Beispiel #1
0
def edit_user(name):
    if request.method == 'POST' and user.is_admin():
        password = request.form.get('password', None)
        error = 'Passwords not the same.'
        if password == request.form.get('password2', None):
            result = database.update_user(name,
                                          password,
                                          request.form['email'],
                                          request.form['privilege'],
                                          request.form['active'])
            if result[0]:
                flash('User updated.')
                return redirect(url_for('display_admin_users'))
            else:
                error=result[1]
        return render_admin_page('edit_user.html', error=error)
    elif user.is_admin():
        result = database.get_user(name)
        if result[0]:
            theUser = dict(name=name, email=result[1][1],
                           privilege=result[1][2], active=result[1][3])
            return render_admin_page('edit_user.html', user=theUser)
        else:
            return render_admin_page('edit_user.html', error=result[1])
    else:
        return redirect(url_for('display_news'))
Beispiel #2
0
def logout():
    user.log_out()
    @after_this_request
    def delete_cookies(response):
        response.set_cookie('persist_name', '', expires=0)
        response.set_cookie('persist_token', '', expires=0)
        response.set_cookie('persist_id', '', expires=0)
    flash('You have been logged out')
    return redirect(url_for('display_news'))
Beispiel #3
0
def bulk_edit_users():
    if request.method == 'POST' and user.is_admin():
        if request.form.get('action', '') == 'delete':
            for name in request.form.getlist('names'):
                database.delete_user(name)
        elif request.form.get('action', '') == 'activate':
            for name in request.form.getlist('names'):
                database.activate_user(name)
    return redirect(url_for('display_admin_users'))
Beispiel #4
0
def edit_page(slug):
    if request.method == 'POST' and user.is_admin():
        result = database.update_page(slug,
                                      request.form['title'],
                                      request.form['content'])
        if result[0]:
            flash('Page created.')
            return redirect(url_for('display_admin_pages'))
        else:
            return render_admin_page('edit_page.html', error=result[1])
    elif user.is_admin():
        result = database.get_page(slug)
        if result[0]:
            page = dict(title=result[1][0], slug=slug,
                        content=result[1][1])
            return render_admin_page('edit_page.html', page=page)
        else:
            return render_admin_page('edit_page.html', error=result[1])
    else:
        return redirect(url_for('display_news'))
Beispiel #5
0
def add_reply(parent_id):
    error = None
    if user.is_logged_in():
        if request.method == 'POST':
            result = database.insert_post(request.form['title'],
                                          request.form['content'],
                                          request.form['author'],
                                          0,
                                          parent_id,
                                          0)
            if result[0]:
                flash('Post created.')
                redir = request.args.get('redirect', parent_id)
                return redirect(url_for('display_post',
                                        post_id=redir))
            else:
                error = result[1]
        return render_user_page('edit_post.html',
                                error=error, parent=parent_id)
    else:
        return redirect(url_for('display_news'))
Beispiel #6
0
def add_page():
    error = None
    if request.method == 'POST' and user.is_admin():
        result = database.insert_page(request.form['slug'],
                                      request.form['title'],
                                      request.form['content'])
        if result[0]:
            flash('Page created.')
            return redirect(url_for('display_admin_pages'))
        else:
            error = result[1]
    return render_admin_page('edit_page.html', error=error)
Beispiel #7
0
def display_admin_pages(page):
    if user.is_admin():
        lim = (-config.PAGE + page * config.PAGE, page * config.PAGE)
        result = database.get_pages(limit=lim)
        pages = [dict(title=row[0], slug=row[1])
                    for row in result]
        return render_admin_page('admin_pages.html',
                                 a_pages=pages,
                                 pg=page,
                                 num_pages=database.get_num_pages())
    else:
        return redirect(url_for('display_news'))
Beispiel #8
0
def display_admin_news(page):
    if user.is_admin():
        lim = (-config.PAGE + page * config.PAGE, page * config.PAGE)
        result = database.get_articles(limit=lim)
        articles = [dict(title=row[0], slug=row[1],
                         posted=format_dt(row[3]))
                    for row in result]
        return render_admin_page('admin_news.html',
                                 articles=articles,
                                 pg=page,
                                 num_articles=database.get_num_articles())
    else:
        return redirect(url_for('display_news'))
Beispiel #9
0
def add_post():
    error = None
    if user.is_logged_in():
        if request.method == 'POST':
            if user.is_admin():
                 pinned = request.form.get('pinned', 0)
            else:
                 pinned = 0
            result = database.insert_post(request.form['title'],
                                          request.form['content'],
                                          request.form['author'],
                                          0,
                                          None,
                                          pinned)
            if result[0]:
                flash('Post created.')
