Hugging Face's logo

Spaces:
Subbu1304
/
subbuok
Sleeping

App Files Community
subbuok / cart.py
lokeshloki143's picture
lokeshloki143
Update cart.py
54351d9 verified
raw
history blame
18.9 kB
 from flask import Blueprint, render_template, request, session, jsonify, redirect, url_for
from salesforce import get_salesforce_connection
import re
sf = get_salesforce_connection()
cart_blueprint = Blueprint('cart', __name__)
# Utility function to sanitize SOQL inputs
def sanitize_input(value):
"""Remove potentially dangerous characters for SOQL injection."""
if value:
# Remove quotes, semicolons, and other dangerous characters
value = re.sub(r'[;\'"\\]', '', value)
return value
@cart_blueprint.route("/cart", methods=["GET"])
def cart():
email = session.get('user_email')
if not email:
return redirect(url_for("login"))
try:
# Sanitize email input
sanitized_email = sanitize_input(email)
# Fetch cart items with Category and Section
result = sf.query(f"""
SELECT Name, Price__c, Quantity__c, Add_Ons__c, Add_Ons_Price__c, Image1__c, Instructions__c, Category__c, Section__c
FROM Cart_Item__c
WHERE Customer_Email__c = '{sanitized_email}'
""")
cart_items = result.get("records", [])
subtotal = sum(item['Price__c'] for item in cart_items)
# Fetch reward points
customer_result = sf.query(f"""
SELECT Reward_Points__c
FROM Customer_Login__c
WHERE Email__c = '{sanitized_email}'
""")
reward_points = customer_result['records'][0].get('Reward_Points__c', 0) if customer_result['records'] else 0
# Fetch coupons for the user
coupon_result = sf.query(f"""
SELECT Coupon_Code__c FROM Referral_Coupon__c WHERE Referral_Email__c = '{sanitized_email}'
""")
if coupon_result["records"]:
raw_coupons = coupon_result["records"][0].get("Coupon_Code__c", "")
coupons = raw_coupons.split("\n") if raw_coupons else []
else:
coupons = []
# Initialize suggestions as an empty list
suggestions = []
# If there are items in the cart, fetch suggestions
if cart_items:
# Get the category and section of the first item in the cart
first_item = cart_items[0]
item_category = first_item.get('Category__c', 'All')
item_section = first_item.get('Section__c', 'Biryanis')
# Define section-to-complementary section mapping
complementary_sections = {
'Breads': ['Curries', 'Biryanis', 'Starters'],
'Biryanis': ['Curries', 'Starters', 'Desserts'],
'Curries': ['Biryanis', 'Breads', 'Starters'],
'Starters': ['Biryanis', 'Curries', 'Desserts'],
'Desserts': ['Biryanis', 'Curries', 'Soft Drinks'],
'Soft Drinks': ['Starters', 'Biryanis', 'Curries']
}
# Get the complementary sections
suggested_sections = complementary_sections.get(item_section, [])
# Fetch suggestions from the complementary sections
try:
for suggested_section in suggested_sections:
if item_category == "All":
query = f"""
SELECT Name, Price__c, Image1__c
FROM Menu_Item__c
WHERE Section__c = '{sanitize_input(suggested_section)}'
AND (Veg_NonVeg__c = 'Veg' OR Veg_NonVeg__c = 'Non veg')
LIMIT 4
"""
else:
query = f"""
SELECT Name, Price__c, Image1__c
FROM Menu_Item__c
WHERE Section__c = '{sanitize_input(suggested_section)}'
AND Veg_NonVeg__c = '{sanitize_input(item_category)}'
LIMIT 4
"""
suggestion_result = sf.query(query)
suggestions.extend(suggestion_result.get("records", []))
# Limit to 4 suggestions
if len(suggestions) > 4:
suggestions = suggestions[:4]
except Exception as e:
print(f"Error fetching suggestions: {e}")
return render_template(
"cart.html",
cart_items=cart_items,
subtotal=subtotal,
reward_points=reward_points,
customer_email=email,
coupons=coupons,
suggestions=suggestions
)
except Exception as e:
print(f"Error fetching cart items: {e}")
return render_template("cart.html", cart_items=[], subtotal=0, reward_points=0, coupons=[], suggestions=[])
@cart_blueprint.route("/fetch_menu_items", methods=["GET"])
def fetch_menu_items():
try:
# Get query parameters for filtering (optional)
category = request.args.get('category', 'All')
section = request.args.get('section', '')
# Sanitize inputs
category = sanitize_input(category)
section = sanitize_input(section)
# Build SOQL query (removed Active__c condition)
query = """
SELECT Name, Price__c, Image1__c, Veg_NonVeg__c, Section__c
