def update_post(post_id):
post = Posts.query.get_or_404(post_id)
if post.author != current_user:
abort(403)
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.content = form.content.data
if form.file.data:
hex_name = secrets.token_hex(8)
_, file_ext = os.path.splitext(form.file.data.filename)
file_name = hex_name + file_ext
file_path = os.path.join(current_app.root_path,
f'static/files/{str(current_user.id)}',
file_name)
form.file.data.save(file_path)
post.file = file_name
# current_user.post.file = form.file.data.filename
db.session.commit()
flash("Your post was updated successfully", "success")
return redirect(url_for('posts.post', post_id=post.id))
elif request.method == 'GET':
form.title.data = post.title
form.content.data = post.content
form.file.data = post.file
return render_template("newpost.html",
title="Update Post",
form=form,
legend='Update Post')
def update_post(post_id):
# make sure the post exists before we can update it
post = Post.query.get_or_404(post_id)
# make sure that the author of the post is the one updating it
if post.author != current_user:
abort(403)
# load our post form
form = PostForm()
# if all the info checks out, we can save it in the db
# if we're loading the page, prepopulate the values of the fields
if form.validate_on_submit():
post.title = form.title.data
post.content = form.content.data
db.session.commit()
flash("Your post has been updated!", 'success')
return redirect(url_for('posts.post', post_id=post.id))
elif request.method == 'GET':
form.title.data = post.title
form.content.data = post.content
return render_template("create_post.html",
title="Update Post",
form=form,
legend='Update Post')
def newpost():
form = PostForm()
if form.validate_on_submit():
if form.file.data:
hex_name = secrets.token_hex(8)
_, file_ext = os.path.splitext(form.file.data.filename)
file_name = hex_name + file_ext
file_path = os.path.join(current_app.root_path,
f'static/files/{str(current_user.id)}',
file_name)
form.file.data.save(file_path)
current_user.posts.file = file_name
post = Posts(title=form.title.data,
content=form.content.data,
author=current_user,
file=file_name)
else:
post = Posts(title=form.title.data,
content=form.content.data,
author=current_user)
db.session.add(post)
db.session.commit()
flash('Your post has been added successfully', 'success')
return redirect(url_for('main.home'))
return render_template("newpost.html",
title="New Post",
form=form,
legend='Create Post')
def create_post():
form = PostForm()
if form.validate_on_submit():
post = Post(title=form.title.data, content=form.content.data, author=current_user)
db.session.add(post)
db.session.commit()
flash('Your post has been created!', 'success')
return redirect(url_for('main.home'))
return render_template('create_post.html', title='New Post', form=form, legend='New Post')
def new_post():
form = PostForm()
if form.validate_on_submit():
post = Post(title=form.title.data,
content=form.content.data,
author=current_user)
db.session.add(post)
db.session.commit()
flash("Your post has been created!", "success")
return redirect(url_for("main.home"))
return render_template("create_post.html",
title="New Post",
form=form,
legend="New Post")
def new_post():
form = PostForm()
if form.validate_on_submit():
post = Post(title=form.title.data,
content=form.content.data,
user_id=current_user.id)
#author=current_user, #can also use this.
