def add_article():
form = ArticleForm(request.form)
if request.method == 'POST' and form.validate():
title = form.title.data
body = form.body.data
# Create cursor
cur = mysql.connection.cursor()
# Insert article
cur.execute(
"INSERT INTO articles(title, body, author, user_id) VALUES (%s, %s, %s, %s)",
(title, body, session['username'], session['user_id']))
mysql.connection.commit()
# Close connection
cur.close()
# Let user know of success
flash('Article created', 'success')
# Return corresponding page
return redirect(url_for('dashboard'))
return render_template('add_article.html', form=form)
def edit_article(id):
cur = mysql.connection.cursor()
result = cur.execute("SELECT * FROM articles WHERE id = %s", [id])
article = cur.fetchone()
cur.close()
form = ArticleForm(request.form)
form.title.data = article['title']
form.body.data = article['body']
if request.method == 'POST' and form.validate():
title = request.form['title']
body = request.form['body']
app.logger.info(title)
cur = mysql.connection.cursor()
cur.execute("UPDATE articles SET title=%s, body=%s WHERE id=%s",
(title, body, id))
mysql.connection.commit()
cur.close()
flash('Article Updated', 'success')
return redirect(url_for('dashboard'))
return render_template('article/edit_article.html', form=form)
def edit_article(id):
db = MysqlUtil() # 实例化数据库操作类
fetch_sql = "SELECT * FROM articles WHERE id = '%s' and author = '%s'" % (
id, session['username']) # 根据笔记ID查找笔记信息
article = db.fetchone(fetch_sql) # 查找一条记录
# 检测笔记不存在的情况
if not article:
flash('ID错误', 'danger') # 闪存信息
return redirect(url_for('dashboard'))
# 获取表单
form = ArticleForm(request.form)
if request.method == 'POST' and form.validate(): # 如果用户提交表单,并且表单验证通过
# 获取表单字段内容
title = request.form['title']
content = request.form['content']
update_sql = "UPDATE articles SET title='%s', content='%s' WHERE id='%s' and author='%s'" % (
title, content, id, session['username'])
db = MysqlUtil() # 实例化数据库操作类
db.update(update_sql) # 更新数据的SQL语句
flash('更改成功', 'success') # 闪存信息
return redirect(url_for('dashboard')) # 跳转到控制台
# 从数据库中获取表单字段的值
form.title.data = article['title']
form.content.date = article['content']
return render_template('edit_article.html', form=form) # 渲染模板
def add_article():
form = ArticleForm(request.form)
if request.method == 'POST' and form.validate():
title = form.title.data
body = form.body.data
# Create Cursor
cur = mysql.connection.cursor()
# Execute
cur.execute(
"INSERT INTO articles(title, body, author) VALUES(%s, %s, %s)",
(title, body, session['username']))
# Commit to DB
mysql.connection.commit()
#Close connection
cur.close()
flash('Article Created', 'success')
return redirect(url_for('dashboard'))
return render_template('add_article.html', form=form)
def edit_article(id):
# Create cursor
cur = mysql.connection.cursor()
# Get article by id
cur.execute('SELECT * FROM articles WHERE id = %s', [id])
article = cur.fetchone()
# Create form
form = ArticleForm(request.form)
# populate fields
form.title.data = article['title']
form.body.data = article['body']
if request.method == 'POST' and form.validate():
title = request.form['title']
body = request.form['body']
# Update table
cur.execute(
'UPDATE articles SET title = %s, body = %s, edit_date = CURRENT_TIMESTAMP WHERE id = %s',
(title, body, id))
# Commit
mysql.connection.commit()
# close cursor
cur.close()
flash(f'Article {id} Updated', 'success')
return redirect(url_for('.dashboard'))
return render_template('edit_article.html', form=form)
def create_article():
"""
Create an article object and store on db.
Return article object in JSON response.
