def login(): try: errorLog = '' errorReg = '' formLog = LoginForm(request.form) formReg = RegistrationForm(request.form) if request.method == "POST": #print "Hello" username = formLog.username.data password = formLog.password.data #print username, password c, conn = connection() data = c.execute("SELECT * FROM users WHERE username = (%s)",(thwart(username))) data = c.fetchone()[2] uid = c.execute("SELECT * FROM users WHERE username = (%s)",(thwart(username))) uid = c.fetchone()[0] #print "hello",data, uid #print "Hello" if sha256_crypt.verify(password, data): session['uid'] = uid session['logged_in'] = True session['username'] = username gc.collect() return redirect(url_for("news")) #return render_template("test.html", username = session["username"], loggedIn = session["logged_in"]) else: errorLog = "Invalid Credentials" return render_template('home.html', formLog = formLog, formReg = formReg, errorLog = errorLog, errorReg = errorReg) except Exception as e: errorLog = "Invalid credentials" return render_template ("home.html", formLog = formLog, formReg = formReg, errorLog = errorLog, errorReg = errorReg)
def forgot_password(): form = ForgotPasswordForm() if request.method == "POST" and form.validate_on_submit(): username = form.username.data security_question = form.security_question.data new_password = form.new_password.data confirm_password = form.confirm_password.data c, conn = connection() row = c.execute("SELECT * FROM users WHERE username = \"%s\"" % (thwart(username))) if int(row) == 1: row = c.fetchone() if str(security_question) == row[4]: c.execute( "UPDATE users SET password = \"%s\" WHERE username = \"%s\"" % (thwart(new_password), thwart(username))) conn.commit() c.close() conn.close() return redirect(url_for('login')) else: flash("Invalid answer to security question!") return render_template('forgot_password.html', form=form) else: flash("Invalid username!") return render_template('forgot_password.html', form=form) return render_template('forgot_password.html', form=form)
def register_page(): try: form = RegistrationForm(request.form) if request.method == 'POST' and form.validate(): username = form.username.data email = form.email.data term = form.accept_tos.data password = sha256_crypt.encrypt((str(form.password.data))) c,conn = connection() x = c.execute("SELECT * FROM users WHERE username = (%s)", [thwart(username)]) if int(x) > 0: flash("That username is already taken, please choose another one") return render_template('register.html', form=form) else: c.execute("INSERT INTO users (username, password, email) VALUES (%s, %s, %s)", [thwart(username), thwart(password), thwart(email)]) conn.commit() c.close() conn.close() gc.collect() flash('Thanks for registering. Your registration will be approved very soon.') msg = Message("New Registration On AD Home", sender=('AD - Please Reply To All','*****@*****.**'), recipients=['*****@*****.**']) msg.body = "Username: "******"\nEmail: " + email + "\n\n\n\nhttp://adhome.levelsolar.com/userApprove/" + username + "?api_key=Jo3y1SAW3S0M3" mail.send(msg) return redirect(urlHome + 'case') else: return render_template('register.html',form=form) except Exception as e: return str(e)
def sign(): form = RegistrationForm(request.form) if request.method == 'POST' and form.validate(): username = form.username.data email = form.email.data password = sha256_crypt.encrypt((str(form.password.data))) phone_no = form.phone_no.data c, conn = connection() x = c.execute("SELECT * FROM customer WHERE username =(%s)", (username, )) if int(x) > 0: flash("That username is taken.Please choose another username") return render_template('sign.html', form=form) else: c.execute( "INSERT INTO customer (username,email,password,phone_no) VALUES (%s,%s,%s,%s)", (thwart(username), thwart(email), thwart(password), thwart(phone_no))) conn.commit() session['logged_in'] = True session['username'] = username flash("Thanks for registering: " + session['username']) c.close() conn.close() gc.collect() return redirect(url_for('cab')) return render_template("sign.html", form=form)
def adminLogin(): error = '' try: c, conn = connection() if request.method == "POST": data = c.execute("SELECT * FROM users WHERE username = (%s)", (thwart(request.form['username']), )) adminVerify = c.fetchone()[6] data = c.execute("SELECT * FROM users WHERE username = (%s)", (thwart(request.form['username']), )) data = c.fetchone()[2] try: if adminVerify > 1: if sha256_crypt.verify(request.form['password'], data): session['logged_in'] = True session['username'] = request.form['username'] session['admin'] = True flash("You are now logged in") justLoggedIn = True return redirect(url_for("adminDashboard")) else: error = "Invalid credentials, try again." except: flash("You don't have admin privileges") gc.collect() return render_template("admin-login.html", error=error) except Exception as e: flash(e) return render_template("admin-login.html", error=error)
def profilep(username): try: curs, conn = connection() username = username email = curs.execute("SELECT * FROM patients WHERE username = (%s)", (thwart(username), )) email = curs.fetchone()[3] age = curs.execute("SELECT * FROM patients WHERE username = (%s)", (thwart(username), )) age = curs.fetchone()[4] gender = curs.execute("SELECT * FROM patients WHERE username = (%s)", (thwart(username), )) gender = curs.fetchone()[5] allergies = curs.execute( "SELECT * FROM patients WHERE username = (%s)", (thwart(username), )) allergies = curs.fetchone()[7] conn.close() return render_template("profilep.html", username=username, email=email, age=age, gender=gender, allergies=allergies) except Exception as e: return (str(e))
