def register_page():
try:
form = RegistrationForm(request.form)
if request.method == "POST" and form.validate():
# Pull data from html form
username = form.username.data
email = form.email.data
# Immediately encrypt via sha256
password = sha256_crypt.encrypt((str(form.password.data)))
# Connect to database
cursor, conn = connection()
# Using cursor, select a username in database. inject_attk_check() protects against sql injection.
un_attempt = cursor.execute("SELECT * FROM users WHERE username = (%s)",
(inject_attk_check(username)))
# Check to see if username is taken by searching for username in db first.
# If returned value is longer than 0 then the username is already taken.
if len(int(un_attempt)) > 0:
# Call to flask.flash()
flash("That username is already taken, please try another")
render_template('register.html', form=form)
else:
cursor.execute("INSERT INTO users(username, password, email) VALUES (%s, %s, %s)",
inject_attk_check(username), inject_attk_check(password), inject_attk_check(email))
# Commit changes to database
conn.commit()
flash("Thanks for registering")
# Close cursor and connection
cursor.close()
conn.close()
# Garbage collect after closing database connections. This is to ensure we don't have any leaks.
gc.collect()
session["logged_in"] = True
session['username'] = username
return redirect(url_for('dashboard'))
return render_template("register.html", form=form)
# fix this after debugging
except Exception as e:
return str(e)
# Check to make sure we only run the web server when this file is run directly
评论列表
文章目录
