5

I want to have a page on my website where you have multiple buttons that send a different POST request to modify some part of my database.

Currently, only the top if statement gets executed. If I try the two bottom ones, I get:The browser (or proxy) sent a request that this server could not understand.

If I switch them around, it is always the top if statement that gets executed.

Am I doing this wrong? Is there a better way to do this kind of thing?

@app.route('/', methods=["GET", "POST"])
@login_required
def homepage():
    if request.method == "POST" and request.form['estimatedCost']:
        _projectName = request.form['projectName']
        _estimatedCost = request.form['estimatedCost']
        _amountAllocated = request.form['amountAllocated']
        conn, cursor = connectDB()
        cursor.execute("INSERT INTO `project` (`name`, `estimatedCost`, `amountAllocated`, `pStatus`, `actualCost`, `estimatedDuration`, `actualDuration`, `costDifference`) VALUES ( '" + _projectName + "', '" + _estimatedCost + "', '" + _amountAllocated + "', 'NOT STARTED', 0, 0, 0, NULL)")
        conn.commit()
        conn.close()
        return redirect('/')
    if request.method == "POST" and request.form['delete']:
        _delete = request.form['delete']
        conn, cursor = connectDB()
        cursor.execute("DELETE FROM project WHERE name = '" + _delete + "'")
        conn.commit()
        conn.close()
        return redirect('/')
    if request.method == "POST" and request.form['pid']:
        _pid = request.form['pid']
        _status = request.form['status']
        conn, cursor = connectDB()
        cursor.execute("UPDATE project SET pStatus = '" + _status + "' WHERE name = '" + _pid + "'")
        conn.commit()
        conn.close()
        return redirect('/')
    conn, cursor = connectDB()
    cursor.execute("SELECT * FROM project")
    projects = cursor.fetchall()
    conn.close()
    return render_template("dashboard.html", projectDic = projects)
Radu
  • 183
  • 2
  • 8
  • Firstly, all three if statements include this `if request.method == "POST"` part, so I would make that a top level if statement and check the other three conditions inside that using if, elif, elif. Also, what you are checking with `request.form['estimatedCost']` is that the form has that key with a truthy value... But you should confirm what all three values are at once (via a print statement, or logging statement) since they could all be truthy at the same time. This could explain why only the top condition works. – JacobIRR Apr 10 '17 at 21:55
  • @JacobIRR I have the three forms in separated modals (bootstrap), so it is impossible for a user to have input in more than one form. – Radu Apr 10 '17 at 21:57
  • Check if the top statement has a truth value. If it does and it is true, then that would explain why only the top level statement works – lordingtar Apr 10 '17 at 22:00
  • I think the problem might be even you are intending to post to the second if. The first if will still try to check the `estimatedCost` which doesn't exist and cause the error – Bobby Apr 10 '17 at 22:24
  • @Bobby How would you go about checking if request.form['estimatedCost'] field is filled? – Radu Apr 10 '17 at 22:31

1 Answers1

8

I managed to find a solution for my problem.

Because request.form['key'] was causing an error if it didn't exist, instead of just become False, it was making the page to crash.

Instead, I used "key" in request.form to check if that input was filled in the form.

Here is the corrected code:

@app.route('/', methods=["GET", "POST"])
@login_required
def homepage():
    if request.method == "POST" and "estimatedCost" in request.form:
        _projectName = request.form['projectName']
        _estimatedCost = request.form['estimatedCost']
        _amountAllocated = request.form['amountAllocated']
        conn, cursor = connectDB()
        cursor.execute("INSERT INTO `project` (`name`, `estimatedCost`, `amountAllocated`, `pStatus`, `actualCost`, `estimatedDuration`, `actualDuration`, `costDifference`) VALUES ( '" + _projectName + "', '" + _estimatedCost + "', '" + _amountAllocated + "', 'NOT STARTED', 0, 0, 0, NULL)")
        conn.commit()
        conn.close()
        return redirect('/')
    if request.method == "POST" and "delete" in request.form:
        _delete = request.form['delete']
        conn, cursor = connectDB()
        cursor.execute("DELETE FROM project WHERE name = '" + _delete + "'")
        conn.commit()
        conn.close()
        return redirect('/')
    if request.method == "POST" and "pid" in request.form:
        _pid = request.form['pid']
        _status = request.form['status']
        conn, cursor = connectDB()
        cursor.execute("UPDATE project SET pStatus = '" + _status + "' WHERE name = '" + _pid + "'")
        conn.commit()
        conn.close()
        return redirect('/')
    conn, cursor = connectDB()
    cursor.execute("SELECT * FROM project")
    projects = cursor.fetchall()
    conn.close()
    return render_template("dashboard.html", projectDic = projects)
Radu
  • 183
  • 2
  • 8