def updatebook(id):
book=Book.query.get_or_404(id)
form=BookForm()
if form.validate_on_submit():
book.name=form.name.data
book.page=form.page.data
book.price=form.price.data
book.much=form.much.data
book.jold=form.jold.data
book.desc=form.desc.data
if request.files.get('image1'):
try:
os.unlink(os.path.join(current_app.root_path,'static/img/'+book.image1))
book.image1=photos.save(request.files.get('image1'),name=secrets.token_hex(10)+'.')
except:
book.image1=photos.save(request.files.get('image1'),name=secrets.token_hex(10)+'.')
flash(f'Book Successfully Updated','success')
db.session.commit()
return redirect(url_for('books',book_id=book.id))
elif request.method=='GET':
form.name.data=book.name
form.page.data=book.page
form.price.data=book.price
form.much.data=book.much
form.jold.data=book.jold
form.desc.data=book.desc
return render_template('updatebook.html',form=form )
def upload(**kwargs):
''' Handles writing of file from upload form to disk.
will redirect to previous URL.'''
url_args = {}
if request.args:
url_args = {arg: request.args[arg] for arg in request.args}
# HTML formatting error - check that redirect URLS are correct
try:
redirect_endpoint = kwargs.get('redirect_endpoint')
if redirect_endpoint:
del kwargs['redirect_endpoint']
except Exception as e:
flash('An error has occured - please contact admin.')
return redirect(url_for(redirect_endpoint, **url_args))
# If POST, process file. If filetype forbidden, flash error
if request.method == 'POST':
if request.files.get('index_background'):
try:
file_name = photos.save(request.files['index_background'])
post_background_image = Photo(file_name=file_name)
post_background_image.save()
flash("Image '{}' has been saved!".format(file_name))
except UploadNotAllowed:
flash('This file type is not allowed.')
return redirect(url_for(redirect_endpoint, **url_args))
def profile_edit(username):
if username != current_user.username:
abort(403)
user_to_edit = User.get_user_by_username(username)
if not current_user.id == user_to_edit.id:
flash('This page is restricted! You cannot edit other users pages', 'danger')
app.logger.warning('Restricted page access attempt.')
return redirect(url_for('users'))
(print(user_to_edit))
if request.method == 'POST':
confirm_password = request.form['password']
if check_password_hash(user_to_edit.password, confirm_password):
user_to_edit.username = request.form['username']
user_to_edit.firstname = request.form['firstname']
user_to_edit.lastname = request.form['lastname']
user_to_edit.birthdate = request.form['birthdate']
user_to_edit.city = request.form['city']
if request.files['userpic']:
os.remove(basedir + "/static/images/userpics/" + user_to_edit.userpic)
user_to_edit.userpic = photos.save(request.files['userpic'], name=secrets.token_hex(10) + ".")
db.session.commit()
flash('{}\' profile has been successfully updated'.format(user_to_edit.username), 'success')
app.logger.info('User updated.')
return redirect(url_for('profile_edit', username=user_to_edit.username))
else:
flash('Incorrect password.', 'danger')
app.logger.info('Incorrect password input.')
return redirect(url_for('profile_edit', username=user_to_edit.username))
return render_template('profile_edit.html', user_to_edit=user_to_edit, send_confirmation_email=send_confirmation_email)
def upload(**kwargs):
''' Handles writing of file from upload form to disk.
will redirect to previous URL.'''
url_args = {}
if request.args:
url_args = {arg: request.args[arg] for arg in request.args}
# HTML formatting error - check that redirect URLS are correct
try:
redirect_endpoint = kwargs.get('redirect_endpoint')
if redirect_endpoint:
del kwargs['redirect_endpoint']
except Exception as e:
flash('An error has occured - please contact admin.')
return redirect(url_for(redirect_endpoint, **url_args))
# If POST, process file. If filetype forbidden, flash error
if request.method == 'POST':
if request.files.get('index_background'):
try:
file_name = photos.save(request.files['index_background'])
post_background_image = Photo(file_name=file_name)
post_background_image.save()
flash("Image '{}' has been saved!".format(file_name))
except UploadNotAllowed:
flash('This file type is not allowed.')
return redirect(url_for(redirect_endpoint, **url_args))
def put(self):
args = photo_reqparse.parse_args()
file_format = args.image.filename.split('.')[-1]
name = '%d-avatar.%s' % (g.current_user.id, file_format)
path = Path(os.path.join(photos.config.destination, 'avatar', name))
if path.exists():
path.unlink()
filename = photos.save(args.image, folder='avatar', name=name)
file_url = photos.url(filename)
g.current_user.avatar = file_url
g.current_user.save()
return {'url': file_url}
def put(self):
args = photo_reqparse.parse_args()
path = Path(
os.path.join(photos.config.destination, str(g.current_user.id),
args.image.filename))
if path.exists():
file_url = photos.url(
os.path.join(str(g.current_user.id), args.image.filename))
else:
filename = photos.save(args.image, str(g.current_user.id))
file_url = photos.url(filename)
return {'url': file_url}
def addproduct():
brands=Brand.query.all()
categories=Category.query.all()
form=AddProductForm()
if form.validate_on_submit():
name=form.name.data
price=form.price.data
discount=form.discount.data
stock=form.stock.data
desc=form.desc.data
brand=request.form.get('brand')
category=request.form.get('category')
colors=form.colors.data
image1=photos.save(request.files.get('image1'),name=secrets.token_hex(10)+".")
image2=photos.save(request.files.get('image2'),name=secrets.token_hex(10)+".")
image3=photos.save(request.files.get('image3'),name=secrets.token_hex(10)+".")
add=AddProduct(name=name,price=price,discount=discount,stock=stock,desc=desc,brand_id=brand,category_id=category,colors=colors,image1=image1,image2=image2,image3=image3)
db.session.add(add)
db.session.commit()
flash(f'Product Created Successfully','success')
return redirect(url_for('index'))
return render_template('addproduct.html',form=form,categories=categories,brands=brands)
def updatecustomer(id):
customer=Customerregister.query.get_or_404(id)
form=CustomerregisterForm()
if form.validate_on_submit():
customer.username=form.username.data
customer.lastname=form.lastname.data
customer.phone=form.phone.data
customer.add=form.add.data
if request.files.get('image1'):
try:
os.unlink(os.path.join(current_app.root_path,'static/img/'+customer.image1))
customer.image1=photos.save(request.files.get('image1'),name=secrets.token_hex(10)+'.')
except:
customer.image1=photos.save(request.files.get('image1'),name=secrets.token_hex(10)+'.')
customer.nic=form.nic.data
customer.hour=form.hour.data
customer.day=form.day.data
customer.month=form.month.data
customer.year=form.year.data
customer.price=form.price.data
flash(f'Book Successfully Updated','success')
db.session.commit()
return redirect(url_for('customers',customer_id=customer.id))
elif request.method=='GET':
form.username.data=customer.username
form.lastname.data=customer.lastname
form.phone.data=customer.phone
form.add.data=customer.add
form.nic.data=customer.nic
form.hour.data=customer.hour
form.day.data=customer.day
form.month.data=customer.month
form.year.data=customer.year
form.price.data=customer.price
return render_template('updatecustomer.html',form=form )
def AddBook():
categories=Category.query.all()
form=BookForm()
if form.validate_on_submit():
name=form.name.data
page=form.page.data
price=form.price.data
much=form.much.data
jold=form.jold.data
desc=form.desc.data
category=request.form.get('category')
image1=photos.save(request.files.get('image1'),name=secrets.token_hex(10)+".")
