diff options
Diffstat (limited to 'app/static/doc/flask-docs/tutorial/views.html')
| -rw-r--r-- | app/static/doc/flask-docs/tutorial/views.html | 206 |
1 files changed, 0 insertions, 206 deletions
diff --git a/app/static/doc/flask-docs/tutorial/views.html b/app/static/doc/flask-docs/tutorial/views.html deleted file mode 100644 index feed988..0000000 --- a/app/static/doc/flask-docs/tutorial/views.html +++ /dev/null @@ -1,206 +0,0 @@ - -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" - "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> - - -<html xmlns="http://www.w3.org/1999/xhtml"> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> - - <title>Step 5: The View Functions — Flask 0.8 documentation</title> - - <link rel="stylesheet" href="../_static/flasky.css" type="text/css" /> - <link rel="stylesheet" href="../_static/pygments.css" type="text/css" /> - - <script type="text/javascript"> - var DOCUMENTATION_OPTIONS = { - URL_ROOT: '../', - VERSION: '0.8', - COLLAPSE_INDEX: false, - FILE_SUFFIX: '.html', - HAS_SOURCE: true - }; - </script> - <script type="text/javascript" src="../_static/jquery.js"></script> - <script type="text/javascript" src="../_static/underscore.js"></script> - <script type="text/javascript" src="../_static/doctools.js"></script> - <link rel="top" title="Flask 0.8 documentation" href="../index.html" /> - <link rel="up" title="Tutorial" href="index.html" /> - <link rel="next" title="Step 6: The Templates" href="templates.html" /> - <link rel="prev" title="Step 4: Request Database Connections" href="dbcon.html" /> - - - <link rel="apple-touch-icon" href="../_static/touch-icon.png" /> - - <link media="only screen and (max-device-width: 480px)" href="../_static/small_flask.css" type= "text/css" rel="stylesheet" /> - - </head> - <body> - <div class="related"> - <h3>Navigation</h3> - <ul> - <li class="right" style="margin-right: 10px"> - <a href="../genindex.html" title="General Index" - accesskey="I">index</a></li> - <li class="right" > - <a href="templates.html" title="Step 6: The Templates" - accesskey="N">next</a> |</li> - <li class="right" > - <a href="dbcon.html" title="Step 4: Request Database Connections" - accesskey="P">previous</a> |</li> - <li><a href="../index.html">Flask 0.8 documentation</a> »</li> - <li><a href="index.html" accesskey="U">Tutorial</a> »</li> - </ul> - </div> - - <div class="document"> - <div class="documentwrapper"> - <div class="bodywrapper"> - <div class="body"> - - <div class="section" id="step-5-the-view-functions"> -<span id="tutorial-views"></span><h1>Step 5: The View Functions<a class="headerlink" href="#step-5-the-view-functions" title="Permalink to this headline">¶</a></h1> -<p>Now that the database connections are working we can start writing the -view functions. We will need four of them:</p> -<div class="section" id="show-entries"> -<h2>Show Entries<a class="headerlink" href="#show-entries" title="Permalink to this headline">¶</a></h2> -<p>This view shows all the entries stored in the database. It listens on the -root of the application and will select title and text from the database. -The one with the highest id (the newest entry) will be on top. The rows -returned from the cursor are tuples with the columns ordered like specified -in the select statement. This is good enough for small applications like -here, but you might want to convert them into a dict. If you are -interested in how to do that, check out the <a class="reference internal" href="../patterns/sqlite3.html#easy-querying"><em>Easy Querying</em></a> example.</p> -<p>The view function will pass the entries as dicts to the -<cite>show_entries.html</cite> template and return the rendered one:</p> -<div class="highlight-python"><div class="highlight"><pre><span class="nd">@app.route</span><span class="p">(</span><span class="s">'/'</span><span class="p">)</span> -<span class="k">def</span> <span class="nf">show_entries</span><span class="p">():</span> - <span class="n">cur</span> <span class="o">=</span> <span class="n">g</span><span class="o">.</span><span class="n">db</span><span class="o">.</span><span class="n">execute</span><span class="p">(</span><span class="s">'select title, text from entries order by id desc'</span><span class="p">)</span> - <span class="n">entries</span> <span class="o">=</span> <span class="p">[</span><span class="nb">dict</span><span class="p">(</span><span class="n">title</span><span class="o">=</span><span class="n">row</span><span class="p">[</span><span class="mi">0</span><span class="p">],</span> <span class="n">text</span><span class="o">=</span><span class="n">row</span><span class="p">[</span><span class="mi">1</span><span class="p">])</span> <span class="k">for</span> <span class="n">row</span> <span class="ow">in</span> <span class="n">cur</span><span class="o">.