def account_resume():
username=session['user']['username']
if request.method == 'GET':
user=db.select_one("SELECT * FROM T_User WHERE username=%s",(username,))
return render_template('account/resume.html',user=user)
else:
file = request.files['photo']
if file:
filename = uploader.save_image_file(file)
db.execute("UPDATE T_User SET position=%s,grade=%s,resume=%s,photo=%s WHERE username=%s",\
(request.form['position'],request.form['grade'],request.form['resume'],filename,username))
else:
db.execute("UPDATE T_User SET position=%s,grade=%s,resume=%s WHERE username=%s",\
(request.form['position'],request.form['grade'],request.form['resume'],username))
return redirect(url_for('account_index'))
def user_edit(username):
if request.method == 'GET':
user = db.select_one("SELECT * FROM T_User WHERE username=%s;",[username])
return render_template('user/edit.html',user=user)
else:
file = request.files['photo']
if file:
filename = uploader.save_image_file(file)
db.execute("UPDATE T_User SET auth_expense_approve=%s,state=%s,rank=%s,name=%s,email=%s,email_public=%s,\
position=%s,grade=%s,resume=%s,photo=%s WHERE username=%s",\
(('auth_expense_approve' in request.form),('state' in request.form),request.form['rank'],\
request.form['name'],request.form['email'],request.form['email_public'],\
request.form['position'],request.form['grade'],request.form['resume'],filename,username))
else:
db.execute("UPDATE T_User SET auth_expense_approve=%s,state=%s,rank=%s,name=%s,email=%s,email_public=%s,\
position=%s,grade=%s,resume=%s WHERE username=%s",\
(('auth_expense_approve' in request.form),('state' in request.form),request.form['rank'],\
request.form['name'],request.form['email'],request.form['email_public'],\
request.form['position'],request.form['grade'],request.form['resume'],username))
return redirect(url_for('user_index'))
