def index(page = 1, post = -1): posts = Post.query.filter(and_(Post.draft == False, Post.static == False)).order_by(db.desc(Post.timestamp)) if post >= 0: timestamp = Post.query.filter(Post.post_id == post).first().timestamp page = len(posts.filter(Post.static == False).all()) - len(Post.query.filter(and_(Post.draft == False, Post.static == False, Post.timestamp <= timestamp)).all()) + 1 return redirect('/page/' + str(page)) posts = posts.paginate(page, 1, error_out=True) pagination = Pagination(total=posts.total, per_page=1, page=page, search=False, record_name='posts', inner_window=2, outer_window=2, alignment='centered') if len(posts.items) > 0: comment = Comment.query.filter(Comment.post_id == posts.items[0].post_id).order_by(db.desc(Comment.timestamp)) commentform = CommentForm() commentform.post_id.data = posts.items[0].post_id return render_custom_template('index.html', post=posts.items[0], comments=comment, commentform=commentform, pagination=pagination, current_user=current_user) else: return render_custom_template('index.html', post=None, comments=None, commentform=None, antispam=app.config['ANTISPAM_QUESTION'], pagination=pagination, current_user=current_user)
def users(current = -1): if current >= 0: users = User.query.all() user = User.query.filter(User.user_id == current).first() profileform = ProfileForm(obj=user) if request.method == 'POST' and profileform.validate_on_submit(): if profileform.delete.data: user.deleted = True else: if profileform.undelete.data: user.deleted = False user.fullname = profileform.fullname.data if profileform.password.data: user.password = bcrypt.generate_password_hash(profileform.password.data) db.session.commit() return redirect('/users/edit/' + str(current)) return render_custom_template('users.html', users=users, profileform=profileform, current=current) else: users = User.query.all() profileform = ProfileForm() if request.method == 'POST' and profileform.validate_on_submit(): user = User( -1, profileform.username.data, bcrypt.generate_password_hash(profileform.password.data), profileform.fullname.data ) db.session.add(user) db.session.commit() return redirect('/users') return render_custom_template('users.html', users=users, profileform=profileform, current=current)
def search(term=""): searchform = SearchForm(prefix='search') posts = [] if (request.method == 'GET' and term != "") or (request.method == 'POST' and searchform.validate_on_submit()): if request.method == 'POST': term = searchform.term.data term = '%' + term + '%' posts = Post.query.filter(and_(Post.draft == False, or_(Post.title.like(term), Post.text.like(term)))).order_by(db.desc(Post.timestamp)) return render_custom_template('search.html', searchform=searchform, posts=posts)
def login(): loginform = LoginForm(prefix='login') if request.method == 'POST' and loginform.validate_on_submit(): username = loginform.username.data password = loginform.password.data user = User.query.filter(User.username == username).first() if user is not None and user.username == username and bcrypt.check_password_hash(user.password, password): login_user(User(user.user_id, user.username, user.password)) return redirect(request.args.get("next")) else: flash(u"Wrong username or password or both or maybe none of them and I just don't want you to log in.", 'error') return redirect('/login?next=' + request.args.get("next")) else: return render_custom_template('login.html', loginform=loginform)
def profile(): user = User.query.filter(User.user_id == current_user.user_id).first() profileform = ProfileForm(obj=user) if request.method == 'POST' and profileform.validate_on_submit(): user.fullname = profileform.fullname.data if profileform.password.data: user.password = bcrypt.generate_password_hash(profileform.password.data) db.session.commit() #login_user(User(user.user_id, user.username, user.password)) return redirect('/profile') else: return render_custom_template('profile.html', profileform=profileform)
def admin(current=-1): data = None if request.method == 'GET' and current >= 0: data = Post.query.filter_by(post_id=current).first() postform = PostForm(obj=data) # Check if the default credentials have been changed if current_user.username == app.config['DEFAULT_USERNAME'] and bcrypt.check_password_hash(current_user.password, app.config['DEFAULT_PASSWORD']): flash(u'Please change admin credentials.', 'error') if request.method == 'POST' and postform.validate_on_submit(): if current >= 0: post = Post.query.filter_by(post_id=current).first() if postform.delete.data: db.session.delete(post) else: post.title = postform.title.data post.text = postform.text.data post.draft = (not postform.publish.data) post.static = (postform.static.data) else: post = Post( postform.title.data, postform.text.data, current_user.fullname, (not postform.publish.data), postform.static.data, datetime.datetime.now() ) db.session.add(post) db.session.commit() return redirect(url_for('admin')) posts = Post.query.filter(Post.static==False).order_by(db.desc(Post.timestamp)) statics = Post.query.filter(Post.static==True).order_by(db.desc(Post.timestamp)) return render_custom_template('admin.html', posts=posts, statics=statics, postform=postform, current_user=current_user)
def static_page(page): post = Post.query.filter(Post.title==page).first() return render_custom_template('static_page.html', post=post, current_user=current_user)