def changepasswd(): session_id = request.cookies.get(SESSION_ID) if session_id is None: return redirect(url_for('logout')) if not session_db.exists(session_id): return redirect(url_for('logout')) form = PasswordChangeForm() hidden = request.cookies.get('login') if hidden is None: return render_template('problem.html') form.hidden = hidden if form.validate_on_submit(): ssid = request.cookies.get(SESSION_ID) user = session_db.get(ssid) user_data = dbc.getUserByLogin(user) user_id = user_data[0] dbc.updatePassword(user_id, hash_password(form.newpassword.data)) return render_template('changegood.html') return render_template('changepasswd.html', form=form)