def create_user(username, password, email, secret_question, secret_answer):
query = "INSERT INTO users (username, password, email, secret_question, secret_answer) VALUES (%s, %s, %s, %s, %s)"
hashed_password = password_utils.hash_password(password)
hashed_secret_answer = password_utils.hash_password(secret_answer)
values = (username, hashed_password, email, secret_question, hashed_secret_answer) # niz
mydb = get_DB_connection()
cursor = mydb.cursor()
try:
cursor.execute(query, values)
mydb.commit()
except:
return None
return cursor.lastrowid
def update_user_password(username, password):
hashed_password = password_utils.hash_password(password)
mydb = get_DB_connection()
cursor = mydb.cursor()
cursor.execute(
"""
UPDATE users SET password=%s WHERE username=%s
""", (hashed_password, username))
mydb.commit()
def change_user_password(username, new_password):
mydb = get_DB_connection()
cursor = mydb.cursor()
user = get_user_by_username(username)
hashed_password = password_utils.hash_password(new_password)
try:
cursor.execute("UPDATE users SET 'password'=%s WHERE username=%s" %
(hashed_password, username))
mydb.commit()
return True
except:
return False
def create_user(username, password, question_id):
query = "INSERT INTO users (username, password, question_id, role_id) VALUES (%s, %s, %s, %s)"
hashed_password = password_utils.hash_password(password)
values = (username, hashed_password, question_id, 1)
mydb = get_DB_connection()
cursor = mydb.cursor()
try:
cursor.execute(query, values)
mydb.commit()
except:
return None
return cursor.lastrowid
def change_user_password(name, password):
mydb = get_DB_connection()
cursor = mydb.cursor()
hashed_password = password_utils.hash_password(password)
query = "UPDATE users SET password=%s WHERE username=%s"
values = (hashed_password, name)
try:
cursor.execute(query, values)
mydb.commit()
return True
except:
return False