From 4474754c3eaf0050993801383e81bb58f7b550c3 Mon Sep 17 00:00:00 2001 From: Guillaume Horel Date: Tue, 31 Mar 2015 12:47:36 -0400 Subject: make sure Thibaut doesn't break the site anymore --- wedding.py | 33 ++++++++++++++++++++------------- 1 file changed, 20 insertions(+), 13 deletions(-) (limited to 'wedding.py') diff --git a/wedding.py b/wedding.py index 3e883e1..7b00171 100644 --- a/wedding.py +++ b/wedding.py @@ -78,21 +78,28 @@ def rsvp(): db = get_db() update_string = [] args = [] - for k, v in request.form.items(): - update_string.append("{0}=?".format(k)) - if k in ["rsvp", "plusone", "kids"]: - ## convert to integer - args.append(int(v)) - else: + for k in ['full_name', 'email', 'mailing', 'plusonename', 'kidsnames', 'comments']: + v = request.form.get(k) + if v: + update_string.append("{0}=?".format(k)) + args.append(v) + for k in ["rsvp", "plusone", "kids"]: + v = request.form.get(k, type=int) + if v: + update_string.append("{0}=?".format(k)) args.append(v) - update_string = ",".join(update_string) - query = "UPDATE guests set {0} , lastupdate=current_timestamp " \ - "WHERE user_name=?".format(update_string) - with db: - db.execute(query, tuple(args+[session['user_name']])) - flash(gettext("We have updated your information!")) - return redirect(url_for('rsvp')) + if update_string: + update_string = ",".join(update_string) + query = "UPDATE guests set {0} , lastupdate=current_timestamp " \ + "WHERE user_name=?".format(update_string) + with db: + db.execute(query, tuple(args+[session['user_name']])) + flash(gettext("We have updated your information!")) + return redirect(url_for('rsvp')) + else: + flash(gettext("We could not update your information!")) + return redirect(url_for('rsvp')) @app.route('/') @app.route('/home/') -- cgit v1.2.3-70-g09d2