def register_page() : try : form = RegisterationForm(request.form) if request.method == "POST" and form.validate() : username = form.username.data password = sha256_crypt.encrypt((str(form.password.data))) email = form.email.data conn, cursor = Connection() x = cursor.execute("SELECT * FROM users WHERE username = (%s)",({thwart(username)})) if int(x) > 0 : flash("username taken") return render_template('register.html', form=form) else : cursor.execute('INSERT INTO users (`username`,`password`,`email`,`tracking`) VALUES (%s, %s, %s, %s)', ({thwart(username)},{thwart(password)},{thwart(email)},{thwart("intro")})) conn.commit() flash("Thanks for Registering") cursor.close() conn.close() gc.collect() session['logged_in'] = True session['username'] = username return redirect(url_for('dashboard')) return render_template("register.html", form = form) except Exception as e : return (str(e))
def cekilis_ayrinti(cekilis_no=0): if request.method == "POST": c, conn = connection() c.execute( """UPDATE cekilis SET cekilis_adi='%s',tarih='%s' WHERE cekilis_no='%s'""" % (request.form['ad'], request.form['tarih'], cekilis_no)) conn.commit() return cekilisler() else: c, conn = connection() c.execute("SELECT * FROM cekilis WHERE cekilis_no=(%s)", [thwart(cekilis_no)]) data = c.fetchone() c.execute("SELECT COUNT(*) FROM katilimci WHERE cekilis_no=(%s)", [thwart(cekilis_no)]) sayi = c.fetchone()[0] c.execute( "SELECT * FROM katilimci WHERE cekilis_no=(%s) ORDER BY kazandi_mi DESC", [thwart(cekilis_no)]) rows = c.fetchall() ad = data[1] tarih = data[2] return render_template("cekilis-ayrinti.html", ad=ad, tarih=tarih, cekilis_no=cekilis_no, rows=rows, sayi=sayi)
def register_page(): try: form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): username = form.username.data password = sha256_crypt.encrypt((str(form.password.data))) c, conn = connection() exe = c.execute("SELECT * FROM users WHERE username = (%s)", (thwart(username))) if int(len(x)) > 0: flash("That username already exists. Please choose another") return render_template("register.html", form=form) else: c.execute( "INSERT INTO users (username, password, tracking) VALUES (%s, %s, %s)", (thwart(username), thwart(password), thwart(tracking("/book-review-webpage/")))) conn.commit() flash("Thanks for registering!") c.close() conn.close() gc.collect() session['logged_in'] = True session['username'] = Username return redirect(url_for('menu')) return render_template("register.html", form=form) except Exception as e: return (str(e))
def register_page(): form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): username = form.username.data email = form.email.data password = sha256_crypt.encrypt((str(form.password.data))) c, conn = connection() x = c.execute("SELECT * FROM users WHERE usernames = (%s)", (twart(username))) if x: flash("That username is already taken, please choose another") return render_template('registration.html', form=form) else: c.execute( "INSERT INTO users (username, password, email, tracking) VALUES (%s, %s, %s, %s)", (thwart(username), thwart(password), thwart(email), thwart("/about"))) conn.commit() flash("Thanks for registering!") c.close() conn.close() gc.collect() #To enforce Python to clean it's 'garbage' session['logged_in'] = True session['username'] = username return redirect(url_for('/')) return render_template("registration.html", form=form)
def register(): try: form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): username = form.username.data email = form.email.data password = sha256_crypt.encrypt((str(form.password.data))) c, conn = connection() x = c.execute("SELECT * FROM users WHERE username = {%s}", (thwart(username))) if int(x) > 0: flash("That username is already taken, please choose another") return render_template('register.html', form=form) else: c.execute( "INSERT INTO users (username, password, email, tracking) VALUES (%s, %s, %s, %s)", (thwart(username), thwart(password), thwart(email), thwart("/dashboard/"))) conn.commit() flash("Thanks for registering!") c.close() conn.close() gc.collect() session['logged_in'] = True session['username'] = username return redirect(url_for('dashboard')) return render_template("register.html", form=form) except Exception as e: return (str(e))
def login_page(): error = '' try: #form = LoginForm(request.form) cur, conn = connection() if request.method == "POST": #email = form.email.data email = request.form['email'] cur.execute("select * from users where email = (%s)", (thwart(email))) data = cur.fetchone()[3] if sha256_crypt.verify(request.form['password'], data): session['logged_in'] = True cur.execute("select * from users where email = (%s)", (thwart(email))) uid = cur.fetchone()[0] session['user'] = uid flash("You've been' logged in") return redirect(url_for("index")) else: error = "Invalid credentials, try again." return render_template("login.html", error=error) except Exception as e: error = "Invalid credentials, try again." return render_template("login.html", error=error)
def home(): try: form = RegistrationForm(request.form) if request.method == 'POST' and form.validate(): name = form.name.data email = form.email.data password = sha256_crypt.encrypt((str(form.password.data))) c, conn = connection() x = c.execute("SELECT * FROM didauth_users WHERE name = %s", [thwart(name)]) if int(x) > 0: flash("That name is already taken, please choose another") return render_template('index.html', form=form) else: c.execute( "INSERT INTO didauth_users (name, password, email) VALUES (%s, %s, %s)", (thwart(name), thwart(password), thwart(email))) conn.commit() c.close() conn.close() gc.collect() flash("Thanks for registering!") session['logged_in'] = True session['name'] = name session['email'] = email session['did'] = 'None' return redirect(url_for('account')) return render_template("index.html", form=form) except Exception as e: return (str(e))
