def update_user(user_id): curr_user = User.query.get_or_404(user_id) if current_user.id != curr_user.id: flash("Access unauthorized.", "danger") return redirect("/login") form = UpdateUserForm() if form.validate_on_submit(): user = User.authenticate(form.username.data, form.password.data) if user: try: curr_user.avatar_url = form.avatar_url.data or curr_user.avatar_url curr_user.email = form.email.data or curr_user.email if form.new_password.data: hashed_pass = bcrypt.generate_password_hash( form.new_password.data).decode('UTF-8') curr_user.password = hashed_pass or curr_user.password db.session.add(curr_user) db.session.commit() flash("Your account was updated successfully!", "success") return redirect(f'/my-lists/{curr_user.id}') except IntegrityError: db.session.rollback() flash("Email is associated with another account", 'danger') else: flash("Invalid credentials.", 'danger') return render_template('update-user.html', form=form)
def change_user(user_id): changed_user = User.query.get_or_404(user_id) form = UpdateUserForm() if form.validate_on_submit(): changed_user.username = form.username.data changed_user.group_id = form.group.data.id changed_user.group = form.group.data.name db.session.commit() flash('User updated successfully', 'success') return redirect(url_for('users.user_page')) elif request.method == "GET": form.username.data = changed_user.username form.group.data = changed_user.group_id return render_template('chage_user.html', form=form, title=title)
def update_user(): username = current_user.get_id() user = User.query.filter_by(username=username) form = UpdateUserForm(obj=user.first()) if form.validate_on_submit(): existing_user = User.query.filter_by(email=form.email.data).first() if form.email.data != user.first().email and existing_user: return abort(401, description="Email already registered") else: data = { "first_name": form.first_name.data, "last_name": form.last_name.data, "dob": form.dob.data, "mobile": form.mobile.data, "city": form.city.data, "country": form.country.data } fields = user_schema.load(data, partial=True) user.update(fields) db.session.commit() flash("Account updated!") return redirect(url_for("web_users.get_user")) return render_template("user_update.html", form=form, user=user) # @web_users.route("/account/delete", methods=["POST"]) # @login_required # def delete_user(): # form = DeleteButton() # if form.submit.data: # username = current_user.get_id() # user = User.query.filter_by(username=username) # profiles = Profile.query.filter_by(user_id=user.user_id) # for profile in profiles: # while len(profile.unrecommend) > 0: # for item in profile.unrecommend: # profile.unrecommend.remove(item) # db.session.commit() # db.session.delete(user) # db.session.commit() # logout_user() # flash("Account deleted") # return redirect(url_for("web_users.web_users_login")) # return redirect(url_for("web_users.get_user"))
def profile(): """Update profile for current user.""" user = g.user form = UpdateUserForm(username=user.username, email=user.email, bio=user.bio) if form.validate_on_submit(): if User.authenticate(user.username, form.password.data): update_user_with_form_data(user, form) db.session.commit() else: flash('Could not authenticate - please try again.', 'danger') return redirect(f'users/{user.id}') return render_template('users/edit.html', form=form, user=user)
def change_user(user_id): changed_user = get_filtered_by_id_users(user_id)[0] changed_name = changed_user[1] form = UpdateUserForm() if form.validate_on_submit(): changed_user.name = changed_name changed_user.email = form.email.data changed_user.phone = form.phone.data changed_user.mobile_phone = form.mobile_phone.data changed_user.status = form.status.data flash('User updated successfully', 'success') elif request.method == "GET": form.name.data = changed_user[1] form.email.data = changed_user[2] form.phone.data = changed_user[3] form.mobile_phone.data = changed_user[4] form.status.data = changed_user[5] form.courses.choices = [(course[0], course[1]) for course in get_all_courses()] return render_template('chage_user.html', form=form, title=title)
def update_user(): user_id = current_user.get_id() user = User.query.filter_by(user_id=user_id) form = UpdateUserForm(obj=user.first()) if form.validate_on_submit(): existing_user = User.query.filter_by(email=form.email.data).first() if form.email.data != user.first().email and existing_user: return abort(401, description="Email already registered") else: data = { "email": form.email.data, "subscription_status": form.subscription_status.data } fields = user_schema.load(data, partial=True) user.update(fields) db.session.commit() flash("Account updated!") return redirect(url_for("web_users.get_user")) return render_template("user_update.html", form=form, user=user)
def profile(): """Update profile for current user.""" if not g.user: flash("Must be logged in to do that", "danger") return redirect("/login") user = g.user form = UpdateUserForm(obj=user) if form.validate_on_submit(): if User.authenticate(user.username, form.password.data): user.username = form.username.data user.email = form.email.data user.image_url = form.image_url.data user.header_image_url = form.header_image_url.data user.bio = form.bio.data db.session.commit() return redirect(f"/users/{user.id}") flash("Incorrect Password", "danger") return render_template("users/edit.html", form=form, user=user) else: return render_template("users/edit.html", form=form, user=user)
