public function run($event = 'before')
{
if (!isset($this->routes[$event])) {
return true;
}
foreach ($keys = array_keys($this->routes[$event]) as $key) {
$paths[] = str_replace('@', '*@', $key);
}
$vals = array_values($this->routes[$event]);
array_multisort($paths, SORT_DESC, $keys, $vals);
$this->routes[$event] = array_combine($keys, $vals);
// Convert to BASE-relative URL
$req = $this->f3->rel(urldecode($this->f3->URI));
foreach ($this->routes[$event] as $pattern => $routes) {
if (!($args = $this->f3->mask($pattern, $req))) {
continue;
}
ksort($args);
$route = NULL;
if (isset($routes[$ptr = $this->f3->AJAX + 1][$this->f3->VERB])) {
$route = $routes[$ptr];
} elseif (isset($routes[\Base::REQ_SYNC | \Base::REQ_AJAX])) {
$route = $routes[\Base::REQ_SYNC | \Base::REQ_AJAX];
}
if (!$route) {
continue;
}
if ($this->f3->VERB != 'OPTIONS' && isset($route[$this->f3->VERB])) {
$parts = parse_url($req);
if ($this->f3->VERB == 'GET' && preg_match('/.+\\/$/', $parts['path'])) {
$this->f3->reroute(substr($parts['path'], 0, -1) . (isset($parts['query']) ? '?' . $parts['query'] : ''));
}
$handler = $route[$this->f3->VERB][0];
if (is_bool(strpos($pattern, '/*'))) {
foreach (array_keys($args) as $key) {
if (is_numeric($key) && $key) {
unset($args[$key]);
}
}
}
if (is_string($handler)) {
// Replace route pattern tokens in handler if any
$handler = preg_replace_callback('/@(\\w+\\b)/', function ($id) use($args) {
return isset($args[$id[1]]) ? $args[$id[1]] : $id[0];
}, $handler);
if (preg_match('/(.+)\\h*(?:->|::)/', $handler, $match) && !class_exists($match[1])) {
$this->f3->error(500, 'PreRoute handler not found');
}
}
// Call route handler
return $this->f3->call($handler, array($this->f3, $args), 'beforeroute,afterroute') !== FALSE;
}
}
return true;
}
/**
* Language-aware reroute (autoprefix unnamed routes)
* @param string $url
* @param bool $permanent
* @return NULL
*/
function reroute($url = NULL, $permanent = FALSE)
{
if (preg_match('/^\\/([^\\/]*)/', $url, $m) && !array_key_exists($m[1], $this->languages)) {
$url = rtrim('/' . $this->current . $url, '/');
}
$this->f3->reroute($url, $permanent);
}
/**
* POST /login
* @param \Base $fw
* @return void
*/
public function login(\Base $fw)
{
if ($this->_getUser()) {
$fw->reroute('/dashboard');
}
$username = $fw->get('POST.username');
$password = $fw->get('POST.password');
$user = new \Model\User();
$user->load(array('username = ?', $username));
if ($user->id) {
if (password_verify($password, $user->password)) {
$fw->set('SESSION.user_id', $user->id);
$fw->reroute('/dashboard');
}
}
$fw->set('error', 'Invalid username or password.');
$this->_render('index.html');
}
/**
* AUTH Step 2: reroute to auth page
* @param null $callback_url
*/
public function authorize($callback_url = NULL)
{
$url = 'https://www.dropbox.com/1/oauth/authorize';
$params = array('oauth_token' => $this->authToken, 'locale ' => $this->f3->get('LANGUAGE'));
if ($callback_url) {
$params['oauth_callback'] = $callback_url;
}
$this->f3->reroute($url . '?' . http_build_query($params));
}
/**
* GET|POST /logout
* @param \Base $fw
*/
function logout(\Base $fw)
{
if ($fw->get('COOKIE.session_token') == $fw->get('GET.session')) {
\Helper\Api\User::logout();
$fw->set('COOKIE.session_token', null);
$fw->reroute('/');
} else {
$fw->error(400);
}
}
function show_question(\Base $f3, $params)
{
$ans = $f3->get('GET.answer');
$rowid = $f3->get('GET.rowid');
$db = $f3->get('DB');
if ($rowid && $ans == "") {
