pywallter/views/blog.py

# -*- coding: utf-8 -*-


from flask import Blueprint, escape, render_template, session, redirect, url_for, request, flash, abort
import time
import sqlite3
from markdown import markdown
blog = Blueprint('blog', __name__, template_folder='templates')

# Un bon gros bug de flask il ne faut pas mettre le meme nom d'une parti ici
# a une fonction sinon ca fait une erreur
# k/app.py", line 958, in register_blueprint
#    if blueprint.name in self.blueprints:
#https://github.com/pallets/flask/issues/1327

@blog.route('/blog/', methods=['GET', 'POST'])
def racine_blog():
    if 'username' in session:
        UTILISATEUR='%s'% escape(session['username'])
        if request.method == 'POST':
            title= request.form['title']
            content = markdown(request.form['content'])
            #category = request.form['category']
            status = request.form['status']
            TIME=time.strftime("%A %d %B %Y %H:%M:%S")
            conn = sqlite3.connect('base.db') # Connexion  la base de donne
            cursor = conn.cursor() # Création de l'objet "curseur"
            cursor.execute("""INSERT INTO posts(title, content, time, author, status) VALUES(?, ?, ?, ?, ?)""", (title, content, TIME, UTILISATEUR, status)) # Insérer des valeurs
            conn.commit()
            cursor.execute("""SELECT title, content, time, author, status, avatar, nom, prenom, age, profession FROM posts INNER JOIN users ON author = name AND status='public'""")
            posts = [dict(title=row[0], content=row[1], time=row[2], author=row[3], status=row[4], avatar=row[5], nom=row[6], prenom=row[7], age=row[8], profession=row[9]) for row in reversed(cursor.fetchall())]
            conn.close()
            return render_template('blog.html', posts=posts)
        else:
            conn = sqlite3.connect('base.db') # Connexion à la base de donnée
            cursor = conn.cursor() # Création de l'objet "curseur"
            cursor.execute("""SELECT title, content, time, author, status, avatar, nom, prenom, age, profession FROM posts INNER JOIN users ON author = name AND status='public'""")
            posts = [dict(title=row[0], content=row[1], time=row[2], author=row[3], status=row[4], avatar=row[5], nom=row[6], prenom=row[7], age=row[8], profession=row[9]) for row in reversed(cursor.fetchall())]
            conn.close()
            return render_template('blog.html', posts=posts)
    else:
        return redirect(url_for('loginlogout.login', _external=True))

@blog.route('/blog/<username>')
def members(username):
    conn = sqlite3.connect('base.db') # Connexion à la base de donnée
    cursor = conn.cursor() # Création de l'objet "curseur"
    cursor.execute("""SELECT title, content, time, author, status FROM posts WHERE author=? AND status='public'""", (username,))
    posts = [dict(title=row[0], content=row[1], time=row[2], author=row[3], status=row[4]) for row in reversed(cursor.fetchall())]
    cursor.execute("""SELECT avatar, nom, prenom, age, profession FROM users WHERE name=?""", (username,))
    usersinfos = (cursor.fetchone())
    conn.close()
    return render_template('publicblog.html', username=username, posts=posts, usersinfos=usersinfos)

@blog.route('/privateblog/')
def privateblog():
    UTILISATEUR='%s'% escape(session['username'])
    if 'username' in session :
        conn = sqlite3.connect('base.db') # Connexion à la base de donnée
        cursor = conn.cursor() # Création de l'objet "curseur"
        cursor.execute("""SELECT title, content, time, author, status FROM posts WHERE author=? AND status='prive'""", (UTILISATEUR,))
        posts = [dict(title=row[0], content=row[1], time=row[2], author=row[3], status=row[4]) for row in reversed(cursor.fetchall())]
        cursor.execute("""SELECT avatar, nom, prenom, age, profession FROM users WHERE name=?""", (UTILISATEUR,))
        usersinfos = (cursor.fetchone())
        conn.close()
        return render_template('privateblog.html', UTILISATEUR=UTILISATEUR, posts=posts, usersinfos=usersinfos)
    else:
        return redirect(url_for('loginlogout.login', _external=True)) # sinon on redirige vers login

@blog.route('/delete/<post>')
def delete(post):
    if 'username' in session :
        conn = sqlite3.connect('base.db') # Connexion à la base de donnée
        cursor = conn.cursor() # Création de l'objet "curseur"
        cursor.execute("""DELETE FROM posts WHERE title=?""", (post,))
        conn.commit()
        conn.close()
        return redirect(url_for('blog.racine_blog'))
    else:
        return redirect(url_for('loginlogout.login', _external=True)) # sinon on redirige vers login

@blog.route('/edit/<post>', methods=['GET', 'POST'])
def edit(post):
    if 'username' in session :
        if request.method == 'POST' :
            newtitle = request.form['title']
            newcontent = markdown(request.form['content'])
            newstatus = request.form['status']
            conn = sqlite3.connect('base.db')
            cursor = conn.cursor()
            cursor.execute("""UPDATE posts SET title=?, content=?, status=? WHERE title=?""",
                           (newtitle, newcontent, newstatus, post,))
            conn.commit()
            conn.close()
            return redirect(url_for('blog.racine_blog'))
        else:
            conn = sqlite3.connect('base.db') # Connexion à la base de donnée
            cursor = conn.cursor() # Création de l'objet "curseur"
            cursor.execute("""SELECT title, content FROM posts WHERE title=?""", (post,))
            oldpost = (cursor.fetchone())
            conn.close()
            return render_template('postedit.html', oldpost=oldpost)
    else:
        return redirect(url_for('loginlogout.login', _external=True)) # sinon on redirige vers login)