def new_post(): form = PostForm() if form.validate_on_submit(): post = Post(title=form.title.data, content=form.content.data, author=current_user) db.session.add(post) db.session.commit() flash('Your post has been created!', 'success') return redirect(url_for('main.home')) return render_template('create_post.html', title='New Post', form=form, legend='New Post')
def update_post(post_id): post = Post.query.get_or_404(post_id) if post.author != current_user: abort(403) form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit() flash('Your post has been updated!', 'success') return redirect(url_for('posts.post', post_id=post.id)) elif request.method == 'GET': form.title.data = post.title form.content.data = post.content return render_template('create_post.html', title='Update Post', form=form, legend='Update Post')
def update_post(post_id): post = Post.query.get_or_404(post_id) if post.author != current_user: abort(403) form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit() flash('Your post has been updated!', 'success') return redirect(url_for('posts.post', post_id=post.id)) elif request.method == 'GET': form.title.data = post.title form.content.data = post.content return render_template('create_post.html', title='Update Post', form=form, legend='Update Post')
def new_post(): """ function for creating new posts :return: """ form = PostForm() if form.validate_on_submit(): post = Post(title=form.title.data, content=form.content.data, author=current_user) db.session.add(post) db.session.commit() flash('Your post was successful.', 'success') return redirect(url_for('main.home')) return render_template('New_post.html', title='New Post', form=form, legend='Upload New Post')
def update_post(post_id): post = Post.query.get_or_404(post_id) if post.user_id != current_user.id: abort(403) #http response for forbidden operation form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit() flash('Your post has been updated!', 'success') return redirect(url_for('posts.post', post_id=post.id)) elif request.method == "GET": # allowed to pre fill the form with the existing data form.title.data = post.title form.content.data = post.content return render_template('create_post.html', title='Update Post', form=form, legend='Update Post')
def update_post(post_id): post = Post.query.get_or_404(post_id) if post.author != current_user: abort(403) #403 is forbidden route form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit() flash('Post updated!', 'success') return redirect(url_for('posts.post', post_id=post.id)) elif request.method == 'GET': #On openeing page, automatically fill form using existing post data form.title.data = post.title form.content.data = post.content return render_template('create_or_update_post.html', title='Update Post', form=form, legend='Update Post')
def new_post(): form = PostForm() if form.validate_on_submit(): post = Post(title=form.title.data, content=form.content.data, author=current_user) db.session.add(post) db.session.commit() flash('Your post has been created!', 'success') return redirect(url_for('main.home')) elif request.method == 'GET': flash('Please Write your post here!', 'info') else: flash('Something went wrong, please check your post again!', 'danger') return render_template('create_post.html', title='New Post', form=form, legend='New Post')
def update_post(post_id): post = Post.query.get_or_404(post_id) if post.author != current_user: abort(403) form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit() flash("Your post has been updated", "success") return redirect(url_for("posts.post", post_id=post.id)) elif request.method == "GET": form.title.data = post.title form.content.data = post.content return render_template("create_post.html", title="Update form", form=form, legend="Update post")
def new_post(): players_pattern = get_player_pattern() form = PostForm() if form.validate_on_submit(): post = Post(title=form.title.data, content=form.content.data, author=current_user) db.session.add(post) db.session.commit() flash('Your post has been created!', 'success') return redirect(url_for('main.home')) if (request.method == 'POST'): return nav_search() return render_template('create_post.html', title='New Post', form=form, legend='New Post', players_pattern=players_pattern)
