def commentAdd():
if 'username' in session:
#csrf check
if request.headers.get('csrfToken') == session['csrf']:
pass
else:
abort(400)
userName = session['username']
bid = request.form['blogid']
content = request.form['content']
checkInt(bid)
checkStr(content, 65535)
db.session.commit()
ref_blog = db.session.query(Blog).filter(
Blog.blogid == bid).with_for_update().first()
print(ref_blog)
if not ref_blog == None:
try:
new_data = BlogComment(bid, userName, content)
ref_blog.comment_num = ref_blog.comment_num + 1
db.session.add(new_data)
db.session.commit()
return jsonify({'code': 0, 'msg': 'success add'})
except Exception as e:
logger.info(e, exc_info=True)
db.session.rollback()
return jsonify({'code': 500, 'msg': 'sqlserver error'})
else:
return jsonify({'code': 405, 'msg': "request blog not exist"})
else:
return jsonify({'code': 403, 'msg': 'please log in'})
def commentQuery():
bid = request.form['blogid']
checkInt(bid)
#添加偏移量,之后在前端中加入此字段,应该是offset = request.form['offset']
offset = 0
try:
db.session.commit()
ref_blog = Blog.query.filter_by(blogid=bid).first()
if not ref_blog == None:
try:
db.session.commit()
data = BlogComment.query.filter_by(
blogid=bid).offset(offset).limit(10).all()
resp = {}
resp['code'] = 0
resp['msg'] = 'success query'
resp_data = {}
resp_data['datacount'] = len(data)
data_list = []
for i in data:
single_data = {}
single_data['blogid'] = i.blogid
single_data['commentid'] = i.commentid
single_data['content'] = i.content
single_data['author'] = i.author
single_data['date'] = i.sub_date
data_list.append(single_data)
resp_data['data'] = data_list
resp['data'] = resp_data
resp['offset'] = offset + len(data)
return jsonify(resp)
except Exception as e:
logger.info(e, exc_info=True)
return jsonify({'code': 500, 'msg': 'sqlserver error'})
else:
return jsonify({'code': 405, 'msg': "request blog not exist"})
except Exception as e:
logger.info(e, exc_info=True)
return jsonify({'code': 500, 'msg': 'sqlserver error'})
def blogModify():
if 'username' in session:
#csrf check
if request.headers.get('csrfToken') == session['csrf']:
pass
else:
abort(400)
bid = request.form['blogid']
title = request.form['title']
content = request.form['content']
comment_num = request.form['comment_num']
checkInt(bid)
checkInt(comment_num)
checkStr(title, 40)
checkStr(content, 65535)
origin_data = Blog.query.filter_by(blogid=bid).first()
if not origin_data == None:
if origin_data.author == session['username']:
try:
origin_data.title = title
origin_data.content = content
origin_data.sub_date = datetime.datetime.now()
db.session.commit()
return jsonify({'code': 0, 'msg': 'success update'})
except Exception as e:
logger.info(e, exc_info=True)
db.session.rollback()
return jsonify({'code': 500, 'msg': 'sqlserver error'})
else:
return jsonify({
'code': 404,
'msg': "you don't have the power"
})
else:
return jsonify({'code': 405, 'msg': "request blog not exist"})
else:
return jsonify({'code': 403, 'msg': 'please log in'})
def blogDelete():
if 'username' in session:
#csrf check
if request.headers.get('csrfToken') == session['csrf']:
pass
else:
abort(400)
bid = request.form['blogid']
checkInt(bid)
#行锁
db.session.commit()
origin_data = db.session.query(Blog).filter(
Blog.blogid == bid).with_for_update().first()
if not origin_data == None:
if origin_data.author == session['username']:
try:
#删除该博客相关联的评论
ref_commentList = BlogComment.query.filter_by(
blogid=bid).all()
for i in ref_commentList:
db.session.delete(i)
db.session.delete(origin_data)
db.session.commit()
return jsonify({'code': 0, 'msg': 'success delete'})
except Exception as e:
logger.info(e, exc_info=True)
db.session.rollback()
return jsonify({'code': 500, 'msg': 'sqlserver error'})
else:
return jsonify({
'code': 404,
'msg': "you don't have the power"
})
else:
return jsonify({'code': 405, 'msg': "request blog not exist"})
else:
return jsonify({'code': 403, 'msg': 'please log in'})