def admin_blog():
form = AddForm()
if request.method == 'POST' and form.validate_on_submit():
title = form.title.data
content = form.content.data
excerpt = form.excerpt.data
return title + content + excerpt
sorts = get_sorts()
return render_theme_template(theme, 'addBlog.html', form=form, sorts=sorts)
def login():
if g.user is not None and g.user.is_authenticated():
return redirect(url_for('admin.index'))
form = LoginForm()
if request.method == "POST" and form.validate_on_submit():
username = form.username.data
password = form.password.data
user = User.query.filter(
or_(User.username == username, User.email == username)).first()
if user and user.is_active():
if verify_password(current_app.config['SECRET_KEY'], password,
user.password):
login_user(user, remember=form.remember_me.data)
return redirect(
request.args.get('next') or url_for('admin.index'))
else:
form.password.errors.append(u'您输入的密码不正确')
else:
form.username.errors.append(u'用户名或邮箱不正确')
return render_theme_template(theme, 'login.html', form=form)
def user():
if request.args.get('action') == 'add':
if g.user.role != '0':
flash(u'您不是管理员,没有权限添加用户', 'error')
return redirect(url_for('admin.user'))
form = UserForm()
if request.method == "POST" and form.validate_on_submit():
password = hash_password(current_app.config['SECRET_KEY'],
form.password.data)
role = request.form.get('role')
ischeck = request.form.get('ischeck')
if User.make_username_unique(form.username.data):
username = form.username.data
us = User(username=username,
password=password,
role=role,
ischeck=ischeck)
try:
db.session.add(us)
db.session.commit()
update_users()
flash(u'添加用户成功', 'success')
except MySQLError, e:
flash(u'添加用户失败,失败原因: %s' % e, 'error')
return redirect(url_for('admin.user'))
else:
form.username.errors.append(u'用户名已经存在')
return render_theme_template(theme, 'addUser.html', form=form)
def index():
return render_theme_template(theme, 'index.html')
sort = Sort(taxis=taxis, sortname=sortname, alias=alias, \
pid=pid, description=description)
try:
db.session.add(sort)
db.session.commit()
update_sorts() # 更新分类缓存
flash(u'添加分类成功', 'success')
except MySQLError, e:
flash(u'添加分类失败,失败原因: %s' % e, 'error')
finally:
return redirect(url_for('admin.sort'))
else:
form.alias.errors.append(u'别名不能重复')
return render_theme_template(theme, 'addSort.html', \
form=form, p_sorts=p_sorts)
if request.args.get('action') == 'update':
form = SortForm()
sid = request.args.get('sid', None)
if sid:
if not _id_match(sid):
flash(u'参数错误', 'error')
return redirect(url_for('admin.sort'))
else:
flash(u'参数错误', 'error')
return redirect(url_for('admin.sort'))
sort = Sort.sort_children(Sort.query.filter_by(sid=sid).first())
if request.method == "POST" and form.validate_on_submit():
else:
form.username.errors.append(u'用户名已经存在了')
else:
us.username = us.username
try:
db.session.add(us)
db.session.commit()
update_users()
flash(u'修改用户信息成功', 'success')
except MySQLError, e:
flash(u'修改信息失败,失败原因: %s' % e, 'error')
return redirect(url_for('admin.user'))
return render_theme_template(theme, 'editUser.html', form=form, us=us)
if request.args.get('action') == 'del':
if g.user.role != '0':
flash(u'您不是管理员,没有权限删除用户', 'error')
return redirect(url_for('admin.user'))
uid = request.args.get('uid', None)
if uid:
if not _id_match(uid):
flash(u'参数错误', 'error')
return redirect(url_for('admin.user'))
else:
flash(u'参数错误', 'error')
return redirect(url_for('admin.user'))
description = form.description.data
hide = request.form.get('hide')
lnk = Link(taxis=taxis, sitename=sitename, siteurl=siteurl, hide=hide, \
description=description)
try:
db.session.add(lnk)
db.session.commit()
update_links()
flash(u'增加友链成功', 'success')
except MySQLError, e:
flash(u'增加友链失败,失败原因: %s' % e, 'error')
finally:
return redirect(url_for('admin.link'))
return render_theme_template(theme, 'addLink.html', form=form)
if request.args.get('action') == 'update':
form = LinkForm()
id = request.args.get('id', None)
if id:
if not _id_match(id):
flash(u'参数错误', 'error')
return redirect(url_for('admin.link'))
else:
flash(u'参数错误', 'error')
return redirect(url_for('admin.link'))
lnk = Link.query.filter_by(id=id).first()
if request.method == "POST" and form.validate_on_submit():