def item():
if 'username' not in session:
username = CASClient().authenticate().strip()
check_user(username)
else:
username = session.get('username').strip()
#username = '******'
itemid = request.args.get('itemid')
string = request.cookies.get('lastSearch')
if string is None:
string = ''
maxP = request.cookies.get('maxPrice')
if maxP is None:
maxP = ''
minP = request.cookies.get('minPrice')
if minP is None:
minP = ''
ntags = request.cookies.get('ntags')
tags = []
for i in range(int(ntags)):
tags.append(request.cookies.get(f'tag{i + 1}'))
database = Database()
database.connect()
# check if item still exists in available database
# if not, check if it was sold
if not str(itemid).isnumeric():
errormsg = 'Sorry, this item does not exist.'
html = render_template('error.html', errormsg=errormsg)
response = make_response(html)
return response
if not (database.check_exists_item(itemid)):
if not (database.check_exists_solditem(itemid)):
errormsg = 'Sorry, this item does not exist.'
html = render_template('error.html', errormsg=errormsg)
response = make_response(html)
return response
else:
entry = database.get_solditem(itemid)
database.disconnect()
errormsg = 'Sorry, this item has already been sold.'
html = render_template('itemsold.html',
entry=entry[0],
errormsg=errormsg)
response = make_response(html)
return response
if request.method == 'POST':
bid = request.form['bid']
# check if bid is numeric
try:
bid = float(bid)
except Exception as e:
database = Database()
database.connect()
entry = database.get_item(itemid)
database.disconnect()
msg = 'Please enter a valid bid.'
html = render_template('item.html',
entry=entry[0],
msg=msg,
lastSearch=string,
maxPrice=maxP,
minPrice=minP,
tags=tags)
response = make_response(html)
return response
# round bid to nearest 0.5
bid = math.floor(bid)
#if netid is None:
netid = username
database = Database()
database.connect()
# add bid to database
entry = database.get_item(itemid)
seller_id = (entry[0])[2]
print(seller_id)
if (seller_id == netid):
database.disconnect()
msg = 'Sorry, you may not bid on an item you are selling.'
html = render_template('item.html',
entry=entry[0],
msg=msg,
lastSearch=string,
maxPrice=maxP,
minPrice=minP,
tags=tags)
response = make_response(html)
return response
entry = database.get_item(itemid)
current_price = (entry[0])[3]
if (float(bid) <= current_price):
database.disconnect()
msg = 'Please enter a bid higher than the current price.'
html = render_template('item.html',
entry=entry[0],
msg=msg,
lastSearch=string,
maxPrice=maxP,
minPrice=minP,
tags=tags)
response = make_response(html)
return response
database.bid(itemid, bid, netid)
entry = database.get_item(itemid)
database.disconnect()
msg = 'Your bid has been processed. Thank you!'
html = render_template('item.html',
entry=entry[0],
msg=msg,
lastSearch=string,
maxPrice=maxP,
minPrice=minP,
tags=tags)
response = make_response(html)
return response
else:
try:
database = Database()
database.connect()
entry = database.get_item(itemid)
database.disconnect()
html = render_template('item.html',
entry=entry[0],
lastSearch=string,
maxPrice=maxP,
minPrice=minP,
tags=tags)
response = make_response(html)
return response
except Exception as e:
print("error" + str(e), file=stderr)
exit(1)
def sell():
if 'username' not in session:
username = CASClient().authenticate().strip()
check_user(username)
else:
username = session.get('username').strip()
#username = '******'
# parse user input for item upload details
# ***** need to handle other info still *****
if request.method == 'POST':
print("sell: " + str(request))
if 'image' not in request.files:
print("err")
image = request.files['image']
title = request.form['title']
description = request.form['description']
price = request.form['price']
tag = request.form['tag']
if title is None:
title = ''
if description is None:
description = ''
if price is None:
price = ''
# generate a random itemid until you get one that isn't
# in the itemdid_hashet, meaning that it isn't already being
# used by an item in available_items
itemid = int(random.uniform(100, 1000000))
while str(itemid) in itemid_hashset:
itemid = int(random.uniform(100, 1000000))
itemid_hashset.append(str(itemid))
#if postdate is None:
postdate = datetime.date.today()
#if netid is None:
netid = username
# connect to database
database = Database()
database.connect()
if (image.filename == ''):
print("none")
image = ''
image_read = None
safefilename = ''
else:
print(image)
safefilename = secure_filename(randstr() + '-' + image.filename)
imgpath = '{}/{}'.format(IMAGE_DIR_AVAILABLE, safefilename)
image.save(imgpath)
image.seek(0)
image_read = image.read()
database.add_image(itemid, image_read, safefilename)
print(database.image_table_size())
database.add_to_db(itemid, postdate, netid, price, safefilename,
description, title, tag)
# add to bid database with null bidder netid
database.bid(itemid, price, None)
database.disconnect()
html = render_template('confirmation.html')
response = make_response(html)
return response
else:
try:
html = render_template('sell.html')
response = make_response(html)
return response
except Exception as e:
print("error" + str(e), file=stderr)
exit(1)
def modify_item():
print("server reached")
print(request)
if 'username' not in session:
username = CASClient().authenticate().strip()
check_user(username)
else:
username = session.get('username').strip()
database = Database()
database.connect()
itemid = None
if (request.method == "GET" and request.args.get('modify') != None):
print("get reached")
itemid = request.args.get('modify')
print("itemid: " + str(itemid))
print(request)
entry = (database.get_item(itemid))[0]
html = render_template('modify_item.html', entry=entry)
response = make_response(html)
return response
# a confirm_change button (let them know it will reset bids), a cancel button (redirect to track page)
# confirm_change redirects back here, with a get_request
elif (request.method == "POST" and request.form['item_id'] != None):
print("post reached")
title = request.form['title']
print("title")
image = request.files['image']
print(image)
print("img")
description = request.form['description']
print("desc")
price = request.form['price']
print("pr")
tag = request.form['tag']
print("tag")
postdate = datetime.date.today()
netid = username
old_item_id = request.form['item_id']
print("id")
# new_item_id = int(random.uniform(100, 1000000))
# error handling on the above in case it comes from a non web browser source
print("getting stuff reached")
prev_info = (database.get_item(old_item_id))[0]
# send e-mail to bidders before deleting the bids
item_bids = database.get_item_bids(old_item_id)
send_modify_mail(item_bids, prev_info[6], old_item_id)
database.delete_from_bids(old_item_id)
# delete the old item entry data
database.delete_from_db(old_item_id)
new_img_bool = True
# if new image is null and previous image is not null
if image.filename == '' and prev_info[4] != '':
safefilename = prev_info[4]
new_img_bool = False
print("db stuff")
# insert the new image into the db
if new_img_bool == True:
# delete the old image if there was one
if (prev_info[4] != ''):
os.remove(os.path.join(IMAGE_DIR_AVAILABLE, prev_info[4]))
database.delete_image(old_item_id)
if (image.filename == ''):
image = ''
image_read = None
safefilename = ''
else:
# print(image)
safefilename = secure_filename(randstr() + '-' +
image.filename)
imgpath = '{}/{}'.format(IMAGE_DIR_AVAILABLE, safefilename)
image.save(imgpath)
image.seek(0)
image_read = image.read()
database.add_image(old_item_id, image_read, safefilename)
# print(database.image_table_size())
# add new db info for the item
database.add_to_db(old_item_id, postdate, netid, price, safefilename,
description, title, tag)
# add to bid database with null bidder netid
database.bid(old_item_id, price, None)
print("work done")
return redirect("/item?itemid={}".format(old_item_id))
else:
return redirect('/index')