CS1116/CS5018

Web Development 2

Dr Derek Bridge

School of Computer Science & Information Technology

University College Cork

Sessions

Session ids

Session state

Case study 2: a very, very, very simple shopping cart

Suppose our company Shrine of Bacchus Wines sell wines, listed in this database:

CREATE TABLE wines 
(
    wine_id INT AUTO_INCREMENT,
    name VARCHAR(255) NOT NULL,
    price DECIMAL(5, 2) NOT NULL,
    PRIMARY KEY (wine_id)
);

Overview of the programs

The shopping cart system uses three scripts.

show.catalog.py:
displaying our wine catalog

#!/usr/local/bin/python3

from cgitb import enable
enable()

import pymysql as db

print('Content-Type: text/html')
print()

result = ''
try:
    connection = db.connect('localhost', 'userid', 'password', 'database_name')
    cursor = connection.cursor(db.cursors.DictCursor)
    cursor.execute("""SELECT * FROM wines ORDER BY wine_id""")
    result = """<table>
                <tr><th colspan="3">Our Wines</th></tr>
                <tr><th>Name</th><th>Price</th><th></th></tr>"""
    for row in cursor.fetchall():
        result += """<tr>
                        <td>%s</td>
                        <td>%s</td>
                        <td><a href="add_to_cart.py?wine_id=%s">Add to cart</a></td>
                     </tr>""" % (row['name'], row['price'], row['wine_id'])
    result += '</table>'
    cursor.close()  
    connection.close()
except db.Error:
    result = '<p>Sorry! We are experiencing problems at the moment. Please call back later.</p>'
    
print("""<!DOCTYPE html>
    <html lang="en">
        <head>
            <meta charset="utf-8" />
            <title>Shrine of Bacchus Wines</title>
        </head>
        <body>
            %s
            <p>
                <a href="show_cart.py">Show cart</a>
            </p>
        </body>
    </html>""" % (result))

add_to_cart.py:
adding to the shopping cart

#!/usr/local/bin/python3

from cgitb import enable 
enable()

from cgi import FieldStorage 
from os import environ
from hashlib import sha256
from time import time
from shelve import open
from http.cookies import SimpleCookie

result = ''
try:
    cookie = SimpleCookie()
    http_cookie_header = environ.get('HTTP_COOKIE')
    if not http_cookie_header:
        sid = sha256(repr(time()).encode()).hexdigest()
        cookie['sid'] = sid
    else:
        cookie.load(http_cookie_header)
        if 'sid' not in cookie:
            sid = sha256(repr(time()).encode()).hexdigest()
            cookie['sid'] = sid
        else:
            sid = cookie['sid'].value

    session_store = open('sess_' + sid, writeback=True)

    # Get the id of the item being added to the cart
    form_data = FieldStorage()
    wine_id = form_data.getfirst('wine_id')

    # If this item is not in the cart already, then quantity is 1; otherwise, increment the quantity.
    qty = session_store.get(wine_id)
    if not qty:
        qty = 1
    else:
        qty +=1
    session_store[wine_id] = qty
    session_store.close()

    print(cookie)
    result = '<p>Item successfully added to your cart.</p>'
except IOError:
    result = '<p>Sorry! We are experiencing problems at the moment. Please call back later.</p>'
    
print('Content-Type: text/html')
print()
print("""
    <!DOCTYPE html>
    <html lang="en">
        <head>
            <meta charset="utf-8" />
            <title>Shrine of Bacchus Wines</title>
        </head>
        <body>
            %s
            <p>
                <a href="show_cart.py">Show cart</a>
            </p>
            <p>
                <a href="show_catalog.py">Show catalog</a>
            </p>
        </body>
    </html>""" % (result))

show_cart.py:
displaying the shopping cart

#!/usr/local/bin/python3

from cgitb import enable 
enable()

from os import environ
from hashlib import sha256
from time import time
from shelve import open
from http.cookies import SimpleCookie
import pymysql as db

result = ''
try:
    cookie = SimpleCookie()
    http_cookie_header = environ.get('HTTP_COOKIE')
    if not http_cookie_header:
        sid = sha256(repr(time()).encode()).hexdigest()
        cookie['sid'] = sid
    else:
        cookie.load(http_cookie_header)
        if 'sid' not in cookie:
            sid = sha256(repr(time()).encode()).hexdigest()
            cookie['sid'] = sid
        else:    
            sid = cookie['sid'].value

    session_store = open('sess_' + sid, writeback=True)

    if len(session_store) == 0:
        result = '<p>No items in shopping cart.</p>'
    else:
        connection = db.connect('localhost', 'userid', 'password', 'database_name')
        cursor = connection.cursor(db.cursors.DictCursor)
        result = """<table>
                    <tr><th colspan="2">Your Cart</th></tr>
                    <tr><th>Wine</th><th>Quantity</th></tr>"""
        for wine_id in session_store:
            cursor.execute("""SELECT name FROM wines 
                               WHERE wine_id = %s""", (wine_id))
            row = cursor.fetchone()
            result += '<tr><td>%s</td><td>%s</td></tr>' % (row['name'], session_store.get(wine_id))
        result += '</table>'
        cursor.close()  
        connection.close()
 
    session_store.close()
    print(cookie)
except (db.Error, IOError):
    result = '<p>Sorry! We are experiencing problems at the moment. Please call back later.</p>'
    
print('Content-Type: text/html')
print()
print("""
    <!DOCTYPE html>
    <html lang="en">
        <head>
            <meta charset="utf-8" />
            <title>Shrine of Bacchus Wines</title>
        </head>
        <body>
            %s
            <p>
                <a href="show_catalog.py">Show catalog</a>
            </p>
        </body>
    </html>""" % (result))