Added fetchone Option to database.fetch
This commit is contained in:
@@ -25,7 +25,28 @@ def get_session(request):
|
||||
return sessioninfo[0] + (sessionid,)
|
||||
|
||||
def check_pw(uid, password):
|
||||
pass
|
||||
userquery = database.fetch("SELECT uid, password FROM user WHERE username=?", [username])
|
||||
|
||||
# STOP TIMING ATTACKS
|
||||
time.sleep(secrets.randbelow(100)/50)
|
||||
|
||||
if len(userquery) == 0:
|
||||
return render_template("auth/login.html",
|
||||
response=f"Der Nutzername >{username} oder das Passwort ist falsch.",
|
||||
username=username)
|
||||
|
||||
uidquery = userquery[0][0]
|
||||
passquery = userquery[0][1]
|
||||
|
||||
passform = str(request.form['pass'])
|
||||
passform = passform.encode("utf8")
|
||||
passcorrect = bcrypt.checkpw(passform, passquery)
|
||||
|
||||
if not passcorrect:
|
||||
return render_template("auth/login.html",
|
||||
response=f"Der Nutzername {username} oder das >Passwort ist falsch.",
|
||||
username=username)
|
||||
|
||||
|
||||
@app.route("/auth/headerbar")
|
||||
def headerbar():
|
||||
|
||||
+6
-2
@@ -9,12 +9,16 @@ def execute(query, data):
|
||||
connection.commit()
|
||||
connection.close()
|
||||
|
||||
def fetch(query, data):
|
||||
def fetch(query, data, many=True):
|
||||
connection = sqlite3.connect("kver.db")
|
||||
cursor = connection.cursor()
|
||||
|
||||
result = cursor.execute(query, data)
|
||||
result = result.fetchall()
|
||||
|
||||
if many:
|
||||
result = result.fetchall()
|
||||
else:
|
||||
result = result.fetchone()
|
||||
|
||||
connection.close()
|
||||
|
||||
|
||||
Reference in New Issue
Block a user