diff --git a/routes/_convenor.py b/routes/_convenor.py index 8d9f03b..cf74f75 100644 --- a/routes/_convenor.py +++ b/routes/_convenor.py @@ -1,4 +1,3 @@ -#import MySQLdb import pymysql import os from flask import render_template, request @@ -206,8 +205,6 @@ def convenorDeletePlayer(): @basic_auth.required def convenorEditPlayerResult(): try: -# _year = request.form['year'] - _year = "2018" _club = request.form['playerClub'] _team = request.form['playerTeam'] _playerForename = request.form['playerForenames'] @@ -222,7 +219,8 @@ def convenorEditPlayerResult(): _playerNumber = request.form['playerNumber'] _playerTelNumber = request.form['playerTelNumber'] if _team and _playerSurname and _playerHkid and _playerNumber and request.method == 'POST': - sql = "UPDATE _" + _club + "_players SET playerTeam='" + _team + "', playerForenames='" + _playerForename + "', playerSurname='" + _playerSurname + "', playerNickname='" + _playerNickname + "', playerChineseName='" + _playerChineseName_enc + "', playerEmail='" + _playerEmail + "', playerDob='" + _playerDob + "', playerHkid='" + _playerHkid + "', playerTelNumber='" + _playerTelNumber + "' WHERE playerNumber='" + _playerNumber + "'" + #sql = "UPDATE _" + _club + "_players SET playerTeam='" + _team + "', playerForenames='" + _playerForename + "', playerSurname='" + _playerSurname + "', playerNickname='" + _playerNickname + "', playerChineseName='" + _playerChineseName_enc + "', playerEmail='" + _playerEmail + "', playerDob='" + _playerDob + "', playerHkid='" + _playerHkid + "', playerTelNumber='" + _playerTelNumber + "' WHERE playerNumber='" + _playerNumber + "'" + sql = "UPDATE _" + _club + "_players SET playerTeam='" + _team + "' WHERE playerHkid='" + _playerHkid + "'" sql_write(sql) return render_template('_convenorEditPlayerResults.html', club=_club, firstname=_playerForename, nickname=_playerNickname, surname=_playerSurname, shirt=_playerNumber) except Exception as e: