# Setting up the database for the CS122 blog website

References:
- https://github.com/datademofun/heroku-basic-flask

Continue from last lecture, we will set up a database to store data, that is, the CS122 blog posts for your application. We’ll also populate the database with a few example entries.

We’ll use a SQLite database file to store our data because the `sqlite3` module, which we will use to interact with the database, is readily available in the standard Python library.

First, because data in SQLite is stored in tables and columns, and since our data mainly consists of blog posts, we first need to create a table called posts with the necessary columns. We’ll create a `.sql` file that contains SQL commands to create the posts table with a few columns. You’ll then use this file to create the database.

Use your favorite text editor to create a file called `schema.sql`  inside the `my_flask` directory. Type the following SQL commands inside the file:

```
DROP TABLE IF EXISTS posts;

CREATE TABLE posts (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    created TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
    title TEXT NOT NULL,
    content TEXT NOT NULL
);
```
Save and close the file.

[About SQLite datetime date type (there isn't any)](https://stackoverflow.com/questions/68701519/making-sense-of-date-time-and-datatypes-in-sqlite)


The first SQL command is `DROP TABLE IF EXISTS posts;`, this deletes any already existing tables named posts so you don’t get confusing behavior. Note that this will delete all of the content you have in the database whenever you use these SQL commands, so ensure you don’t write any important content in the web application until you finish this tutorial and experiment with the final result. Next, `CREATE TABLE posts` is used to create the `posts` table with the following columns:

- `id`: An integer that represents a *primary key*, this will get assigned a unique value by the database for each entry (that is a blog post).
- `created`: The time the blog post was created at. `NOT NULL` signifies that this column should not be empty and the `DEFAULT` value is the `CURRENT_TIMESTAMP` value, which is the time at which the post was added to the database. Just like `id`, you don’t need to specify a value for this column, as it will be automatically filled in.
- `title`: The post title.
- `content`: The post content.

Now that you have a SQL schema in the `schema.sql` file, you’ll use it to create the database using a Python file that will generate an SQLite `.db` database file. Open a file named `init_db.py` inside the `my_flask` directory using your preferred editor and add the following code:

```
import sqlite3

connection = sqlite3.connect('database.db')


with open('schema.sql') as f:
    connection.executescript(f.read())

cur = connection.cursor()

cur.execute("INSERT INTO posts (title, content) VALUES (?, ?)",
            ('First Post', 'Content for the first post')
            )

cur.execute("INSERT INTO posts (title, content) VALUES (?, ?)",
            ('Second Post', 'Content for the second post')
            )

connection.commit()
connection.close()
```

Save and close the file.

You first import the `sqlite3` module and then open a connection to a database file named `database.db`, which will be created once you run the Python file. Then you use the `open()` function to open the `schema.sql` file. Next you execute its contents using the `executescript()` method that executes multiple SQL statements at once, which will create the `posts` table. You create a Cursor object that allows you to use its `execute()` method to execute two `INSERT` SQL statements to add two blog posts to the `posts` table. Finally, you commit the changes and close the connection.

In the terminal, use the python command:

```
python init_db.py
```

Once the file finishes execution, a new file called `database.db` will appear in your `my_flask` directory. This means you’ve successfully set up your database.

In the next step, you’ll retrieve the posts you inserted into your database and display them in your application’s homepage.


## Inherit a base HTML Template

You might have guessed that making another HTML template would mean repeating most of the HTML code you already wrote in the `index.html` template. You can avoid unnecessary code repetition with the help of a base template file, which all of your HTML files will inherit from. See [Template Inheritance in Jinja](https://jinja.palletsprojects.com/en/2.10.x/templates/#template-inheritance) for more information.

To make a base template, first create a file called `base.html` inside your `templates` directory using your favorite editor.

