/
demo.py
56 lines (47 loc) · 1.77 KB
/
demo.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
from flask import Flask, render_template, request, url_for, redirect, session
import sqlite3 as lite
app = Flask(__name__)
app.secret_key = 'minhdang241'
@app.route('/')
def home():
result, show_order, order_history, username, password = session.get('result'), session.get('show_order', False), session.get('order_history', []), session.get('username', ''), session.get('password', '')
return render_template('demo.html', result=result, show_order=show_order, order_history=enumerate(order_history), username=username, password=password)
@app.route('/logout', methods=['GET'])
def logout():
session.clear()
return redirect(url_for('home'))
@app.route('/login', methods=['POST'])
def login():
username = request.form.get('username')
password = request.form.get('password')
con = lite.connect('user.db')
with con:
cur = con.cursor()
query = f"SELECT * FROM USER WHERE username='{username}' AND password='{password}'"
print(query)
cur.executescript(query)
try:
cur.execute(query)
except:
print("Multiple queries are executed!")
user = cur.fetchall()
print(user)
result = False
show_order=False
order_history = []
if len(user) > 0:
result=True
show_order=True
con = lite.connect('user.db')
with con:
cur = con.cursor()
query = f"SELECT * FROM ORDER_HISTORY WHERE username='{username}'"
print(query)
cur.execute(query)
order_history = cur.fetchall()
session['result'] = result
session['show_order'] = show_order
session['order_history'] = order_history
session['username'] = username
session['password'] = password
return redirect(url_for('home'))