def delete(): # TODO token与用户验证 topic_id = int(request.args.get('id')) tp = Topic.find(topic_id) print('删除 的 topic 是', tp) t = Theme.find(tp.theme_id) t.topic_num -= 1 t.save() delete_file(local_image_director, tp.banner_img) tp.delete() return redirect(url_for('theme.detail'))
def edit(): id = int(request.args.get('id')) topic = Topic.find(id) board_id = int(request.args.get('board_id', -1)) token = new_csrf_token() bs = Board.all() return render_template('topic/edit.html', topic=topic, bs=bs, token=token, bid=board_id)
def topic_delete(): topic_id = int(request.args.get('id')) t = Topic.find(topic_id) user_id = t.user().id u = current_user() if u.username == 'admin': print('删除的帖子id是', topic_id, type(topic_id)) Topic.delete(topic_id) ts = Topic.topics_reverse_order(user_id) user = User.find(user_id) return render_template('admin/manage_topic.html', ts=ts, user=user)
def delete(): id = int(request.args.get('id')) token = request.args.get('token') u = current_user() if u.id == 1 or u.id == Topic.find(id).user_id: # 管理员或话题创建者才有权限 if token in csrf_tokens and csrf_tokens[token] == u.id: # 验证token Topic.delete(id) Reply.delete_all(dict(topic_id=id)) csrf_tokens.pop(token) return redirect(url_for('index.index'))
def delete(tid, token): u = current_user() if u is not None and csrf_tokens.get(token) == u.id: csrf_tokens.pop(token) topic = Topic.find(tid) if u.id == topic.uid or u.role == 1: topic.remove() return redirect(url_for('.index')) else: abort(403) else: abort(403)
def delete(): id = int(request.args.get('id')) token = request.args.get('token') u = current_user() topic = Topic.find(id) # 判断 token 是否是我们给的 # print(u.id, token, csrf_tokens) if token in csrf_tokens and csrf_tokens[token] == topic.user_id: csrf_tokens.pop(token) print('删除 topic 用户是', u, id) topic.delete() return redirect(url_for('.index')) else: abort(401)
def delete(): id = int(request.args.get('id')) token = request.args.get('token') u = current_user() # 判断 token 是否是我们给的 if token in csrf_tokens and csrf_tokens[token] == u.id: csrf_tokens.pop(token) if u is not None: t = Topic.find(id=id) t.delete() return redirect(url_for('.index')) else: abort(404) else: abort(403)
def delete(): u = current_user() user_id = u.id id = int(request.args.get('topic_id', -1)) t = Topic.find(id) author_id = t.user_id if user_id == author_id: token = request.args.get('token', '') if token in csrf_tokens: Topic.delete(id) t.reply_delete() csrf_tokens.remove(token) return redirect(url_for('.index')) else: abort(403) else: return redirect(url_for('index.index'))
def delete(): id = int(request.args.get('id')) token = request.args.get('token') u = current_user() t = Topic.find(id) # 判断token是否是我们给的 if token in csrf_tokens: csrf_tokens.remove(token) if u is not None and t.user_id == u.id: Topic.delete(id) rs = Reply.find_all(topic_id=id) for r in rs: Reply.delete(r.id) return redirect(url_for('.index')) else: abort(404) else: abort(403)
def detail(id): """ 话题详情页面 """ c_u = current_user() m = Topic.find(id) topic_created_time = formatted_time(m.created_time) token = new_csrf_token() # 5 个最近无人回复的话题 ts = Topic.topic_noreply() return render_template( "topic/detail.html", current_user=c_u, topic=m, ts=ts, topic_created_time=topic_created_time, token=token, )
def detail(id): m = Topic.find(id=id) u = current_user() # 传递 topic 的所有 reply 到 页面中 return render_template("topic/detail.html", topic=m, user=u)
def detail(id): m = Topic.find(id=id) author_profile = User.one(username=m.author) # 传递 topic 的所有 reply 到 页面中 return render_template("topic/detail.html", topic=m, ap=author_profile)
def topic(self): from models.topic import Topic t = Topic.find(self.topic_id) return t
def detail(id): m = Topic.find(id) # 传递 topic 的所有 reply 到 页面中 bs = Board.all() return render_template("topic/detail.html", topic=m, bs=bs)
def detail(id): m = Topic.find(id=id) u = User.one(id=m.user_id) # 传递 topic 的所有 reply 到 页面中 return render_template("topic/detail.html", topic=m, user=u)