$f3->reroute('/');
} else {
if ($ans && $rowid) {
$f3->dump($rowid);
$res = $db->exec('UPDATE q SET answer = ? WHERE rowid = ?', array($ans, $rowid));
$f3->reroute('/');
} else {
$res = $db->exec("SELECT rowid, * FROM q WHERE answer = '' ORDER BY random() LIMIT 1", $txt);
$f3->set('question', $res);
echo View::instance()->render('show_question.htm');
}
}
}
/**
* POST /register
* @param \Base $fw
*/
function registerPost(\Base $fw)
{
try {
$token = \Helper\Api\User::register($fw->get('POST'));
$fw->set('COOKIE.session_token', $token);
$fw->reroute('/stream');
} catch (\Exception $e) {
$fw->set('error', $e->getMessage());
\App::error(403);
}
}
/**
* @param \Base $f3
* @param array $params
* @return bool
*/
public function getSingle(\Base $f3, $params)
{
$this->response->data['SUBPART'] = 'comment_edit.html';
if (isset($params['id'])) {
$this->response->data['comment'] = $this->resource->load(array('_id = ?', $params['id']));
if (!$this->resource->dry()) {
return true;
}
}
\Flash::instance()->addMessage('Unknown Comment ID', 'danger');
$f3->reroute($f3->get('SESSION.LastPageURL'));
}
public function save(\Base $f3, $params)
{
$params = $this->parametric($params[1]);
if ($_SESSION['userID'] != 0 || \Base::instance()->get('CONFIG')['allow_guest_comment_news']) {
$errors = [];
$data = $f3->get('POST.comment');
// Obviously, there should be some text ...
if ("" == ($data['text'] = trim($data['text']))) {
$errors[] = 'MessageEmpty';
}
if ($_SESSION['userID']) {
if (empty($errors) and $this->model->saveComment($params['id'], $data, TRUE)) {
$f3->reroute('news/id=' . $params['id'], false);
} else {
$errors[] = "CannotSave";
}
} else {
// Check if captcha is initialized and matches user entry
if (empty($_SESSION['captcha']) or !password_verify(strtoupper($data['captcha']), $_SESSION['captcha'])) {
$errors[] = 'CaptchaMismatch';
}
// Guest can't post with an empty name
if ("" == ($data['name'] = trim($data['name']))) {
$errors[] = 'GuestNameEmpty';
}
// guest can't post URL (reg ex is not perfect, but it's a start)
if (preg_match("/\\b(?:(?:https?|ftp):\\/\\/|www\\.)[-a-z0-9+&@#\\/%?=~_|!:,.;]*[-a-z0-9+&@#\\/%=~_|]/i", $data['text'])) {
$errors[] = 'GuestURL';
}
if (empty($errors) and 1 == $this->model->saveComment($params['id'], $data)) {
// destroy this session captcha
unset($_SESSION['captcha']);
$f3->reroute('news/id=' . $params['id'], false);
}
}
// If no data was saved, we end up here, so we show the page again and it will display the errors
$f3->set('formError', $errors);
$this->index($f3, $params);
}
}
public function save(\Base $f3, $params)
{
if (empty($params['module'])) {
$f3->reroute('/adminCP/settings', false);
exit;
}
if (isset($_POST['form_data'])) {
// Save data from the generic created forms
$results = $this->model->saveKeys($f3->get('POST.form_data'));
} else {
// Sava data from special forms (language, layout)
$results = $this->saveData($f3, $params);
}
$this->index($f3, $params, $results);
}
public function delete(\Base $f3, $params)
{
$this->resource->reset();
$msg = \Flash::instance();
if (isset($params['id'])) {
$this->resource->load(array('_id = ?', $params['id']));
if ($f3->get('HOST') == 'ikkez.de' && !$this->resource->dry() && $this->resource->username == 'admin') {
$msg->addMessage("You are not allowed to delete the demo-admin", 'danger');
$f3->reroute('/admin/' . $params['module']);
return;
}
parent::delete($f3, $params);
}
$f3->reroute($f3->get('SESSION.LastPageURL'));
