# from sqlalchemy import metadata import sqlalchemy as db ######################### # stack overflow: # Python sanitizing html from a string def escape(htmlstring): escapes = {'\"': '"', '\'': ''', '<': '<', '>': '>'} # This is done first to prevent escaping other escapes. htmlstring = htmlstring.replace('&', '&') for seq, esc in escapes.iteritems(): htmlstring = htmlstring.replace(seq, esc) return htmlstring ######################### # connect to server engine = db.create_engine('mysql+pymysql://root:@0.0.0.0/registro_escolar_1') connection = engine.connect() # estudiantes = db.Table('estudiantes', metadata, autoload=True, autoload_with=engine) # usuarios = db.Table('usuarios', metadata, autoload=True, autoload_with=engine) def estudiantes(): query = 'SELECT u.id, u.nombres, u.apellidos, u.email FROM usuarios u, estudiantes m WHERE u.id = m.user_id' result_db = connection.execute(query).fetchall() ###### headers headers = '[' headers += '{"nombre":"Nombre"}' headers += ',' headers += '{"nombre":"Grado"}' headers += ',' headers += '{"nombre":"Email"}' headers += ',' headers += '{"nombre":"Informacion"}' headers += ',' headers += '{"nombre":"Editar"}' headers += ']' # headers = '[{"nombre":"Nombre"},{"nombre":"Posicion"},{"nombre":"Informacion"},{"nombre":"Editar"}]' ###### tabla tabla = '[' modal_content = '[' i = 0 len_result = len(result_db) for q in result_db: i = i+1 tabla += '{' modal_content += '{' tabla += '"Nombre":"'+escape(q[1])+' '+escape(q[2])+'"' modal_content += '"Nombre":"'+escape(q[1])+' '+escape(q[2])+'"' tabla += ',' modal_content += ',' query = 'SELECT grado FROM estudiantes e WHERE e.user_id = ' + str(q[0]) total_hijos = connection.execute(query).fetchall() tabla += '"Hijos Matriculados":"'+str(total_hijos[0][0])+'"' modal_content += '"Hijos Matriculados":"'+str(total_hijos[0][0])+'"' tabla += ',' modal_content += ',' tabla += '"Email":"'+escape(q[3])+'"' modal_content += '"Email":"'+escape(q[3])+'"' tabla += ',' modal_content += ',' tabla += '"user_id":"'+str(q[0])+'"' modal_content += '"user_id":"'+str(q[0])+'"' tabla += '}' modal_content += '}' if i < len_result: tabla += ',' modal_content += ',' tabla += ']' modal_content += ']' ###### info info = '{' info += '"dash_name":"Manejar Estudiantes"' info += ',' info += '"dash_link":"/admin/ver/"' info += ',' info += '"dash_sub_name":"Estudiantes Registrados"' info += ',' info += '"add":"Anadir Estudiantes"' info += ',' info += '"add_link":"/admin/forma/add/estudiante/"' info += ',' info += '"dir1":"#"' info += ',' info += '"dir2":"/admin/forma/edit/estudiante/"' info += '}' ###### modal modal = '{' modal += '"infoName":"Ver informacion"' modal += ',' modal += '"editName":"/admin/ver/"' modal += '}' result = '{"headers":'+headers+',"tabla":'+tabla+',"modal_content":'+modal_content+',"info":'+info+',"modal":'+modal+'}' # print(result) return(result)