-
Notifications
You must be signed in to change notification settings - Fork 4
db7
First, let's cover the SQL DELETE statement:
DELETE FROM table_name
WHERE [condition]
Like UPDATE, DELETE needs a WHERE clause to tell it which rows to delete from the specified table. The WHERE clause can be as complicated as you like. Technically you can omit the WHERE clause entirely (like you can with a SELECT statement), but then the DELETE will remove all rows from the table!
Using your /edit route and edit.html as guidance, try adding a /delete route and delete.html template that will let users delete blog posts.
Guide:
- Deleting a blog post will be a two step process. Like editing, the first step is to display a form letting the user select which blog post to delete. You can basically copy-and-paste your first step from the edit route and the
edit.htmltemplate. The second step is doing the deleting. For this, copy the third step from the edit route and edit.html and modify the SQL UPDATE statement into an SQL DELETE statement. Just like in edit, you will use the postid as the variable to delete by. - Let's call our two steps "display_entries" and "delete_entry."
Suggested steps:
- Copy the edit route to a new delete route. Copy edit.html to delete.html.
- In home.html, add a link for the new delete route.
- Changing the route:
- Remove the second step.
- In step 1, the only change to make is to change render_template to use delete.html instead of edit.html
- In step 2 (our version of edit's step 3), modify the UPDATE into a DELETE. You only need one question mark in the SQL statement. Don't forget the
conn.commit()!. Make sure render_template uses delete.html
- Changing delete.html
- Remove the second step.
- In step 1, the only change to make is to change the "step" hidden field to "delete_entry."
- In step 2 (old step 3), change the elif part to trigger on "delete_entry" rather than "update_database".
- You can change the message to say the post has been deleted.
That's all there is to it! You should be able to delete entries now! If something isn't working, use debug() statements liberally in your Python code to print messages to the command line. You must explicitly wrap things in str() and use string concatenation.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
@app.route("/delete", methods=['get', 'post'])
def delete():
debug("form data=" + str(request.form))
# Step 1, display form to select which entry to delete
if "step" not in request.form:
conn = get_db()
cursor = conn.cursor()
cursor.execute('select id, date, title, content from entries order by date')
rowlist = cursor.fetchall()
return render_template('delete.html', step="display_entries", entries=rowlist)
# Step 2, user has changed post, now update the DB with changes
elif request.form["step"] == "delete_entry":
conn = get_db()
cursor = conn.cursor()
# get the postID from the form
postid = int(request.form["postid"])
# run our DELETE
cursor.execute("delete from entries where id=%s", [postid])
conn.commit()
return render_template("delete.html", step="delete_entry")delete.html:
<html>
<head>
<title>Delete an entry</title>
</head>
<body>
<h1>Delete an entry</h1>
{% if step == "display_entries" %}
{% if entries|length > 0 %}
Choose an entry to edit:
<form action="{{ url_for('delete') }}" method="post">
<table border="1">
<tr><td></td><td>Date</td><td>Title</td></tr>
{% for entry in entries %}
<tr><td><input type="radio" name="postid" value="{{entry.id}}"></td>
<td>{{ entry.date }}</td><td>{{ entry.title }}</td></tr>
{% endfor %}
</table>
<input type="hidden" name="step" value="delete_entry">
<input type="submit">
</form>
{% else %}
There are no entries.
<p>
<a href="{{ url_for('homepage') }}">Back to homepage</a>
{% endif %}
{% elif step == "delete_entry" %}
Entry has been deleted.
<p>
<a href="{{ url_for('homepage') }}">Back to homepage</a>
{% endif %}
</body>
</html>Use the main wiki page to navigate, not the list of pages directly above, because those are out of order.