public function index($page = 1)
{
$page = (int) $page;
$sortField = Request::get('field', 'created_at');
$orderMethod = strtoupper(Request::get('order', 'desc'));
$notify = ['error' => null, 'message' => null];
$comment = new \App\Model\Comment();
try {
if (Request::post('comment')) {
$name = Request::post('name');
$email = Request::post('email');
$homepage = Request::post('homepage');
$captcha = Request::post('captcha');
$csrToken = Request::post('csrf_token');
$ip = Request::getIp();
$agent = Request::getUseAgent();
$message = Request::post('message');
if (!Protection::validateCsrfToken($csrToken)) {
throw new \Exception('Error token validation');
}
if (empty($name)) {
throw new \Exception('Empty name');
}
if (!Captcha::validate($captcha)) {
throw new \Exception('Error validate captcha');
}
if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
throw new \Exception('Email not valid');
}
if (!empty($homepage) && !filter_var($homepage, FILTER_VALIDATE_URL)) {
throw new \Exception('Homepage is not valid');
}
if (empty($message)) {
throw new \Exception('Empty message');
}
$params = ['name' => $name, 'email' => $email, 'homepage' => $homepage, 'ip' => $ip, 'agent' => $agent, 'message' => $message, 'created_at' => time()];
if (!$comment->save($params)) {
throw new \Exception('Error save comment');
}
$notify['message'] = 'Comment success add';
unset($_POST);
}
} catch (\Exception $e) {
$notify['error'] = $e->getMessage();
}
$commentList = [];
try {
if (!in_array($sortField, $comment->sortListAllow)) {
throw new \Exception('Error validate field');
}
if (!in_array($orderMethod, $comment->orderListAllow)) {
throw new \Exception('Error validate order parametr');
}
$commentList = $comment->commentList($page, $sortField, $orderMethod);
} catch (\Exception $e) {
$notify['error'] = $e->getMessage();
}
$this->render('index', ['commentList' => $commentList, 'commentCount' => $comment->getCount()['count'], 'pageCount' => \App\Model\Comment::PAGE_COUNT, 'page' => $page, 'notify' => $notify]);
}
public function delete()
{
try {
$family = new \App\Model\FamilyTree();
$id = (int) Request::post('id');
if (empty($id)) {
throw new \Exception('Empty id');
}
if (!$family->delete($id)) {
throw new \Exception('Error delete family');
}
$notify['message'] = 'delete family success';
} catch (\Exception $e) {
$notify['error'] = $e->getMessage();
}
header("Content-type: application/json");
$this->render('add', ['notify' => $notify]);
}
<div class="control-group">
<label class="control-label" for="captcha">captcha (Сколько букв с слове "три")</label>
<div class="controls">
<input name="captcha" id="captcha" type="text" placeholder="captcha" required value="<?php
echo Html::escape(Request::post('captcha'));
?>
">
</div>
</div>
<div class="control-group">
<label class="control-label" for="message">Message</label>
<div class="controls">
<textarea name="message" required cols="40" id="message" placeholder="You Message" rows="10"><?php
echo Html::escape(Request::post('message'));
?>
</textarea>
</div>
</div>
<div class="form-actions">
<button type="submit" class="btn btn-success">Submit Message</button>
<button type="reset" class="btn">Cancel</button>
</div>
<?php
if (!empty($notify['error'])) {
?>
<div style="color: red"><?php
echo $notify['error'];