<img src="/static/base/images/logo.png?v=641991992878ee24c6f3826e81054a0f" alt="Jupyter Notebook">
<h1 style="text-align: center">Notebook 8 - SQL Lab</h1>

<h3>Prerequisites</h3>

- You must have Python 3 installed on your system (<a href="https://www.python.org/downloads/">Download</a>)
- You must have Jupyter installed on your system (<a href="https://jupyter.org/install">Download</a>)
- Some knowledge of Python, HTML, CSS, Javascript and SQL may be required

<h3>Explanation of Notebook 8</h3>

This notebook will involve applying knowledge gained from the previous SQL labs by making a web application that contains a database using Flask and SQLite.

+ SQLite3 is a module included in Python (2.5+), SQLite is an embedded relational database engine, and this module is used to create a database that's stored in a single disk file, meaning that you do not have to create a server to access it.<br>
+ Flask on the other hand is a framework that allows you to work with SQLite3 module to make a CRUD (create, retrieve, update, delete) application.

<h3>Getting started</h3>

As mentioned above, "SQLite3" will be preinstalled with Python (2.5+), however, you'll need to install "Flask" and "reqests" manually. <br>
You can do this using pip in Command Prompt (Windows), or the Terminal (MacOS/Linux):<br>
<code>pip install Flask</code><br>
<code>pip install requests</code>

Otherwise, run the cells below.

In [None]:
pip install Flask

In [None]:
pip install requests

After doing so, you may proceed with the notebook.

<h3>Scenario</h3>

You are a software developer and was given the task to build a stock control system for a store that will involve customers that can create orders by selecting items, and this will involve creating four tables:

- Customer table

<code>Customer_ID</code><br>
<code>Customer_Name</code><br>

- Order table

<code>Order_ID</code><br>
<code>Customer_ID</code><br>
<code>Order_Date</code><br>
<code>Total</code><br>

- Suborder table

<code>Suborder_ID</code><br>
<code>Order_ID</code><br>
<code>Product_ID</code><br>
<code>Quantity</code><br>
<code>Subtotal</code><br>

- Product table

<code>Product_ID</code><br>
<code>Product_Name</code><br>
<code>Product_Description</code><br>
<code>Price</code><br>

These tables communicate with each other using primary and foreign keys, add the tag "(PK)" for primary keys and "(FK)" for foreign keys in each tables.

<b>Double click for the solution</b>

<!--
- Customer table

<code>Customer_ID (PK)</code><br>
<code>Customer_Name</code><br>

- Order table

<code>Order_ID (PK)</code><br>
<code>Customer_ID (FK)</code><br>
<code>Order_Date</code><br>
<code>Total</code><br>

- Suborder table

<code>Suborder_ID (PK)</code><br>
<code>Order_ID (FK)</code><br>
<code>Product_ID (FK)</code><br>
<code>Quantity</code><br>
<code>Subtotal</code><br>

- Product table

<code>Product_ID (PK)</code><br>
<code>Product_Name</code><br>
<code>Product_Description</code><br>
<code>Price</code><br>
-->

It is important to know that primary keys are uniquely identified with integers which autoincrement upon new rows, so be sure to choose the correct data types when creating the table.

<h3>Identifying relationships</h3>

As forementioned, these tables will need to communicate each other using their keys, and so after you've chosen the keys, what will their relationship types be?

<h4>Relationship types</h4>

Remember, these tables considered as "entities", ande there are three types of relationships:
+ A one-to-one relationship is when an entity can only have one instance of another, like e.g one person entity can only have one car entity
+ A one-to-many would mean one person entity can have many car entities,
+ If it's many-to-many (uncommon), it means many person entities can have many car entities but that isn't practical in most cases so a third entity is required where in this case we could say the third entity is the car and a new supplier entity is added where both the person and the supplier has a one-to-many relationship with the car entity meaning a supplier can have many cars and the person can have many cars. 

In our case, a customer can have many orders (although many orders must only have one customer), an order can have many sub orders (but a sub order can only have one order), a sub order must only have one product (yet a product can have many suborders).

