def update():
error = None
form = UpdateForm()
next = get_redirect_target()
next = retain_before_auth_page(next)
if request.method == 'POST':
if request.form['submit'] == 'cancel':
return redirect_back('index')
else:
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user:
# creates and sends the token which contains the secret keys
token = generate_confirmation_token(user.email)
confirm_update_url = url_for('confirm_password', token=token, _external=True)
update_notification(user, confirm_update_url)
flash('A confirmation email has been sent.', 'success')
return redirect_back('index')
else:
flash('Invalid username.', 'danger')
return render_template('update.html', form=form, error=error, next=next)
else:
flash('Invalid username.', 'danger')
return render_template('update.html', form=form, error=error, next=next)
else:
return render_template('update.html', form=form, error=error, next=next)
def update():
form = UpdateForm()
if form.validate_on_submit():
conn = sqlite3.connect('NBA.db')
c = conn.cursor()
#Update the player into the 'Player' table
#query = 'update into Player VALUES (' + "'" + form.team_name.data + "'," + "'" + form.player_ID.data + "'," + "'" + form.player_name.data + "'," + "'" + form.player_age.data + "'," + "'" + form.nationality.data + "'," + "'" + form.salary.data + "'," + "'" + form.position.data + "'" + ')' #Build the query
if form.team_name is not None:
query = 'update PLAYER set Team_Name = "' + form.team_name.data + '", Player_Age = "' + form.player_age.data + '" ,Position = "' + form.position.data + '"where Player_ID = ' + form.player_ID.data + ''
c.execute(query) #Execute the query
conn.commit() #Commit the changes
#if form.player_age is not None:
# query = 'update PLAYER set Player_Age = "' + form.player_age.data + '" where Player_ID = ' + form.player_ID.data + ''
# c.execute(query) #Execute the query
# conn.commit() #Commit the changes
#if form.position is not None:
# query = 'update PLAYER set Position = "' + form.position.data + '" where Player_ID = ' + form.player_ID.data + ''
# c.execute(query) #Execute the query
# conn.commit() #Commit the changes
flash(f'Update succeed for Player {form.player_ID.data}!', 'success')
return redirect(url_for('team'))
return render_template('update.html', title='update', form=form) #修改LOGIN
def user_profile_update(user_id):
form = UpdateForm()
cursor = g.db.execute('SELECT * FROM user WHERE id=? ', [user_id])
res = cursor.fetchone()
if res is None:
return jsonify({'code': 404}) # 没有改用户 404
if session['user_id'] == res[0]:
if request.method == 'POST' and form.validate_on_submit(): # 提交了form
name, password = request.form['username'], request.form['password']
real_name, tel = request.form["real_name"], request.form['tel']
if md5_user_psw(res[1], password) == res[2]: # 提交了form且密码正确
g.db.execute(
'UPDATE user SET username=?,pass_hash=?,real_name=?,tel=? WHERE id=?',
[
name,
md5_user_psw(name, password), real_name, tel, user_id
])
return redirect(
url_for('user_profile', user_id=session['user_id']))
else:
flash(message='password error')
return render_template('update.html',
title='Update',
form=form)
else: # 没有提交form
form.username.data = res[1]
form.real_name.data = res[3]
form.tel.data = res[4]
return render_template('update.html', title='Update', form=form)
# 不是本用户访问
return redirect(url_for('hello'))
def update_student(student_id):
form = UpdateForm()
student = Student.query.filter_by(student_id=student_id).first_or_404()
if form.validate_on_submit():
student.student_id = student_id,
student.first_name_en = form.first_name_en.data,
student.last_name_en = form.last_name_en.data,
student.first_name_kh = form.first_name_kh.data,
student.last_name_kh = form.last_name_kh.data,
student.gender = form.gender.data,
student.date_of_birth = form.date_of_birth.data,
student.phone = form.phone.data,
student.email = form.email.data,
student.address = form.address.data
db.session.commit()
flash('Your changes have been saved.', category='success')
return redirect(url_for('index', option='active'))
elif request.method == 'GET':
form.student_id.data = student.student_id
form.first_name_en.data = student.first_name_en
form.last_name_en.data = student.last_name_en
form.first_name_kh.data = student.first_name_kh
form.last_name_kh.data = student.last_name_kh
form.gender.data = student.gender
form.date_of_birth.data = student.date_of_birth
form.phone.data = student.phone
form.email.data = student.email
form.address.data = student.address
return render_template('update_student.html', form=form)
def updateinfo():
