def post(self, topic_id):
content = cgi.escape(self.request.get("content"))
if content:
Comment.save_comment(topic_id, content)
else:
user_id = users.get_current_user().email()
Subscription.save_subscription(topic_id, user_id)
return self.redirect_to("topic-details", topic_id=topic_id)
def post(self, post_id):
value_csrf = self.request.get('csrf-token')
if not memcache.get(value_csrf):
return self.write('CSRF Attack Detected!')
post = Post.get_by_id(int(post_id))
content = cgi.escape(self.request.get('comment'))
Comment.save_comment(post_id, content)
return self.redirect_to('post', post_id=post.key.id())