<h4>Relationship degree</h4>

There's also the relationship degree, which is the number of participating entities in a relationship:
- Binary - Two entities involved
- Ternary - Three entities involved
- Quarternary - Four entities involved
- N-ary - More than four entities involved

Customer table (Binary):
- Customer_ID to Customer_ID (Order table)

Order table (Ternary):
- Customer_ID to Customer_ID (Customer table)
- Order_ID to Order_ID (Orderline table)

Suborder table (Tenary):
- Order_ID to Order_ID (Orderline table)
- Product_ID to Product_ID (Orderline table)

Producer table (Binary):
- Product_ID to Product_ID (Suborder table)

<h3>Creating the database</h3>

In [None]:
import sqlite3

DB = sqlite3.connect("data/database.db")
c = DB.cursor()

The above code will create the file "database.db" (if it doesn't exist) in the folder "data" with the cursor to fetch results from it when executing SQL statements.

This database is needed to create the tables.

<h3>Creating the tables</h3>

Using the cursor on the database created above, we can now use it to create the new tables in that database, check the cell below.

In [None]:
def create_table():
    c.execute("CREATE TABLE IF NOT EXISTS CustomerTB(Customer_ID INTEGER PRIMARY KEY AUTOINCREMENT, Customer_Name TEXT)")
    print("Customer table created") #To ensure it worked
    c.execute("CREATE TABLE IF NOT EXISTS OrderTBLE(Order_ID INTEGER PRIMARY KEY AUTOINCREMENT, Customer_ID INTEGER, Order_Date TEXT, Total REAL, FOREIGN KEY(Customer_ID) REFERENCES CustomerTB(Customer_ID))")
    print("Order table created") #To ensure it worked
    cur.execute("PRAGMA foreign_keys = ON") #Enable foreign keys
    c.close()

You can see that the cell above creates two tables, customer table and the order table. In these two tables, there's a primary key in both of them, the way the foreign key from the customer table to the order table is used is by creating the column first and then referencing the key using the table for it.

Also, notice how the last line mentions enabling foreign keys, this needs to be done every time you connect to the database to enable foreign keys, this will allow validity when managing products/customers/orders.

Note: The order table uses a different naming convention due to it having issues later on at the time of making this notebook.

In the same function, how would you create the other 2 tables for the product and the suborder?<br>
Remember, references to other tables must be at the very end of a statement or it'll result in errors.

<b>You must complete this step before moving to the next</b>

<b>Double click for the solution</b>
<!--
def create_table():
    c.execute("CREATE TABLE IF NOT EXISTS CustomerTB(Customer_ID INTEGER PRIMARY KEY AUTOINCREMENT, Customer_Name TEXT)")
    print("Customer table created") #To ensure it worked
    c.execute("CREATE TABLE IF NOT EXISTS OrderTBLE(Order_ID INTEGER PRIMARY KEY AUTOINCREMENT, Customer_ID INTEGER, Order_Date TEXT, Total REAL, FOREIGN KEY(Customer_ID) REFERENCES CustomerTB(Customer_ID))")
    print("Order table created") #To ensure it worked
    c.execute("CREATE TABLE IF NOT EXISTS ProductTB(Product_ID INTEGER PRIMARY KEY AUTOINCREMENT, Product_Name TEXT, Product_Description TEXT, Price REAL)")
    print("Product table created") #To ensure it worked
    c.execute("CREATE TABLE IF NOT EXISTS SuborderTB(Suborder_ID INTEGER PRIMARY KEY AUTOINCREMENT, Order_ID INTEGER, Product_ID INTEGER, Quantity INTEGER, Subtotal REAL, FOREIGN KEY(Order_ID) REFERENCES OrderTBLE(Order_ID), FOREIGN KEY(Product_ID) REFERENCES ProductTB(Product_ID))")
    print("Suborder table created") #To ensure it worked
    c.execute("PRAGMA foreign_keys = ON") #Enable foreign keys
    c.close()
-->

<h3>Implementing the tables and queries in Flask</h3>

Now that you have the database and its tables setup, you need to set the Flask routes so that you can execute the SQL queries.

In [None]:
from flask import *  

app = Flask(__name__) #Create Flask application

#When in root directory
@app.route("/")
def index():
    return render_template("index.html")  #Go to index.html

This cell will create a route for the root directory, which when visited it will redirect you to "index.html", which must be stored in the 'templates' folder, and this way this file looks is shown below.

