diff options
-rw-r--r-- | apioforum/__init__.py | 6 | ||||
-rw-r--r-- | apioforum/auth.py | 5 | ||||
-rw-r--r-- | apioforum/forum.py | 29 | ||||
-rw-r--r-- | apioforum/templates/base.html | 3 | ||||
-rw-r--r-- | apioforum/templates/common.html | 2 | ||||
-rw-r--r-- | apioforum/templates/config_thread.html | 26 | ||||
-rw-r--r-- | apioforum/templates/delete_post.html | 4 | ||||
-rw-r--r-- | apioforum/templates/search_results.html | 4 | ||||
-rw-r--r-- | apioforum/templates/user_settings.html | 6 | ||||
-rw-r--r-- | apioforum/templates/view_thread.html | 4 | ||||
-rw-r--r-- | apioforum/templates/view_user.html | 6 | ||||
-rw-r--r-- | apioforum/thread.py | 38 | ||||
-rw-r--r-- | apioforum/user.py | 12 |
13 files changed, 65 insertions, 80 deletions
diff --git a/apioforum/__init__.py b/apioforum/__init__.py index 54d18c3..9d49f36 100644 --- a/apioforum/__init__.py +++ b/apioforum/__init__.py @@ -46,7 +46,11 @@ def create_app(): if len(request.query_string) > 0: p += "?" + request.query_string.decode("utf-8") return dict(path_for_next=p) - + + from .mdrender import render + @app.template_filter('md') + def md_render(s): + return render(s) app.add_url_rule("/",endpoint="index") diff --git a/apioforum/auth.py b/apioforum/auth.py index dae7b03..8a34700 100644 --- a/apioforum/auth.py +++ b/apioforum/auth.py @@ -5,7 +5,6 @@ from flask import ( from werkzeug.security import check_password_hash, generate_password_hash from .db import get_db import functools -import datetime bp = Blueprint("auth", __name__, url_prefix="/auth") @@ -58,8 +57,8 @@ def register(): if err is None: db.execute( - "INSERT INTO users (username, password, joined) VALUES (?,?,?);", - (username,generate_password_hash(password),datetime.datetime.now()) + "INSERT INTO users (username, password, joined) VALUES (?,?,current_timestamp);", + (username,generate_password_hash(password)) ) db.commit() flash("successfully created account") diff --git a/apioforum/forum.py b/apioforum/forum.py index 30e29cb..defc5b1 100644 --- a/apioforum/forum.py +++ b/apioforum/forum.py @@ -9,6 +9,8 @@ from flask import ( from .db import get_db from .mdrender import render +from sqlite3 import OperationalError + bp = Blueprint("forum", __name__, url_prefix="/") @@ -71,15 +73,21 @@ def create_thread(): def search(): db = get_db() query = request.args["q"] - results = db.execute(""" - SELECT posts.id, highlight(posts_fts, 0, '<mark>', '</mark>') AS content, posts.thread, posts.author, posts.created, posts.edited, posts.updated, threads.title AS thread_title - FROM posts_fts - JOIN posts ON posts_fts.rowid = posts.id - JOIN threads ON threads.id = posts.thread - WHERE posts_fts MATCH ? - ORDER BY rank - LIMIT 50 - """, (query,)).fetchall() + try: + results = db.execute(""" + SELECT posts.id, highlight(posts_fts, 0, '<mark>', '</mark>') AS + content, posts.thread, posts.author, posts.created, posts.edited, + posts.updated, threads.title AS thread_title + FROM posts_fts + JOIN posts ON posts_fts.rowid = posts.id + JOIN threads ON threads.id = posts.thread + WHERE posts_fts MATCH ? + ORDER BY rank + LIMIT 50 + """, (query,)).fetchall() + except OperationalError: + flash('your search query was malformed.') + return redirect(url_for("forum.view_forum")) display_thread_id = [ True ] * len(results) last_thread = None @@ -87,5 +95,4 @@ def search(): if result["thread"] == last_thread: display_thread_id[ix] = False last_thread = result["thread"] - rendered_posts = [render(q['content']) for q in results] - return render_template("search_results.html", results=results, query=query, rendered_posts=rendered_posts, display_thread_id=display_thread_id) + return render_template("search_results.html", results=results, query=query, display_thread_id=display_thread_id) diff --git a/apioforum/templates/base.html b/apioforum/templates/base.html index 573c9ce..637cc09 100644 --- a/apioforum/templates/base.html +++ b/apioforum/templates/base.html @@ -1,4 +1,5 @@ {# BASED? BASED ON WHAT? #} +{% from 'common.html' import disp_user with context %} <!DOCTYPE html> <html> <head> @@ -20,7 +21,7 @@ <p><a href="{{url_for('index')}}">home</a></p> {% if g.user %} - <p><a class="username" href="{{url_for('user.view_user', username=g.user)}}">{{g.user}}</a></p> + <p>{{ disp_user(g.user) }}</p> {% if is_admin %} <p><a href="{{url_for('admin.admin_page')}}">admin</a></p> diff --git a/apioforum/templates/common.html b/apioforum/templates/common.html index 3db9974..28598e7 100644 --- a/apioforum/templates/common.html +++ b/apioforum/templates/common.html @@ -23,7 +23,7 @@ </span> </div> <div class="post-content"> - {{ caller() }} + {{ post.content|md|safe }} </div> </div> {% endmacro %} diff --git a/apioforum/templates/config_thread.html b/apioforum/templates/config_thread.html index 973fbf5..b26a73d 100644 --- a/apioforum/templates/config_thread.html +++ b/apioforum/templates/config_thread.html @@ -5,25 +5,23 @@ <form method="post"> <fieldset> <legend>title</legend> -<p>if you want to change the title of this thread, make sure you check the "change title?" box.