def topic_create():
# get current user (author)
user = user_from_session_token()
if request.method == "GET":
csrf_token = set_csrf_token(
username=user.username) # create CSRF token
return render_template("topic/create.html", csrf_token=csrf_token)
elif request.method == "POST":
title = request.form.get("title")
text = request.form.get("text")
csrf = request.form.get("csrf") # csrf from HTML
# only logged in users can create a topic
if not user:
return redirect(url_for('login'))
if not is_valid_csrf(csrf=csrf, username=user.username):
return "CSRF token is not valid!"
# create a Topic object
Topic.create(title=title, text=text, author=user)
return redirect(url_for('index'))
def create_topic():
if request.method == "GET":
return render_template("topic/create.html")
elif request.method == "POST":
title = request.form.get("title")
text = request.form.get("text")
session_token = request.cookies.get("session_token")
user = User.get_by_session()
if not user:
return redirect(url_for("signup"))
Topic.create(title=title, text=text, author=user)
return redirect(url_for("index"))
def post(self):
user = users.get_current_user()
title = self.request.get("title")
content = self.request.get("content")
tags = self.request.get("all-tags").split(",")
instructor = self.request.get("instructor")
if instructor:
tags.append(instructor)
author = users.get_current_user().nickname()
if title and content and tags:
topic = Topic.create(title, content, author, tags)
topic.subscribers.append(user.email())
topic.put()
self.redirect("/topic/" + str(topic.key.id()))
the_users = User.query(User.receive_updates==True).fetch()
for user in the_users:
email = user.email
if user.first_name is None:
first_name = ""
else:
first_name = user.first_name
if email != users.get_current_user().email():
email_new_topic(first_name, title, topic.key.id(), email)
else:
self.redirect('/')
def topic_create():
session_token = request.cookies.get("session_token")
user = db.query(User).filter_by(session_token=session_token).first()
if not user:
return redirect(url_for('auth.login'))
if request.method == "GET":
csrf_token = create_csrf_token(user.username)
return render_template("topic/topic_create.html",
user=user,
csrf_token=csrf_token)
elif request.method == "POST":
csrf = request.form.get("csrf")
if validate_csrf(csrf, user.username):
title = request.form.get("title")
text = request.form.get("text")
topic = Topic.create(title=title, text=text, author=user)
print(topic)
return redirect(url_for('topic.index'))
else:
return "CSRF token is not valid!"
def topic_create():
# get current user (author)
session_token = request.cookies.get("session_token")
user = db.query(User).filter_by(session_token=session_token,
verified=True).first()
# only logged in users can create a topic
if not user:
return redirect(url_for('auth.login'))
if request.method == "GET":
csrf_token = create_csrf_token(user.username)
return render_template("topic/topic_create.html",
user=user,
csrf_token=csrf_token)
elif request.method == "POST":
csrf = request.form.get("csrf")
if validate_csrf(csrf, user.username):
title = request.form.get("title")
text = request.form.get("text")
# create a Topic object
topic = Topic.create(title=title, text=text, author=user)
return redirect(url_for('topic.index'))
else:
return "CSRF token is not valid!"
def topic_create():
# get current user (author)
session_token = request.cookies.get("session_token")
user = db.query(User).filter_by(session_token=session_token).first()
# only logged in users can create a topic
if not user:
return redirect(url_for('login'))
if request.method == "GET":
csrf_token = str(uuid.uuid4()) # create CSRF token
redis.set(name=csrf_token, value=user.username
) # store CSRF token into Redis for that specific user
return render_template("topic_create.html",
user=user,
csrf_token=csrf_token)
elif request.method == "POST":
csrf = request.form.get("csrf") # csrf from HTML
redis_csrf_username = redis.get(name=csrf).decode(
) # username value stored under the csrf name from redis
if redis_csrf_username and redis_csrf_username == user.username: # if they match, allow user to create a topic
title = request.form.get("title")
text = request.form.get("text")
# create a Topic object
topic = Topic.create(title=title, text=text, author=user)
return redirect(url_for('index'))
else:
return "CSRF token is not valid!"
def post(self):
user = users.get_current_user()
title = self.request.get("title")
content = self.request.get("content")
tags = self.request.get("all-tags").split(",")
instructor = self.request.get("instructor")
if instructor:
tags.append(instructor)
author = users.get_current_user().nickname()
if title and content and tags:
topic = Topic.create(title, content, author, tags)
topic.subscribers.append(user.email())
topic.put()
self.redirect("/topic/" + str(topic.key.id()))
the_users = User.query(User.receive_updates == True).fetch()
for user in the_users:
email = user.email
if user.first_name is None:
first_name = ""
else:
first_name = user.first_name
if email != users.get_current_user().email():
email_new_topic(first_name, title, topic.key.id(), email)
else:
self.redirect('/')
def topic_create():
user = user_from_session_token()
# only logged in users can create topic
if not user:
return redirect(url_for('auth/login'))
if request.method == "GET":
csrf_token = create_csrf_token(user.username)
return render_template(
"topics/topic_create.html", user=user,
csrf_token=csrf_token) # send CSRF token into HTML template
elif request.method == "POST":
csrf = request.form.get("csrf") # csrf from HTML
if validate_csrf(
csrf,
user.username): # if they match, allow user to create a topic
title = request.form.get("title")
text = request.form.get("text")
# create a topic object
topic = Topic.create(title=title, text=text, author=user)
return redirect(url_for('index'))
else:
return "CSRF token is not valid"
def post(self):
logged_user = users.get_current_user()
if not logged_user:
return self.write(
'Error\nPlease login to be allowed to post a new Topic.')
