def signUp(): try: # read the posted values from the UI address = request.form['inputAddress'] email = request.form['inputEmail'] # validate the received values if address and email: conn = mysql.connect() cursor = conn.cursor() # adds user to db if cursor.execute('select (1) from users where email = %s limit 1', (email)): return render_template("alreadyused.html") else: # creates user cursor.execute('insert into users (email,zone) values (%s,%s)', (email,address)) # sends confirmation email token = key.dumps(email, salt='email-confirm-key') confirm_url = url_for('confirm_email',token=token,_external=True) subject = "Confirm Your Email" html = render_template('emailconfirm.html',confirm_url=confirm_url) send_email(email, subject, html) conn.commit() return render_template('confirmation.html') else: return json.dumps({'html':'<span>Enter the required fields</span>'}) except Exception as e: return json.dumps({'error2':str(e)}) finally: cursor.close() conn.close()
def signUp(): try: conn = mysql.connect() cursor = conn.cursor() # read the posted values from the UI address = request.form['inputAddress'] email = request.form['inputEmail'] # validate the received values if address and email: if "'" in email or '"' in email or "(" in email or " )" in email: raise Exception if ',' in email or ";" in email or "%" in email: raise Exception if '"' in address or "(" in address or " )" in address: raise Exception if "'" in address or ";" in address or "%" in address: raise Exception query = "SELECT * FROM users WHERE email=%s AND address=%s" cursor.execute(query, (email, address)) data = cursor.fetchall() if len(data) is 0: query = "INSERT INTO users (email, address) values (%s,%s)" cursor.execute(query, (email, address)) conn.commit() cursor.close() conn.close() if cursor.execute('select (1) from users where email = %s limit 1', (email)): return render_template("alreadyused.html") else: # creates user cursor.execute('insert into users (email,zone) values (%s,%s)', (email, address)) # sends confirmation email token = key.dumps(email, salt='email-confirm-key') confirm_url = url_for('confirm_email', token=token, _external=True) subject = "Confirm Your Email" html = render_template('emailconfirm.html', confirm_url=confirm_url) send_email(email, subject, html) return render_template('confirmation.html') else: cursor.close() conn.close() return json.dumps({'html': '<span>Enter the required fields</span>'}) except Exception as e: return json.dumps({'error2': str(e)})
def signUp(): try: conn = mysql.connect() cursor = conn.cursor() # read the posted values from the UI name = request.form['inputName'] email = request.form['inputEmail'] # validate the received values if name and email: if "'" in email or '"' in email or "(" in email or " )" in email: raise Exception if ',' in email or ";" in email or "%" in email: raise Exception if '"' in name or "(" in name or " )" in name: raise Exception if "'" in name or ";" in name or "%" in name: raise Exception # checks if user is already registered if cursor.execute('SELECT (1) FROM users WHERE email = %s LIMIT 1', (email)): return render_template("already-used.html") else: # sends confirmation email token = key.dumps(email, salt='email-confirm-key') confirm_url = url_for('confirm_email', token=token, _external=True) subject = "Confirm Your Email" html = render_template('email-confirm.html', confirm_url=confirm_url, confirm_name=name) send_email(email, subject, html) #creates user cursor.execute('INSERT INTO users (name,email) VALUES (%s,%s)', (name, email)) conn.commit() return render_template('confirmation.html') else: return json.dumps({'html': '<span>Enter the required fields</span>'}) cursor.close() conn.close() except Exception as e: print e if "not a valid RFC-5321 address" in str(e): return render_template('invalid.html') else: return json.dumps({'error1': str(e)})