def updateCustomer(request): Authorizer.authorizeCustomer(request) postVars = request.POST validKeys = ['lastName', 'firstName', 'address', 'city', 'state', 'zipCode', 'telephone', 'email', 'creditCardNumber'] acceptedValues = [] queryAppend = [] query = "UPDATE Customers SET " for key in validKeys: if key in postVars: queryAppend.append(key + " = %s") acceptedValues.append(postVars[key]) acceptedValues.append(request.matchdict['id']) query = query + ', '.join(queryAppend) + " WHERE ID = %s" try: cnx = mysql.connector.connect(user='******', password='******', host='127.0.0.1', database='305') cursor = cnx.cursor() cursor.execute(query, tuple(acceptedValues)) cursor.close() cnx.commit() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err)) Authorizer.refreshSession(request) raise exc.HTTPOk()
def addAuction(request): Authorizer.authorizeCustomer(request) requiredKeys = ["itemID", "sellerID", "closingTime", "openingBid", "reserve", "increment"] postVars = request.POST acceptedKeys = [] for key in requiredKeys: if key in postVars: acceptedKeys.append(postVars[key]) else: print(key) raise exc.HTTPBadRequest() # print(postVars['password']) try: cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305") cursor = cnx.cursor(dictionary=True) employees = [] query = "SELECT id FROM Employees WHERE type = 1" cursor.execute(query) for row in cursor: employees.append(row["id"]) acceptedKeys.append(employees[randint(0, len(employees) - 1)]) query = "INSERT INTO Auctions(itemID, sellerID, openingTime, closingTime, openingBid, reserve, increment, employeeID)\ VALUES (%s, %s, NOW(), %s, %s, %s, %s, %s);" cursor.execute(query, tuple(acceptedKeys)) cursor.close() cnx.commit() cnx.close() except mysql.connector.Error as err: cursor.close() cnx.close() return Response("Something went wrong: {}".format(err)) raise exc.HTTPOk()
def itemSuggestions(request): Authorizer.authorizeCustomer(request) session = request.session customerID = None if(Authorizer.getCurrentUserType(request) == 0): customerID = Authorizer.getCurrentUser(request)['id'] else: if('customerID' in request.GET): customerID = request.GET['customerID'] else: raise exc.HTTPBadRequest() query = """ SELECT * FROM Items WHERE type IN ( SELECT type FROM Items WHERE id IN ( SELECT itemID FROM Searches WHERE customerID = %s ) ) AND Items.name NOT IN ( SELECT name FROM Items WHERE id IN ( SELECT itemID FROM Auctions WHERE id IN ( SELECT auctionID FROM Bids WHERE customerID = %s ) ) ) LIMIT 5 """ suggestedItems = [] try: cnx = mysql.connector.connect(user='******', password='******', host='127.0.0.1', database='305') cursor = cnx.cursor(dictionary=True) cursor.execute(query, tuple([str(customerID), str(customerID)])) for row in cursor: item = {} for key in row: if(isinstance(row[key], datetime)): item[key] = row[key].isoformat() elif(isinstance(row[key], Decimal)): item[key] = str(row[key]) else: item[key] = row[key] suggestedItems.append(item) for item in suggestedItems: query = ("SELECT url FROM ItemsImages WHERE itemID = %s") cursor.execute(query, tuple([str(item['id'])])) urls = [] for row in cursor: urls.append(row['url']) item['images'] = urls cursor.close() cnx.close() except mysql.connector.Error as err: return Response("Something went wrong: {}".format(err), status=500) return suggestedItems
def apiAddBid(request): Authorizer.authorizeCustomer(request) auctionID = request.matchdict["id"] customer = request.session["currentUser"] requiredKeys = ["value", "maxBid"] postVars = request.POST acceptedKeys = [] for key in requiredKeys: if key in postVars: acceptedKeys.append(postVars[key]) else: print(key) raise exc.HTTPBadRequest() try: cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305") cursor = cnx.cursor(dictionary=True, buffered=True) query = "SELECT COUNT(*) as count, itemID, increment, openingBid, sellerID FROM Auctions WHERE id = %s AND closingTime > NOW()" cursor.execute(query, tuple([str(auctionID)])) row = cursor.fetchone() auctionCount = row["count"] if auctionCount == 0: cursor.close() cnx.close() raise exc.HTTPBadRequest() itemID = row["itemID"] increment = row["increment"] if customer["id"] < row["sellerID"]: raise exc.HTTPForbidden() postVars["value"] = Decimal(postVars["value"]) postVars["maxBid"] = Decimal(postVars["maxBid"]) if postVars["value"] < row["openingBid"]: raise exc.HTTPForbidden() # Check if bid already exists query = "SELECT * FROM Bids WHERE customerID = %s AND auctionID = %s" cursor.execute(query, tuple([customer["id"], auctionID])) print("rowcount", cursor.rowcount) if cursor.rowcount > 0: row = cursor.fetchone() query = "UPDATE Bids SET amount = %s, maxBid = %s WHERE id = %s" cursor.execute(query, tuple([postVars["value"], postVars["maxBid"], row["id"]])) else: query = "INSERT INTO Bids(itemID, customerID, maxBid, amount, time, auctionID) VALUES (%s, %s, %s, %s, NOW(), %s)" cursor.execute( query, tuple([str(itemID), str(customer["id"]), postVars["maxBid"], postVars["value"], auctionID]) ) query = "INSERT INTO BidLogs (amount, customerID, auctionID, time) VALUES (%s, %s, %s, NOW())" cursor.execute(query, tuple([postVars["value"], customer["id"], auctionID])) query = "SELECT * from Bids WHERE auctionID = %s" cursor.execute(query, tuple([str(auctionID)])) bids = [] for row in cursor: bid = {} for key in row: if isinstance(row[key], datetime): bid[key] = row[key].isoformat() else: bid[key] = row[key] bids.append(bid) changed = True currentMaxBid = 0 while changed: changed = False currentMaxBid = max([bid["amount"] for bid in bids]) numOccurences = [bid["amount"] for bid in bids].count(currentMaxBid) print(numOccurences) # print(currentMaxBid) if numOccurences == 1: for bid in bids: print("\n") print(bid["amount"]) print(increment) if (bid["amount"] + increment) <= bid["maxBid"] and bid["amount"] < currentMaxBid: bid["changed"] = True changed = True bid["amount"] = bid["amount"] + increment else: for bid in bids: print("\n") print(bid["amount"]) print(increment) if (bid["amount"] + increment) <= bid["maxBid"] and bid["amount"] <= currentMaxBid: bid["changed"] = True changed = True bid["amount"] = bid["amount"] + increment for bid in bids: if "changed" in bid: # print('wut') query = "UPDATE Bids SET amount = %s, time = NOW() WHERE id = %s" cursor.execute(query, tuple([bid["amount"], bid["id"]])) # print('HIIII') query = "INSERT INTO BidLogs (customerID, amount, time, auctionID) VALUES (%s, %s, NOW(), %s)" cursor.execute(query, tuple([bid["customerID"], str(bid["amount"]), auctionID])) query = "UPDATE Auctions SET currentBid = %s WHERE id = %s" cursor.execute(query, tuple([str(currentMaxBid), auctionID])) cursor.close() print("COMMITTING") cnx.commit() cnx.close() except mysql.connector.Error as err: cursor.close() cnx.close() return Response("Something went wrong: {}".format(err), 500) raise exc.HTTPOk()