def edit_profile(id): """Update profile for current user.""" user = User.query.get_or_404(g.user.id) form = UpdateUserForm(obj=user) if not g.user: flash("Access unauthorized.", "danger") return redirect("/") if form.validate_on_submit(): user.username = form.username.data user.email = form.email.data user.image_url = form.image_url.data user.header_image_url = form.header_image_url.data user.location = form.location.data user.bio = form.bio.data db.session.commit() return redirect(f"/users/{id}") else: return render_template("users/edit.html", user=user, form=form)
def profile(): """Update profile for current user.""" user = g.user form = UpdateUserForm(obj=user) if form.validate_on_submit(): if User.authenticate(user.username, form.password.data): user.username = form.username.data user.email = form.email.data user.image_url = form.image_url.data or "/static/images/default-pic.png" user.header_image_url = form.header_image_url.data or "/static/images/warbler-hero.jpg" user.bio = form.bio.data user.location = form.location.data db.session.commit() return redirect(f"/users/{user.id}") flash("Incorrect password. Try again", 'danger') return render_template('users/edit.html', form=form)
def update(): if 'logged_in' in session: form = UpdateUserForm() current_user = getUser() if request.method == 'GET': # fill in form with information in database form.first_name.data = current_user.firstName form.last_name.data = current_user.lastName form.username.data = current_user.username form.email.data = current_user.email form.addr_street.data = current_user.addr_street form.addr_city.data = current_user.addr_city form.addr_state.data = current_user.addr_state form.addr_zip.data = current_user.addr_zip elif request.method == 'POST': if form.validate_on_submit(): currentUsername = session['username'] firstName = form.first_name.data lastName = form.last_name.data username = form.username.data email = form.email.data addr_street = form.addr_street.data addr_city = form.addr_city.data addr_state = form.addr_state.data addr_zip = form.addr_zip.data cursor = conn.cursor() update = 'UPDATE user SET fName=%s, lName=%s, username=%s, email=%s, \ addr_street=%s, addr_city=%s, addr_state=%s, addr_zip=%s WHERE username=%s' cursor.execute(update, (firstName, lastName, username, email, addr_street, addr_city, addr_state, addr_zip, currentUsername)) session['username'] = username conn.commit() cursor.close() flash('Your account has been successfully updated!', 'success') return redirect(url_for('update')) else: flash('Please check the errors below.', 'danger') return render_template('edit.html', title='Edit Account', form=form, current_user=current_user, isLoggedin=True) else: return redirect(url_for('home'))
def admin(): form = AddUserForm(prefix="form") formUpdate = UpdateUserForm(prefix="formUpdate", idUser='******') u = Users.query.order_by(Users.id).all() formDelete = DeleteUserForm(prefix="formDelete") if form.validate_on_submit() and form.submit.data: a.createUser(session['author_id'], session['session_id'], form.login.data, form.email.data, form.password.data, form.admin.data) elif request.method == 'POST' and form.validate() == False and not formUpdate.submit.data and not formDelete.submit.data: flash("Error during the user creation!") if formUpdate.validate_on_submit() and formUpdate.submit.data: if formUpdate.idUser.data == '0': formUpdate.idUser.data = session['author_id'] a.updatePassword(session['author_id'], session['session_id'], int(formUpdate.idUser.data), formUpdate.oldPassword.data, formUpdate.password.data) if formDelete.validate_on_submit() and formDelete.submit.data: a.getUserByName(session['author_id'], session['session_id'], formDelete.name.data) time.sleep(1) u = Users.query.filter_by(name = formDelete.name.data).all() if not u: flash("User not found or the server don't send the user information!") else: u = u[0] print formDelete.password.data a.delUser(session['author_id'], session['session_id'], u.id, formDelete.password.data) return render_template('admin.html', form=form, formUpdate=formUpdate,u = u, formDelete=formDelete)
def profile(): form = UpdateUserForm() if form.validate_on_submit(): username = request.form['username'] email = request.form['email'] firstname = request.form['firstname'] lastname = request.form['lastname'] about = request.form['about'] telephone = request.form['telephone'] street = request.form['street'] city = request.form['city'] country = request.form['country'] cur = mysql.connection.cursor() cur.execute( "Update User set username=%s, email=%s, firstname=%s,lastname=%s, about=%s, telephone=%s,street=%s,city=%s,country=%s where username=%s ", ( username, email, firstname, lastname, about, telephone, street, city, country, session['username'], )) mysql.connection.commit() cur.close() session['loggedin'] = True session['username'] = request.form['username'] session['email'] = request.form['email'] flash(f' {username} Account successfully updated', 'success') return redirect(url_for('profile')) elif request.method == 'GET': pass curl = mysql.connection.cursor(MySQLdb.cursors.DictCursor) curl.execute("SELECT * FROM User WHERE username=%s", (session['username'], )) data = curl.fetchone() curl.close() default_image = os.path.join(app.config['UPLOAD_FOLDER'], 'default-picture.png') cur = mysql.connection.cursor() cur.callproc("GETPROFILE_PICTURE_BY_USERNAME", [session['username']]) user_profile_pic = cur.fetchone() cur.close() print(user_profile_pic) return render_template("profile.html", title='Profile', default=default_image, form=form, pro_info=data, user_profile_pic=user_profile_pic)