def register():
if request.method == 'POST':
user_phone= request.form['user_phone']
username = request.form['username']
password = request.form['password']
db = get_db()
error = None
if user_phone == '123':
error = 'Root is not availble.'
elif not user_phone:
error = 'User phone is required.'
elif not username:
error = 'Username is required.'
elif not password:
error = 'Password is required.'
elif db.execute(
'SELECT user_phone FROM user WHERE user_phone = ?', (user_phone,)
).fetchone() is not None:
error = 'User {} is already registered.'.format(username)
if error is None:
db.execute(
'INSERT INTO user (user_phone, username, password, is_seller) VALUES (?, ?, ?, ?)',
(user_phone, username, generate_password_hash(password), 0)
)
db.commit()
return redirect(url_for('auth.login'))
flash(error)
return render_template('auth/register.html')
def update(id):
product = get_products(id)
if request.method == 'POST':
qualitytime = request.form['qualitytime']
producetime = request.form['producetime']
type = request.form['type']
productname = request.form['productname']
price = request.form['price']
error = None
if not productname:
error = 'Product name is required.'
if error is not None:
flash(error)
else:
db = get_db()
db.execute(
'UPDATE product SET productname = ?, producetime = ?, qualitytime = ?, type = ?, price = ?'
' WHERE product_create = ?',
(productname, producetime, qualitytime, type, price, id)
)
db.commit()
return redirect(url_for('products.index'))
return render_template('products/update.html')
def create():
if request.method == 'POST':
qualitytime = request.form['qualitytime']
producetime = request.form['producetime']
type = request.form['type']
productname = request.form['productname']
price = request.form['price']
error = None
product_create = random.randint(1, 3);
if not productname:
error = 'Product name is required.'
if error is not None:
flash(error)
else:
db = get_db()
db.execute(
'INSERT INTO product (product_create, seller_phone, producetime, qualitytime, type, productname, price)'
' VALUES (?, ?, ?, ?, ?, ?, ?)',
(product_create, g.user['user_phone'], producetime, qualitytime, type, productname, price)
)
db.commit()
return redirect(url_for('products.index'))
return render_template('products/create.html')
def receive(id):
db = get_db()
db.execute(
' UPDATE trade SET cancel = 2 WHERE product_create = ?',
(id, )
)
db.commit()
return redirect(url_for('products.list'))
def index():
db = get_db()
products = db.execute(
'SELECT p.product_create, p.productname, p.price, p.type, p.producetime, p.qualitytime, s.seller_phone, s.storename'
' FROM product p JOIN seller s ON p.seller_phone = s.seller_phone'
' ORDER BY p.producetime DESC'
).fetchall()
return render_template('index.html', products=products)
def load_logged_in_user():
user_phone = session.get('user_phone')
if user_phone is None:
g.user = None
else:
g.user = get_db().execute(
'SELECT * FROM user WHERE user_phone = ?', (user_phone,)
).fetchone()
def list():
db = get_db()
products = db.execute(
'SELECT p.product_create, p.productname, p.price, p.type, p.producetime, p.qualitytime, s.seller_phone, s.storename, t.trade_time , t.cancel , t.user_phone FROM product p ,seller s , trade t'
' WHERE p.seller_phone = s.seller_phone AND t.product_create = p.product_create'
' AND (t.user_phone = ? OR t.seller_phone = ?)'
'ORDER BY t.trade_time DESC',
(g.user['user_phone'], g.user['user_phone'])
)
db.commit()
return render_template('products/trade.html', products=products)
def get_products(id, check_author=True):
product = get_db().execute(
'SELECT p.product_create, productname, price, type, producetime, qualitytime, s.seller_phone'
' FROM product p JOIN seller s ON p.seller_phone = s.seller_phone'
' WHERE p.product_create = ?',
(id,)
).fetchone()
if product is None:
abort(404, "Product id {0} doesn't exist.".format(id))
print("???")
return product
def trade(id):
product = get_products(id)
nowtime = datetime.datetime.now()
#print(os.getcwd())
qr = pyqrcode.create(str(id))
qr.svg("static/image/qrcodes/"+str(id)+"-qrcode.svg", scale=8)#没写完#现在写完了
db = get_db()
db.execute(
'INSERT INTO trade (product_create, user_phone, seller_phone, trade_time, cancel, trade_number)'
' VALUES (?, ?, ?, ?, ?, ?)',
(id, g.user['user_phone'], product['seller_phone'], nowtime, 0, 1)
)
db.commit()
return redirect(url_for('products.list'))
def store():
if request.method == 'POST':
user_phone = request.form['user_phone']
username = request.form['username']
password = request.form['password']
storename = request.form['storename']
location = request.form['location']
seller_intro = request.form['seller_intro']
begintime = request.form['begintime']
endtime = request.form['endtime']
db = get_db()
error = None
if not user_phone:
error = 'User phone is required.'
elif not username:
error = 'Username is required.'
elif not password:
error = 'Password is required.'
elif db.execute(
'SELECT user_phone FROM user WHERE user_phone = ?', (user_phone,)
).fetchone() is not None:
error = 'User {} is already registered.'.format(username)
if error is None:
db.execute(
'INSERT INTO user (user_phone, username, password, is_seller) VALUES (?, ?, ?, ?)',
(user_phone, username, generate_password_hash(password), 1)
)
db.commit()
db.execute(
'INSERT INTO seller (seller_phone, storename, seller_intro, location, begintime, endtime)'
'VALUES (?, ?, ?, ?, ?, ?)', (user_phone, storename, seller_intro, location, begintime, endtime)
)
db.commit()
return redirect(url_for('auth.login'))
flash(error)
return render_template('auth/store.html')
def login():
error = None
if request.method == 'POST':
password = request.form['password']
user_phone = request.form['user_phone']
db = get_db()
error = None
user = db.execute(
'SELECT * FROM user WHERE user_phone = ?', (user_phone,)
).fetchone()
if user is None:
error = 'Incorrect phone number.'
elif not check_password_hash(user['password'], password):
error = 'Incorrect password.'
if error is None:
session.clear()
session['user_phone'] = user['user_phone']
return redirect(url_for('index'))
return render_template('auth/login.html', error=error)
def orderdelete(id):
get_products(id)
db = get_db()
db.execute('DELETE FROM trade WHERE product_create = ?', (id,))
db.commit()
return redirect(url_for('products.index'))