def post(post_id=None): if post_id: post = Post.query.get_or_404(post_id) else: post = Post() db.session.add(post) form = PostForm(request.form, post) if request.method == 'POST': if form.status.data == 'deleted': post.status = 'deleted' db.session.commit() flash('Пост удалён', 'info') return redirect(url_for('home.index')) elif form.validate_on_submit(): form.populate_obj(post) post.author_id = current_user.get_id() dirty_html = markdown.markdown(form.markdown.data, output_format='html5') post.html = bleach.clean(dirty_html, tags=POST_WHITELIST) db.session.commit() return redirect(url_for('home.index')) else: flash_errors(form) return render_template('my/post.html', form=form, post=post)
def profile(): user = current_user form = ProfileEditForm(request.form, user) if request.method == 'POST': if form.validate_on_submit(): form.populate_obj(user) db.session.commit() else: flash_errors(form) return render_template('my/profile.html', user=user)