def xLoginInjection():
if 'login' in request.form:
login = request.form['login']
pswd = request.form['pswd']
dbr = database.getCustomer(login, pswd)
return render_template('xLoginInjection.html', dbr=dbr)
else:
return render_template('xLoginInjection.html')
def signup():
existingUserError = ""
if request.method == "POST":
email = request.form['email']
if database.getCustomer("email", email) != -1:
existingUserError = "el usuario con email %s ya existe" % email
return render_template('signup.html',
title="Registro",
error=existingUserError)
else:
user = request.form['user']
password = request.form['password']
card = request.form['card']
saldo = random.randint(0, 100)
database.registerCustomer(user, password, email, card, saldo)
userData = database.getCustomer("email", email)
print('userdataaaa')
print(userData)
tdate = date.today().strftime("%d/%m/%Y")
print('usuario almacenado')
print(userData)
order = database.newOrder(userData['customerid'], tdate)
session['order'] = order
print(session['carrito'])
for k in session['carrito']:
c = session['carrito'][k]['id']
p = session['carrito'][k]['id'] * c
database.createOrderDetai(order['orderid'],
session['carrito'][k]['id'], p,
database, c)
session['usuario'] = request.form['email']
session['carrito'] = {}
session.modified = True
return setcookie(user)
return render_template('signup.html', title="Registro")
def login():
if request.method == "POST":
user = request.form['user']
userData = database.getCustomer("email", user)
print(userData)
if userData != -1:
print('usuario existe')
password = request.form['pass']
if userData['password'] == password:
print('iniciando sesion')
session['usuario'] = user
session.modified = True
tdate = date.today().strftime("%d/%m/%Y")
print('usuario almacenado')
print(userData)
order = database.newOrder(userData['customerid'], tdate)
session['order'] = order
print(order)
print('sesionnnnnnnnnnnnnnnn')
print(session['carrito'])
for k in session['carrito']:
c = session['carrito'][k]['cantidad']
product = database.getFilmData(session['carrito'][k]['id'])
precio = product['precio'] * c
database.createOrderDetai(order['orderid'],
product['producto'], precio, c)
session['carrito'] = {}
return setcookie(user)
else:
errMessage = "contraseña incorrecta "
return render_template('login.html',
title="Iniciar sesión",
error=errMessage)
else:
print('usuario no existe')
nonExistingUserError = "el usuario %s no existe" % user
return render_template('login.html',
title="Iniciar sesión",
error=nonExistingUserError)
return render_template('login.html',
title="Login",
title_main="Iniciar sesión")