}
/**
* POST /user/dashboard
*
* @param \Base $f3
*/
public function dashboardPost($f3)
{
$user = $f3->get("user_obj");
if ($f3->get("POST.action") == "add") {
$widgets = $user->option("dashboard");
foreach ($f3->get("POST.widgets") as $widget) {
$widgets["left"][] = $widget;
}
} else {
$widgets = json_decode($f3->get("POST.widgets"));
}
$user->option("dashboard", $widgets);
$user->save();
if ($f3->get("AJAX")) {
$this->_printJson($widgets);
} else {
$f3->reroute("/");
}
}
public function filter(\Base $f3, $params)
{
if (empty($params['a'])) {
if (isset($COOKIE['redirect_seen'])) {
$params['a'] = $params['b'];
$params['b'] = $params['c'];
} else {
$params['c'] = urldecode($params['c']);
$f3->reroute("/redirect/{$params['b']}/{$params['c']}", false);
}
}
$query = explode("&", $params['b']);
foreach ($query as $q) {
$item = explode("=", $q);
$old_data[$item[0]] = $item[1];
}
// default: redirect to main page
$redirect = "/";
if ($params['a'] == "viewstory") {
if (isset($old_data['sid']) && is_numeric($old_data['sid'])) {
$redirect = "/story/read/" . $old_data['sid'];
if (isset($old_data['chapter']) && is_numeric($old_data['chapter'])) {
$redirect .= "," . $old_data['chapter'];
}
}
} elseif ($params['a'] == "viewuser") {
if (isset($old_data['uid']) && is_numeric($old_data['uid'])) {
$redirect = "/authors/" . $old_data['uid'];
}
} elseif ($params['a'] == "browse") {
print_r($old_data);
// Browse is best handled by a search type
$redirect = "/story/search";
if (isset($old_data['type']) and $old_data['type'] == "categories") {
if (isset($old_data['catid']) && is_numeric($old_data['catid'])) {
$parameters[] = "category=" . $old_data['catid'];
}
/*
Tags (former classes), type by type
*/
/*
serious to-do
- load tag_groups.label ( classtype name ) without characters
- check $old_data[$label] and find in tags
*/
/* convert offset to page number */
if (isset($old_data['offset']) && is_numeric($old_data['offset'])) {
$items = \Config::instance()->stories_per_page;
$parameters[] = "page=" . (int) ($old_data['offset'] / $items);
}
} elseif (isset($old_data['type']) and $old_data['type'] == "class") {
if (isset($old_data['classid']) && is_numeric($old_data['classid'])) {
$tags[] = $old_data['classid'];
}
} elseif (isset($old_data['type']) and $old_data['type'] == "characters") {
if (isset($old_data['charid']) && is_numeric($old_data['charid'])) {
$c = $old_data['charid'];
// load tag with old character id from database
}
$tags[] = $old_data['charid'];
}
if (isset($tags)) {
$parameters[] = "tagIn=" . implode(",", $tags);
}
if (isset($parameters)) {
$redirect .= "/" . implode(";", $parameters);
}
} elseif ($params['a'] == "viewpage") {
$page = explode("=", $params['b']);
$redirect = "/page/" . @$page[1];
}
if (isset($COOKIE['redirect_seen'])) {
$f3->reroute($redirect, false);
} else {
$this->buffer(\View\Redirect::inform($redirect));
}
}
/**
* @param \Base $f3
* @param array $params
* @throws \Exception
*/
public function sprint_edit($f3, $params)
{
$f3->set("title", $f3->get("dict.sprints"));
$sprint = new \Model\Sprint();
$sprint->load($params["id"]);
if (!$sprint->id) {
$f3->error(404);
return;
}
if ($post = $f3->get("POST")) {
if (empty($post["start_date"]) || empty($post["end_date"])) {
$f3->set("error", "Start and end date are required");
$this->_render("admin/sprints/edit.html");
return;
}
$start = strtotime($post["start_date"]);
$end = strtotime($post["end_date"]);
