-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.py
358 lines (285 loc) · 12.4 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
from flask import Flask, render_template ,url_for, request, flash, redirect,session
from markupsafe import escape
import mysql.connector
# Create a Flask application instance
app = Flask(__name__)
app.secret_key= b'_5#y2L"F4Q8z\n\xec]/'
mydb=mysql.connector.connect(
host="localhost",
user="root",
password="npol",
database="project"
)
mycursor= mydb.cursor(dictionary=True)
# Define a route and a function to handle the route
@app.route('/', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
if username == "admin" and password == "admin":
session['username'] = username
flash('Login successful')
return redirect(url_for('home'))
else:
flash('Invalid username or password')
return redirect(url_for('login'))
return render_template('login.html')
@app.route('/home')
def home():
if 'username' in session:
username = session['username']
return render_template('cover.html', username=username)
else:
flash('You need to log in first.')
return redirect(url_for('login'))
@app.route('/elogin', methods=['GET', 'POST'])
def elogin():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
# Use your criteria for employee login
if username == "admin" and password == "12345":
session['eusername'] = username
flash('Admin login successful')
return redirect(url_for('employee'))
else:
flash('Invalid admin username or password')
return redirect(url_for('elogin'))
return render_template('alogin.html')
@app.route('/employee')
def employee():
if 'eusername' in session:
# Retrieve all employees
mycursor.execute("SELECT * FROM project.employee")
employees = mycursor.fetchall()
# Retrieve the count of pending leave applications for each employee
sql = """
SELECT Employeeid, COUNT(*) as pending_count
FROM project.leave_applications
WHERE status = 'Pending'
GROUP BY Employeeid
"""
mycursor.execute(sql)
pending_counts = mycursor.fetchall()
# Create a dictionary for easy lookup of pending leave counts
pending_counts_dict = {item['Employeeid']: item['pending_count'] for item in pending_counts}
return render_template('home.html', employees=employees, pending_counts=pending_counts_dict)
else:
flash('You need to log in as an admin first.')
return redirect(url_for('elogin'))
@app.route("/employee/create" , methods=['GET'])
def show_employee_create_form():
if 'eusername' in session:
return render_template('create.html')
else:
flash('You need to log in as an admin first.')
return redirect(url_for('elogin'))
@app.route('/employee/createemployee', methods=['POST'])
def create():
if 'eusername' in session:
# Get form data
Employeeid = escape(request.form['Employeeid'])
FirstName = escape(request.form['FirstName'])
LastName = escape(request.form['LastName'])
Age = escape(request.form['Age'])
Designation = escape(request.form['Designation'])
Salary = escape(request.form['Salary'])
sql = """INSERT INTO employee (Employeeid, FirstName, LastName, Age, Designation, Salary) VALUES (%s, %s, %s, %s, %s, %s)"""
values = (Employeeid, FirstName, LastName, Age, Designation, Salary)
mycursor.execute(sql, values)
mydb.commit()
if mycursor.rowcount > 0:
flash("Employee created successfully")
else:
flash("Failed to create employee")
return redirect(url_for('employee'))
else:
flash('You need to log in as an admin first.')
return redirect(url_for('elogin'))
@app.route('/employee/edit/<Employeeid>', methods=['GET', 'POST'])
def edit_employee(Employeeid):
if 'eusername' in session:
Employeeid = escape(Employeeid)
if request.method == 'GET':
return show_employee_edit_form(Employeeid)
else:
FirstName = escape(request.form['FirstName'])
LastName = escape(request.form['LastName'])
Age = escape(request.form['Age'])
Designation = escape(request.form['Designation'])
Salary = escape(request.form['Salary'])
sql = """UPDATE employee SET FirstName = %s, LastName = %s, Age = %s, Designation = %s, Salary = %s WHERE Employeeid = %s"""
val = (FirstName, LastName, Age, Designation, Salary, Employeeid)
mycursor.execute(sql, val)
mydb.commit()
if mycursor.rowcount > 0:
flash("Employee record updated successfully")
else:
flash("Failed to update employee record")
return redirect(url_for('employee'))
else:
flash('You need to log in as an admin first.')
return redirect(url_for('elogin'))
def show_employee_edit_form(Employeeid):
if 'eusername' in session:
sql = "SELECT * FROM employee WHERE Employeeid = %s"
val = (Employeeid,)
mycursor.execute(sql, val)
myresult = mycursor.fetchone()
return render_template("edit.html", employee=myresult)
else:
flash('You need to log in as an admin first.')
return redirect(url_for('elogin'))
@app.route('/employee/delete/<Employeeid>', methods=['GET', 'POST'])
def delete_employee(Employeeid):
Employeeid=escape(Employeeid)
if request.method=='GET':
return show_employee_delete_form(Employeeid)
else:
Employeeid=escape(Employeeid)
sql="DELETE FROM employee where Employeeid= %s"
val=(Employeeid,)
mycursor.execute(sql,val)
mydb.commit()
if mycursor.rowcount>0:
flash("Employee deleted successfully")
else:
flash("Failed to delete employee")
return redirect(url_for('employee'))
def show_employee_delete_form(Employeeid):
if 'eusername' in session:
sql = "SELECT * FROM employee WHERE Employeeid = %s"
val = (Employeeid,)
mycursor.execute(sql, val)
myresult = mycursor.fetchone()
return render_template("delete.html", employee=myresult)
else:
flash('You need to log in as an admin first.')
