def add_user():
conn = None
cursor = None
try:
_name = request.form['inputName']
_email = request.form['inputEmail']
_password = request.form['inputPassword']
#We arent actually using this
_check = request.form['inputCheck']
# validate the received values
if _name and _email and _password and _check and request.method == 'POST':
#do not save password as a plain text
#sike, we save plain text. We live on the edge of danger.
#_hashed_password = generate_password_hash(_password)
# save edits
sql = "INSERT INTO tbl_user(user_name, user_email, user_password) VALUES(%s, %s, %s)"
data = (_name, _email, _password)
conn = mysql.connect()
cursor = conn.cursor()
cursor.execute(sql, data)
conn.commit()
flash('User added successfully!')
return redirect('/')
else:
return 'Error while adding user'
except Exception as e:
print(e)
finally:
cursor.close()
conn.close()
def usuarios():
try:
conn = mysql.connect()
cursor = conn.cursor(pymysql.cursors.DictCursor)
cursor.execute("SELECT * FROM products")
rows = cursor.fetchall()
resp = jsonify(rows)
resp.status_code = 200
return resp
def users():
try:
conn = mysql.connect()
cursor = conn.cursor(pymysql.cursors.DictCursor)
cursor.execute("SELECT * FROM tbl_user")
rows = cursor.fetchall()
resp = jsonify(rows)
resp.status_code = 200
return resp
except Exception as e:
print(e)
finally:
cursor.close()
conn.close()
def delete_user(id):
conn = None
cursor = None
try:
conn = mysql.connect()
cursor = conn.cursor()
cursor.execute("DELETE FROM user WHERE user_id=%s", (id, ))
conn.commit()
flash('User deleted successfully!')
return redirect('/')
except Exception as e:
print(e)
finally:
cursor.close()
conn.close()
def users():
conn = None
cursor = None
try:
conn = mysql.connect()
cursor = conn.cursor(pymysql.cursors.DictCursor)
cursor.execute("SELECT * FROM user")
rows = cursor.fetchall()
table = Results(rows)
table.border = True
return render_template('users.html', table=table)
except Exception as e:
print(e)
finally:
cursor.close()
conn.close()
def get(self):
try:
parser = reqparse.RequestParser()
#here is where we add any parameters
parser.add_argument('Keyword', type=str, help='')
args = parser.parse_args()
P_Keyword = args['Keyword']
conn = mysql.connect()
cursor = conn.cursor()
cursor.callproc('spGetKeywords', (P_Keyword))
data = cursor.fetchall()
conn.commit()
#return the data
return data
except Exception as e:
return {'error': str(e)}
def user_login():
conn = None
cursor = None
try:
_email = request.form['inputEmail']
_password = request.form['inputPassword']
conn = mysql.connect()
cursor = conn.cursor(pymysql.cursors.DictCursor)
cursor.execute(
"SELECT * FROM user WHERE name=userName AND password=userPassword")
rows = cursor.fetchall()
if (len(rows) == 1):
flash('User Logged In Successfully')
return redirect('/')
else:
flash('Login Unsuccessful')
table = Results(rows)
table.border = True
return render_template('login.html', table=table)
except Exception as e:
print(e)
finally:
cursor.close()
conn.close()