</span><span class="n">fetchall</span><span class="p">()]</span> - <span class="k">return</span> <span class="n">render_template</span><span class="p">(</span><span class="s">'show_entries.html'</span><span class="p">,</span> <span class="n">entries</span><span class="o">=</span><span class="n">entries</span><span class="p">)</span> -</pre></div> -</div> -</div> -<div class="section" id="add-new-entry"> -<h2>Add New Entry<a class="headerlink" href="#add-new-entry" title="Permalink to this headline">¶</a></h2> -<p>This view lets the user add new entries if they are logged in. This only -responds to <cite>POST</cite> requests, the actual form is shown on the -<cite>show_entries</cite> page. If everything worked out well we will -<a class="reference internal" href="../api.html#flask.flash" title="flask.flash"><tt class="xref py py-func docutils literal"><span class="pre">flash()</span></tt></a> an information message to the next request and -redirect back to the <cite>show_entries</cite> page:</p> -<div class="highlight-python"><div class="highlight"><pre><span class="nd">@app.route</span><span class="p">(</span><span class="s">'/add'</span><span class="p">,</span> <span class="n">methods</span><span class="o">=</span><span class="p">[</span><span class="s">'POST'</span><span class="p">])</span> -<span class="k">def</span> <span class="nf">add_entry</span><span class="p">():</span> - <span class="k">if</span> <span class="ow">not</span> <span class="n">session</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">'logged_in'</span><span class="p">):</span> - <span class="n">abort</span><span class="p">(</span><span class="mi">401</span><span class="p">)</span> - <span class="n">g</span><span class="o">.</span><span class="n">db</span><span class="o">.</span><span class="n">execute</span><span class="p">(</span><span class="s">'insert into entries (title, text) values (?, ?)'</span><span class="p">,</span> - <span class="p">[</span><span class="n">request</span><span class="o">.</span><span class="n">form</span><span class="p">[</span><span class="s">'title'</span><span class="p">],</span> <span class="n">request</span><span class="o">.</span><span class="n">form</span><span class="p">[</span><span class="s">'text'</span><span class="p">]])</span> - <span class="n">g</span><span class="o">.</span><span class="n">db</span><span class="o">.</span><span class="n">commit</span><span class="p">()</span> - <span class="n">flash</span><span class="p">(</span><span class="s">'New entry was successfully posted'</span><span class="p">)</span> - <span class="k">return</span> <span class="n">redirect</span><span class="p">(</span><span class="n">url_for</span><span class="p">(</span><span class="s">'show_entries'</span><span class="p">))</span> -</pre></div> -</div> -<p>Note that we check that the user is logged in here (the <cite>logged_in</cite> key is -present in the session and <cite>True</cite>).</p> -<div class="admonition-security-note admonition "> -<p class="first admonition-title">Security Note</p> -<p class="last">Be sure to use question marks when building SQL statements, as done in the -example above. Otherwise, your app will be vulnerable to SQL injection when -you use string formatting to build SQL statements. -See <a class="reference internal" href="../patterns/sqlite3.html#sqlite3"><em>Using SQLite 3 with Flask</em></a> for more.</p> -</div> -</div> -<div class="section" id="login-and-logout"> -<h2>Login and Logout<a class="headerlink" href="#login-and-logout" title="Permalink to this headline">¶</a></h2> -<p>These functions are used to sign the user in and out. Login checks the -username and password against the ones from the configuration and sets the -<cite>logged_in</cite> key in the session. If the user logged in successfully, that -key is set to <cite>True</cite>, and the user is redirected back to the <cite>show_entries</cite> -page. In addition, a message is flashed that informs the user that he or -she was logged in successfully. If an error occurred, the template is -notified about that, and the user is asked again:</p> -<div class="highlight-python"><div class="highlight"><pre><span class="nd">@app.route</span><span class="p">(</span><span class="s">'/login'</span><span class="p">,</span> <span class="n">methods</span><span class="o">=</span><span class="p">[</span><span class="s">'GET'</span><span class="p">,</span> <span class="s">'POST'</span><span class="p">])</span> -<span class="k">def</span> <span class="nf">login</span><span class="p">():</span> - <span class="n">error</span> <span class="o">=</span> <span class="bp">None</span> - <span class="k">if</span> <span class="n">request</span><span class="o">.</span><span class="n">method</span> <span class="o">==</span> <span class="s">'POST'</span><span class="p">:</span> - <span class="k">if</span> <span class="n">request</span><span class="o">.</span><span class="n">form</span><span class="p">[</span><span class="s">'username'</span><span class="p">]</span> <span class="o">!=</span> <span class="n">app</span><span class="o">.