form = UpdateForm()
if form.validate_on_submit():
if form.picture.data:
picture_file = save_picture(form.picture.data)
current_user.image_file = picture_file
current_user.name = form.name.data
current_user.email = form.email.data
current_user.mobile = form.mobile.data
current_user.address = form.address.data
current_user.city = form.city.data
current_user.state = form.state.data
current_user.zip = form.zip.data
db.session.commit()
flash('Your Profile has been Updated!!', 'success')
return redirect(url_for('account'))
elif request.method == 'GET':
form.name.data = current_user.name
form.email.data = current_user.email
form.mobile.data = current_user.mobile
form.address.data = current_user.address
form.city.data = current_user.city
form.state.data = current_user.state
form.zip.data = current_user.zip
return render_template('updateinfo.html', form=form)
def profile():
form = UpdateForm()
image_file = url_for('static',
filename='images/' + current_user.image_file)
if form.validate_on_submit():
if form.password.data == form.retypePassword.data:
hashed_password = generate_password_hash(form.password.data,
method='sha256')
user = User.query.filter_by(id=current_user.id).first()
if request.method == 'POST' and form.image.data:
picture_file = save_picture(form.image.data)
user.image_file = picture_file
user.password = hashed_password
user.username = form.username.data
user.email = form.email.data
db.session.commit()
flash('successful update')
return redirect(url_for('dashboard'))
else:
flash('incorrect password')
form.username.data = current_user.username
form.email.data = current_user.email
return render_template('profile.html',
name=current_user.username,
form=form,
image_file=image_file)
def update(_id):
todo = TodoModel.find_by_id(_id)
form = UpdateForm(obj=todo)
if form.validate_on_submit():
todo.title = form.title.data
todo.remarks = form.remarks.data
todo.save_to_db()
return redirect(url_for('view.home'))
return render_template('update.html', form=form, todo=todo)
def podcast_update(podcast_id):
"""
Function that checks whether user is logged in. For logged in user it opens
page with a form that allows user to edit existing content to the database.
It searches collection podcasts in the detabase and displays pre-filled in form
with the content of a podcast found using value "ObjectId(podcast_id)" of a key "_id".
Used request.method == 'GET' following advice from
https://romain.dorgueil.net/wiki/python/wtforms and https://stackoverflow.com/a/23714791
to populate update form with existing in database details for the podcast that user
wants to amend.
For users that are not logged in it redirects to login page.
"""
if 'username' not in session:
flash(f'Oops... you need to be logged in to see this page.', 'danger')
return redirect(url_for('login'))
else:
update_form = UpdateForm()
picked_podcast = mongo.db.podcasts.find_one(
{'_id': ObjectId(podcast_id)})
if request.method == 'GET':
update_form.podcast_title.data = picked_podcast['podcast_title']
update_form.podcast_imgurl.data = picked_podcast['podcast_imgurl']
update_form.origin.data = picked_podcast['origin']
update_form.release_year.data = picked_podcast['release_year']
update_form.description.data = picked_podcast['description']
update_form.is_favourite.data = picked_podcast['is_favourite']
update_form.no_episodes.data = picked_podcast['no_episodes']
update_form.podcast_link.data = picked_podcast['podcast_link']
elif update_form.validate_on_submit():
mongo.db.podcasts.update_one({'_id': ObjectId(podcast_id)}, {
'$set': {
'podcast_title': update_form.podcast_title.data,
'podcast_imgurl': update_form.podcast_imgurl.data,
'origin': update_form.origin.data,
'release_year': update_form.release_year.data,
'description': update_form.description.data,
'is_favourite': update_form.is_favourite.data,
'no_episodes': update_form.no_episodes.data,
'podcast_link': update_form.podcast_link.data
}
})
flash(f'Podcast details updated sucessfully.', 'success')
return redirect(url_for('my_account'))
else:
flash(f'Error updating podcast. Please try again', 'danger')
return redirect(url_for('my_account'))
return render_template('pages/podcast-update.html',
form=update_form,
podcast=picked_podcast,
title='Update podcast details',
head='Edit Podcast')
def updatedb():
# form to send notifications and update db
form = UpdateForm()
form.room.choices = zip(all_rooms, all_rooms)
if form.validate_on_submit():
mongo.db.rooms.insert({'room': form.room.data,
'update': form.update.data,
'ts': datetime.datetime.now()})
flash('Message sent!')