You can see that it includes a link to add items and for the customers, the "/stocks" route will redirect you to a page where you can add/view/update/delete any items you added that the customers can purchase. Whereas the '/forcustomers' route redirects you to a page where you an add new customers and use them to make the orders.

The routes for managing the products and controlling the customers are shown below.

In [None]:
#When in '/stocks' directory
@app.route("/stocks")
def stocks():
    con = sqlite3.connect("data/database.db") #Connect to database
    con.row_factory = sqlite3.Row #Converts the plain tuple to a more useful object
    cur = con.cursor()  
    cur.execute("select * from ProductTB") #Select everything in the table
    rows = cur.fetchall() #Get all the rows
    
    return render_template("stocks.html", msg = "", rows = rows)  #Go to stocks.html with the rows

#When in '/forcustomers' directory
@app.route("/forcustomers")
def forcustomers():
    return render_template("forcustomers.html")  #Go to forcustomers.html

As you can see, for the stocks route it connects to the database to refresh the rows and gather all of those rows to be displayed onto the "stocks.html" page, this is so that you can look at the list of products while you are updating them.

On the customers route however, it simply just goes to the "forcustomers.html" page where you can select to either manage the customers or order something.

<h3>Controlling stocks</h3>

Now when the two links are clicked, their respective pages are loaded, the cell below shows what the "stocks.html" file looks like.

You can see that there are three forms in this file, one for adding products, another for updating products and finally for deleting products. At the very end, you also have a table showing all the rows of the products, this is so that it makes it easier for the user so that they wouldn't have to manually check the table when being updated as it is done after each action.

<h4>Adding a product</h4>

The cell below shows the route for adding a product.

In [None]:
#When in '/addProduct' directory
@app.route("/addProduct", methods = ["POST"])
def saveP():
    con = sqlite3.connect("data/database.db") #Connect to database
    con.row_factory = sqlite3.Row #Converts the plain tuple to a more useful object
    cur = con.cursor()
    cur.execute("PRAGMA foreign_keys = ON") #Enable foreign keys
    msg = "msg"
    if (request.method == "POST"): #If the user submits data
        try:  
            pname = request.form["pname"]  #Get product name
            pdesc = request.form["pdesc"]  #Get product description
            pprice = request.form["pprice"]  #Get product price

            cur.execute("INSERT into ProductTB (Product_Name, Product_Description, Price) values (?,?,?)",(pname, pdesc, pprice)) #Add the user's data  
            con.commit()  
            msg = "Product successfully added"
        except:
            con.rollback()
            msg = "Please check the details again."  
        finally:  
            #Update the rows
            cur.execute("select * from ProductTB") #Select everything in the table
            newRows = cur.fetchall() #Get all the rows
            
            return render_template("stocks.html",msg = msg, rows = newRows)  #Go to stocks.html page with the message and the rows
            con.close()

It first gets the user's submitted data and gets the entered product name, description and price from that data and then submits it onto the product table where it then refreshes the page with the new row, this refresh also happens if insertion is unsuccessful.

<h4>Updating a product</h4>

A similar process is done when updating a product, which is shown below.

In [None]:
#When in '/updateProduct' directory
@app.route("/updateProduct", methods = ["POST"])  
def updateP():  
    con = sqlite3.connect("data/database.db") #Connect to database
    con.row_factory = sqlite3.Row #Converts the plain tuple to a more useful object
    cur = con.cursor()  
    cur.execute("PRAGMA foreign_keys = ON") #Enable foreign keys
    pid = request.form["pid"] #Gets the entered product ID
    
    newRows = [0, 0, 0, 0] #Default row values
    msg = "msg"
    
    if (request.form['submit'] == "Get details"): #If "Get details" button is pressed
        try:  
            cur.execute("select * from ProductTB where Product_ID = ?", (pid,)) #Select all the values in the table with the rows with the id
            rows = cur.fetchall() #Get all rows (Will only return 1)
            currRow = rows[0] #Get first row
        
            msg = ""
        except:
            con.rollback()
            msg = "Please check the details again." 
        finally:  
            #Update the rows
            cur.execute("select * from ProductTB") #Select everything in the table
            newRows = cur.fetchall() #Get all the rows
            