</span><span class="n">config</span><span class="p">[</span><span class="s">'USERNAME'</span><span class="p">]:</span> - <span class="n">error</span> <span class="o">=</span> <span class="s">'Invalid username'</span> - <span class="k">elif</span> <span class="n">request</span><span class="o">.</span><span class="n">form</span><span class="p">[</span><span class="s">'password'</span><span class="p">]</span> <span class="o">!=</span> <span class="n">app</span><span class="o">.</span><span class="n">config</span><span class="p">[</span><span class="s">'PASSWORD'</span><span class="p">]:</span> - <span class="n">error</span> <span class="o">=</span> <span class="s">'Invalid password'</span> - <span class="k">else</span><span class="p">:</span> - <span class="n">session</span><span class="p">[</span><span class="s">'logged_in'</span><span class="p">]</span> <span class="o">=</span> <span class="bp">True</span> - <span class="n">flash</span><span class="p">(</span><span class="s">'You were logged in'</span><span class="p">)</span> - <span class="k">return</span> <span class="n">redirect</span><span class="p">(</span><span class="n">url_for</span><span class="p">(</span><span class="s">'show_entries'</span><span class="p">))</span> - <span class="k">return</span> <span class="n">render_template</span><span class="p">(</span><span class="s">'login.html'</span><span class="p">,</span> <span class="n">error</span><span class="o">=</span><span class="n">error</span><span class="p">)</span> -</pre></div> -</div> -<p>The logout function, on the other hand, removes that key from the session -again. We use a neat trick here: if you use the <a class="reference external" href="http://docs.python.org/dev/library/stdtypes.html#dict.pop" title="(in Python v3.3)"><tt class="xref py py-meth docutils literal"><span class="pre">pop()</span></tt></a> method -of the dict and pass a second parameter to it (the default), the method -will delete the key from the dictionary if present or do nothing when that -key is not in there. This is helpful because now we don’t have to check -if the user was logged in.</p> -<div class="highlight-python"><div class="highlight"><pre><span class="nd">@app.route</span><span class="p">(</span><span class="s">'/logout'</span><span class="p">)</span> -<span class="k">def</span> <span class="nf">logout</span><span class="p">():</span> - <span class="n">session</span><span class="o">.</span><span class="n">pop</span><span class="p">(</span><span class="s">'logged_in'</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span> - <span class="n">flash</span><span class="p">(</span><span class="s">'You were logged out'</span><span class="p">)</span> - <span class="k">return</span> <span class="n">redirect</span><span class="p">(</span><span class="n">url_for</span><span class="p">(</span><span class="s">'show_entries'</span><span class="p">))</span> -</pre></div> -</div> -<p>Continue with <a class="reference internal" href="templates.html#tutorial-templates"><em>Step 6: The Templates</em></a>.</p> -</div> -</div> - - - </div> - </div> - </div> - <div class="sphinxsidebar"> - <div class="sphinxsidebarwrapper"><p class="logo"><a href="../index.html"> - <img class="logo" src="../_static/flask.png" alt="Logo"/> -</a></p> - <h3><a href="../index.html">Table Of Contents</a></h3> - <ul> -<li><a class="reference internal" href="#">Step 5: The View Functions</a><ul> -<li><a class="reference internal" href="#show-entries">Show Entries</a></li> -<li><a class="reference internal" href="#add-new-entry">Add New Entry</a></li> -<li><a class="reference internal" href="#login-and-logout">Login and Logout</a></li> -</ul> -</li> -</ul> -<h3>Related Topics</h3> -<ul> - <li><a href="../index.html">Documentation overview</a><ul> - <li><a href="index.html">Tutorial</a><ul> - <li>Previous: <a href="dbcon.html" title="previous chapter">Step 4: Request Database Connections</a></li> - <li>Next: <a href="templates.html" title="next chapter">Step 6: The Templates</a></li> - </ul></li> - </ul></li> -</ul> - <h3>This Page</h3> - <ul class="this-page-menu"> - <li><a href="../_sources/tutorial/views.txt" - rel="nofollow">Show Source</a></li> - </ul> -<div id="searchbox" style="display: none"> - <h3>Quick search</h3> - <form class="search" action="../search.html" method="get"> - <input type="text" name="q" /> - <input type="submit" value="Go" /> - <input type="hidden" name="check_keywords" value="yes" /> - <input type="hidden" name="area" value="default" /> - </form> - <p class="searchtip" style="font-size: 90%"> - Enter search terms or a module, class or function name. - </p> -</div> -<script type="text/javascript">$('#searchbox').show(0);</script> - </div> - </div> - <div class="clearer"></div> - </div> - <div class="footer"> - © Copyright 2010, Armin Ronacher. - Created using <a href="http://sphinx.pocoo.org/">Sphinx</a>. - </div> - </body> -</html>
\ No newline at end of file |