def post(self):
if self.user:
if not self.check_state():
logging.warning("Possible CSRF attack detected!")
self.redirect("/")
return
input_delete_article = self.request.get('delete_article')
if input_delete_article:
Article.remove(input_delete_article)
# Show message: Confirm deletion of article.
self.render('message.html', message_delete_article = True)
else:
input_edit_article = self.request.get('edit_article')
input_title = self.request.get('title')
input_body = self.request.get('body')
article = Article.by_id(input_edit_article)
error_title=""
error_body=""
have_error = False
if not valid_title(input_title):
# Show the error-message: not a valid title.
error_title = True
have_error = True
if not valid_body(input_body):
# Show the error-message: not a valid body.
error_body = True
have_error = True
if have_error:
state = self.make_state()
# Render page with error-messages.
self.render('edit_article.html',
user = self.user,
article = article,
error_title = error_title,
error_body = error_body,
title_form = input_title,
body_form = input_body,
state = state)
else:
# Edit article-entity and commit to Article-DB.
article.title = input_title
article.body = input_body
article.put()
# Update memcache
Article.update_article_cache(article)
# Redirect to homepage
self.redirect("/")
else:
# Prompt user to login.
self.render('message.html', message_new_article_1 = True)
def post(self):
if self.user:
if not self.check_state():
self.redirect("/")
return
input_title = self.request.get('title')
input_body = self.request.get('body')
error_title=""
error_body=""
have_error = False
if not valid_title(input_title):
# Show the error-message: not a valid title.
error_title = True
have_error = True
if not valid_body(input_body):
# Show the error-message: not a valid body.
error_body = True
have_error = True
if have_error:
state = self.make_state()
# Render page with error-messages.
self.render('new_article.html',
user = self.user,
error_title = error_title,
error_body = error_body,
title_form = input_title,
body_form = input_body,
state = state)
else:
# Create new entry in the Article-DB.
article = Article.create(input_title,
input_body,
self.user.key().id())
article.put()
# Update memcache
Article.update_article_cache(article)
# Redirect to homepage
self.redirect("/")
else:
# Prompt user to login.
self.session.add_flash('message_new_article_1',
key='homepage_flashes')
self.redirect("/")
