def comment(): if session["csrf_token"] != request.form["csrf_token"]: abort(403) review_id = request.form["id"] username = session["username"] user_id = db.find_user_id(username) writing = request.form["comment"] db.insert_comment(review_id, user_id, writing) page = "/review/" + str(review_id) return redirect(page)
def send(): if session["csrf_token"] != request.form["csrf_token"]: abort(403) username = session["username"] user_id = db.find_user_id(username) name = request.form["name"] if not name: return redirect("/write") name = name.strip() type = request.form["type"] year = request.form["year"] language = request.form["language"] review = request.form["review"] score = request.form["score"] db.insert_review(name, type, year, language, review, score, user_id) return redirect("/")
def create_account(): username = request.form["username"] password = request.form["password"] password2 = request.form["password2"] moderator = check_moderator() user_id = db.find_user_id(username) if user_id != None: return render_template("create.html", error="Username taken", moderator=moderator) if password != password2: return render_template("create.html", error="Passwords not identical", moderator=moderator) password = generate_password_hash(password2) db.insert_user(username, password) return redirect("/login")
def update_user(user_id: int,user: models.User): db.update_user(user_id,user.title,user.first_name,user.last_name,user.email,user.phone) updated_user = db.find_user_id(user_id) return {"status": "updated","user":updated_user}
def get_user(user_id: int): user = db.find_user_id(user_id) return {"user":user}