def admin():
try:
if session['administrator'] == True:
if request.method == "GET":
username = session['username']
cDict, connDict = connectionDict()
cDict.execute(
"""SELECT resa.resa_id, resa.user_id, user.fullname, resa.creationdate,
resa.dates, resa.datestart, resa.dateend, resa.days, resa.people,
resa.status, resa.comment, resa.total
FROM resa INNER JOIN user ON resa.user_id = user.user_id""")
data = cDict.fetchall()
return render_template('admin.html', data=data)
elif request.method == "POST":
resa_id = request.form['resaId']
username = session['username']
cDict, connDict = connectionDict()
cDict.execute(
"""SELECT * FROM resauni
WHERE user_id=%s AND resa_id=%s""",
((session['user_id'], ), resa_id))
data = cDict.fetchall()
return render_template('historyUni.html',
data=data,
resa_id=resa_id)
except Exception as e:
flash("You don't have administrator privileges")
return redirect(url_for('dashboard'))
def history():
try:
if request.method == "GET":
username = session['username']
cDict, connDict = connectionDict()
cDict.execute(
"""SELECT * FROM resa
WHERE user_id=%s AND status <> 0 AND status <> 4""",
(session['user_id'], ))
data = cDict.fetchall()
return render_template('history.html', data=data)
elif request.method == "POST":
resa_id = request.form['resaId']
username = session['username']
cDict, connDict = connectionDict()
cDict.execute(
"""SELECT * FROM resauni
WHERE user_id=%s AND resa_id=%s""", ((session['user_id'], ), resa_id))
data = cDict.fetchall()
return render_template('historyUni.html',
data=data,
resa_id=resa_id)
except Exception as e:
return ("Whoops" + str(e))
def send_mail(id):
try:
resaid = id
cDict, connDict = connectionDict()
cDict.execute("""SELECT * FROM resauni
WHERE resa_id=%s""", (resaid, ))
resauni = cDict.fetchall()
c, conn = connectionDict()
c.execute("""SELECT * FROM resa
WHERE resa_id=%s""", (resaid, ))
resa = c.fetchone()
userid = str(resa['user_id'])
e, eonn = connectionDict()
e.execute(
"""SELECT email, fullname, username, telephone FROM user
WHERE user_id=%s""", (userid, ))
user = e.fetchone()
#return(render_template("confirmation.html", resa=resa, resauni=resauni, user=user))
msg = Message('Reservation #%s Confirmation' % resaid,
sender="*****@*****.**",
recipients=[user['email']])
msg.html = render_template("confirmation.html",
resa=resa,
resauni=resauni,
user=user)
mail.send(msg)
except Exception as e:
return ('whoops ' + str(e))
def infoResaAdmin(resa_id):
try:
resaid = resa_id
cDict, connDict = connectionDict()
cDict.execute(
"""SELECT creationdate, dateend, status, comment, total FROM resa WHERE resa_id=%s""",
(resaid, ))
dataresa = cDict.fetchall()
return jsonify(dataresa)
except Exception as e:
return ("Whoops. An error was found:" + "\n" + str(e))
def infoUserAdmin(user_id):
try:
userid = user_id
cDict, connDict = connectionDict()
cDict.execute(
"""SELECT email, fullname, telephone, user_id, username, visitcount FROM user WHERE user_id=%s""",
(userid, ))
dataUser = cDict.fetchall()
return jsonify(dataUser)
except Exception as e:
return ("Whoops. An error was found:" + "\n" + str(e))
def infoAdmin(page_id):
try:
pageid = page_id
cDict, connDict = connectionDict()
cDict.execute(
"""SELECT *
FROM resauni WHERE resauni.resa_id=%s""", (pageid, ))
data = cDict.fetchall()
return jsonify(data)
except Exception as e:
return ("Whoops. An error was found:" + "\n" + str(e))
def info(page_id):
try:
pageid = page_id
cDict, connDict = connectionDict()
cDict.execute(
"""SELECT * FROM resauni
WHERE user_id=%s AND resa_id=%s""", ((session['user_id'], ), pageid))
data = cDict.fetchall()
return jsonify(data)
except Exception as e:
return ("Whoops" + str(e))
def getUserList():
try:
if session['administrator'] != True:
flash("You don't have administrator privileges")
return redirect(url_for('dashboard'))
elif request.method == 'GET':
cDict, connDict = connectionDict()
cDict.execute(
"""SELECT email, fullname, telephone, user_id, username FROM user"""
)
data = cDict.fetchall()
return jsonify(data)
except Exception as e:
return ("Whoops" + str(e))
def dashboard():
try:
if request.method == "GET":
try:
if session['administrator'] == True:
return redirect(url_for("dashboardAdmin"))
except Exception as e:
username = session['username']
cDict, connDict = connectionDict()
cDict.execute(
"""SELECT * FROM resa
WHERE user_id=%s AND status <> 0 AND status <> 4 AND status <> 5 ORDER BY resa_id DESC""",
(session['user_id'], ))
data = cDict.fetchmany(5)
return render_template('dashboard.html',
data=data,
username=username)
except Exception as e:
return ('Whoops' + str(e))
def postAdmin():
try:
if request.method == "GET":
username = session['username']
resa_id = session['resa_id']
cDict, connDict = connectionDict()
cDict.execute(
"""SELECT * FROM resauni
WHERE resa_id=%s""", (session['resa_id'], ))
data = cDict.fetchall()
c, conn = connection()
c.execute("""SELECT total FROM resa
WHERE resa_id=%s""", (session['resa_id'], ))
total = c.fetchone()[0]
c.execute("""SELECT telephone FROM user
WHERE user_id=%s""", (session['user_id'], ))
telephone = c.fetchone()[0]
count = 0
for e in data:
count += 1
return render_template('post.html',
data=data,
resa_id=resa_id,
count=count,
total=total,
telephone=telephone)
elif request.method == "POST":
comment = request.form['comment']
telephone = request.form['telephone']
cDict, connDict = connectionDict()
cDict.execute(
"""SELECT * FROM resauni
WHERE resa_id=%s""", (session['resa_id'], ))
data = cDict.fetchall()
count = 0
for e in data:
count += 1
today = time.strftime("%Y-%m-%d")
c, conn = connection()
c.execute(
"""UPDATE resa
SET status = 1, comment = %s, people= %s, active= %s
WHERE resa_id = %s""", (
comment,
count,
today,
session['resa_id'],
))
c.execute(
"""UPDATE user
SET telephone = %s
WHERE user_id = %s""", (
telephone,
session['user_id'],
))
conn.commit()
c.close()
conn.close()
gc.collect()
flash("Success! Your reservation is complete")
return redirect(url_for('admin'))
except Exception as e:
return ("Whoops" + str(e))
def faq():
cDict, connDict = connectionDict()
cDict.execute("SELECT * FROM user")
data = cDict.fetchall()
return jsonify(data)
def historyUni():
cDict, connDict = connectionDict()
cDict.execute("""SELECT * FROM resa
WHERE user_id=%s""", (session['user_id'], ))
data = cDict.fetchall()
return render_template('history.html', data=data, resa_id=resa_id)