123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111 |
- # from sqlalchemy import metadata
- import sqlalchemy as db
-
- #########################
- # stack overflow:
- # Python sanitizing html from a string
- def escape(htmlstring):
- escapes = {'\"': '"',
- '\'': ''',
- '<': '<',
- '>': '>'}
- # This is done first to prevent escaping other escapes.
- htmlstring = htmlstring.replace('&', '&')
- for seq, esc in escapes.iteritems():
- htmlstring = htmlstring.replace(seq, esc)
- return htmlstring
- #########################
-
- # connect to server
- engine = db.create_engine('mysql+pymysql://root:@0.0.0.0/registro_escolar_1')
-
- connection = engine.connect()
- # estudiantes = db.Table('estudiantes', metadata, autoload=True, autoload_with=engine)
- # usuarios = db.Table('usuarios', metadata, autoload=True, autoload_with=engine)
-
- def admin():
- query = 'SELECT u.id, u.nombres, u.apellidos, u.email FROM usuarios u,administracion a WHERE u.id = a.user_id'
- result_db = connection.execute(query).fetchall()
-
- ###### headers
-
- headers = '['
- headers += '{"nombre":"Nombre"}'
- headers += ','
- headers += '{"nombre":"Posicion"}'
- headers += ','
- headers += '{"nombre":"Email"}'
- headers += ','
- headers += '{"nombre":"Informacion"}'
- headers += ','
- headers += '{"nombre":"Editar"}'
- headers += ']'
-
- ###### tabla
-
-
- modal_content = '['
- tabla = '['
- i = 0
- len_result = len(result_db)
- for q in result_db:
- i = i+1
- tabla += '{'
- modal_content += '{'
- tabla += '"Nombre":"'+escape(q[1])+' '+escape(q[2])+'"'
- modal_content += '"Nombre":"'+escape(q[1])+' '+escape(q[2])+'"'
- tabla += ','
- modal_content += ','
-
- query = 'SELECT posicion FROM administracion a WHERE a.user_id = ' + str(q[0])
- posicion = connection.execute(query).fetchall()
-
- tabla += '"Posicion":"'+escape(str(posicion[0][0]))+'"'
- modal_content += '"Posicion":"'+escape(str(posicion[0][0]))+'"'
-
- tabla += ','
- modal_content += ','
- tabla += '"Email":"'+escape(q[3])+'"'
- modal_content += '"Email":"'+escape(q[3])+'"'
- tabla += ','
- modal_content += ','
- tabla += '"user_id":"'+escape(str(q[0]))+'"'
- modal_content += '"user_id":"'+escape(str(q[0]))+'"'
- tabla += '}'
- modal_content += '}'
- if i < len_result:
- tabla += ','
- modal_content += ','
- tabla += ']'
- modal_content += ']'
-
- ###### info
-
- info = '{'
- info += '"dash_name":"Manejar Administracion"'
- info += ','
- info += '"dash_link":"/admin/ver/"'
- info += ','
- info += '"dash_sub_name":"Administracion Registrados"'
- info += ','
- info += '"add":"Anadir Administracion"'
- info += ','
- info += '"add_link":"/admin/forma/add/administracion/"'
- info += ','
- info += '"dir1":"#"'
- info += ','
- info += '"dir2":"/admin/forma/edit/administracion/"'
- info += '}'
-
- ###### modal
-
- modal = '{'
- modal += '"infoName":"Ver informacion"'
- modal += ','
- modal += '"editName":"/admin/ver/"'
- modal += '}'
-
- result = '{"headers":'+headers+',"tabla":'+tabla+',"modal_content":'+modal_content+',"info":'+info+',"modal":'+modal+'}'
-
- # print(result)
- return(result)
|