title_value = self.request.get('title')
text_value = self.request.get('text')
author_email = logged_user.email()
if (not title_value) or (not title_value.strip()):
return self.write('Title field is required!')
if (not text_value) or (not text_value.strip()):
return self.write('Text field is required!')
new_topic = Topic.create(
title=title_value,
content=text_value,
author_email=author_email,
)
flash = {
'flash_message': 'Topic added successfully',
'flash_class': 'alert-success',
}
return self.redirect_to('topic-details',
topic_id=new_topic.key.id(),
**flash)
def post(self):
user = users.get_current_user()
if not user:
return self.write("You're not logged in.")
title = cgi.escape(self.request.get("title"))
text = cgi.escape(self.request.get("text"))
new_topic = Topic.create(title=title, text=text, user=user)
return self.redirect_to("topic-details", topic_id=new_topic.key.id())
def post(self):
user = users.get_current_user()
title = self.request.get("title")
text = self.request.get("text")
new_topic = Topic.create(title=title, content=text, user=user)
return self.redirect_to("topic-details", topic_id=new_topic.key.id())
def topic_create():
user = user_from_session_token()
if request.method == "GET":
csrf_token = set_csrf_token(username=user.username)
return render_template("topic/create.html", csrf_token=csrf_token)
elif request.method == "POST":
title = request.form.get("title")
text = request.form.get("text")
csrf = request.form.get("csrf")
if not user:
return redirect(url_for('login'))
if not is_valid_csrf(csrf=csrf, username=user.username):
return "CSRF token is not valid!"
Topic.create(title=title, text=text, author=user)
return redirect(url_for('index'))
def post(self):
user = users.get_current_user()
#if not user:
#return self.write('Please login before post!')
title = self.request.get("title")
text = self.request.get("text")
new_topic = Topic.create(title=title, content=text, user=user)
return self.redirect_to('topic-details', topic_id=new_topic.key.id())
def post(self):
user = users.get_current_user()
if not user:
return self.write(
"Please login before you're allowed to post a topic.")
title = self.request.get("title")
text = self.request.get("text")
new_topic = Topic.create(title, text, user)
if is_local():
time.sleep(0.1)
return self.redirect_to("topic-details", topic_id=new_topic.key.id())
def topic_create():
if request.method == "GET":
return render_template("topic_create.html")
elif request.method == "POST":
title = request.form.get("title")
text = request.form.get("text")
session_token = request.cookies.get("session_token")
user = db.query(User).filter_by(session_token=session_token).first()
if not user:
return redirect(url_for('login'))
topic = Topic.create(title=title, text=text, author=user)
print(topic)
return redirect(url_for('index'))
def post(self):
user = users.get_current_user()
if not user:
return self.redirect_to("not-registered")
topic_title = self.request.get("title")
the_content = self.request.get("content")
user = users.get_current_user()
new_topic=Topic.create(content= the_content, author_email= user, title= topic_title)
new_topic.put()
return self.redirect_to("topic-details", topic_id = new_topic.key.id())
def post(self):
title = self.request.get("title")
text = self.request.get("text")
if not title:
return self.write("Title field is required")
if not text:
return self.write("Text field is required")
logged_user = users.get_current_user()
new_topic = Topic.create(
title=title,
content=text,
user=logged_user,
)
return self.redirect_to("topic-details", topic_id=new_topic.key.id())
def topic_create():
if request.method == "GET":
return render_template("topic_create.html")
elif request.method == "POST":
title = request.form.get("title")
text = request.form.get("text")
# get current user (author)
session_token = request.cookies.get("session_token")
user = db.query(User).filter_by(session_token=session_token).first()
# only logged in users can create a topic
if not user:
return redirect(url_for('login'))
# create a Topic object
topic = Topic.create(title=title, text=text, author=user)
return redirect(url_for('index'))
def topic_create():
user = get_user()
# only a logged in user can create a topic.
if not user:
render_template("signup.html")
# Display the Topic Create Page
if request.method == "GET":
# create the csrf token
csrf_token = str(uuid.uuid4())
# use the redis app
redis.set(name=csrf_token, value=user.name)
return render_template("topic_create.html",
user=user,
csrf_token=csrf_token)
elif request.method == "POST":
# Get the CSRF token back and ensure that it matches what was sent.
csrf = request.form.get("csrf")
redis_csrf_name = redis.get(name=csrf).decode()
# see that the csrf came back and then that it matches what was sent
if redis_csrf_name and redis_csrf_name == user.name:
# Create the Topic Title, Text and post it.
topic_title = request.form.get("topic-title")
topic_text = request.form.get("topic-text")
created = datetime.datetime.now().date()
# Post it
topic = Topic.create(title=topic_title,
text=topic_text,
created=created,
creator=user)
return redirect(url_for('all_topics'))
else:
return "CSRF token is not valid"
def post(self):
logged_user = users.get_current_user()
if not logged_user:
return self.write(
"Please login before you're allowed to post a topic.")
title_value = self.request.get("title")
text_value = self.request.get("text")
if not title_value:
return self.write("Title field is required")
if not text_value:
return self.write("Text field is required")
new_topic = Topic.create(
title_value=title_value,
text_value=text_value,
logged_user=logged_user,
)
return self.redirect_to("topic-details", topic_id=new_topic.key.id())
