Added change password

HarshShah1997 · HarshShah1997 · commit efeb978970aa · 2016-08-16T11:59:12.000+05:30
diff --git a/database.db b/database.db
diff --git a/main.py b/main.py
@@ -130,6 +130,35 @@ def editProfile():
     conn.close()
     return render_template("editProfile.html", profileData=profileData, loggedIn=loggedIn, firstName=firstName, noOfItems=noOfItems)
 
+@app.route("/account/profile/changePassword", methods=["GET", "POST"])
+def changePassword():
+    if 'email' not in session:
+        return redirect(url_for('loginForm'))
+    if request.method == "POST":
+        oldPassword = request.form['oldpassword']
+        oldPassword = hashlib.md5(oldPassword.encode()).hexdigest()
+        newPassword = request.form['newpassword']
+        newPassword = hashlib.md5(newPassword.encode()).hexdigest()
+        with sqlite3.connect('database.db') as conn:
+            cur = conn.cursor()
+            cur.execute("SELECT userId, password FROM users WHERE email = '" + session['email'] + "'")
+            userId, password = cur.fetchone()
+            if (password == oldPassword):
+                try:
+                    cur.execute("UPDATE users SET password = ? WHERE userId = ?", (newPassword, userId))
+                    conn.commit()
+                    msg="Success"
+                except:
+                    conn.rollback()
+                    msg = "Failure"
+                return msg
+            else:
+                msg = "Wrong password"
+        conn.close()
+        return msg
+    else:
+        return render_template("changePassword.html")
+
 @app.route("/updateProfile", methods=["GET", "POST"])
 def updateProfile():
     if request.method == 'POST':
diff --git a/templates/changePassword.html b/templates/changePassword.html
@@ -0,0 +1,16 @@
+<html>
+<head>
+<title>Change Password</title>
+<script src={{ url_for('static', filename='js/changePassword.js') }}></script>
+</head>
+<body>
+<form action={{ url_for('changePassword') }} method="POST">
+	<p>Old Password: <input type="password" name="oldpassword"></p>
+	<p>New Password: <input type="password" name="newpassword"></p>
+	<p>Confirm Password: <input type="password" name="cpassword"></p>
+	<input type="submit" value="Save">
+</form>
+</body>
+</html>
+
+
diff --git a/templates/profileHome.html b/templates/profileHome.html
@@ -39,8 +39,8 @@
 </div>
 
 <div class="display">
-	<a href="/account/profile/view">View Profile</a>
-	<a href="/account/profile/edit">Edit Profile</a>
+	<a href="/account/profile/view">View Profile</a><br>
+	<a href="/account/profile/edit">Edit Profile</a><br>
 	<a href="/account/profile/changePassword">Change password</a>
 </div>
 </body>
