def update_post(blog_post_id):
# get post
blog_post = BlogPost.query.get_or_404(blog_post_id)
# validate user
if blog_post.author != current_user:
abort(403)
# create form and pass form data
form = BlogPostForm()
if form.validate_on_submit():
blog_post.title = form.title.data
blog_post.text = form.text.data
db.session.commit()
flash('Blog Post Updated')
return redirect(
url_for('blog_posts.blog_post', blog_post_id=blog_post.id))
# display post already in db in the form
elif request.method == "GET":
form.title.data = blog_post.title
form.text.data = blog_post.text
return render_template('create_post.html',
title='Updating Post',
form=form)
def create_post():
form = BlogPostForm()
if form.validate_on_submit():
blog_post = Post(title=form.title.data,
text=form.text.data,
user_id=current_user.id)
db.session.add(blog_post)
db.session.commit()
flash('Blog Post Created')
return redirect(url_for('core.index'))
return render_template('create_post.html', form=form)
def create_post():
form = BlogPostForm()
if form.validate_on_submit():
post = BlogPost(title=form.title.data,
text=form.text.data,
user_id=current_user.id)
db.session.add(post)
db.session.commit()
flash('Blog post created!')
return redirect(url_for('blog_posts.blog_post', blog_post_id=post.id))
return render_template('create_post.html', form=form)
def update(blog_post_id):
blog_post = BlogPost.query.get_or_404(blog_post_id)
if blog_post.author != current_user:
abort(403)
form = BlogPostForm()
if form.validate_on_submit():
blog_post.title = form.title.data
blog_post.text = form.text.data
db.session.commit()
flash('Blog post updated')
return redirect(
url_for('blog_posts.blog_post', blog_post_id=blog_post.id))
elif request.method == 'GET':
form.title.data = blog_post.title
form.text.data = blog_post.text
return render_template('create_post.html', form=form)
def update(blog_post_id):
blog_post = BlogPost.query.get_or_404(blog_post_id)
if blog_post.author != current_user:
# if the logged in user is not the author of the post
# we throw 403 error,denying their access to updating the post
abort(403)
form = BlogPostForm()
if form.validate_on_submit():
blog_post.title = form.title.data
blog_post.text = form.text.data
db.session.commit()
flash('Blog post updated!')
return redirect(
url_for('blog_posts.blog_post', blog_post_id=blog_post_id))
elif request.method == 'GET':
form.title.data = blog_post.title
form.text.data = blog_post.text
return render_template('create_post.html', title='Updating', form=form)
