my app.py code

1. from flask import Flask, session, redirect, url_for, escape, request, render_template
2. from hashlib import md5
3. import MySQLdb
4. from MySQLdb import escape_string as thwart
5. import gc
6. app = Flask(__name__)
7.  
8. #######################
9. # DATABASE CONFIG #
10. #######################
11.  
12. conn = MySQLdb.connect(host="localhost",
13. user="root",
14. passwd="jccofficial",
15. db="test")
16. cur = conn.cursor()
17.  
18. @app.route('/')
19. def home():
20. return render_template('index.html')
21.  
22. @app.route('/about/')
23. def about():
24. return render_template('about.html')
25.  
26. @app.route('/contact/')
27. def contact():
28. return render_template('contact.html')
29.  
30. @app.route('/hire/')
31. def hire():
32. return render_template('hire.html')
33.  
34. @app.route('/admin/')
35. def dash():
36. if 'username' in session:
37. username_session = escape(session['username']).capitalize()
38. return render_template('dashboard.html', session_user_name=username_session)
39. return redirect(url_for('login'))
40.  
41. @app.route('/register/submit', methods=["GET", "POST"])
42. def register_page():
43.  
44. try:
45. return render_template('register.html')
46. if request.method == "POST":
47. username = request.form['username']
48. print(username)
49. email = request.form['email']
50. print(email)
51. password = request.form['password']
52. print(password)
53.  
54.  
55. x = cur.execute("SELECT * FROM users WHERE username = (%s)",
56. (username))
57.  
58. if int(x) > 0:
59. flash("That username is already taken, please choose another")
60. return render_template('register.html', form=form)
61.  
62. else:
63. cur.execute("INSERT INTO users (username,email,password,)VALUES (%s,%s,%s)", (username, email, password))
64.  
65.  
66. conn.commit()
67. flash("Thanks for registering!")
68. cur.close()
69. #conn.close()
70.  
71.  
72. session['logged_in'] = True
73. session['username'] = username
74.  
75. return redirect(url_for('dashboard'))
76.  
77. return render_template("register.html", form=form)
78. #flash('idiot')
79.  
80. except Exception as e:
81. return(str(e))
82.  
83.  
84.  
85.  
86.  
87. @app.route('/login/', methods=["GET", "POST"])
88. def login():
89. error = None
90. if 'username' in session:
91. return redirect(url_for('dashboard.html'))
92. if request.method == 'POST':
93. username_form = request.form['username']
94. password_form = request.form['password']
95. cur.execute("SELECT COUNT(1) FROM users WHERE username = %s;", [username_form]) # CHECKS IF USERNAME EXSIST
96. if cur.fetchone()[0]:
97. cur.execute("SELECT password FROM users WHERE username = %s;", [username_form]) # FETCH THE HASHED PASSWORD
98. for row in cur.fetchall():
99. if md5(password_form).hexdigest() == row[0]:
100. session['username'] = request.form['username']
101. return redirect(url_for('dashboard.html'))
102. else:
103. error = "Invalid Credential"
104. else:
105. error = "Invalid Credential"
106. return render_template('login.html', error=error)
107.  
108. @app.route('/logout/')
109. def logout():
110. session.pop('username', None)
111. return redirect(url_for('index'))
112.  
113. app.secret_key = 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT'
114.  
115. if __name__ == '__main__':
116. app.run(debug=True)