I have no idea what I'm doing. But: Trust me, I'm an engineer.

server.py

@@ -31,7 +31,11 @@ def index():
     if not loggedin():
         return redirect(url_for('login'))
     diaries=db.query(Diary).filter_by(owner=session['id']).all()
-    return render_template('index.html',diaries=diaries)
+    if request.args.get('error') == '1':
+        error='you already used that name'
+    else:
+        error=''
+    return render_template('index.html',diaries=diaries, error=error)
 
 @app.route('/login',methods=['GET','POST'])
 def login():
@@ -49,12 +53,15 @@ def logout():
     setuser('','')
     return redirect(url_for('index'))
 
-@app.route('/diary/?new',methods=['POST'])
+@app.route('/newdiary',methods=['POST'])
 def newdiary():
     if not loggedin():
         abort(403)
-    d=Diary(session['id'], request.form['name'])
+    d=db.query(Diary).filter_by(name=request.form['name'], owner=session['id']).first()
-    db.add(d)
+    if d:
+        return redirect(url_for('index', error=1))
+    nd=Diary(session['id'], request.form['name'])
+    db.add(nd)
     db.commit()
     return redirect(url_for('diary', name=request.form['name']))
 

templates/index.html

@@ -7,6 +7,9 @@
     <script src="{{ url_for('static',filename='script.js') }}"></script>
 </head>
 <body>
+    {% if error != '' %}
+        <div style="border: red 1px solid; color: red;">{{ error }}</div>
+    {% endif %}
     <p>
         <a href="{{ url_for('logout') }}">Logout</a>
         <form method="post" action="{{ url_for('newdiary')}}">