if ($end <= $start) {
$f3->set("error", "End date must be after start date");
$this->_render("admin/sprints/edit.html");
return;
}
$sprint->name = trim($post["name"]);
$sprint->start_date = date("Y-m-d", $start);
$sprint->end_date = date("Y-m-d", $end);
$sprint->save();
$f3->reroute("/admin/sprints");
return;
}
$f3->set("sprint", $sprint);
$this->_render("admin/sprints/edit.html");
}
/**
* @param \Base $f3
* @param array $params
* @throws \Exception
*/
public function preview($f3, $params)
{
$file = new \Model\Issue\File();
$file->load($params["id"]);
if (!$file->id || !is_file($file->disk_filename)) {
$f3->error(404);
return;
}
if (substr($file->content_type, 0, 5) == "image" || $file->content_type == "text/plain") {
$this->_sendFile($file->disk_filename, $file->content_type, null, false);
return;
}
if ($file->content_type == "text/csv" || $file->content_type == "text/tsv") {
$delimiter = ",";
if ($file->content_type == "text/tsv") {
$delimiter = "\t";
}
$f3->set("file", $file);
$f3->set("delimiter", $delimiter);
$this->_render("issues/file/preview/table.html");
return;
}
$f3->reroute("/files/{$file->id}/{$file->filename}");
}
/**
* POST /issues/upload
* Upload a file
*
* @param \Base $f3
* @param array $params
* @throws \Exception
*/
public function upload($f3, $params)
{
$user_id = $this->_userId;
$issue = new \Model\Issue();
$issue->load(array("id=? AND deleted_date IS NULL", $f3->get("POST.issue_id")));
if (!$issue->id) {
$f3->error(404);
return;
}
$web = \Web::instance();
$f3->set("UPLOADS", "uploads/" . date("Y") . "/" . date("m") . "/");
if (!is_dir($f3->get("UPLOADS"))) {
mkdir($f3->get("UPLOADS"), 0777, true);
}
$overwrite = false;
// set to true to overwrite an existing file; Default: false
$slug = true;
// rename file to filesystem-friendly version
// Make a good name
$orig_name = preg_replace("/[^A-Z0-9._-]/i", "_", $_FILES['attachment']['name']);
$_FILES['attachment']['name'] = time() . "_" . $orig_name;
$i = 0;
$parts = pathinfo($_FILES['attachment']['name']);
while (file_exists($f3->get("UPLOADS") . $_FILES['attachment']['name'])) {
$i++;
$_FILES['attachment']['name'] = $parts["filename"] . "-" . $i . "." . $parts["extension"];
}
$web->receive(function ($file) use($f3, $orig_name, $user_id, $issue) {
if ($file['size'] > $f3->get("files.maxsize")) {
return false;
}
$newfile = new \Model\Issue\File();
$newfile->issue_id = $issue->id;
$newfile->user_id = $user_id;
$newfile->filename = $orig_name;
$newfile->disk_filename = $file['name'];
$newfile->disk_directory = $f3->get("UPLOADS");
$newfile->filesize = $file['size'];
$newfile->content_type = $file['type'];
$newfile->digest = md5_file($file['tmp_name']);
$newfile->created_date = date("Y-m-d H:i:s");
$newfile->save();
$f3->set('file_id', $newfile->id);
return true;
// moves file from php tmp dir to upload dir
}, $overwrite, $slug);
if ($f3->get("POST.text")) {
$comment = new \Model\Issue\Comment();
$comment->user_id = $this->_userId;
$comment->issue_id = $issue->id;
$comment->text = $f3->get("POST.text");
$comment->created_date = $this->now();
$comment->file_id = $f3->get('file_id');
$comment->save();
if (!!$f3->get("POST.notify")) {
$notification = \Helper\Notification::instance();
$notification->issue_comment($issue->id, $comment->id);
}
} elseif ($newfile->id && !!$f3->get("POST.notify")) {
$notification = \Helper\Notification::instance();
$notification->issue_file($issue->id, $f3->get("file_id"));
}
$f3->reroute("/issues/" . $issue->id);
