private function _post()
{
// Handles posting of front page content
kxForm::addRule('subject', 'required')->addRule('message', 'required')->addRule('type', 'numeric')->check();
$fields = array('entry_subject' => $this->request['subject'], 'entry_message' => $this->request['message'], 'entry_type' => intval($this->request['type']));
if ($this->request['do'] == 'news') {
// News-specific fields
$fields['entry_email'] = $this->request['email'];
$fields['entry_name'] = '';
//TODO: make entry_name for current username
if ($this->request['edit'] == "") {
$fields['entry_time'] = time();
}
} else {
// Other front page fields
$fields['entry_order'] = $this->request['order'];
if ($this->request['order'] == "") {
$fields['entry_order'] = 0;
}
}
if ($this->request['edit'] == "") {
// New post
$this->db->insert("front")->fields($fields)->execute();
$this->twigData['notice'] = _gettext('Entry successfully added.');
} else {
// Update post
$this->db->update("front")->fields($fields)->condition("entry_id", $this->request['edit'])->execute();
$this->twigData['notice'] = _gettext('Entry successfully edited.');
}
$this->twigData['notice_type'] = 'success';
}
private function _post()
{
// Handles adding board
kxForm::addRule('name', 'required')->addRule('description', 'required')->addRule('start', 'numeric')->check();
$fields = array('board_name' => $this->request['name'], 'board_desc' => $this->request['description'], 'start' => intval($this->request['start']), 'createdon' => time(), 'image' => '', 'includeheader' => '');
// If the first post ID is left empty make it 1
if ($fields['start'] == "") {
$fields['start'] = 1;
}
if ($this->request['edit'] == "") {
// Add board
$this->db->insert("boards")->fields($fields)->execute();
$this->twigData['notice'] = _gettext('Board successfully added.');
} else {
// Edit board
$this->db->update("boards")->fields($fields)->condition("board_id", $this->request['edit'])->execute();
$this->twigData['notice'] = _gettext('Board successfully edited.');
}
$this->twigData['notice_type'] = 'success';
}
/**
* Allows adding, editing, and deleting of staff members
*/
private function _show()
{
$twigData = array();
if ($_GET['act'] == 'add' && $_POST) {
// Adds a new staff member
kxForm::addRule('username', 'required')->addRule('pwd1', 'required')->addRule('pwd1', 'value', true, $this->request['pwd2'])->addRule('type', 'numeric')->check();
$results = $this->db->select("staff")->fields("staff")->condition("user_name", $this->request['username'])->countQuery()->execute()->fetchField();
if ($results == 0) {
$salt = substr(md5(time() . kxEnv::Get('kx:misc:randomseed')), -rand(3, 6));
//$this->_createSalt(); TODO: Decide hashing algorithm, replace current
$this->db->insert("staff")->fields(array('user_name' => $this->request['username'], 'user_password' => md5($this->request['pwd1'] . $salt), 'user_salt' => $salt, 'user_type' => intval($this->request['type']), 'user_add_time' => time()))->execute();
$twigData['notice_type'] = 'success';
$twigData['notice'] = _gettext('User added successfully');
} else {
// User with that username already exists
$twigData['notice_type'] = 'error';
$twigData['notice'] = _gettext('A user with that username already exists');
}
} elseif ($_GET['act'] == 'edit') {
// Edits a user's information
kxForm::addRule('id', 'numeric')->check();
$user = $this->db->select("staff")->fields("staff", array("user_id", "user_name", "user_salt", "user_type"))->condition("user_id", $this->request['id'])->execute()->fetch();
if ($_POST) {
kxForm::addRule('pwd1', 'value', true, $this->request['pwd2'])->addRule('type', 'numeric')->check();
$values = array('user_type' => $this->request['type']);
if (!empty($this->request['pwd1'])) {
$values['user_password'] = md5($this->request['pwd1'] . $user['user_salt']);
}
$this->db->update("staff")->fields($values)->condition("user_id", $this->request['id'])->execute();
$twigData['notice_type'] = 'success';
$twigData['notice'] = _gettext('User info updated!');
}
$twigData['user'] = $user;
} elseif ($_GET['act'] == 'del') {
// Deletes a user
kxForm::addRule('id', 'numeric')->check();
$user_exists = $this->db->select("staff")->condition("user_id", $this->request['id'])->countQuery()->execute()->fetchField();
if ($user_exists) {
$this->db->delete("staff")->condition("user_id", $this->request['id'])->execute();
$twigData['notice_type'] = 'success';
$twigData['notice'] = _gettext('User successfully deleted!');
} else {
$twigData['notice_type'] = 'error';
$twigData['notice'] = _gettext('A user with that ID does not exist');
}
}
$staff = $this->db->select("staff")->fields("staff")->orderBy("user_type")->orderBy("user_add_time")->execute()->fetchAll();
$twigData['staffmembers'] = $staff;
kxTemplate::output("manage/staff_show", $twigData);
}
private function _edit()
{
kxForm::addRule('id', 'numeric')->check();
$this->twigData['filetype'] = $this->db->select("filetypes")->fields("filetypes")->condition('type_id', $this->request['id'])->execute()->fetch();
}