</p> -<label for="do_title">change title?</label> -<input type="checkbox" id="do_title" name="do_title"><br> <label for="title">thread title</label> <input type="text" id="title" name="title" value="{{thread.title}}"> </fieldset> <fieldset> <legend>tags</legend> -<p>if you want to change the tags on this thread, make sure you check the "change tags?" box.</p> -<label for="do_chtags">change tags?</label> -<input type="checkbox" name="do_chtags" id="do_chtags"><br> -<ul> - {% for the_tag in avail_tags %} - <li> - <input type="checkbox" id="tag_{{the_tag.id}}" name="tag_{{the_tag.id}}" {%- if the_tag.id in thread_tags %} checked{% endif %}> - <label for="tag_{{the_tag.id}}">#{{the_tag.id}} {{tag(the_tag)}}</label> - </li> - {% endfor %} -</ul> +{% if avail_tags %} + <ul> + {% for the_tag in avail_tags %} + <li> + <input type="checkbox" id="tag_{{the_tag.id}}" name="tag_{{the_tag.id}}" {%- if the_tag.id in thread_tags %} checked{% endif %}> + <label for="tag_{{the_tag.id}}">#{{the_tag.id}} {{tag(the_tag)}}</label> + </li> + {% endfor %} + </ul> +{% else %} + <p>there are no available tags.</p> +{% endif %} </fieldset> <p>confirm changes?</p> <input type="submit" value="confirm"> diff --git a/apioforum/templates/delete_post.html b/apioforum/templates/delete_post.html index 6f99704..2f16598 100644 --- a/apioforum/templates/delete_post.html +++ b/apioforum/templates/delete_post.html @@ -5,9 +5,7 @@ {% endblock %} {% block content %} -{% call disp_post(post, False) %} -{{ rendered_content | safe }} -{% endcall %} +{{ disp_post(post, False) }} <form method="post"> <p>confirm delete?</p> diff --git a/apioforum/templates/search_results.html b/apioforum/templates/search_results.html index 4d0be2f..fe016ab 100644 --- a/apioforum/templates/search_results.html +++ b/apioforum/templates/search_results.html @@ -16,9 +16,7 @@ </a></h3> <div class="posts"> {% endif %} - {% call disp_post(result, False) %} - {{ rendered_posts[loop.index0] | safe}} - {% endcall %} + {{ disp_post(result, False) }} {% endfor %} {% if results|length > 0 %} diff --git a/apioforum/templates/user_settings.html b/apioforum/templates/user_settings.html index ad93036..cac613a 100644 --- a/apioforum/templates/user_settings.html +++ b/apioforum/templates/user_settings.html @@ -4,9 +4,6 @@ <form method="post"> <fieldset> <legend>change password</legend> -<p>if you want to change your password, make sure you check the "change password?" box.</p> -<label for="do_chpass">change password?</label> -<input type="checkbox" id="do_chpass" name="do_chpass"><br> <label for="password">current password</label> <input type="text" id="password" name="password"><br> <label for="new_password">new password</label> @@ -14,9 +11,6 @@ </fieldset> <fieldset> <legend>change bio</legend> -<p>if you want to change your bio, make sure you check the "change bio?" box.</p> -<label for="do_chbio">change bio?</label> -<input type="checkbox" name="do_chbio" id="do_chbio"><br> <textarea class="new-post-box" name="bio" maxlength="4000"> {{- user.bio or "hail GEORGE" -}} </textarea> diff --git a/apioforum/templates/view_thread.html b/apioforum/templates/view_thread.html index abd6aaa..fb62880 100644 --- a/apioforum/templates/view_thread.html +++ b/apioforum/templates/view_thread.html @@ -21,9 +21,7 @@ <div class="posts"> {% for post in posts %} - {% call disp_post(post, True) %} - {{ rendered_posts[loop.index0] | safe}} - {% endcall %} + {{ disp_post(post, True) }} {% endfor %} </div> {% if g.user %} diff --git a/apioforum/templates/view_user.html b/apioforum/templates/view_user.html index f773978..612c2c0 100644 --- a/apioforum/templates/view_user.html +++ b/apioforum/templates/view_user.html @@ -12,7 +12,7 @@ </div> <div class="user_info"> <div class="user_bio_quote"> - <div class="user_bio">{{rendered_bio|safe}}</div> + <div class="user_bio">{{(user.bio or "hail GEORGE")|md|safe}}</div> <p class="user_bio_attribution">— {{user.username|e}}</p> </div> <dl> @@ -28,9 +28,7 @@ <h2>recent posts</h2> <div class="user_posts"> {% for post in posts %} - {% call disp_post(post, False) %} - {{ rendered_posts[loop.index0] | safe}} - {% endcall %} + {{ disp_post(post, False) }} {% endfor %} </div> {% endif %} diff --git a/apioforum/thread.py b/apioforum/thread.py index ad02b68..4bb3c86 100644 --- a/apioforum/thread.py +++ b/apioforum/thread.py @@ -5,7 +5,6 @@ from flask import ( url_for, flash ) from .db import get_db -from .mdrender import render bp = Blueprint("thread", __name__, url_prefix="/thread") @@ -28,8 +27,7 @@ def view_thread(thread_id): INNER JOIN thread_tags ON thread_tags.tag = tags.id WHERE thread_tags.thread = ? ORDER BY tags.id""",(thread_id,)).fetchall() - rendered_posts = [render(q['content']) for q in posts] - return render_template("view_thread.html",posts=posts,thread=thread,rendered_posts=rendered_posts,tags=tags) + return render_template("view_thread.html",posts=posts,thread=thread,tags=tags) @bp.route("/<int:thread_id>/create_post", methods=("POST",)) def create_post(thread_id): @@ -77,7 +75,7 @@ def delete_post(post_id): flash("post deleted deletedly") return redirect(url_for("thread.view_thread",thread_id=post["thread"])) else: - return render_template("delete_post.html",post=post,rendered_content=render(post["content"])) + return render_template("delete_post.html",post=post) @bp.route("/edit_post/<int:post_id>",methods=["GET","POST"]) @@ -128,7 +126,7 @@ def config_thread(thread_id): if request.method == "POST": err = [] - if 'do_title' in request.form: + if request.form['title'] != thread['title']: title = request.form['title'] if len(title.strip()) == 0: err.append("title can't be empty") @@ -136,22 +134,20 @@ def config_thread(thread_id): db.execute("update threads set title = ? where id = ?;",(title,thread_id)) flash("title updated successfully") db.commit() - if 'do_chtags' in request.form: - changed = False - wanted_tags = [] - for tagid in range(1,len(avail_tags)+1): - current = tagid in thread_tags - wanted = f'tag_{tagid}' in request.form - print(tagid, current, wanted) - if wanted and not current: - db.execute("insert into thread_tags (thread, tag) values (?,?)",(thread_id,tagid)) - changed = True - elif current and not wanted: - db.execute("delete from thread_tags where thread = ? and tag = ?",(thread_id,tagid)) - changed = True - if changed: - db.commit() - flash("tags updated successfully") + changed = False + wanted_tags = [] + for tagid in range(1,len(avail_tags)+1): + current = tagid in thread_tags + wanted = f'tag_{tagid}' in request.form + if wanted and not current: + db.execute("insert into thread_tags (thread, tag) values (?,?)",(thread_id,tagid)) + changed = True + elif current and not wanted: + db.execute("delete from thread_tags where thread = ? and tag = ?",(thread_id,tagid)) + changed = True + if changed: + db.commit() + flash("tags updated successfully") if len(err) > 0: for e in err: diff --git a/apioforum/user.py b/apioforum/user.py index c4a6998..9f4bc5b 100644 --- a/apioforum/user.py +++ b/apioforum/user.py @@ -6,7 +6,6 @@ from flask import ( from werkzeug.security import check_password_hash, generate_password_hash from .db import get_db -from .mdrender import render bp = Blueprint("user", __name__, url_prefix="/user") @@ -19,12 +18,7 @@ def view_user(username): abort(404) posts = db.execute( "SELECT * FROM posts WHERE author = ? ORDER BY created DESC LIMIT 25;",(username,)).fetchall() - rendered_posts = [render(post['content']) for post in posts] - return render_template("view_user.html", - user=user, - rendered_bio=render(user['bio'] or "hail GEORGE"), - posts=posts, - rendered_posts=rendered_posts) + return render_template("view_user.html", user=user, posts=posts) @bp.route("/<username>/edit", methods=["GET","POST"]) def edit_user(username): @@ -38,7 +32,7 @@ def edit_user(username): if request.method == "POST": err = [] - if 'do_chpass' in request.form: + if len(request.form['new_password']) > 0: if not check_password_hash(user['password'],request.form['password']): err.append("entered password does not match current password") else: @@ -46,7 +40,7 @@ def edit_user(username): (generate_password_hash(request.form["new_password"]), username)) db.commit() flash("password changed changefully") - if 'do_chbio' in request.form: + if request.form['bio'] != user['bio']: if len(request.form['bio'].strip()) == 0: err.append("please submit nonempty bio") elif len(request.form['bio']) > 4500: |