def new_post(): form = PostForm() if form.validate_on_submit(): attrs = { 'img': ['src', 'alt', 'title', 'style'], 'p': ['style'], 'h1': ['style'] } if form.picture.data: picture_file = save_picture(form.picture.data) clean_content = bleach.clean( request.form.get('content'), tags=bleach.sanitizer.ALLOWED_TAGS + ['h1', 'br', 'p', 'img', 'blockquote'], attributes=attrs, protocols=bleach.sanitizer.ALLOWED_PROTOCOLS + ['data'], styles=bleach.sanitizer.ALLOWED_STYLES + ['color', 'width', 'text-align']) post = Post(title=form.title.data, content=clean_content, author=current_user, cat_id=form.category.data.id, image_file=picture_file) else: post = Post( title=form.title.data, content=bleach.clean( form.content.data, tags=bleach.sanitizer.ALLOWED_TAGS + ['h1', 'br', 'p', 'img', 'blockquote'], attributes=attrs, protocols=bleach.sanitizer.ALLOWED_PROTOCOLS + ['data'], styles=bleach.sanitizer.ALLOWED_STYLES + ['color', 'width', 'text-align']), author=current_user, cat_id=form.category.data.id) db.session.add(post) db.session.commit() flash('Your post has been created!', 'success') return redirect(url_for('main.home')) return render_template('create_post.html', title='New Post', form=form, legend='New Post')
def new_post(): form = PostForm() if form.validate_on_submit(): post = Post(title=form.title.data, content=form.content.data, author=current_user) db.session.add(post) db.session.commit() flash('Your post has been created!', 'success') return redirect(url_for('main.home')) return render_template('create_post.html', title="New Post", form=form, legend='New Post' )
def update_post(post_id): post = Post.query.get_or_404(post_id) if current_user != post.author: # a post should be updated only by it's author abort(403) # show "Forbidden" error form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit( ) # no need for .add() because both post.title and post.content are already in the database flash('Your post has been successfully updated!', 'success') return redirect(url_for('posts.post', post_id=post.id)) elif request.method == 'GET': # to populate the current user's data in the form by default on GET form.title.data = post.title form.content.data = post.content return render_template('create_post.html', title='Update Post', form=form, legend='Update Post')
def new_post(): form = PostForm() if form.validate_on_submit( ) and 'image_1' in request.files and 'image_2' in request.files: image_1 = photos.save(request.files.get('image_1'), name=secrets.token_hex(10) + ".") image_2 = photos.save(request.files.get('image_2'), name=secrets.token_hex(10) + ".") post = Post(title=form.title.data, content=form.content.data, author=current_user, image_1=image_1, image_2=image_2) db.session.add(post) db.session.commit() flash('Your post was just added!', 'success') return redirect(url_for('home')) return render_template('add_post.html', title='Add Post', form=form)
def update_post(post_id): post = Post.query.get_or_404(post_id) if post.author != current_user: abort(403) #hhtp response for a forbidden route form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit( ) #no need to add because its just updating the existing data in db flash("Your post has been updated!", "success") return redirect(url_for("posts.post", post_id=post.id)) elif request.method == "GET": #to populate the form for a post that needs to be updated form.title.data = post.title form.content.data = post.content return render_template("create_post.html", title="Update Post", form=form, legend="Update Post")
def update_post(post_id): post = Post.query.get_or_404(post_id) #Only user who wrote this post can update/edit this post if(post.author != current_user): abort(403) # We are doing manual abort here. 403 html response is http for forrbiden route form = PostForm() #create instance of our PostForm #This if is for writing updated/edited post to db (if statment is checking if data are correct) if (form.validate_on_submit()): post.title = form.title.data post.content = form.content.data db.session.commit() #Commit (save) post to db. We dont need to do db.session.add because data are already in db and we are only doing data update flash('Your post have been updated!', 'success') #Add flash message that will tell user that return redirect(url_for('posts.post', post_id = post.id)) #Redirect now to home page #If request.method == 'GET' then populate the forms with username and email elif(request.method == 'GET'): form.title.data = post.title #for filling field with current post data form.content.data = post.content #for filling field with current post data #Now render template return render_template('create_post.html', title='Update Post', form = form, legend = 'Update Post') #
def update_post(post_id): post = Post.query.get_or_404(post_id) if post.author != current_user: abort(403) # manually abort and show 403 for a forbidden route form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit() flash(f'Updated your post!', 'success') return redirect(url_for("posts.post", post_id=post.id)) elif request.method == 'GET': form.title.data = post.title form.content.data = post.content return render_template("new_post.html", title='Update Post', form=form, post=post, legend='Update Post')