}
/**
* GET|POST /logout
* @param \Base $fw
* @return void
*/
public function logout(\Base $fw)
{
$fw->set('SESSION.user_id', null);
$fw->reroute('/');
}
protected function categories(\Base $f3, $params)
{
if (isset($params[2])) {
$params = $this->parametric($params[2]);
}
$this->response->addTitle($f3->get('LN__AdminMenu_Categories'));
$f3->set('title_h3', $f3->get('LN__AdminMenu_Categories'));
if (isset($params['move'])) {
$parent = $this->model->moveCategory($params['move'][1], $params['move'][0]);
\Model\Routines::instance()->cacheCategories($parent);
} elseif (isset($params['add'])) {
$parent_cid = (isset($params['add']) and $params['add'] !== TRUE) ? (int) $params['add'] : 0;
if (isset($_POST['form_data'])) {
$newID = $this->model->addCategory($parent_cid, $f3->get('POST.form_data'));
}
if (empty($newID)) {
// Attempted to add category, but failed
if (@$newID === FALSE) {
$errors = '__failAddCategory';
}
$parent_info = $this->model->loadCategory($parent_cid);
// Non-existent category, go back to overview
if ($parent_info === FALSE) {
$f3->reroute('/adminCP/archive/categories', false);
}
// Form
$data = ['errors' => @$errors, 'changes' => @$changes, 'id' => $parent_cid, 'info' => @$parent_info];
$this->buffer(\View\AdminCP::addCategory($f3, $data));
// Leave function without creating further forms or mishap
return TRUE;
} else {
$f3->set('changes', 1);
}
} elseif (isset($params['delete'])) {
$data = $this->model->loadCategory((int) $params['delete']);
if (isset($data['category'])) {
$data['stats'] = json_decode($data['stats'], TRUE);
if ($data['stats']['sub'] === NULL and $data['stats']['count'] == 0) {
if (FALSE === $this->model->deleteCategory((int) $params['delete'])) {
$errors = $f3->get('ACP_Categories_Error_DBError', $data['category']);
} else {
$changes = $f3->get('ACP_Categories_Success_Deleted', $data['category']);
}
} else {
$errors = $f3->get('ACP_Categories_Error_notEmpty', $data['category']);
}
} else {
$errors = $f3->get('ACP_Categories_Error_badID');
}
} elseif (isset($_POST) and sizeof($_POST) > 0) {
if (isset($_POST['form_data'])) {
$changes = $this->model->saveCategory($params['id'], $f3->get('POST.form_data'));
}
}
if (isset($params['id'])) {
$data = $this->model->loadCategory($params['id']);
$data['move'] = $this->model->loadCategoryPossibleParents($params['id']);
if ($data['leveldown'] > 1) {
$parent = $this->model->loadCategory($data['move'][0]['parent_cid']);
$data['move'] = array_merge([["cid" => $parent['id'], "parent_cid" => $parent['parent_cid'], "leveldown" => $parent['leveldown'] - 1, "category" => $parent['category'] . " (one level up)"]], $data['move']);
}
$data['move'] = array_merge([["cid" => 0, "parent_cid" => 0, "leveldown" => -1, "category" => "__Category_MainCategory"]], $data['move']);
$data['stats'] = json_decode($data['stats'], TRUE);
$data['errors'] = @$errors;
$data['changes'] = @$changes;
$this->buffer(\View\AdminCP::editCategory($data));
return TRUE;
}
$data = $this->model->categoriesListFlat();
$feedback['errors'] = @$errors;
$feedback['changes'] = @$changes;
$this->buffer(\View\AdminCP::listCategories($data, $feedback));
}
/**
* Update a list of issues
* @param Base $f3
* @param array $params from form
*/
public function bulk_update($f3, $params)
{
$post = $f3->get("POST");
$issue = new \Model\Issue();
if (!empty($post["id"]) && is_array($post["id"])) {
foreach ($post["id"] as $id) {
// Updating existing issue.
