def post(self): # If not a logged in user redirect to login if not self.user: self.redirect('/login') else: comment = self.request.get('comment') post_id = int(self.request.get('post_id')) post = Post.get_by_id(post_id, parent=blog_key()) author = self.user if not comment: return # do nothing if empty comment else: c = Comment(content=comment, author=author.key, post=post.key) c.put() comment = Comment.render_single_comment(c) # return JSON to Ajax self.write(json.dumps(({'comment': comment})))
def post(self, topic_id): user = users.get_current_user() time = datetime.datetime.now() csrf_token = self.request.get("csrf_token") mem_token = memcache.get(key=csrf_token) if mem_token: return self.write("Hacker at the doors") comment = self.request.get("comment") topic = Topic.get_by_id(int(topic_id)) new_comment = Comment(content=comment, topic_id=topic.key.id(), author_email=user.email(), topic_title=topic.title, created=time) new_comment.put() return self.redirect_to("topic-details", topic_id=topic.key.id())