Try   HackMD
from blade import Blade

def main(args):
    Blade.of() \
        .get("/login", lambda ctx: ctx.render("login.html")) \
        .get("/logout", lambda ctx: (
            ctx.session().remove("login_user"),
            ctx.redirect("/login")
        )) \
        .post("/login", lambda ctx: (
            username = ctx.formParam("username"),
            ctx.text(username + "登入成功")
        )) \
        .get("/transfer", transfer) \
        .post("/transfer", transfer) \
        .start(Application, args)

def transfer(ctx):
    username = ctx.session().attribute("login_user")
    if username == None:
        print("用戶未登入!")
        ctx.text("登入後操作!")
        return
    toUser = ctx.formParam("to_user")
    money = ctx.formParamToInt("money")
    msg = username + "給[" + toUser + "] 轉帳" + str(money) + "元成功"
    print(msg)
    ctx.text(msg)

if __name__ == "__main__":
    main(None)


from flask import Flask, request, session, redirect,render_template

app = Flask(__name__)
@app.route('/login')
def login():
    return render_template('login.html')

@app.route('/logout')
def logout():
    session.pop('login_user', None)
    return redirect('/login')

@app.route('/login', methods=['POST'])
def login_post():
    username = request.form.get('username')
    return username + '登入成功'

@app.route('/transfer', methods=['GET', 'POST'])
def transfer():
    username = session.get('login_user')
    if username is None:
        print('用戶未登入!')
        return '登入後操作!'
    
    to_user = request.form.get('to_user')
    money = int(request.form.get('money'))
    msg = f'{username}給[{to_user}] 轉帳{money}元成功'
    print(msg)
    return msg

if __name__ == '__main__':
    app.run()

login.html

程式碼 
<!DOCTYPE html>
<html>
<head>
    <title>Login</title>
</head>
<body>
    <h1>Login</h1>
    <form action="/login" method="POST">
        <label for="username">Username:</label>
        <input type="text" id="username" name="username" required><br><br>
        
        <label for="password">Password:</label>
        <input type="password" id="password" name="password" required><br><br>
        
        <input type="submit" value="Login">
    </form>
</body>
</html>

xss
反射型
儲存型
long tipe

<!DOCTYPE html>
<html>
<head>
    <title>Login</title>
</head>
<body>
    <h1>Login</h1>
    <form action="/login" method="POST">
        <label for="username">Username:</label>
        <input type="text" id="username" name="username" required><br><br>
        
        <label for="password">Password:</label>
        <input type="password" id="password" name="password" required><br><br>
        
        <input type="submit" value="Login">
    </form>
</body>
</html>

https://www.kjnotes.com/devtools/54

from flask import Flask, request, session, redirect,render_template
import pymysql
connect_db = pymysql.connect('localhost', port=5000, user='root', passwd='', charset='utf8', db='pydb')
with connect_db.cursor() as cursor:
    sql = """
    CREATE TABLE IF NOT EXISTS Member(
        ID int NOT NULL AUTO_INCREMENT PRIMARY KEY,
        Name varchar(20),
        Height int(6),
        Weight int(6)
    );
    """
    
    # 執行 SQL 指令
    cursor.execute(sql)
    
    # 提交至 SQL
    connect_db.commit()

# 關閉 SQL 連線
connect_db.close()
app = Flask(__name__)
@app.route('/login')
def login():
    return render_template('login.html')

@app.route('/logout')
def logout():
    session.pop('login_user', None)
    return redirect('/login')

@app.route('/login', methods=['POST'])
def login_post():
    username = request.form.get('username')
    return username + '登入成功'

@app.route('/transfer', methods=['GET', 'POST'])
def transfer():
    username = session.get('login_user')
    if username is None:
        print('用戶未登入!')
        return '登入後操作!'
    
    to_user = request.form.get('to_user')
    money = int(request.form.get('money'))
    msg = f'{username}給[{to_user}] 轉帳{money}元成功'
    print(msg)
    return msg

if __name__ == '__main__':
    app.run()


from flask import Flask, request, session, redirect, render_template
import pymysql

app = Flask(__name__)

app.secret_key = "your_secret_key_here"  # Add a secret key for session management

def connect_to_db():
    return pymysql.connect(host='localhost', port=3306, user='root', passwd='', charset='utf8', db='pydb')

def create_member_table():
    with connect_to_db().cursor() as cursor:
        sql = """
        CREATE TABLE IF NOT EXISTS Member(
            ID int NOT NULL AUTO_INCREMENT PRIMARY KEY,
            Name varchar(20),
            Height int,
            Weight int
        );
        """
        cursor.execute(sql)

@app.route('/login')
def login():
    return render_template('login.html')

@app.route('/logout')
def logout():
    session.pop('login_user', None)
    return redirect('/login')

@app.route('/login', methods=['POST'])
def login_post():
    username = request.form.get('username')
    # You might want to add session management logic here
    return f"{username} logged in successfully"

@app.route('/transfer', methods=['GET', 'POST'])
def transfer():
    username = session.get('login_user')
    if username is None:
        print('User not logged in!')
        return 'Operation requires login!'
    
    to_user = request.form.get('to_user')
    money = int(request.form.get('money'))
    msg = f'{username} transferred {money} yuan to [{to_user}] successfully'
    print(msg)
    return msg

if __name__ == '__main__':
    create_member_table()  # Create the table before running the app
    app.run()
Last changed by 
littlecoderrr
競程廢物. ig:eric_950922
0
153

Read more

3分計畫

[ ]

Jun 25, 2024

#include<iostream> using namespace std; int f(int stepp){ if(stepp==1){ return 1; } else if(stepp==2){ return 2; } else if(stepp==3){

May 10, 2024
日本

8:15 → 9:0247分 410円 乗換数 0回

Apr 21, 2024
程式學習資源

https://hackmd.io/@LittlePants/Hyw_rueGK (新手村)

Dec 31, 2023
Read more from littlecoderrr
Published on HackMD