Update app.py

app.py

@@ -1,4 +1,5 @@
 import os
+import sqlite3
 import json
 from flask import Flask, render_template, request, redirect, url_for, abort
 from datasets import load_dataset
@@ -8,6 +9,137 @@ from werkzeug.security import generate_password_hash, check_password_hash
 app = Flask(__name__)
 auth = HTTPBasicAuth()
 
+# Hàm kết nối với SQLite
+def get_db_connection():
+    conn = sqlite3.connect('/app/database.db')
+    conn.row_factory = sqlite3.Row  # Để trả về dữ liệu dưới dạng dictionary
+    return conn
+
+# Tạo các bảng nếu chưa tồn tại
+def init_db():
+    conn = get_db_connection()
+    cursor = conn.cursor()
+
+    # Tạo bảng case_studies
+    cursor.execute('''
+        CREATE TABLE IF NOT EXISTS case_studies (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            title TEXT NOT NULL,
+            treatment TEXT,
+            description TEXT,
+            before_image TEXT,
+            after_image TEXT,
+            patient_name TEXT,
+            patient_age TEXT,
+            patient_rating TEXT DEFAULT '5',
+            patient_avatar TEXT,
+            status TEXT DEFAULT 'draft',
+            date TEXT,
+            duration TEXT,
+            visits TEXT,
+            case_id TEXT,
+            seo_title TEXT,
+            seo_description TEXT,
+            seo_keywords TEXT,
+            category TEXT,
+            tag TEXT
+        )
+    ''')
+
+    # Tạo bảng our_story
+    cursor.execute('''
+        CREATE TABLE IF NOT EXISTS our_story (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            history TEXT NOT NULL
+        )
+    ''')
+
+    # Tạo bảng timeline
+    cursor.execute('''
+        CREATE TABLE IF NOT EXISTS timeline (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            year TEXT NOT NULL,
+            title TEXT NOT NULL,
+            description TEXT NOT NULL
+        )
+    ''')
+
+    # Tạo bảng mission_values
+    cursor.execute('''
+        CREATE TABLE IF NOT EXISTS mission_values (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            title TEXT NOT NULL,
+            icon TEXT,
+            description TEXT NOT NULL
+        )
+    ''')
+
+    # Tạo bảng team
+    cursor.execute('''
+        CREATE TABLE IF NOT EXISTS team (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            name TEXT NOT NULL,
+            specialty TEXT NOT NULL,
+            photo TEXT,
+            description TEXT,
+            facebook_url TEXT,
+            linkedin_url TEXT,
+            instagram_url TEXT
+        )
+    ''')
+
+    # Tạo bảng technologies
+    cursor.execute('''
+        CREATE TABLE IF NOT EXISTS technologies (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            title TEXT NOT NULL,
+            description TEXT NOT NULL,
+            icon TEXT,
+            image TEXT
+        )
+    ''')
+
+    # Tạo bảng testimonials
+    cursor.execute('''
+        CREATE TABLE IF NOT EXISTS testimonials (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            patient_name TEXT NOT NULL,
+            treatment_type TEXT NOT NULL,
+            avatar TEXT,
+            content TEXT NOT NULL,
+            rating INTEGER DEFAULT 5
+        )
+    ''')
+
+    # Tạo bảng contact_info
+    cursor.execute('''
+        CREATE TABLE IF NOT EXISTS contact_info (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            address TEXT NOT NULL,
+            phone TEXT NOT NULL,
+            email TEXT NOT NULL,
+            working_hours_mon_fri TEXT,
+            working_hours_sat TEXT,
+            working_hours_sun TEXT,
+            map_iframe TEXT
+        )
+    ''')
+
+    # Tạo bảng faqs
+    cursor.execute('''
+        CREATE TABLE IF NOT EXISTS faqs (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            question TEXT NOT NULL,
+            answer TEXT NOT NULL
+        )
+    ''')
+
+    conn.commit()
+    conn.close()
+
+# Gọi hàm init_db khi ứng dụng khởi động
+init_db()
+
 # Thiết lập thư mục cache cho Hugging Face
 os.environ["HF_HOME"] = "/app/hf_cache"
 os.environ["HF_DATASETS_CACHE"] = "/app/hf_cache/datasets"
@@ -76,19 +208,48 @@ def index():
 # Route cho trang thư viện
 @app.route('/thuvien')
 def thuvien():
-    cases = data['case_studies']
-    return render_template('thuvien.html', cases=cases)
+    conn = get_db_connection()
+    cursor = conn.cursor()
+
+    # Lấy danh sách case studies
+    cursor.execute('SELECT * FROM case_studies')
+    gallery = [dict(row) for row in cursor.fetchall()]
+
+    # Lấy danh sách testimonials
+    cursor.execute('SELECT * FROM testimonials')
+    testimonials = [dict(row) for row in cursor.fetchall()]
+
+    # Lấy thông tin liên hệ
+    cursor.execute('SELECT * FROM contact_info LIMIT 1')
+    contact_info = cursor.fetchone()
+    contact_info = dict(contact_info) if contact_info else {}
+
+    conn.close()
+    return render_template('thuvien.html', gallery=gallery, testimonials=testimonials, contact_info=contact_info)
 
