Exemplo n.º 1
0
def main():
	form = cgi.FieldStorage()
	
	#email = form.getvalue('email')
	action = form.getvalue('action')
	title = form.getvalue('title')
	desc = form.getvalue('desc')
	format = form.getvalue('format')
	length = form.getvalue('length')
	publisher = form.getvalue('publisher')
	datepub = form.getvalue('datepub')
	price = form.getvalue('price')
	awards = form.getvalue('awards')
	isbn = form.getvalue('ISBN')
	genres = form.getlist('genres')
	illustrators= form.getlist('illustrators')
	writers= form.getlist('writers')
	stock = form.getvalue('stock')

	try:
		state = "update"
		cur = con.cursor()

		sess = session.Session(expires=365*24*60*60, cookie_path='/')
		lastvisit = sess.data.get('lastvisit')
		email= sess.data.get('user')
		print sess.cookie
		
		if email is None:
			print "Location: login.py?redirect=1\r\n"

		command = "SELECT * FROM Users WHERE Email = '" + email + "'";
		cur.execute(command)
		user= cur.fetchone()

		if desc != None:
			desc = desc.replace('\r\n', '<br>')

		if action == "edit":
			bookform = []
			if isbn != None :
				bookform = []
				command = "SELECT * FROM  ComicBooks where ISBN='" + isbn + "'";
				cur.execute(command)
				book = cur.fetchone()
				for i in book:
					bookform.append(i)
				bookform[4] = bookform[4].strip() 

				awards = []
				command = "SELECT Award from LiteraryAwards WHERE ISBN='" + isbn + "'"
				cur.execute(command)
				award = cur.fetchall()
				for i in range(len(award)):
					award_ = award[i][0].strip()
					awards.append(award_)
				bookform.append(awards)

				command = "SELECT WriterName from BookWriter WHERE ISBN='" + isbn + "'"
				cur.execute(command)
				rows = cur.fetchall()

				writers_= []
				for row in rows:
					writers_.append(row[0])
				writers = utilities.getWriters(writers_, cur)

				command = "SELECT IllustratorName from BookIllustrator WHERE ISBN='" + isbn + "'"
				cur.execute(command)
				rows = cur.fetchall()

				illustrators_= []
				for row in rows:
					illustrators_.append(row[0])
				illustrators = utilities.getIllustrators(illustrators_, cur)

				command = "SELECT Genre from ComicBooks NATURAL JOIN BookGenre WHERE ISBN ='" + book[0] + "'"
				cur.execute(command)
				rows = cur.fetchall()
				genres_= []
				for row in rows:
					genres_.append(row[0])
				genres = utilities.getGenres(genres_, cur)
			else :
				writers = utilities.getWriters([], cur)	
				illustrators = utilities.getIllustrators([], cur)
				genres = utilities.getGenres([], cur)

			sidebar = utilities.getSideBar(email, user[9], cur)
			print display("comic-book-create-update.html").render(state=state,user=user,sidebar=sidebar,bookform=bookform,genres=genres,writers=writers,illustrators=illustrators)
			return

		elif action == "save":

			update_command = "UPDATE ComicBooks SET "
			
			update_command = update_command + " Format = '" + format + "' "
			update_command = update_command + ", Title = '" + title + "' "
			update_command = update_command + ", Length = '" + length + "' "
			update_command = update_command + ", Publisher = '" + publisher + "' "
			update_command = update_command + ", DatePublished = '" + datepub + "' "
			update_command = update_command + ", Price = '" + price + "' "
			update_command = update_command + ", Stock = '" + stock + "' "

			if desc is None:
				 update_command = update_command + ", Description = null "
			else :
				update_command = update_command + """, Description = " """ + desc + """ " """	

			# upload image is user specified
			if form.has_key('image_file'):
				fileitem = form['image_file']
				if fileitem.file:
					extension = os.path.splitext(fileitem.filename)[1] 
					if extension != '' :
						fout = file ("model/images/cover-" +  isbn + extension , 'wb')
						while 1:
							chunk = fileitem.file.read(100000)
							if not chunk: 
								break
							fout.write(chunk)
						fout.close()
						update_command = update_command + ", Image = '" + "model/images/cover-" + isbn + extension  + "' "

			update_command =  update_command + " WHERE ISBN = '" + isbn +  "'"
			cur.execute(update_command)

			command = "DELETE FROM LiteraryAwards Where ISBN = '" + isbn +  "'";
			cur.execute(command)
			
			if awards != None:
				awards = awards.split(',')
				for award in awards:
					insert_command = "INSERT INTO LiteraryAwards(ISBN, Award) VALUES "
					insert_command =  insert_command + "( '" + isbn + """' , " """ + award + """ ")"""
					cur.execute(insert_command)
					con.commit() 

			command = "DELETE FROM BookGenre Where ISBN = '" + isbn +  "'";		
			cur.execute(command)
			con.commit()
			
			if genres is not None:
				for genre in genres:
					insert_command = "INSERT INTO BookGenre(ISBN, Genre) VALUES "
					insert_command =  insert_command + "( '" + isbn + "' , '" + genre + "')"
					cur.execute(insert_command)

			command = "DELETE FROM BookIllustrator Where ISBN = '" + isbn +  "'";		
			cur.execute(command)
			
			if illustrators is not None:
				for illustrator in illustrators:
					insert_command = "INSERT INTO BookIllustrator(ISBN, IllustratorName) VALUES "
					insert_command =  insert_command + "( '" + isbn + "' , '" + illustrator + "')"
					cur.execute(insert_command)

			command = "DELETE FROM BookWriter Where ISBN = '" + isbn +  "'";		
			cur.execute(command)
			
