def delpost(n):
uid = getUID()
if request.method == "POST":
pid = int(request.form["pid"])
post = c.posts.Collections.find_one({"id":pid})
if post:
if admin(uid) and getThread(post['tid'])['pid'] != post['id']:
utils.delpost(pid)
if "ajax" in request.form:
return "/thread-%d?type=4"%(post['tid'])
else:
return redirect("/thread-%d?type=51"%(post['tid']))
else:
return page(html.permissionDenied(),uid)
else:
return page(html.postDoesNotExist(),uid)
else:
r = ""
post = c.posts.Collections.find_one({"id":int(n)})
if post:
if admin(uid) and getThread(post['tid'])['pid'] != post['id']:
r += html.delpost(post["id"])
return page(r,uid)
else:
return page(html.permissionDenied(),uid)
else:
return page(html.postDoesNotExist(),uid)
def editpost(n):
uid = getUID()
if request.method == "POST":
pid = int(request.form["pid"])
post = c.posts.Collections.find_one({"id":pid})
if post:
if (uid == post["uid"] and not post['hid'] and not getThread(post['tid'])['hid']) or admin(uid):
utils.editPost(uid, pid, request.form["content"])
return redirect("/thread-%d?type=52"%(getThread(post["tid"])['id']))
else:
return page(html.permissionDenied(),uid)
else:
return page(html.postDoesNotExist(),uid)
else:
r = ""
post = c.posts.Collections.find_one({"id":int(n)})
if post:
if (uid == post["uid"] and not post['hid'] and not getThread(post['tid'])['hid']) or admin(uid):
r += html.editpost(post["id"])
return page(r,uid)
else:
return page(html.permissionDenied(),uid)
else:
return page(html.postDoesNotExist(),uid)
def unhidepost(n):
uid = getUID()
post = c.posts.Collections.find_one({"id":int(n)})
if post:
if admin(uid):
utils.unhidepost(post['id'])
return redirect("thread-%d"%(post['tid']))
else:
return page(html.permissionDenied(),uid)
else:
return page(html.postDoesNotExist(),uid)