Type the following code in your `base.html` file:

```
<!doctype html>
<html lang="en">
  <head>
    <!-- Required meta tags -->
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">

    <!-- Bootstrap CSS -->
    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css" integrity="sha384-MCw98/SFnGE8fJT3GXwEOngsV7Zt27NXFoaoApmYm81iuXoPkFOJwJ8ERdknLPMO" crossorigin="anonymous">

    <title>{% block title %} {% endblock %}</title>
  </head>
  <body>
    <nav class="navbar navbar-expand-md navbar-light bg-light">
        <a class="navbar-brand" href="{{ url_for('index')}}">CS122 Blog</a>
        <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
            <span class="navbar-toggler-icon"></span>
        </button>
        <div class="collapse navbar-collapse" id="navbarNav">
            <ul class="navbar-nav">
            <li class="nav-item active">
                <a class="nav-link" href="#">About</a>
            </li>
            </ul>
        </div>
    </nav>
    <div class="container">
        {% block content %} {% endblock %}
    </div>

    <!-- Optional JavaScript -->
    <!-- jQuery first, then Popper.js, then Bootstrap JS -->
    <script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
    <script src="https://cdn.jsdelivr.net/npm/popper.js@1.14.3/dist/umd/popper.min.js" integrity="sha384-ZMP7rVo3mIykV+2+9J3UJ46jBk0WLaUAdn689aCwoqbBJiSnjAK/l8WvCWPIPm49" crossorigin="anonymous"></script>
    <script src="https://cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/js/bootstrap.min.js" integrity="sha384-ChfqqxuZUCnJSK3+MXmPNIyE6ZbWh2IMqE241rYiqJxyMiZ6OW/JmZQ5stwEULTy" crossorigin="anonymous"></script>
  </body>
</html>
```

Save and close the file.

You can use the CSS language to style the application and make it more appealing using your own design. However, if you’re not a web designer, or if you aren’t familiar with CSS, then you can use the [Bootstrap toolkit](https://getbootstrap.com/), which provides easy-to-use components for styling your application. In this project, we’ll use Bootstrap.

Most of the code above is standard HTML and code required for Bootstrap. The `<meta>` tags provide information for the web browser, the `<link>` tag links the Bootstrap CSS files, and the `<script>` tags are links to JavaScript code that allows some additional Bootstrap features, check out the [Bootstrap documentation](https://getbootstrap.com/docs/4.1/getting-started/introduction/) for more.

However, the following bolded parts below are specific to the Jinja template engine:

- **`{% block title %} {% endblock %}`**: A block that serves as a placeholder for a title, you’ll later use it in other templates to give a custom title for each page in your application without rewriting the entire `<head>` section each time.
- **`{{ url_for('index')}}`**: A function call that will return the URL for the `index()` function. This is different from the past `url_for()` call you used to link a static CSS file, because it only takes one argument, which is the index function’s name, and links to the route associated with the function instead of a static file.
- **`{% block content %} {% endblock %}`**: Another block that will be replaced by content depending on the child template (templates that inherit from `base.html`) that will override it.

Now that you have a base template, you can take advantage of it using inheritance. Open the `index.html` file and replace the contents with the following:

```
{% extends 'base.html' %}

{% block content %}
    <h1>{% block title %} Welcome to CS122 Blog {% endblock %}</h1>
{% endblock %}
```


In this new version of the `index.html` template, you use the `{% extends %}` tag to inherit from the `base.html` template. You then extend it via replacing the content block in the base template with what is inside the content block in the preceding code block.

This content block contains an`<h1>` tag with the text **Welcome to CS122 Blog** inside a title block, which in turn replaces the original title block in the `base.html` template with the text Welcome to CS122 Blog. This way, you can avoid repeating the same text twice, as it works both as a title for the page and a heading that appears below the navigation bar inherited from the base template.

Template inheritance also gives you the ability to reuse the HTML code you have in other templates (`base.html` in this case) without having to repeat it each time it is needed.

Save and close the file and refresh the index page on your browser. You’ll see your page with a navigation bar and styled title.

# Displaying a Post

In this step, you’ll create a new Flask route with a post function and a new HTML template to display an individual blog post by its ID.

By the end of this step, the URL `http://127.0.0.1:5000/1` will be a page that displays the first post (because it has the ID `1`). The `http://127.0.0.1:5000/ID` URL will display the post with the associated `ID` number if it exists.

