def newbag(): if request.method == 'POST': bag = Bag(request.form['store'], request.form['threshold'], 0, request.form['network']) db_session.add(bag) db_session.commit() return redirect(url_for('home')) return render_template('newbagform.html')
def editaccount(userid): if not session.get('logged_in'): abort(401) if not str(session.get('userid')) == userid: return redirect(url_for('error')) user = User.query.filter_by(id=userid).first() if not user.isauthenticated: abort(401) errorfound = False if request.method == 'POST': # check the validity of the input, return error messages if necessary if len(request.form['email']) > 40: flash("Sorry, your email address is simply too long!", "emailerror") errorfound = True if len(request.form['firstname']) > 30: flash("Sorry, your first name is too long... take it up with your parents.", "fnameerror") errorfound = True if len(request.form['lastname']) > 30: flash("Sorry, your last name is too long... best marry someone with a shorter last name..", "lnameerror") errorfound = True try: mailbox = int(request.form['mailbox']) if mailbox < 0: errorfound = True except ValueError: flash("Invalid mailbox number", "mailboxerror") errorfound = True # check if any fields were left empty if not request.form['firstname']: flash("Please enter your first name", "missingfnameerror") errorfound = True if not request.form['lastname']: flash("Please input the price of the item", "missinglnameerror") errorfound = True if not request.form['email']: flash("Please enter details about your order", "missingemailerror") errorfound = True if not request.form['mailbox']: flash("Please enter your mailbox number", "missingmailboxerror") errorfound = True if errorfound: return redirect( url_for('editaccount', userid=userid) ) # if no errors, proceed! user.firstname = request.form['firstname'] user.lastname = request.form['lastname'] user.email = request.form['email'] user.mailbox = request.form['mailbox'] db_session.commit() flash("Your information has been updated!", "accountedit") return redirect(url_for('mymilk', userid=userid)) return render_template('accountedit.html', user=user)
def deleteaccount(userid): if not session.get('logged_in'): abort(401) if not str(session.get('userid')) == userid: return redirect(url_for('error')) u = User.query.filter_by(id=userid).first() if not u.isauthenticated: abort(401) db_session.delete(u) db_session.commit() pop_login_session() return redirect(url_for('fblogin'))
def home(): if not session.get('logged_in'): abort(401) # store the bagid's for the featured stores on the carousel. Right now these are hard coded for simplicity, but it will be straightforward to make them dynamic. # urban outfitters urbanoutfittersid = Bag.query.filter_by(store = 'Urban Outfitters').first().id # ralph lauren ralphlaurenid = Bag.query.filter_by(store = 'Ralph Lauren').first().id # j. crew jcrewid = Bag.query.filter_by(store = 'J. Crew').first().id userid = session.get('userid') user = User.query.filter_by(id=userid).first() if not user.isauthenticated: abort(401) address = False if user.mailbox == -1: address = True if request.method == 'POST': # check to make sure the input is valid errorfound = False # check to make sure the input exists if not request.form['mailbox']: flash("Please enter a mailbox number below", "missingmailboxerror") errorfound = True try: price = int(request.form['mailbox']) if price < 0: flash("Sorry, that's not a valid mailbox number. Please enter an integer number greater than zero", "mailboxerror") errorfound = True except ValueError: flash("Sorry, that's not a valid mailbox number. Please enter an integer number greater than zero", "mailboxerror") errorfound = True if errorfound: return redirect(url_for('editaccount', userid=userid)) user.mailbox = request.form['mailbox'] db_session.commit() address = False # return all the bags allbags = Bag.query.all() mybags = [] for b in user.bag: mybags.append(b) return render_template('home.html', userid=userid, urbanoutfittersid=urbanoutfittersid, ralphlaurenid=ralphlaurenid, jcrewid=jcrewid, mybags=mybags, allbags=allbags, address=address, myorders=user.orders)
