def editUser(id):
form = EditUserForm(request.form)
user = User.query.get_or_404(id)
if request.method == "GET":
form.name.data = user.name
form.lastname.data = user.lastname
form.rank.data = user.rank
if request.method == "POST" and form.validate():
user.name = form.name.data
user.lastname = form.lastname.data
user.rank = form.rank.data
db.session.commit()
return redirect(url_for("users"))
return render_template("edit_user.html", form=form)
def users_update(user_id):
found_user = User.query.get_or_404(user_id)
form = EditUserForm(request.form)
if form.validate():
if User.authenticate(found_user.username, form.password.data):
found_user.username = form.username.data
found_user.email = form.email.data
found_user.image_url = form.image_url.data or "/static/images/default-pic.png"
found_user.bio = form.bio.data
found_user.location = form.location.data
found_user.header_image_url = form.header_image_url.data
db.session.add(found_user)
db.session.commit()
return redirect(url_for('users_show', user_id=user_id))
flash({
'text': "Wrong password, please try again.",
'status': 'danger'
})
return render_template('users/edit.html', form=form, user_id=found_user.id)