$issue->load($id);
if ($issue->id) {
// Diff contents and save what's changed.
foreach ($post as $i => $val) {
if ($issue->exists($i) && $i != "id" && $issue->{$i} != $val && (!empty($val) || $val === "0")) {
// Allow setting to Not Assigned
if (($i == "owner_id" || $i == "sprint_id") && $val == -1) {
$val = null;
}
$issue->{$i} = $val;
if ($i == "status") {
$status = new \Model\Issue\Status();
$status->load($val);
// Toggle closed_date if issue has been closed/restored
if ($status->closed) {
if (!$issue->closed_date) {
$issue->closed_date = $this->now();
}
} else {
$issue->closed_date = null;
}
}
}
}
// Save to the sprint of the due date if no sprint selected
if (!empty($post['due_date']) && empty($post['sprint_id'])) {
$sprint = new \Model\Sprint();
$sprint->load(array("DATE(?) BETWEEN start_date AND end_date", $issue->due_date));
$issue->sprint_id = $sprint->id;
}
// If it's a child issue and the parent is in a sprint, assign to that sprint
if (!empty($post['bulk']['parent_id']) && !$issue->sprint_id) {
$parent = new \Model\Issue();
$parent->load($issue->parent_id);
if ($parent->sprint_id) {
$issue->sprint_id = $parent->sprint_id;
}
}
$notify = !empty($post["notify"]);
$issue->save($notify);
} else {
$f3->error(500, "Failed to update all the issues, starting with: {$id}.");
return;
}
}
} else {
$f3->reroute($post["url_path"] . "?" . $post["url_query"]);
}
if (!empty($post["url_path"])) {
$f3->reroute($post["url_path"] . "?" . $post["url_query"]);
} else {
$f3->reroute("/issues?" . $post["url_query"]);
}
}
public function fallback(\Base $f3, $params)
{
$f3->reroute('/adminCP/home', false);
}
public function save(\Base $f3, $params)
{
if (isset($params[2])) {
$params = $this->parametric($params[2]);
}
$current = $this->model->loadStoryMapper($params['story']);
if ($current['sid'] != NULL) {
$post = $f3->get('POST');
if (isset($params['chapter']) and $params['chapter'] == "new") {
$chapter = $this->model->addChapter($params['story'], $post['form']);
$f3->reroute("/adminCP/stories/edit/story={$current['sid']};chapter={$chapter}", false);
exit;
} elseif (isset($params['chapter'])) {
$this->model->saveChapterChanges($params['chapter'], $post['form']);
$f3->reroute("/adminCP/stories/edit/story={$current['sid']};chapter={$params['chapter']}", false);
exit;
} else {
$this->model->saveStoryChanges($current, $post['form']);
$f3->reroute('/adminCP/stories/edit/story=' . $current['sid'], false);
exit;
}
}
var_dump($current['sid']);
print_r($params);
print_r($post);
}
public function library(\Base $f3, $params)
{
$this->response->addTitle($f3->get('LN__UserMenu_MyLibrary'));
list($params, $returnpath) = array_pad(explode(";returnpath=", $params[1]), 2, '');
$params = $this->parametric($params);
$params['returnpath'] = $returnpath;
$sub = ["bookmark", "favourite", "recommendation"];
if (!in_array($params[0], $sub)) {
$params[0] = "";
}
// delete function get's accompanied by a pseudo-post, this doesn't count here. Sorry dude
if (NULL != ($post = $f3->get('POST'))) {
if (array_key_exists("confirmed", $post)) {
$this->model->libraryBookFavDelete($params);
$f3->reroute($params['returnpath'], false);
exit;
} elseif ($params[0] == "recommendation") {
//
} else {
if (FALSE === ($result = $this->model->saveBookFav($post, $params))) {
$params['error'] = "saving";
$this->libraryBookFavEdit($f3, $params);
} else {
$f3->reroute($params['returnpath'], false);
exit;
}
}
}
$this->counter = $this->model->getCount("library");