Edit the `app.py` file with an editor. Add the following lines to the beginning of the code:

```
import sqlite3
from werkzeug.exceptions import abort
```

Next, add a function that creates a database connection and returns it. Add the following code immediately below the import statements in `app.py`:

```
def get_db_connection():
    conn = sqlite3.connect('database.db')
    conn.row_factory = sqlite3.Row
    return conn
```

This `get_db_connection()` function opens a connection to the `database.db` database file, and then sets the `row_factory` attribute to `sqlite3.Row` so you can have name-based access to columns. This means that the database connection will return rows that behave like regular Python dictionaries. Lastly, the function returns the `conn` connection object you’ll be using to access the database.

Since you’ll need to get a blog post by its ID from the database in multiple locations later in this project, you’ll create a standalone function called `get_post()`. You can call it by passing it an ID and receive back the blog post associated with the provided ID, or make Flask respond with a `404 Not Found` message if the blog post does not exist.

To respond with a `404` page, you need to import the [`abort()`](https://werkzeug.palletsprojects.com/en/3.0.x/exceptions/#simple-aborting) function from the [`Werkzeug`](https://werkzeug.palletsprojects.com/en/3.0.x/) library, a web server gateway interfact ([WSGI](https://wsgi.readthedocs.io/en/latest/)) library, which was installed along with Flask, at the top of the file:

Add the `get_post()` function right after the `get_db_connection()` function you created in the previous step:

```
def get_post(post_id):
    conn = get_db_connection()
    post = conn.execute('SELECT * FROM posts WHERE id = ?',
                        (post_id,)).fetchone()
    conn.close()
    if post is None:
        abort(404)
    return post
```


This new function has a `post_id` argument that determines what blog post to return.

Inside the function, you use the `get_db_connection()` function to open a database connection and execute a SQL query to get the blog post associated with the given `post_id` value. You add the `fetchone()` method to get the result and store it in the `post` variable then close the connection. If the `post` variable has the value `None`, meaning no result was found in the database, you use the `abort()` function you imported earlier to respond with a `404` error code and the function will finish execution. If however, a post was found, you return the value of the `post` variable.


Next, update the `index()` function in `app.py` and add the following `post()` function after the `index()` function:

```
@app.route('/')
def index():
    conn = get_db_connection()
    posts = conn.execute('SELECT * FROM posts').fetchall()
    conn.close()
    return render_template('index.html', posts=posts)
    
@app.route('/<int:post_id>')
def post(post_id):
    post = get_post(post_id)
    return render_template('post.html', post=post)
```

This Python code snippet represents part of a Flask web application. Here’s a detailed explanation of how it works:


1. **Route Decorators (`@app.route()`)**:
   - The `@app.route()` decorator is used to associate a URL path with a Python function. When a client makes a request to a specific path, the associated function is called.

2. **Function Definitions**:
   - The functions `index()` and `post(post_id)` are defined to handle requests to specific routes.

- `@app.route('/')`
   - This decorator maps the root URL (`/`) to the `index()` function.
   - When a user navigates to the home page of the app (e.g., `http://127.0.0.1:5000/`), this function is executed.

- `def index():`
   - **`conn = get_db_connection()`**:
     - establishes a connection to the database and returns a connection object (`conn`).
   - **`posts = conn.execute('SELECT * FROM posts').fetchall()`**:
     - Executes a SQL query that selects all rows from the `posts` table in the database.
     - The `.fetchall()` method retrieves all rows of the query result as a list of rows (typically represented as dictionaries or tuples).
   - **`conn.close()`**:
     - Closes the database connection to free up resources.
   - **`return render_template('index.html', posts=posts)`**:
     - Renders an HTML template named `index.html`, passing the `posts` variable to it.
     - The `posts` variable will be used in the template to display data.

- `@app.route('/<int:post_id>')`
   - This decorator maps URLs like `/1`, `/2`, etc., to the `post(post_id)` function.
   - The [*variable rule*](https://flask.palletsprojects.com/en/1.1.x/quickstart/#variable-rules), `<int:post_id>`, captures an integer value from the URL and passes it as the `post_id` argument to the function.
   - For example, a request to `http://127.0.0.1:5000/2` would trigger `post(2)`.
   - Flask recognizes this and passes its value to the `post_id` keyword argument of your `post()`  function. You then use the `get_post()` function to get the blog post associated with the specified ID and store the result in the post variable, which you pass to a `post.html` template that you’ll soon create.