FROM Menu_Item__c
"""
if category != 'All':
query += f" AND Veg_NonVeg__c = '{category}'"
if section:
query += f" AND Section__c = '{section}'"
query += " LIMIT 20"
result = sf.query(query)
menu_items = result.get("records", [])
return jsonify({"success": True, "menu_items": menu_items})
except Exception as e:
print(f"Error fetching menu items: {str(e)}")
return jsonify({"success": False, "error": str(e)}), 500
@cart_blueprint.route("/add_suggestion_to_cart", methods=["POST"])
def add_suggestion_to_cart():
try:
# Get data from the request
data = request.get_json()
item_name = sanitize_input(data.get('item_name').strip())
item_price = data.get('item_price')
item_image = data.get('item_image')
customer_email = sanitize_input(data.get('customer_email'))
addons = data.get('addons', [])
instructions = sanitize_input(data.get('instructions', ""))
# Validate inputs
if not all([item_name, item_price, customer_email]):
return jsonify({"success": False, "error": "Missing required fields"}), 400
# Process add-ons
addons_price = 0
addons_string = ", ".join(addons) if addons else "None"
if addons:
# Assuming addons are in format "Name ($Price)"
addons_price = sum(
float(addon.split("($")[1][:-1]) for addon in addons if "($" in addon
)
# Check if item exists in cart
query = f"""
SELECT Id, Quantity__c, Add_Ons__c, Add_Ons_Price__c, Instructions__c
FROM Cart_Item__c
WHERE Customer_Email__c = '{customer_email}' AND Name = '{item_name}'
"""
result = sf.query(query)
cart_items = result.get("records", [])
if cart_items:
# Update existing item
cart_item_id = cart_items[0]['Id']
existing_quantity = cart_items[0]['Quantity__c']
existing_addons = cart_items[0].get('Add_Ons__c', "None")
existing_addons_price = cart_items[0].get('Add_Ons_Price__c', 0)
existing_instructions = cart_items[0].get('Instructions__c', "")
# Combine add-ons
combined_addons = existing_addons if existing_addons != "None" else ""
if addons:
combined_addons = f"{combined_addons}, {addons_string}".strip(", ")
# Combine instructions
combined_instructions = existing_instructions
if instructions:
combined_instructions = f"{combined_instructions} | {instructions}".strip(" | ")
combined_addons_price = existing_addons_price + addons_price
# Update cart item
sf.Cart_Item__c.update(cart_item_id, {
"Quantity__c": existing_quantity + 1,
"Add_Ons__c": combined_addons if combined_addons else "None",
"Add_Ons_Price__c": combined_addons_price,
"Instructions__c": combined_instructions,
"Price__c": (existing_quantity + 1) * float(item_price) + combined_addons_price
})
else:
# Create new cart item
total_price = float(item_price) + addons_price
sf.Cart_Item__c.create({
"Name": item_name,
"Price__c": total_price,
"Base_Price__c": item_price,
"Quantity__c": 1,
"Add_Ons_Price__c": addons_price,
"Add_Ons__c": addons_string,
"Image1__c": item_image,
"Customer_Email__c": customer_email,
"Instructions__c": instructions
})
return jsonify({"success": True, "message": "Item added to cart successfully."})
except Exception as e:
print(f"Error adding item to cart: {str(e)}")
return jsonify({"success": False, "error": str(e)}), 500
@cart_blueprint.route("/remove/<item_name>", methods=["POST"])
def remove_cart_item(item_name):
try:
customer_email = session.get('user_email')
if not customer_email:
return jsonify({'success': False, 'message': 'User email not found. Please log in again.'}), 400
sanitized_email = sanitize_input(customer_email)
sanitized_item_name = sanitize_input(item_name)
query = f"""
SELECT Id FROM Cart_Item__c
WHERE Customer_Email__c = '{sanitized_email}' AND Name = '{sanitized_item_name}'
"""
result = sf.query(query)
if result['totalSize'] == 0:
return jsonify({'success': False, 'message': 'Item not found in cart.'}), 400
cart_item_id = result['records'][0]['Id']
sf.Cart_Item__c.delete(cart_item_id)
return jsonify({'success': True, 'message': f"'{item_name}' removed successfully!"}), 200
except Exception as e:
print(f"Error: {str(e)}")
return jsonify({'success': False, 'message': f"An error occurred: {str(e)}"}), 500
@cart_blueprint.route("/update_quantity", methods=["POST"])
def update_quantity():
print("Handling update_quantity request...")
