def productUpdate():
if request.method == 'GET':
if ("employee" in request.cookies) & (request.cookies["employee"]
== "True"):
return render_template("update_productinfo.html")
else:
return "FORBIDDEN"
if request.method == 'POST':
payload = request.form
cursor = connection.cursor()
querystr = '''update product
set product_name = :name,
product_price = :price,
upc_code = :UPC
where product_id = :pid
'''
cursor.execute(
querystr, {
"pid": payload["inputproductID"],
"UPC": payload["inputproductCode"],
"name": payload["inputName"],
"price": payload["inputPrice"]
})
connection.commit()
redirect_to_main = redirect('/main')
response = app.make_response(redirect_to_main)
response.set_cookie('auth_user', value='') # Add the username arg
response.set_cookie('employee', value='True')
return response
def empSignin():
if request.method == 'GET':
return render_template('employee_sign_in.html')
if request.method == 'POST':
# SIGN IN LOGIC
payload = request.form
userid = None
cursor = connection.cursor()
querystr = '''
select user_id from account
where username = :username
and password = :password
'''
cursor.execute(
querystr, {
"username": payload["inputUsername"],
"password": payload["inputPassword"]
})
for id in cursor:
userid = id[0]
redirect_to_main = redirect('/main')
response = app.make_response(redirect_to_main)
response.set_cookie('auth_user', value='') # Add the username arg
response.set_cookie('employee', value='True')
return response
def empSignin():
if request.method == 'GET':
return render_template('employee_sign_in.html')
if request.method == 'POST':
# SIGN IN LOGIC
redirect_to_main = redirect('/main')
response = app.make_response(redirect_to_main)
response.set_cookie('auth_user', value='') # Add the username arg
response.set_cookie('employee', value='True')
return response
def signinpage():
if request.method == 'GET':
return render_template('customer_sign_in.html')
if request.method == 'POST':
# SIGN IN LOGIC
payload = request.get_json(force=True)
userid = None
cursor = connection.cursor()
querystr = '''
select user_id from account
where username = {0}
and password = {1};
'''.format(payload["username"], payload["password"])
cursor.execute(querystr)
for id in cursor:
userid = id
redirect_to_main = redirect('/main')
response = app.make_response(redirect_to_main)
if not userid == None:
response.set_cookie('auth_user',
value=userid) # Add the username arg
return response
def logout():
redirect_to_main = redirect('/main')
response = app.make_response(redirect_to_main)
response.set_cookie('auth_user', value='', expires=0) # Remove cookies
response.set_cookie('employee', value='', expires=0) # Remove cookies
return response
def test():
redirect_to_main = redirect('/main')
response = app.make_response(redirect_to_main)
response.set_cookie('auth_user', value='test') # Add the username arg
return response