def update():
try:
if 'loggedin' in session:
rp = None
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM accounts WHERE id = %s',
[session['id']])
account = cursor.fetchone()
if account['role'] == 'admin':
if request.method == 'POST':
name = request.form['editDeviceName']
serial_number = request.form['editSerialNumber']
location = request.form['editLocation']
operating_sys = request.form['editOperatingSys']
tablet_type = request.form['editDeviceType']
model = request.form['editModel']
zone = request.form['editZone']
state = request.form['editCondition']
date_added = request.form['editDateAdded']
date_damaged = request.form['editDateDamaged']
st = 'UPDATE devices SET name=\"{}\", location=\"{}\", operating_sys=\"{}\", tablet_type=\"{}\", model=\"{}\", zone=\"{}\", state=\"{}\", date_added=\"{}\", '\
'date_damaged=\"{}\" WHERE serial_number=\"{}\"'.format(
name, location, operating_sys, tablet_type, model, zone, state, date_added, date_damaged, serial_number)
cur = mysql.connection.cursor()
cur.execute(st)
mysql.connection.commit()
if location == 'Repair':
rp = 'UPDATE `repair` SET repair_count= repair_count+1 WHERE serial_number=\"{}\"'.format(
serial_number)
cur.execute(rp)
cur.execute(rp)
mysql.connection.commit()
flash("Data Updated Successfully")
elif account['role'] == 'normal':
cur = mysql.connection.cursor()
if request.method == 'POST':
serial_number = request.form['editSerialNumber']
damageDes = request.form['damageReport']
rp = 'UPDATE `repair` SET repair_count= repair_count+1 WHERE serial_number=\"{}\"'.format(
serial_number)
rp1 = 'UPDATE `repair` SET damage_report=\"{}\" WHERE serial_number=\"{}\"'.format(
damageDes, serial_number)
email(serial_number, damageDes)
#notification = "alert(\'Email sent successfully!\')"
cur.execute(rp)
mysql.connection.commit()
return redirect(url_for('dashboard', username=session['username']))
return redirect(url_for('login'))
except ValueError as error:
flash("Failed to insert record into table {}".format(error))
def info(id_data):
if 'loggedin' in session:
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
account = cursor.fetchone()
cursor.execute("SELECT * FROM repair WHERE repair_id = %s",
(id_data, ))
info = cursor.fetchone()
mysql.connection.commit()
return redirect(
url_for('dashboard', username=session['username'], info=info))
return redirect(url_for('login'))
def email(id_data, damage):
if 'loggedin' in session:
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
account = cursor.fetchone()
cursor.execute("SELECT * FROM devices WHERE serial_number = %s",
(id_data, ))
data = cursor.fetchone()
#needed, name, location and
location = data['location']
DamagedReport(id_data, location, damage)
return redirect(url_for('dashboard', username=session['username']))
return redirect(url_for('login'))
def logout():
# Remove session data, this will log the user out
session.pop('loggedin', None)
session.pop('id', None)
session.pop('username', None)
# Redirect to login page
return redirect(url_for('login'))
def login():
# Output message if something goes wrong...
msg = ''
# Check if "username" and "password" POST requests exist (user submitted form)
if request.method == 'POST' and 'username' in request.form and 'password' in request.form:
# Create variables for easy access
username = request.form['username']
password = request.form['password']
# Check if account exists using MySQL
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute(
'SELECT * FROM accounts WHERE username = %s AND password = %s',
(username, password))
# Fetch one record and return result
account = cursor.fetchone()
# If account exists in accounts table in out database
if account:
# Create session data, we can access this data in other routes
session['loggedin'] = True
session['id'] = account['id']
session['username'] = account['username']
# Redirect to home page
return redirect(url_for('home'))
else:
# Account doesnt exist or username/password incorrect
msg = 'Incorrect username/password!'
