/** * This method is called by 'loadData' and creates the necessary * SQL Statement for data loading. */ private function load($id, $class, $type, $order, $limit) { // create a NamedQuery, but don't set the query itself $namedQuery = new NamedQuery(); // use some booleans to handle the use of WHERE and AND clauses $hasConditions = $id != null ? true : false; $hasConditions = $class != null ? true : $hasConditions; $hasConditions = $type != null ? true : $hasConditions; $isAndNeccessary = false; // start with the default query $query = $this->QUERY_LOAD_PRODUCTS; // if there are conditions to add, handle them inside this block if ($hasConditions) { $query .= $this->CLAUSE_WHERE; // add the 'id' parameter if valued if ($id != null) { $query .= $this->COND_ID; $namedQuery->addParam(QueryParam::TYPE_INTEGER, $id); // WHERE clause is used, so mark that next statement has to add AND clause $isAndNeccessary = true; } // add the 'classification' parameter if valued if ($class != null) { if ($isAndNeccessary) { $query .= $this->CLAUSE_AND; } $query .= $this->COND_CLASSIFICATION; $namedQuery->addParam(QueryParam::TYPE_STRING, $class); // previously added AND is used, so mark that next statement has to add AND again $isAndNeccessary = true; } // add the 'type' parameter if valued if ($type != null) { if ($isAndNeccessary) { $query .= $this->CLAUSE_AND; } $query .= $this->COND_TYPE; $namedQuery->addParam(QueryParam::TYPE_STRING, $type); } } // add the order type to the query $query .= $this->COND_ORDER_BY . $order; // if a limit is given, add the limit suffix and the query param if ($limit > 0) { $query .= $this->SUFFIX_LIMIT; $namedQuery->addParam(QueryParam::TYPE_INTEGER, $limit); } // at this point, the query is finished and can be set into the NamedQuery $namedQuery->setNamedQuery($query); // now, we can call the CRUDService with the finished NamedQuery return CRUDService::getInstance()->fetchNamedQuery($namedQuery, "Product"); }
/** * Returns the number of usages of the given e-mail address. */ public static function checkEmail($email) { $namedQuery = new NamedQuery(self::$QUERY_CHECK_EMAIL); $namedQuery->addParam(QueryParam::TYPE_STRING, $email); $result = CRUDService::getInstance()->fetchNamedQuery($namedQuery); return $result[0]->number; }
public function handleRequestInMain() { $this->checkAccess(); if ($_SERVER["REQUEST_METHOD"] == "POST") { // get classification, its type and price from POST array $classification = $_POST["name-classification"]; $type = $_POST["name-type--" . $classification]; $namedQuery = new NamedQuery($this->QUERY_INSERT_PRODUCT); $namedQuery->addParam(QueryParam::TYPE_STRING, $classification); $namedQuery->addParam(QueryParam::TYPE_STRING, $type); $namedQuery->addParam(QueryParam::TYPE_STRING, $_POST["name-price"]); // insert those information into DB and get the product's ID $insertId = CRUDService::getInstance()->executeNamedQuery($namedQuery); // now, we can generate the new file name for the uploaded image $fileName = $_FILES["name-image"]["name"]; $lastDot = strrpos($fileName, "."); $imgType = substr($fileName, $lastDot); // example : ".jpg" // image name is like : <productType>-<id>.<imageType> // for example : robot-42.png $imgName = strtolower($type) . "-" . $insertId . $imgType; // define the upload directory's relative path $uploadDir = "./images/products/" . $classification . "/" . strtolower($type) . "/"; // move the uploaded file to the correct image directory move_uploaded_file($_FILES["name-image"]["tmp_name"], $uploadDir . $imgName); // now, update the database to set the image name $nq2 = new NamedQuery($this->QUERY_SET_IMAGE); $nq2->addParam(QueryParam::TYPE_STRING, $imgName); $nq2->addParam(QueryParam::TYPE_INTEGER, $insertId); CRUDService::getInstance()->executeNamedQuery($nq2); // keys to write : product.<id>.name.<lang> , product.<id>.description.<lang> $data = 'product.' . $insertId . '.name.de = "' . $_POST["name-name-de"] . '"' . PHP_EOL; $data .= 'product.' . $insertId . '.name.en = "' . $_POST["name-name-en"] . '"' . PHP_EOL; $data .