def editarRecetas(id):
if request.method == 'POST':
nombre=request.form['Nombre'].encode("UTF-8")
descripcion=request.form['Descripcion'].encode("UTF-8")
sqlCon = SQLConnection(current_user.userType, current_user.userid)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('sp_modificarReceta',(id,nombre,descripcion))
con.commit()
sqlCon.close(con)
sqlCon = SQLConnection(current_user.userType, current_user.userid)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('sp_obtenerReceta',(id,))
for receta in cursor:
DBReceta = receta
sqlCon.close(con)
return render_template('editarReceta.html',receta=DBReceta)
def insertProduct():
if request.method == 'POST':
upload_file = request.files["file"]
image_data = upload_file.read()
nombre=request.form['Nombre'].encode("UTF-8")
marca=request.form['Marca'].encode("UTF-8")
descripcion=request.form['Descripcion'].encode("UTF-8")
cantidad=request.form['Cantidad'].encode("UTF-8")
costo=request.form['Costo'].encode("UTF-8")
precioFinal=request.form['PrecioFinal'].encode("UTF-8")
descuentoMaximo=request.form['DescuentoMaximo'].encode("UTF-8")
if image_data == "":
flash("Por favor seleccione una imagen")
else:
ex=("EXEC sp_insertarProducto "+
" @pNombre = '"+nombre+
"', @pMarca = '"+marca+
"', @pDescripcion = '"+descripcion+
"', @pCantidad = "+cantidad+
", @pCosto = """+costo+
", @pPrecioFinal = "+precioFinal+
", @pDescuentoMaximo = "+descuentoMaximo+
", @pFoto = '"+image_data.encode('hex_codec')+"'")
sqlCon = SQLConnection(current_user.userType, current_user.userid)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.execute(ex)
con.commit()
sqlCon.close(con)
return index()
return render_template('insertProduct.html')
def dbModifyParticipant(userType, userId,alias, name, lastName,email,address):
sqlCon = SQLConnection(userType, userId)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspModifyParticipantData', (alias, name, lastName,address,email,))
checkError(cursor,"Participant Modified Successfully!")
con.commit()
sqlCon.close(con)
def dbSuspendParticipant(userType, userId, alias):
sqlCon = SQLConnection(userType, userId)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspSuspendParticipant', (alias,))
checkError(cursor,"Participant Suspended!")
con.commit()
sqlCon.close(con)
def dbActivateAgent(userType, userId, alias):
sqlCon = SQLConnection(userType, userId)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspAllowAgent', (alias,))
checkError(cursor,"Agent Activated!")
con.commit()
sqlCon.close(con)
def dbSetUpSystem(userType,userId,commission,minimumIncrease):
sqlCon = SQLConnection(userType, userId)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspSetSystemParameters', (commission,minimumIncrease,))
checkError(cursor,"Values Successfully updated to DB!")
con.commit()
sqlCon.close(con)
def modifyProduct(id):
sqlCon = SQLConnection(current_user.userType, current_user.userid)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('sp_obtenerProducto',(id,))
for product in cursor:
product['Foto'] = base64.b64encode(product['Foto'])
DBproduct = product
if request.method == 'POST':
upload_file = request.files["file"]
image_data = upload_file.read()
nombre=request.form['Nombre'].encode("UTF-8")
marca=request.form['Marca'].encode("UTF-8")
descripcion=request.form['Descripcion'].encode("UTF-8")
cantidad=request.form['Cantidad'].encode("UTF-8")
costo=request.form['Costo'].encode("UTF-8")
precioFinal=request.form['PrecioFinal'].encode("UTF-8")
descuentoMaximo=request.form['DescuentoMaximo'].encode("UTF-8")
if image_data == "":
ex=("EXEC sp_modificarProducto "+
"@pIdProducto = "+id+
", @pNombre = '"+nombre+
"', @pMarca = '"+marca+
"', @pDescripcion = '"+descripcion+
"', @pCantidad = "+cantidad+
", @pCosto = """+costo+
", @pPrecioFinal = "+precioFinal+
", @pDescuentoMaximo = "+descuentoMaximo)
else:
ex=("EXEC sp_modificarProducto "+
"@pIdProducto = "+id+
", @pNombre = '"+nombre+
"', @pMarca = '"+marca+
"', @pDescripcion = '"+descripcion+
"', @pCantidad = "+cantidad+
", @pCosto = """+costo+
", @pPrecioFinal = "+precioFinal+
", @pDescuentoMaximo = "+descuentoMaximo+
", @pFoto = '"+image_data.encode('hex_codec')+"'")
sqlCon = SQLConnection(current_user.userType, current_user.userid)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.execute(ex)
con.commit()
sqlCon.close(con)
sqlCon = SQLConnection(current_user.userType, current_user.userid)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('sp_obtenerProducto',(id,))
for product in cursor:
product['Foto'] = base64.b64encode(product['Foto'])
DBproduct = product
return render_template('modifyProduct.html',product=DBproduct)
return render_template('modifyProduct.html',product=DBproduct)
def dbNewAdmin(userType,userId,name, lastName, alias,
password,address,personalId):
sqlCon = SQLConnection(userType, userId)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspAddNewAdmin', (alias,password, name, lastName,address,personalId,))
checkError(cursor,"Admin Successfully added to DB!")