add=Book(name=name,page=page,price=price,much=much,jold=jold,desc=desc,image1=image1,category_id=category)
db.session.add(add)
db.session.commit()
flash(f'Product Created Successfully','success')
return redirect(url_for('index'))
return render_template('addbook.html',form=form,categories=categories)
def customer():
form=CustomerregisterForm()
if form.validate_on_submit():
username=form.username.data
lastname=form.lastname.data
phone=form.phone.data
add=form.add.data
image1=photos.save(request.files.get('image1'),name=secrets.token_hex(10)+".")
nic=form.nic.data
hour=form.hour.data
day=form.day.data
month=form.month.data
year=form.year.data
price=form.price.data
add=Customerregister(username=username,lastname=lastname,phone=phone,add=add,image1=image1,nic=nic,hour=hour,day=day,month=month,year=year,price=price)
db.session.add(add)
db.session.commit()
flash(f'Product Created Successfully','success')
return redirect(url_for('index'))
return render_template('customer.html',form=form)
def register():
"""
User registering function
"""
if request.method == 'POST':
new_user_username = request.form['username'].lower()
new_user_email = request.form['email'].lower()
new_user_password = generate_password_hash(request.form['password'])
new_user_firstname = request.form['firstname'].capitalize()
new_user_lastname = request.form['lastname'].capitalize()
new_user_city = request.form['city'].capitalize()
new_user_birthday = datetime.datetime.strptime(request.form['birthdate'], '%Y-%m-%d')
print(new_user_birthday)
new_user_gender = request.form['gender']
new_user_registation_date = datetime.datetime.utcnow()
if request.files['userpic']:
new_user_userpic = photos.save(request.files['userpic'], name=secrets.token_hex(10) + '.')
else:
new_user_userpic = 'default.jpg'
new_user = User(username=new_user_username,
email=new_user_email,
password=new_user_password,
firstname=new_user_firstname,
lastname=new_user_lastname,
city=new_user_city,
birthdate=new_user_birthday,
gender=new_user_gender,
registration_date=new_user_registation_date,
userpic=new_user_userpic)
db.session.add(new_user)
db.session.commit()
login_user(new_user)
send_confirmation_email(new_user_email)
flash('Welcome, {}! You\'re registered now. Please, confirm your email'.format(new_user.username), 'success')
app.logger.info('User created.')
return redirect(url_for('users'))
return render_template('register.html')
def updateproduct(id):
brands=Brand.query.all()
categories=Category.query.all()
product=AddProduct.query.get_or_404(id)
form=AddProductForm()
if form.validate_on_submit():
product.name=form.name.data
product.price=form.price.data
product.discount=form.discount.data
product.stock=form.stock.data
product.desc=form.desc.data
product.colors=form.colors.data
if request.files.get('image1'):
try:
os.unlink(os.path.join(current_app.root_path,'static/img/'+product.image1))
product.image1=photos.save(request.files.get('image1'),name=secrets.token_hex(10)+'.')
except:
product.image1=photos.save(request.files.get('image1'),name=secrets.token_hex(10)+'.')
if request.files.get('image2'):
try:
os.unlink(os.path.join(current_app.root_path,'static/img/'+product.image2))
product.image2=photos.save(request.files.get('image2'),name=secrets.token_hex(10)+'.')
except:
product.image2=photos.save(request.files.get('image2'),name=secrets.token_hex(10)+'.')
if request.files.get('image3'):
try:
os.unlink(os.path.join(current_app.root_path,'static/img/'+product.image3))
product.image3=photos.save(request.files.get('image3'),name=secrets.token_hex(10)+'.')
except:
product.image3=photos.save(request.files.get('image3'),name=secrets.token_hex(10)+".")
flash(f'Product Successfully Updated','success')
db.session.commit()
return redirect(url_for('products',product_id=product.id))
elif request.method=='GET':
form.name.data=product.name
form.price.data=product.price
form.discount.data=product.discount
form.stock.data=product.stock
form.desc.data=product.desc
form.colors.data=product.colors
return render_template('updateproduct.html',form=form ,brands=brands,categories=categories)