Data: title, content, url, source, summary, img_url
"""
data = request.json
form = ArticleForm(**data, meta={'csrf': False})
if form.validate():
if not newsmart.isUrlValid(form.url.data):
return (jsonify({"errors": {"url": ["Not a valid url."]}}), 400)
article = Article.query.filter(
Article.url == form.url.data).one_or_none()
if article:
# article object has been created already
return (jsonify({"article": article.serialize()}), 200)
else:
# create new article object and save
new_article = Article.new(**form.data)
return (jsonify({"article": new_article.serialize()}), 201)
errors = {"errors": form.errors}
return (jsonify(errors), 400)
def update(blog_id):
if not session.get('logged_in'):
abort(404)
else:
form = ArticleForm()
if request.method == 'POST':
if form.validate() == False:
return render_template('add.html', form=form)
else:
g.db = connect_db()
cur = g.db.execute('UPDATE fblog SET title =' +
form.title.data + ', content =' +
form.content.data + ' WHERE blog_id=' +
str(blog_id))
g.db.commit()
g.db.close()
flash('Article updated successfully')
return redirect(url_for('admin'))
elif request.method == 'GET':
g.db = connect_db()
article = query_db(
'SELECT blog_id, title, content FROM fblog WHERE blog_id = ?',
[blog_id],
one=True)
form.title.data = article['title']
form.content.data = article['content']
return render_template('edit.html', form=form, article=article)
def edit_article(id):
# Create cursor
cur = mysql.connection.cursor()
# Get article by id
result = cur.execute("SELECT * FROM articles WHERE id=%s", [id])
article = cur.fetchone()
# Get form
form = ArticleForm(request.form)
# Populate article form fields
form.title.data = article['title']
form.body.data = article['body']
if request.method == 'POST' and form.validate():
title = request.form['title']
body = request.form['body']
# Create cursor
cur = mysql.connection.cursor()
# Execute
cur.execute("UPDATE articles SET title=%s, body=%s WHERE id=%s",
(title, body, id))
# Commit to DB
mysql.connection.commit()
# Close connection
cur.close()
flash('Article Updated', 'success')
return redirect(url_for('dashboard'))
return render_template('edit_article.html', form=form)
def article_update(article_id):
cur = mysql.connection.cursor()
query = "SELECT * FROM articles WHERE id=%s"
result = cur.execute(query, [article_id])
article = {}
if result > 0:
article = cur.fetchone()
cur.close()
form = ArticleForm(request.form)
if request.method == 'GET':
form.title.data = article['title']
form.body.data = article['body']
elif request.method == 'POST' and form.validate():
cur = mysql.connection.cursor()
mysql.connection.autocommit(on=True)
query = """ UPDATE articles
SET title=%s, body=%s
WHERE id=%s """
params = (form.title.data, form.body.data, article_id)
cur.execute(query, params)
cur.close()
flash('Статья обновлена', 'success')
return redirect(url_for('dashboard'))
return render_template('article-create.html',
form=form,
header='Редактирование')
def article_new():
form = ArticleForm(request.form)
if form.validate():
try:
db.save(Article(current_user, form.title.data, form.content.data, form.plain_text.data))
except AssertionError, err:
current_app.logger.error(err)
return redirect(url_for('Common.index'))
def home():
try:
storage.load()
except IOError:
pass
form = ArticleForm(request.form)
if request.method == 'POST' and form.validate():
article = Articles(form.article_title.data, form.article_body.data)
storage.articles.append(article)
storage.dump()
return render_template('base.html', form=form, storage=storage)
def add_article():
form = ArticleForm(request.form)
if request.method == 'POST' and form.validate():
sql = sqlpuzzle.insert_into('article').values({
'title': form.title.data,
'text': form.text.data,
})
cur = get_db().cursor()
cur.execute(str(sql))
return redirect(url_for('article_page.articles'))
return render_template('article/add.html', form=form)
def new_article():
form = ArticleForm(request.form)
if request.method == 'POST' and form.validate():
article_info = Article_Info()
save_changes(article_info, form, new=True)
flash('Article added successfully!')
