diff --git a/shop.py b/shop.py
index e02125c..39b963d 100644
--- a/shop.py
+++ b/shop.py
@@ -71,7 +71,7 @@ def unGetItem(rowID):
def get_users(username=None):
if username == None:
#return all users
- query = "select username, admin from USERS"
+ query = "select username, admin, id from USERS"
return runQuery(query)
query = f"select username, admin from USERS where username like '{username}'"
return runQuery(query)
@@ -82,6 +82,10 @@ def add_user(userData):
query = f"insert into USERS (username, password, admin) values ('{username}', md5('{password}'), False)"
runQuery(query)
+def update_pass(user_id, newpass):
+ query = f"update USERS set password=md5('{newpass}') where id={user_id}"
+ runQuery(query)
+
app = Flask(__name__)
app.config["DEBUG"] = True
app.secret_key = b'*$#@U9423jr92jioJKL_)_;dasfj()12'
@@ -134,6 +138,12 @@ def handle_data():
add_user(userData)
return redirect(url_for("admin"))
+ if "newpass" in request.form:
+ user_id = request.form['updatepass']
+ newpass = request.form['newpass']
+ update_pass(user_id, newpass)
+ return redirect(url_for("admin"))
+
if "logout" in request.form:
session.clear()
return redirect(url_for('index'))
diff --git a/templates/admin.html b/templates/admin.html
index 0538cc8..404893e 100644
--- a/templates/admin.html
+++ b/templates/admin.html
@@ -8,7 +8,7 @@
| Username |
Admin |
- Change Password |
+ Change Password |
@@ -16,7 +16,7 @@
| {{x[0]}} |
{% if x[1] == 1 %} Yes {% else %} No {% endif %} |
- Implement later |
+ |
{% endfor %}
diff --git a/templates/list.html b/templates/list.html
index abc93ec..b66b94e 100644
--- a/templates/list.html
+++ b/templates/list.html
@@ -21,8 +21,10 @@
{% endif %}
|