data = request.json
email = sanitize_input(data.get('email'))
item_name = sanitize_input(data.get('item_name'))
try:
quantity = int(data.get('quantity'))
except (ValueError, TypeError):
return jsonify({"success": False, "error": "Invalid quantity provided."}), 400
if not email or not item_name or quantity is None:
return jsonify({"success": False, "error": "Email, item name, and quantity are required."}), 400
try:
cart_items = sf.query(
f"SELECT Id, Quantity__c, Price__c, Base_Price__c, Add_Ons_Price__c FROM Cart_Item__c "
f"WHERE Customer_Email__c = '{email}' AND Name = '{item_name}'"
)['records']
if not cart_items:
return jsonify({"success": False, "error": "Cart item not found."}), 404
cart_item_id = cart_items[0]['Id']
base_price = cart_items[0]['Base_Price__c']
addons_price = cart_items[0].get('Add_Ons_Price__c', 0)
new_item_price = (base_price * quantity) + addons_price
sf.Cart_Item__c.update(cart_item_id, {
"Quantity__c": quantity,
"Price__c": new_item_price,
})
cart_items = sf.query(f"""
SELECT Price__c, Add_Ons_Price__c
FROM Cart_Item__c
WHERE Customer_Email__c = '{email}'
""")['records']
new_subtotal = sum(item['Price__c'] for item in cart_items)
return jsonify({"success": True, "new_item_price": new_item_price, "subtotal": new_subtotal})
except Exception as e:
print(f"Error updating quantity: {str(e)}")
return jsonify({"success": False, "error": str(e)}), 500
@cart_blueprint.route("/checkout", methods=["POST"])
def checkout():
email = session.get('user_email')
if not email:
return jsonify({"success": False, "message": "User not logged in"}), 401
try:
sanitized_email = sanitize_input(email)
# Fetch selected coupon
data = request.json
selected_coupon = data.get("selectedCoupon", "").strip() if data.get("selectedCoupon") else None
# Fetch cart items
result = sf.query(f"""
SELECT Id, Name, Price__c, Add_Ons_Price__c, Quantity__c, Add_Ons__c, Instructions__c, Image1__c
FROM Cart_Item__c
WHERE Customer_Email__c = '{sanitized_email}'
""")
cart_items = result.get("records", [])
if not cart_items:
return jsonify({"success": False, "message": "Cart is empty"}), 400
subtotal = sum(item['Price__c'] for item in cart_items)
discount = 0
# Apply coupon if selected
if selected_coupon:
discount = subtotal * 0.10 # 10% discount
total = subtotal - discount
# Prepare cart items for response
bill_items = [
{
"name": item['Name'],
"quantity": item['Quantity__c'],
"price": item['Price__c'],
"addons": item.get('Add_Ons__c', 'None'),
"instructions": item.get('Instructions__c', 'None'),
"image": item['Image1__c']
} for item in cart_items
]
# Fetch menu items for "Anything else you want?" (removed Active__c condition)
menu_query = """
SELECT Name, Price__c, Image1__c, Veg_NonVeg__c, Section__c
FROM Menu_Item__c
LIMIT 20
"""
menu_result = sf.query(menu_query)
menu_items = menu_result.get("records", [])
return jsonify({
"success": True,
"cart": {
"items": bill_items,
"subtotal": subtotal,
"discount": discount,
"total": total,
"selected_coupon": selected_coupon
},
"menu_items": menu_items
})
except Exception as e:
print(f"Error during checkout: {str(e)}")
return jsonify({"success": False, "error": str(e)}), 500
@cart_blueprint.route("/submit_order", methods=["POST"])
def submit_order():