return redirect('/')
return render_template('new_article.html', form=form)
def article_edit(slug):
""" Render edit article form by <slug> or update data from `POST` """
from models import Article, Tag, db
from forms import ArticleForm
article = Article.by_slug(slug=slug).first_or_404()
form = ArticleForm()
if request.method != 'POST':
# init form data from object
form.title.data = article.title
form.slug.data = article.slug
form.description.data = article.description
form.content.data = article.content
tags = [t.title for t in article.tags]
for t in tags:
if form.tags.data:
form.tags.data += ", " + t
else:
form.tags.data = t
form.pub_date.data = article.pub_date.strftime("%Y-%m-%d %H:%M:%S")
form.upd_date.data = article.upd_date.strftime("%Y-%m-%d %H:%M:%S")
else:
if form.validate():
article.title = form.title.data
article.slug = form.slug.data
article.description = form.description.data
article.content = form.content.data
article.pub_date = datetime.strptime(form.pub_date.data, '%Y-%m-%d %H:%M:%S')
# autonow if empty or error
try:
upd_datetime = datetime.strptime(form.upd_date.data, '%Y-%m-%d %H:%M:%S')
except Exception:
article.upd_date = datetime.now()
article.tags = []
tags_raw = form.tags.data.split(',')
for t in tags_raw:
t = t.strip()
# Get or create
try:
article.tags += [Tag.query.filter(Tag.title == t)[0]]
except Exception:
article.tags += [Tag(t)]
db.session.commit()
flash("Article updated success.", 'success')
return redirect(url_for('articles_view', slug=form.slug.data))
return render_template('articles/edit.html', **locals())
def new_article():
from forms import ArticleForm
from models import Article
if request.method == 'POST':
form = ArticleForm(request.form)
if form.validate():
article = Article(**form.data)
db.session.add(article)
db.session.commit()
return render_template('new_article.html')
def edit(id):
article = Article.query.filter_by(id=id).first()
form = ArticleForm(obj=article)
if request.method == 'POST':
if form.validate() == True:
article.titre = form.titre.data
article.cont = form.cont.data
article.category.name = form.category.data
db.session.commit()
return redirect(url_for('affiche'))
return render_template('edit.html', form=form, article=article)
def edit(id):
qry = db_session.query(Article_Info).filter(Article_Info.id == id)
article_info = qry.first()
if article_info:
form = ArticleForm(formdata=request.form, obj=article_info)
if request.method == 'POST' and form.validate():
save_changes(article_info, form)
flash('Article information updated successfully!')
return redirect('/')
return render_template('edit_article.html', form=form)
else:
return 'Error loading #{id}'.format(id=id)
def add_article():
form = ArticleForm(request.form) # 实例化wtforms的ArticleForm 获取请求值然后进行处理
if request.method == 'POST' and form.validate():
# 如果用户提交表单,并且通过验证
title = form.title.data
content = form.content.data
author = session.get('username')
create_date = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime())
db = MysqlUtil()
sql = 'insert into articles(title,content,author,create_date) values ("%s","%s","%s","%s")' % (title, content, author, create_date)
db.insert(sql)
flash('创建成功', 'success') #闪存信息 返回给前端的get_flashed_messages --> _messages.html
return redirect(url_for('article.dashboard')) # 添加成功 跳转回控制台展示
return render_template('add_article.html', form=form) #带着参数渲染模板
def index():
from forms import ArticleForm
from models import Article
if request.method == 'POST':
print(request.form)
form = ArticleForm(request.form)
if form.validate():
article = Article(**form.data)
db.session.add(article)
db.session.commit()
articles = Article.query.all()
return render_template('main.txt', articles=articles)
def add_article():
form = ArticleForm(request.form) # 实例化ArticleForm表单类
if request.method == 'POST' and form.validate(): # 如果用户提交表单,并且表单验证通过
# 获取表单字段内容
title = form.title.data
content = form.content.data
author = session['username']
create_date = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
db = MysqlUtil() # 实例化数据库操作类
sql = "INSERT INTO articles(title,content,,author,create_date) VALUES ('%s','%s','%s','%s')" % (
title, content, author, create_date) # 插入数据的SQL语句
db.insert(sql)
flash('创建成功', 'success') # 闪存信息
return redirect(url_for('dashboard')) # 跳转到控制台
return render_template('add_article.html', form=form) # 渲染模板
def delete(id):
qry = db_session.query(Article_Info).filter(Article_Info.id == id)
article_info = qry.first()
if article_info:
form = ArticleForm(formdata=request.form, obj=article_info)
if request.method == 'POST' and form.validate():
db_session.delete(article_info)
db_session.commit()
flash('Article deleted successfully!')