return redirect(url_for('updatedb'))
return render_template('updatedb.html', form=form)
def submitUpdate():
form = UpdateForm()
if form.validate_on_submit():
updateDataBase(currency='{}'.format(form.currencyUpdate.data),
dataUpdate='{}'.format(form.dateUpdate.data),
highRate=form.highUpdate.data,
lowRate=form.lowUpdate.data)
return redirect(url_for('tables'))
return render_template('updateDB.html', form=form)
def account():
if not(session.get('user')):
return redirect(url_for('login'))
form=UpdateForm()
mycur.execute(f""" SELECT email FROM reg WHERE user= %s """,(session.get('user'),))
email=mycur.fetchone()[0]
if form.validate_on_submit():
result_user=False
if form.username.data != session.get('user'):
mycur.execute(f'SELECT * FROM reg WHERE user= %s ',(form.username.data,))
result_user=mycur.fetchone()
result_email=False
if form.email.data != email:
mycur.execute(f'SELECT * FROM reg WHERE email=%s ',(form.email.data,))
result_email=mycur.fetchone()
if not(result_user):
if not(result_email):
mycur.execute(""" UPDATE reg SET email = %s WHERE user = %s """,(form.email.data,session.get('user')))
db.commit()
mycur.execute(""" SET FOREIGN_KEY_CHECKS =0 """ )
mycur.execute(""" UPDATE reg SET user = %s WHERE user = %s """,(form.username.data,session.get('user')))
mycur.execute(""" UPDATE posts SET author = %s WHERE author = %s """,(form.username.data,session.get('user')))
mycur.execute(""" SET FOREIGN_KEY_CHECKS =1 """ )
db.commit()
session['user']=form.username.data
if form.dp.data:
mycur.execute(f""" SELECT image_file FROM reg WHERE user= %s """,(session.get('user'),))
image_file=mycur.fetchone()[0]
file_path=os.path.join(app.root_path,'static\profile_pics',image_file)
if (image_file != 'default.jpg'):
os.remove(file_path)
picture=save(form.dp.data)
mycur.execute(""" UPDATE reg SET image_file = %s where user = %s """,(picture,session.get('user')))
db.commit()
flash('changed Successfully','success')
else:
flash("Account with that email already exists!",'danger')
else:
flash("Username taken,try a diffrent one",'danger')
mycur.execute(f""" SELECT email,image_file FROM reg WHERE user= %s """,(session.get('user'),))
email,image_file=mycur.fetchone()
form.email.data=email
form.username.data=session.get('user')
profile_pic=url_for('static',filename='profile_pics/'+image_file)
return render_template('account.htm',email=email,form=form,current_address='/account',dp=profile_pic)
def account():
form = UpdateForm()
if request.method =='POST':
if request.form['delete']=='1':
delete_user(current_user.id)
logout_user()
return redirect(url_for('login_page'))
else:
if form.validate_on_submit():
update_user(form.username.data,form.mail.data,current_user.id)
flash(f'Updated Account: {form.username.data}, {form.mail.data}!', 'success')
return redirect(url_for('account'))
else:
flash(f'Failed to Update Account to {form.username.data}, {form.mail.data}!', 'danger')
return render_template("account.html", current_user= current_user, form = form)
def viewUpdates():
from tables import Update, User
form = UpdateForm()
if request.method == 'POST' and form.validate_on_submit():
updateContent = form.content.data
newUpdate = Update(content=updateContent,
contributorID=current_user.id)
db.session.add(newUpdate)
db.session.commit()
form.content.data = ''
return redirect(url_for('proj.viewUpdates'))
updates = Update.query.order_by(Update.dateCreated)
users = User.query.order_by(User.dateCreated)
return render_template('project/updates.html',
updates=updates,
updateForm=form,
users=users)
def club_info(clubname):
club = Club.query.filter_by(name=clubname).first()
form = UpdateForm()
if form.validate_on_submit():
if current_user.is_authenticated:
club.description = form.description.data
club.tags = form.tags.data
db.session.commit()
flash('Club Updated!', 'success')
return redirect(url_for('clubs'))
else:
flash('Login to update a club.', 'danger')
return render_template('club.html',
title="Club Info",
form=form,
club=club)
def profile():
"""Update profile for current user."""
form = UpdateForm(obj=g.user)
if form.validate_on_submit():
if (User.authenticate(g.user.username, form.password.data)):
if (form.email.data):
g.user.email = form.email.data
if (form.first_name.data):
g.user.first_name = form.first_name.data
if (form.last_name.data):
g.user.last_name = form.last_name.data
db.session.add(g.user)
db.session.commit()
return redirect(
url_for('view_user_detail', username=g.user.username))
else:
flash("Wrong password", "danger")
return redirect(url_for('homepage'))
return render_template('user/edit.html', form=form)
def update():
form=UpdateForm()
message=''
if form.validate_on_submit():
productid=form.productname.data
#stores productid(201) of the selected product(milk)
#milk is displayed in the dropdown but the value selected is its productid
shelfid=form.location.data #stores shelfid
quantity=form.quantity.data
error=addfunction(productid,shelfid,quantity)
if(error==0):
message='Successfully Added'
elif(error==1):
message="You already have this item in the refrigerator. Please try another item."
