def registerPage():
command = """ SELECT MAX(user_id)
FROM login
"""
cursor.execute(command)
new_id = cursor.fetchone()
user_id = new_id[0] + 1
form = RegistrationForm(request.form, csrf_enabled=False)
if request.method == 'POST' and form.validate():
username = form.username.data
email = form.email.data
password = form.password.data
command = """ SELECT * FROM login WHERE login.username = "******" """.format(
username=username)
cursor.execute(command)
usernametester = cursor.fetchone()
if usernametester != None: #Testing to see if anything wrong with Username
if username == usernametester[1]:
flash("That username is already taken, please choose another",
'danger')
return render_template('registration.html',
form=form,
URL=url_for('registerPage'))
command = """ INSERT INTO login
(user_id, username, email, password)
VALUES ({i}, '{u}', '{e}', '{p}')
""".format(i=user_id, u=username, e=email, p=password)
cursor.execute(command)
conn.commit()
session['logged_in'] = True
session['username'] = username
flash(
'The user %s with ID %d has been created! Logged in!' %
(username, user_id), 'success')
return redirect(url_for('home'))
if form.errors:
flash(form.errors, 'danger')
return render_template('registration.html',
form=form,
URL=url_for('registerPage'))
def login():
form = LoginForm(request.form)
if (request.method == "POST" and form.validate):
username = form.username.data
password = form.password.data
command = """ SELECT * FROM login WHERE login.username = "******" """.format(
username=username)
cursor.execute(command)
usernametester = cursor.fetchone()
if usernametester != None: ##Testing to see if anything wrong with Username/password
if username == usernametester[1] and password == usernametester[3]:
session['logged_in'] = True
session['username'] = username
flash('Logged in as %s!' % (username), 'success')
return redirect(url_for('home'))
else:
flash('Wrong credentials', 'danger')
return render_template('login.html',
URL=url_for('login'),
form=form)
else:
flash('Wrong credentials', 'danger')
return render_template('login.html',
URL=url_for('login'),
form=form)
return render_template('login.html', URL=url_for('login'), form=form)
def department_create():
command = """ SELECT MAX(dept_id)
FROM departments
"""
cursor.execute(command)
next_id = cursor.fetchone()
new_id = next_id[0] + 1
form = DepartmentForm(request.form, csrf_enabled=False)
if (request.method == 'POST' and form.validate()):
dept_name = form.dept_name.data
warranty = form.warranty.data
dept_phone = int(form.dept_phone.data)
dept_manager = form.dept_manager.data
command = """INSERT INTO departments
(dept_id, dept_name, warranty, dept_phone, dept_manager)
VALUES
('{id}','{name}',{warranty}, '{phone}', '{manager}')
""".format(id=new_id,
name=dept_name,
warranty=warranty,
phone=dept_phone,
manager=dept_manager)
cursor.execute(command)
conn.commit()
flash("The department %s with %s as the manager has been created" %
(dept_name, dept_manager))
return redirect(
url_for('departmentsPrinter')
) #You had the url for completely wrong. Maybe you forgot to change hers?
if form.errors:
flash(form.errors, 'danger')
return render_template(
'department_create.html',
URL=url_for('department_create'),
form=form,
dept_id=new_id
) #forgot to send URl = url_for('product_create'). It's necessary for the title.
def product_create():
command = """SELECT MAX(prod_id)
FROM products
"""
cursor.execute(command)
next_id = cursor.fetchone()
new_id = next_id[0] + 1
form = ProductForm(
request.form,
csrf_enabled=False) #not sure if to have CSRF enabled or not
command = """ SELECT {departments}.dept_id, {departments}.dept_name
FROM departments
""".format(departments='departments') #changed a bit for CHOICES
cursor.execute(command)
departments = cursor.fetchall()
form.dept_id.choices = departments # NOT 100% on what this line does
if (request.method == 'POST' and form.validate()):
prod_name = form.prod_name.data
dept_id = form.dept_id.data
prod_price = form.prod_price.data
prod_stock = form.prod_stock.data
prod_rating = form.prod_rating.data
prod_images = form.prod_images.data
#These have to be if statements because form.shipping.data returns a bool, which SQLite doesn't accept. It works with 1 and 0
if (form.shipping.data):
shipping = 1
else:
shipping = 0
if (form.recycle_fee.data):
recycle_fee = 1
else:
recycle_fee = 0
command = """ INSERT INTO products
(prod_id, prod_name, dept_id, prod_price, prod_stock, prod_rating, prod_images, shipping, recycle_fee)
VALUES
('{id}','{name}',{dept}, {price}, {stock},{rating}, '{images}', {ship}, {fee})
""".format(
id=new_id,
name=prod_name,
dept=dept_id,
price=prod_price,
stock=prod_stock,
rating=prod_rating,
images=prod_images,
ship=shipping,
fee=recycle_fee
) #you had shipping = shipping here. It should have been ship=shipping
cursor.execute(command)
conn.commit()
flash("The product %s with id %d has been created" %
(prod_name, new_id))
return redirect(url_for('get_message', ID=new_id))
if form.errors:
flash(form.errors, 'danger')
return render_template('product_create.html',
URL=url_for('product_create'),
form=form,
prod_id=new_id)