def profile():
# must be signed in
if 'user_id' not in session:
return redirect(url_for('signin'))
profile = ProfileForm()
if request.method == "GET":
# get user data
qry = db.session.execute("""
select
user_id,
first_name,
last_name,
email,
SUBSTR(username,2) as username,
create_ts
from users
where
user_id = :user
""", {'user': int(session['user_id'])})
user = qry.first()
# profile form
profile.first_name.default = user.first_name
profile.last_name.default = user.last_name
profile.email.default = user.email
profile.username.default = user.username
profile.create_ts.default = user.create_ts
profile.process()
return render_template('users/profile.html', form=profile)
elif request.method == "POST":
if profile.validate() == False:
return render_template('users/profile.html', form=profile)
else:
User.query.filter_by(user_id=int(session['user_id'])).update(
dict(
first_name = profile.first_name.data,
last_name = profile.last_name.data,
email = profile.email.data,
username = '******' + profile.username.data
)
)
db.session.commit()
return redirect(url_for('index'))