return redirect(url_for('elogin'))
@app.route('/employee/actions/<Employeeid>', methods=['GET', 'POST'])
def actions(Employeeid):
Employeeid = escape(Employeeid)
# Retrieve the employee object
sql = "SELECT * FROM employee WHERE Employeeid = %s"
val = (Employeeid,)
mycursor.execute(sql, val)
employee = mycursor.fetchone()
# Check if employee exists
if employee:
return render_template('eactions.html', employee=employee)
else:
flash("Employee not found")
return redirect(url_for('employee'))
@app.route("/employee_register", methods=['GET', 'POST'])
def employee_register():
if request.method == "POST":
Employeeid= escape(request.form["Employeeid"])
password= escape(request.form["password"])
sql="insert into employee_login (Employeeid, password) values (%s,%s)"
val=(Employeeid , password)
mycursor.execute(sql,val)
mydb.commit()
flash("Registration Succesful")
return redirect (url_for('employee_login'))
return render_template("empregister.html")
@app.route("/employee_login", methods=['GET', 'POST'])
def employee_login():
if request.method == 'POST':
Employeeid= escape( request.form["Employeeid"])
password= escape(request.form["password"])
sql= "select * from employee_login where Employeeid = %s and password = %s"
val= (Employeeid, password)
mycursor.execute(sql,val)
employee=mycursor.fetchone()
if employee:
session["Employeeid"] = Employeeid
flash("Login Succesful")
return redirect(url_for("employee_dashboard"))
else:
flash("Invalid Employeeid or password")
return redirect(url_for ("employee_login"))
return render_template("emplogin.html")
@app.route("/employee_dashboard", methods=['GET', 'POST'])
def employee_dashboard():
if "Employeeid" in session:
Employeeid = session["Employeeid"]
sql= "select * from employee where Employeeid = %s"
val= (Employeeid,)
mycursor.execute(sql, val )
employee = mycursor.fetchone()
if employee:
return render_template("empdashboard.html", employee=employee)
else:
flash("No employee details found.")
return redirect(url_for("employee_login"))
else:
flash("You need to login first")
return redirect(url_for ("employee_login"))
@app.route("/employee/apply_leave", methods=['GET', 'POST'])
def apply_leave():
if "Employeeid" in session:
Employeeid = session["Employeeid"]
if request.method == 'POST':
# Retrieve form data
leave_type = escape(request.form['leave_type'])
other_leave_type = escape(request.form['other_leave_type']) if 'other_leave_type' in request.form else ''
leave_reason = escape(request.form['leave_reason'])
leave_start = escape(request.form['leave_start'])
leave_end = escape(request.form['leave_end'])
# Use the "Other" leave type if it's specified
if leave_type == "Other" and other_leave_type:
leave_type = other_leave_type
# Insert the new leave application into the database
sql = """
INSERT INTO leave_applications (Employeeid, leave_type, leave_reason, leave_start, leave_end)
VALUES (%s, %s, %s, %s, %s)
"""
values = (Employeeid, leave_type, leave_reason, leave_start, leave_end)
mycursor.execute(sql, values)
mydb.commit()
if mycursor.rowcount > 0:
flash("Leave application submitted successfully.")
else:
flash("Failed to submit leave application.")
return redirect(url_for("apply_leave"))
# Retrieve all leave applications for the current employee
sql = "SELECT * FROM leave_applications WHERE Employeeid = %s"
mycursor.execute(sql, (Employeeid,))
leaves = mycursor.fetchall()
return render_template("apply_leave.html", leaves=leaves)
else:
flash("You need to login first.")
return redirect(url_for("employee_login"))
@app.route('/employee/view_leave_applications/<Employeeid>', methods=['GET', 'POST'])
def view_leave_applications(Employeeid):
if 'eusername' in session:
if request.method == 'POST':
# Retrieve form data
application_id = request.form['application_id']
admin_decision = request.form['admin_decision']
# Update the leave application status in the database
sql = "UPDATE leave_applications SET status = %s WHERE sno = %s"
mycursor.execute(sql, (admin_decision, application_id))
mydb.commit()
flash("Leave application updated successfully.")
return redirect(url_for("view_leave_applications", Employeeid=Employeeid))
# Retrieve all leave applications for the specific employee
sql = "SELECT * FROM leave_applications WHERE Employeeid = %s"
mycursor.execute(sql, (Employeeid,))
leave_applications = mycursor.fetchall()
# Retrieve employee details
sql = "SELECT * FROM employee WHERE Employeeid = %s"
mycursor.execute(sql, (Employeeid,))
employee = mycursor.fetchone()
return render_template("admin_leave_applications.html", employee=employee, leave_applications=leave_applications)
else:
flash("You need to login as admin first.")
return redirect(url_for("alogin"))
@app.route("/logout")
def logout():
session.pop("Employeeid", None)
flash ("You have been logged out")
return redirect(url_for ("employee_login"))
if __name__ == '__main__':
app.run(debug=True)