def create_publication():
"""View to create a new publication."""
# TODO: define form fields here -- even though it doesn't make sense to
# define the form fields dynamically based on the table, we can still
# generate a list of fields to pass to the same html template.
form_info = {'title': 'Publication', 'fields': []}
if flask.request.method == 'POST':
title = flask.request.form['title']
body = flask.request.form['body']
error = None
if not title:
error = 'Title is required.'
if error is not None:
# Display error
flask.flash(error)
else:
# Post is valid -- add to database
db = profile.db.get_db()
query = 'Insert INTO post (title, body, author_id) VALUES (?, ?, ?)'
db.execute(query, (title, body, flask.g.user['id']))
db.commit()
return flask.redirect(flask.url_for('dashboard'))
return flask.render_template('admin/create.html', form_info=form_info)
def register():
"""Register a user."""
# Handle post request to registration page
if flask.request.method == 'POST':
# Get submitted username and password
username = flask.request.form['username']
password = flask.request.form['password']
db = profile.db.get_db()
error = None
# Error checking -- make sure username and password are not empty and
# that the user does not exist
if not username:
error = 'Username is required.'
elif not password:
error = 'Password is required'
elif db.execute('SELECT id FROM user WHERE username = ?',
(username, )).fetchone() is not None:
error = f'User {username} is already registered.'
# If there was not an error, create the user
if error is None:
query = 'INSERT INTO user (username, password) VALUES (?, ?)'
db.execute(
query,
(username, werkzeug.security.generate_password_hash(password)))
db.commit()
return flask.redirect(
flask.url_for('admin.login')
) # 'admin.login' is (blueprint name).(view function name)
flask.flash(error)
return flask.render_template('admin/register.html') # Path to template
def delete(post_id):
"""Delete a post."""
get_post(post_id)
db = profile.db.get_db()
query = 'DELETE from post WHERE id = ?'
db.execute(query, (post_id, ))
db.commit()
return flask.redirect(flask.url_for('blog.index'))
def create_post():
"""View to create a new post."""
# Create form info
form_info = {
'title':
'Post',
'fields': [{
'field_name': 'title',
'display_name': 'Post Title',
'type': 'input',
}, {
'field_name': 'body',
'display_name': 'Post Body',
'type': 'textarea',
}]
}
if flask.request.method == 'POST':
title = flask.request.form['title']
body = flask.request.form['body']
error = None
if not title:
error = 'Title is required.'
alert = 'danger'
if error is not None:
# Display error
flask.flash(error, alert)
else:
# Post is valid -- add to database
db = profile.db.get_db()
query = 'Insert INTO post (title, body, author_id) VALUES (?, ?, ?)'
db.execute(query, (title, body, flask.g.user['id']))
db.commit()
flask.flash('Post successfully added to database.', 'success')
return flask.redirect(flask.url_for('admin.posts'))
return flask.render_template('admin/create.html', form_info=form_info)
def create():
"""View to create a post."""
if flask.request.method == 'POST':
title = flask.request.form['title']
body = flask.request.form['body']
error = None
if not title:
error = 'Title is required.'
if error is not None:
# Display error
flask.flash(error)
else:
# Post is valid -- add to database
db = profile.db.get_db()
query = 'Insert INTO post (title, body, author_id) VALUES (?, ?, ?)'
db.execute(query, (title, body, flask.g.user['id']))
db.commit()
return flask.redirect(flask.url_for('blog.index'))
return flask.render_template('blog/create.html')
def update(post_id):
"""Update a post."""
post = get_post(post_id)
# Update post information if this is a post request
if flask.request.method == 'POST':
title = flask.request.form['title']
body = flask.request.form['body']
error = None
if not title:
error = 'Title is required.'
if error is not None:
flask.flash(error)
else:
# Update post information in database
db = profile.db.get_db()
query = 'UPDATE post SET title = ?, body = ? WHERE id = ?'
db.execute(query, (title, body, post_id))
db.commit()
return flask.redirect(flask.url_for('blog.index'))
return flask.render_template('blog/update.html', post=post)