            #Pass all the column values
            return render_template("stocks.html", pid = pid, pname2 = currRow["Product_Name"], pdesc2 = currRow["Product_Description"], pprice2 = currRow["Price"], rows = newRows)       
            con.close()
    else: #If "Update" button is pressed
        try:         
            pname = request.form["pname2"] #Get entered product name
            pdesc = request.form["pdesc2"] #Get entered product description
            pprice = request.form["pprice2"] #Get entered product price

            cur.execute("update ProductTB set Product_Name=?, Product_Description=?, Price=? where Product_ID = ?", (pname, pdesc, pprice, pid)) #Update the values in the tables
            con.commit()
            msg = "Product successfully updated"
        except:
            con.rollback()
            msg = "Please check the details again." 
        finally:
            #Update the rows
            cur.execute("select * from ProductTB") #Select everything in the table
            newRows = cur.fetchall() #Get all the rows
            
            return render_template("stocks.html", rows = newRows, msg = msg)  #Go to stocks.html with the rows
            con.close()

This time, it checks whether the user wanted to get the details of a product or update a product, if the user just wants to get the details it simply grabs the entered product ID which is used to get the row containing that specific ID, which is then passed back onto the "stocks.html" page onto the form's fields, where if a user changes one of those fields and presses "Update" instead, it gets those fields again assumingly that they are updated which gets set into the specified row using the entered ID once again.

<h4>Deleting a product</h4>

Deleting a product on the other hand is much simpler and it is shown below.

In [None]:
#When in '/deleteProduct' directory
@app.route("/deleteProduct", methods = ["POST"])   
def deleteP():
    con = sqlite3.connect("data/database.db") #Connect to database
    con.row_factory = sqlite3.Row #Converts the plain tuple to a more useful object
    cur = con.cursor() 
    cur.execute("PRAGMA foreign_keys = ON") #Enable foreign keys
    msg = "msg"
    pid = request.form["pid2"] #Get the entered product ID
    try:   
        cur.execute("delete from ProductTB where Product_ID = ?", (pid,)) #Delete the rows containing the id 
        con.commit()
        msg = "Product successfully deleted"  
    except:  
        con.rollback() 
        msg = "Product can't be deleted"
    finally:  
        #Update the rows
        cur.execute("select * from ProductTB") #Select everything in the table
        newRows = cur.fetchall() #Get all the rows

        return render_template("stocks.html",msg = msg, rows = newRows) #Go to stocks.html page with the message and the rows
        con.close()

You can see that after it connects to the database, it gets the data the user has entered, the user will only have one field which is the product ID, and that ID gets passed down here and executes an SQL statement that deletes any row that contains that ID, and then it finally refreshes the list of products as it returns to the "stocks.html" page.

<h3>Managing customers</h3>

As previously mentioned, when going into the customers page, it should allow you to either manage the customers or make orders, the file "forcustomers.html" is shown below.

You can see that there's two links, meaning that there needs to be two new routes, and the route for managing customers is  shown below.

In [None]:
#When in '/customers' directory
@app.route("/customers")
def customers():
    con = sqlite3.connect("data/database.db") #Connect to database
    con.row_factory = sqlite3.Row #Converts the plain tuple to a more useful object
    cur = con.cursor()  
    cur.execute("PRAGMA foreign_keys = ON") #Enable foreign keys
    cur.execute("select * from CustomerTB") #Select everything in the table
    rows = cur.fetchall() #Get all the rows
    
    return render_template("customers.html", msg = "", rows = rows)  #Go to customer.html with the rows

Like previously, visiting the customer page loads the customer table by getting all their rows, it then goes to their pages where it displays those tables row by row.

The page, "customers.html" for managing the customers, is shown below.

The variables that gets passed onto the file are indicated by curly brackets, an example of this is the line containing "{{msg}}", this stores the result of each action to indicate whether it was successful or not.

<h4>Adding a customer</h4>

One of the actions is adding a customer, you can see that upon submitting the form for adding a customer it goes to the route "/addCustomer", that directs the user to the following route.

