/** * Determines the current route and runs it. */ public static function run() { // Pull the current path out of the get arguments directly $length = strlen(APP_RELATIVE_URL) == 0 ? 0 : strlen(APP_RELATIVE_URL) + 1; $path = substr(urldecode(parse_url(filter_input(INPUT_SERVER, 'REQUEST_URI'), PHP_URL_PATH)), $length); try { // Get the appropriate route for the path $route = Routes::get($path); // If our route is null, we should 404 if ($route == null) { header('Status: 404 Not Found', true, 404); View::renderView('404'); return; } // See whther or not we have to check the token if ($route->isTokenNeeded()) { Auth::checkToken(); } // Get the current path variables self::$currentPathVariables = self::pullVariables($path, $route); // Run the route $route->run(); // See if the last rendered path variable needs to be set if (View::hasRenderedView()) { Session::set(self::LAST_RENDERED_PATH_KEY, $path); } } catch (Exception $ex) { View::renderJson($ex->getMessage(), false); exit; } }
function upload_attachment() { Auth::checkLoggedIn(); $entry = Entry::fromId(Input::get('entryid')); // Make sure the user can edit this entry if (!$entry->canEdit(Auth::getUser())) { throw new Exception('You are not allowed to edit this entry.'); } // Get the uploaded attachments and add them to the entry $attachments = Attachment::handleUpload(); foreach ($attachments as $attachment) { $entry->addAttachment($attachment); } // Render the new context View::renderJson($entry->getContext(Auth::getUser())); }
function set_avatar() { Auth::checkLoggedIn(); // Get the attachment from the upload $attachments = Attachment::handleUpload(1); if (count($attachments) < 1) { throw new Exception('No avatar uploaded.'); } // Get the only attachment $attachment = $attachments[0]; // Make sure it is an image if ($attachment->getAttachmentType() != Attachment::ATTACHMENT_TYPE_IMAGE) { $attachment->delete(); throw new Exception('Avatar given was not an image.'); } // Set the user's avatar Auth::getUser()->setAvatar($attachment); Auth::getUser()->emit('user_refetch'); View::renderJson(Auth::getUser()->getContext(Auth::getUser())); }
function remove_student() { Auth::checkLoggedIn(); // Get the course and make sure the user can edit it $course = Course::fromId(Input::get('courseid')); if (!$course->canEdit(Auth::getUser())) { throw new Exception('You cannot remove users from this course'); } // Get the user id to remove $user = User::fromId(Input::get('userid')); // Make sure permissions are not being overstepped if ($course->getCreatorUserId() != Auth::getUser()->getUserId() && !$user->isAdmin() && $user->getUserId() == $course->getCreatorUserId()) { throw new Exception('You are not allowed to remove the creator from the class.'); } // Remove the user $course->removeUser($user); // Render the new context View::renderJson($course->getContext(Auth::getUser())); }
function toggle_like() { Auth::checkLoggedIn(); $answer = QuestionAnswer::fromId(Input::get('answerid')); if (!$answer->canView(Auth::getUser())) { throw new Exception('You are not allowed to like this answer.'); } $answer->toggleLike(Auth::getUser()); View::renderJson($answer->getContext(Auth::getUser())); }
<?php require 'request.php'; require 'userController.php'; require 'loginController.php'; require 'logoutController.php'; require 'registerController.php'; require 'mediaController.php'; require 'view.php'; require 'productController.php'; require 'buyController.php'; require 'historyController.php'; require_once "db.php"; $request = new Request(); //Get the Controller name and the method (get or post) $controllerName = strtolower($request->controller) . 'Controller'; $methodName = strtolower($request->method) . 'Request'; //Make sure class exist if (class_exists($controllerName)) { //Intitalize the controller $controller = new $controllerName(); //Make sure method exist if (method_exists($controller, $methodName)) { //call the method and send the respone to be rendered $response = $controller->{$methodName}(); $view = new View(); $view->renderJson($response); } }