= 'product.' . $insertId . '.name.fr = "' . $_POST["name-name-fr"] . '"' . PHP_EOL; $data .= 'product.' . $insertId . '.description.de = "' . $_POST["name-description-de"] . '"' . PHP_EOL; $data .= 'product.' . $insertId . '.description.en = "' . $_POST["name-description-en"] . '"' . PHP_EOL; $data .= 'product.' . $insertId . '.description.fr = "' . $_POST["name-description-fr"] . '"' . PHP_EOL; // write titles and descriptions into the products.ini file file_put_contents(Config::DEFAULT_PRODUCT_FILE, $data, FILE_APPEND); // finally, update the session with the new products.ini file content LanguageHelper::loadTranslations(); } }
/** * Overwrite the abstract function from Superclass. * If an admin POST-ed a product change, update the database if necessary, * and also update the key values (language translations) for this product * in the products.ini file. */ public function handleRequestInMain() { $this->checkAccess(); if ($_SERVER["REQUEST_METHOD"] == "POST") { $id = intval($_POST["name-id"]); $_SESSION[Session::PRODUCT_TRANSLATIONS]["product." . $id . ".name.de"] = $_POST["name-name-de"]; $_SESSION[Session::PRODUCT_TRANSLATIONS]["product." . $id . ".name.en"] = $_POST["name-name-en"]; $_SESSION[Session::PRODUCT_TRANSLATIONS]["product." . $id . ".name.fr"] = $_POST["name-name-fr"]; $_SESSION[Session::PRODUCT_TRANSLATIONS]["product." . $id . ".description.de"] = $_POST["name-description-de"]; $_SESSION[Session::PRODUCT_TRANSLATIONS]["product." . $id . ".description.en"] = $_POST["name-description-en"]; $_SESSION[Session::PRODUCT_TRANSLATIONS]["product." . $id . ".description.fr"] = $_POST["name-description-fr"]; // write the edited content from session back into the product's file file_put_contents(Config::DEFAULT_PRODUCT_FILE, $this->productArrayToString()); LanguageHelper::loadTranslations(); // update the database to set the new price $nq = new NamedQuery($this->QUERY_SET_PRICE); $nq->addParam(QueryParam::TYPE_DOUBLE, doubleval($_POST["name-price"])); $nq->addParam(QueryParam::TYPE_INTEGER, $id); CRUDService::getInstance()->executeNamedQuery($nq); // redirect back to the delete.php page $this->redirect("delete.php"); } }
/** * Overwrite the abstract function from Superclass. * If a user POST-ed login data, check whether the data * is correct or not. * In case it's not, show the user a message that the login was not ok. * Otherwise, set the user's data into the session and redirect to * the 'Home' page. */ public function handleRequestInMain() { // handle only POST requests if ($_SERVER["REQUEST_METHOD"] == "POST") { // read e-mail from POST and try to load a user by its e-mail $namedQuery = new NamedQuery($this->QUERY_LOAD_USER); $namedQuery->addParam(QueryParam::TYPE_STRING, StringUtils::removeTags($_POST["name-email"])); $result = CRUDService::getInstance()->fetchNamedQuery($namedQuery, "User"); // if there is no (or more which should not be possible) result, return an error if (count($result) !== 1) { $this->getView()->setMessage($this->MSG_ERROR); return; } // now that we really found just 1 user, check its password $user = $result[0]; if ($user->getPassword() === StringUtils::convertInSha1($_POST["name-password"])) { // persist user in session and redirect user to the main page $_SESSION[Session::USER] = serialize($user); $this->redirect("home.php"); } else { $this->getView()->setMessage($this->MSG_ERROR); } } }
/** * This method reloads the user's data by its ID * and stores them in the session. * @param id the ID of the user to be reloaded */ private function reloadUser($id) { $namedQuery = new NamedQuery($this->QUERY_LOAD_USER); $namedQuery->addParam(QueryParam::TYPE_INTEGER, $id); $result = CRUDService::getInstance()->fetchNamedQuery($namedQuery, "User"); $_SESSION[Session::USER] = serialize($result[0]); }
public function load() { $namedQuery = new NamedQuery($this->QUERY_LOAD_USER); $namedQuery->addParam(QueryParam::TYPE_STRING, $this->email); $result = CRUDService::getInstance()->fetchNamedQuery($namedQuery, "User"); }