def addItem(): if 'username' not in login_session: return redirect('/login') categories = session.query(Category).all() new_item = CategoryItem() if request.method == 'POST': if request.form['name']: new_item.name = request.form['name'] if request.form['description']: new_item.description = request.form['description'] if request.form['category']: new_item.category_id = request.form['category'] new_item.user_id = login_session['user_id'] session.add(new_item) session.commit() flash("Category item created!") category = session.query(Category).filter_by( id=new_item.category_id).one() return redirect(url_for('categoryItemPage', category_name=category.name, categoryitem_name=new_item.name)) else: return render_template('addcategoryitem.html', categories=categories)
def addItem(): if 'username' not in login_session: return redirect(url_for('displayItems')) cats = session.query(Category).all() new_item = CategoryItem(name="", description="", category_id=-1) if request.method == 'POST': print request.form['_csrf_token'] print if request.form['_csrf_token'] != login_session['_csrf_token']: response = make_response(json.dumps("Invalid web token."), 400) response.headers['Content-Type'] = 'application/json' return response new_item.name = request.form['name'] new_item.description = request.form['description'] new_item.category_id = request.form['category'] session.add(new_item) session.commit() return redirect(url_for('displayItemDetails', item_id=new_item.id)) else: login_session['_csrf_token'] = randomToken() return render_template('item_edit.html.j2', cats=cats, item=None, login_session=login_session)
def addItem(): cats = session.query(Category).all() new_item = CategoryItem(name="", description="", category_id=-1) if request.method == 'POST': new_item.name = request.form['name'] new_item.description = request.form['description'] new_item.category_id = request.form['category'] session.add(new_item) session.commit() return redirect(url_for('displayItemDetails', item_id= new_item.id)) else: return render_template('item_edit.html.j2', cats=cats, item=None)