return redirect('/')
return render_template('delete_article.html', form=form)
else:
return 'Error deleting #{id}'.format(id=id)
def article_create():
form = ArticleForm(request.form)
if request.method == 'POST' and form.validate():
cur = mysql.connection.cursor()
mysql.connection.autocommit(on=True)
query = "INSERT INTO articles(title, body, author) VALUES(%s, %s, %s)"
params = (form.title.data, form.body.data, session['username'])
cur.execute(query, params)
cur.close()
flash('Статья добавлена', 'success')
return redirect(url_for('dashboard'))
return render_template('article-create.html',
form=form,
header='Добавление')
def add():
form = ArticleForm()
if request.method == 'POST':
if form.validate() == True:
article = Article()
article.titre = form.titre.data
article.cont = form.cont.data
article.category = form.category.data
db.session.add(article)
db.session.commit()
return redirect(url_for('affiche'))
return render_template('add.html', form=form)
def edit_article(id):
# Create cursor
cur = mysql.connection.cursor()
# Get article
cur.execute("SELECT * FROM articles WHERE id = %s", [id])
article = cur.fetchone()
# Close connection
cur.close()
# Get form
form = ArticleForm(request.form)
# Populate article form fields
form.title.data = article['title']
form.body.data = article['body']
if request.method == 'POST' and form.validate():
title = request.form['title']
body = request.form['body']
# Create cursor
cur = mysql.connection.cursor()
# Update article
result = cur.execute(
"UPDATE articles SET title = %s, body = %s WHERE id = %s AND author = %s AND user_id = %s",
(title, body, id, session['username'], session['user_id']))
mysql.connection.commit()
# Close connection
cur.close()
# Let user know of success/failure
if result == 0:
flash('Article left as is', 'info')
else:
flash('Article updated', 'success')
# Return corresponding page
return redirect(url_for('dashboard'))
return render_template('edit_article.html', form=form)
def edit_article(id):
# Create Cursor
c, conn = connection()
# Get article by id
result = c.execute("SELECT * FROM articles WHERE id = %s", [id])
article = c.fetchone()
# Get form
form = ArticleForm(request.form)
# Populate article form fields
form.title.data = article['title']
form.body.data = article['body']
# get author so you can verify only current author can edit post. Remember to include how solved in readme
current_author = article['author']
if session['username'] == current_author:
flash('Article author matches current user you may edit', 'success')
else:
flash('Cannot edit must be appropriate author', 'danger')
return redirect(url_for('dashboard'))
if request.method == 'POST' and form.validate():
title = request.form['title']
body = request.form['body']
# Execute
c.execute("UPDATE articles SET title=%s, body=%s WHERE id = %s",
(title, body, id))
# Commit to DB
conn.commit()
# Close connection
c.close()
conn.close()
flash('Article Updated', 'success')
return redirect(url_for('dashboard'))
return render_template('edit_article.html', form=form)
def add_article():
# Formulär för att skriva in en ny artikel.
form = ArticleForm(request.form)
if form.validate():
rubrik = form.rubrik.data.strip()
ingress = form.ingress.data.strip()
text = form.text.data.strip()
