def get(self): # Display existing guestbook entries and a form to add new entries. env = os.getenv('SERVER_SOFTWARE') if (env and env.startswith('Google App Engine/')): db = safesql.connect(unix_socket='/cloudsql/' + _INSTANCE_NAME, db='guestbook', user='******', charset='utf8') else: db = safesql.connect(host='173.194.253.12', port=3306, db='guestbook', user='******', charset='utf8') # Alternatively, connect to a Google Cloud SQL instance using: # db = safesql.connect(host='ip-address-of-google-cloud-sql-instance', port=3306, user='******', charset='utf8') guestlist = []; cursor = db.cursor() try: query = 'SELECT guestName, content, entryID FROM entries' user = self.request.get('user') if user: query += " WHERE guestName = '" + user + "'" cursor.execute(query) for row in cursor.fetchall(): guestlist.append(dict([('name',cgi.escape(row[0])), ('message',cgi.escape(row[1])), ('ID',row[2]) ])) except: pass # Create a list of guestbook entries to render with the HTML. variables = {'guestlist': guestlist} template = JINJA_ENVIRONMENT.get_template('main.html') self.response.write(template.render(variables)) db.close()
def post(self): # Handle the post to create a new guestbook entry. fname = self.request.get('fname') content = self.request.get('content') env = os.getenv('SERVER_SOFTWARE') if (env and env.startswith('Google App Engine/')): db = safesql.connect(unix_socket='/cloudsql/' + _INSTANCE_NAME, db='guestbook', user='******', charset='utf8') else: db = safesql.connect(host='173.194.253.12', port=3306, db='guestbook', user='******', charset='utf8') # Alternatively, connect to a Google Cloud SQL instance using: # db = safesql.connect(host='ip-address-of-google-cloud-sql-instance', port=3306, db='guestbook', user='******', charset='utf8') cursor = db.cursor() # Note that the only format string supported is %s try: command = 'INSERT INTO entries (guestName, content) VALUES ("' + fname + '", "' + content + '")' cursor.execute(command) except: pass db.commit() db.close() self.redirect("/")