bugfixproduction

the code was so secure to injections, that even the form fields were not allowed.
author: Guillaume Horel <guillaume.horel@gmail.com> 2020-11-23 21:10:20 -0500
committer: Guillaume Horel <guillaume.horel@gmail.com> 2020-11-23 21:10:20 -0500
commit: bb6d543bdba66fb0c9326483c80ef8e6f62166ec (patch)
tree: 6328e96ba404b0561b05b3a52ce5b30fe703ac87 /famille.py
parent: d947660fdfc0b6275cbc095412004252ed6be1a0 (diff)
download: famille-flask-bb6d543bdba66fb0c9326483c80ef8e6f62166ec.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/famille.py b/famille.py
index a3b844d..9481dac 100644
--- a/famille.py
+++ b/famille.py
@@ -272,8 +272,8 @@ def edit_user():
     elif request.method == 'POST':
         result = {}
         result['notify'] = "notify" in request.form
-        for k in ["birthday", "nameday", "email", "phone", "adress_line1",
-                  "adress_line2", "adress_city_line", "timezone"]:
+        for k in ["birthday", "nameday", "email", "phone", "address_line1",
+                  "address_line2", "address_city_line", "timezone"]:
             if k in request.form:
                 result[k] = request.form[k]
         set_string = ",".join([f"{k}=?" for k in result.keys()])
author	Guillaume Horel <guillaume.horel@gmail.com>	2020-11-23 21:10:20 -0500
committer	Guillaume Horel <guillaume.horel@gmail.com>	2020-11-23 21:10:20 -0500
commit	bb6d543bdba66fb0c9326483c80ef8e6f62166ec (patch)
tree	6328e96ba404b0561b05b3a52ce5b30fe703ac87 /famille.py
parent	d947660fdfc0b6275cbc095412004252ed6be1a0 (diff)
download	famille-flask-bb6d543bdba66fb0c9326483c80ef8e6f62166ec.tar.gz