datum = form.datum.data
undkat_id = form.undkat_id.data
p_nr = form.p_nr.data
# Lägger in ny artikel till databasen.
cursor = mddb.cursor()
new_article = """INSERT INTO artikel (rubrik, ingress, text, datum, undkat_id)
VALUES (%s, %s, %s, %s, %s)"""
cursor.execute(new_article, (rubrik, ingress, text, datum, undkat_id))
# Hämtar artikel-ID från den senast inlagda artikeln.
get_artid = """SELECT art_id FROM artikel ORDER BY art_id DESC LIMIT 1;"""
cursor.execute(get_artid)
latest_article = cursor.fetchone()
art_id = latest_article[0]
# Lägger till artikel-ID från den senast inlagda artikeln i sambandstabellen.
add_artid = """INSERT INTO skriven_av (art_id, journalist) VALUES (%s, %s)"""
cursor.execute(add_artid, (int(art_id), p_nr))
mddb.commit()
cursor.close()
return redirect(url_for("index"))
navbar = queries_function.get_nav_content()
art_no = queries_function.get_quantities()
return render_template("add_article.html",
title="Skriv artikel",
form=form,
navbar=navbar,
art_no=art_no)
def create():
data = request.get_json()
form = ArticleForm(**data)
if form.validate():
form_data = form.data
form_data['ip'] = request.remote_addr
article = g.user.create_article(**form_data)
alert = dict(
type='success',
messages=_("Your article has been submitted successfully. The staff will approve it soon. Thank you for your contribution")
)
redirect = url_for("site.page", name="home")
return jsonify({"data": article.json_data(), "alert": alert, "redirect": redirect})
else:
return json_error(type="VALIDATION_FAILED", messages=form.errors)
def add():
if not session.get('logged_in'):
abort(404)
else:
form = ArticleForm()
if request.method == 'POST':
if form.validate() == False:
return render_template('add.html', form=form)
else:
d = datetime.now().strftime('%d-%m-%Y')
g.db = connect_db()
cur = g.db.execute('INSERT INTO fblog (title, content, date, status) VALUES (?, ?, ?, 1)', [form.title.data, form.content.data, d])
g.db.commit()
g.db.close()
flash('Article added successfully')
return redirect( url_for('admin') )
elif request.method == 'GET':
return render_template('add.html', form=form)
def edit_article(post_id=None):
form = ArticleForm()
db = get_db()
if request.method == 'POST' and form.validate():
slug = slugify(form.title.data, max_length=50)
data = [
slug,
form.title.data,
form.intro.data,
form.text.data,
form.date.data,
form.published.data,
form.description.data,
form.keywords.data
]
if form.pk.data is not None:
data.append(form.pk.data)
db.execute("update articles set slug=?, title=?, intro=?, text=?, date=?, published=?, "
"description=?, keywords=? where id=?", data)
flash('Статья обновлена', 'success')
return redirect(url_for('edit_article', post_id=form.pk.data))
else:
cur = db.execute("insert into articles (slug, title, intro, text, date, published, "
"description, keywords) values(?,?,?,?,?,?,?,?)", data)
flash('Статья добавлена', 'success')
return redirect(url_for('edit_article', post_id=cur.lastrowid))
if request.method == 'GET':
if post_id is not None:
cur = db.execute("select * from articles where id=?", [post_id])
article = cur.fetchone()
if article is None:
abort(404)
app.logger.debug("edit article %i", article['id'])
form.pk.data = article['id']
form.title.data = article['title']
form.intro.data = article['intro']
form.text.data = article['text']
form.date.data = article['date']
form.published.data = article['published']
form.description.data = article['description']
form.keywords.data = article['keywords']
return render_template('edit.html', form=form)
def articles_add():
""" Add new article or render form """
from models import Article, Tag, db
from forms import ArticleForm
form = ArticleForm()
form.pub_date.data = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
form.upd_date.data = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
if request.method == 'POST' and form.validate():
tags = []
if form.tags.data:
tags_raw = form.tags.data.split(',')
