0
0
Fork 0

admin_service.py: refactor view function article().

Bug-561
Lan Hui 2023-07-14 08:26:37 +08:00
parent 18c37d583a
commit 87fd594636
1 changed files with 18 additions and 15 deletions

View File

@ -37,6 +37,22 @@ def admin():
@adminService.route("/admin/article", methods=["GET", "POST"]) @adminService.route("/admin/article", methods=["GET", "POST"])
def article(): def article():
def _make_title_and_content(article_lst):
for article in article_lst:
text = escape(article.text) # Fix XSS vulnerability, contributed by Xu Xuan
article.title = text.split("\n")[0]
article.content = '<br/>'.join(text.split("\n")[1:])
def _update_context():
article_len = get_number_of_articles()
context["article_number"] = article_len
context["text_list"] = get_page_articles(_cur_page, _page_size)
_articles = get_page_articles(_cur_page, _page_size)
_make_title_and_content(_articles)
context["text_list"] = _articles
global _cur_page, _page_size global _cur_page, _page_size
is_admin = check_is_admin() is_admin = check_is_admin()
@ -55,10 +71,7 @@ def article():
return "page parmas must be int!" return "page parmas must be int!"
_articles = get_page_articles(_cur_page, _page_size) _articles = get_page_articles(_cur_page, _page_size)
for article in _articles: # 获取每篇文章的title _make_title_and_content(_articles)
text = escape(article.text) # Fix XSS vulnerability, contributed by Xu Xuan
article.title = text.split("\n")[0]
article.content = '<br/>'.join(text.split("\n")[1:])
context = { context = {
"article_number": _article_number, "article_number": _article_number,
@ -68,17 +81,6 @@ def article():
"username": session.get("username"), "username": session.get("username"),
} }
def _update_context():
article_len = get_number_of_articles()
context["article_number"] = article_len
context["text_list"] = get_page_articles(_cur_page, _page_size)
_articles = get_page_articles(_cur_page, _page_size)
for article in _articles: # 获取每篇文章的title
text = escape(article.text) # Fix XSS vulnerability, contributed by Xu Xuan
article.title = text.split("\n")[0]
article.content = '<br/>'.join(text.split("\n")[1:])
context["text_list"] = _articles
if request.method == "GET": if request.method == "GET":
try: try:
@ -102,6 +104,7 @@ def article():
_update_context() _update_context()
title = content.split('\n')[0] title = content.split('\n')[0]
flash(f'Article added. Title: {title}') flash(f'Article added. Title: {title}')
return render_template("admin_manage_article.html", **context) return render_template("admin_manage_article.html", **context)