def main(): form = cgi.FieldStorage() illustrator= form.getvalue('illustrator') #email = form.getvalue('email') #email of current user action = form.getvalue('action') # action try: cur = con.cursor() sess = session.Session(expires=365*24*60*60, cookie_path='/') lastvisit = sess.data.get('lastvisit') email= sess.data.get('user') print sess.cookie if email is None: print "Location: login.py?redirect=1\r\n" command = "SELECT * FROM Users WHERE Email = '" + email + "'"; cur.execute(command) user_= cur.fetchone() # if action != 'create' : command = "SELECT * from Illustrators WHERE IllustratorName ='" + illustrator + "'" cur.execute(command) illustrator_ = cur.fetchone() command = "SELECT ISBN, Title, Price, Image from ComicBooks NATURAL JOIN BookIllustrator NATURAL JOIN Illustrators WHERE IllustratorName='" + illustrator + "'" cur.execute(command) rows = cur.fetchall() titles = [] for row in rows: titles.append(row) command = "SELECT Genre from ComicBooks NATURAL JOIN BookGenre NATURAL JOIN BookIllustrator WHERE IllustratorName ='" + illustrator + "'" cur.execute(command) genres = cur.fetchall() genres_ = [] for genre in genres: if genre not in genres_: genres_.append(genre) sidebar = utilities.getSideBar(email,user_[9], cur) if action == 'create' : countryDropDown = utilities.generateCountryDropDown(None) bookitems = utilities.getBookItems([], cur) print display("illustrator-profile-create.html").render(user=user_,createform=None,sidebar=sidebar,bookitems=bookitems,countryDropDown=countryDropDown) elif action == 'edit': countryDropDown = utilities.generateCountryDropDown(illustrator_[3]) selectedBooks = [] for title in titles : selectedBooks.append(title[0]) bookitems = utilities.getBookItems(selectedBooks, cur) print display("illustrator-profile-edit.html").render(sidebar=sidebar,user=user_,illustrator=illustrator_,bookitems=bookitems,countryDropDown=countryDropDown) else : print display("illustrator-profile.html").render(sidebar=sidebar,user=user_,illustrator=illustrator_,titles=titles,genres=genres_) sess.close() except mdb.Error, e: if con: con.rollback()
def main(): form = cgi.FieldStorage() #userprof_form = form.getvalue('user') #email of userprofile #email = form.getvalue('email') #email of current user name = form.getvalue('name') born = form.getvalue('country') birthdate = form.getvalue('birth_date') gender = form.getvalue('gender') description = form.getvalue('desc') illustratorbooks = form.getlist('illustratorbooks') #TODO: If current user != email try: cur = con.cursor() sess = session.Session(expires=365*24*60*60, cookie_path='/') lastvisit = sess.data.get('lastvisit') email= sess.data.get('user') print sess.cookie if email is None: print "Location: login.py?redirect=1\r\n" command = "SELECT * FROM Users WHERE Email = '" + email + "'"; cur.execute(command) user= cur.fetchone() command = "SELECT * from Illustrators WHERE lower(IllustratorName)=lower('" + name + "')" cur.execute(command) writer_ = cur.fetchone() sidebar = utilities.getSideBar(email,user[9], cur) if writer_ is not None : createform = [] createform.append(name) createform.append(birthdate) createform.append(gender) createform.append(description) error = '<strong>Database Error:</strong> Illustrator with name ' + name + ' already exists.' countryDropDown = utilities.generateCountryDropDown(born) bookitems = utilities.getBookItems(illustratorbooks, cur) print display("illustrator-profile-create.html").render(user=user,createform=createform,sidebar=sidebar,countryDropDown=countryDropDown,error=error,bookitems=bookitems) else : # Required Fields insert_command_1 = "INSERT INTO Illustrators(IllustratorName " insert_command_2 = "VALUES ( '" + name + "'" # Born / Country if born is not None: insert_command_1 = insert_command_1 + ", Born " insert_command_2 = insert_command_2 + " ,'" + born + "' " # Birthdate if birthdate is not None: insert_command_1 = insert_command_1 + ", Birthdate " insert_command_2 = insert_command_2 + " ,'" + birthdate + "' " # Gender if gender is not None : insert_command_1 = insert_command_1 + ", Gender " insert_command_2 = insert_command_2 + " ,'" + gender + "' " # Description if description is not None: insert_command_1 = insert_command_1 + ", IllustratorDescription " insert_command_2 = insert_command_2 + " ,'" + description + "' " # upload image is user specified if form.has_key('image_file'): fileitem = form['image_file'] if fileitem.file : extension = os.path.splitext(fileitem.filename)[1] if extension != '' : fout = file ("model/writers/illustrator-" + name + extension , 'wb') while 1: chunk = fileitem.file.read(100000) if not chunk: break fout.write(chunk) fout.close() insert_command_1 = insert_command_1 + ", IllustratorImage " insert_command_2 = insert_command_2 + ", 'model/writers/illustrator-" + name + extension + "' " insert_command_1 = insert_command_1 + ") " insert_command_2 = insert_command_2 + ") " cur.execute(insert_command_1 + insert_command_2) # Associate Books to Writer for book in illustratorbooks: command = "INSERT INTO BookIllustrator(ISBN, IllustratorName) VALUES (" + book + ",'" + name + "')" cur.execute(command) con.commit() command = "SELECT * FROM Users WHERE Email = '" + email + "'"; cur.execute(command) user_= cur.fetchone() # command = "SELECT * from Illustrators WHERE IllustratorName ='" + name + "'" cur.execute(command) illustrator_ = cur.fetchone() command = "SELECT ISBN, Title, Price, Image from ComicBooks NATURAL JOIN BookIllustrator NATURAL JOIN Illustrators WHERE IllustratorName='" + name + "'" cur.execute(command) rows = cur.fetchall() titles = [] for row in rows: titles.append(row) command = "SELECT Genre from ComicBooks NATURAL JOIN BookGenre NATURAL JOIN BookIllustrator WHERE IllustratorName ='" + name + "'" cur.execute(command) genres = cur.fetchall() genres_ = [] for genre in genres: if genre not in genres_: genres_.append(genre) sidebar = utilities.getSideBar(email,user[9], cur) successmsg = '<strong>Success:</strong> Illustrator has been created.' print display("illustrator-profile.html").render(sidebar=sidebar,user=user_,illustrator=illustrator_,titles=titles,genres=genres_,success=successmsg) sess.close() except mdb.Error, e: if con: con.rollback()
def main(): form = cgi.FieldStorage() userprof_form = form.getvalue('user') #email of userprofile email = form.getvalue('email') #email of current user firstname = form.getvalue('first_name') lastname = form.getvalue('last_name') password = form.getvalue('password') country = form.getvalue('country') birthdate = form.getvalue('birth_date') is_administrator = form.getvalue('is_administrator') #TODO: If current user != email try: cur = con.cursor() sess = session.Session(expires=365*24*60*60, cookie_path='/') lastvisit = sess.data.get('lastvisit') email= sess.data.get('user') print sess.cookie if email is None: print "Location: login.py?redirect=1\r\n" command = "SELECT * FROM Users WHERE Email = '" + email + "'"; cur.execute(command) user= cur.fetchone() command = "SELECT * FROM Users WHERE Email = '" + userprof_form + "'"; cur.execute(command) userprof= cur.fetchone() sidebar = utilities.getSideBar(email,user[9], cur) if userprof is not None : createform = [] createform.append(userprof_form) createform.append(firstname) createform.append(lastname) createform.append(password) createform.append(birthdate) createform.append(is_administrator) error = '<strong>Database Error:</strong> User with email ' + userprof_form + ' already exists.' countryDropDown = utilities.generateCountryDropDown(country) print display("user-profile-create.html").render(user=user,createform=createform,sidebar=sidebar,countryDropDown=countryDropDown,error=error) else : # Required Fields enc_password = sha512_crypt.encrypt(password) insert_command_1 = "INSERT INTO Users(FirstName, LastName, Email, Password, IsAdmin, Datejoined " insert_command_2 = "VALUES ( '" + firstname + "','" + lastname + "','" + userprof_form + "','" + enc_password + "','" + is_administrator + "', NOW() " # Country if country is not None: insert_command_1 = insert_command_1 + ", Country " insert_command_2 = insert_command_2 + " ,'" + country + "' " # Birthdate if birthdate is not None: insert_command_1 = insert_command_1 + ", Birthdate " insert_command_2 = insert_command_2 + " ,'" + birthdate + "' " # upload image is user specified if form.has_key('image_file'): fileitem = form['image_file'] if fileitem.file : extension = os.path.splitext(fileitem.filename)[1] if extension != '' : fout = file ("model/users/" + userprof_form + extension , 'wb') while 1: chunk = fileitem.file.read(100000) if not chunk: break fout.write(chunk) fout.close() insert_command_1 = insert_command_1 + ", Image " insert_command_2 = insert_command_2 + ", 'model/users/" + userprof_form + extension + "' " insert_command_1 = insert_command_1 + ") " insert_command_2 = insert_command_2 + ") " cur.execute(insert_command_1 + insert_command_2) con.commit() command = "SELECT * FROM Users WHERE Email = '" + userprof_form + "'"; cur.execute(command) userprof = cur.fetchone() # sidebar = utilities.getSideBar(email,user[9], cur) successmsg = '<strong>Success:</strong> User has been created.' print display("user-profile.html").render(user=user,userprof=userprof,sidebar=sidebar,titles=[],success=successmsg) sess.close() except mdb.Error, e: if con: con.rollback()
def main(): form = cgi.FieldStorage() userprofile = form.getvalue('user') #email of userprofile #email = form.getvalue('email') #email of current user action = form.getvalue('action') # action #TODO: If current user != email try: cur = con.cursor() sess = session.Session(expires=365*24*60*60, cookie_path='/') lastvisit = sess.data.get('lastvisit') email= sess.data.get('user') print sess.cookie if email is None: print "Location: login.py?redirect=1\r\n" command = "SELECT * FROM Users WHERE Email = '" + email + "'"; cur.execute(command) user = cur.fetchone() # if action != 'create' : command = "SELECT * FROM Users WHERE Email = '" + userprofile + "'"; cur.execute(command) userprof = cur.fetchone() # command = "SELECT * from ComicBooks NATURAL JOIN UserCart WHERE Email='" + userprofile + "'" cur.execute(command) rows = cur.fetchall() titles = [] for row in rows: titles.append(row) # Retrieve Pending Orders command = "SELECT o.OrderID, OrderDate, Quantity, cb.ISBN, cb.Title, DeliveryAddress, Status " + \ "FROM Orders o, BookOrder bo, ComicBooks cb " + \ "WHERE o.OrderID = bo.OrderID " + \ " AND bo.ISBN = cb.ISBN " + \ " AND o.Status in ('Paid', 'Shipped') " + \ " AND o.CustomerEmail = '" + userprofile + "' " + \ "ORDER BY OrderDate DESC" cur.execute(command) rows = cur.fetchall() pendingOrders = [] i=0 while i < len(rows) : j = i + 1 bookHTML = str(rows[i][2]) + ' X <a href="comic-book-item.py?ISBN=' + str(rows[i][3]) + '">' + str(rows[i][4]) + \ ' (' +str(rows[i][3]) + ')</a>' while j < len(rows) and (rows[i][0]==rows[j][0]): bookHTML = bookHTML + '<br/>' + str(rows[j][2]) + ' X <a href="comic-book-item.py?ISBN=' + str(rows[j][3]) + '">' + \ str(rows[j][4]) + ' (' +str(rows[j][3]) + ')</a>' j = j + 1 pendingOrders.append( [rows[i][0], rows[i][1], bookHTML, rows[i][5], rows[i][6]] ) i = j # Retrieve 3 Latest Completed Orders command = "SELECT o.OrderID, OrderDate, Quantity, cb.ISBN, cb.Title, DeliveryAddress, Status " + \ "FROM BookOrder bo, ComicBooks cb, " + \ "(SELECT OrderID, OrderDate, DeliveryAddress, Status " + \ "FROM Orders WHERE Status in ('Delivered', 'Canceled') AND CustomerEmail = '" + userprofile + "' " + \ "ORDER BY OrderDate DESC LIMIT 3) o " + \ "WHERE o.OrderID = bo.OrderID AND bo.ISBN = cb.ISBN" cur.execute(command) rows = cur.fetchall() completedOrders = [] i=0 while i < len(rows) : j = i + 1 bookHTML = str(rows[i][2]) + ' X <a href="comic-book-item.py?ISBN=' + str(rows[i][3]) + '">' + str(rows[i][4]) + \ ' (' +str(rows[i][3]) + ')</a>' while j < len(rows) and (rows[i][0]==rows[j][0]): bookHTML = bookHTML + '<br/>' + str(rows[j][2]) + ' X <a href="comic-book-item.py?ISBN=' + str(rows[j][3]) + '">' + \ str(rows[j][4]) + ' (' +str(rows[j][3]) + ')</a>' j = j + 1 completedOrders.append( [rows[i][0], rows[i][1], bookHTML, rows[i][5], rows[i][6]] ) i = j sidebar = utilities.getSideBar(email,user[9], cur) if action == 'edit': countryDropDown = utilities.generateCountryDropDown(userprof[5]) print display("user-profile-edit.html").render(user=user,userprof=userprof,sidebar=sidebar,countryDropDown=countryDropDown) elif action == 'create': countryDropDown = utilities.generateCountryDropDown(None) print display("user-profile-create.html").render(user=user,createform=None,sidebar=sidebar,countryDropDown=countryDropDown) else : print display("user-profile.html").render(user=user,userprof=userprof,sidebar=sidebar,titles=titles,pendingOrders=pendingOrders,completedOrders=completedOrders) sess.close() except mdb.Error, e: if con: con.rollback()