diff --git a/main.py b/main.py index 67fb91b..7119be5 100644 --- a/main.py +++ b/main.py @@ -12,6 +12,7 @@ ALLOWED_EXTENSIONS = set(['jpeg', 'jpg', 'png', 'gif']) app.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER + def get_login_details(): with sqlite3.connect('database.db') as conn: cur = conn.cursor() @@ -21,30 +22,36 @@ def get_login_details(): no_of_items = 0 else: logged_in = True - cur.execute("SELECT user_id, first_name FROM users WHERE email = '" + session['email'] + "'") + cur.execute("SELECT userId, firstName FROM users WHERE email = '" + session[ + 'email'] + "'") # Fixed user_id & first_name to userId & firstName, + user_id, first_name = cur.fetchone() - cur.execute("SELECT count(productId) FROM kart WHERE user_id = " + str(user_id)) + cur.execute("SELECT count(productId) FROM kart WHERE userId = " + str(user_id)) # Fixed user_id to userId, no_of_items = cur.fetchone()[0] conn.close() return (logged_in, first_name, no_of_items) + @app.route("/") def root(): logged_in, first_name, no_of_items = get_login_details() with sqlite3.connect('database.db') as conn: cur = conn.cursor() # Show last product added - cur.execute('SELECT productId, name, price, description, image, stock FROM products ORDER BY productId DESC LIMIT 1 ') + cur.execute( + 'SELECT productId, name, price, description, image, stock FROM products ORDER BY productId DESC LIMIT 1') # Show all items - #cur.execute('SELECT productId, name, price, description, image, stock FROM products LIMIT 1') + cur.execute('SELECT productId, name, price, description, image, stock FROM products ') item_data = cur.fetchall() # Show an error instead of the categories - category_data = [(-1,"Error")] + category_data = [(-1, "Error")] # Show all categories - #cur.execute('SELECT categoryId, name FROM categories') - #category_data = cur.fetchall() + cur.execute('SELECT categoryId, name FROM categories') # hashtag in front of line + category_data = cur.fetchall() # hashtag in front of line item_data = parse(item_data) - return render_template('home.html', itemData=item_data, loggedIn=logged_in, firstName=first_name, noOfItems=no_of_items, categoryData=category_data) + return render_template('home.html', itemData=item_data, loggedIn=logged_in, firstName=first_name, + noOfItems=no_of_items, categoryData=category_data) + @app.route("/add") def admin(): @@ -55,6 +62,7 @@ def admin(): conn.close() return render_template('add.html', categories=categories) + @app.route("/addItem", methods=["GET", "POST"]) def addItem(): if request.method == "POST": @@ -64,7 +72,7 @@ def addItem(): stock = int(request.form['stock']) categoryId = int(request.form['category']) - #Upload image + # Upload image image = request.files['image'] if image and allowed_file(image.filename): filename = secure_filename(image.filename) @@ -73,16 +81,19 @@ def addItem(): with sqlite3.connect('database.db') as conn: try: cur = conn.cursor() - cur.execute('''INSERT INTO products (name, price, description, image, stock, categoryId) VALUES (?, ?, ?, ?, ?, ?)''', (name, price, description, imagename, stock, categoryId)) + cur.execute( + '''INSERT INTO products (name, price, description, image, stock, categoryId) VALUES (?, ?, ?, ?, ?, ?)''', + (name, price, description, imagename, stock, categoryId)) conn.commit() - msg="Added successfully" + msg = "Added successfully" except: - msg="Error occured" + msg = "Error occured" conn.rollback() conn.close() print(msg) return redirect(url_for('root')) + @app.route("/displayCategory") def displayCategory(): logged_in, first_name, no_of_items = get_login_details() @@ -106,6 +117,7 @@ def profile_home(): logged_in, first_name, no_of_items = get_login_details() return render_template("profileHome.html", loggedIn=logged_in, firstName=first_name, noOfItems=no_of_items) + @app.route("/account/profile/edit") def