import MySQLdb as mdbfrom bottle import FormsDictfrom hashlib import md5

1. import MySQLdb as mdb
2. from bottle import FormsDict
3. from hashlib import md5
4.  
5. # connection to database project2
6. def connect():
7. """makes a connection to MySQL database.
8. @return a mysqldb connection
9. """
10.  
11. #TODO: fill out function parameters
12.  
13. return mdb.connect(host="localhost",
14. user="bbernie2",
15. passwd="af340b80631c26fd94d436592eb8e392e7e93fa8aac2074cfa4b4456456583b2",
16. db="project2");
17.  
18. def createUser(username, password):
19. """ creates a row in table named user
20. @param username: username of user
21. @param password: password of user
22. """
23.  
24. db_rw = connect()
25. cur = db_rw.cursor()
26. #TODO: Implement a prepared statement using cur.execute() so that this query creates a row in table user
27. sql = ('INSERT INTO `users` (username, password, passwordhash) VALUES (%s, %s, %s)')
28. passwordhash = md5(password).digest()
29. cur.execute(sql, (username, password, passwordhash))
30. db_rw.commit()
31.  
32. def validateUser(username, password):
33. """ validates if username,password pair provided by user is correct or not
34. @param username: username of user
35. @param password: password of user
36. @return True if validation was successful, False otherwise.
37. """
38.  
39. db_rw = connect()
40. cur = db_rw.cursor()
41. #TODO: Implement a prepared statement using cur.execute() so that this query selects a row from table user
42. sql = ('SELECT password from `users` WHERE username=%s')
43. cur.execute(sql, (username))
44. if cur.rowcount < 1:
45. return False
46. for (database_password) in cur:
47. database_password = database_password[0]
48. if database_password != password:
49. return False
50. return True
51.  
52. def fetchUser(username):
53. """ checks if there exists given username in table users or not
54. if user exists return (id, username) pair
55. if user does not exist return None
56. @param username: the username of a user
57. @return The row which has username is equal to provided input
58. """
59.  
60. db_rw = connect()
61. cur = db_rw.cursor(mdb.cursors.DictCursor)
62. #TODO: Implement a prepared statement so that this query selects a id and username of the row which has column username = username
63. sql = ('SELECT id, username FROM `users` where username=%s')
64. cur.execute(sql, (username))
65. if cur.rowcount < 1:
66. return None
67. return FormsDict(cur.fetchone())
68.  
69. def addHistory(user_id, query):
70. """ adds a query from user with id=user_id into table named history
71. @param user_id: integer id of user
72. @param query: the query user has given as input
73. """
74.  
75. db_rw = connect()
76. cur = db_rw.cursor()
77. #TODO: Implement a prepared statment using cur.execute() so that this query inserts a row in table history
78. sql = ('INSERT INTO `history` (user_id, query) VALUES (%s, %s)')
79. cur.execute(sql, (user_id, query))
80. db_rw.commit()
81.  
82. #grabs last 15 queries made by user with id=user_id from table named history
83. def getHistory(user_id):
84. """ grabs last 15 distinct queries made by user with id=user_id from
85. table named history
86. @param user_id: integer id of user
87. @return a first column of a row which MUST be query
88. """
89.  
90. db_rw = connect()
91. cur = db_rw.cursor()
92. #sql = ('SELECT query FROM (SELECT id, query FROM `history` WHERE user_id=%s ORDER BY id DESC LIMIT 15) AS main')
93. sql = ('SELECT query FROM (SELECT id, query FROM `history` WHERE user_id=%s ORDER BY id DESC LIMIT 15) AS main')
94. cur.execute(sql, (user_id))
95. #TODO: Implement a prepared statement using cur.execute() so that this query selects 15 distinct queries from table history
96. rows = cur.fetchall();
97. return [row[0] for row in rows]