def xLoginInjection(): if 'login' in request.form: login = request.form['login'] pswd = request.form['pswd'] dbr = database.getCustomer(login, pswd) return render_template('xLoginInjection.html', dbr=dbr) else: return render_template('xLoginInjection.html')
def signup(): existingUserError = "" if request.method == "POST": email = request.form['email'] if database.getCustomer("email", email) != -1: existingUserError = "el usuario con email %s ya existe" % email return render_template('signup.html', title="Registro", error=existingUserError) else: user = request.form['user'] password = request.form['password'] card = request.form['card'] saldo = random.randint(0, 100) database.registerCustomer(user, password, email, card, saldo) userData = database.getCustomer("email", email) print('userdataaaa') print(userData) tdate = date.today().strftime("%d/%m/%Y") print('usuario almacenado') print(userData) order = database.newOrder(userData['customerid'], tdate) session['order'] = order print(session['carrito']) for k in session['carrito']: c = session['carrito'][k]['id'] p = session['carrito'][k]['id'] * c database.createOrderDetai(order['orderid'], session['carrito'][k]['id'], p, database, c) session['usuario'] = request.form['email'] session['carrito'] = {} session.modified = True return setcookie(user) return render_template('signup.html', title="Registro")
def login(): if request.method == "POST": user = request.form['user'] userData = database.getCustomer("email", user) print(userData) if userData != -1: print('usuario existe') password = request.form['pass'] if userData['password'] == password: print('iniciando sesion') session['usuario'] = user session.modified = True tdate = date.today().strftime("%d/%m/%Y") print('usuario almacenado') print(userData) order = database.newOrder(userData['customerid'], tdate) session['order'] = order print(order) print('sesionnnnnnnnnnnnnnnn') print(session['carrito']) for k in session['carrito']: c = session['carrito'][k]['cantidad'] product = database.getFilmData(session['carrito'][k]['id']) precio = product['precio'] * c database.createOrderDetai(order['orderid'], product['producto'], precio, c) session['carrito'] = {} return setcookie(user) else: errMessage = "contraseña incorrecta " return render_template('login.html', title="Iniciar sesión", error=errMessage) else: print('usuario no existe') nonExistingUserError = "el usuario %s no existe" % user return render_template('login.html', title="Iniciar sesión", error=nonExistingUserError) return render_template('login.html', title="Login", title_main="Iniciar sesión")