python - 如何使用 FLASK、Python、MySQLdb 将我的登录页面重定向到主页
问题描述
我正在使用的代码如下。我想知道如何将我的登录页面重定向到主页。我已经尝试了很多事情,比如在 mysql 中重新创建我的数据库,一次又一次地重写代码,但是当我输入正确的登录详细信息时,页面仍然返回到登录页面并且没有像它应该那样重定向到主页.
from flask import Flask, render_template, request, redirect, url_for, session
from flask_mysqldb import MySQL
import MySQLdb.cursors
import re
app=Flask(__name__)
app.config['MYSQL_HOST'] = 'remotemysql.com'
app.config['MYSQL_USER'] = '7CNYamZi6G'
app.config['MYSQL_PASSWORD'] = 'QgKp7RwBhr'
app.config['MYSQL_DB'] = '7CNYamZi6G'
mysql = MySQL(app)
@app.route("/")
def main():
return render_template('index.html')
@app.route('/adm_login', methods=['GET', 'POST'])
def adm_login():
msg = ''
if request.method == 'POST' and 'adm_user' in request.form and 'adm_pass' in request.form:
adm_user = request.form['adm_user']
adm_pass = request.form['adm_pass']
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM user_mgmt WHERE adm_user = %s AND adm_pass = %s', (adm_user, adm_pass))
account = cursor.fetchone()
if account:
session['loggedin'] = True
session['id'] = account['adm_id']
session['username'] = account['adm_user']
return 'Logged in successfully!'
else:
msg = 'Incorrect username/password!'
return render_template('adm_login.html', msg=msg)
@app.route('/home')
def home():
if 'loggedin' in session:
return render_template('home.html', username=session['username'])
return redirect(url_for('adm_login'))
@app.route('/profile')
def profile():
if 'loggedin' in session:
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM 7CNYamZi6G.user_mgmt WHERE adm_id = %s', [session['id']])
account = cursor.fetchone()
return render_template('profile.html', account=account)
return redirect(url_for('adm_login'))
@app.route('/admin_show', methods=['GET', 'POST'])
def admin_show():
show = ''
if request.method == 'POST' and 'from_date' in request.form and 'through_date' in request.form:
from_date = request.form['from_date']
through_date = request.form['through_date']
cur = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM ach_mgmt WHERE Date_Ach BETWEEN %s AND %s', (from_date, through_date))
show = cursor.fetchall()
return render_template('admin_show.html', show=show)
@app.route('/delete/<string:track_id>', methods = ['GET'])
def delete(track_id):
flash("Record Has Been Deleted Successfully")
cur = mysql.connection.cursor()
cur.execute("DELETE FROM ach_mgmt WHERE id=%s", (track_id,))
mysql.connection.commit()
return redirect(url_for('admin_show'))
@app.route('/update/<string:track_id>',methods=['POST','GET'])
def update(track_id):
if request.method == 'POST':
track_id = request.form['track_id']
Field_Ach = request.form['Field_Ach']
Name_Ach = request.form['Name_Ach']
Level_Ach = request.form['Level_Ach']
Position_Ach = request.form['Position_Ach']
Date_Ach = request.form['Date_Ach']
Remarks = request.form['Remarks']
cur = mysql.connection.cursor()
cur.execute("UPDATE ach_mgmt SET Field_Ach=%s, Name_Ach=%s, Level_Ach=%s, Position_Ach=%s, Date__Ach=%s, Remarks=%s WHERE track_id=%s", (Field_Ach, Name_Ach, Level_Ach, Position_Ach, Date_Ach, Remarks, track_id))
flash("Data Updated Successfully")
mysql.connection.commit()
return redirect(url_for('admin_show'))
@app.route('/logout')
def logout():
session.pop('loggedin', None)
session.pop('id', None)
session.pop('username', None)
return render_template('index.html')
if __name__ == "__main__":
app.run()
解决方案
而不是使用return 'Logged in successfully!'
.adm_login
return redirect(url_for('home'))
我希望您不要在生产中的某个地方使用它,因为您的代码容易受到 SQL 注入的影响。
推荐阅读
- python - 消费者生产者多线程问题
- angular - 等待 Observable 在 Observable 内完成
- python - 2017 GCSE 卡片技巧:“从空列表中弹出”IndexError
- ms-access - 2010 Access vba如何将Excel中的displaygridlines设置为false?
- ios - swift头文件找不到'CNContactPickerDelegate'的协议声明
- vim - 输入时是否可以自动使 Vim 垂直居中?
- r - 根据另一个单元格的内容将 R 数据框中的数据从一个单元格复制到另一个单元格
- angular - Angular2 和 Highcharts 地图 - 地图气泡未显示
- mongodb - 更改后的火花持久文档
- django - 扩展 django UserCreationForm