1
0
mirror of https://github.com/Adam-Ant/QuotesDB synced 2024-12-20 11:34:35 +00:00

Add admin moderation and deletion system

This commit is contained in:
Adam Dodman 2017-10-05 17:34:39 +01:00
parent 60421dcdfb
commit 23f622fe21
2 changed files with 41 additions and 4 deletions

33
main.py
View File

@ -1,7 +1,7 @@
from os import urandom as rand
#from flaskext.mysql import MySQL
import pymysql
from flask import Flask, render_template, session, redirect, url_for, request, flash
from flask import Flask, render_template, session, redirect, url_for, request, flash, abort
from passlib.context import CryptContext
import pprint
@ -93,7 +93,35 @@ def index():
@app.route("/quotes")
def quoutepage():
retdata = mysql_do("SELECT * FROM Quotes ORDER BY ID DESC")
return gen_page("quote_view.html", retdata)
try:
isAdmin = session['isAdmin']
except KeyError:
isAdmin = False
return gen_page("quote_view.html", [retdata, isAdmin])
@app.route("/deletequote")
def deletequoute():
try:
if session['isAdmin']:
del_id = request.args.get('id', type=int)
if not del_id:
abort(400)
#Check the record exists
try:
mysql_do("SELECT * FROM Quotes WHERE id=%d" % (del_id))[0]
except IndexError:
abort(400)
mysql_do("DELETE FROM Quotes WHERE id=%d;" % (del_id))
flash("INFO: Quote Deleted", "success")
return redirect(request.referrer or url_for("index"))
else:
abort(403)
except KeyError:
abort(403)
@app.route("/login", methods=['GET', 'POST'])
def login():
@ -208,6 +236,7 @@ def addquote():
@app.context_processor
def utility_processor():
def uid_to_user(uid):
# This probably needs optimizing
for user in userdb:
if user[0] == uid:
return user[1]

View File

@ -25,15 +25,23 @@
<th>User</th>
<th>Quote</th>
<th>Context</th>
{% if data[1] %}
<th>Added By:</th>
<th><span class="glyphicon glyphicon-trash"></span></th>
{% endif %}
</tr>
</thead>
<tbody>
{% for entry in data %}
{% for entry in data[0] %}
<tr>
<td>{{ "{:%Y/%m/%d %H:%M:%S}".format(entry[2]) }}</td>
<td><a href="/">{{ entry[2] }}</a></td>
<td>{{ uid_to_user(entry[3]) }}</td>
<td>{{ entry[1] }}</td>
<td>{{ entry[4] }}</td>
{% if data[1] %}
<td>{{ uid_to_user(entry[5]) }}</td>
<td><a href="/deletequote?id={{ entry[0] }}" class="btn btn-danger"role="button" ><span class="glyphicon glyphicon-trash"></span></a></td>
{% endif %}
</tr>
{% endfor %}
</tbody>