def post_comment(request, year, month, day, slug): try: p = posts.get_object(posted__year=int(year), posted__month=int(month), posted__day=int(day), slug__exact=slug) except posts.PostDoesNotExist: raise Http404() try: c = comments.get_object(pk=int(request.POST.get('comment', '-1'))) except comments.CommentDoesNotExist: raise Http404() if not p.id == c.post_id: raise Http404() # FIXME # check IP-address! # check session? if c.previewed: raise Http404() ctx = template.Context(dict(comment=c)) send_mail("New comment on %s" % c.get_post(), comment_posted.render(ctx), SERVER_EMAIL, [a[1] for a in ADMINS], True) c.previewed = True c.save() return HttpResponseRedirect(c.get_absolute_url())
def post(request, year, month, day, slug): try: p = posts.get_object(posted__year=int(year), posted__month=int(month), posted__day=int(day), slug__exact=slug) except posts.PostDoesNotExist: raise Http404() c = Context(request, post=p) t = template_loader.get_template('blog/post') return HttpResponse(t.render(c))
def preview_comment(request, year, month, day, slug): if not request.META['REQUEST_METHOD'] == 'POST': raise PermissionDenied() try: p = posts.get_object(posted__year=int(year), posted__month=int(month), posted__day=int(day), slug__exact=slug) except posts.PostDoesNotExist: raise Http404() if request.POST.has_key('comment'): comment = comments.get_object(pk=int(request.POST['comment'])) if not p.id == comment.post_id: raise Http404() if comment.previewed: raise Http404() else: comment = comments.Comment(post=p, name=request.POST['name']) comment.user = request.user comment.previewed = False if request.META.has_key('HTTP_X_FORWARDED_FOR'): comment.ip_address = request.META['HTTP_X_FORWARDED_FOR'].split(',')[-1].strip() elif request.META.has_key('REMOTE_ADDR'): comment.ip_address = request.META.get('REMOTE_ADDR') else: comment.ip_address = '0.0.0.0' comment.email = request.POST.get('email', '') comment.url = request.POST.get('url', '') content = request.POST.get('content', '') comment.content = safe_markdown.render(content) comment.save() c = Context(request, post=p, comment=comment, markdown_content=request.POST['content']) t = template_loader.get_template('blog/preview-comment') return HttpResponse(t.render(c))
def draft_edit(request, draft_id): try: manipulator = posts.ChangeManipulator(draft_id) except posts.PostDoesNotExist: raise Http404 draft = manipulator.original_object if request.POST: do_publish = request.POST['action'] == 'publish' data = request.POST.copy() if do_publish: data['listed'] = 'on' now = datetime.datetime.now() data['posted_date'] = now.strftime('%Y-%m-%d') data['posted_time'] = now.strftime('%H:%M:%S') data.setlist('categories', [ d.id for d in draft.get_category_list() ]) errors = manipulator.get_validation_errors(data) if not errors: draft.posted = datetime.datetime.now() manipulator.do_html2python(data) manipulator.save(data) draft = posts.get_object(pk=draft.id) if do_publish: return HttpResponseRedirect("../../../posts/%d/" % draft.id) else: errors = {} data = draft.__dict__ form = formfields.FormWrapper(manipulator, data, errors) return locals()