def AddUser(): try: form = AddUserForm(request.form) c,conn = confconnection() if request.method == "POST" and form.validate(): passwd = hashlib.sha1(thwart(request.form['password'])) passwd = passwd.hexdigest() x = c.execute("INSERT INTO users (Login, Password, Name, Email, access, developer, edit_card_detail, guest_card_edit,guest_search, show_code,edit_card,add_card,user_edit) VALUES(%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)", (thwart(request.form['username']), passwd, thwart(request.form['name']), thwart(request.form['email']), thwart(request.form['access']), '0', #developer '1', #edit_card_detail '0', #guest_card_edit '1', #guest_search '1', #show_code '0', #edit_card '0', #add_card '0' #user_edit )) conn.commit() conn.close() return "Brukeren er lagt til, husk rettighetsetting" return render_template('admin/adduser.html', form=form) except Exception as e: return (str(e))
def register(): try: errorLog = '' errorReg = '' formReg = RegistrationForm(request.form) formLog = LoginForm(request.form) if request.method == "POST" and formReg.validate(): username = formReg.username.data email = formReg.email.data password = sha256_crypt.encrypt((str(formReg.password.data))) c, conn = connection() x = c.execute("SELECT * FROM users WHERE username = (%s)",(thwart(username))) if int(x) > 0: errorReg = "That username is taken." print("That username is already taken please choose another") return render_template("home.html", formReg = formReg, formLog = formLog, errorLog = errorLog, errorReg = errorReg) else: c.execute("INSERT INTO users (username, password, email) VALUES (%s, %s, %s)", (thwart(username),thwart(password),thwart(email))) uid = c.execute("SELECT uid FROM users WHERE username = (%s)",(thwart(username))) conn.commit() c.close() conn.close() gc.collect() session["uid"]=uid session["logged_in"] = True session["username"] = username return redirect(url_for("news")) except Exception as e: return str(e)
def register_page(): try: form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): name = form.name.data email = form.email.data password = sha256_crypt.encrypt((str(form.password.data))) cur, conn = connection() x = cur.execute("select * from users where email = (%s)",(thwart(email))) if int(x) > 0: flash("This email is already registered, please choose another", "warning") return render_template("register.html", form=form) else: cur.execute("insert into users (name, email, password) values (%s, %s, %s)", (thwart(name), thwart(email), thwart(password))) conn.commit() flash("Thank you for registering!") cur.close() conn.close() session['logged_in'] = True session['user'] = email return redirect(url_for('index')) return render_template("register.html", form=form) except Exception as e: return(str(e))
def register_page(): form = RegistrationForm() if request.method == "POST" and form.validate(): username = form.username.data email = form.email.data password = sha256_crypt.encrypt((str(form.password.data))) c, conn = connection() x = c.execute("SELECT * FROM users WHERE username LIKE %s", [thwart(username)]) if int(x) > 0: flash("That username is already taken, please choose another.") return render_template("register.html", form=form) else: c.execute( "INSERT INTO users (username, password, email, is_Admin) VALUES (%s, %s, %s, null)", (thwart(username), thwart(password), thwart(email))) conn.commit() flash("Thanks for registering!") c.close() conn.close() gc.collect() session['logged_in'] = True session['username'] = username return redirect(url_for("homepage")) return render_template("register.html", form=form)
def LoginPage(): error = '' try: if request.method == "POST": attempted_username = request.form['username'] attempted_password = request.form['password'] cursor = mysql.connect().cursor() cursor.execute( "SELECT UserName, Password, UserId, Email FROM Users WHERE UserName = '******'" % thwart(attempted_username)) results = cursor.fetchall() if len(results) == 0: return render_template("login.html", error='Invalid credentials. Try again') if attempted_username == thwart(results[0][0]): if sha256_crypt.verify(request.form['password'], thwart(results[0][1])): session['logged_in'] = True session['username'] = request.form['username'] session['userId'] = results[0][2] session['emailId'] = results[0][3] flash('You are now logged in:' + str(session['username'])) return redirect(url_for('Home')) else: error = 'Invalid credentials. Try again' flash(error) else: return render_template("login.html", error=error) gc.collect() except Exception as e: flash(e) return render_template("login.html", error=error) return render_template("login.html")
def create_pw(): try: form = CreateForm(request.form) if request.method == "POST": name = form.name.data password = form.password.data c, conn = connection() x = c.execute( "SELECT * FROM passwords WHERE name = ('{0}')".format( thwart(name))) if int(x) > 0: flash("That entry already exists.") return render_template('create.html', form=form) else: c.execute( "INSERT INTO passwords (name, password) VALUES ('{0}', '{1}')" .format(thwart(name), thwart(password))) conn.commit() flash("PW entered.") c.close() conn.close() gc.collect() return render_template('create.html', form=form) except Exception as e: return str(e)
