def account_resume(): username=session['user']['username'] if request.method == 'GET': user=db.select_one("SELECT * FROM T_User WHERE username=%s",(username,)) return render_template('account/resume.html',user=user) else: file = request.files['photo'] if file: filename = uploader.save_image_file(file) db.execute("UPDATE T_User SET position=%s,grade=%s,resume=%s,photo=%s WHERE username=%s",\ (request.form['position'],request.form['grade'],request.form['resume'],filename,username)) else: db.execute("UPDATE T_User SET position=%s,grade=%s,resume=%s WHERE username=%s",\ (request.form['position'],request.form['grade'],request.form['resume'],username)) return redirect(url_for('account_index'))
def user_edit(username): if request.method == 'GET': user = db.select_one("SELECT * FROM T_User WHERE username=%s;",[username]) return render_template('user/edit.html',user=user) else: file = request.files['photo'] if file: filename = uploader.save_image_file(file) db.execute("UPDATE T_User SET auth_expense_approve=%s,state=%s,rank=%s,name=%s,email=%s,email_public=%s,\ position=%s,grade=%s,resume=%s,photo=%s WHERE username=%s",\ (('auth_expense_approve' in request.form),('state' in request.form),request.form['rank'],\ request.form['name'],request.form['email'],request.form['email_public'],\ request.form['position'],request.form['grade'],request.form['resume'],filename,username)) else: db.execute("UPDATE T_User SET auth_expense_approve=%s,state=%s,rank=%s,name=%s,email=%s,email_public=%s,\ position=%s,grade=%s,resume=%s WHERE username=%s",\ (('auth_expense_approve' in request.form),('state' in request.form),request.form['rank'],\ request.form['name'],request.form['email'],request.form['email_public'],\ request.form['position'],request.form['grade'],request.form['resume'],username)) return redirect(url_for('user_index'))