- `def post(post_id):`
   - **`post = get_post(post_id)`**:
     - Calls a function (assumed to be defined elsewhere in the code) to fetch a specific post from the database using `post_id`.
     - The `get_post` function likely executes a SQL query such as `SELECT * FROM posts WHERE id = ?`, where `?` is replaced with `post_id`.
   - **`return render_template('post.html', post=post)`**:
     - Renders an HTML template named `post.html`, passing the `post` variable to it.
     - This template will use `post` to display the details of the specific post.


Save the `app.py` file and open a new `post.html` file in the `templates` directory for editing. Type the following code in this new `post.html` file. This will display a single post, in addition to also displaying the contents of the post:

```
{% extends 'base.html' %}

{% block content %}
    <h2>{% block title %} {{ post['title'] }} {% endblock %}</h2>
    <span class="badge badge-primary">{{ post['created'] }}</span>
    <p>{{ post['content'] }}</p>
{% endblock %}
```

You add the title block that you defined in the `base.html` template to make the title of the page reflect the post title that is displayed in an `<h2>` heading at the same time.

Save and close the file.

Going back to the index page, you’ll make each post title link to its respective page. You’ll do this using the `url_for()` function. First, open the `index.html` in the `template` directory. Add the following lines of code under the after the line that starts with `<h1>`:

```
{% for post in posts %}
    <a href="{{ url_for('post', post_id=post['id']) }}">
        <h2>{{ post['title'] }}</h2>
    </a>
    <span class="badge badge-primary">{{ post['created'] }}</span>
    <hr>
{% endfor %}

```

Here, the syntax `{% for post in posts %}` is a Jinja `for` loop, which is similar to a Python `for` loop except that it has to be later closed with the `{% endfor %}` syntax. Here, you pass `'post'` to the `url_for()` function as a first argument. This is the name of the `post()` function and since it accepts a `post_id` argument, you give it the value `post['id']`. The `url_for()` function will return the proper URL for each post based on its ID.

Save and close the file.

The links on the index page will now function as expected. With this, you’ve now finished building the part of the application responsible for displaying the blog posts in your database. Next, you’ll add the ability to create blog posts to your application.

# Create a New Post

Up to this point, you have an application that displays the posts in your database but provides no way of adding a new post unless you directly connect to the SQLite database and add one manually. In this section, you’ll create a page on which you will be able to create a post by providing its title and content.

Open the `app.py` file for editing:

First, you’ll import the following from the Flask framework:

- The global `request` object to access incoming request data that will be submitted via an HTML form.
- The `url_for()` function to generate URLs.
- The `flash()` function to flash a message when a request is processed.
- The `redirect()` function to redirect the client to a different location.

Add the following imports to `app.py`:

```
from flask import Flask, render_template, request, url_for, flash, redirect
```

The `flash()` function stores flashed messages in the client’s browser session, which requires setting a secret key. This secret key is used to secure sessions, which allow Flask to remember information from one request to another, such as moving from the new post page to the index page. The user can access the information stored in the session, but cannot modify it unless they have the secret key, so you must never allow anyone to access your secret key. See the [Flask documentation for sessions](https://flask.palletsprojects.com/en/1.1.x/api/#sessions)  for more information.

To set a secret key, you’ll add a `SECRET_KEY` configuration to your application via the app.config object. Add it directly following the `app` definition before defining the `index()` function:

```
. . .
app = Flask(__name__)
app.config['SECRET_KEY'] = 'your secret key'

. . .
```

Remember that the secret key should be a long random string.

After setting a secret key, you’ll create a view function that will render a template that displays a form you can fill in to create a new blog post. Add this new function at the bottom of the `app.py` file:
```
. . .

@app.route('/create', methods=('GET', 'POST'))
def create():
    return render_template('create.html')
```

This creates a `/create` route that accepts both `GET` and `POST` requests. `GET` requests are accepted by default. To also accept `POST` requests, which are sent by the browser when submitting forms, you’ll pass a tuple with the accepted types of requests to the methods argument of the `@app.route()` decorator.