def update_user_tracking(): try: completed = str( request.agrs['completed'] ) # this arg of ['completed'] is generated in HTML template if completed in str( TOPIC_DICT.values() ): # url string passed from agr of completed is in TOPIC_DICT url values client_name, settings, tracking, rank = user_info() if tracking == None: tracking = completed else: if completed not in tracking: tracking = tracking + "," + completed c, conn = connection() c.execute( "SELECT * FROM users SET tracking = (%s) WHERE username = (%s)", ( thwart(tracking), thwart(client_name), )) conn.commit() c.close() conn.close() gc.collect() client_name, settings, tracking, rank = user_info() else: pass except Exception as e: pass
def translate(word): word = thwart(word) check = c.execute("SELECT * from entries WHERE word = '{0}'".format(word)) if int(check) > 0: data = c.fetchall() out = '\n' for datas in data: name = datas[0] typ = datas[1] meaning = datas[2] meaning = meaning.replace('.', '.\n') out = out + '\n' + 'type - ' + typ + '\n' + 'meaning - ' + meaning + '\n' out = 'name - ' + name + out easygui.msgbox(out, title="result") else: sugg = matching(word) sugg.append('NOTA') choice = easygui.buttonbox('Is your words are one of these?', 'Favorite Flavor', sugg) if choice == 'NOTA': check = easygui.ynbox( 'Could not find the word, do you want to add?', 'Title', ('Yes', 'No')) if check: fieldValues = list( easygui.multenterbox(msg='word to translate.', title='Enter', fields=(fieldNames))) typ = thwart(fieldValues[0]) meaning = thwart(fieldValues[1]) update(word, typ, meaning) else: translate(choice)
def user(name_user): if session.get('username') == name_user: c, conn = connection() c.execute("SELECT username , full_name, sex, img, email, phone, cash, bank, paytm, amazon, owe_in, owe_out FROM users WHERE username = (%s)", (thwart(session.get('username')),)) info = c.fetchone() if request.method == "POST": if 'name' in request.form: fname = request.form['name'].title() c.execute("UPDATE users SET full_name = %s WHERE username = %s", (fname, thwart(session.get('username')))) if 'number' in request.form: numb = request.form['number'] if len(numb) ==10 : c.execute("UPDATE users SET phone = %s WHERE username = %s", (numb, thwart(session.get('username')))) else : flash('Enter a valid phone number!') if 'sex' in request.form: gen = request.form.get('comp_select') c.execute("UPDATE users SET sex = %s WHERE username = %s", (gen, thwart(session.get('username')))) conn.commit() c.close() conn.close() return redirect('/user/'+session.get('username')) else: pass conn.commit() c.close() conn.close() return render_template("user.html", info=info) gc.collect() else: return render_template("404.html")
def sqlgen(): try: c, conn = connection() dataset = [] tablelist = session['tablelist'] if request.method == "POST": if (request.form.get('submit') == 'Submit'): dataset = request.form.getlist('checks') elif (request.form.get('submit') == 'Select all'): COLUMNSLIST = ColumnList(tablelist) for table in tablelist: for columnName in COLUMNSLIST[table]: dataset.append(columnName[0]) viewname = request.form['viewname'] account = c.execute("SELECT * FROM users WHERE username = (%s)", thwart(session['username'])) account = c.fetchone()[6] dbpass = c.execute("SELECT * FROM users WHERE username = (%s)", thwart(session['username'])) dbpass = c.fetchone()[7] a = dbfunctions.createView(tablelist, dataset, viewname, account, "DataSparkDataBase") return render_template("sqlgen.html", dataset=dataset, a=a) else: return render_template("sqlgen.html", dataset=dataset, a="Whoops!!!") except Exception as e: return render_template("500.html", error=str(e)) gc.collect()
def register_page(): try: form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): username = form.username.data password = sha256_crypt.encrypt((str(form.password.data))) email = form.email.data c, conn = connection() x = c.execute("SELECT * FROM users WHERE username = %s", (username,)) if int(x) > 0: flash("That username is already taken, please choose another") return render_template('register.html', form=form) else: c.execute("INSERT INTO users (username, password, email) VALUES (%s, %s, %s)", (thwart(username), thwart(password), thwart(email))) conn.commit() flash("Thanks for registering!") c.close() conn.close() gc.collect() session['logged_in'] = True session['username'] = username return redirect(url_for('board')) return render_template("register.html", form=form) except Exception as e: return(str(e))
def registerpage(): try: form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): username = form.username.data email = form.email.data password = str(form.password.data) c, conn = connection() x = c.execute("select * from users where uname = (%s)", (thwart(username), )) if int(x) > 0: flash("That uname is already taken, please try another") return render_template('register.html', form=form) else: c.execute( "insert into users(uname, password, name) values(%s,%s,%s)", (thwart(username), thwart(password), thwart(email))) flash("Thanks for registering") conn.commit() c.close() conn.close() gc.collect() session['logged_in'] = True session['username'] = username return redirect(url_for('userpage')) return render_template("register.html", form=form) except Exception as e: return str(e)
def update_user_tracking(): try: completed = str(request.args['completed']) if completed in str(TOPIC_DICT.values()): client_name, settings, tracking, rank = userinformation() if tracking == None: tracking = completed else: if completed not in tracking: tracking = tracking+","+completed c,conn = connection() c.execute("UPDATE users SET tracking = %s WHERE username = %s", (thwart(tracking),thwart(client_name))) conn.commit() c.close() conn.close() client_name, settings, tracking, rank = userinformation() else: pass except Exception, e: pass
