def post(post_id):
post = db.get_post(post_id)
print(post)
return render_template('post.html',
logged_in=session.get('logged_in'),
current_user=session.get('username'),
post=post)
def delete_post(post_id):
post = db.get_post(post_id)
if post['author']['username'] != session.get('username'):
abort(403)
sql = 'DELETE FROM posts WHERE id=%s'
db.run(sql, (post['id'], ))
flash('Post was deleted!', 'info')
return redirect(url_for('home'))
def update_post(post_id):
post = db.get_post(post_id)
if session.get('username') != post['author']['username']:
abort(403)
if request.method == 'POST':
post['title'] = request.form.get('title')
post['content'] = request.form.get('content')
db.update_post(post)
return redirect( url_for('post', post_id=post_id))
return render_template('update_post.html', logged_in=session.get('username'), post=post)
def update_post(post_id):
post = db.get_post(post_id)
if session.get('username') != post['author']['username']:
abort(403)
if request.method == 'POST':
title = request.form.get('title')
content = request.form.get('content')
sql_1 = 'UPDATE posts SET title=%s WHERE id=%s'
sql_2 = 'UPDATE posts SET content=%s WHERE id=%s'
db.run(sql_1, (title, post['id']))
db.run(sql_2, (content, post['id']))
flash("The post was updated successfully", 'success')
return redirect(url_for('post', post_id=post_id))
print(post)
return render_template('update_post.html',
logged_in=session.get('logged_in'),
current_user=session.get('username'),
post=post)
def delete_post(post_id):
post = db.get_post(post_id)
if session.get('username') != post['author']['username']:
abort(403)
db.delete_post(post)
return redirect( url_for('home') )
def post(post_id):
post = db.get_post(post_id)
return render_template('post.html', post=post, logged_in=session.get('username'))