for t in tags_raw:
t = t.strip()
try:
tags += [Tag.query.filter(Tag.title==t)[0]]
except Exception:
tags += [Tag(t)]
try:
pub_date = datetime.strptime(form.pub_date.data, '%Y-%m-%d %H:%M:%S')
except ValueError:
flash("Can't parse date.", 'error')
else:
article = Article(
form.title.data,
form.description.data,
form.content.data,
tags=tags,
slug=form.slug.data,
pub_date=pub_date,
)
db.session.add(article)
db.session.commit()
flash("Article added.", 'success')
return redirect(url_for('articles_view', slug=article.slug))
return render_template('articles/add.html', **locals())
def add():
if not session.get('logged_in'):
abort(404)
else:
form = ArticleForm()
if request.method == 'POST':
if form.validate() == False:
return render_template('add.html', form=form)
else:
d = datetime.now().strftime('%d-%m-%Y')
g.db = connect_db()
cur = g.db.execute(
'INSERT INTO fblog (title, content, date, status) VALUES (?, ?, ?, 1)',
[form.title.data, form.content.data, d])
g.db.commit()
g.db.close()
flash('Article added successfully')
return redirect(url_for('admin'))
elif request.method == 'GET':
return render_template('add.html', form=form)
def index():
from models import Article
from forms import ArticleForm
if request.method == 'POST':
form = ArticleForm(request.form)
if form.validate():
data_a = Article(**form.data)
db.session.add(data_a)
db.session.commit()
return redirect(url_for('index'))
else:
return 'Form is not valid! Post was not created.\n ' + str(
form.errors)
if request.method == 'GET':
articles = Article.query.all()
return render_template('index.html',
articles=articles,
date_time=date.today())
def edit_article(post_id=None):
form = ArticleForm()
db = get_db()
if request.method == 'POST' and form.validate():
slug = slugify(form.title.data, max_length=50)
data = [
slug, form.title.data, form.intro.data, form.text.data,
form.date.data, form.published.data, form.description.data,
form.keywords.data
]
if form.pk.data is not None:
data.append(form.pk.data)
db.execute(
"update articles set slug=?, title=?, intro=?, text=?, date=?, published=?, "
"description=?, keywords=? where id=?", data)
flash('Статья обновлена', 'success')
return redirect(url_for('edit_article', post_id=form.pk.data))
else:
cur = db.execute(
"insert into articles (slug, title, intro, text, date, published, "
"description, keywords) values(?,?,?,?,?,?,?,?)", data)
flash('Статья добавлена', 'success')
return redirect(url_for('edit_article', post_id=cur.lastrowid))
if request.method == 'GET':
if post_id is not None:
cur = db.execute("select * from articles where id=?", [post_id])
article = cur.fetchone()
if article is None:
abort(404)
app.logger.debug("edit article %i", article['id'])
form.pk.data = article['id']
form.title.data = article['title']
form.intro.data = article['intro']
form.text.data = article['text']
form.date.data = article['date']
form.published.data = article['published']
form.description.data = article['description']
form.keywords.data = article['keywords']
return render_template('edit.html', form=form)
def edit_article(id):
db = MysqlUtil()
fetch_sql = "SELECT * FROM articles WHERE id = '%s' and author = '%s'" % (id,session['username']) # 根据笔记id查找笔记信息
article = db.fetchone(fetch_sql) #查找一条记录
if not article:
flash('ID错误','danger') # 闪存信息
return redirect(url_for('article.dashboard'))
# 获取表单
form = ArticleForm(request.form)
if request.method == 'POST' and form.validate():
title = request.form.get('title')
content = request.form.get('content')
update_sql = 'update articles set title = "%s", content = "%s" where id = "%s" and author = "%s"' % (title,content,id,session.get('username'))
db = MysqlUtil()
db.update(update_sql) #更新到数据库
flash('更改成功', 'success')
return redirect(url_for('article.dashboard'))
form.title.data = article['title']
form.content.data = article['content']
return render_template('edit_article.html', form=form)
def edit_article(id):
cur = mysql.connection.cursor()
cur.execute("USE flaskblog")
