时间戳

首页 > 解决方案 > 尝试更新个人资料用户数据时出错

python - 尝试更新个人资料用户数据时出错

问题描述

我正在学习会话以及如何在进行编辑时更新配置文件数据。我的字典有问题,不介意任何建议。:)

代码:

@application.route("/profileEdit/", methods = ["POST", "GET"])
def profileEdit():
    if request.method == "POST":
        usersDB = client["userRegistration"]
        users = usersDB['userregistrations']

        
        username = request.form.get('username')
         #request.form.get('password')
        email = request.form.get('email')
        labor = request.form.get('image')
        phone = request.form.get('phone')
        existing_user =  users.find_one({'email': session['email']})
        g.user = existing_user 


        file = request.files.get('file')
        filename = file.filename

        

        newvalues = { g.user: {
            'date': str(date.today()),
            'name': username,  
            'email': email, 
            'phonenumber': phone, 
            'labor':labor, 
            'profilePic': file}
            }

        if filename == '':
            flash('No image selected for uploading')
            return redirect(request.url)

        if push: #need a security boost to prevent injections of code check file extensions
           
            file.save(os.path.join('static\Images', filename))
            #print('upload_image filename: ' + filename)
            

             
            if existing_user is None:
                return redirect(url_for('registration'))

            else:
                
                users.update_one(g.user, newvalues)
                return redirect(url_for('profile'))
            

        else:
            flash('Allowed image types are - png, jpg, jpeg, gif')#security protocol
            return redirect(request.url)


        
    
    return render_template("profileEdit.html")#, image_file = image_file)

错误:

Traceback (most recent call last):
  File "C:\Python39\Lib\site-packages\flask\app.py", line 2091, in __call__
    return self.wsgi_app(environ, start_response)
  File "C:\Python39\Lib\site-packages\flask\app.py", line 2076, in wsgi_app
    response = self.handle_exception(e)
  File "C:\Python39\Lib\site-packages\flask\app.py", line 2073, in wsgi_app
    response = self.full_dispatch_request()
  File "C:\Python39\Lib\site-packages\flask\app.py", line 1518, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "C:\Python39\Lib\site-packages\flask\app.py", line 1516, in full_dispatch_request
    rv = self.dispatch_request()
  File "C:\Python39\Lib\site-packages\flask\app.py", line 1502, in dispatch_request
    return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
  File "C:\Users\tquig\OneDrive\Documents\GitHub\FS-CSCI150-F21-Team4\application.py", line 146, in profileEdit
    newvalues = { g.user: {
TypeError: unhashable type: 'dict'

我知道这不是超级安全,因为由于没有验证过程,人们可以在上传图像时上传恶意代码。如果你们对过滤文件扩展名并确保它不是恶意文件有建议 - 那将非常棒,因为互联网有点缺乏烧瓶的安全教程。

标签: pythonflaskweb

解决方案

推荐阅读