email = session.get('user_email')
user_id = session.get('user_name')
table_number = session.get('table_number')
if not email or not user_id:
return jsonify({"success": False, "message": "User not logged in"}), 401
try:
sanitized_email = sanitize_input(email)
data = request.json
cart = data.get("cart")
if not cart:
return jsonify({"success": False, "message": "Cart data is required"}), 400
# Fetch cart items to validate
result = sf.query(f"""
SELECT Id, Name, Price__c, Add_Ons_Price__c, Quantity__c, Add_Ons__c, Instructions__c, Image1__c
FROM Cart_Item__c
WHERE Customer_Email__c = '{sanitized_email}'
""")
cart_items = result.get("records", [])
if not cart_items:
return jsonify({"success": False, "message": "Cart is empty"}), 400
subtotal = cart.get("subtotal")
discount = cart.get("discount", 0)
total = cart.get("total")
selected_coupon = cart.get("selected_coupon")
# Handle coupon redemption
if selected_coupon:
coupon_query = sf.query(f"""
SELECT Id, Coupon_Code__c FROM Referral_Coupon__c WHERE Referral_Email__c = '{sanitized_email}'
""")
if coupon_query["records"]:
referral_coupon_id = coupon_query["records"][0]["Id"]
existing_coupons = coupon_query["records"][0]["Coupon_Code__c"].split("\n")
updated_coupons = [coupon for coupon in existing_coupons if coupon.strip() != selected_coupon]
updated_coupons_str = "\n".join(updated_coupons).strip() or None
sf.Referral_Coupon__c.update(referral_coupon_id, {
"Coupon_Code__c": updated_coupons_str
})
# Add reward points if no coupon
if not selected_coupon:
reward_points_to_add = subtotal * 0.10
customer_record = sf.query(f"""
SELECT Id, Reward_Points__c FROM Customer_Login__c
WHERE Email__c = '{sanitized_email}'
""")
if customer_record["records"]:
customer = customer_record["records"][0]
current_reward_points = customer.get("Reward_Points__c", 0)
new_reward_points = current_reward_points + reward_points_to_add
sf.Customer_Login__c.update(customer["Id"], {
"Reward_Points__c": new_reward_points
})
# Prepare order details
order_details = "\n".join(
f"{item['Name']} x{item['Quantity__c']} | Add-Ons: {item.get('Add_Ons__c', 'None')} | "
f"Instructions: {item.get('Instructions__c', 'None')} | "
f"Price: ${item['Price__c']} | Image: {item['Image1__c']}"
for item in cart_items
)
# Fetch Customer ID
customer_query = sf.query(f"""
SELECT Id FROM Customer_Login__c
WHERE Email__c = '{sanitized_email}'
""")
customer_id = customer_query["records"][0]["Id"] if customer_query["records"] else None
if not customer_id:
return jsonify({"success": False, "message": "Customer record not found"}), 404
table_number = table_number if table_number != 'null' else None
order_data = {
"Customer_Name__c": user_id,
"Customer_Email__c": email,
"Total_Amount__c": subtotal,
"Discount__c": discount,
"Total_Bill__c": total,
"Order_Status__c": "Pending",
"Customer2__c": customer_id,
"Order_Details__c": order_details,
"Table_Number__c": table_number
}
order_response = sf.Order__c.create(order_data)
# Delete cart items
if order_response:
for item in cart_items:
sf.Cart_Item__c.delete(item["Id"])
return jsonify({"success": True, "message": "Order placed successfully!"})
except Exception as e:
print(f"Error during order submission: {str(e)}")
return jsonify({"success": False, "error": str(e)}), 500