def comment(): email = current_user.email product_id = request.form['product_id'] comment = request.form['comment'] detect_attack(comment) DB.add_comment(email, product_id, comment) return redirect(url_for('details', id=product_id))