                return redirect(url_for('display_threads'))
            else:
                error = result[1]
        return render_user_page('edit_post.html', error=error)
    else:
        return redirect(url_for('display_news'))
Beispiel #10
0
def display_admin_users(page):
    if user.is_admin():
        lim = (-config.PAGE + page * config.PAGE, page * config.PAGE)
        result = database.get_users(limit=lim)
        users = [dict(name=row[0], email=row[1],
                      privilege=row[2], active=row[3])
                    for row in result]
        return render_admin_page('admin_users.html',
                                 users=users,
                                 pg=page,
                                 num_users=database.get_num_users())
    else:
        return redirect(url_for('display_news'))
Beispiel #11
0
def display_threads(page):
    if user.is_logged_in():
        lim = (-config.PAGE + page * config.PAGE, page * config.PAGE)
        result = database.get_posts(limit=lim, parent=None)
        posts = [dict(id=row[0], title=row[1], content=row[2],
                      author=row[3], posted=format_dt(row[4]),
                      pinned=row[5])
                    for row in result]
        return render_user_page('forum.html',
                                posts=posts,
                                pg=page,
                                num_threads=database.get_num_posts())
    else:
        return redirect(url_for('display_news'))
Beispiel #12
0
def edit_post(post_id):
    if user.is_logged_in():
        result = database.get_post(post_id)
        if not result[0]:
            return render_user_page('edit_post.html', error=result[1])
        post = dict(id=result[1][0], title=result[1][1],
                    content=result[1][2], author=result[1][3],
                    posted=format_dt(result[1][4]), locked=result[1][6],
                    pinned=result[1][7])
        if post['locked'] and not user.is_admin():
            return redirect(url_for('display_news'))
        if (user.get_name() == post['author'] or user.is_admin()):
            if request.method == 'POST':
                if user.is_admin():
                    locked = request.form.get('locked', 0)
                    pinned = request.form.get('pinned', 0)
                else:
                    locked = 0
                    pinned = 0
                result = database.update_post(post_id,
                                              request.form['title'],
                                              request.form['content'],
                                              locked,
                                              pinned)
                if result[0]:
                    flash('Post Updated.')
                    redir = request.args.get('redirect', post_id)
                    return redirect(url_for('display_post',
                                            post_id=redir))
                else:
                    return render_user_page('edit_post.html',
                                            error=result[1])
            else:
                return render_user_page('edit_post.html', post=post)
    else:
        return redirect(url_for('display_news'))
Beispiel #13
0
def login():
    error = None
    if request.method == 'POST':
        result = database.validate_user(request.form['username'],
                                        request.form['password'])
        print(result)
        if result[0]:
            user.log_in(request.form['username'],
                        result[1][0], result[1][1], result[1][2])
            if request.form.get('remember', False):
                after_this_request(user.persist_login)
            flash('You have been logged in')
            return redirect(url_for('display_news'))
        else:
            error = result[1]
    return render_user_page('login.html', error=error)
Beispiel #14
0
def admin_home():
    if user.is_admin():
        return render_admin_page('admin.html')
    else:
        return redirect(url_for('display_news'))
Beispiel #15
0
def bulk_edit_pages():
    if request.method == 'POST' and user.is_admin():
        if request.form.get('action', '') == 'delete':
            for slug in request.form.getlist('slugs'):
                database.delete_page(slug)
    return redirect(url_for('display_admin_pages'))
Beispiel #16
0
def bulk_edit_articles():
    if request.method == 'POST' and user.is_admin():
        for slug in request.form.getlist('slugs'):
            database.delete_article(slug)
    return redirect(url_for('display_admin_news'))