protected function canPerform(Model_Owned $model, $action) { $method = "can" . ucfirst(strtolower($action)); if (!$model->{$method}($this->getAuthorizator()->getUser())) { $view = new View_Html(); $view->deny($this->_realm); $object = strtolower(str_replace("Model_", "", get_class($article))); throw new Controller_Exception("Access denied for {$action} to {$object} {$model}.", 401, $view); } }
protected function ajaxView($objname = 'topic') { if ($_REQUEST["ajax"]) { $view = new View_Json(); $view->objname = $objname; } else { $view = new View_Html(); $class = substr(get_class($this), 17); $view->redir($class); } return $view; }
public function saveGroup(Model_Group $group, View_Html $view) { if (isset($_REQUEST['save'])) { $group->setData($_POST); if (!($errors = $group->validate())) { $group->save(); $view->redir('Admin_Group', 'default', array('id' => $group->getId())); return true; } $view->errors = $errors; } return false; }
private function saveComment(Model_Comment $comment, View_Html $view) { if (isset($_REQUEST['save'])) { $comment->setData($_POST); if (!($errors = $comment->validate())) { $comment->save(); $view->redir('Admin_Article', 'edit', array('id' => $comment->article)); return true; } $view->errors = $errors; } return false; }
private function saveTag(Model_Tag $tag, View_Html $view) { if (isset($_REQUEST['save'])) { $tag->setData($_POST); if (!($errors = $tag->validate())) { $tag->save(); $view->redir('Admin_Tag', 'default', array('id' => $tag->getId())); return true; } $view->errors = $errors; } return false; }
private function saveTopic(Model_Topic $topic, View_Html $view) { if (isset($_REQUEST['save'])) { if (!isset($_POST['flags'])) { $_POST['flags'] = array(); } $topic->setData($_POST); if (!($errors = $topic->validate())) { $topic->save(); $topic->getRights()->setRights($_POST['rights'], $_POST['owner'], $_POST['group'])->save(); $view->redir('Admin_Topic', 'default', array('id' => $topic->getId())); return true; } $view->errors = $errors; } return false; }
private function saveAttachment(Model_Attachment $attachment, View_Html $view) { if (isset($_REQUEST['save'])) { $attachment->setData($_POST); if (!($errors = $attachment->validate())) { if ($_FILES && $_FILES['attach']) { if (!$attachment->uploadFile($_FILES['attach'])) { $errors['attach'] = 'File attachment failed.'; return false; } } $attachment->save(); $attachment->getRights()->setRights($_POST['rights'], $_POST['owner'], $_POST['group'])->save(); $view->redir('Admin_Article', 'edit', array('id' => $attachment->article)); return true; } $view->errors = $errors; } return false; }
public function saveUser(Model_User $user, View_Html $view) { if (isset($_REQUEST['save'])) { $errors = array(); if ($_POST['password'] !== $_POST['checkpass']) { $errors['checkpass'] = _('Passwords don\'t match'); } if (!isset($_POST['flags'])) { $_POST['flags'] = array(); } $user->setData($_POST); $errors += $user->validate(); if (!$errors) { $user->save(); $view->redir('Admin_Group', 'default', array('id' => $user->group)); return true; } $view->errors = $errors; } return false; }
private function saveComment(View_Html $view) { if (in_array("comments", $view->article->flags) && $_POST['comment'] === 'save' && !$_POST['comment_url']) { $comment = new Model_Comment($this->getStorage()); $comment->username = nl2br(htmlspecialchars(strip_tags($_POST['comment_username']))); $comment->email = $_POST['comment_email']; $comment->title = nl2br(htmlspecialchars(strip_tags($_POST['comment_title']))); $comment->content = nl2br(htmlspecialchars(strip_tags($_POST['comment_content']))); $comment->article = $view->article->getId(); //$comment->owner = $view->article->owner; //$comment->group = $view->article->group; if (empty($comment->title)) { $comment->title = "Без темы"; } if (!($errors = $comment->validate())) { $comment->save(); $view->redir("Default", "article", array('path' => $view->topic->getPath(), 'article' => $view->article->getId())); return true; } $view->errors = $errors; $view->newComment = $comment; } return false; }
/** * action to be executed if access denied for the user * @return void * @author kstep */ protected function accessDenied() { $view = new View_Html(); $view->deny($this->_realm); throw new Controller_Exception("Access denied to {$this->_realm}.", 401, $view); }
public function actionDefault($params) { $view = new View_Html('manage/default'); $view->redir('Admin_Topic'); return $view; }
/** * main routing engine method: determines route by path * @param string path * @return array found route in format: * "controller" => "controller name", "action" => "action name", * "params" => array( "param name" => "param value", ... ). * @author kstep */ public function findRoute($path) { $result = array(); $matches = null; $site = $this->findSite($path); if ($site) { $path = $site['path']; foreach ($site['route'] as $route) { //if (!$route['match'] || preg_match($route['match'], $path, $matches)) if ($route['match'] && preg_match($route['match'], $path, $matches) || $route['@attributes']['default']) { if (!$matches) { $matches = explode('/', $path); } $result = $route; $result['controller'] = is_numeric($route['controller']) ? $matches[$route['controller']] : $route['controller']; $result['action'] = is_numeric($route['action']) ? $matches[$route['action']] : $route['action']; $result['params'] = $route['params'] ? $this->parseParams(&$matches, &$route['params']) : array(); break; } } if ($result['@attributes']['redirect']) { $view = new View_Html(); $view->redir($result['controller'], $result['action'], $result['params'], $result['@attributes']['preserveqs'] === 'true' ? $_SERVER['QUERY_STRING'] : null); $view->setSite($site); $view->render(); exit; } $result['site'] = $site; } return $result; }