/**
* Get all data!
* @param string $criteria
* @return \PDOStatement : fetchAll query
*/
public static function all($criteria = 'from')
{
if ('to' === $criteria) {
$criteria = 'WHERE A.to_account=' . Request::user()->id;
} else {
$criteria = 'WHERE A.from_account=' . Request::user()->id;
}
$sql = sprintf("SELECT A.*, (\n SELECT name FROM accounts WHERE id=A.from_account\n ) as from_account_display, B.name as to_account_display, B.id as account_id, B.photo as account_photo\n FROM messages A LEFT JOIN accounts B\n ON A.to_account = B.id %s", $criteria);
return self::query($sql);
}
/**
* @param $id
*/
public static function delete($id)
{
$comment = Comments::findByPK($id);
if (!Request::is_authenticated()) {
Response::redirect('');
} else {
if (Request::user()->id !== $comment['id_account'] and !Request::is_admin()) {
Session::push('flash-message', 'You does not have permission to delete the other Member\'s post!');
Response::redirect('');
}
}
# perform the post deletion
Comments::delete($id);
# redirect to main page
Response::redirect('');
}
public static function add()
{
if (!Request::is_admin()) {
Response::redirect('');
}
if ("POST" == Request::method()) {
$id_acc = Request::user()->id;
$name = Request::POST()->name;
$decsription = Request::POST()->description;
Categories::create($id_acc, $name, $decsription);
# push flash-message
Session::push('flash-message', 'That category has successfuly added!');
Response::redirect('categories');
} else {
$categories = Categories::all()->fetchAll(\PDO::FETCH_CLASS);
View::render('categories/add', ['categories' => $categories]);
}
}
public static function edit()
{
# login required decorator
self::login_required();
# if user perform the form submit button
if ("POST" == Request::method()) {
$id = Request::user()->id;
$name = Request::POST()->name;
$username = Request::POST()->username;
$bio = Request::POST()->bio;
$profile_picture = File::upload('img', 'change_photo');
$member = Accounts::find(['username' => $username]);
if ($member and $member['username'] !== Request::user()->username) {
Session::push('flash-message-form', 'That username has used by other member, please use another!');
Response::redirect('profile/' . Request::user()->username);
}
if ($profile_picture) {
Accounts::edit($id, $name, $username, $bio, $profile_picture);
} else {
Accounts::edit($id, $name, $username, $bio);
}
# push a flash message
Session::push('flash-message', 'Your profile biodata has changed successfully!');
# if username or name has changed
# reconfigure the member session data
if ($name !== Request::user()->name or $username !== Request::user()->username) {
# get member data by id
$data = Accounts::findByPK($id);
# Set a session ID
$account = array($data['id'], $data['username'], $data['name'], $data['type']);
$session = new Session();
$session->set('id_account', implode('|', $account));
}
# redirect member profile page
Response::redirect('profile/' . Request::user()->username);
} else {
# redirect to home
Response::redirect('');
}
}
<?php
use Ngaji\Http\Request;
if (Request::is_authenticated()) {
$account = app\models\Accounts::findByPK(Request::user()->id);
}
?>
<? if (Request::is_admin()): ?>
<!-- Logo -->
<?php
echo Html::anchor('', '<b>IniForum</b>LTE', ['class' => 'logo']);
?>
<nav class="navbar navbar-static-top" role="navigation">
<!-- Sidebar toggle button-->
<a href="#" class="sidebar-toggle" data-toggle="offcanvas" role="button">
<span class="sr-only">Toggle navigation</span>
</a>
<!-- Navbar Right Menu -->
<div class="navbar-custom-menu">
<ul class="nav navbar-nav">
<li class="dropdown user user-menu">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
<?php
echo Html::loadIMG($account['photo'], ['class' => 'user-image', 'alt' => 'User Image']);
?>
<span class="hidden-xs"><?php
echo Request::get_user('name');
?>
</span>
</a>
<i class="fa fa-clock-o"></i> <?php
echo date_format_en($post['created_at']) . " ";
?>
</small>
<?php
echo $post['name'];
?>
</a>
<?php
echo Html::anchor('post/read/' . $post['id'], $post['title']);
?>
<?
# menampilkan aksi edit dan hapus untuk artikel milik member login
if (\Ngaji\Http\Request::is_authenticated() and
$post['account_id'] == \Ngaji\Http\Request::user()->id
): ?>
<?php
echo Html::anchor("post/edit/" . $post['id'], '<i class="fa fa-edit"></i> Edit', ['class' => 'btn btn-sm btn-flat']);
?>
<?php
echo Html::anchor("#", '<i class="fa fa-trash-o"></i> Delete', ['class' => 'btn btn-sm btn-flat', 'data-post-id' => $post['id'], 'data-post-title' => $post['title'], 'data-href' => sprintf("%s/post/delete/%d", HOSTNAME, $post['id']), 'data-toggle' => "modal", 'data-target' => "#confirm-delete"]);
?>
<? endif; ?>
</p>
<div class="attachment">
<article>
<?php
echo Post::limit($post['post']);
?>
</article>
</div>
</div>
<!-- /.box -->
</div>
<!--/.col (right) -->
<div class="col-md-4">
<!-- PROFILE -->
<div class="box box-primary">
<div class="box-header with-border">
<h3 class="box-title text-center">Profile</h3>
<div class="pull-right box-tools">
<?
# menampilkan aksi edit dan hapus untuk artikel milik member login
if (\Ngaji\Http\Request::is_authenticated() and
$account['id'] == \Ngaji\Http\Request::user()->id
): ?>
<?php
echo Html::button('<i class="fa fa-edit"></i> Edit', ['class' => 'btn btn-info btn-sm btn-flat', 'id' => 'edit-profile']);
?>
<? endif; ?>
</div>
</div>
<!-- /.box-header -->
<div class="box-body">
<div class="col-center-block">
<?php
echo Html::loadIMG($account['photo'], ['alt' => 'account image', 'class' => 'img-responsive img-circle center-block', 'width' => '140', 'height' => '140']);
?>
<?php
