python - 尝试更新个人资料用户数据时出错
问题描述
我正在学习会话以及如何在进行编辑时更新配置文件数据。我的字典有问题,不介意任何建议。:)
代码:
@application.route("/profileEdit/", methods = ["POST", "GET"])
def profileEdit():
if request.method == "POST":
usersDB = client["userRegistration"]
users = usersDB['userregistrations']
username = request.form.get('username')
#request.form.get('password')
email = request.form.get('email')
labor = request.form.get('image')
phone = request.form.get('phone')
existing_user = users.find_one({'email': session['email']})
g.user = existing_user
file = request.files.get('file')
filename = file.filename
newvalues = { g.user: {
'date': str(date.today()),
'name': username,
'email': email,
'phonenumber': phone,
'labor':labor,
'profilePic': file}
}
if filename == '':
flash('No image selected for uploading')
return redirect(request.url)
if push: #need a security boost to prevent injections of code check file extensions
file.save(os.path.join('static\Images', filename))
#print('upload_image filename: ' + filename)
if existing_user is None:
return redirect(url_for('registration'))
else:
users.update_one(g.user, newvalues)
return redirect(url_for('profile'))
else:
flash('Allowed image types are - png, jpg, jpeg, gif')#security protocol
return redirect(request.url)
return render_template("profileEdit.html")#, image_file = image_file)
错误:
Traceback (most recent call last):
File "C:\Python39\Lib\site-packages\flask\app.py", line 2091, in __call__
return self.wsgi_app(environ, start_response)
File "C:\Python39\Lib\site-packages\flask\app.py", line 2076, in wsgi_app
response = self.handle_exception(e)
File "C:\Python39\Lib\site-packages\flask\app.py", line 2073, in wsgi_app
response = self.full_dispatch_request()
File "C:\Python39\Lib\site-packages\flask\app.py", line 1518, in full_dispatch_request
rv = self.handle_user_exception(e)
File "C:\Python39\Lib\site-packages\flask\app.py", line 1516, in full_dispatch_request
rv = self.dispatch_request()
File "C:\Python39\Lib\site-packages\flask\app.py", line 1502, in dispatch_request
return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
File "C:\Users\tquig\OneDrive\Documents\GitHub\FS-CSCI150-F21-Team4\application.py", line 146, in profileEdit
newvalues = { g.user: {
TypeError: unhashable type: 'dict'
我知道这不是超级安全,因为由于没有验证过程,人们可以在上传图像时上传恶意代码。如果你们对过滤文件扩展名并确保它不是恶意文件有建议 - 那将非常棒,因为互联网有点缺乏烧瓶的安全教程。
解决方案
推荐阅读
- javascript - 我如何使用 ngFor 来设计这个(可能是嵌套的)表
- android - 在 Firebase 中使用电话、用户名和密码进行身份验证
- mysql - mysql-slow.log 如何找到具体查询 SELECT /*!40001 SQL_NO_CACHE */ * FROM
- android - 重新加载时的空片段
- java - 集合中 ID 的休眠查询返回太多结果
- kubernetes - 如何更改etcd监听的IP和端口
- apache - .htaccess 中的 301 重定向首先在原始 URL 上给出证书警告
- android - 如何从 Observable 打印排放量
>>? - database - `RefreshDatabase` 删除所有表
- vue.js - 为什么我的数据过滤函数返回空?