def post(post_id): post = db.get_post(post_id) print(post) return render_template('post.html', logged_in=session.get('logged_in'), current_user=session.get('username'), post=post)
def delete_post(post_id): post = db.get_post(post_id) if post['author']['username'] != session.get('username'): abort(403) sql = 'DELETE FROM posts WHERE id=%s' db.run(sql, (post['id'], )) flash('Post was deleted!', 'info') return redirect(url_for('home'))
def update_post(post_id): post = db.get_post(post_id) if session.get('username') != post['author']['username']: abort(403) if request.method == 'POST': post['title'] = request.form.get('title') post['content'] = request.form.get('content') db.update_post(post) return redirect( url_for('post', post_id=post_id)) return render_template('update_post.html', logged_in=session.get('username'), post=post)
def update_post(post_id): post = db.get_post(post_id) if session.get('username') != post['author']['username']: abort(403) if request.method == 'POST': title = request.form.get('title') content = request.form.get('content') sql_1 = 'UPDATE posts SET title=%s WHERE id=%s' sql_2 = 'UPDATE posts SET content=%s WHERE id=%s' db.run(sql_1, (title, post['id'])) db.run(sql_2, (content, post['id'])) flash("The post was updated successfully", 'success') return redirect(url_for('post', post_id=post_id)) print(post) return render_template('update_post.html', logged_in=session.get('logged_in'), current_user=session.get('username'), post=post)
def delete_post(post_id): post = db.get_post(post_id) if session.get('username') != post['author']['username']: abort(403) db.delete_post(post) return redirect( url_for('home') )
def post(post_id): post = db.get_post(post_id) return render_template('post.html', post=post, logged_in=session.get('username'))