elif(error==2):
message="This item should be placed in another shelf with suitable temperature range. Please try another location."
return render_template('update.html',message=message,form=form)
return render_template('update.html',message=message, form=form)
def profile():
"""Update profile for current user."""
if not g.user:
flash('Access unauthorized.', 'danger')
return redirect('/')
form = UpdateForm(obj=g.user)
if form.validate_on_submit():
#Verify that it's the current user making edits
if bcrypt.check_password_hash(g.user.password, form.password.data):
g.user.bio = form.bio.data
g.user.image_url = form.image_url.data
g.user.header_image_url = form.header_image_url.data
g.user.email = form.email.data
g.user.location = form.location.data
db.session.commit()
return redirect(f'/users/{g.user.id}')
else:
flash('Incorrect password', 'danger')
return redirect('/')
else:
return render_template('users/edit.html', form=form)
def modify():
hae_teho_from_file()
form = UpdateForm()
reload_vars()
#if request.method == 'POST' and form.validate_on_submit():
if form.validate_on_submit():
if request.method == 'POST':
MYDICT["power"] = form.power.data
MYDICT["start"] = form.start.data
MYDICT["stop"] = form.stop.data
my_data = {
"power": MYDICT["power"],
"start": MYDICT["start"],
"stop": MYDICT["stop"]
}
with open(MYDICT["varfile"], 'w') as f:
json.dump(my_data, f, indent=4)
f.close()
flash('Parameters has been updated', 'success')
return redirect(url_for('home'))
else:
flash('Failed to update variables.json file', 'danger')
return redirect(url_for('home'))
message = "Nykyiset arvot:"
stop = MYDICT["stop"] + 1
templateData = {
'message': message,
'power': MYDICT["power"],
'start': MYDICT["start"],
'stop': stop
}
return render_template('modify.html',
title='Modify',
form=form,
teho=MYDICT["teho"],
**templateData)
def update(type, id):
form = UpdateForm()
file_path = os.path.join(current_app.root_path, 'static/documents')
if type == 'applicant':
student = Applicant.query.get_or_404(id)
if request.method == 'POST':
if form.validate_on_submit():
student.name = form.name.data
student.email = form.email.data
student.birthday = form.birthday.data
student.phone = form.phone.data
student.address = form.address.data
student.city = form.city.data
student.country = form.country.data
student.program = form.program.data
db.session.commit()
flash('The applicant information has been updated.', 'success')
return redirect(url_for('main.applicant'))
if type == 'student':
student = Student.query.get_or_404(id)
if request.method == 'POST':
if form.validate_on_submit():
if form.profile.data:
profile_pic = save_picture(form.profile.data)
student.image = profile_pic
user = User.query.get(student.user_id)
user.name = form.name.data
user.email = form.email.data
student.name = form.name.data
student.email = form.email.data
student.birthday = form.birthday.data
student.phone = form.phone.data
student.address = form.address.data
student.city = form.city.data
student.country = form.country.data
student.program = form.program.data
db.session.commit()
flash('The student information has been updated.', 'success')
if current_user.type == 'admin':
return redirect(
url_for('main.profile',
type=type,
id=student.studentid))
return redirect(
url_for('main.profile', type=type, id=current_user.id))
if type == 'admin':
adminform = AdminUpdateForm()
admin = Admin.query.get_or_404(id)
if request.method == 'POST':
print('admin again')
if adminform.validate_on_submit():
print('admin again and again')
if adminform.profile.data:
profile_pic = save_picture(adminform.profile.data)
admin.image = profile_pic
user = User.query.get(admin.user_id)
user.username = adminform.username.data
user.email = adminform.email.data
admin.username = adminform.username.data
admin.email = adminform.email.data
admin.school = adminform.school.data
db.session.commit()
flash('The student information has been updated.', 'success')
return redirect(url_for('main.profile', type=type, id=id))
adminform.username.data = admin.username
adminform.email.data = admin.email
adminform.school.data = admin.school
return render_template('update.html',
form=adminform,
id=id,
type=type,
file_path=file_path,
admin=admin)
form.name.data = student.name
if type != 'applicant':
form.profile.data = student.image
form.email.data = student.email
form.birthday.data = student.birthday
form.phone.data = student.phone
form.address.data = student.address
form.city.data = student.city
form.country.data = student.country
form.program.data = student.program
return render_template('update.html',
form=form,
id=id,
type=type,
file_path=file_path,
student=student)