 # Route cho trang before/after
 @app.route('/bfat', defaults={'case_id': None})
 @app.route('/bfat/<int:case_id>')
 def bfat(case_id):
-    cases = data['case_studies']
+    conn = get_db_connection()
+    cursor = conn.cursor()
+
+    # Lấy danh sách case studies
+    cursor.execute('SELECT * FROM case_studies')
+    cases = [dict(row) for row in cursor.fetchall()]
+
     if case_id is not None:
-        selected_case = next((c for c in cases if c['id'] == case_id), None)
+        # Tìm case study theo ID
+        cursor.execute('SELECT * FROM case_studies WHERE id = ?', (case_id,))
+        selected_case = cursor.fetchone()
         if not selected_case:
+            conn.close()
             abort(404)
+        selected_case = dict(selected_case)
+        conn.close()
         return render_template('bfat.html', cases=cases, selected_case=selected_case)
+    
+    conn.close()
     return render_template('bfat.html', cases=cases, selected_case=None)
 
 # Route cho trang dịch vụ
@@ -96,10 +257,22 @@ def bfat(case_id):
 def dichvu():
     return render_template('dichvu.html')
 
-# Route cho trang liên hệ
 @app.route('/lienhe')
 def lienhe():
-    return render_template('lienhe.html')
+    conn = get_db_connection()
+    cursor = conn.cursor()
+
+    # Lấy thông tin liên hệ
+    cursor.execute('SELECT * FROM contact_info LIMIT 1')
+    contact_info = cursor.fetchone()
+    contact_info = dict(contact_info) if contact_info else {}
+
+    # Lấy danh sách FAQ
+    cursor.execute('SELECT * FROM faqs')
+    faqs = [dict(row) for row in cursor.fetchall()]
+
+    conn.close()
+    return render_template('lienhe.html', contact_info=contact_info, faqs=faqs)
 
 # Route cho trang blog
 @app.route('/blog')
@@ -113,10 +286,39 @@ def bloglist():
     posts = data['blog_posts']
     return render_template('bloglist.html', posts=posts)
 
-# Route cho trang về chúng tôi
 @app.route('/vechungtoi')
 def vechungtoi():
-    return render_template('vechungtoi.html')
+    conn = get_db_connection()
+    cursor = conn.cursor()
+
+    # Lấy dữ liệu cho "Câu chuyện của chúng tôi"
+    cursor.execute('SELECT * FROM our_story LIMIT 1')
+    our_story = cursor.fetchone()
+    our_story = dict(our_story) if our_story else {}
+
+    # Lấy dòng thời gian
+    cursor.execute('SELECT * FROM timeline ORDER BY year ASC')
+    timeline = [dict(row) for row in cursor.fetchall()]
+
+    # Lấy dữ liệu "Sứ mệnh & Giá trị"
+    cursor.execute('SELECT * FROM mission_values')
+    mission_values = [dict(row) for row in cursor.fetchall()]
+
+    # Lấy danh sách bác sĩ
+    cursor.execute('SELECT * FROM team')
+    team = [dict(row) for row in cursor.fetchall()]
+
+    # Lấy danh sách công nghệ
+    cursor.execute('SELECT * FROM technologies')
+    technologies = [dict(row) for row in cursor.fetchall()]
+
+    # Lấy thông tin liên hệ
+    cursor.execute('SELECT * FROM contact_info LIMIT 1')
+    contact_info = cursor.fetchone()
+    contact_info = dict(contact_info) if contact_info else {}
+
+    conn.close()
+    return render_template('vechungtoi.html', our_story=our_story, timeline=timeline, mission_values=mission_values, team=team, technologies=technologies, contact_info=contact_info)
 
