1

i am trying this code for logging in account which has database in psql, but for some reason i am only able to render the error page, and no success page

username= request.form.get("uname")
password = request.form.get("psw")


usernamedata= db.execute("SELECT username FROM register WHERE username=:username",{"username":username}).fetchone()
passworddata= db.execute("SELECT password FROM register WHERE username=:username",{"username":username}).fetchone()
if usernamedata is None:
    return render_template("error.html")
else:
    for pass_word in passworddata:
        if True:
            return redirect(url_for('lsuccess'))

        else:
            return render_template("error.html")

the uname and psw are the username and password taken from the form.

Improve this question
10
  • are you receiving any error message? Why are you looping through passworddata btw? Commented Jun 19, 2020 at 16:42
  • no i am not receiving any error message, this code is being executed, its just that only the error.html file is being rendered and not the lsuccess.html. and i am looping over password data to check if the password is right for the specific user Commented Jun 19, 2020 at 17:05
  • Note you are not rendering a page, you are redirecting to a url.. In your views.py make sure the function that handles this url is actually rendering a page. Commented Jun 19, 2020 at 17:15
  • i am sorry i am not catching up with what you are try to say :/ Commented Jun 19, 2020 at 17:33
  • Haha.. Sorry, my bad, I had django in mind.. Check the route of lsuccess and make sure to render a template Commented Jun 19, 2020 at 18:03

3 Answers 3

Reset to default
1

Your form submits request to lsuccess which just renders a success page without querying user details.

Copy the query to another route (POST request only is preferably) in total you will have 3 routes.

  1. Login route that renders the login page.
  2. Check route that the form sends data to, to validate the user and either returns the error page or the success page.
  3. The success page that gets rendered if the user is validated.

Final code should look like:

@app.route("/login", methods=['GET','POST'])
def login():
    return render_template("login.html") 

@app.route('/validate', methods=['POST'])
def validate():
    uname= request.form.get("uname")
    psw = request.form.get("psw")
    usernamedata= db.execute("SELECT username FROM register WHERE username=:username",{"username":username}).fetchone()
    passworddata= db.execute("SELECT password FROM register WHERE username=:username",{"username":username}).fetchone()
    if usernamedata is None:
        return render_template("error.html")
    else:
        return redirect(url_for('lsuccess'))

@app.route("/lsuccess", methods=['GET','POST'])
def lsuccess():
    return render_template("lsuccess.html")

Finally, change your form's action attribute to action=/validate

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

i copied the same code, but now error page is coming even when password adn username is correct. i just had to change the route('/validate', methods=['get','post']. because it was giving me an error as method not allowed.
About the form giving you an error concerning method not allowed, change your form's method attribute to POST..... And this code will ONLY render ERROR page IF usernamedata is None..... After querying usernamedata, try printing it out in to the command line and see the result...
thank you so much, i did how you told an now its working properly. thank you again. now just the thing is when my username is correct an password is wrong its still rendering success. can you tell me the code to do so...
in the if statement where you checked usernamedata is None, check if psw is equal to passworddata that will solve the issue, cause right now, you are only checking for the username.
I'm glad I could help.. Happy coding :D
0 
from flask import Flask, url_for, render_template, redirect
app = Flask(__name__)

@app.route('/')
def hello_world():
    ...
    ...
            #Don't know why you added an if Statement here
            if True:
                # 'lsuccess' is the name of your route function you are redirecting to
                return redirect(url_for('lsuccess'))

            #this statement is never reachable
            else:
                return render_template("error.html")

#You NEED A ROUTE FUNCTION named lsuccess, in this function, `render a template`
@app.route('/success')
def lsuccess():
    return render_template('your_success.html')

if True won't have any effect on your code, since the condition will always be True and the else block will never run.

The if usernamedata is None condition is enough condition to make sure the user exists.

In the else statement, passworddata returns just one value e.g "password", using a for loop will iterate through each character e.g p, a and so on.

Remove the for loop, remove the if True and then remove the else block.

Final code should look like:

from flask import Flask, url_for, render_template, redirect
app = Flask(__name__)

@app.route('/')
def hello_world():
    username = request.form.get("uname")
    password = request.form.get("psw")

    usernamedata = db.execute("SELECT username FROM register WHERE username=:username",
                              {"username": username}).fetchone()
    passworddata = db.execute("SELECT password FROM register WHERE username=:username",
                              {"username": username}).fetchone()
    if usernamedata is None:
        return render_template("error.html")
    else:
        return redirect(url_for('lsuccess'))

@app.route('/success')
def lsuccess():
    return render_template('your_success.html')
Improve this answer

2 Comments

when i made it like this only the success page is being rendered now, even the password and username is incorrect. and i added that if statment to use the else:
i got the same result after editing, i have posted my code below, i don't understand why this is not working now.
0 
@app.route("/login", methods=['GET','POST'])
def login():
    return render_template("login.html")
    uname= request.form.get("uname")
    psw = request.form.get("psw")

    usernamedata= db.execute("SELECT username FROM register WHERE username=:username",{"username":username}).fetchone()
    passworddata= db.execute("SELECT password FROM register WHERE username=:username",{"username":username}).fetchone()
    if usernamedata is None:
        return render_template("error.html")
    else:
        return redirect(url_for('lsuccess'))
    @app.route("/lsuccess",methods=['GET','POST'])
    def lsuccess():
        return render_template("lsuccess.html")

this is what my code looks like now exactly how you told, but still its rendering the success page only. this time

Improve this answer

10 Comments

Yes.. It's rendering success cause the username was found.
its rendering success even when the username and password are not present in database. error page is not being rendered
Try printing usernamedata and check what it returns.
{% extends "layout.html" %} {% block body %} <h1>sucessfully loggedin</h1> <a href="{{ url_for('page') }}"> go ahead</a> {{usernamedata}} {% endblock %} this is my lsuccess code, but it isnt printing anything, return redirect(url_for('lsuccess',usernamedata=usernamedata)) in my application.py added like this
You have to pass a variable to your view if you want to use the variable.. url_for('lsucces', variable=usernamedata
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.