edit_profile(): if 'email' not in session: @@ -113,10 +125,14 @@ def edit_profile(): logged_in, first_name, no_of_items = get_login_details() with sqlite3.connect('database.db') as conn: cur = conn.cursor() - cur.execute("SELECT userId, email, first_name, lastName, address1, address2, zipcode, city, state, country, phone FROM users WHERE email = '" + session['email'] + "'") + cur.execute( + "SELECT userId, email, first_name, lastName, address1, address2, zipcode, city, state, country, phone FROM users WHERE email = '" + + session['email'] + "'") profile_data = cur.fetchone() conn.close() - return render_template("editProfile.html", profileData=profile_data, loggedIn=logged_in, firstName=first_name, noOfItems=no_of_items) + return render_template("editProfile.html", profileData=profile_data, loggedIn=logged_in, firstName=first_name, + noOfItems=no_of_items) + @app.route("/account/profile/changePassword", methods=["GET", "POST"]) def change_password(): @@ -135,7 +151,7 @@ def change_password(): try: cur.execute("UPDATE users SET password = ? WHERE userId = ?", (new_password, user_id)) conn.commit() - msg="Changed successfully" + msg = "Changed successfully" except: conn.rollback() msg = "Failed" @@ -147,6 +163,7 @@ def change_password(): else: return render_template("changePassword.html") + @app.route("/updateProfile", methods=["GET", "POST"]) def update_profile(): if request.method == 'POST': @@ -161,27 +178,31 @@ def update_profile(): country = request.form['country'] phone = request.form['phone'] with sqlite3.connect('database.db') as con: - try: - cur = con.cursor() - cur.execute('UPDATE users SET firstName = ?, lastName = ?, address1 = ?, address2 = ?, zipcode = ?, city = ?, state = ?, country = ?, phone = ? WHERE email = ?', (first_name, last_name, address1, address2, zipcode, city, state, country, phone, email)) + try: + cur = con.cursor() + cur.execute( + 'UPDATE users SET firstName = ?, lastName = ?, address1 = ?, address2 = ?, zipcode = ?, city = ?, state = ?, country = ?, phone = ? WHERE email = ?', + (first_name, last_name, address1, address2, zipcode, city, state, country, phone, email)) - con.commit() - msg = "Saved Successfully" - except: - con.rollback() - msg = "Error occured" + con.commit() + msg = "Saved Successfully" + except: + con.rollback() + msg = "Error occured" con.close() return redirect(url_for('edit_profile')) + @app.route("/loginForm") def login_form(): # Uncomment to enable logging in and registration - #if 'email' in session: + if 'email' in session: return redirect(url_for('root')) - #else: - # return render_template('login.html', error='') + else: # Uncommented by Yeab 1/18/2023 + return render_template('login.html', error='') -@app.route("/login", methods = ['POST', 'GET']) + +@app.route("/login", methods=['POST', 'GET']) def login(): if request.method == 'POST': email = request.form['email'] @@ -193,6 +214,7 @@ def login(): error = 'Invalid UserId / Password' return render_template('login.html', error=error) + @app.route("/productDescription") def product_description(): logged_in, first_name, no_of_items = get_login_details() @@ -206,6 +228,7 @@ def product_description(): return render_template("productDescription.html", data=productData, loggedIn=logged_in, firstName=first_name, noOfItems=no_of_items) + @app.route("/addToCart") def add_to_cart(): if 'email' not in session: @@ -226,6 +249,7 @@ def add_to_cart(): conn.close() return redirect(url_for('root')) + @app.route("/cart") def cart(): if 'email' not in session: @@ -236,12 +260,16 @@ def cart(): cur = conn.cursor() cur.execute("SELECT userId FROM users WHERE email = '" + email + "'") user_id = cur.fetchone()[0] - cur.execute("SELECT products.productId, products.name, products.price, products.image FROM products, kart WHERE products.productId = kart.productId AND kart.userId = " + str(user_id)) + cur.execute( + "SELECT products.productId, products.name, products.price, products.image FROM products, kart WHERE products.productId = kart.productId AND kart.userId = " + str( + user_id)) products = cur.fetchall() total_price = 0 for row in products: total_price += row[2] - return render_template("cart.html", products = products, totalPrice=total_price, loggedIn=logged_in, firstName=first_name, noOfItems=no_of_items) + return render_template("cart.html", products=products, totalPrice=total_price, loggedIn=logged_in, + firstName=first_name, noOfItems=no_of_items) + @app.route("/removeFromCart") def remove_from_cart(): @@ -263,11 +291,13 @@ def remove_from_cart(): conn.close() return redirect(url_for('root')) + @app.route("/logout") def logout(): session.pop('email', None) return redirect(url_for('root')) + def is_valid(email, password): con = sqlite3.connect('database.db') cur = con.cursor() @@ -279,7 +309,7 @@ def is_valid(email, password): return False -@app.route("/checkout", methods=['GET','POST']) +@app.route("/checkout", methods=['GET', 'POST']) def payment(): if 'email' not in session: return redirect(url_for('login_form')) @@ -290,24 +320,26 @@ def payment(): cur = conn.cursor() cur.execute("SELECT userId FROM users WHERE email = '" + email + "'") user_id = cur.fetchone()[0] - cur.execute("SELECT products.productId, products.name, products.price, products.image FROM products, kart WHERE products.productId = kart.productId AND kart.userId = " + str(user_id)) + cur.execute( + "SELECT products.productId, products.name, products.price, products.image FROM products, kart WHERE products.productId = kart.productId AND kart.userId = " + str( + user_id)) products = cur.fetchall() total_price = 0 for row in products: total_price += row[2] - print(row) + # print(row) cur.execute("INSERT INTO Orders (userId, productId) VALUES (?, ?)", (user_id, row[0])) cur.execute("DELETE FROM kart WHERE userId = " + str(user_id)) conn.commit() - + return render_template("checkout.html", products=products, totalPrice=total_price, loggedIn=logged_in, + firstName=first_name, noOfItems=no_of_items) - return render_template("checkout.html", products = products, totalPrice=total_price, loggedIn=logged_in, firstName=first_name, noOfItems=no_of_items) -@app.route("/register", methods = ['GET', 'POST']) +@app.route("/register", methods=['GET', 'POST']) def register(): if request.method == 'POST': - #Parse form data + # Parse form data password = request.form['password'] email = request.form['email'] first_name = request.form['firstName'] @@ -323,7 +355,10 @@ def register(): with sqlite3.connect('database.db') as con: try: cur = con.cursor() - cur.execute('INSERT INTO users (password, email, firstName, lastName, address1, address2, zipcode, city, state, country, phone) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)', (hashlib.md5(password.encode()).hexdigest(), email, first_name, last_name, address1, address2, zipcode, city, state, country, phone)) + cur.execute( + 'INSERT INTO users (password, email, firstName, lastName, address1, address2, zipcode, city, state, country, phone) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)', + (hashlib.md5(password.encode()).hexdigest(), email, first_name, last_name, address1, address2, + zipcode, city, state, country, phone)) con.commit() @@ -334,13 +369,16 @@ def register(): con.close() return render_template("login.html", error=msg) + @app.route("/registrationForm") def registration_form(): return render_template("register.html") + def allowed_file(filename): return '.' in filename and \ - filename.rsplit('.', 1)[1] in ALLOWED_EXTENSIONS + filename.rsplit('.', 1)[1] in ALLOWED_EXTENSIONS + def parse(data): ans = [] @@ -355,5 +393,6 @@ def parse(data): ans.append(curr) return ans + if __name__ == '__main__': app.run(debug=True)