def comment():
if session["csrf_token"] != request.form["csrf_token"]:
abort(403)
review_id = request.form["id"]
username = session["username"]
user_id = db.find_user_id(username)
writing = request.form["comment"]
db.insert_comment(review_id, user_id, writing)
page = "/review/" + str(review_id)
return redirect(page)
def send():
if session["csrf_token"] != request.form["csrf_token"]:
abort(403)
username = session["username"]
user_id = db.find_user_id(username)
name = request.form["name"]
if not name:
return redirect("/write")
name = name.strip()
type = request.form["type"]
year = request.form["year"]
language = request.form["language"]
review = request.form["review"]
score = request.form["score"]
db.insert_review(name, type, year, language, review, score, user_id)
return redirect("/")
def create_account():
username = request.form["username"]
password = request.form["password"]
password2 = request.form["password2"]
moderator = check_moderator()
user_id = db.find_user_id(username)
if user_id != None:
return render_template("create.html",
error="Username taken",
moderator=moderator)
if password != password2:
return render_template("create.html",
error="Passwords not identical",
moderator=moderator)
password = generate_password_hash(password2)
db.insert_user(username, password)
return redirect("/login")
def update_user(user_id: int,user: models.User):
db.update_user(user_id,user.title,user.first_name,user.last_name,user.email,user.phone)
updated_user = db.find_user_id(user_id)
return {"status": "updated","user":updated_user}
def get_user(user_id: int):
user = db.find_user_id(user_id)
return {"user":user}