Elmi aden workbranch

main.py

@@ -12,6 +12,7 @@
 ALLOWED_EXTENSIONS = set(['jpeg', 'jpg', 'png', 'gif'])
 app.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER
 
+
 def get_login_details():
     with sqlite3.connect('database.db') as conn:
         cur = conn.cursor()
@@ -21,30 +22,36 @@ def get_login_details():
             no_of_items = 0
         else:
             logged_in = True
-            cur.execute("SELECT user_id, first_name FROM users WHERE email = '" + session['email'] + "'")
+            cur.execute("SELECT userId, firstName FROM users WHERE email = '" + session[
+                'email'] + "'")  # Fixed user_id & first_name to userId & firstName,
+
             user_id, first_name = cur.fetchone()
-            cur.execute("SELECT count(productId) FROM kart WHERE user_id = " + str(user_id))
+            cur.execute("SELECT count(productId) FROM kart WHERE userId = " + str(user_id))  # Fixed user_id to userId,
             no_of_items = cur.fetchone()[0]
     conn.close()
     return (logged_in, first_name, no_of_items)
 
+
 @app.route("/")
 def root():
     logged_in, first_name, no_of_items = get_login_details()
     with sqlite3.connect('database.db') as conn:
         cur = conn.cursor()
         # Show last product added
-        cur.execute('SELECT productId, name, price, description, image, stock FROM products ORDER BY productId DESC LIMIT 1 ')
+        cur.execute(
+            'SELECT productId, name, price, description, image, stock FROM products ORDER BY productId DESC  LIMIT 1')
         # Show all items
-        #cur.execute('SELECT productId, name, price, description, image, stock FROM products LIMIT 1')
+        cur.execute('SELECT productId, name, price, description, image, stock FROM products ')
         item_data = cur.fetchall()
         # Show an error instead of the categories
-        category_data = [(-1,"Error")]
+        category_data = [(-1, "Error")]
         # Show all categories
-        #cur.execute('SELECT categoryId, name FROM categories')
-        #category_data = cur.fetchall()
+        cur.execute('SELECT categoryId, name FROM categories')  # hashtag in front of line
+        category_data = cur.fetchall()  # hashtag in front of line
     item_data = parse(item_data)
-    return render_template('home.html', itemData=item_data, loggedIn=logged_in, firstName=first_name, noOfItems=no_of_items, categoryData=category_data)
+    return render_template('home.html', itemData=item_data, loggedIn=logged_in, firstName=first_name,
+                           noOfItems=no_of_items, categoryData=category_data)
+
 
 @app.route("/add")
 def admin():
@@ -55,6 +62,7 @@ def admin():
     conn.close()
     return render_template('add.html', categories=categories)
 
+
 @app.route("/addItem", methods=["GET", "POST"])
 def addItem():
     if request.method == "POST":
@@ -64,7 +72,7 @@ def addItem():
         stock = int(request.form['stock'])
         categoryId = int(request.form['category'])
 
-        #Upload image
+        # Upload image
         image = request.files['image']
         if image and allowed_file(image.filename):
             filename = secure_filename(image.filename)
@@ -73,16 +81,19 @@ def addItem():
         with sqlite3.connect('database.db') as conn:
             try:
                 cur = conn.cursor()
-                cur.execute('''INSERT INTO products (name, price, description, image, stock, categoryId) VALUES (?, ?, ?, ?, ?, ?)''', (name, price, description, imagename, stock, categoryId))
+                cur.execute(
+                    '''INSERT INTO products (name, price, description, image, stock, categoryId) VALUES (?, ?, ?, ?, ?, ?)''',
+                    (name, price, description, imagename, stock, categoryId))
                 conn.commit()
-                msg="Added successfully"
+                msg = "Added successfully"
             except:
-                msg="Error occured"
+                msg = "Error occured"
                 conn.rollback()
         conn.close()
         print(msg)
         return redirect(url_for('root'))
 
+
 @app.route("/displayCategory")
 def displayCategory():
     logged_in, first_name, no_of_items = get_login_details()
@@ -106,17 +117,22 @@ def profile_home():
     logged_in, first_name, no_of_items = get_login_details()
     return render_template("profileHome.html", loggedIn=logged_in, firstName=first_name, noOfItems=no_of_items)
 
