def login(): if logged_in(): return redirect(url_for('users')) # posts get shown if request.method == "POST": conn = db_handler.create_connection() cur = conn.cursor() password = request.form['password'] username = request.form['username'] cur.execute('SELECT password FROM User WHERE username=?', (username, )) pw_hash = cur.fetchone() if not pw_hash: flash('username or password is incorrect, please try again', 'danger') return redirect(url_for('login')) else: pw_hash = pw_hash[0] if bcrypt.check_password_hash(pw_hash, password): session['logged_in'] = True session['username'] = username # loggs in and members get shown return redirect(url_for('users')) else: flash('username or password is incorrect, please try again', 'danger') return redirect(url_for('login')) return render_template('login.html')
def get_posts(): try: conn = db_handler.create_connection() cur = conn.cursor() cur.execute('SELECT * FROM Post') return cur.fetchall() except sqlite3.Error as e: print(e)
def get_user(username): conn = db_handler.create_connection() cur = conn.cursor() cur.execute('SELECT id FROM User WHERE username=?', (username, )) user_id = cur.fetchone()[0] cur.execute('SELECT * FROM Post WHERE author_id=?', (user_id, )) posts = cur.fetchall() user_with_posts = {'username': username, 'posts': posts} return user_with_posts
def is_username_available(username): try: conn = db_handler.create_connection() cur = conn.cursor() cur.execute('SELECT id FROM User WHERE username=?', (username, )) user_id = cur.fetchone() # if user_id: # return False # else: # return True return not user_id except sqlite3.Error as e: print(e)
def add_user(username, password): try: conn = db_handler.create_connection() cur = conn.cursor() cur.execute('INSERT INTO User(username, password) VALUES (?,?)', (username, password)) conn.commit() conn.close() dbUsers = get_users() # update the users variable except sqlite3.Error as e: print(e)
def new_post(): if logged_in(): if request.method == 'POST': username = session['username'] conn = db_handler.create_connection() cur = conn.cursor() cur.execute('SELECT id FROM User WHERE username=?', (username, )) user_id = cur.fetchone()[0] title = request.form['title'] content = request.form['content'] cur.execute( 'INSERT INTO Post(title, content, author_id) VALUES(?,?,?)', (title, content, user_id)) conn.commit() conn.close() return redirect(url_for('users', username=session['username'])) return render_template('new_post.html') return redirect(url_for('login'))