def profile():
if not flask.g.user:
return flask.redirect(
'/') # so we dont get stuck in infinite loop when signing out
form = forms.ProfileForm(flask.request.form)
if flask.request.method == 'POST' and form.validate():
user = flask.g.user
new_email = form.email.data
new_password = form.new_password.data
if new_email:
user.email = form.email.data
if new_password:
if form.current_password.data != user.password_hash:
flask.flash(
flask.Markup(
'<strong>Password change failed!</strong> Incorrect password.'
), 'danger')
return flask.redirect('/profile')
user.password_hash = form.new_password.data
db.session.add(user)
db.session.commit()
flask.g.user = user
flask.session['user_id'] = user.id
return flask.render_template('profile.html', form=form)
def profile():
if not flask.g.user:
# so we don't get stuck in infinite loop when signing out
return flask.redirect(flask.url_for('main.home'))
form = forms.ProfileForm(flask.request.form)
if flask.request.method == 'POST':
if form.authorized_submit and form.validate():
user = flask.g.user
new_email = form.email.data.strip()
new_password = form.new_password.data
if new_email:
if form.current_password.data != user.password_hash:
flask.flash(
flask.Markup(
'<strong>Email change failed!</strong> Incorrect password.'
), 'danger')
return flask.redirect('/profile')
user.email = form.email.data
flask.flash(
flask.Markup(
'<strong>Email successfully changed!</strong>'),
'success')
if new_password:
if form.current_password.data != user.password_hash:
flask.flash(
flask.Markup(
'<strong>Password change failed!</strong> Incorrect password.'
), 'danger')
return flask.redirect('/profile')
user.password_hash = form.new_password.data
flask.flash(
flask.Markup(
'<strong>Password successfully changed!</strong>'),
'success')
db.session.add(user)
db.session.commit()
flask.g.user = user
return flask.redirect('/profile')
elif form.submit_settings:
user = flask.g.user
if user.preferences is None:
preferences = models.UserPreferences(user.id)
db.session.add(preferences)
db.session.commit()
user.preferences.hide_comments = form.hide_comments.data
flask.flash(
flask.Markup(
'<strong>Preferences successfully changed!</strong>'),
'success')
db.session.add(user)
db.session.commit()
flask.g.user = user
return flask.redirect('/profile')
return flask.render_template('profile.html', form=form)
def profile():
if not flask.g.user:
return flask.redirect(
'/') # so we dont get stuck in infinite loop when signing out
form = forms.ProfileForm(flask.request.form)
level = 'Regular'
if flask.g.user.is_admin:
level = 'Moderator'
if flask.g.user.is_superadmin: # check this second because we can be admin AND superadmin
level = 'Administrator'
elif flask.g.user.is_trusted:
level = 'Trusted'
if flask.request.method == 'POST' and form.validate():
user = flask.g.user
new_email = form.email.data.strip()
new_password = form.new_password.data
if new_email:
# enforce password check on email change too
if form.current_password.data != user.password_hash:
flask.flash(
flask.Markup(
'<strong>Email change failed!</strong> Incorrect password.'
), 'danger')
return flask.redirect('/profile')
user.email = form.email.data
flask.flash(
flask.Markup('<strong>Email successfully changed!</strong>'),
'success')
if new_password:
if form.current_password.data != user.password_hash:
flask.flash(
flask.Markup(
'<strong>Password change failed!</strong> Incorrect password.'
), 'danger')
return flask.redirect('/profile')
user.password_hash = form.new_password.data
flask.flash(
flask.Markup(
'<strong>Password successfully changed!</strong>'),
'success')
db.session.add(user)
db.session.commit()
flask.g.user = user
return flask.redirect('/profile')
_user = models.User.by_id(flask.g.user.id)
username = _user.username
current_email = _user.email
return flask.render_template('profile.html',
form=form,
name=username,
email=current_email,
level=level)
def profile():
if not flask.g.user:
# so we don't get stuck in infinite loop when signing out
return flask.redirect(flask.url_for('main.home'))
form = forms.ProfileForm(flask.request.form)
if flask.request.method == 'POST' and form.validate():
user = flask.g.user
new_email = form.email.data.strip()
new_password = form.new_password.data
if new_email:
# enforce password check on email change too
if form.current_password.data != user.password_hash:
flask.flash(
flask.Markup(
'<strong>Email change failed!</strong> Incorrect password.'
), 'danger')
return flask.redirect('/profile')
user.email = form.email.data
flask.flash(
flask.Markup('<strong>Email successfully changed!</strong>'),
'success')
if new_password:
if form.current_password.data != user.password_hash:
flask.flash(
flask.Markup(
'<strong>Password change failed!</strong> Incorrect password.'
), 'danger')
return flask.redirect('/profile')
user.password_hash = form.new_password.data
flask.flash(
flask.Markup(
'<strong>Password successfully changed!</strong>'),
'success')
db.session.add(user)
db.session.commit()
flask.g.user = user
return flask.redirect('/profile')
return flask.render_template('profile.html', form=form)