# Show the login form with message (if any)
return render_template('login.html', msg=msg)
def home():
# Check if user is loggedin
if 'loggedin' in session:
# User is loggedin show them the home page
return render_template('home.html', username=session['username'])
# User is not loggedin redirect to login page
return redirect(url_for('login'))
def users():
if 'loggedin' in session:
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
account = cursor.fetchone()
if account['role'] == 'admin':
cursor.execute('SELECT * FROM accounts')
data = cursor.fetchall()
# Show the profile page with
return render_template(
'users.html', username=session['username'],
values=data) # values not transmitting to table
else:
return redirect(url_for('home', username=session['username']))
return redirect(url_for('login'))
def dashboard():
if 'loggedin' in session:
# We need all the account info for the user so we can display it on the profile page
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
account = cursor.fetchone()
if account['role'] == 'normal':
stmt = 'SELECT * FROM devices WHERE location=\"{}\"'.format(
account['location'])
cursor.execute(stmt)
data = cursor.fetchall()
length = len(data)
return render_template('dashboard-user.html',
username=session['username'],
values=data,
length=length)
#Load table
cursor.execute('SELECT * FROM devices')
data = cursor.fetchall()
length = len(data)
# Show the profile page with
return render_template(
'dashboard.html',
username=session['username'],
values=data,
length=length) # values not transmitting to table
return redirect(url_for('login'))
def save(req):
if req.method != "POST":
log.error('bead method')
return redirect(resolve('error'))
d = req.stream.read(req.stream_length).decode('ascii')
d = parse_qs(d)
if 'text' not in d or 'name' not in d:
log.error('bead `name` or `text`')
return render('error.html', {'message': "required `name` and `text`!"})
text = d['text'][0]
name = d['name'][0]
# name = secure_filename(name)
path = os.path.join('data', name)
with open(path, 'w') as f:
log.info('write to {0}'.format(path))
f.write(text)
next = req.get.get('next')
if next:
next = resolve(next[0])
else:
next = resolve("apps.index.get") + "?name=" + name
return render('save.html', {
'timeout': 2000,
'next': next,
'name': name,
})
def save(req):
if req.method != "POST":
log.error('bead method')
return redirect(resolve('error'))
d = req.stream.read(req.stream_length).decode('ascii')
d = parse_qs(d)
if 'text' not in d or 'name' not in d:
log.error('bead `name` or `text`')
return render('error.html', {'message': "required `name` and `text`!"})
text = d['text'][0]
name = d['name'][0]
# name = secure_filename(name)
path = os.path.join('data', name)
with open(path, 'w') as f:
log.info('write to {0}'.format(path))
f.write(text)
next = req.get.get('next')
if next:
next = resolve(next[0])
else:
next = resolve("apps.index.get") + "?name=" + name
return render('save.html', {
'timeout': 2000,
'next': next,
'name': name,
})
def file_import():
if 'loggedin' in session:
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
account = cursor.fetchone()
try:
if request.method == 'POST':
file_path = request.files['myfile']
importfile(file_path)
return redirect(url_for("dashboard"))
except ValueError as error:
return redirect(url_for("dashboard"))
if file_path != None:
importfile(file_path)
else:
return redirect(url_for('login'))
def add():
if 'loggedin' in session:
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
account = cursor.fetchone()
try:
if request.method == 'POST':
name = request.form.get('inputDeviceName')
serialnum = request.form.get('inputSerialNumber')
location = request.form.get('inputLocation')
operatingsys = request.form.get('inputOperatingSys')
devicetype = request.form.get('inputDeviceType')
inputmodel = request.form.get('inputModel')
inputzone = request.form.get('inputZone')
state = request.form.get('inputCondition')
dateadded = request.form.get('inputDateAdded')
datedamaged = request.form.get('inputDateDamaged')
inputuser = request.form.get('inputUser')
st = 'INSERT INTO `devices` (`name`, `serial_number`, `location`, `operating_sys`, `tablet_type`, `model`, `zone`, `state`, `date_added`, `date_damaged`, `user`)' \
'VALUES(\"{}\", \"{}\", \"{}\", \"{}\", \"{}\", \"{}\", \"{}\", \"{}\", \"{}\", \"{}\", \"{}\")'.format(
name, serialnum, location, operatingsys, devicetype, inputmodel, inputzone, state, dateadded, datedamaged, inputuser)
cur = mysql.connection.cursor()
cur.execute(st)
mysql.connection.commit()
rpcount = 0
cmmt = 'NULL'
rp = 'INSERT INTO `repair` (`repair_count`, `serial_number`, `previous_location`, `comment`)' \
'VALUES({}, \"{}\", \"{}\", \"{}\")'.format(rpcount, serialnum ,location, cmmt)
cur.execute(rp)
mysql.connection.commit()
return redirect(url_for("dashboard", username=session['username']))
except ValueError as error:
return redirect(url_for("login"))
#flash("Failed to insert record into table {}".format(error))
return redirect(url_for('login'))
def profile():
# Check if user is loggedin
if 'loggedin' in session:
# We need all the account info for the user so we can display it on the profile page
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
account = cursor.fetchone()
# Show the profile page with account info
return render_template('profile.html',
account=account,
username=session['username'])
# User is not loggedin redirect to login page
return redirect(url_for('login'))
def delete_usr(id_data):
try:
if 'loggedin' in session:
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM accounts WHERE id = %s',
[session['id']])
account = cursor.fetchone()
cursor.execute("DELETE FROM accounts WHERE id = %s and id != %s",
(id_data, account['id']))
mysql.connection.commit()
flash("Record Has Been Deleted Successfully")
return redirect(url_for("users", username=session['username']))
except ValueError as error:
flash("Failed to delete record into table {}".format(error))
def redirect_app_index(app):
return redirect('/{0}/'.format(app), 302)
def redirect_app_index(app):
return redirect('/{0}/'.format(app), 302)