def admin_post_mod(post_id):
print(f"post_id:{post_id}")
# load global options
opt = global_options(db)
menu = global_menu(db)
this_page = admin_default_tags()
# load single post and load template
print(f"user_id {session['user_id']}")
print(f"user_level {session['user_level']}")
if session['user_level'] <= 2:
sql = "SELECT * FROM post WHERE idpost = :idpost"
post = db.execute(sql, idpost=post_id)
else:
sql = "SELECT * FROM post WHERE idpost = :idpost AND idusers = :id"
post = db.execute(sql, idpost=post_id, id=session['user_id'])
print(f"loaded post: {post}")
return render_template("admin-post-modify.html",
opt=opt,
menu=menu,
page=this_page,
post=post)
def admin_profile():
# load global options
opt = global_options(db)
menu = global_menu(db)
this_page = admin_default_tags()
profile = db.execute("SELECT * FROM users WHERE id = :id",
id=session["user_id"])
if len(profile) == 0:
return apology("I can't find your user profile in database", 500)
else:
return render_template("admin-profile.html",
profile=profile[0],
opt=opt,
menu=menu,
page=this_page)
def admin_users():
# load global options
opt = global_options(db)
menu = global_menu(db)
this_page = admin_default_tags()
# load online posts in admin/home
rows = db.execute(
"SELECT users.*, users_level.* FROM users, users_level WHERE users.idusers_level = users_level.idusers_level ORDER BY users.idusers_level ASC, users.email ASC"
)
return render_template("admin-users.html",
opt=opt,
menu=menu,
page=this_page,
rows=rows)
def admin_pages():
# SECURITY USER LEVEL CHECK
if session["user_level"] != 1:
return redirect("/admin/home")
# load global options
opt = global_options(db)
menu = global_menu(db)
this_page = admin_default_tags()
# load online posts in admin/home
rows = db.execute(
"SELECT * FROM pages ORDER BY locked DESC, menu_item DESC, is_visible DESC"
)
return render_template("admin-pages.html",
opt=opt,
menu=menu,
page=this_page,
rows=rows)
def admin_drafts():
# load global options
opt = global_options(db)
menu = global_menu(db)
this_page = admin_default_tags()
# load online posts in admin/home
if session['user_level'] < 3:
sql = "SELECT post.*, users.name FROM post, users WHERE post.idusers = users.id AND post.is_visible=0 ORDER BY post.date DESC LIMIT 20"
rows = db.execute(sql)
else:
sql = "SELECT post.*, users.name FROM post, users WHERE post.idusers = users.id AND post.is_visible=0 AND post.idusers=:id_linked_user ORDER BY post.date DESC LIMIT 20"
rows = db.execute(sql, id_linked_user=session['user_id'])
return render_template("admin-drafts.html",
opt=opt,
menu=menu,
page=this_page,
rows=rows)
def admin_users_detail(id):
opt = global_options(db)
menu = global_menu(db)
this_page = admin_default_tags()
sql = "SELECT * FROM users WHERE id = :id "
content = db.execute(sql, id=id)
if len(content) == 0:
return apology("User not found", 500)
# load user levels
user_level = db.execute(
"SELECT * FROM users_level ORDER BY idusers_level ASC")
return render_template("admin-users-detail.html",
profile=content[0],
user_level=user_level,
opt=opt,
menu=menu,
page=this_page)
def admin_page_mod(page_id):
# SECURITY USER LEVEL CHECK
if session["user_level"] != 1:
return redirect("/admin/home")
# load global options
opt = global_options(db)
menu = global_menu(db)
this_page = admin_default_tags()
# load single post and load template
if session['user_level'] == 1:
sql = "SELECT * FROM pages WHERE idpages = :idpages"
post = db.execute(sql, idpages=page_id)
else:
return apology("Sorry, you're not authorized to manage pages", 301)
return render_template("admin-page-modify.html",
opt=opt,
menu=menu,
page=this_page,
post=post)
