def admin_news_list(): if session['session_id'] == False: return redirect('/admin') else: db = db_module.Database() sql = """ select * from news order by id desc """ rows = db.executeAll(sql) bread_crumbs = [ { 'href': '/admin/main', 'label': 'Home' }, { 'href': '', 'label': '뉴스관리' } ] return render_template('/admin/screens/news/list.html', news_items=rows, bread_crumbs=bread_crumbs, title='뉴스관리')
def admin_news(news_id): if news_id == None: return redirect('/admin/news') else: sql = """ select * from news where id = '%s' """ % (news_id) db = db_module.Database() news_item = db.executeOne(sql) bread_crumbs = [ { 'href': '/admin/main', 'label': 'Home' }, { 'href': '/admin/news', 'label': '뉴스관리' }, { 'href': '', 'label': 'News' } ] return render_template('/admin/screens/news/detail.html', news_item=news_item, bread_crumbs=bread_crumbs, title='News')
def main(): if request.method == 'GET': return render_template('/admin/screens/login/login.html') elif request.method == 'POST': userid = request.form['userid'] userpw = request.form['userpw'] db = db_module.Database() sql = """ select name, level, img from member where userid = '%s' and userpw = password('%s') """ % (userid, userpw) rows = db.executeOne(sql) if rows: session['session_id'] = userid session['session_name'] = rows['name'] session['session_level'] = rows['level'] session['session_img'] = rows['img'] return redirect('/admin/main') else: return render_template('/admin/screens/login/login.html', msg='아이디 또는 비밀번호를 확인해주세요.')
def admin_news_delete(news_id): if session['session_id'] == False: return redirect('/admin') if news_id == None: return redirect('/admin/news') else: sql = """ select * from news where id = '%s' """ % (news_id) db = db_module.Database() news_item = db.executeOne(sql) if news_item['userid'] != session['session_id']: flash('삭제권한이 없습니다.') return redirect('/admin/news') else: delete_sql = """ delete from news where id = '%s' """ % (news_id) db = db_module.Database() db.execute(delete_sql) db.commit() if news_item['img1'] and os.path.exists(upload_url + news_item['img1']): os.remove(upload_url + news_item['img1']) if news_item['img2'] and os.path.exists(upload_url + news_item['img2']): os.remove(upload_url + news_item['img2']) if news_item['img3'] and os.path.exists(upload_url + news_item['img3']): os.remove(upload_url + news_item['img3']) return redirect('/admin/news')
def admin_news_edit(news_id): if session['session_id'] == False: return redirect('/admin') if news_id == None: return redirect('/admin/news') else: sql = """ select * from news where id = '%s' """ % (news_id) db = db_module.Database() news_item = db.executeOne(sql) if news_item['userid'] != session['session_id']: flash('작성권한이 없습니다.') return redirect(request.referrer) else: bread_crumbs = [ { 'href': '/admin/main', 'label': 'Home' }, { 'href': '/admin/news', 'label': '뉴스관리' }, { 'href': '', 'label': '뉴스수정' } ] return render_template('/admin/screens/news/edit.html', news_item=news_item, bread_crumbs=bread_crumbs,title='뉴스수정')
def admin_news_write(): bread_crumbs = [ { 'href': '/admin/main', 'label': 'Home' }, { 'href': '', 'label': '뉴스관리' } ] if request.method == 'GET': bread_crumbs = [ { 'href': '/admin/main', 'label': 'Home' }, { 'href': '/admin/news', 'label': '뉴스관리' }, { 'href': '', 'label': '기사쓰기' } ] return render_template('/admin/screens/news/write.html',bread_crumbs=bread_crumbs, title='뉴스관리') elif request.method == 'POST': file = request.files['img1'] now_datetime = time.strftime('%Y%m%d%H%M%S', time.localtime(time.time())) sql = """ insert into news set category='%s', subject='%s', content='%s', name='%s', userid='%s', comment = '%s' """ % ( request.form['category'], request.form['subject'].replace("'","\\'").replace('"', '\\"'), request.form['content'].replace("'","\\'").replace('"', '\\"'), session['session_name'], session['session_id'], request.form['comment'].replace("'","\\'").replace('"', '\\"') ) if file: filename, ext = os.path.splitext(file.filename) file1 = now_datetime + ext file.save(upload_url + file1) # Large 이미지 img1 = now_datetime + '_1' + ext with PILImage.open(upload_url + file1) as im: im.thumbnail((1200,625)) im.save(upload_url + img1) # Middle 이미지 img2 = now_datetime + '_2' + ext with PILImage.open(upload_url + file1) as im: im.thumbnail((600,400)) im.save(upload_url + img2) # Small 이미지 img3 = now_datetime + '_3' + ext with PILImage.open(upload_url + file1) as im: im.thumbnail((120,90)) im.save(upload_url + img3) os.remove(upload_url + file1) sql = sql + ",img1='%s', img2='%s', img3='%s'" % (img1, img2, img3) sql = sql + ';' db = db_module.Database() lastId = db.insert(sql) db.commit() return redirect('/admin/news/' + str(lastId))
def admin_news_update(): if session['session_id'] == False: return redirect('/admin') if request.method == 'POST': sql = """ select * from news where id = '%s' """ % (request.form['id']) db = db_module.Database() news_item = db.executeOne(sql) if news_item == None: flash('작성권한이 없습니다.') return redirect(request.referrer) if news_item['userid'] != session['session_id']: flash('작성권한이 없습니다.') return redirect(request.referrer) else: file = request.files['img1'] now_datetime = time.strftime('%Y%m%d%H%M%S', time.localtime(time.time())) sql = """ update news set category='%s', subject='%s', content='%s', name='%s', userid='%s' """ % ( request.form['category'], request.form['subject'].replace("'","\\'").replace('"', '\\"'), request.form['content'].replace("'","\\'").replace('"', '\\"'), session['session_name'], session['session_id'], ) if file: filename, ext = os.path.splitext(file.filename) file1 = now_datetime + ext file.save(upload_url + file1) # Large 이미지 img1 = now_datetime + '_1' + ext with PILImage.open(upload_url + file1) as im: im.thumbnail((1200,625)) im.save(upload_url + img1) # Middle 이미지 img2 = now_datetime + '_2' + ext with PILImage.open(upload_url + file1) as im: im.thumbnail((600,400)) im.save(upload_url + img2) # Small 이미지 img3 = now_datetime + '_3' + ext with PILImage.open(upload_url + file1) as im: im.thumbnail((120,90)) im.save(upload_url + img3) os.remove(upload_url + file1) sql = sql + ",img1='%s', img2='%s', img3='%s'" % (img1, img2, img3) if news_item['img1'] and os.path.exists(upload_url + news_item['img1']): os.remove(upload_url + news_item['img1']) if news_item['img2'] and os.path.exists(upload_url + news_item['img2']): os.remove(upload_url + news_item['img2']) if news_item['img3'] and os.path.exists(upload_url + news_item['img3']): os.remove(upload_url + news_item['img3']) sql = sql + """ where id = '%s';""" % (request.form['id']) print(sql) db = db_module.Database() db.execute(sql) db.commit() return redirect('/admin/news/' + request.form['id'])