def index(page = 1, post = -1):
posts = Post.query.filter(and_(Post.draft == False, Post.static == False)).order_by(db.desc(Post.timestamp))
if post >= 0:
timestamp = Post.query.filter(Post.post_id == post).first().timestamp
page = len(posts.filter(Post.static == False).all()) - len(Post.query.filter(and_(Post.draft == False, Post.static == False, Post.timestamp <= timestamp)).all()) + 1
return redirect('/page/' + str(page))
posts = posts.paginate(page, 1, error_out=True)
pagination = Pagination(total=posts.total, per_page=1, page=page, search=False, record_name='posts', inner_window=2, outer_window=2, alignment='centered')
if len(posts.items) > 0:
comment = Comment.query.filter(Comment.post_id == posts.items[0].post_id).order_by(db.desc(Comment.timestamp))
commentform = CommentForm()
commentform.post_id.data = posts.items[0].post_id
return render_custom_template('index.html', post=posts.items[0], comments=comment, commentform=commentform, pagination=pagination, current_user=current_user)
else:
return render_custom_template('index.html', post=None, comments=None, commentform=None, antispam=app.config['ANTISPAM_QUESTION'], pagination=pagination, current_user=current_user)
def users(current = -1):
if current >= 0:
users = User.query.all()
user = User.query.filter(User.user_id == current).first()
profileform = ProfileForm(obj=user)
if request.method == 'POST' and profileform.validate_on_submit():
if profileform.delete.data:
user.deleted = True
else:
if profileform.undelete.data:
user.deleted = False
user.fullname = profileform.fullname.data
if profileform.password.data:
user.password = bcrypt.generate_password_hash(profileform.password.data)
db.session.commit()
return redirect('/users/edit/' + str(current))
return render_custom_template('users.html', users=users, profileform=profileform, current=current)
else:
users = User.query.all()
profileform = ProfileForm()
if request.method == 'POST' and profileform.validate_on_submit():
user = User(
-1,
profileform.username.data,
bcrypt.generate_password_hash(profileform.password.data),
profileform.fullname.data
)
db.session.add(user)
db.session.commit()
return redirect('/users')
return render_custom_template('users.html', users=users, profileform=profileform, current=current)
def search(term=""):
searchform = SearchForm(prefix='search')
posts = []
if (request.method == 'GET' and term != "") or (request.method == 'POST' and searchform.validate_on_submit()):
if request.method == 'POST':
term = searchform.term.data
term = '%' + term + '%'
posts = Post.query.filter(and_(Post.draft == False, or_(Post.title.like(term), Post.text.like(term)))).order_by(db.desc(Post.timestamp))
return render_custom_template('search.html', searchform=searchform, posts=posts)
def login():
loginform = LoginForm(prefix='login')
if request.method == 'POST' and loginform.validate_on_submit():
username = loginform.username.data
password = loginform.password.data
user = User.query.filter(User.username == username).first()
if user is not None and user.username == username and bcrypt.check_password_hash(user.password, password):
login_user(User(user.user_id, user.username, user.password))
return redirect(request.args.get("next"))
else:
flash(u"Wrong username or password or both or maybe none of them and I just don't want you to log in.", 'error')
return redirect('/login?next=' + request.args.get("next"))
else:
return render_custom_template('login.html', loginform=loginform)
def profile():
user = User.query.filter(User.user_id == current_user.user_id).first()
profileform = ProfileForm(obj=user)
if request.method == 'POST' and profileform.validate_on_submit():
user.fullname = profileform.fullname.data
if profileform.password.data:
user.password = bcrypt.generate_password_hash(profileform.password.data)
db.session.commit()
#login_user(User(user.user_id, user.username, user.password))
return redirect('/profile')
else:
return render_custom_template('profile.html', profileform=profileform)
def admin(current=-1):
data = None
if request.method == 'GET' and current >= 0:
data = Post.query.filter_by(post_id=current).first()
postform = PostForm(obj=data)
# Check if the default credentials have been changed
if current_user.username == app.config['DEFAULT_USERNAME'] and bcrypt.check_password_hash(current_user.password, app.config['DEFAULT_PASSWORD']):
flash(u'Please change admin credentials.', 'error')
if request.method == 'POST' and postform.validate_on_submit():
if current >= 0:
post = Post.query.filter_by(post_id=current).first()
if postform.delete.data:
db.session.delete(post)
else:
post.title = postform.title.data
post.text = postform.text.data
post.draft = (not postform.publish.data)
post.static = (postform.static.data)
else:
post = Post(
postform.title.data,
postform.text.data,
current_user.fullname,
(not postform.publish.data),
postform.static.data,
datetime.datetime.now()
)
db.session.add(post)
db.session.commit()
return redirect(url_for('admin'))
posts = Post.query.filter(Post.static==False).order_by(db.desc(Post.timestamp))
statics = Post.query.filter(Post.static==True).order_by(db.desc(Post.timestamp))
return render_custom_template('admin.html', posts=posts, statics=statics, postform=postform, current_user=current_user)
def static_page(page):
post = Post.query.filter(Post.title==page).first()
return render_custom_template('static_page.html', post=post, current_user=current_user)
