Esempio n. 1
0
 public function route($url = "index")
 {
     $url = explode('/', $url);
     $user = new \Turner\System\User();
     if (is_null($user::getID())) {
         if (isset($_POST['username']) && isset($_POST['password'])) {
             // Kalau dia mau login
             $user->loadSession($_POST['username'], $_POST['password']);
             // cobalah untuk membuat session tersedia
         } else {
             if (empty($_POST) && $url[0] != 'login') {
                 // Jika ternyata yang diakses bukanlah halaman login
                 header('Location: ' . \Turner\System\App::$information['serverAddr'] . '/login');
             } else {
                 if ($url[0] == 'login') {
                     // Jika sudah ada di login
                     include 'magician/login.php';
                 }
             }
         }
         // tulis isi login.php
         return true;
     } else {
         if (class_exists('\\Turner\\Helper\\' . $url[0]) && count($url) > 0) {
             if (!isset($url[1]) || $url[1] == "") {
                 $url[1] = 'index';
             }
             $url[0] = "\\Turner\\Helper\\" . $url[0];
             $url[1] = strtolower($url[1]) . "Function";
             if (method_exists($url[0], $url[1]) && is_callable([$url[0], $url[1]])) {
                 $calledClass = new $url[0]();
                 call_user_func_array([$calledClass, $url[1]], array_slice($url, 2));
                 return true;
                 /* catch (\Exception $e) {
                         // error_log($e);
                         return false;
                    }
                    */
             }
         } else {
             if ($url[0] == "logout") {
                 \Turner\System\User::clearsessionFunction();
                 return true;
             } else {
                 foreach (self::$singlePage as $link => $directTo) {
                     if (strcmp(strtolower($url[0]), strtolower($link)) == 0) {
                         \Turner\System\App::render($directTo);
                         return true;
                     }
                 }
             }
         }
     }
     include 'magician/Error.php';
     http_response_code(404);
 }
Esempio n. 2
0
 public static function indexFunction()
 {
     if (!isset(self::access()[User::getRole()])) {
         // Tidak dapat memanggil prosedur di bawah ini dengan error HP Fatal error:  Uncaught exception 'PDOException' with message 'SQLSTATE[HY000]: General error: 2014 Cannot execute queries while other unbuffered queries are active.  Consider using PDOStatement::fetchAll().  Alternatively, if your code is only ever going to run against mysql, you may enable query buffering by setting the PDO::MYSQL_ATTR_USE_BUFFERED_QUERY attribute.'. Jika ada yang dapat menjalankan query di bawah ini, tolong beritahu saya.
         // $cat = Database::execQuery("CALL categoryTree(0)");
         App::render('magician/category/index.php', ['category' => $cat]);
     } else {
         // Jika bukan admin atau editor
         include "magician/Error.php";
     }
 }
Esempio n. 3
0
               </a>
               <a href="<?php 
echo \Turner\System\App::$information['serverAddr'];
?>
/post">
               <div class="menuCon">
                    <div class="iconGlyph">
                         <span class="glyphicon glyphicon-list-alt"></span>
                    </div>
                    <div class="iconLabel">
                         Posts
                    </div>
               </div>
               </a>
               <?php 
if (\Turner\System\User::getRole() == 'admin' || \Turner\System\User::getRole() == 'editor') {
    ?>
               <a href="<?php 
    echo \Turner\System\App::$information['serverAddr'];
    ?>
/category">
               <div class="menuCon">
                    <div class="iconGlyph">
                         <span class="glyphicon glyphicon-tasks"></span>
                    </div>
                    <div class="iconLabel">
                         Category
                    </div>
               </div>
               </a>
               <?php 
Esempio n. 4
0
 public static function rewriteFunction()
 {
     $conn = new Database();
     $conn->connect();
     if (!($conn->execQuery("SELECT user_id FROM post WHERE id = '" . $_POST['POSTID'] . "'")[0][0] == \Turner\System\User::getID()) && !(\Turner\System\User::getRole() == 'editor' || \Turner\System\User::getRole() == 'admin')) {
         header("Location: " . \Turner\System\App::$information['serverAddr'] . "/post");
         return;
     }
     if (isset($_POST['PostTitle']) && isset($_POST['PostContent']) && isset($_POST['slug']) && $_POST['PostTitle'] != '' && $_POST['slug'] != '') {
         $execStatus = false;
         if (\Turner\System\User::getRole() == 'contributor') {
             $_POST['publish'] = false;
         }
         echo $conn->beginTransaction();
         try {
             $query = $conn->query("UPDATE post SET title = '" . htmlspecialchars($_POST['PostTitle'], ENT_QUOTES) . "', content = '" . htmlspecialchars($_POST['PostContent'], ENT_QUOTES) . "', pass = md5('" . htmlspecialchars($_POST['post_password'], ENT_QUOTES) . "'), slug = '" . $_POST['slug'] . "', post_status = " . intval($_POST['publish']) . ", comment_status = " . intval($_POST['comment_status']) . " WHERE id = " . intval($_POST['POSTID']));
             $conn->query("DELETE FROM post_category WHERE post_id = " . intval($_POST['POSTID']));
             foreach ($_POST['category'] as $catData) {
                 $conn->query("INSERT INTO post_category(post_id, category_id) VALUES(" . intval($_POST['POSTID']) . ", " . intval($catData) . ")");
             }
             $execStatus = true;
             header("Location: " . \Turner\System\App::$information['serverAddr'] . "/post");
         } catch (\PDOException $e) {
             echo "<form id=formtemp action='" . \Turner\System\App::$information['serverAddr'] . "/post/edit' method=POST>";
             foreach ($_POST as $key => $data) {
                 echo "<input type=hidden name='" . $key . "' value='" . htmlspecialchars(is_array($data) ? implode(',', $data) : $data, ENT_QUOTES) . "'>";
             }
             echo "<input type=hidden name=errorInfo value='" . htmlspecialchars($e->getMessage()) . "'>";
             echo "</form>";
             ?>
                      <script>
                           document.getElementById("formtemp").submit();
                      </script>
                      <?php 
             $execStatus = false;
         }
         if ($execStatus) {
             $conn->commit();
         } else {
             $conn->rollBack();
         }
     }
 }
Esempio n. 5
0
                    <h4 style='float:left'><span class="glyphicon glyphicon-chevron-down"></span> Post Information </h4>
                    
               </div>
          </div>
          <!-- </a> -->
          <div class="row collapse.in" id="PostInformation">
               <div class="col-md-12" style="padding-bottom: 10px;">
                    <label>Slugs</label>
                    <label>http://turner.night/post/</label>
                    <input type=text name=slug class="form-control" autocomplete="off" required>
               </div>
               <div class="col-md-12" style="padding-bottom: 10px;">
                    <label>Publikasikan</label>
                    <select class="form-control" name="publish">
                         <?php 
$role = \Turner\System\User::getRole();
if (!($role == 'contributor') && !($role == 'users')) {
    ?>
                              <option value=1>Ya</option>
                         <?php 
}
?>
                         <option value=0>Tidak</option>
                    </select>
               </div>
               <div class="col-md-12" style="padding-bottom: 10px;">
                    <label>Kategori</label>
                    <div class="col-md-12" style="max-height:50vh; overflow: auto; background: white;">
                         <?php 
function printCat($arr, $id, $level = 0)
{