/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!Permissions::check('debug')) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { abort(403); } } return $next($request); }
/** * Display the specified resource. * * @param Article $article * @return \Illuminate\Http\Response */ public function show(Article $article) { //dd($article->screenshot->image); if ($article->published == false) { if (!Auth::check() or !Permissions::check('article.view-unpublished') and $article->user_id != Auth::user()->id) { abort(403); } } return view('pages.review', $article); //Okay before anyone asks, I dont want temporary_* to even exist. I want to use coverid //but im under time pressure and ill fix it later, got a query that will fix it up when cover is ready //@TODO EVERYTHING }
/** * Display the specified resource. * * @param Article $article * @return \Illuminate\Http\Response */ public function show(Article $article, Request $request) { if ($article->published == false) { if (!Auth::check() or !Permissions::check('article.view-unpublished') and $article->user_id != Auth::user()->id) { abort(403); } } $x = array(); $pagination = ''; if (Permissions::check('beta')) { $comments = Cache::tags(['commentRoot-article-' . $article->id])->rememberForever('commentRoot-article-' . $article->id . '-page-' . $request->input('page', 1), function () use($article) { Clockwork::info('Cache MISS for commentRoot-article-' . $article->id); return $article->comments()->where('parent_id', null)->with('children')->with('user')->paginate(20); //@TODO orderBy id desc }); foreach ($comments as $node) { $x[] = Cache::remember('commentTree-' . $node->id, 60, function () use($node) { Clockwork::info('Cache MISS for commentTree-' . $node->id); /** @var Comment $node */ $c = $node->getDescendantsAndSelf(); $c->load(['user' => function ($query) use($node) { $query->remember(60); }]); $c->load('meta'); return $c->toHierarchy(); }); } $pagination = $comments->render(); } $template = 'pages.review'; if ($request->is('interviews/*')) { $template = 'pages.interview'; } return view($template, compact('article', 'x', 'pagination')); //Okay before anyone asks, I dont want temporary_* to even exist. I want to use coverid //but im under time pressure and ill fix it later, got a query that will fix it up when cover is ready //@TODO EVERYTHING }
/** * Update the specified resource in storage. * * @param \Illuminate\Http\Request $request * @param int $id * @return \Illuminate\Http\Response */ public function update(ArticleRequest $request, $id) { $article = Article::findOrFail($id); if (Permissions::check('article.edit') or Permissions::check('article.editown') and $article->user_id == Auth::user()->id and $article->published == 0) { $article->title = $request->input('title'); $article->slug = $request->input('slug'); $article->temporary_jumbo_image = $request->input('temporary_jumbo_image'); $article->store = $request->input('store'); $article->store_app_id = $request->input('store_app_id'); $article->subreddit = $request->input('subreddit'); $article->score = $request->input('score'); $article->titletext = $request->input('titletext'); $article->score_text_md = $request->input('score_text_md'); $article->gameplay_md = $request->input('gameplay_md'); $article->story_md = $request->input('story_md'); $article->graphics_md = $request->input('graphics_md'); $article->conclusion_md = $request->input('conclusion_md'); $article->screenshots_md = $request->input('screenshots_md'); $article->intro_md = $request->input('intro_md'); //actual fields $article->score_text = Markdown::convertToHtml($request->input('score_text_md')); $article->gameplay = Markdown::convertToHtml($request->input('gameplay_md')); $article->story = Markdown::convertToHtml($request->input('story_md')); $article->graphics = Markdown::convertToHtml($request->input('graphics_md')); $article->conclusion = Markdown::convertToHtml($request->input('conclusion_md')); $article->screenshots = Markdown::convertToHtml($request->input('screenshots_md')); $article->intro = Markdown::convertToHtml($request->input('intro_md')); $article->save(); $screenshots = array(); if ($request->input('screenshot') != null) { foreach ($request->input('screenshot') as $key => $screenshot) { $screenshots[$key]['image_id'] = $screenshot; $screenshots[$key]['article_id'] = $article->id; $screenshots[$key]['ip_address'] = inet_pton($request->getClientIp()); } } ArticleScreenshot::insert($screenshots); return redirect()->action('ArticleController@show', [$article->slug]); } abort(403); }
public function __construct() { if (!Permissions::check('images.upload')) { abort(403); } }