temp = cur.execute("SELECT * FROM articles WHERE id = %s", [id])
article = cur.fetchone()
org_auth = article['author']
if org_auth != session['username']:
cur.close()
flash('Access Denied ! Invaild User','danger')
return redirect(url_for('dashboard'))
# result = cur.execute("SELECT * FROM articles WHERE id = %s", [id])
form = ArticleForm(request.form)
#populate form
form.title.data = article['title']
form.body.data = article['body']
if request.method == 'POST' and form.validate():
title = request.form['title']
body = request.form['body']
# create cursor
cur = mysql.connection.cursor()
cur.execute("USE flaskblog")
cur.execute("UPDATE articles SET title=%s, body=%s WHERE id=%s", (title, body, id))
mysql.connection.commit()
cur.close()
flash('Article Updated !', 'success')
return redirect(url_for('dashboard'))
return render_template('edit_article.html', form=form)
def update(blog_id):
if not session.get('logged_in'):
abort(404)
else:
form = ArticleForm()
if request.method == 'POST':
if form.validate() == False:
return render_template('add.html', form=form)
else:
g.db = connect_db()
cur = g.db.execute('UPDATE fblog SET title =' + form.title.data + ', content =' + form.content.data + ' WHERE blog_id=' + str(blog_id))
g.db.commit()
g.db.close()
flash('Article updated successfully')
return redirect( url_for('admin') )
elif request.method == 'GET':
g.db = connect_db()
article = query_db('SELECT blog_id, title, content FROM fblog WHERE blog_id = ?', [blog_id], one=True)
form.title.data = article['title']
form.content.data = article['content']
return render_template('edit.html', form=form, article=article)
def update():
article = g.article
user = g.user
data = request.get_json()
form = ArticleForm(**data)
if form.validate():
form_data = form.data
data = form_data
data['ip'] = request.remote_addr
data['user'] = user
# Make sure that users cant change article status
try:
if not user.has_permission('approve_article'):
del data['is_active']
except Exception:
pass
article.update(**data)
cache.update_article(article.id, article)
return jsonify({"data": article.json_data()})
else:
return json_error(type="VALIDATION_FAILED", messages=form.errors)
def update():
article = g.article
user = g.user
data = request.get_json()
form = ArticleForm(**data)
if form.validate():
form_data = form.data
data = form_data
data['ip'] = request.remote_addr
data['user'] = user
# Make sure that users cant change article status
try:
if not user.has_permission('approve_article'):
del data['is_active']
except Exception:
pass
article.update(**data)
cache.update_article(article.id, article)
return jsonify({"data": article.json_data()})
else:
return json_error(type="VALIDATION_FAILED", messages=form.errors)
def edit_article(id):
cur = mysql.connection.cursor()
cur.execute("SELECT * FROM articles WHERE id=%s", [id])
article = cur.fetchone()
form = ArticleForm(request.form)
if request.method == 'POST' and form.validate():
title = request.form['title']
body = request.form['body']
cur = mysql.connection.cursor()
cur.execute("UPDATE articles SET title=%s, body=%s WHERE id=%s",
[title, body, id])
mysql.connection.commit()
cur.close()
flash('Article edited successfully', 'success')
return redirect(url_for('blog.dashboard'))
form.title.data = article['title']
form.body.data = article['body']
return render_template('edit_article.html', form=form, id=article['id'])
def create():
data = request.get_json()
form = ArticleForm(**data)
if form.validate():
form_data = form.data
form_data['ip'] = request.remote_addr
article = g.user.create_article(**form_data)
alert = dict(
type='success',
messages=
_("Your article has been submitted successfully. The staff will approve it soon. Thank you for your contribution"
))
redirect = url_for("site.page", name="home")
return jsonify({
"data": article.json_data(),
"alert": alert,
"redirect": redirect
})
else:
return json_error(type="VALIDATION_FAILED", messages=form.errors)
