def del_user(request, uid):
query = f'''
DELETE FROM users
WHERE uid = '{uid}';
'''
sql_functions.sqlquery(query, fetch=False)
return adminpage(request)
def del_proj(request, proj_id):
query = f'''
DELETE FROM projects
WHERE pid = '{proj_id}';
'''
sql_functions.sqlquery(query, fetch=False)
return adminpage(request)
def del_donate(request, u_id, proj_id, d_time):
# simply delete to Trigger refund
query = f'''
DELETE FROM donates
WHERE
uid = '{u_id}' AND
pid = '{proj_id}' AND
dtime = '{d_time}';
'''
sql_functions.sqlquery(query, fetch=False)
return adminpage(request)
def edit_donation(request, u_id=None, proj_id=None, d_time=None, update=None):
html = {'uid': u_id, 'pid': proj_id, 'dtime': d_time}
if update == None:
query = f'''
SELECT * FROM donates WHERE
uid = '{u_id}' AND pid = '{proj_id}' AND dtime = '{d_time}';
'''
result = sql_functions.sqlquery(query)[0]
damt = result[-1]
html['damt'] = damt
return render(
request,
'AppAdminAccess/edit_donates.html',
html
)
new_damt = request.POST['damt']
html['damt'] = new_damt
try:
query = f'''
UPDATE donates
SET damt = {new_damt}
WHERE uid = '{u_id}' AND pid = '{proj_id}' AND dtime = '{d_time}';
'''
sql_functions.sqlquery(query, fetch=False)
html.update({'message': 'Value updated', 'msg_col': 'green'})
except Exception as e:
e = str(e)
if 'donates_damt_check' in e:
message = 'Donation cannot be negative!'
else:
message = "Dont't try anything funny! " + e
html.update({"message": message, "msg_col": "red"})
return render(
request,
'AppAdminAccess/edit_donates.html',
html
)
def edit_proj(request, proj_id = None, update = None):
idd = proj_id if proj_id else pid
# display the present values
query = f'''
SELECT * FROM projects WHERE projects.pid = '{idd}';
'''
results = sql_functions.sqlquery(query)[0]
# pid, uid, ptarget, pstartdate, pduration, keywords, pdesc, ppicurl = results
keys = ["pid", "uid", "ptar", 'pstartdate', 'pdur', 'pkeywd', 'pdesc', 'ppicurl']
html = dict(zip(keys, results))
html.update({"p_id": idd})
if update == None:
# first entering this page, send from admin access
# render the template
return render(
request,
'AppAdminAccess/edit_project.html',
html
)
# else, enter via filling form submission
# fist try gathering the form submission
ppicurl = request.POST.get('ppicurl')
proj_id = request.POST.get('proj_id')
pkeywd = request.POST.get('pkeywd')
pdesc = request.POST.get('pdesc')
pdur = request.POST.get('pdur')
ptar = request.POST.get('ptar')
# try updating the values
query = f'''
UPDATE projects
SET
pid = '{proj_id}',
ptarget = '{ptar}',
pduration = '{pdur}',
keywords = '{pkeywd}',
pdesc = '{pdesc}',
ppicurl = '{ppicurl}'
WHERE pid = '{idd}';
'''
html.update({
'ppicurl': ppicurl,
'pid': proj_id,
'pkeywd': pkeywd,
'pdesc': pdesc,
'pdur':pdur,
'ptar': ptar,
})
try:
sql_functions.sqlquery(query, fetch=False)
html.update({"message": "Values Updated", "msg_col": "green"})
except Exception as e:
e = str(e)
if 'violates unique constraint "projects_pkey" ' in e:
message = f"{proj_id} already exist!"
elif 'check constraint "projects_pduration_check"' in e:
message = "Duration cannot be negative!"
elif 'violates check constraint "projects_pduration_check2"' in e:
message = "Duration cannot be more than 1 year!"
elif 'check constraint "projects_ptarget_check"' in e:
message = 'Target must be positive!'
else:
message = "Don't do anything funny! " + e
html.update({"message": message, "msg_col": "red"})
return render(
request,
"AppAdminAccess/edit_project.html",
html
)
def edit_user(request, user_id=None, update = None, uid=None):
idd = user_id if user_id else uid
query = f"SELECT * FROM users WHERE users.uid = '{idd}';"
print(query)
print(user_id, update, uid)
results = sql_functions.sqlquery(query)[0]
data = ["username", "fullname", "password", "upicurl", "ucash"]
if update == None:
html = dict(zip(data, results))
html.update({'user_id':user_id, "my_fullname": request.session['fullname']})
return render(
request,
"AppAdminAccess/edit_user.html",
html
)
# else it will come from the form submission
upicurl = request.POST.get('upicurl')
username = request.POST.get('username')
fullname = request.POST.get('fullname')
ucash = request.POST.get('ucash')
password = request.POST.get('password')
query = f'''
UPDATE users
SET
uid = '{username}',
uname = '{fullname}',
upassword = '******',
upicurl = '{upicurl}',
ucash = {ucash}
WHERE uid = '{uid}';
'''
values = [username, fullname, password, upicurl, ucash]
html_temp = dict(zip(data, values))
try:
sql_functions.sqlquery(query, fetch=False)
html_temp.update({"message": "Values Updated", "msg_col": "green"})
# successfully update uid
request.session['fullname'] = fullname
html_temp.update({"user_id":username})
except Exception as e:
e = str(e)
html_temp.update({"user_id":idd})
if 'duplicate key value violates unique constraint "users_pkey"' in e:
message = f"username: {username} already exist!"
elif 'value too long' in e:
message = "Value String is too long!"
elif 'violates check constraint "users_ucash_check"' in e:
message = 'Cannot have negative cash!'
else:
message = "Dont try anything funny! " + e
html_temp.update({"message": message, "msg_col": "red", "my_fullname": request.session['fullname']})
# print(html_temp['user_id'])
return render(
request,
"AppAdminAccess/edit_user.html",
html_temp
)