pywallter/views/blog.py

# -*- coding: utf-8 -*-


from flask import Blueprint, render_template, session, redirect, url_for, request, flash, abort, Flask
import time
from markupsafe import escape
import sqlite3
from markdown import markdown
postit = Blueprint('post-it', __name__, template_folder='templates')

app = Flask( 'pywallter' )
app.config.from_pyfile('config.py')


#### Variables ####################################################################################

DOSSIER_PERSO= app.config['DOSSIER_APP']

extensionimg = app.config['EXT_IMG']

DATABASE = app.config['DATABASE']

BASE_URL = app.config['BASE_URL']
##################################################################################################





@postit.route('/post-it/', methods=['GET', 'POST'])
def racine_blog():
    if 'username' in session:
        UTILISATEUR='%s'% escape(session['username'])
        if request.method == 'POST':
            title= request.form['title']
            content = request.form['content']
            #category = request.form['category']
            status = request.form['status']
            post_date = time.strftime("%A %d %B %Y %H:%M:%S")
            conn = sqlite3.connect(DATABASE) # Connexion  la base de donne
            cursor = conn.cursor() # Création de l'objet "curseur"
            cursor.execute("""INSERT INTO posts(title, content, time, author, status) VALUES(?, ?, ?, ?, ?)""", (title, content, post_date, UTILISATEUR, status)) # Insérer des valeurs
            conn.commit()
            cursor.execute("""SELECT avatar FROM users WHERE name=? """, (UTILISATEUR,))
            user_info = cursor.fetchone()
            cursor.execute("""SELECT title, content, time, author, status FROM posts where author=?""" , (UTILISATEUR,))
            list_posts = cursor.fetchall()
            conn.close()
            posts=list()
            id=0
            for post in list_posts:
                posts.append(dict(title=post[0], id_postit=id ,content=markdown(post[1]), time=post[2], author=post[3],status=post[4], avatar=user_info[0]))
                id=id+1
            return render_template('blog.html', posts=posts)
        else:
            conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
            cursor = conn.cursor() # Création de l'objet "curseur"
            cursor.execute("""SELECT avatar FROM users WHERE name=?""", (UTILISATEUR,))
            user_info = cursor.fetchone()
            cursor.execute("""SELECT title, content, time, author, status FROM posts WHERE author=?""" , (UTILISATEUR,))
            list_posts = cursor.fetchall()
            conn.close()
            posts=list()
            id=0
            for post in list_posts:
                posts.append(dict(title=post[0], id_postit=id, content=markdown(post[1]), time=post[2], author=post[3],status=post[4], avatar=user_info[0]))
                id=id+1
            return render_template('blog.html', section='Post-it', posts=posts)
    else:
        return redirect(BASE_URL, code=401)



@postit.route('/delete/<title>/<time>')
def delete(title, time):
    if 'username' in session :
        conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
        cursor = conn.cursor() # Création de l'objet "curseur"
        cursor.execute("""DELETE FROM posts WHERE title=? AND time=?""", (title, time))
        conn.commit()
        conn.close()
        return redirect(url_for('post-it.racine_blog'))
    else:
        return redirect(BASE_URL, code=401) # sinon on redirige vers login

@postit.route('/edit/<title>/<time>', methods=['GET', 'POST'])
def edit(title, time):
    if 'username' in session :
        if request.method == 'POST' :
            newtitle = request.form['title']
            newcontent = request.form['content']
            newstatus = request.form['status']
            conn = sqlite3.connect(DATABASE)
            cursor = conn.cursor()
            cursor.execute("""UPDATE posts SET title=?, content=?, status=? WHERE title=? AND time=?""",
                           (newtitle, newcontent, newstatus, title, time))
            conn.commit()
            conn.close()
            return redirect(url_for('post-it.racine_blog'))
        else:
            conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
            cursor = conn.cursor() # Création de l'objet "curseur"
            cursor.execute("""SELECT title, content, status FROM posts WHERE title=? AND time =?""", (title, time))
            oldpost = cursor.fetchone()
            conn.close()
            return render_template('postedit.html',
                                   section='Post-it',
                                   oldpost=oldpost)
    else:

        return redirect(BASE_URL, code=401)



@postit.route('/postit/board', methods=['GET'])
def viewsheet():
    if 'username' in session:
        conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
        cursor = conn.cursor() # Création de l'objet "curseur"
        cursor.execute("""SELECT title, content, time, author, status FROM posts WHERE status='public' """)
        list_posts=cursor.fetchall()
        posts=list()
        id=0
        for post in list_posts:
            author = post[3]
            cursor.execute("""SELECT avatar FROM users WHERE name=?""", (author,))

            tmp = cursor.fetchone()
            if tmp != None :
                author_avatar = tmp[0]
            else:
                author_avatar = tmp
                
            posts.append(dict(title=post[0], id_postit=id, content=markdown(post[1]), time=post[2], author=post[3],status=post[4], avatar=author_avatar))
            id=id+1
        conn.close()
        
        return render_template('board.html', section='Post-it', posts=posts)
    else:
        return redirect(BASE_URL, code=401)