db.session.add(post)
db.session.commit()
flash(message='Post Creation Successful', category='success')
return redirect(url_for('main.home'))
return render_template('create_post.html',
title='New Post',
form=form,
legend='New Post')
def post_update(post_id):
post = Post.query.get_or_404(post_id)
if post.author != current_user:
abort(403)
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.content = form.content.data
db.session.commit()
flash('Your post has been updated!', 'success')
return redirect(url_for('posts.post_detail', post_id=post.id))
elif request.method == 'GET':
form.title.data = post.title
form.content.data = post.content
return render_template('create_post.html', title='Update Post', form=form, legend='Update Post')
def update_post(post_id):
post = Post.query.get_or_404(post_id)
if post.author != current_user:
abort(403)
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.content = form.content.data
db.session.commit()
flash('Your post has been updated!!', category="success")
return redirect(url_for('posts.post', post_id=post.id))
if request.method == "GET":
form.title.data = post.title
form.content.data = post.content
return render_template('create_new.html', title="Update Post",
form=form, legend="Update Post")
def update_post(post_id):
post = Post.query.get_or_404(post_id)
if post.author != current_user:
abort(403)
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.content = form.content.data
flash('更新成功', 'success')
return redirect(url_for('posts.post', post_id=post.id))
if request.method == 'GET':
form.post_img.data = post.post_image
form.title.data = post.title
form.content.data = post.content
return render_template('update_post.html',
title=f'更新博客:{post.title}',
form=form)
def create_post():
form = PostForm()
if form.validate_on_submit():
# handle post_image
post_img = form.post_img.data
thumbnail_post_img = save_img_as(
post_img, post=True,
username=current_user.username) if post_img is not None else None
post = Post(title=form.title.data,
content=form.content.data,
author=current_user,
post_image=thumbnail_post_img)
db.session.add(post)
db.session.commit()
flash(f'发布成功:{form.title.data}', 'primary')
return redirect(url_for('main.home'))
return render_template('create_post.html', title='发布博客', form=form)
def new_post():
# grab the form we made for the post
form = PostForm()
# ensure that the post data is all valid and then save to the db
if form.validate_on_submit():
post = Post(title=form.title.data,
content=form.content.data,
author=current_user)
db.session.add(post)
db.session.commit()
flash('Your post has been created!', 'success')
return redirect(url_for('main.home'))
return render_template("create_post.html",
title="New Post",
form=form,
legend='New Post')
def new_post():
form = PostForm()
if form.validate_on_submit():
post = Post(title=form.title.data,
content=form.content.data,
author=current_user
) #giving information about the post to the post variable
db.session.add(post) #adding post to database
db.session.commit() #adding post to database
flash('Your post has been created!', 'success')
return redirect(
url_for('main.home')
) #user is redirected to homepage if their post is successful
return render_template('create_post.html',
title='New Post',
form=form,
legend='New Post')
def update_post(post_id):
post = Post.query.get_or_404(ident=post_id)
if current_user != post.author:
abort(403)
else:
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.content = form.content.data
db.session.commit()
flash("Your Post have been updated", category='success')
return redirect(url_for('posts.post', post_id=post.id))
elif request.method == 'GET':
form.title.data = post.title
form.content.data = post.content
return render_template('create_post.html',
title='Update Post',
form=form,
legend='Update Post')
def update_post(post_id):
post = Post.query.get_or_404(post_id)
if post.author != current_user:
abort(403)
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.content = form.content.data
db.session.commit(
) # No need to add here because we already have this in our db
flash('Your post has been updated', 'success')
return redirect(url_for('posts.post', post_id=post_id))
elif request.method == 'GET':
form.title.data = post.title
form.content.data = post.content
return render_template('create_post.html',
title='Update post',
legend='Update Post',
form=form)
def update_post(post_id):
post = Post.query.get_or_404(post_id)
if post.author != current_user:
abort(403)
form = PostForm()
if form.validate_on_submit(
): #if form is valid, update the title and content of the post with whatever is in the PostForm()
post.title = form.title.data
post.content = form.content.data
db.session.commit()
flash('your post has been updated!', 'success')
return redirect(
url_for('posts.post', post_id=post.id)
) #'post' is a method and 'post_id' is the parameter it takes in
elif request.method == 'GET':
form.title.data = post.title #the form is populated with title of the post
form.content.data = post.content
return render_template('create_post.html',
title='Update Post',
form=form,
legend='Update Post')
def update_post(post_id):
# post is what is already in the database. form is what is being currently beeing populated/updated/added.
post = Post.query.get_or_404(post_id)
# this makes sure that if you're not the author of the post, you can't update the post.
if post.author != current_user:
abort(403) # 403: Forbidden
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.content = form.content.data
db.session.commit(
) # we don't use .add() because that the content/data is already in the database. we'll use .commit() to make the changes
flash('Your post has been updated!', 'success')
return redirect(url_for('posts.post', post_id=post.id))
elif request.method == 'GET':
# populate title and content using existing data
form.title.data = post.title
form.content.data = post.content
return render_template('create_post.html',
title='Update Title',
form=form,
legend='Update Post')