我正在我的烧瓶应用程序中创建一个更改密码表单。我问一个安全问题(用户在注册时提出的问题)。我让用户将答案输入到html表单中。然后我试图将用户输入与存储在数据库中的答案进行比较。
我收到此错误:
400错误请求浏览器(或代理)发送了此服务器无法理解的请求。
我一直在查看类似的主题并且他们都说要确保输入标记中的名称拼写与request.form ['']中的名称拼写相同。
我很感激有关从哪里开始的任何建议。我几天来一直在努力解决这个问题。
这是我的python代码:
@app.route('/contchangepassword/' , methods=["GET","POST"])
def cont_change_password():
if request.method == "POST":
c, conn = connection()
user_id = session['the_id'] #this is the users id
question = session['question'] #this is the question the user made and it was retreived from the database
attempted_password = request.form['answer'] #this is getting the input from the html form
x = c.execute("""SELECT * FROM user_secuirty WHERE id = (%s)""", [user_id])
#this is seeing if the user exists. if the user exists then this message will be flashed
if int(x) == 0:
flash ("user does not exists")
return render_template('contchangepassword.html',question = question)
else:
#getting the answer from the database
c.execute("""SELECT answer FROM user_secuirty WHERE id = (%s)""", [user_id])
password = c.fetchone()[0]
#this is comparing both passwords (the password in the database was hashed)
if sha256_crypt.verify(attempted_password, password):
session['secuirty_correct'] = True
session['user_id'] = user_id
return render_template('contchangepassword.html', question=question)
else:
flash("Incorrect password to security question.")
return render_template('contchangepassword.html', question=question)
c.close()
conn.close()
gc.collect()
return render_template('contchangepassword.html', question=question)
这是我的HTML:
<form class="form-signin" method="post">
<h1 class="form-signin-heading">Answer Your Security Question</h1>
<p style="text-align:center;font-size:16px;font-weight:800;">{{question}}?</p>
<label for="secuirty_answer" class="sr-only">secuirty_answer</label>
<input type="text" name="answer" class="form-control" placeholder="Place Answer Here" required>
<button class="btn btn-lg btn-primary btn-block" style="margin-bottom:5px;" value="Login" type="submit">Continue</button>
</form>