def GET(self, xid): assert (str(xid).isdigit()) if not check_right (xid): print 'try to read an unauthrithm data, %s record id:%s , user id:%s' % ('publisher',xid, get_user()) raise web.notfound() record = m_publisher.get_one (**{"id": int(xid)}) return render ('admin/publisher_read.html', data = {'record':record})
def GET(self, xid): assert (str(xid).isdigit()) if not check_right(xid): print 'try to read an unauthrithm data, %s record id:%s , user id:%s' % ( 'publisher', xid, get_user()) raise web.notfound() record = m_publisher.get_one(**{"id": int(xid)}) return render('admin/publisher_read.html', data={'record': record})
def POST(self, xid): #xid = web.input(xid=0).get('xid') assert (str(xid).isdigit()) xid = int(xid) request = web.input() input_fields = [ 'publisher_name', 'publisher_address', 'publisher_tel', ] nonul_fields = [ 'publisher_name', 'publisher_address', 'publisher_tel', ] #user input fileds, can not be emtpy #检查用户是否有权限 if xid != 0 and not check_right(xid): print 'try to save an unauthrithm data, %s record id:%s , user id:%s' % ( 'publisher', xid, get_user()) raise web.notfound() #检查是否存在 不能为空的字段 输入为空 if not self.check_input(request, nonul_fields): print 'try to edit data, but found some not-null parameter null, table: %s' % 'publisher' return default_error('some parameter empty') data = {} if xid == 0: #new record print 'add new record into database for table publisher' data["id"] = 0 data['create_time'] = get_date() data['create_user'] = get_user() else: print 'update record into database for table publisher' data = m_publisher.get_one(**{'id': xid}) if not data: print 'try to update record into database, but fail' raise web.notfound() data['update_time'] = get_date() data['update_user'] = get_user() for field in input_fields: new_field = field.replace('publisher_', '', 1) data[new_field] = request.get(field, '') #if xid=0 then add ; otherwise update m_publisher.upsert("id", **data) return web.seeother('/admin/publisher' + "_list")
def GET(self,xid): assert (str(xid).isdigit()) xid = int(xid) if xid and not check_right (xid): print 'try to edit unauthorization data, table:%s, id:%s' % ( 'publisher', xid) return default_error () data = {} if xid: data['record'] = m_publisher.get_one (**{"id": int(xid)}) if not data: print 'Error, try to edit record but not found data, table:%s, id:%s' % ('publisher', xid) raise web.notfound() return render ('admin/publisher_edit.html', data = data)
def GET(self, xid): assert (str(xid).isdigit()) xid = int(xid) if xid and not check_right(xid): print 'try to edit unauthorization data, table:%s, id:%s' % ( 'publisher', xid) return default_error() data = {} if xid: data['record'] = m_publisher.get_one(**{"id": int(xid)}) if not data: print 'Error, try to edit record but not found data, table:%s, id:%s' % ( 'publisher', xid) raise web.notfound() return render('admin/publisher_edit.html', data=data)
def POST(self,xid): #xid = web.input(xid=0).get('xid') assert (str(xid).isdigit()) xid = int(xid) request = web.input() input_fields = [ 'publisher_name', 'publisher_address', 'publisher_tel', ] nonul_fields = [ 'publisher_name', 'publisher_address', 'publisher_tel', ] #user input fileds, can not be emtpy #检查用户是否有权限 if xid!=0 and not check_right (xid): print 'try to save an unauthrithm data, %s record id:%s , user id:%s' % ('publisher',xid, get_user()) raise web.notfound() #检查是否存在 不能为空的字段 输入为空 if not self.check_input (request, nonul_fields): print 'try to edit data, but found some not-null parameter null, table: %s' % 'publisher' return default_error('some parameter empty') data = {} if xid==0: #new record print 'add new record into database for table publisher' data["id"] = 0 data['create_time'] = get_date(); data['create_user'] = get_user() else: print 'update record into database for table publisher' data = m_publisher.get_one ( ** {'id': xid}) if not data: print 'try to update record into database, but fail' raise web.notfound() data['update_time'] = get_date(); data['update_user'] = get_user() for field in input_fields: new_field = field.replace('publisher_','',1) data[new_field] = request.get(field,'') #if xid=0 then add ; otherwise update m_publisher.upsert ("id",**data) return web.seeother('/admin/publisher'+"_list")