+
 @app.route("/account/profile/edit")
 def edit_profile():
     if 'email' not in session:
         return redirect(url_for('root'))
     logged_in, first_name, no_of_items = get_login_details()
     with sqlite3.connect('database.db') as conn:
         cur = conn.cursor()
-        cur.execute("SELECT userId, email, first_name, lastName, address1, address2, zipcode, city, state, country, phone FROM users WHERE email = '" + session['email'] + "'")
+        cur.execute(
+            "SELECT userId, email, first_name, lastName, address1, address2, zipcode, city, state, country, phone FROM users WHERE email = '" +
+            session['email'] + "'")
         profile_data = cur.fetchone()
     conn.close()
-    return render_template("editProfile.html", profileData=profile_data, loggedIn=logged_in, firstName=first_name, noOfItems=no_of_items)
+    return render_template("editProfile.html", profileData=profile_data, loggedIn=logged_in, firstName=first_name,
+                           noOfItems=no_of_items)
+
 
 @app.route("/account/profile/changePassword", methods=["GET", "POST"])
 def change_password():
@@ -135,7 +151,7 @@ def change_password():
                 try:
                     cur.execute("UPDATE users SET password = ? WHERE userId = ?", (new_password, user_id))
                     conn.commit()
-                    msg="Changed successfully"
+                    msg = "Changed successfully"
                 except:
                     conn.rollback()
                     msg = "Failed"
@@ -147,6 +163,7 @@ def change_password():
     else:
         return render_template("changePassword.html")
 
+
 @app.route("/updateProfile", methods=["GET", "POST"])
 def update_profile():
     if request.method == 'POST':
@@ -161,27 +178,31 @@ def update_profile():
         country = request.form['country']
         phone = request.form['phone']
         with sqlite3.connect('database.db') as con:
-                try:
-                    cur = con.cursor()
-                    cur.execute('UPDATE users SET firstName = ?, lastName = ?, address1 = ?, address2 = ?, zipcode = ?, city = ?, state = ?, country = ?, phone = ? WHERE email = ?', (first_name, last_name, address1, address2, zipcode, city, state, country, phone, email))
+            try:
+                cur = con.cursor()
+                cur.execute(
+                    'UPDATE users SET firstName = ?, lastName = ?, address1 = ?, address2 = ?, zipcode = ?, city = ?, state = ?, country = ?, phone = ? WHERE email = ?',
+                    (first_name, last_name, address1, address2, zipcode, city, state, country, phone, email))
 
-                    con.commit()
-                    msg = "Saved Successfully"
-                except:
-                    con.rollback()
-                    msg = "Error occured"
+                con.commit()
+                msg = "Saved Successfully"
+            except:
+                con.rollback()
+                msg = "Error occured"
         con.close()
         return redirect(url_for('edit_profile'))
 
+
 @app.route("/loginForm")
 def login_form():
     # Uncomment to enable logging in and registration
-    #if 'email' in session:
+    if 'email' in session:
         return redirect(url_for('root'))
-    #else:
-    #    return render_template('login.html', error='')
+    else:  # Uncommented by Yeab 1/18/2023
+        return render_template('login.html', error='')
 
-@app.route("/login", methods = ['POST', 'GET'])
+
+@app.route("/login", methods=['POST', 'GET'])
 def login():
     if request.method == 'POST':
         email = request.form['email']
@@ -193,6 +214,7 @@ def login():
             error = 'Invalid UserId / Password'
             return render_template('login.html', error=error)
 
+
 @app.route("/productDescription")
 def product_description():
     logged_in, first_name, no_of_items = get_login_details()
@@ -206,6 +228,7 @@ def product_description():
     return render_template("productDescription.html", data=productData, loggedIn=logged_in, firstName=first_name,
                            noOfItems=no_of_items)
 
+
 @app.route("/addToCart")
 def add_to_cart():
     if 'email' not in session:
@@ -226,6 +249,7 @@ def add_to_cart():
         conn.close()
         return redirect(url_for('root'))
 
