def post(self):
user = users.get_current_user()
if not user:
return self.write("You are not logged in!")
author = self.request.get("name")
email = user.email()
sendto = self.request.get("to-mail")
subject = self.request.get("to-subject")
message = self.request.get("message")
if not author:
author = "Anonymous"
if not sendto:
sendto = "Write your email"
if not subject:
subject = "none"
if "<script>" in message:
return self.write("insert non JS")
msg_object = Message(message=message.replace("<script>", ""))
msg_object.author_name = author
msg_object.email = email
msg_object.sendto = sendto
msg_object.subject = subject
msg_object.put()
return self.redirect_to("message-site")