 # Route cho trang hành trình khách hàng
 @app.route('/hanhtrinhkh')
@@ -137,31 +339,49 @@ def cms():
 def add_case():
     if not check_auth():
         abort(401)
-    cases = data['case_studies']  # Thêm dòng này để lấy danh sách cases
+    
+    conn = get_db_connection()
+    cursor = conn.cursor()
+
+    # Lấy danh sách case studies
+    cursor.execute('SELECT * FROM case_studies')
+    cases = [dict(row) for row in cursor.fetchall()]
+
     if request.method == 'POST':
-        new_case = {
-            "id": len(data['case_studies']) + 1,
-            "title": request.form['case-title'],
-            "treatment": request.form['case-treatment'],
-            "description": request.form['case-description'],
-            "before_image": request.form.get('case-before-image', ''),
-            "after_image": request.form.get('case-after-image', ''),
-            "patient_name": request.form.get('case-patient-name', ''),
-            "patient_age": request.form.get('case-patient-age', ''),
-            "patient_rating": request.form.get('case-patient-rating', '5'),
-            "patient_avatar": request.form.get('case-patient-avatar', ''),
-            "status": request.form.get('case-status', 'draft'),
-            "date": request.form.get('case-date', ''),
-            "duration": request.form.get('case-duration', ''),
-            "visits": request.form.get('case-visits', ''),
-            "case_id": request.form.get('case-id', ''),
-            "seo_title": request.form.get('case-seo-title', ''),
-            "seo_description": request.form.get('case-seo-description', ''),
-            "seo_keywords": request.form.get('case-seo-keywords', '')
-        }
-        data['case_studies'].append(new_case)
-        save_data(data)
+        # Tạo case study mới
+        cursor.execute('''
+            INSERT INTO case_studies (
+                title, treatment, description, before_image, after_image,
+                patient_name, patient_age, patient_rating, patient_avatar,
+                status, date, duration, visits, case_id,
+                seo_title, seo_description, seo_keywords, category, tag
+            ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+        ''', (
+            request.form['case-title'],
+            request.form['case-treatment'],
+            request.form['case-description'],
+            request.form.get('case-before-image', ''),
+            request.form.get('case-after-image', ''),
+            request.form.get('case-patient-name', ''),
+            request.form.get('case-patient-age', ''),
+            request.form.get('case-patient-rating', '5'),
+            request.form.get('case-patient-avatar', ''),
+            request.form.get('case-status', 'draft'),
+            request.form.get('case-date', ''),
+            request.form.get('case-duration', ''),
+            request.form.get('case-visits', ''),
+            request.form.get('case-id', ''),
+            request.form.get('case-seo-title', ''),
+            request.form.get('case-seo-description', ''),
+            request.form.get('case-seo-keywords', ''),
+            request.form.get('case-category', ''),  # Thêm category
+            request.form.get('case-tag', '')       # Thêm tag
+        ))
+        conn.commit()
+        conn.close()
         return redirect(url_for('cms'))
+
+    conn.close()
     return render_template('cms.html', section='case-editor-section', case=None, cases=cases)
 
 # Route để chỉnh sửa case study
@@ -169,30 +389,59 @@ def add_case():
 def edit_case(id):
     if not check_auth():
         abort(401)
-    cases = data['case_studies']  # Thêm dòng này
-    case = next((c for c in cases if c['id'] == id), None)
+    
+    conn = get_db_connection()
+    cursor = conn.cursor()
+
+    # Lấy danh sách case studies
+    cursor.execute('SELECT * FROM case_studies')
+    cases = [dict(row) for row in cursor.fetchall()]
+
+    # Tìm case study theo ID
+    cursor.execute('SELECT * FROM case_studies WHERE id = ?', (id,))
+    case = cursor.fetchone()
     if not case:
+        conn.close()
         return "Case not found", 404
+
+    case = dict(case)
+
     if request.method == 'POST':
-        case['title'] = request.form['case-title']
-        case['treatment'] = request.form['case-treatment']
-        case['description'] = request.form['case-description']
-        case['before_image'] = request.form.get('case-before-image', '')
-        case['after_image'] = request.form.get('case-after-image', '')
-        case['patient_name'] = request.form.get('case-patient-name', '')
-        case['patient_age'] = request.form.get('case-patient-age', '')
-        case['patient_rating'] = request.form.get('case-patient-rating', '5')
-        case['patient_avatar'] = request.form.get('case-patient-avatar', '')
-        case['status'] = request.form.get('case-status', 'draft')
-        case['date'] = request.form.get('case-date', '')
-        case['duration'] = request.form.get('case-duration', '')
-        case['visits'] = request.form.get('case-visits', '')
-        case['case_id'] = request.form.get('case-id', '')
-        case['seo_title'] = request.form.get('case-seo-title', '')
-        case['seo_description'] = request.form.get('case-seo-description', '')
-        case['seo_keywords'] = request.form.get('case-seo-keywords', '')
-        save_data(data)
+        # Cập nhật case study
+        cursor.execute('''
+            UPDATE case_studies
+            SET title = ?, treatment = ?, description = ?, before_image = ?, after_image = ?,
+                patient_name = ?, patient_age = ?, patient_rating = ?, patient_avatar = ?,
+                status = ?, date = ?, duration = ?, visits = ?, case_id = ?,
+                seo_title = ?, seo_description = ?, seo_keywords = ?, category = ?, tag = ?
+            WHERE id = ?
+        ''', (
+            request.form['case-title'],
+            request.form['case-treatment'],
+            request.form['case-description'],
+            request.form.get('case-before-image', ''),
+            request.form.get('case-after-image', ''),
+            request.form.get('case-patient-name', ''),
+            request.form.get('case-patient-age', ''),
+            request.form.get('case-patient-rating', '5'),
+            request.form.get('case-patient-avatar', ''),
+            request.form.get('case-status', 'draft'),
+            request.form.get('case-date', ''),
+            request.form.get('case-duration', ''),
+            request.form.get('case-visits', ''),
+            request.form.get('case-id', ''),
+            request.form.get('case-seo-title', ''),
+            request.form.get('case-seo-description', ''),
+            request.form.get('case-seo-keywords', ''),
+            request.form.get('case-category', ''),
+            request.form.get('case-tag', ''),
+            id
+        ))
+        conn.commit()
+        conn.close()
         return redirect(url_for('cms'))
+
+    conn.close()
     return render_template('cms.html', section='case-editor-section', case=case, cases=cases)
 