con.commit()
sqlCon.close(con)
def dbPlaceBid(userType, itemId, alias, newBid):
sqlCon = SQLConnection(userType)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspNewBid', (itemId, alias,newBid,))
checkError(cursor,"Your bid for " + newBid + " was successfull!")
con.commit()
sqlCon.close(con)
def dbComment(userType, alias, comment, auctionId):
sqlCon = SQLConnection(userType, alias)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspNewComment', (alias,comment,
auctionId,))
con.commit()
checkError(cursor,"Your comment was added")
sqlCon.close(con)
def dbNewParticipant(userType,userId,name, lastName, alias,
password,address,personalId,email):
sqlCon = SQLConnection(userType, userId)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspNewParticipant', (alias,password, name, lastName,address,personalId,email,))
checkError(cursor,"Participant Successfully added to DB!")
con.commit()
sqlCon.close(con)
def dbRePublishListing(userType, alias, auctionId,
description, listingEndDate, startingPrice):
sqlCon = SQLConnection(userType, alias)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspRestartAuction', (alias,auctionId, description, listingEndDate,startingPrice,))
checkError(cursor,"Listing had been added!")
con.commit()
sqlCon.close(con)
def get_photo(userType,id):
sqlCon = SQLConnection(userType)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('sp_getPhoto', (id,))
for row in cursor:
byteString = row['Foto']
sqlCon.close(con)
return byteString
def dbAddCard(userType,userId,alias, cardNumber, securityCode,
cardName, expirationDate):
sqlCon = SQLConnection(userType, userId)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspAddCard', (alias,securityCode,
cardNumber, cardName,expirationDate,))
checkError(cursor,"Card added Successfully!")
con.commit()
sqlCon.close(con)
def dbNewListing(userType, alias,
description, category, subCategory, listingEndDate, startingPrice, image):
sqlCon = SQLConnection(userType, alias)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspNewAuction', (alias, description, category,
subCategory, listingEndDate,startingPrice,image,))
checkError(cursor,"Listing had been added!")
con.commit()
sqlCon.close(con)
def dbAddPhones(userType,userId,alias,phones):
sqlCon = SQLConnection(userType, userId)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
for phone in phones:
if phone!="":
cursor.callproc('uspAddPhoneNumber', (alias,phone,))
if len(phones)!=0:
checkError(cursor,"Phones were added to the DB!")
