def journal(journal_id, section_number, entry_number):
# journal_id is id in database, section_number counts from 1 upwards, entry_number counts from 0 upwards
# to overcome the vulnerability, check if the journal belongs to them
user_id = session['user_id']
if Journal.query.filter_by(id=journal_id,
user_id=user_id).scalar() is None:
return redirect(url_for('journal_land'))
# Could have called this data easily into lists using database, but this tree is better cause it allows the names
# of all sections to be loaded at once to display, reducing delay
# Creating the user tree
user_id = session['user_id']
tree = user_tree(user_id)
# Finding the journal location in the tree
journal_location = 1
while int(journal_id) != tree[journal_location][0][0]:
journal_location += 1
# Finds content of specific journal, so more efficient and doesn't have to sort through everything
journal_content = tree[journal_location]
# so that we can make changes to the database
journal = Journal.query.filter_by(id=journal_id).scalar()
section = Section.query.filter_by(
id=(journal_content[int(section_number)][0][0])).scalar()
entry = Entry.query.filter_by(
id=(journal_content[int(section_number)][int(entry_number) +
1][0])).scalar()
# Form inputs for new section and new entry
form_new_section = NewSection()
form_new_entry = NewEntry()
# The entry variables we are sending
entry_text = entry.content
print("entry content", entry_text)
entry_title = entry.name
entry_last_mod = str(entry.last_mod)[0:16]
if form_new_section.validate_on_submit():
section = Section(name=form_new_section.section_input.data,
journal_id=journal_id)
db.session.add(section)
db.session.commit()
entry = Entry(name="my page", section_id=section.id, content="")
db.session.add(entry)
db.session.commit()
form_new_section.section_input.data = ''
# updating last mod of journal
journal.last_mod = datetime.utcnow()
db.session.commit()
return redirect(
url_for('journal',
journal_id=journal_id,
section_number=1,
entry_number=0))
if form_new_entry.validate_on_submit():
section_id = journal_content[int(section_number)][0][0]
entry = Entry(name=form_new_entry.entry_input.data,
section_id=section_id,
content="")
db.session.add(entry)
db.session.commit()
form_new_entry.entry_input.data = ''
# updating last mod of journal and section
journal.last_mod = datetime.utcnow()
section.last_mod = datetime.utcnow()
db.session.commit()
return redirect(
url_for('journal',
journal_id=journal_id,
section_number=section_number,
entry_number=0))
# Entry details form
entry_details = EntryInput()
if entry_details.validate_on_submit():
entry.content = entry_details.entry_content.data
entry.name = entry_details.entry_name.data
db.session.commit()
# updating last mod of journal, section and entry
journal.last_mod = datetime.utcnow()
section.last_mod = datetime.utcnow()
entry.last_mod = datetime.utcnow()
db.session.commit()
# to display the data
entry_details.entry_content.data = entry.content
return render_template('journal.html',
journal_content=journal_content,
journal_id=int(journal_id),
section_number=int(section_number),
entry_number=int(entry_number),
entry_title=entry_title,
entry_text=entry_text,
form_new_section=form_new_section,
form_new_entry=form_new_entry,
entry_details=entry_details,
entry_last_mod=entry_last_mod)
