@app.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
userName = request.form["userName"]
password = request.form["password"]
data = checkAdmin(userName, password)
global userCount
if data:
userCount+=1
session["username"] = userName
session['fullName'] = ""
session['admin'] = "admin"
return redirect('/')
data = checkUser(userName, password)
if data:
userCount += 1
session["username"] = userName
session['fullName'] = data[0][5]
return redirect('/')
else:
return render_template("login.html", error = "This user does not exist")
else:
print("in get")
return render_template("login.html")
def checkUser(username, passwd):
conn = sqlite3.connect("UserData.db")
cursor = conn.cursor()
selectQuery = f"SELECT * FROM registerData where userName =\"{username}\" AND password = \"{passwd }\""
cursor.execute(selectQuery)
data = cursor.fetchall()
conn.close()
return data
def checkAdmin(username, password):
conn = sqlite3.connect("UserData.db")
cursor = conn.cursor()
cursor.execute(f"SELECT * FROM adminUsers where username=\'{username}\' and password=\'{password}\'")
data = cursor.fetchall()
conn.close()
return data