mirror of
https://github.com/Adam-Ant/QuotesDB
synced 2024-12-20 11:34:35 +00:00
Add admin moderation and deletion system
This commit is contained in:
parent
60421dcdfb
commit
23f622fe21
33
main.py
33
main.py
@ -1,7 +1,7 @@
|
||||
from os import urandom as rand
|
||||
#from flaskext.mysql import MySQL
|
||||
import pymysql
|
||||
from flask import Flask, render_template, session, redirect, url_for, request, flash
|
||||
from flask import Flask, render_template, session, redirect, url_for, request, flash, abort
|
||||
from passlib.context import CryptContext
|
||||
import pprint
|
||||
|
||||
@ -93,7 +93,35 @@ def index():
|
||||
@app.route("/quotes")
|
||||
def quoutepage():
|
||||
retdata = mysql_do("SELECT * FROM Quotes ORDER BY ID DESC")
|
||||
return gen_page("quote_view.html", retdata)
|
||||
try:
|
||||
isAdmin = session['isAdmin']
|
||||
except KeyError:
|
||||
isAdmin = False
|
||||
return gen_page("quote_view.html", [retdata, isAdmin])
|
||||
|
||||
@app.route("/deletequote")
|
||||
def deletequoute():
|
||||
try:
|
||||
if session['isAdmin']:
|
||||
del_id = request.args.get('id', type=int)
|
||||
if not del_id:
|
||||
abort(400)
|
||||
|
||||
#Check the record exists
|
||||
try:
|
||||
mysql_do("SELECT * FROM Quotes WHERE id=%d" % (del_id))[0]
|
||||
except IndexError:
|
||||
abort(400)
|
||||
|
||||
mysql_do("DELETE FROM Quotes WHERE id=%d;" % (del_id))
|
||||
flash("INFO: Quote Deleted", "success")
|
||||
return redirect(request.referrer or url_for("index"))
|
||||
else:
|
||||
abort(403)
|
||||
except KeyError:
|
||||
abort(403)
|
||||
|
||||
|
||||
|
||||
@app.route("/login", methods=['GET', 'POST'])
|
||||
def login():
|
||||
@ -208,6 +236,7 @@ def addquote():
|
||||
@app.context_processor
|
||||
def utility_processor():
|
||||
def uid_to_user(uid):
|
||||
# This probably needs optimizing
|
||||
for user in userdb:
|
||||
if user[0] == uid:
|
||||
return user[1]
|
||||
|
@ -25,15 +25,23 @@
|
||||
<th>User</th>
|
||||
<th>Quote</th>
|
||||
<th>Context</th>
|
||||
{% if data[1] %}
|
||||
<th>Added By:</th>
|
||||
<th><span class="glyphicon glyphicon-trash"></span></th>
|
||||
{% endif %}
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{% for entry in data %}
|
||||
{% for entry in data[0] %}
|
||||
<tr>
|
||||
<td>{{ "{:%Y/%m/%d %H:%M:%S}".format(entry[2]) }}</td>
|
||||
<td><a href="/">{{ entry[2] }}</a></td>
|
||||
<td>{{ uid_to_user(entry[3]) }}</td>
|
||||
<td>{{ entry[1] }}</td>
|
||||
<td>{{ entry[4] }}</td>
|
||||
{% if data[1] %}
|
||||
<td>{{ uid_to_user(entry[5]) }}</td>
|
||||
<td><a href="/deletequote?id={{ entry[0] }}" class="btn btn-danger"role="button" ><span class="glyphicon glyphicon-trash"></span></a></td>
|
||||
{% endif %}
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</tbody>
|
||||
|
Loading…
Reference in New Issue
Block a user