			if writers is not None:
				for writer in writers:
					insert_command = "INSERT INTO BookWriter(ISBN, WriterName) VALUES "
					insert_command =  insert_command + "( '" + isbn + "' , '" + writer + "')"
					cur.execute(insert_command)
			con.commit() 
			
			print "Location: comic-book-item.py?ISBN=" + isbn + "&success=1\r\n"
			
	except mdb.Error, e:
	    if con:
	        con.rollback()
Exemplo n.º 2
0
def main():
	form = cgi.FieldStorage()
	action = form.getvalue('action')
	isbn = form.getvalue('ISBN')
	title = form.getvalue('title')
	desc = form.getvalue('desc')
	format = form.getvalue('format')
	length = form.getvalue('length')
	publisher = form.getvalue('publisher')
	datepub = form.getvalue('datepub')
	price = form.getvalue('price')
	awards = form.getvalue('awards')
	genres = form.getlist('genres')
	illustrators= form.getlist('illustrators')
	writers= form.getlist('writers')
	stock = form.getvalue('stock')

	try:
		state = "create"
		cur = con.cursor()

		sess = session.Session(expires=365*24*60*60, cookie_path='/')
		lastvisit = sess.data.get('lastvisit')
		email= sess.data.get('user')
		print sess.cookie

		if desc != None:
			desc = desc.replace("\r\n", '<br>')
		
		if email is None:
			print "Location: login.py?redirect=1\r\n"

		command = "SELECT * FROM Users WHERE Email = '" + email + "'";
                cur.execute(command)
                user= cur.fetchone()


		if action == "create":
			bookform = []
			writers = utilities.getWriters([], cur)	
			illustrators = utilities.getIllustrators([], cur)
			genres = utilities.getGenres([], cur)

			sidebar = utilities.getSideBar(email, user[9], cur)
			print display("comic-book-create-update.html").render(state=state,user=user,sidebar=sidebar,bookform=bookform,genres=genres,writers=writers,illustrators=illustrators)
			return

			sidebar = utilities.getSideBar(email, user[9], cur)
			print display("comic-book-create-update.html").render(user=user,sidebar=sidebar,bookform=bookform,genres=genres,writers=writers,illustrators=illustrators)
			return

		elif action == "save":
			if isbn != None :
				command = "SELECT ISBN from ComicBooks where ISBN = '" + isbn + "'"
				cur.execute(command)
				bookRecord = cur.fetchone()

				if bookRecord is not None:
					bookform = []
					bookform.append(isbn)
					bookform.append(title)
					bookform.append(price)
					bookform.append(publisher)
					bookform.append(desc)
					bookform.append(" ")
					bookform.append(datepub)
					bookform.append(length)
					bookform.append(format)
					writers_= []
					for writer in writers:
						writers_.append(writer)
					writers = utilities.getWriters(writers_, cur)
					illustrators_= []
					for illustrator in illustrators:
						illustrators_.append(illustrator)
					illustrators = utilities.getIllustrators(illustrators_, cur)
					genres_= []
					for genre in genres:
						genres_.append(genre)
					genres = utilities.getGenres(genres_, cur)
					sidebar = utilities.getSideBar(email, user[9], cur)
					error = "Comic book " + isbn + " already exists! Provide another comic book."

					print display("comic-book-create-update.html").render(state="create",user=user,sidebar=sidebar,bookform=bookform,genres=genres,writers=writers,illustrators=illustrators,error=error)
				else :

					insert_command = "INSERT INTO ComicBooks(ISBN, Description, Title, Price, Publisher, DatePublished, Length, Format, Stock) VALUES"
					insert_command = insert_command + "(" 
					insert_command = insert_command + "'" + isbn + "'," 
					insert_command = insert_command + """ " """ + desc + """ " """ + ", '" + title + "','" + price + "','" + publisher + "','" + datepub + "','" + length + "','" + format + "','" + stock + "')"

					cur.execute(insert_command)	

					# upload image is user specified					
					if form.has_key('image_file'):
						update_command = "UPDATE ComicBooks SET "
						fileitem = form['image_file']
						if fileitem.file:
							extension = os.path.splitext(fileitem.filename)[1] 
							if extension != '' :
								fout = file ("model/images/cover-" +  isbn + extension , 'wb')
								while 1:
									chunk = fileitem.file.read(100000)
									if not chunk: 
										break
									fout.write(chunk)
								fout.close()
								update_command = update_command + "Image = '" + "model/images/cover-" + isbn + extension  + "' "
								update_command =  update_command + " WHERE ISBN = '" + isbn +  "'"
								cur.execute(update_command)

					if awards != None:
						awards = awards.split(',')
						for award in awards:
							insert_command = "INSERT INTO LiteraryAwards(ISBN, Award) VALUES "
							insert_command =  insert_command + "( '" + isbn + """' , " """ + award + """ ")"""
							cur.execute(insert_command)
					
					if genres is not None:
						for genre in genres:
							insert_command = "INSERT INTO BookGenre(ISBN, Genre) VALUES "
							insert_command =  insert_command + "( '" + isbn + "' , '" + genre + "')"
							cur.execute(insert_command)
					
					if illustrators is not None:
						for illustrator in illustrators:
							insert_command = "INSERT INTO BookIllustrator(ISBN, IllustratorName) VALUES "
							insert_command =  insert_command + "( '" + isbn + "' , '" + illustrator + "')"
							cur.execute(insert_command)

					if writers is not None:
						for writer in writers:
							insert_command = "INSERT INTO BookWriter(ISBN, WriterName) VALUES "
							insert_command =  insert_command + "( '" + isbn + "' , '" + writer + "')"
							cur.execute(insert_command)
					
					con.commit() 

					print "Location: comic-book-item.py?ISBN=" + isbn + "&success=2\r\n"
					

	except mdb.Error, e:
	    if con:
	        con.rollback()
	    invaidPageError()