diff --git a/route_handlers.go b/route_handlers.go index ed71d55..f038a49 100644 --- a/route_handlers.go +++ b/route_handlers.go @@ -30,6 +30,7 @@ func sessionWipe(session *sessions.Session) { } func initSessionUser(r *http.Request) (*user.User, *sessions.Session) { + # TODO verify ssl session session, _ := store.Get(r, "c_user") if session.Values["username"] == nil { return nil, session @@ -196,6 +197,63 @@ func addPostHandler(w http.ResponseWriter, r *http.Request, user *user.User, ses } } +// +func editFormHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) { + categories.LoadCategories(db) + + flashes := GetFlashes(session) + title := session.Values["title"] + delete(session.Values, "title") + link := session.Values["link"] + delete(session.Values, "link") + description := session.Values["description"] + delete(session.Values, "description") + category := session.Values["category"] + delete(session.Values, "category") + session.Save(r, w) + + if link != nil { + //TODO category_id + ShowTemplate("add", w, map[string]interface{}{"user": user, "flashes": flashes, "categories": categories.CategoriesTree, "link": link, "title": title, "description": description, "popup": false, "category": category}) + return + } +} + +func addPostHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) { + var news news.News + + news.Title = r.FormValue("title") + news.Notes = r.FormValue("notes") + news.Url = r.FormValue("link") + popup := r.FormValue("popup") + category_id, err := strconv.Atoi(r.FormValue("category")) + if err != nil { + category_id = -1 + } + news.Category_id = category_id + + err = (&news).Insert(db) + if err != nil { + session.AddFlash("Error saving news: "+err.Error(), flash_err) + session.Values["title"] = news.Title + session.Values["link"] = news.Url + session.Values["notes"] = news.Notes + session.Values["popup"] = popup + session.Save(r, w) + http.Redirect(w, r, "/add", http.StatusFound) + } else { + // TODO auto close? redirect + session.AddFlash("Added news \""+news.Title+"\"", flash_info) + session.Save(r, w) + if popup == "1" { + http.Redirect(w, r, "/added", http.StatusFound) + } else { + http.Redirect(w, r, "/", http.StatusFound) + } + } +} + + func templateFormHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) { flashes := GetFlashes(session) session.Save(r, w) @@ -371,6 +429,7 @@ func init_route_handlers() { r := mux.NewRouter() + # TODO: CSRF r.HandleFunc("/login", getPostHandler(LoginFormHandler, LoginPostHandler)) r.HandleFunc("/logout", userHandler(LogoutHandler)) @@ -381,6 +440,7 @@ func init_route_handlers() { r.HandleFunc("/export-commit", userHandler(exportHandler)) r.HandleFunc("/added", userHandler(addedHandler)) r.HandleFunc("/delete", userHandler(deleteHandler)) + r.HandleFunc("/edit", getPostHandler(userHandler(editFormHandler), userHandler(editPostHandler))) r.HandleFunc("/categories", getPostHandler(userHandler(categoriesFormHandler), userHandler(categoriesPostHandler))) r.HandleFunc("/categories/change-parent", userHandler(categoryChangeParentHandler)) diff --git a/templates/pages/add.html b/templates/pages/add.html index 28e3faa..8e8c4c9 100644 --- a/templates/pages/add.html +++ b/templates/pages/add.html @@ -7,7 +7,7 @@