$this->showMenu("library", ["BMS" => $this->counter['bookmark']['sum'], "FAVS" => $this->counter['favourite']['sum'], "RECS" => is_numeric($this->counter['recommendation']['sum']) ? $this->counter['recommendation']['sum'] : FALSE]);
switch ($params[0]) {
case "bookmark":
case "favourite":
$this->libraryBookFav($f3, $params);
break;
case "recommendation":
$this->libraryRecommendations($f3, $params);
break;
default:
$this->buffer("Empty page");
}
}
/**
* GET|POST /logout
*
* @param \Base $f3
*/
public function logout($f3)
{
$session = new \Model\Session();
$session->loadCurrent();
$session->delete();
$f3->reroute("/");
}
protected function news(\Base $f3, array $params)
{
$this->response->addTitle($f3->get('LN__AdminMenu_News'));
$f3->set('title_h3', $f3->get('LN__AdminMenu_News'));
if (isset($params[2])) {
$params = $this->parametric($params[2]);
}
if (isset($params['delete'])) {
if ($this->model->deleteNews((int) $params['delete'])) {
$f3->reroute('/adminCP/home/news', false);
} else {
$f3->set('form_error', "__failedDelete");
}
} elseif (isset($_POST) and sizeof($_POST) > 0) {
if (isset($_POST['form_data'])) {
//$changes = $this->model->saveCustompage($params['id'], $f3->get('POST.form_data') );
} elseif (isset($_POST['newHeadline'])) {
$newID = $this->model->addNews($f3->get('POST.newHeadline'));
if ($newID !== FALSE) {
$f3->reroute('/adminCP/home/news/id=' . $newID, false);
}
}
}
if (isset($params['id'])) {
if (NULL !== ($data = $this->model->loadNews($params['id']))) {
$data['raw'] = @$params['raw'];
$data['errors'] = @$errors;
$data['changes'] = @$changes;
$this->buffer(\View\AdminCP::editNews($data));
return TRUE;
} else {
$f3->set('form_error', "__failedLoad");
}
}
// page will always be an integer > 0
$page = empty((int) @$params['page']) || (int) $params['page'] < 0 ?: (int) $params['page'];
// search/browse
$allow_order = array("id" => "nid", "date" => "date", "title" => "headline", "author" => "author");
// sort order
$sort["link"] = isset($allow_order[@$params['order'][0]]) ? $params['order'][0] : "date";
$sort["order"] = $allow_order[$sort["link"]];
$sort["direction"] = isset($params['order'][1]) && $params['order'][1] == "asc" ? "asc" : "desc";
$data = $this->model->listNews($page, $sort);
$this->buffer(\View\AdminCP::listNews($data, $sort));
}
/**
* delete a record
* @param \Mth3l3m3nt $f3
* @param array $params
*/
public function delete(\Base $f3, $params)
{
$this->resource->reset();
$flash = \Flash::instance();
if (isset($params['id'])) {
$this->resource->load(array('_id = ?', $params['id']));
if ($this->resource->dry()) {
$flash->addMessage('No record found with this ID.', 'danger');
} else {
$this->resource->erase();
$flash->addMessage("Record deleted.", 'success');
}
}
$f3->reroute($f3->get('SESSION.LastPageURL'));
}
/**
* login by cookie name
* @param \Base $f3
*/
public function login(\Base $f3)
{
$data = (array) $f3->get('GET');
$cookieName = empty($data['cookie']) ? '' : $data['cookie'];
$character = null;
if (!empty($cookieName)) {
if (!empty($cookieData = $this->getCookieByName($cookieName))) {
// cookie data is valid -> validate data against DB (security check!)
if (!empty($characters = $this->getCookieCharacters(array_slice($cookieData, 0, 1, true)))) {
// character is valid and allowed to login
$character = $characters[$cookieName];
}
}
}
if (is_object($character)) {
// login by character
$loginCheck = $this->loginByCharacter($character);
if ($loginCheck) {
// route to "map"
$f3->reroute('@map');
}
}
// on error -> route back to login form
$f3->set(self::SESSION_KEY_SSO_ERROR, self::ERROR_COOKIE_LOGIN);
$f3->reroute('@login');
}
