def comments(username, p_id):
user = query_db(
'SELECT * FROM Users WHERE username="******";'.format(username), one=True)
if user == None:
flash('You are not logged in')
return redirect(url_for('index'))
elif user['password'] == session.get('password'):
form = CommentsForm()
if form.is_submitted():
user = query_db(
'SELECT * FROM Users WHERE username="******";'.format(username),
one=True)
query_db(
'INSERT INTO Comments (p_id, u_id, comment, creation_time) VALUES({}, {}, "{}", \'{}\');'
.format(p_id, user['id'], form.comment.data, datetime.now()))
post = query_db('SELECT * FROM Posts WHERE id={};'.format(p_id),
one=True)
all_comments = query_db(
'SELECT DISTINCT * FROM Comments AS c JOIN Users AS u ON c.u_id=u.id WHERE c.p_id={} ORDER BY c.creation_time DESC;'
.format(p_id))
return render_template('comments.html',
title='Comments',
username=username,
form=form,
post=post,
comments=all_comments)
else:
return redirect(url_for('stream', username=session.get('username')))
def comments(username, p_id):
if username != current_user.username:
return redirect(current_user.username)
user = User.query.filter_by(username = username).first()
form = CommentsForm()
if form.is_submitted():
comment = Comment(p_id=p_id, u_id=user.id, comment = form.comment.data, creation_time = datetime.now())
db.session.add(comment)
db.session.commit()
post = Post.query.filter_by(id = p_id).first()
if not post:
return error()
all_comments = db.session.query(Comment, User, Post).join(User, User.id == Comment.u_id).join(Post, Post.id == Comment.p_id).filter(Comment.p_id == post.id).all()
all_comments.sort(key=sortComments, reverse=True)
return render_template('comments.html', title='Comments', username=username, form=form, post=post, comments=all_comments)
def comments(username, p_id):
form = CommentsForm()
if form.is_submitted():
user = query_db('SELECT * FROM Users WHERE username= ?;', (username, ),
one=True)
query_db(
'INSERT INTO Comments (p_id, u_id, comment, creation_time) VALUES(?, ?, ?, ?);',
(p_id, user['id'], form.comment.data, datetime.now()))
post = query_db('SELECT * FROM Posts WHERE id= ?;', (p_id, ), one=True)
all_comments = query_db(
'SELECT DISTINCT * FROM Comments AS c JOIN Users AS u ON c.u_id=u.id WHERE c.p_id= ? ORDER BY c.creation_time DESC;',
(p_id, ))
return render_template('comments.html',
title='Comments',
username=username,
form=form,
post=post,
comments=all_comments)
def comments(username, p_id):
if (current_user.username != username):
return redirect(
url_for('comments', username=current_user.username, p_id=p_id))
else:
form = CommentsForm()
if form.is_submitted():
comment = sanitizeStr(form.comment.data)
# Dont post anything if form is empty
if comment == '':
return redirect(
url_for('comments',
username=current_user.username,
p_id=p_id))
user = query_db('SELECT * FROM Users WHERE username=?',
username,
one=True)
query_db(
'INSERT INTO Comments (p_id, u_id, comment, creation_time) VALUES(?, ?, ?, ?)',
p_id, user['id'], comment, datetime.now())
return redirect(
url_for(
'comments', username=current_user.username,
p_id=p_id)) # this clears the form after successfull post.
post = query_db('SELECT * FROM Posts WHERE id=?', p_id, one=True)
all_comments = query_db(
'SELECT DISTINCT * FROM Comments AS c JOIN Users AS u ON c.u_id=u.id WHERE c.p_id=? ORDER BY c.creation_time DESC',
p_id)
return render_template('comments.html',
title='Comments',
username=username,
form=form,
post=post,
comments=all_comments)