+
 @app.route("/cart")
 def cart():
     if 'email' not in session:
@@ -236,12 +260,16 @@ def cart():
         cur = conn.cursor()
         cur.execute("SELECT userId FROM users WHERE email = '" + email + "'")
         user_id = cur.fetchone()[0]
-        cur.execute("SELECT products.productId, products.name, products.price, products.image FROM products, kart WHERE products.productId = kart.productId AND kart.userId = " + str(user_id))
+        cur.execute(
+            "SELECT products.productId, products.name, products.price, products.image FROM products, kart WHERE products.productId = kart.productId AND kart.userId = " + str(
+                user_id))
         products = cur.fetchall()
     total_price = 0
     for row in products:
         total_price += row[2]
-    return render_template("cart.html", products = products, totalPrice=total_price, loggedIn=logged_in, firstName=first_name, noOfItems=no_of_items)
+    return render_template("cart.html", products=products, totalPrice=total_price, loggedIn=logged_in,
+                           firstName=first_name, noOfItems=no_of_items)
+
 
 @app.route("/removeFromCart")
 def remove_from_cart():
@@ -263,11 +291,13 @@ def remove_from_cart():
     conn.close()
     return redirect(url_for('root'))
 
+
 @app.route("/logout")
 def logout():
     session.pop('email', None)
     return redirect(url_for('root'))
 
+
 def is_valid(email, password):
     con = sqlite3.connect('database.db')
     cur = con.cursor()
@@ -279,7 +309,7 @@ def is_valid(email, password):
     return False
 
 
-@app.route("/checkout", methods=['GET','POST'])
+@app.route("/checkout", methods=['GET', 'POST'])
 def payment():
     if 'email' not in session:
         return redirect(url_for('login_form'))
@@ -290,24 +320,26 @@ def payment():
         cur = conn.cursor()
         cur.execute("SELECT userId FROM users WHERE email = '" + email + "'")
         user_id = cur.fetchone()[0]
-        cur.execute("SELECT products.productId, products.name, products.price, products.image FROM products, kart WHERE products.productId = kart.productId AND kart.userId = " + str(user_id))
+        cur.execute(
+            "SELECT products.productId, products.name, products.price, products.image FROM products, kart WHERE products.productId = kart.productId AND kart.userId = " + str(
+                user_id))
         products = cur.fetchall()
     total_price = 0
     for row in products:
         total_price += row[2]
-        print(row)
+        #  print(row)
         cur.execute("INSERT INTO Orders (userId, productId) VALUES (?, ?)", (user_id, row[0]))
     cur.execute("DELETE FROM kart WHERE userId = " + str(user_id))
     conn.commit()
 
-
+    return render_template("checkout.html", products=products, totalPrice=total_price, loggedIn=logged_in,
+                           firstName=first_name, noOfItems=no_of_items)
 
-    return render_template("checkout.html", products = products, totalPrice=total_price, loggedIn=logged_in, firstName=first_name, noOfItems=no_of_items)
 
-@app.route("/register", methods = ['GET', 'POST'])
+@app.route("/register", methods=['GET', 'POST'])
 def register():
     if request.method == 'POST':
-        #Parse form data    
+        # Parse form data
         password = request.form['password']
         email = request.form['email']
         first_name = request.form['firstName']
@@ -323,7 +355,10 @@ def register():
         with sqlite3.connect('database.db') as con:
             try:
                 cur = con.cursor()
-                cur.execute('INSERT INTO users (password, email, firstName, lastName, address1, address2, zipcode, city, state, country, phone) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)', (hashlib.md5(password.encode()).hexdigest(), email, first_name, last_name, address1, address2, zipcode, city, state, country, phone))
+                cur.execute(
+                    'INSERT INTO users (password, email, firstName, lastName, address1, address2, zipcode, city, state, country, phone) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)',
+                    (hashlib.md5(password.encode()).hexdigest(), email, first_name, last_name, address1, address2,
+                     zipcode, city, state, country, phone))
 
                 con.commit()
 
@@ -334,13 +369,16 @@ def register():
         con.close()
         return render_template("login.html", error=msg)
 
+
 @app.route("/registrationForm")
 def registration_form():
     return render_template("register.html")
 
+
 def allowed_file(filename):
     return '.' in filename and \
-            filename.rsplit('.', 1)[1] in ALLOWED_EXTENSIONS
+        filename.rsplit('.', 1)[1] in ALLOWED_EXTENSIONS
+
 
 def parse(data):
     ans = []
@@ -355,5 +393,6 @@ def parse(data):
         ans.append(curr)
     return ans
 
+
 if __name__ == '__main__':
     app.run(debug=True)