In [None]:
#When in '/addCustomer' directory
@app.route("/addCustomer", methods = ["POST"])
def saveC():
    con = sqlite3.connect("data/database.db") #Connect to database
    con.row_factory = sqlite3.Row #Converts the plain tuple to a more useful object
    cur = con.cursor()
    cur.execute("PRAGMA foreign_keys = ON") #Enable foreign keys
    msg = "msg"
    if (request.method == "POST"): #If the user submits data
        try:  
            cname = request.form["cname"]  #Get entered customer name

            cur.execute("INSERT into CustomerTB (Customer_Name) values (?)", (cname,)) #Add the user's data  
            con.commit()  
            msg = "Customer successfully added"
        except:
            con.rollback()
            msg = "Please check the details again."  
        finally:  
            #Update the rows
            cur.execute("select * from CustomerTB") #Select everything in the table
            newRows = cur.fetchall() #Get all the rows
            
            return render_template("customers.html",msg = msg, rows = newRows)  #Go to customers.html page with the message and the rows
            con.close()

You can see that it gets the user's data which is used to get the inputted the customer name, this is then used to create a new row in the customer table and it returns the new set of rows back into the "customers.html" page.

<h4>Updating a customer</h4>

There's another form for updating the customers, that route is shown below.

In [None]:
#When in '/updateCustomer' directory
@app.route("/updateCustomer", methods = ["POST"])  
def updateC():  
    con = sqlite3.connect("data/database.db") #Connect to database
    con.row_factory = sqlite3.Row #Converts the plain tuple to a more useful object
    cur = con.cursor()  
    cur.execute("PRAGMA foreign_keys = ON") #Enable foreign keys    
    cid = request.form["cid"] #Get entered customer ID
    
    newRows = [0, 0, 0, 0] #Default row values
    msg = "msg"
    
    if (request.form['submit'] == "Get details"): #If "Get details" button is pressed
        try:  
            cur.execute("select * from CustomerTB where Customer_ID = ?", (cid,)) #Select all the values in the table with the rows with the id
            rows = cur.fetchall() #Get all rows (Will only return 1)
            currRow = rows[0] #Get first row
        
            msg = ""
        except:
            con.rollback()
            msg = "Please check the details again." 
        finally:  
            #Update the rows
            cur.execute("select * from CustomerTB") #Select everything in the table
            newRows = cur.fetchall() #Get all the rows
            
            #Pass all the column values
            return render_template("customers.html", cid = cid, cname2 = currRow["Customer_Name"], rows = newRows)       
            con.close()
    else: #If "Update" button is pressed
        try:         
            cname = request.form["cname2"] #Get entered customer name

            cur.execute("update CustomerTB set Customer_Name=? where Customer_ID = ?", (cname, cid)) #Update the values in the tables
            con.commit() 
            msg = "Customer successfully updated"
        except:
            con.rollback()
            msg = "Please check the details again." 
        finally:
            #Update the rows
            cur.execute("select * from CustomerTB") #Select everything in the table
            newRows = cur.fetchall() #Get all the rows
            
            return render_template("customers.html", rows = newRows, msg = msg)  #Go to stocks.html with the rows
            con.close()

After it connects to the database, it gets the user's inputted customer ID, which is used to return the customer row containing that ID onto the same page when the user wants to retrieve that customer's details. If the user updates that row containing that customer ID, it grabs the entered input for the new name of that customer and sets it after retrieving it from the table using the entered ID, and then at the end it'll display the new rows with the updated details.

<h4>Deleting a customer</h4>

To delete a customer, the process is similar but much simpler, it is shown below.

In [None]:
#When in '/deleteCustomer' directory
@app.route("/deleteCustomer", methods = ["POST"])   
def deleteC():
    con = sqlite3.connect("data/database.db") #Connect to database
    con.row_factory = sqlite3.Row #Converts the plain tuple to a more useful object
    cur = con.cursor() 
    cur.execute("PRAGMA foreign_keys = ON") #Enable foreign keys
    msg = "msg"
    cid = request.form["cid2"] #Get entered customer ID
    try:   
        cur.execute("delete from CustomerTB where Customer_ID = ?", (cid,)) #Delete the rows containing the id  
        con.commit() 
        msg = "Customer successfully deleted"  
    except:  
        con.rollback() 
        msg = "Customer can't be deleted"
    finally:  
        #Update the rows
        cur.execute("select * from CustomerTB") #Select everything in the table
        newRows = cur.fetchall() #Get all the rows

        return render_template("customers.html",msg = msg, rows = newRows) #Go to stocks.html page with the message and the rows
        con.close()

This connects to the database and retrieved the row in the customer table containing the customer ID the user entered and deletes it, and then updates the rows and displays it onto the same page.

