Nessuna descrizione

adminusers.py 3.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112
  1. # from sqlalchemy import metadata
  2. import sqlalchemy as db
  3. import cgi
  4. #########################
  5. # stack overflow:
  6. # Python sanitizing html from a string
  7. def escape(htmlstring):
  8. escapes = {'\"': '"',
  9. '\'': ''',
  10. '<': '&lt;',
  11. '>': '&gt;'}
  12. # This is done first to prevent escaping other escapes.
  13. htmlstring = htmlstring.replace('&', '&amp;')
  14. for seq, esc in escapes.iteritems():
  15. htmlstring = htmlstring.replace(seq, esc)
  16. return htmlstring
  17. #########################
  18. # connect to server
  19. engine = db.create_engine('mysql+pymysql://root:@0.0.0.0/registro_escolar_1')
  20. connection = engine.connect()
  21. # estudiantes = db.Table('estudiantes', metadata, autoload=True, autoload_with=engine)
  22. # usuarios = db.Table('usuarios', metadata, autoload=True, autoload_with=engine)
  23. def users():
  24. query = 'SELECT u.id, u.nombres, u.apellidos, u.email FROM usuarios u'
  25. result_db = connection.execute(query).fetchall()
  26. ###### headers
  27. headers = '['
  28. headers += '{"nombre":"Nombre"}'
  29. headers += ','
  30. headers += '{"nombre":"Email"}'
  31. headers += ','
  32. headers += '{"nombre":"Informacion"}'
  33. headers += ','
  34. headers += '{"nombre":"Editar"}'
  35. headers += ']'
  36. # headers = '[{"nombre":"Nombre"},{"nombre":"Posicion"},{"nombre":"Informacion"},{"nombre":"Editar"}]'
  37. ###### tabla
  38. # <a href="https://www.w3schools.com">Visit W3Schools</a>
  39. # <head><base href="https://www.w3schools.com/images/"></head>
  40. # <link rel="stylesheet" type="text/css" href="theme.css">
  41. tabla = '['
  42. i = 0
  43. len_result = len(result_db)
  44. for q in result_db:
  45. i = i+1
  46. tabla += '{'
  47. name = q[1]+' '+q[2]
  48. # name = 'aa'
  49. name = cgi.escape(name)
  50. tabla += '"Nombre":"'+name+'"'
  51. tabla += ','
  52. tabla += '"Email":"'+cgi.escape(q[3])+'"'
  53. tabla += ','
  54. tabla += '"user_id":"'+cgi.escape(str(q[0]))+'"'
  55. tabla += '}'
  56. if i < len_result:
  57. tabla += ','
  58. tabla += ']'
  59. ###### info
  60. info = '{'
  61. info += '"dash_name":"Manejar test"'
  62. info += ','
  63. info += '"dash_link":"/admin/ver/"'
  64. info += ','
  65. info += '"dash_sub_name":"user Registrados"'
  66. info += ','
  67. info += '"add":"Anadir nada"'
  68. info += ','
  69. info += '"add_link":"#"'
  70. info += ','
  71. info += '"dir1":"#"'
  72. info += ','
  73. info += '"dir2":"#"'
  74. info += '}'
  75. ###### modal
  76. modal = '{'
  77. modal += '"infoName":"Ver informacion"'
  78. modal += ','
  79. modal += '"editName":"/admin/ver/"'
  80. modal += '}'
  81. # modal = '{"yeas":"yes"}'
  82. # # result = '{'+headers+','+tabla+','+info+','+modal+'}'
  83. # result = '{'
  84. # result += '"headers":{'+headers+'}'
  85. # result += ','
  86. # result += '"tabla":{'+tabla+'}'
  87. # result += ','
  88. # result += '"info":'+info
  89. # result += ','
  90. # result += '"modal":{'+modal+'}'
  91. # result += '}'
  92. result = '{"headers":'+headers+',"tabla":'+tabla+',"info":'+info+',"modal":'+modal+'}'
  93. # print(result)
  94. return(result)