def addtobag(userid): if request.method == 'POST': bag = Bag.query.filter_by(store = request.form['store']).first() bag.amountinbag = bag.amountinbag + int(request.form['price']) user = User.query.filter_by(id = userid).first() # add the user to the bag bag.users.append(user) # add the user's order to the bag order = Order(request.form['itemurl'], request.form['price'], request.form['quantity'], request.form['size'], bag.id, userid) bag.orders.append(order) db_session.add(order) db_session.commit() return redirect(url_for('mybags', userid=userid)) return render_template('addtobagform.html')
def bagpage(bagid): bag = Bag.query.filter_by(id=bagid).first() if request.method == 'POST': bag.amountinbag = bag.amountinbag + int(request.form['price']) # add the user to the bag user = User.query.filter_by(id=session.get('userid')).first() bag.users.append(user) # add the user's order to the bag order = Order(request.form['itemurl'], request.form['price'], request.form['quantity'], bag.id, user.id) bag.orders.append(order) db_session.add(order) db_session.commit() flash("Your purchase has been added") return redirect(url_for('bagpage', bagid=bagid)) return render_template('bagpage.html', bag=bag)
def facebook_authorized(resp): next_url = request.args.get('next') or url_for('home') if resp is None or 'access_token' not in resp: return redirect(next_url) session['logged_in'] = True session['facebook_token'] = (resp['access_token'], '') fbuser = facebook.get('me').data # return fbuser['email'] if User.query.filter_by(email = fbuser['email']).first() == None: user = User(fbuser['first_name'], fbuser['last_name'], fbuser['email'], '', '') db_session.add(user) db_session.commit() session['userid'] = User.query.filter_by(email = fbuser['email']).first().id return redirect(url_for('home'))
def removed(orderid): if not session.get('logged_in'): abort(401) order = Order.query.filter_by(id=orderid).first() bag = Bag.query.filter_by(id=order.bag_id).first() bag.amountinbag = bag.amountinbag - order.price # delete the order db_session.delete(order) db_session.commit() # if the user has no more orders from that store, remove that store from the user's bags user = User.query.filter_by(id=session.get('userid')).first() orders = Order.query.filter_by(bag_id=bag.id, user_id=user.id).all() if not orders: user.bag.remove(bag) db_session.commit() return render_template('removed.html', userid=user.id, bag=bag)
def cas(netid): user = User.query.filter_by(id = session['userid']).first() user.isauthenticated = True # once CAS authentication happens, user is authenticated forever (but still needs to Facebook login) session['logged_in'] = True db_session.commit() return redirect(url_for('home'))
def bagpage(bagid): if not session.get('logged_in'): abort(401) user = User.query.filter_by(id=session.get('userid')).first() if not user.isauthenticated: abort(401) redir = False for order in user.orders: if str(order.bag.id) == bagid: redir = True orderid = order.id if redir: return redirect(url_for('editorder', orderid=orderid)) bag = Bag.query.filter_by(id=bagid).first() # update order info for progress bar percentfull = """ "width: """ + str(bag.amountinbag*100 / max(bag.threshold,bag.amountinbag)) + """%;" """ percentempty = """ "width: """ + str(100-100*bag.amountinbag / max(bag.threshold,bag.amountinbag)) + """%;" """ if request.method == 'POST': # check the validity of input, if something is wrong, return the page with error messages where appropriate errorfound = False try: price = float(request.form['price']) if price < 0: flash("Invalid price", "priceerror") errorfound = True except ValueError: flash("Invalid price", "priceerror") errorfound = True # check if any of the input is too long if len(request.form['itemurl']) > 200: flash("That URL is too long. Please contact us!", "urllongerr") errorfound = True if len(request.form['details']) > 400: flash("Looks like you've got too many details. If you can't shorten it, please contact us!", "detailslongerr") errorfound = True # check if any fields were left empty if not request.form['itemurl']: flash("Please input the item's URL", "missingurlerror") errorfound = True if not request.form['price']: flash("Please