def post(self): if self.user: if not self.check_state(): logging.warning("Possible CSRF attack detected!") self.redirect("/") return input_delete_article = self.request.get('delete_article') if input_delete_article: Article.remove(input_delete_article) # Show message: Confirm deletion of article. self.render('message.html', message_delete_article = True) else: input_edit_article = self.request.get('edit_article') input_title = self.request.get('title') input_body = self.request.get('body') article = Article.by_id(input_edit_article) error_title="" error_body="" have_error = False if not valid_title(input_title): # Show the error-message: not a valid title. error_title = True have_error = True if not valid_body(input_body): # Show the error-message: not a valid body. error_body = True have_error = True if have_error: state = self.make_state() # Render page with error-messages. self.render('edit_article.html', user = self.user, article = article, error_title = error_title, error_body = error_body, title_form = input_title, body_form = input_body, state = state) else: # Edit article-entity and commit to Article-DB. article.title = input_title article.body = input_body article.put() # Update memcache Article.update_article_cache(article) # Redirect to homepage self.redirect("/") else: # Prompt user to login. self.render('message.html', message_new_article_1 = True)
def post(self): if self.user: if not self.check_state(): self.redirect("/") return input_title = self.request.get('title') input_body = self.request.get('body') error_title="" error_body="" have_error = False if not valid_title(input_title): # Show the error-message: not a valid title. error_title = True have_error = True if not valid_body(input_body): # Show the error-message: not a valid body. error_body = True have_error = True if have_error: state = self.make_state() # Render page with error-messages. self.render('new_article.html', user = self.user, error_title = error_title, error_body = error_body, title_form = input_title, body_form = input_body, state = state) else: # Create new entry in the Article-DB. article = Article.create(input_title, input_body, self.user.key().id()) article.put() # Update memcache Article.update_article_cache(article) # Redirect to homepage self.redirect("/") else: # Prompt user to login. self.session.add_flash('message_new_article_1', key='homepage_flashes') self.redirect("/")