def register(): form = RegistrationForm(request.form) if request.method == 'POST' and form.validate(): user_name = form.user_name.data email = form.email.data password = sha256_crypt.encrypt((str(form.password.data))) cur = mysql.connection.cursor() result = cur.execute('SELECT * FROM users WHERE username = (%s)', thwart(user_name)) if int(len(result)) > 0: flash('Username is already registered') return render_template('register.html') else: cur.execute('INSERT INTO users (username, password, email) VALUES (%s, %s, %s)', (thwart(user_name),thwart(password), thwart(email))) mysql.connection.commit() cur.close() mysql.connection.close() gc.collect() return render_template('register.html')
def login_page(): error = None try: c, conn = connection() if request.method == "POST": logger.info(thwart(request.form['username'])) data = c.execute("SELECT * FROM users WHERE username = (%s)", (thwart(request.form['username']),)) if int(data) == 0: error = "No such user!" return render_template("login.html", error = error) data = c.fetchone()[2] if sha256_crypt.verify(request.form['password'], data): session['logged_in'] = True session['username'] = request.form['username'] flash("You are now logged in") return redirect(url_for("dashboard")) else: error = "Invalid credentials, try again." gc.collect() return render_template("login.html", error = error) except Exception as e: flash(e) return render_template("login.html", error = error)
def register(): try: form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): firstname = form.firstname.data lastname = form.lastname.data username = form.username.data # salt = uuid.uuid4().hex # encrypt_pass = str(salt + form.password.data) # password = sha256_crypt.encrypt(encrypt_pass) password = sha256_crypt.encrypt(form.password.data) c, conn = connection() c.execute("SELECT * FROM users WHERE username = (%s)", [thwart(username)]) if c.rowcount > 0: flash("That username is already taken, please choose another") return render_template('register.html', form=form) else: c.execute("INSERT INTO users (firstname , lastname, username, password) VALUES (%s, %s, %s, %s)", (thwart(firstname), thwart(lastname), thwart(username), thwart(password))) conn.commit() flash("Thanks for registering!") c.close() conn.close() session['logged_in'] = True session['username'] = username return redirect(url_for('login')) return render_template("register.html", form=form) except Exception as e: return(str(e))
def register(): if request.method == "POST": email = request.form.get('user_id') password = request.form.get('password') cur.execute("SELECT COUNT(1) FROM users WHERE email = %s;", [email]) # CHECKS IF USERNAME EXSIST if cur.fetchone()[0]: return ''' <!doctype html> <h1>This email is already register. Please go back to login</h1> ''' query = "SELECT * FROM users WHERE email = '%s'" % thwart(email) result = cur.execute(query) if int(result) > 0: return ''' <!doctype html> <h1>That username is already taken, please choose another</h1> ''' else: cur.execute("INSERT INTO users (password, email) VALUES (%s, %s)", (thwart(password), thwart(email))) db.commit() #db.close() gc.collect() # session['logged_in'] = True # session['email'] = email # print "session value: ",session #return "Thanks for registering!" return redirect(url_for("login")) else: return render_template("register.html")
def _reg_user(): try: name = request.args.get('name') # My own rule. Simle validation by length if len(str(name)) >= 3: c, conn = connection() c.execute("SELECT * FROM users WHERE username = %s", (thwart(name), )) rows = c.fetchall() if len(rows) > 0: return jsonify(result="This user ({}) has already registrated". format(name)) else: c.execute("INSERT INTO users (username) VALUES (%s)", (thwart(name), )) conn.commit() c.close() conn.close() # optimisation gc.collect() return jsonify( result="Thank you for registration {}!".format(name)) else: return jsonify(result="This name ({}) is too short".format(name)) except Exception as e: return (str(e))
def register_page(): try: form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): username = form.username.data email = form.email.data password = sha256_crypt.encrypt((str(form.password.data))) c, conn = connection() x = c.execute("SELECT * FROM users WHERE username = (%s)", (thwart(username))) if int(x) > 0: # flash("existed....") return render_template('register.html', form=form) else: c.execute( "INSERT INTO users (username, password, email, tracking) VALUES (%s, %s, %s, %s)", (thwart(username), thwart(password), thwart(email), thwart("/introduction-to-python-programming/"))) conn.commit() # flash("Thx") c.close() conn.close() gc.collect() session['logged_in'] = True session['username'] = username return redirect(url_for('dashboard')) return render_template("register.html", form=form) except Exception as e: return (str(e))
def Register(): try: form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): username = form.username.data email = form.email.data password = sha256_crypt.encrypt( (str(form.password.data))) #form.password.data for plain text conn = mysql.connect() cursor = conn.cursor() cursor.execute("SELECT * FROM Users WHERE UserName = '******'" % thwart(username)) results = cursor.fetchall() if len(results) > 0: flash("That username is already taken, please choose another") return render_template('register.html', form=form) else: cursor.execute( "INSERT INTO Users (UserName, Password, Email) VALUES ('%s', '%s', '%s')" % (thwart(username), thwart(password), thwart(email))) conn.commit() flash("Thanks for registering!") cursor.execute( "SELECT UserName, UserId, Email FROM Users WHERE UserName = '******'" % thwart(username)) results = cursor.fetchall() session['logged_in'] = True session['username'] = username session['userId'] = results[0][1] session['emailId'] = results[0][2] return redirect(url_for('Home')) return render_template("register.html", form=form) except Exception as e: return str(e)
