: trash = request.args.get('trash') except KeyError: trash = 0 su_users = query_db("SELECT COUNT(id) as num FROM users " "WHERE su='Yes'", [], one=True) if request.args.get('token') == session.get('token') and \ int(trash) == 1 and request.args.get('userid') and \ request.args.get('username'): nb_users = query_db("SELECT COUNT(id) as num FROM users", [], one=True) if nb_users['num'] > 1: if su_users['num'] <= 1: su_user = query_db("SELECT username FROM users " "WHERE su='Yes'", [], one=True) if su_user['username'] == request.args.get('username'): flash(u'Can\'t delete the last admin user : %s' % request.args.get('username'), 'error') return redirect(url_for('lwp_users')) g.db.execute("DELETE FROM users WHERE id=? AND username=?", [request.args.get('userid'), request.args.get('username')]) g.db.commit() flash(u'Deleted %s' % request.args.get('username'), 'success') return redirect(url_for('lwp_users')) flash(u'Can\'t delete the last user!', 'error') return redirect(url_for('lwp_users')) if request.method == 'POST': users = query_db('SELECT id, name, username, su FROM users ' 'ORDER BY id ASC') if request.form['newUser'] == 'True': if not request.form['username'] in \ [user['username'] for user in users]: if re.match('^\w+$', request.form['username']) and \ request.form['password1']: if request.form['password1'] == \ request.form['password2']: if request.form['name']: if re.match('[a-z A-Z0-9]{3,32}', request.form['name']): g.db.execute( "INSERT INTO users " "(name, username, password) " "VALUES (?, ?, ?)", [request.form['name'], request.form['username'], hash_passwd( request.form['password1'])]) g.db.commit() else: flash(u'Invalid name!', 'error') else: g.db.execute("INSERT INTO users " "(username, password) VALUES " "(?, ?)", [request.form['username'], hash_passwd( request.form['password1'])]) g.db.commit() flash(u'Created %s' % request.form['username'], 'success') else: flash(u'No password match', 'error') else: flash(u'Invalid username or password!', 'error') else: flash(u'Username already exist!', 'error') elif request.form['newUser'] == 'False': if request.form['password1'] == request.form['password2']: if re.match('[a-z A-Z0-9]{3,32}', request.form['name']): if su_users['num'] <= 1: su = 'Yes' else: try: su = request.form['su'] except KeyError: su = 'No' if not request.form['name']: g.db.execute("UPDATE users SET name='', su=? " "WHERE username=?", [su, request.form['username']]) g.db.commit() elif request.form['name'] and \ not request.form['password1'] and \ not request.form['password2']: g.db.execute("UPDATE users SET name=?, su=? " "WHERE username=?", [request.form['name'], su, request.form['username']]) g.db.commit() elif request.form['name'] and \ request.form['password1'] and \ request.form['password2']: g.db.execute("UPDATE users SET " "name=?, password=?, su=? WHERE " "username=?", [request.form['name'], hash_passwd( request.form['password1']), su, request.form['username']]) g.db.commit() elif request.form['password1'] and \ request.form['password2']: g.db.execute("UPDATE users SET password=?, su=? " "WHERE username=?", [hash_passwd( request.form['password1']), su, request.form['username']]) g.db.commit() flash(u'Updated', 'success') else: flash(u'Invalid name!', 'error') else: flash(u'No password match', 'error') else: flash(u'Unknown error!', 'error') users = query_db("SELECT id, name, username, su FROM users " "ORDER BY id ASC") nb_users = query_db("SELECT COUNT(id) as num FROM users", [], one=True) su_users = query_db("SELECT COUNT(id) as num FROM users " "WHERE su='Yes'", [], one=True) return render_template('users.html') return render_template('login.html')