# -*- coding: utf-8 -*- from flask import Blueprint, render_template, session, redirect, url_for, request, flash, abort, Flask import time from markupsafe import escape import sqlite3 from markdown import markdown from tools.filesutils import getFileSizeKo import string blog = Blueprint('blog', __name__, template_folder='templates') app = Flask( 'pywallter' ) app.config.from_pyfile('config.py') ########################### Variables Globales ################################# extensionimg = app.config['EXT_IMG'] DATABASE = app.config['DATABASE'] BASE_URL = app.config['BASE_URL'] DOSSIER_PERSO= app.config['DOSSIER_APP']+'/' DOSSIER_PUBLIC= app.config['DOSSIER_PUBLIC']+'/' ################################################################################ @blog.route('/myblog/new-article/', methods=['GET', 'POST']) def new_article(): if 'username' in session: user = '%s'% escape(session['username']) folder_blog = DOSSIER_PERSO + user + "/blog/articles/" if request.method == 'POST': title = request.form['title'] subtitle = request.form['subtitle'] content = request.form['content'] status = request.form['status'] post_date = time.strftime("%d/%m/%Y %H:%M:%S") filename = title.replace(" ", "_") + ".md" conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée cursor = conn.cursor() # Création de l'objet "curseur" cursor.execute("""INSERT INTO Blog_posts(title, subtitle, filename, time, author, status) VALUES(?, ?, ?, ?, ?, ?)""", (title, subtitle, filename, post_date, user, status)) # Insérer des valeurs conn.commit() ## On génère le fichiers markdown with open(folder_blog + filename, 'w') as f: f.write(content) return redirect(url_for('blog.list_articles_blog')) else: return render_template('new_article_blog.html') else: return redirect(BASE_URL, code=401) @blog.route('/myblog/list-articles/', methods=['GET']) def list_articles_blog(): if 'username' in session: user = '%s'% escape(session['username']) conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée cursor = conn.cursor() # Création de l'objet "curseur" cursor.execute("""SELECT title, subtitle, time, last_updated, status FROM Blog_posts WHERE author=? """, (user,) ) list_posts=cursor.fetchall() posts=list() nb_articles=0 for post in list_posts: posts.append(dict(title=post[0], subtitle=post[1], time=post[2], last_updated=post[3], status=post[4])) nb_articles =+ 1 return render_template('list_articles.html', section="Articles", list_posts=posts, nb_articles=nb_articles ) else: return redirect(BASE_URL, code=401) @blog.route('/myblog/delete/') def delete(title): if 'username' in session : user='%s'% escape(session['username']) folder_blog = DOSSIER_PERSO + user + "/blog/articles/" folder_blog_public = DOSSIER_PUBLIC + user + "/blog/articles/" filename = title.replace(" ", "_") conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée cursor = conn.cursor() # Création de l'objet "curseur" cursor.execute("""DELETE FROM Blog_posts WHERE title=? AND author=?""", (title, user)) conn.commit() conn.close() os.remove(folder_blog+filename+".md") os.remove(folder_blog_public+filename+".html") return redirect(url_for('blog.list_articles_blog')) else: return redirect(BASE_URL, code=401) # sinon on redirige vers login @blog.route('/myblog/edit/<title>', methods=['GET', 'POST']) def edit(title): if 'username' in session : user='%s'% escape(session['username']) filename = title.replace(" ", "_") + ".md" folder_blog = DOSSIER_PERSO + user + "/blog/articles/" if request.method == 'POST' : subtitle = request.form['subtitle'] newcontent = request.form['content'] newstatus = request.form['status'] updated = time.strftime("%d/%m/%Y %H:%M:%S") conn = sqlite3.connect(DATABASE) cursor = conn.cursor() cursor.execute("""UPDATE Blog_posts SET subtitle=?, last_updated=?, status=? WHERE title=? AND author=?""", (subtitle, updated, newstatus, title, user)) conn.commit() conn.close() with open(folder_blog + filename, 'w') as f: f.write(newcontent) return redirect(url_for('blog.list_articles_blog')) else: conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée cursor = conn.cursor() # Création de l'objet "curseur" cursor.execute("""SELECT title, subtitle, status FROM Blog_posts WHERE title=? AND author=?""", (title, user)) oldpost = cursor.fetchone() conn.close() with open(folder_blog + filename, 'r') as f: content = f.read() return render_template('edit_article.html', section='Post-it', oldpost=oldpost, content=content) else: return redirect(BASE_URL, code=401) @blog.route('/blog/<username>/', methods=['GET']) def view(username): user = username conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée cursor = conn.cursor() # Création de l'objet "curseur" cursor.execute("""SELECT title, subtitle, time, author FROM Blog_posts WHERE status='public' AND author=? """, (user,) ) list_posts=cursor.fetchall() posts=list() id=0 conn.close() print (list_posts) if list_posts != None: for post in list_posts: posts.append(dict(title=post[0], subtitle=post[1], time=post[2], author=post[3])) else: return redirect(BASE_URL, code=404) return render_template('index_blog.html', section='Blog', posts=posts, user=user) @blog.route('/blog/<username>/<title>', methods=['GET']) def viewArticle(username, title): folder_blog = DOSSIER_PERSO + username + "/blog/articles/" filename = title.replace(" ", "_") + ".md" user = username conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée cursor = conn.cursor() # Création de l'objet "curseur" cursor.execute("""SELECT title, subtitle, time, author FROM Blog_posts WHERE author=? AND title=? """, (user, title) ) post = cursor.fetchone() conn.close() if post != None: post_info = (dict(title=post[0], subtitle=post[1], time=post[2], author=post[3])) with open(folder_blog + filename, 'r') as f: content_md = f.read() content = markdown(content_md) return render_template('blog.html', post_info=post_info, content=content) else: flash(u"Cet article n'existe pas", 'error');