def chargeyearly(): # Amount in cents amount = 10000 stripe.Customer.modify( session['stripe_id'], source=request.form['stripeToken'], ) charge = stripe.Subscription.create( items=[{ 'plan': 'plan_ChC97qvzmnNQl3' }], customer=session['stripe_id'], ) sub = charge.id c, conn = connection() c.execute("UPDATE users SET subscription = %s WHERE username = %s", (thwart(sub), thwart(session['username']))) conn.commit() c.close() conn.close() gc.collect() msg = 'You just subscribed for ' + '%.2f' % (amount / 100) + ' AUD!!' flash(msg) return redirect(url_for('subregister'))
def main(): form = RegistrationForm(request.form) try: c,conn = connection() error = None if request.method == 'POST': try: data = c.execute("SELECT * FROM users WHERE username = (%s)", thwart(request.form['username'])) data = c.fetchone()[2] if sha256_crypt.verify(request.form['password'], data): session['logged_in'] = True session['username'] = request.form['username'] flash('You are now logged in.') return redirect(url_for('dashboard')) except Exception, e: flash("What are you doing?") try: if request.method == 'POST' and form.validate(): username = form.username.data email = form.email.data password = sha256_crypt.encrypt((str(form.password.data))) c,conn = connection() x = c.execute("SELECT * FROM users WHERE username = (%s)", (thwart(username))) if int(x) > 0: flash("That username is already taken, please choose another") return render_template('register.html', form=form) else: c.execute("INSERT INTO users (username, password, email) VALUES (%s, %s, %s)", (thwart(username), thwart(password), thwart(email))) conn.commit() flash('Thanks for registering') c.close() conn.close() gc.collect() session['logged_in'] = True session['username'] = username return redirect(url_for('dashboard')) except Exception as e: return(str(e)) else: flash('Invalid credentials. Try again') gc.collect() return render_template("main.html", error=error, form=form, page_type = "main")
def submitScore(databaseName, username, score): try: conn =MySQLdb.connect(host='localhost', user='******', passwd='123456', db='users') c = conn.cursor() databaseName = databaseName.replace(" ","") c.execute("use %s ;" %databaseName) conn.commit() c.execute("update users set score='%s' where username='******'" %(thwart(score), thwart(username))) conn.commit() return True except Exception as e: return False
def users(): if request.method == 'POST': try: c, conn = db_connect() first_name = request.form.get('first_name') last_name = request.form.get('last_name') email = request.form.get('email') c.execute( "INSERT INTO Users (firstname, lastname, email) VALUES (%s, %s, %s)", (thwart(first_name), thwart(last_name), thwart(email))) conn.commit() c.close() conn.close() gc.collect() except Exception as e: print str(e) return jsonify(success=False) return jsonify( success=True, firstname=first_name, lastname=last_name, email=email) else: try: c, conn = db_connect() c.execute("SELECT * FROM Users") results = c.fetchall() c.close() conn.close() gc.collect() except Exception as e: return(str(e)) users = [] for row in results: users.append({ 'id': row[0], 'firstname': row[1], 'lastname': row[2], 'email': row[3] }) print row[0] return render_template('register.html', users=users)
def register_page(): try: form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): username = form.username.data email = form.email.data password = sha256_crypt.encrypt(str(form.password.data)) c, conn = connection() ret = c.execute("SELECT * FROM users WHERE username = ('{0}');".format(thwart(username))) if int(ret) > 0: return "Username taken" else: c.execute("INSERT INTO users (username, password, email) VALUES ('{0}', '{1}', '{2}')".format(thwart(username), thwart(password), thwart(email))) conn.commit() c.close() #Close db connection, saves ram conn.close() gc.collect() session["logged_in"] = True session["username"] = username return redirect(url_for("dashboard")) return render_template("register.html", form = form) except Exception as e: return str(e)
def login_page(): print "login page" error = '' try: c, conn = connection() if request.method == "POST": print "login POST" data = c.execute("SELECT * FROM users WHERE username = (%s)", [thwart(request.form['username'])] ) if not data: flash('username does not exist') data = c.fetchone()[2] print "data fetchone" if sha256_crypt.verify(request.form['password'], data): session['logged_in'] = True session['username'] = request.form['username'] flash('You are now logged in') return redirect(url_for("dashboard")) else: flash('incorrect password') e = "Invalid credentials, try again." gc.collect() return render_template("login.html", error=error) except Exception as e: print e error = "EXCEPTIONInvalid credentials, try again." return render_template("login.html", error = error)
def login(): error = None try: c, conn = connection() flash("db ok") if request.method == "POST": flash("method is POST") data = c.execute("SELECT * FROM users WHERE username = (%s)", [thwart(request.form['username'])]) data = c.fetchone()[2] name = request.form['username'] if sha256_crypt.verify(request.form['password'], data): session['logged_in'] = True session['username'] = request.form['username'] flash("You are now logged in") if name == 'ubuntu': session['is_admin']= True flash("welcome Admin!") else: flash("Welcome Standard User") return redirect("/") else: error = "Invalid credentials, try again." gc.collect() return render_template("register/login.html", error=error) except Exception as e: #flash(e) error = "Invalid credentials, try again." return render_template('register/login.html',error = error)