Save and close the file.

To create the template, open a file called `create.html` inside your `templates` folder and add the following code inside this new file:

```
{% extends 'base.html' %}

{% block content %}
<h1>{% block title %} Create a New Post {% endblock %}</h1>

<form method="post">
    <div class="form-group">
        <label for="title">Title</label>
        <input type="text" name="title"
               placeholder="Post title" class="form-control"
               value="{{ request.form['title'] }}"></input>
    </div>

    <div class="form-group">
        <label for="content">Content</label>
        <textarea name="content" placeholder="Post content"
                  class="form-control">{{ request.form['content'] }}</textarea>
    </div>
    <div class="form-group">
        <button type="submit" class="btn btn-primary">Submit</button>
    </div>
</form>
{% endblock %}
```


Most of this code is standard HTML. It will display an input box for the post title, a text area for the post content, and a button to submit the form.

The value of the post title input is `{{ request.form['title'] }}` and the text area has the value `{{ request.form['content'] }}`, this is done so that the data you enter does not get lost if something goes wrong. For example, if you write a long post and you forget to give it a title, a message will be displayed informing you that the title is required. This will happen without losing the post you wrote since it will be stored in the request global object that you have access to in your templates.

Now, with the development server running, use your browser to navigate to the `/create` route:
`http://127.0.0.1:5000/create`


This form submits a POST request to your `create()` function. However, there is no code to handle a POST request in the function yet, so nothing happens after filling in the form and submitting it.

You’ll handle the incoming POST request when a form is submitted. You’ll do this inside the `create()` function. You can separately handle the POST request by checking the value of `request.method`. When its value is set to `'POST'` it means the request is a POST request, you’ll then proceed to extract submitted data, validate it, and insert it into your database.

Open the `app.py` file for editing and modify the `create()` function to look exactly as follows:
```
. . .

@app.route('/create', methods=('GET', 'POST'))
def create():
    if request.method == 'POST':
        title = request.form['title']
        content = request.form['content']

        if len(title) < 1:
            flash('Title is required!')
        else:
            conn = get_db_connection()
            conn.execute('INSERT INTO posts (title, content) VALUES (?, ?)',
                         (title, content))
            conn.commit()
            conn.close()
            return redirect(url_for('index'))

    return render_template('create.html')
```


In the if statement you ensure that the code following it is only executed when the request is a POST request via the comparison `request.method == 'POST'`.

You then extract the submitted title and content from the `request.form` object that gives you access to the form data in the request. If the title is not provided, the condition if not title would be fulfilled, displaying a message to the user informing them that the title is required. If, on the other hand, the title is provided, you open a connection with the `get_db_connection()` function and insert the title and the content you received into the posts table.

You then commit the changes to the database and close the connection. After adding the blog post to the database, you redirect the client to the index page using the `redirect()` function passing it the URL generated by the `url_for()` function with the value 'index' as an argument.

Save and close the file.

Now, navigate to the `/create` route using your web browser: `http://127.0.0.1:5000/create`

Fill in the form with a title of your choice and some content. Once you submit the form, you will see the new post listed on the index page.

Lastly, you’ll display flashed messages and add a link to the navigation bar in the `base.html` template to have easy access to this new page. Open the `base.html` in the template directory. Edit the file by adding a new `<li>` tag following the About link inside the `<nav>` tag. Then add a new for loop directly above the content block to display the flashed messages below the navigation bar. These messages are available in the special `get_flashed_messages()` function Flask provides. Modify the code to include the following lines of code following the `</li>` tag:

```
        <li class="nav-item">
            <a class="nav-link" href="{{url_for('create')}}">New Post</a>
        </li>
```

and add the following lines of code under `<div class="container">`
```
        {% for message in get_flashed_messages() %}
            <div class="alert alert-danger">{{ message }}</div>
        {% endfor %}
```

Save and close the file. The navigation bar will now have a New Post item that links to the `/create` route.

