public function source($slug, $page)
{
$slug = Fari_Escape::text($slug);
$paginator = new Fari_Paginator(5, 3);
$this->view->paginator = $paginator->select($page, 'kb', '*', array('sourceSlug' => $slug), 'date DESC');
$this->view->title = Fari_Db::selectRow('hierarchy', 'value, slug', array('slug' => $slug, 'type' => 'source'));
$this->view->browse = 'source';
$this->view->display('browse');
}
public function create()
{
if (!Fari_User::isAuthenticated('realname')) {
Fari_Message::fail('You need to authenticate first');
$this->redirect('/blog/login/');
} else {
// are we saving updates?
if (!empty($_POST['name'])) {
$name = Fari_Escape::text($_POST['name']);
$text = Fari_Escape::quotes($_POST['text']);
$slug = Fari_Escape::slug($_POST['name']);
// check article title uniqueness
$result = Fari_Db::selectRow('articles', 'id', array('slug' => $slug));
if (empty($result)) {
Fari_Db::insert('articles', array('text' => $text, 'slug' => $slug, 'name' => $name, 'status' => $_POST['status'], 'published' => time()));
Fari_Message::success('Article \'' . $name . '\' saved.');
$this->redirect('/blog/edit/' . $slug);
} else {
Fari_Message::fail('Article name \'' . $name . '\' is not unique');
}
}
// pickup messages for us
$this->view->messages = Fari_Message::get();
// fill back on fail
$this->view->article = array('name' => $_POST['name'], 'text' => $_POST['text']);
$this->view->display('/themes/' . BLOG_THEME . '/new');
}
}
/**
* Check if user is in a specified role.
* Method is_authenticated() should have been called at this point.
* @uses 'role' in 'users' table
*
* @param string $userRole (e.g., admin)
* @param string $credentials Optionally specify which column to use for credentials
* @return boolean TRUE if user is in a role
*/
public static function isInRole($userRole, $credentialsColumn = 'username')
{
@($unsafe = self::getCredentials());
// get credentials string
if (isset($unsafe)) {
//escape input
$credentials = Fari_Escape::text($unsafe);
// select a matching row from a table
$whereClause = array($credentialsColumn => $credentials);
$user = Fari_Db::selectRow('users', 'role', $whereClause);
// check that user satisfies a role
if ($user['role'] === $userRole) {
unset($user);
return TRUE;
}
}
return FALSE;
}
public function index($param)
{
// are we saving?
if ($_POST) {
$success = TRUE;
// save categories, sources & types
$category = Fari_Escape::text($_POST['category']);
$categorySlug = Fari_Escape::slug($category);
$source = Fari_Escape::text($_POST['source']);
$sourceSlug = Fari_Escape::slug($source);
$type = Fari_Escape::text($_POST['type']);
$typeSlug = Fari_Escape::slug($type);
if (empty($category)) {
Fari_Message::fail('The category can\'t be empty.');
$success = FALSE;
} else {
$result = Fari_Db::selectRow('hierarchy', 'key', array('value' => $category, 'type' => 'category'));
if (empty($result)) {
Fari_Db::insert('hierarchy', array('value' => $category, 'slug' => $categorySlug, 'type' => 'category'));
}
}
if (empty($source)) {
Fari_Message::fail('The source can\'t be empty.');
$success = FALSE;
} else {
$result = Fari_Db::selectRow('hierarchy', 'key', array('value' => $source, 'type' => 'source'));
if (empty($result)) {
Fari_Db::insert('hierarchy', array('value' => $source, 'slug' => $sourceSlug, 'type' => 'source'));
}
}
if (empty($type)) {
Fari_Message::fail('The category can\'t be empty.');
$success = FALSE;
} else {
$result = Fari_Db::selectRow('hierarchy', 'key', array('value' => $type, 'type' => 'type'));
if (empty($result)) {
Fari_Db::insert('hierarchy', array('value' => $type, 'type' => 'type'));
}
}
if ($success) {
$title = Fari_Escape::text($_POST['title']);
if (empty($title)) {
Fari_Message::fail('The title can\'t be empty.');
} else {
$slug = Fari_Escape::slug($_POST['title']);
// unique slug/title
$result = Fari_Db::selectRow('kb', 'id', array('slug' => $slug));
if (!empty($result)) {
Fari_Message::fail('The title is not unique.');
} else {
$text = Fari_Escape::quotes($_POST['textarea']);
// convert title & main text to its stems and add lowercase originals better matches)
$titleStems = Knowledge::stems($title) . ' ' . strtolower($title);
$stems = Knowledge::stems($text) . ' ' . strtolower($text);
$tags = Fari_Escape::text($_POST['tags']);
$category = Fari_Escape::text($_POST['category']);
$source = Fari_Escape::text($_POST['source']);
$type = Fari_Escape::text($_POST['type']);
$comments = Fari_Escape::text($_POST['comments']);
$date = Fari_Escape::text($_POST['date']);
// date
if (!Fari_Filter::isDate($date)) {
Fari_Message::fail('The date is not in the correct format.');
} else {
// INSERT
Fari_Db::insert('kb', array('title' => $title, 'slug' => $slug, 'text' => $text, 'tags' => $tags, 'category' => $category, 'categorySlug' => $categorySlug, 'source' => $source, 'sourceSlug' => $sourceSlug, 'type' => $type, 'stems' => $stems, 'comments' => $comments, 'date' => $date, 'titleStems' => $titleStems, 'starred' => 'empty'));
Fari_Message::success('Saved successfully.');
$this->redirect('/text/edit/' . $slug);
die;
}
}
}
}
}
// fetch categories, sources & types
$this->view->categories = $categories = Fari_Db::select('hierarchy', 'key, value', array('type' => 'category'), 'slug ASC');
$this->view->sources = $sources = Fari_Db::select('hierarchy', 'key, value', array('type' => 'source'), 'slug ASC');
$this->view->types = $types = Fari_Db::select('hierarchy', 'key, value', array('type' => 'type'), 'value ASC');
// form if save failed...
$this->view->saved = $_POST;
// get all messages
$this->view->messages = Fari_Message::get();
$this->view->display('new');
}
public function star($slug)
{
$result = Fari_Db::selectRow('kb', '*', array('slug' => $slug));
if (empty($result)) {
// text not found
$this->redirect('/error404');
die;
}
// switch the star for the text we have already fetched & update in the db
if ($result['starred'] == 'full') {
$result['starred'] = 'empty';
// switch in the current set
Fari_Db::update('kb', array('starred' => 'empty'), array('id' => $result['id']));
} else {
$result['starred'] = 'full';
// switch in the current set
Fari_Db::update('kb', array('starred' => 'full'), array('id' => $result['id']));
}
// return back
header('Location: ' . $_SERVER['HTTP_REFERER']);
}