 # Route để xóa case study
@@ -200,10 +449,111 @@ def edit_case(id):
 def delete_case(id):
     if not check_auth():
         abort(401)
-    data['case_studies'] = [c for c in data['case_studies'] if c['id'] != id]
-    save_data(data)
+    
+    conn = get_db_connection()
+    cursor = conn.cursor()
+
+    # Xóa case study
+    cursor.execute('DELETE FROM case_studies WHERE id = ?', (id,))
+    conn.commit()
+    conn.close()
+    
     return redirect(url_for('cms'))
 
+# Route hiển thị danh sách bác sĩ trong CMS
+@app.route('/cms/team')
+def cms_team():
+    if not check_auth():
+        abort(401)
+    
+    conn = get_db_connection()
+    cursor = conn.cursor()
+    cursor.execute('SELECT * FROM team')
+    team = [dict(row) for row in cursor.fetchall()]
+    conn.close()
+    
+    return render_template('cms.html', section='team-section', team=team)
+
+# Route thêm bác sĩ mới
+@app.route('/cms/team/new', methods=['GET', 'POST'])
+def add_team_member():
+    if not check_auth():
+        abort(401)
+    
+    conn = get_db_connection()
+    cursor = conn.cursor()
+
+    if request.method == 'POST':
+        cursor.execute('''
+            INSERT INTO team (name, specialty, photo, description, facebook_url, linkedin_url, instagram_url)
+            VALUES (?, ?, ?, ?, ?, ?, ?)
+        ''', (
+            request.form['name'],
+            request.form['specialty'],
+            request.form.get('photo', ''),
+            request.form.get('description', ''),
+            request.form.get('facebook_url', '#'),
+            request.form.get('linkedin_url', '#'),
+            request.form.get('instagram_url', '#')
+        ))
+        conn.commit()
+        conn.close()
+        return redirect(url_for('cms_team'))
+    
+    conn.close()
+    return render_template('cms.html', section='team-editor-section', member=None)
+
+# Route sửa bác sĩ
+@app.route('/cms/team/edit/<int:id>', methods=['GET', 'POST'])
+def edit_team_member(id):
+    if not check_auth():
+        abort(401)
+    
+    conn = get_db_connection()
+    cursor = conn.cursor()
+
+    cursor.execute('SELECT * FROM team WHERE id = ?', (id,))
+    member = cursor.fetchone()
+    if not member:
+        conn.close()
+        return "Team member not found", 404
+    member = dict(member)
+
+    if request.method == 'POST':
+        cursor.execute('''
+            UPDATE team
+            SET name = ?, specialty = ?, photo = ?, description = ?, facebook_url = ?, linkedin_url = ?, instagram_url = ?
+            WHERE id = ?
+        ''', (
+            request.form['name'],
+            request.form['specialty'],
+            request.form.get('photo', ''),
+            request.form.get('description', ''),
+            request.form.get('facebook_url', '#'),
+            request.form.get('linkedin_url', '#'),
+            request.form.get('instagram_url', '#'),
+            id
+        ))
+        conn.commit()
+        conn.close()
+        return redirect(url_for('cms_team'))
+    
+    conn.close()
+    return render_template('cms.html', section='team-editor-section', member=member)
+
+# Route xóa bác sĩ
+@app.route('/cms/team/delete/<int:id>')
+def delete_team_member(id):
+    if not check_auth():
+        abort(401)
+    
+    conn = get_db_connection()
+    cursor = conn.cursor()
+    cursor.execute('DELETE FROM team WHERE id = ?', (id,))
+    conn.commit()
+    conn.close()
+    return redirect(url_for('cms_team'))
+
 # Xử lý lỗi 401
 @app.errorhandler(401)
 def unauthorized(e):