input the price of the item", "missingpriceerror") errorfound = True if not request.form['details']: flash("Please enter details about your order", "missingdetailserror") errorfound = True if errorfound: return redirect(url_for('bagpage', bagid=bagid)) bag.amountinbag = bag.amountinbag + price # add the user to the bag user = User.query.filter_by(id=session.get('userid')).first() bag.users.append(user) ship = False if 'ship' in request.form: ship = True # add the user's order to the bag order = Order(request.form['itemurl'], request.form['price'], request.form['details'], ship, None, None, None, None, None, bag.id, user.id) bag.orders.append(order) db_session.add(order) db_session.commit() flash("Your purchase of " + order.url + " has been added to the " + bag.store + " bag!", "addmessage") # update order info for progress bar percentfull = """ "width: """ + str(int(bag.amountinbag*100 / max(bag.threshold,bag.amountinbag))) + """%;" """ percentempty = """ "width: """ + str(100-int(100*bag.amountinbag / max(bag.threshold,bag.amountinbag))) + """%;" """ return redirect(url_for('bagpage', bagid=bagid)) return render_template('bagpage.html', percentempty=percentempty, percentfull=percentfull, bag=bag, userid=session.get('userid'))
def editorder(orderid): if not session.get('logged_in'): abort(401) user = User.query.filter_by(id=session.get('userid')).first() if not user.isauthenticated: abort(401) valid = False for order in user.orders: # make sure current user is indeed involved with this order if str(order.id) == orderid: valid = True if not valid: return redirect(url_for('error')) # get order order = Order.query.filter_by(id=orderid).first() # get bag associated with order bag = Bag.query.filter_by(id=order.bag_id).first() # data for the progress bar myorders = """ "width: """ + str(order.price*100 / max(bag.threshold,bag.amountinbag)) + """%;" """ othersorders = """ "width: """ + str(100*(bag.amountinbag-order.price) / max(bag.threshold,bag.amountinbag)) + """%;" """ if request.method == 'POST': #modify the order according to what user submitted # check the validity of input, if something is wrong, return the page with error messages where appropriate errorfound = False try: price = float(request.form['price']) if price < 0: flash("Invalid price", "priceerror") errorfound = True except ValueError: flash("Invalid price", "priceerror") errorfound = True # check if any of the input is too long if len(request.form['itemurl']) > 200: flash("That URL is too long. Please contact us!", "urllongerr") errorfound = True if len(request.form['details']) > 400: flash("Looks like you've got too many details. If you can't shorten it, please contact us!", "detailslongerr") errorfound = True # check if any fields were left empty if not request.form['itemurl']: flash("Please input the item's URL", "missingurlerror") errorfound = True if not request.form['price']: flash("Please input the price of the item", "missingpriceerror") errorfound = True if not request.form['details']: flash("Please enter details about your order", "missingdetailserror") errorfound = True if errorfound: return redirect( url_for('editorder', orderid=orderid) ) order.bag.amountinbag = order.bag.amountinbag - order.price + float(request.form['price']) order.price = float(request.form['price']) order.url = request.form['itemurl'] order.details = request.form['details'] ship = False if 'ship' in request.form: ship = True order.ship = ship db_session.commit() flash("Your purchase of " + order.url + " has been updated for the " + order.bag.store + " bag!", "addmessage") # update order info for progress bar myorders = """ "width: """ + str(order.price*100 / max(bag.threshold,bag.amountinbag)) + """%;" """ othersorders = """ "width: """ + str(100*(bag.amountinbag-order.price) / max(bag.threshold,bag.amountinbag)) + """%;" """ return render_template('editorder.html', order=order, bag=order.bag, userid=user.id, myorders=myorders, othersorders=othersorders) else: order = Order.query.filter_by(id=orderid).first() return render_template('editorder.html', order=order, bag=order.bag, userid=user.id, myorders=myorders, othersorders=othersorders)