Added fetchone Option to database.fetch

This commit is contained in:
2025-12-20 03:45:42 +01:00
parent 37c3c8dac8
commit a180fa6a74
2 changed files with 28 additions and 3 deletions
+22 -1
View File
@@ -25,7 +25,28 @@ def get_session(request):
return sessioninfo[0] + (sessionid,)
def check_pw(uid, password):
pass
userquery = database.fetch("SELECT uid, password FROM user WHERE username=?", [username])
# STOP TIMING ATTACKS
time.sleep(secrets.randbelow(100)/50)
if len(userquery) == 0:
return render_template("auth/login.html",
response=f"Der Nutzername >{username} oder das Passwort ist falsch.",
username=username)
uidquery = userquery[0][0]
passquery = userquery[0][1]
passform = str(request.form['pass'])
passform = passform.encode("utf8")
passcorrect = bcrypt.checkpw(passform, passquery)
if not passcorrect:
return render_template("auth/login.html",
response=f"Der Nutzername {username} oder das >Passwort ist falsch.",
username=username)
@app.route("/auth/headerbar")
def headerbar():
+6 -2
View File
@@ -9,12 +9,16 @@ def execute(query, data):
connection.commit()
connection.close()
def fetch(query, data):
def fetch(query, data, many=True):
connection = sqlite3.connect("kver.db")
cursor = connection.cursor()
result = cursor.execute(query, data)
result = result.fetchall()
if many:
result = result.fetchall()
else:
result = result.fetchone()
connection.close()