else:
checkError(cursor,"")
con.commit()
sqlCon.close(con)
def checkLogin(alias, password):
result = False
sqlCon = SQLConnection()
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspCheckLogin', (alias,password,))
for row in cursor:
if row['EXITO'] == 1:
result = True
sqlCon.close(con)
return result
def dbBids(userType, alias, itemId):
sqlCon = SQLConnection(userType, alias)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspViewBidsForAnAuction', (itemId,alias,))
pastBids = []
for row in cursor:
pastBids.append(row)
checkError(cursor,"")
sqlCon.close(con)
return pastBids
def getFailedAuctionsByUser(userType, userId):
listings = []
if userType == 'participant':
sqlCon = SQLConnection(userType, userId)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
#get all listings
cursor.callproc('uspViewFailedAuctions', (userId,))
for row in cursor:
listings.append(row)
checkError(cursor,"")
sqlCon.close(con)
return listings
def getWinningListingsByUser(user, userId, userType):
if user == "----":
user = None
listings = []
sqlCon = SQLConnection(userType, userId)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
#get all listings
cursor.callproc('uspViewWonAuctionHistory', (user,userId,))
for row in cursor:
listings.append(row)
checkError(cursor,"")
sqlCon.close(con)
return listings
def newListing():
sqlCon = SQLConnection(current_user.userType, current_user.userid)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspViewCategories')
cate1 = []
cate2 = []
for row in cursor:
if (row['category']) not in cate1:
cate1.append(row['category'])
if (row['subCategory']) not in cate2:
cate2.append(row['subCategory'])
#close connection
sqlCon.close(con)
cate1.sort()
cate2.sort()
if request.method == 'POST':
category1 = request.form['category1']
category2 = request.form['category2']
description = request.form['description']
listingEndDate = request.form['listingEndDate']
listingEndTime = request.form['listingEndTime']
startingPrice = request.form['startingPrice']
image = request.form['img']
listingEndDate = fixDate(listingEndDate, listingEndTime)
print listingEndDate
try:
dbNewListing(current_user.userType, current_user.userid,
description, category1, category2, listingEndDate,
startingPrice, image)
except Exception as e:
print e
flash(errorMsj)
return render_template('newListing.html', cate1=cate1, cate2=cate2)
def insertarReceta():
if request.method == 'POST':
nombre=request.form['Nombre'].encode("UTF-8")
descripcion=request.form['Descripcion'].encode("UTF-8")
nombreProducto=request.form['NombreProducto'].encode("UTF-8")
ex=("EXEC sp_insertarReceta "+
" @pNombre = '"+nombre+
"', @pNombreProducto = '"+nombreProducto+
"', @pDescripcion = '"+descripcion+"'")
sqlCon = SQLConnection(current_user.userType, current_user.userid)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.execute(ex)
con.commit()
sqlCon.close(con)
return index()
return render_template('insertarReceta.html')
def dbGetAgents(userType,userId, JustSuspended):
sqlCon = SQLConnection(userType, userId)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
if JustSuspended==0:
cursor.callproc('uspGetAgents',(0,))
elif JustSuspended==1:
cursor.callproc('uspGetAgents',(1,))
else:
cursor.callproc('uspGetAgents',(2,))
agents = []
for row in cursor:
agents.append(row['Alias'])
checkError(cursor,"")
#close connection
sqlCon.close(con)
return agents
def dbGetParticipants(userType, userid,JustSuspended):
print 'user is type =' + userType
print 'Hola = '+ userid
sqlCon = SQLConnection(userType, userid)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
if JustSuspended==0:
cursor.callproc('uspGetParticipants',(0,))
elif JustSuspended==1:
cursor.callproc('uspGetParticipants',(1,))
else:
cursor.callproc('uspGetParticipants',(2,))
participants = []
error=False;
for row in cursor:
participants.append(row['Alias'])
checkError(cursor,"")
#close connection
sqlCon.close(con)
return participants
def getUserType(alias):
sqlCon = SQLConnection()
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('upsGetKindOfUser', (alias,))
for row in cursor:
if row['Exito'] == 0:
sqlCon.close(con)
return None
elif row['Administrator'] == 1:
sqlCon.close(con)
return 'admin'
elif row['Agent'] == 1:
sqlCon.close(con)
return 'agent'
elif row['Participant'] == 1:
sqlCon.close(con)
return 'participant'
def index():
sqlCon = SQLConnection(current_user.userType, current_user.userid)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
cursor.callproc('uspViewCategories')
cate1 = []
cate2 = []
# for row in cursor:
# for cat in cate1:
# if cat[0] != row['category']:
# cate2.append([row['category']])
# if (row['subCategory']) not in cat:
# cat.append(row['subCategory'])
#
# print cate1
for row in cursor:
if (row['category']) not in cate1:
cate1.append(row['category'])
if (row['subCategory']) not in cate2:
cate2.append(row['subCategory'])
#close connection
sqlCon.close(con)
cate1.sort()
cate2.sort()
if request.method == 'POST':
try: #if user selected newBid button
item = request.values.get('idItem')
#show them all past bids and let them bid
return redirect(url_for('bids', itemId=item))
except Exception as e:
category1 = request.form['category1']
category2 = request.form['category2']
if category1 == "----":
category1 = None
if category2 == "----":
category2 = None
sqlCon = SQLConnection(current_user.userType, current_user.userid)
con = sqlCon.connect()
cursor = con.cursor(as_dict=True)
#get all listings
cursor.callproc('uspViewAvailableAuctions', (current_user.userid,
category1, category2,))
entries = []
for row in cursor:
entries.append(row)
sqlCon.close(con)
return render_template('index.html',
entries=entries, cate1=cate1, cate2=cate2)
return render_template('index.html', cate1 = cate1, cate2 = cate2)