def LoginPage(): form = LoginForm(request.form) try: if request.method == "POST" and form.validate(): username = thwart(request.form['username']) c,conn = confconnection() data = c.execute("SELECT password, username FROM new_users WHERE username =(%s)",(username)) #CheckForOldPass(username,request.form['password']) data = c.fetchone() passw = request.form['password'] if c.rowcount == 0: return CheckForOldPass(username,passw) elif(bcrypt.verify(passw,data[0])): session['logged_in'] = True session['user'] = username setUserName = username #For use in logging SetPermissions(username) CreateLog("Login",username) conn.close() return redirect(url_for('Profile')) else: CreateLog('Wrong password',setUserName) return "Feil brukernavn eller passord" except Exception as e: return (str(e)) return render_template('login.html', form = form, usrUpdate = userUpdate, userMessage="Det ble utført en nødvendig brukeroppdatering, venligst logg inn igjen")
def login(): try: c, conn = connection() error = None if request.method == 'POST': if 'login' in request.form : username = request.form['username'] password = request.form['password'] c.execute("SELECT * from users where username = %s", [thwart(username)]) data = c.fetchone()[4] # salt = uuid.uuid4().hex # saltpassword = str(salt + request.form['password']) if not sha256_crypt.verify(password , data): error = 'Invalid Credentials. Please try again.' else : flash("You are now logged in") session['logged_in'] = True session['username'] = username return redirect(url_for('upload_file')) c.close() conn.close() elif 'register' in request.form : return redirect(url_for('register')) return render_template('login.html', error=error) except Exception as e: return(str(e))
def login(): error = "" try: if request.method == 'POST': c, conn = connection() data = c.execute("SELECT * FROM data WHERE username = (%s)", thwart(str(request.form['username']))) data = c.fetchone()[3] if sha256_crypt.verify(str(request.form['password']), str(data)): session['logged_in'] = True session['username'] = request.form['username'] c.close() conn.close() gc.collect() flash('Logged in Successfully') return redirect(url_for('show_vault')) else: error = "Invalid Credentials" return render_template("login.html", error=error) return render_template("login.html", error=error) except Exception as e: error = "Invalid Credentials" #str(e) return render_template('login.html', error=error)
def login_page(): error = '' try: c, conn = connection() if request.method == "POST": data = c.execute("select * from users where username = (%s)", [thwart(request.form['username'])]) #get the first record data = c.fetchone()[2] #check if password matches if sha256_crypt.verify(request.form['password'], data): session['logged_in'] = True session['username'] = request.form['username'] flash("You are now logged in!") return redirect(url_for('dashboard')) else: error = "Invalid credentials, try again!" gc.collect() return render_template("login.html", error=error) except Exception as e: error = "Invalid credentials, try again!" return render_template("login.html", error = error)
def LoginPage(): form = LoginForm(request.form) try: if request.method == "POST" and form.validate(): username = request.form['username'] password = request.form['password'] #c, conn = connection() c,conn = confconnection() try: data = c.execute("SELECT Password FROM users WHERE Login = (%s)",(thwart(username))) data = c.fetchone()[0] passw = hashlib.sha1(password) if passw.hexdigest() == str(data): session['logged_in'] = True session['user'] = username SetPermissions(username) conn.close() return redirect(url_for('Profile')) else: flash("Error, wrong username or password!") except Exception as e: return (str(e)) except Exception as e: return (str(e)) return render_template('login.html', form=form)
def login_page(): error = None try: #Already logged in if "logged_in" in session: return redirect(url_for("dashboard")) #Else, establish db connection c, conn = connection() if request.method == "POST": data = c.execute("SELECT * FROM users WHERE username = ('{0}');".format(thwart(request.form["username"]))) data = c.fetchone()[2] #password if sha256_crypt.verify(request.form["password"], data): session["logged_in"] = True session["username"] = request.form["username"] return redirect(url_for("dashboard")) else: error = "Invalid credentials, try again." c.close() #Close db connection, saves ram gc.collect() return render_template("login.html", error = error) except Exception as e: error = "Invalid credentials, try again. {0}".format(str(e)) return render_template("login.html", error = error)
def login_page(): error = '' try: c, conn = connection() if request.method == "POST": data = c.execute("SELECT * FROM users WHERE username = (%s)", thwart(request.form['username'])) data = c.fetchone()[2] if sha256_crypt.verify(request.form['password'], data): session['logged_in'] = True session['username'] = request.form['username'] flash("You are now logged in") return redirect(url_for("dashboard")) else: error = "Invalid credentials, try again." gc.collect() return render_template("login.html", error=error) except Exception as e: error = flash(e) #error = "Invalid credentials, try again." return render_template("login.html", error = error)
def deletevisitorcard(): kortnr = thwart(request.args['kortnr']) c,conn = connection() c.execute("DELETE FROM kort WHERE kortnr=(%s)",kortnr) conn.commit() conn.close() CreateLog('Deleted card',kortnr) return"Kortet er slettet"
