def profile(username): username = username.lower() preparedQuery = 'SELECT * FROM Users WHERE username=?;' user = safe_query(preparedQuery, (username,), one=True) edit = False form = ProfileForm() if username == current_user.username: if form.validate_on_submit(): preparedQuery = 'UPDATE Users ' \ 'SET education=?, employment=?, music=?, movie=?, nationality=?, birthday=? ' \ 'WHERE id=?;' data = (form.education.data, form.employment.data, form.music.data, form.movie.data, form.nationality.data, form.birthday.data, current_user.id) safe_query(preparedQuery, data) return redirect(url_for('profile', username=username)) elif form.is_submitted(): edit = True if user['education'] != 'Unknown': form.education.data = user['education'] if user['nationality'] != 'Unknown': form.nationality.data = user['nationality'] if user['music'] != 'Unknown': form.music.data = user['music'] if user['movie'] != 'Unknown': form.movie.data = user['movie'] if user['employment'] != 'Unknown': form.employment.data = user['employment'] if user['birthday'] != 'Unknown': form.birthday.data = datetime.strptime(user['birthday'], '%Y-%m-%d') return render_template('profile.html', title='Profile', user=user, form=form, edit=edit)
def profile(username): form = ProfileForm() if form.is_submitted(): query_db( 'UPDATE Users SET education="{}", employment="{}", music="{}", movie="{}", nationality="{}", birthday=\'{}\' WHERE username="******" ;' .format(form.education.data, form.employment.data, form.music.data, form.movie.data, form.nationality.data, form.birthday.data, username)) return redirect(url_for('profile', username=username)) user = query_db( 'SELECT * FROM Users WHERE username="******";'.format(username), one=True) return render_template('profile.html', title='profile', username=username, user=user, form=form)
def profile(username): user = query_db('SELECT * FROM Users WHERE username="******";'.format( session.get('username')), one=True) if user == None: flash('You are not logged in') return redirect(url_for('index')) elif user['password'] == session.get('password'): form = ProfileForm() if form.is_submitted(): user = query_db( 'SELECT * FROM Users WHERE username="******";'.format(username), one=True) if user == None: flash( 'you are not logged in. Every error shouldnt happen, but this error really extra shouldnt happen' ) return redirect(url_for('index')) elif user['password'] == session.get('password'): query_db( 'UPDATE Users SET education="{}", employment="{}", music="{}", movie="{}", nationality="{}", birthday=\'{}\' WHERE username="******" ;' .format(form.education.data, form.employment.data, form.music.data, form.movie.data, form.nationality.data, form.birthday.data, username)) else: flash( 'You are not logged in as that user you tried to edit the profile of' ) return redirect( url_for('stream', username=session.get('username'))) return redirect(url_for('profile', username=username)) user = query_db( 'SELECT * FROM Users WHERE username="******";'.format(username), one=True) return render_template('profile.html', title='profile', username=username, user=user, form=form) else: flash('You are not logged in') return redirect(url_for('index'))
def profile(username): form = ProfileForm() if form.is_submitted(): education = sanitizeStr(form.education.data) employment = sanitizeStr(form.employment.data) music = sanitizeStr(form.movie.data) movie = sanitizeStr(form.movie.data) nationality = sanitizeStr(form.nationality.data) birthday = form.birthday.data query_db( 'UPDATE Users SET education=?, employment=?, music=?, movie=?, nationality=?, birthday=? WHERE username=?', education, employment, music, movie, nationality, birthday, username) return redirect(url_for('profile', username=current_user.username)) user = query_db('SELECT * FROM Users WHERE username=?', username, one=True) return render_template('profile.html', title='profile', username=username, user=user, form=form)
def profile(username): form = ProfileForm() owner = True if username != current_user.username: owner = False user = User.query.filter_by(username = username).first() if not user: return error() if username == current_user.username and form.is_submitted(): user.education = form.education.data user.employment = form.employment.data user.music = form.music.data user.movie = form.movie.data user.nationality = form.nationality.data user.birthday = form.birthday.data db.session.add(user) db.session.commit() return redirect(url_for('profile', username=username)) return render_template('profile.html', title='profile', username=username, user=user, form=form, owner=owner)
def profile(username): form = ProfileForm() if form.is_submitted(): if username == session['user']: query = ( 'UPDATE Users SET education=?, employment=?, music=?, movie=?, nationality=?, birthday=? WHERE username=? ;', (form.education.data, form.employment.data, form.music.data, form.movie.data, form.nationality.data, form.birthday.data, username)) query_db(query) else: session["err"] = "trying to edit someone elses profile" return redirect(url_for('error')) return redirect(url_for('profile', username=username)) query = ('SELECT * FROM Users WHERE username=?;', (username, )) user = query_db(query, one=True) return render_template('profile.html', title='profile', username=username, user=user, sessionuser=session["user"], form=form)