<h3>Managing orders</h3>

Now that you have made use of both the product table and the customer table, all that's left is making orders by using them, but to do that, we must also make use of the order table and suborder table which have yet to be used, for this we will create the second round which is for orders as shown below.

In [None]:
#When in '/order' directory
@app.route("/order")
def order():
    #Update the rows
    con = sqlite3.connect("data/database.db") #Connect to database
    con.row_factory = sqlite3.Row #Converts the plain tuple to a more useful object
    cur = con.cursor()  
    cur.execute("PRAGMA foreign_keys = ON") #Enable foreign keys
    cur.execute("select * from OrderTBLE") #Select everything in the table
    rows = cur.fetchall() #Get all the rows
    cur.execute("select * from SuborderTB") #Select everything in the table
    subRows = cur.fetchall() #Get all the rows
            
    return render_template("order.html", msg = "", rows = rows, subrows = subRows)  #Go to order.html with the rows

Then, a separate page is also made but it is very similar to creating customers as shown below for the file "order.html"

You can see that it also has three forms with a table to show all the rows in the order table, but there's another table, which is the suborder table, this contains all the details about each order, speaking of this, you'll also notice something different, when updating an order, only the details are updated and not the actual order it self as the actual order references the details by using the order ID as a foreign key.

It also automatically gets the current date/time to be used for the order date.

<h4>Adding an order</h4>

The cell below shows how an order is added after the user is directed to the specified directory.

In [None]:
#When in '/addOrder' directory
@app.route("/addOrder", methods = ["POST"])
def saveO():
    con = sqlite3.connect("data/database.db") #Connect to database
    con.row_factory = sqlite3.Row #Converts the plain tuple to a more useful object
    cur = con.cursor()
    cur.execute("PRAGMA foreign_keys = ON") #Enable foreign keys
    msg = "msg"
    
    if (request.method == "POST"): #If the user submits data
        try:
            cid = request.form["cid"] #Get entered customer ID
            odate = request.form["odate"]  #Get entered order date

            print("CID: ", cid)
            print("ODATE: ", odate)
            
            cur.execute("INSERT into OrderTBLE (Customer_ID, Order_Date) values (?, ?)", (cid, odate)) #Add the user's data
    
            con.commit()  
            
            msg = "Order successfully added"
        except:
            con.rollback()
            msg = "Please check the details again."
        finally:
            #Update the rows
            cur.execute("select * from OrderTBLE") #Select everything in the table
            rows = cur.fetchall() #Get all the rows
            cur.execute("select * from SuborderTB") #Select everything in the table
            subRows = cur.fetchall() #Get all the rows
            
            return render_template("order.html",msg = msg, rows = rows, subrows = subRows)  #Go to order.html page with the message and the rows
            con.close()

This gets the automatically generated date as well as the user's given customer ID and uses the two to create a new row in the order table.

At the end, it refreshes the two tables for the orders and the suborders and loads them into the same page, and the following cell shows the creation of a suborder.

In [None]:
#When in '/addSuborder' directory
@app.route("/addSuborder", methods = ["POST"])
def saveS():
    con = sqlite3.connect("data/database.db") #Connect to database
    con.row_factory = sqlite3.Row #Converts the plain tuple to a more useful object
    cur = con.cursor()
    cur.execute("PRAGMA foreign_keys = ON") #Enable foreign keys
    msg = "msg"
    
    if (request.method == "POST"): #If the user submits data
        try:
            oid = request.form["oid"] #Get entered order ID
            pid = request.form["pid"] #Get entered product ID
            oquantity = int(request.form["oquantity"]) #Get entered order quantity
    
            cur.execute("select * from ProductTB where Product_ID = ?", (pid,)) #Select all the values in the table with the rows with the id
            priceRows = cur.fetchall() #Get all rows (Will only return 1)
            priceRow = priceRows[0] #Get first row

