def leave_feedback(feedback_ad_id):
""" @summary A function to render and handle a form for leaving feedback for another user
@param feedback_ad_id - The ad ID number for which feedback is to be left for
Server-side method for the UI to interact with the MySQL database
"""
cookie_session_id = request.cookies.get('session_id')
user_id, user_name = sessionutils.get_customer_details_from_session_id(cookie_session_id)
ad = transactions.get(transactions.adId == feedback_ad_id)
if request.method == 'POST':
if feedback_ad_id is not None:
if user_id > -1:
#TODO get from UI
print("Get input from UI")
giver=user_id
if ad.sellerId==user_id:
receiver= ad.buyerid
else:
receiver=ad.sellerId
#TODO logic to make this work for buyer and seller
if ad.buyerid==user_id:
feedbackreceivertype="s"
else:
feedbackreceivertype="b"
print("receeiver type is ",feedbackreceivertype)
feedbackInput = request.form['inputFeedback']
ratingInput = request.form['inputRating']
feedback.create(giverId=giver , receiverId=receiver,
adId=feedback_ad_id, feedback=feedbackInput, rating=ratingInput, ad=ad, userId=user_id)
else:
response = make_response(redirect("/login", code=403))
error ='Please login to leave feedback'
response.set_cookie('message_text', error, domain='kaizen.localhost')
return response
else:
response = make_response(redirect("/account", code=403))
error = 'Please select and ad to leave feedback'
response.set_cookie('message_text', error, domain='kaizen.localhost')
return response
user = users.get(users.id == ad.sellerId)
return redirect("/account/my-account")
else:
user = users.get(users.id==ad.sellerId)
if ad.buyerid == user_id:
feedbackreceivertype = "s"
else:
feedbackreceivertype = "b"
print("feedbackreceivertype is:",feedbackreceivertype)
return render_template('feedback.html', name=user_name, feedbackid=feedback_ad_id, receiver=user.firstName,
book=get_feedback_book_title(feedback_ad_id),receiverType=feedbackreceivertype,
blah=calculate_rating(ad.sellerId))
def verify_email(username, userid):
""" @summary A function to verify a user's code that was emailed to them
"""
try:
try:
user_name = users.get(users.firstName == username).firstName
except user_name.DoesNotExist:
user_name = ""
try:
user_id = users.get(users.id == userid).id
except user_id.DoesNotExist:
user_id = -1
if str(username) == str(user_name) and int(userid) == int(user_id):
session_string = create_a_session_in_db(user_id)
if session_string != -1:
response = make_response(redirect('/'))
try:
response.set_cookie('session_id',
session_string,
domain='kaizen.localhost')
info = "Successfully verified your email address"
flash(info)
except:
info = "You need to have cookies enabled to continue"
flash(info)
return response
else:
info = "Unable to log you in"
flash(info)
else:
info = "Not permitted to access that area"
flash(info)
except:
info = "Oops! Something went wrong"
flash(info)
return redirect('/')
def commitment(adId):
""" @summary A function that renders the template for a committed buyer
"""
cookie_session_id = request.cookies.get('session_id')
user_id, user_name = sessionutils.get_customer_details_from_session_id(
cookie_session_id)
ad = adListing.get(adListing.id == adId)
seller = users.get(users.id == ad.sellerId)
set_buyer_id_when_committing(adId, user_id)
return render_template('commit.html',
listings=getAdlistings(),
userid=user_id,
name=user_name,
ad=ad,
seller=seller)
def showItem(adId):
""" @summary A function that renders a template for viewing the individual ad listing
This shows a page with the individual product item information
"""
cookie_session_id = request.cookies.get('session_id')
user_id, user_name = sessionutils.get_customer_details_from_session_id(
cookie_session_id)
ad = adListing.get(adListing.id == adId)
sellerid = users.get(users.id == ad.sellerId)
print(ad.title)
return render_template("product-page.html",
ad=ad,
userid=user_id,
name=user_name,
sellerid=sellerid,
rating=calculate_rating(sellerid.id))
def get_user_info_by_id(user_id):
""" @summary A function to look up the user's details by the user ID
@param user_id - The user ID set in the cookie
"""
print("get_user_info_by_id")
try:
print("Getting user info for Id:", str(user_id))
user = users.get(users.id == int(user_id))
if user != None:
print("Got user info with name:", user.firstName)
else:
print("Couldn't get the user, probably a bogus session...")
user = -1
except:
error = "Problem looking up user id in get_user_info_by_id"
flash(error)
print(error)
user = -1
return user
def sign_up():
""" @summary A function to render and handle the sign up page form
Server-side method for the UI to interact with the MySQL database
"""
if request.method == 'POST':
# read the posted values from the UI
_name = request.form['inputName']
_surname = request.form['inputSurname']
_email = request.form['inputEmail']
_password = request.form['inputPassword']
_phone = request.form['inputPhone']
# Checks for redundancy/existing user account
email_query = users.select().where(users.email == _email)
for item in email_query:
if item.email == _email:
info = "Error! Email already exists!"
flash(info)
return redirect('/')
phone_query = users.select().where(users.phoneNumber == _phone)
for item in phone_query:
if item.phoneNumber == _phone:
info = "Error! Phone already exists!"
flash(info)
return redirect('/')
# Create the user in our database
try:
users.create(firstName=_name, surname=_surname, email=_email, password=_password, phoneNumber=_phone)
user_id = users.get(users.firstName == _name, users.email == _email, users.phoneNumber == _phone).id
send_verification_email(_name, user_id, _email)
info = """
Congratulations, we've signed you up. Now just one last step
- Please verify your email address before signing in again."""
flash(info)
except:
info = "We couldn't sign you up at this time. Please continue later."
flash(info)
return redirect('/')
else:
return render_template('signup.html')
def login():
""" @summary A function for logging in a user
"""
error = None
success = False
user = None
user_id = None
#print("only made it to here:", str(request.method)) # debug
if request.method == 'POST':
# read the posted values from the UI, <<NEED TO COMPARE THESE VALUES to the ones in data base>>
_email = request.form['inputEmail']
_password = request.form['inputPassword']
# validate the received values
if _email and _password:
try:
# Execute the SQL command
user = users.get(users.email == _email)
user_id = user.id
print("Success email for: ", user_id) # debug
except:
print("DEBUG Error: Unable to fetch data #1")
if user and user_id:
try:
# Find the user's id given email and password
check_pass = user.password
""" Debug statements
print("password in db =", check_pass)
print("password provided =", _password)
"""
if (check_pass == _password):
# Continue to set session
session_string = create_a_session_in_db(user_id)
if session_string == -1:
success - False
else:
success = True
else:
info = "Invalid username or password."
flash(info)
except:
print("DEBUG Error: Unable to fetch data #2")
else:
info = "Invalid username or password."
flash(info)
else:
info = "You must enter a valid username and password"
flash(info)
if success == True:
response = make_response(redirect('/'))
try:
response.set_cookie('session_id',
session_string,
domain='kaizen.localhost')
print("Successfully logged in")
return response
except:
info = "You need to have cookies enabled to be able to log in"
flash(info)
else:
info = "Unable to log you in"
flash(info)
return render_template('login.html')
def get_user_name(buyerId):
""" @summary A function get the feedback recipient type
@param buyerId - The ID of the user that is the buyer
"""
feedbackFor = users.get(users.id == buyerId)
return feedbackFor.firstName