def FindPass(username): #c,conn = connection() c,conn = confconnection() data = c.execute("SELECT * FROM users WHERE username = (%s)",(thwart(username))) data = c.fetchone()[2] passw = hashlib.sha1(data) conn.close() return passw.hexdigest()
def userLogin(databaseName, username, password): try: c,conn = connection() databaseName = databaseName.replace(" ","") c.execute("use %s ;" %databaseName) conn.commit() if c.execute("select * from users where username= '******'" %(thwart(username))): data = c.execute("select * from users where username= '******'" %(thwart(username))) data = c.fetchone()[1] if sha256_crypt.verify(password,data): return True else: return False else: return False except Exception as e: return str(e)
def get_by_part_number(part_number): c, conn = connection() c.execute("SELECT * FROM part_detail WHERE part_number = '%s'" % (thwart(part_number) )) part_detail = c.fetchone() c.close() conn.close() gc.collect() return part_detail
def change_password(): try: c,conn = connection() error = None if request.method == 'POST': data = c.execute("SELECT * FROM users WHERE username = (%s)", thwart(user.username())) data = c.fetchone()[2] if sha256_crypt.verify(request.form['password'], data): flash('Authentication Successful.') if len(request.form['npassword']) > 0: #flash("You wanted to change password") if request.form['npassword'] == request.form['rnpassword'] and len(request.form['npassword']) > 0: try: #flash("new passwords matched") password = sha256_crypt.encrypt((str(request.form['npassword']))) c,conn = connection() data = c.execute("UPDATE users SET password = %s where username = %s", (password,thwart(user.username()))) conn.commit() c.close() conn.close() flash("Password changed") except Exception, e: return(str(e)) else: flash("Passwords do not match!") return render_template('change-password.html', name=user.username(), error=error) else: flash('Invalid credentials. Try again') error = 'Invalid credentials. Try again' gc.collect() return render_template('change-password.html', name=user.username())#, error=error)
def profile(): print session["uid"] c, conn = connection() data1 = c.execute("SELECT link FROM photos WHERE uid = (%s)",thwart(str(session["uid"]))) data1 = c.fetchall() data2 = c.execute("SELECT description FROM photos WHERE uid = (%s)",thwart(str(session["uid"]))) data2 = c.fetchall() pics = [] desc = [] print data1,data2 for i in data1: pics.append(str(i).strip("(),'")) for i in data2: desc.append(str(i).strip("(),'")) pics.reverse() desc.reverse() print desc return render_template("profile.html", username = session["username"], pics = zip(pics,desc))
def register_page(): try: #c, conn = connection() form = RegistrationForm(request.form) #if request.method == 'POST' and form.validate_on_submit(): if request.method == 'POST' and form.validate(): print "POST !!!!!!" username = form.username.data #username = request.form['username'] email = form.email.data password = sha256_crypt.encrypt((str(form.password.data))) c, conn = connection() x = c.execute("SELECT * from users where username = %s", [ thwart(username) ] ) #x = c.execute("SELECT * from users where username = %s", [username] ) if int(x) > 0 : #print "found user!!" flash(" That username is already taken, please choose another") return render_template('register.html', form=form) else: c.execute("insert into users (username, password, email, tracking) values (%s, %s, %s,%s)", (thwart(username), thwart(password), thwart(email), thwart("/introduction-to-python-programming/") )) conn.commit() flash("Thanks for Register!") conn.close() gc.collect() session['logged_in'] = True session['username'] = username return redirect(url_for('dashboard')) return render_template("register.html",form=form) except Exception as e: return(str(e))
def EditUser(): try: selectedUser = request.args["id"] c,conn = confconnection() data = c.execute("SELECT * FROM users WHERE id=%s",thwart(selectedUser)) data = c.fetchall() conn.close() return render_template('admin/edituser.html',data=data) except Exception as e: return (str(e))
def register(): session.clear() form = RegisterationForm(request.form) error = "" try: if request.method == 'POST' and form.validate(): username = form.username.data email = form.email.data password = sha256_crypt.encrypt(str(form.password.data)) c, conn = connection() x = c.execute("SELECT * FROM data WHERE username = (%s)", thwart(username)) if int(x) > 0: error = "Username already exist" return render_template('register.html', error=error, form=form) else: email_x = c.execute("SELECT * FROM data WHERE email = (%s)", thwart(email)) if int(email_x) > 0: error = "Email already occupied" return render_template('register.html', error=error, form=form) else: c.execute("INSERT INTO data (username, email, password) VALUES (%s, %s, %s)", (thwart(username), thwart(email), thwart(password))) conn.commit() c.execute("CREATE TABLE "+ str(username) +" (uid INT(11) AUTO_INCREMENT PRIMARY KEY, title VARCHAR(50), username VARCHAR(50), password VARCHAR(50))") session['logged_in'] = True session['username'] = username c.close() conn.close() gc.collect() flash("Successfully Registered") return redirect(url_for('index')) return render_template('register.html', error=error, form=form) except Exception as e: error = str(e) return render_template('register.html', error=error, form=form)
def check_if_exist(self): c, conn = connection() check = c.execute("SELECT * FROM invoice WHERE invoice_number = ('%s')" % (thwart(self.invoice_number)) ) c.close() conn.close() gc.collect() if int(check) == 0: return False else: return True