def new_post(): form = PostForm() if form.validate_on_submit(): post = Post(title=form.title.data, description=form.description.data, content=form.content.data, tags=form.tags.data.lower(), author=current_user) db.session.add(post) db.session.commit() flash('Post criado!', 'success') return redirect(url_for('main.home')) return render_template('create_post.html', title='Novo Post', form=form, legend='Novo post')
def new_post(): print current_user.confirmed_email if current_user.confirmed_email == False: flash('Please confirm your email first before you can create a post.', 'info') return redirect(url_for('main.home')) form = PostForm() if form.validate_on_submit(): post = Post(title=form.title.data, content=form.content.data, author=current_user) session.add(post) session.commit() flash('Your post has been created!', 'success') return redirect(url_for('main.home')) return render_template('create_post.html', title='New Post', form=form, legend="New Post")
def new_post(): """ The Create_Post page route that allows a user to create a new post to the blog. When a post has been successfully created, this page redirects to the Home page. Uses the PostForm. """ form = PostForm() if form.validate_on_submit(): post = Post(title=form.title.data, content=form.content.data, author=current_user) db.session.add(post) db.session.commit() flash('Your post has been created!', 'success') return redirect(url_for('main.home')) return render_template('create_post.html', title='New Post', form=form, legend='New Post')
def update_post(post_id): post = Post.query.get_or_404(post_id) languages = current_app.config['LANGUAGES'] locale = list(languages)[0] if post.author != current_user: abort(403) form = PostForm() if form.validate_on_submit(): post.title =form.title.data post.content =form.content.data db.session.commit() flash(_('your post has been updated!'),'success') return redirect(url_for('posts.post', post_id=post.id)) elif request.method == 'GET': form.title.data = post.title form.content.data = post.content return render_template('create_post.html', title=_('Update Post'), form=form, legend=_('Update post'),languages=languages, locale=locale, _l = _l)
def update_post(post_id): post = Post.query.get_or_404(post_id) # make sure only user who created the post can modify it if post.author != current_user: abort(403) # create an exception. 403 meaning access forbidden form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit() flash('Your post has been updated', 'success') return redirect(url_for('posts.post', post_id=post.id)) elif request.method == 'GET': form.title.data = post.title form.content.data = post.content return render_template('create_post.html', title='Update Post', form=form, legend='Update Post')
def new_post(): form = PostForm() if form.validate_on_submit(): post = Post( title=form.title.data, content=form.content.data, user_id=current_user.id, # author = current_user ) db.session.add(post) db.session.commit() flash('Your post is created !', 'success') return redirect(url_for('main.home')) image_file = url_for( 'static', filename='profile_pics/'+current_user.image_file) return render_template('new_post.html', title='new post', image_file=image_file, form=form, legend='New Post')
def update_post(post_id): post_object = Post.query.get_or_404(post_id) if post_object.author != current_user: abort(403) post_form = PostForm() if post_form.validate_on_submit(): post_object.title = post_form.title.data post_object.content = post_form.content.data db.session.commit() flash('Post was updated', 'success') return redirect(url_for('posts.post', post_id=post_object.id)) elif request.method == 'GET': post_form.title.data = post_object.title post_form.content.data = post_object.content return render_template('create_post.html', title='Update Post', form=post_form, legend='Update Post', num_registered=User.get_num_registered())
def update_post(post_id): post = Post.query.get_or_404( post_id) # give me post with id , if doesnt exist = 404 if post.author != current_user: # don't let update posts if not logged as blog owner abort(403) form = PostForm() if form.validate_on_submit(): post.title = f.encrypt(bytes(form.title.data, 'utf-8')) post.content = f.encrypt(bytes(form.content.data, 'utf-8')) db.session.commit() flash('Your post has been updated', 'success') return redirect(url_for('posts.post', post_id=post.id)) elif request.method == 'GET': form.title.data = f.decrypt(post.title).decode() form.content.data = f.decrypt(post.content).decode() return render_template('create_post.html', title='Update Post', form=form, legend='Update Post')
