diff options
Diffstat (limited to 'famille.py')
| -rw-r--r-- | famille.py | 50 |
1 files changed, 22 insertions, 28 deletions
@@ -68,8 +68,8 @@ def pluralize(word, count, plural=None): else: return "{0} {1}s".format(count, word) -def query_db(db, query, args=(), one=False): - cur = db.execute(query, args) +def query_db(query, args=(), one=False): + cur = get_db().execute(query, args) rv = cur.fetchone() if one else cur.fetchall() cur.close() return rv @@ -103,14 +103,13 @@ def login_required(f): @app.route('/news/') @login_required def list_news(): - db = get_db() - news = query_db(db, "SELECT news.*, users.user_name, count(comments.id) as ncomments FROM news " + news = query_db("SELECT news.*, users.user_name, count(comments.id) as ncomments FROM news " "LEFT JOIN users ON news.user_id = users.id " "LEFT JOIN comments ON news.id=comments.news_id GROUP BY news.id " "ORDER BY news.date DESC") - comments = query_db(db, "SELECT * from comments LEFT JOIN users " + comments = query_db("SELECT * from comments LEFT JOIN users " "ON comments.user_id = users.id ORDER BY date DESC LIMIT 5") - users = query_db(db, "SELECT * from users ORDER BY last_seen DESC") + users = query_db("SELECT * from users ORDER BY last_seen DESC") return render_template("news/list.html", news=news, comments=comments, users=users) @@ -121,16 +120,16 @@ def add_news(): content = request.form['content'] content_cache = rstify(content) if 'Add' in request.form: - cur = db.execute("INSERT INTO news " + cur = get_db().execute("INSERT INTO news " "('title', 'content', 'user_id', 'content_cache') " "VALUES (?, ?, ?, ?)", (request.form['title'], content, session['user_id'], content_cache)) news_id = cur.lastrowid - db.commit() + get_db().commit() # send email - emails = query_db(db, "SELECT email from users where notify=1") + emails = query_db("SELECT email from users where notify=1") emails = [email["email"] for email in emails] if emails: message = Message(request.form['title'], @@ -154,12 +153,11 @@ def add_news(): @app.route('/news/<int:news_id>/', methods=['GET', 'POST']) @login_required def show_news(news_id): - db = get_db() - news = query_db(db, "SELECT * FROM news LEFT JOIN users " + news = query_db("SELECT * FROM news LEFT JOIN users " "ON news.user_id = users.id " "WHERE news.id = ?", (news_id,), True) if request.method == 'GET': - comments = query_db(db, "SELECT * FROM comments LEFT JOIN users " + comments = query_db("SELECT * FROM comments LEFT JOIN users " "ON comments.user_id = users.id " "WHERE comments.news_id = ? " "ORDER BY date", (news_id,)) @@ -168,19 +166,18 @@ def show_news(news_id): user_id = session['user_id'] content = request.form['content'] content_cache = rstify(content) - db.execute("INSERT INTO comments " + get_db().execute("INSERT INTO comments " "('user_id', 'content', 'news_id', 'content_cache') " "VALUES (?, ?, ?, ?)", (user_id, content, news_id, content_cache)) - db.commit() + get_db().commit() return redirect(url_for('show_news', news_id=news_id)) @app.route('/news/<int:news_id>/edit', methods=['GET', 'POST']) @login_required def edit_news(news_id): - db = get_db() if request.method == 'GET': - news = query_db(db, "SELECT * from news WHERE news.id = ?", + news = query_db("SELECT * from news WHERE news.id = ?", (news_id,), True) if news["user_id"] == session['user_id']: return render_template('news/add.html', news=news) @@ -188,10 +185,10 @@ def edit_news(news_id): title = request.form['title'] content = request.form['content'] content_cache = rstify(content) - db.execute("UPDATE news SET 'title'=?, 'content'=?, 'content_cache'=? " + get_db().execute("UPDATE news SET 'title'=?, 'content'=?, 'content_cache'=? " "WHERE news.id =?", (title, content, content_cache, news_id)) - db.commit() + get_db().commit() return redirect(url_for('show_news', news_id=news_id)) @app.route('/user/<int:user_id>/') @@ -204,9 +201,8 @@ def view_user(user_id): @app.route('/user/edit/', methods=['GET', 'POST']) @login_required def edit_user(): - db = get_db() if request.method == 'GET': - user = query_db(db, 'SELECT * FROM users WHERE id= ?', + user = query_db('SELECT * FROM users WHERE id= ?', (session['user_id'],), True) user = {k: user[k] for k in user.keys() if user[k]} return render_template("user/edit.html", user=user) @@ -228,8 +224,8 @@ def edit_user(): sqlstr = "UPDATE users SET email= ?, phone=?, birthday=?, nameday=?," \ "address_line1=?, address_line2=?, address_city_line=?, timezone=?, notify=? " \ "where id=?" - db.execute(sqlstr, args) - db.commit() + get_db().execute(sqlstr, args) + get_db().commit() session["timezone"] = request.form["timezone"] return redirect(url_for('view_user', user_id=session['user_id'])) @@ -240,19 +236,18 @@ def login(): error = None if request.method == 'POST': - db = get_db() username = request.form['username'] password = hashlib.md5(request.form['password']).hexdigest(); - user = query_db(db, 'select * from users where user_name = ?', + user = query_db('select * from users where user_name = ?', (username,), True) if user: if user['password'] == password: session['user_name'] = user['user_name'] session['user_id'] = user['id'] session['timezone'] = user['timezone'] or "UTC" - db.execute("UPDATE users SET last_seen=? WHERE id=?", + get_db().execute("UPDATE users SET last_seen=? WHERE id=?", (datetime.utcnow(),session['user_id'])) - db.commit() + get_db().commit() return redirect(url_for('list_news')) else: error = u'Mot de passe incorrect' @@ -269,8 +264,7 @@ def logout(): @app.route('/rss.xml') def rss(): - db = get_db() - news = query_db(db, "SELECT * FROM news LEFT JOIN users ON " + news = query_db("SELECT * FROM news LEFT JOIN users ON " "news.user_id=users.id ORDER BY news.date desc") return render_template('rss.xml', news=news) |