            osubtotal = priceRow["Price"] * oquantity #Calculate the subtotal

            cur.execute("INSERT into SuborderTB (Order_ID, Product_ID, Quantity, Subtotal) values (?, ?, ?, ?)", (oid, pid, oquantity, osubtotal))
            cur.execute("UPDATE OrderTBLE SET TOTAL=(SELECT SUM(Subtotal) FROM SuborderTB WHERE SuborderTB.Order_ID=OrderTBLE.Order_ID)") #Calculate the total
            
            con.commit()  
            
            msg = "Suborder successfully added"
        except:
            con.rollback()
            msg = "Please check the details again."
        finally:
            #Update the rows
            cur.execute("select * from OrderTBLE") #Select everything in the table
            rows = cur.fetchall() #Get all the rows
            cur.execute("select * from SuborderTB") #Select everything in the table
            subRows = cur.fetchall() #Get all the rows
            
            return render_template("order.html",msg = msg, rows = rows, subrows = subRows)  #Go to order.html page with the message and the rows
            con.close()

You can see that the user's given product id is then used to select the row of the product to calculate the subtotal of the suborder using the quantity and the price of the product, which is then summed later together to form the grand total for the order.

The way the grand total for each order is calculated is by summing up all the subtotals using the corresponding order ID in the order and the suborder table.

<h4>Updating an order</h4>

Now that we can add orders, we will also add a feature to update their orders, this will be done differently also in a different route, and we will be using two tables at once.

In [None]:
#When in '/updateSuborder' directory
@app.route("/updateSuborder", methods = ["POST"])  
def updateS():  
    con = sqlite3.connect("data/database.db") #Connect to database
    con.row_factory = sqlite3.Row #Converts the plain tuple to a more useful object
    cur = con.cursor()  
    cur.execute("PRAGMA foreign_keys = ON") #Enable foreign keys
    sid = request.form["sid"]  #Get entered suborder ID
    pid = request.form["pid2"] #Get entered product ID
    
    newRows = [0, 0, 0, 0] #Default row values
    currRow = [0, 0, 0, 0] #Default row values
    msg = "msg"
    
    if (request.form['submit'] == "Get details"): #If "Get details" button is pressed
        try:  
            cur.execute("select * from SuborderTB where Suborder_ID = ?", (sid,)) #Select all the values in the table with the rows with the id
            rows = cur.fetchall() #Get all rows (Will only return 1)
            currRow = rows[0] #Get first row
        
            msg = ""
        except:
            con.rollback()
            msg = "Please check the details again." 
        finally:  
            #Update the rows
            cur.execute("select * from OrderTBLE") #Select everything in the table
            rows = cur.fetchall() #Get all the rows
            cur.execute("select * from SuborderTB") #Select everything in the table
            subRows = cur.fetchall() #Get all the rows
            
            #Pass all the column values
            return render_template("order.html", sid = sid, pid2 = currRow["Product_ID"], oquantity2 = currRow["Quantity"], osubtotal = currRow["Subtotal"], rows = rows, subrows = subRows)       
            con.close()
    else: #If "Update" button is pressed
        try:         
            oquantity = int(request.form["oquantity2"]) #Get entered order quantity
    
            cur.execute("select * from ProductTB where Product_ID = ?", (pid,)) #Select all the values in the table with the rows with the id
            priceRows = cur.fetchall() #Get all rows (Will only return 1)
            priceRow = priceRows[0] #Get first row

            osubtotal = priceRow["Price"] * oquantity #Calculate the subtotal
            
            cur.execute("update SuborderTB set Product_ID=?, Quantity=?, Subtotal=? where Suborder_ID=? ", (pid, oquantity, osubtotal, sid)) #Update the values in the tables
            cur.execute("UPDATE OrderTBLE SET TOTAL=(SELECT SUM(Subtotal) FROM SuborderTB WHERE SuborderTB.Order_ID=OrderTBLE.Order_ID)") #Calculate the total
            con.commit() 
            msg = "Suborder successfully updated"
        except:
            con.rollback()
            msg = "Please check the details again." 
        finally:
            #Update the rows
            cur.execute("select * from OrderTBLE") #Select everything in the table
            rows = cur.fetchall() #Get all the rows
            cur.execute("select * from SuborderTB") #Select everything in the table
            subRows = cur.fetchall() #Get all the rows
            
            return render_template("order.html", rows = rows, subrows = subRows, msg = msg)  #Go to order.html with the rows
            con.close()

There's a lot going on with updating an order, however, what you need to know is that there's two paths; one for getting the details and the other for updating, either way it'd go back to the "order.html" page where it displays the order and the suborder table with their rows refreshed. 