def update_post(post_id): post = Post.query.get_or_404(post_id) # if current user is not author of post, abort with invalid request if post.author != current_user: abort(403) form = PostForm() # create new form obj # if form is validated, update information if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit() flash("Post Updated Successfully", "success") return redirect(url_for("posts.post", post_id=post.id)) elif request.method == "GET": # populate with existing info form.title.data = post.title form.content.data = post.content return render_template( "create_post.html", title="Update Post", form=form, legend="Update Post" )
def update_post(post_id): post = Post.query.get_or_404(post_id) if post.author != current_user: abort(403) # http response for a forbidden route form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit() # don't need to use db.session since the data is already in the database flash('Your post has been updated!', 'success') return redirect(url_for('posts.post', post_id=post.id)) elif request.method == 'GET': form.title.data = post.title form.content.data = post.content return render_template('create_post.html', title='Update Post', form=form, author=current_user, legend='Update Post')
def update_post(post_id): post = Post.query.get_or_404(post_id) if post.author != current_user: abort(403) form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data post.date_posted = datetime.utcnow() db.session.commit() flash('You have successfully edited your post!', 'success') return redirect(url_for('posts.post', post_id=post.id)) elif request.method == 'GET': form.title.data = post.title form.content.data = post.content return render_template('create_post.html', title="Edit Post", form=form, post=post, legend="Edit Post")
def set_new_post(): post_form = PostForm() # (1)设置POST方法 # 博文创建时需要空白的form表单待用户填写,并不需要GET方法提前为用户展示数据,因此无需设置GET方法 # 出现validate_on_submit()即默认为POST方法 if post_form.validate_on_submit(): # (2)通过验证,写入数据 # 依据models.py里设置的Post数据表(table)结构,将前端获取用户输入的post_form中的各类数据,存储进数据库 # 【注意】这里是生成新的post对象 post = Post(title=post_form.title.data, content=post_form.content.data, author=current_user) db.session.add(post) db.session.commit() flash(f"您的文章《{post.title}》创建成功!", "success") return redirect(url_for("main.set_home")) return render_template("create_post.html", title="New Post", legend="创建博文", post_form=post_form)
def update_post(post_id): post = Post.query.get_or_404(post_id) if post.author != current_user: abort(403) form = PostForm() # Populate the form with data from the post if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit() flash('Your post has been updated', 'success') return redirect(url_for('posts.post', post_id=post.id)) #Pas sûr que ce elif ait bcp de sens elif request.method == 'GET': form.title.data = post.title form.content.data = post.content return render_template("create_post.html", title="Update post", form=form, legend="Update Post")
def update_post(post_id): post = Post.query.get_or_404(post_id) if post.author != current_user: abort(403) form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit() flash("Your post has been successfully updated!","success") return redirect(url_for('posts.post',post_id=post.id)) # Updating website when accessed from here elif request.method == 'GET': form.title.data = post.title form.content.data = post.content return render_template('create_post.html', title = "Update Post", form =form, legend = "Update Post")
def post_update(post_id): post = Post.query.get_or_404(post_id) if post.author != current_user: abort(403) form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit() flash('Posts been updated :D', 'success') return redirect(url_for('posts.post', post_id=post_id)) elif request.method == 'GET': form.title.data = post.title form.content.data = post.content # note because I keep forgetting: title is what appears on the tab return render_template('post_create.html', title='글 고치기', legend='글 고치기', form=form)
def update_post(post_id): """Function to go to the post itself""" post = Post.query.get_or_404( post_id) # If the post doesn't exist (404), create it if post.author != current_user: abort(403) form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data db.session.commit() flash('Your post has been updated!', 'success') return redirect(url_for('posts.post', post_id=post.id)) elif request.method == 'GET': form.title.data = post.title # To have the title at the edit page form.content.data = post.content # To have the content at the edit page return render_template('create_post.html', title='Update Post', form=form, legend='Update Post')