delete posts

This commit is contained in:
maaa 2023-07-10 18:53:11 +02:00
parent 08d2d3373d
commit d90ef9f92d
3 changed files with 55 additions and 15 deletions

46
main
View File

@ -291,6 +291,10 @@ def apilogin():
return {
"key": randomCharacters
}, 100
else:
return {
"error": "https://http.cat/images/400.jpg"
}, 400
@app.route("/api/post", methods=("GET", "POST"))
def apipost():
@ -560,23 +564,35 @@ def settings():
return redirect("/")
@app.route("/remove/<postid>", methods=("GET", "POST"))
def remove(postid):
@app.route("/api/delete", methods=("GET", "POST"))
def delete():
usersession = request.cookies.get("session_DO_NOT_SHARE")
if usersession:
userCookie = get_session(usersession)
user = get_user(userCookie["id"])
if str(user["administrator"]) == "1":
post = get_post(postid)
conn = get_db_connection()
conn.execute("DELETE FROM posts WHERE id = ?", (postid,))
conn.commit()
conn.close()
return "Deleted post!"
else:
return "nice try"
if request.method == "POST":
data = request.get_json()
postid = int(data["id"])
post = get_post(postid)
if not post == "error":
if usersession:
userCookie = get_session(usersession)
user = get_user(userCookie["id"])
if (str(user["administrator"]) == "1") or (int(user["id"]) == int(post["creator"])):
post = get_post(postid)
conn = get_db_connection()
conn.execute("DELETE FROM posts WHERE id = ?", (postid,))
conn.commit()
conn.close()
return "success", 100
else:
return {
"error": "https://http.cat/images/403.jpg"
}, 403
else:
return redirect(url_for("login"))
return {
"error": "https://http.cat/images/400.jpg"
}, 400
@app.route("/listusers", methods=("GET", "POST"))
def listusers():

View File

@ -6,6 +6,7 @@ for (let i = 0; i < posts.length; i++) {
let commentBurgerDiv = post.children["commentBurgerDiv"]
let usernameElement = post.children["usernameElement"]
let commentDiv = post.children["commentDiv"]
let removeButton = post.children["removeButton"]
let commentBox = commentDiv.children["commentBox"]
let commentSave = commentDiv.children["commentDivSave"]
let commentCancel = commentDiv.children["commentDivCancel"]
@ -41,4 +42,20 @@ for (let i = 0; i < posts.length; i++) {
}
})
});
removeButton.addEventListener("click", (e) => {
console.log("fart")
post.classList.add("hidden")
id = String(commentId.innerHTML)
fetch("/api/delete", {
method: "POST",
body: JSON.stringify({
id: id
}),
headers: {
"Content-Type": "application/json"
}
})
});
}

View File

@ -55,6 +55,13 @@
{% endif %}
<p id="commentId" class="hidden">{{ post.id }}</p>
<button id="commentButton" class="comment">comment</button>
{% if userdata %}
{% if post.creator | int == userdata.id | int or userdata.administrator == 1%}
<button id="removeButton" class="comment">remove</button>
{% else %}
<button id="removeButton" class="comment hidden">remove</button>
{% endif %}
{% endif %}
<div id="commentDiv" class="commentdiv hidden">
{% if userdata %}
<input id="commentBox" type="text" placeholder="content">