Getting details simply uses the suborder ID to get all the details about that order from the suborder table as it contains all the data and so the row contnaining the suborder ID is retrieved for it.

For updating, the price of the product is retrieved from the product table using its ID and then multiplied by the quantity the user enters. This subtotal is not modifiable by the user as it is automatically calculated for the orders, however it still displays it when getting the details or updating.

<h4>Deleting an order</h4>

We may wanna delete an order that we have made, and so the third form will go to another route as shown below, finish this cell so that you can delete from both the order and the suborder table using just the order ID.

<b>You must complete this step before moving to the next</b>

In [None]:
#When in '/deleteOrder' directory
@app.route("/deleteOrder", methods = ["POST"])   
def deleteO():
    con = sqlite3.connect("data/database.db") #Connect to database
    con.row_factory = sqlite3.Row #Converts the plain tuple to a more useful object
    cur = con.cursor() 
    msg = "msg"
    oid = request.form["oid2"] #Get entered order ID
    try:   

        con.commit() 
        msg = "Order successfully deleted"  
    except:  
        con.rollback() 
        msg = "Order can't be deleted"
    finally:   
        #Update the rows
        cur.execute("select * from OrderTBLE") #Select everything in the table
        rows = cur.fetchall() #Get all the rows
        cur.execute("select * from SuborderTB") #Select everything in the table
        subRows = cur.fetchall() #Get all the rows

        return render_template("order.html",msg = msg, rows = rows, subrows = subRows) #Go to order.html page with the message and the rows
        con.close()

<b>Double click for the solution</b>

<!--
#When in '/deleteOrder' directory
@app.route("/deleteOrder", methods = ["POST"])   
def deleteO():
    con = sqlite3.connect("data/database.db") #Connect to database
    con.row_factory = sqlite3.Row #Converts the plain tuple to a more useful object
    cur = con.cursor() 
    #cur.execute("PRAGMA foreign_keys = ON") #Enable foreign keys
    msg = "msg"
    oid = request.form["oid2"] #Get entered order ID
    try:   
        cur.execute("delete from OrderTBLE where Order_ID = ?", (oid,)) #Delete the rows containing the id  
        cur.execute("delete from SuborderTB where Order_ID = ?", (oid,)) #Delete the rows containing the id  
        con.commit() 
        msg = "Order successfully deleted"  
    except:  
        con.rollback() 
        msg = "Order can't be deleted"
    finally:   
        #Update the rows
        cur.execute("select * from OrderTBLE") #Select everything in the table
        rows = cur.fetchall() #Get all the rows
        cur.execute("select * from SuborderTB") #Select everything in the table
        subRows = cur.fetchall() #Get all the rows

        return render_template("order.html",msg = msg, rows = rows, subrows = subRows) #Go to order.html page with the message and the rows
        con.close()
-->

This simply retrieves the order row using the entered order ID and deletes it, however this time, it uses both the order and the suborder table, which means that even if there's more than one suborders for one order, it'll all be deleted, and then both tables will be refreshed as it goes back into the same page.

<h3>Running the Flask database and testing it</h3>

Once you feel like you've done everything correctly, you can run it on a local server to see it for yourself, check the cell below.

In [None]:
if (__name__ == '__main__'):
    create_table() #Create the table
    app.run()

If everything is correct, you should have the correct pages on the correct routes and you should be able to create products and customers and use them to create orders on the web application.

<h3>The end</h3>

This concludes notebook 8, and by now you should have more experience in using the Flask library as well as handling HTTP requests for sending and retrieving data, and also some SQL knowledge for database control, and so you should now also be able to apply these procedures when building similar web applications or databases.