private function afterPostSave(AdminPost $post)
{
$key = param('sess_post_create_token');
if (app()->session->contains($key) && ($token = app()->session[$key] && !is_numeric($token))) {
if (!$post->hasErrors()) {
$attributes = array('post_id' => $post->id, 'token' => '');
AdminUpload::model()->updateAll($attributes, 'token = :token', array(':token' => $token));
app()->session->remove($key);
}
}
}
public function actionSearch()
{
$form = new UploadSearchForm();
if (isset($_GET['UploadSearchForm'])) {
$form->attributes = $_GET['UploadSearchForm'];
if ($form->validate()) {
$data = $form->search();
}
user()->setFlash('table_caption', t('user_search_result', 'admin'));
}
$this->adminTitle = t('search_result', 'admin');
$fileTypes = AdminUpload::typeLabels();
$this->render('search', array('form' => $form, 'data' => $data, 'fileTypes' => $fileTypes));
}
public function search()
{
$criteria = new CDbCriteria();
if ($this->postid) {
$criteria->addColumnCondition(array('post_id' => $this->postid));
}
if ($this->userid) {
$criteria->addColumnCondition(array('user_id' => $this->userid));
}
if ($this->fileType) {
$criteria->addColumnCondition(array('file_type' => $this->fileType));
}
if ($this->keyword) {
$criteria->addSearchCondition('desc', $this->keyword);
}
if ($this->fileUrl) {
$criteria->addSearchCondition('url', $this->fileUrl);
}
$data = $criteria->condition ? AdminUpload::fetchList($criteria) : null;
return $data;
}
/**
* Create admin page
*
* @author Thibaud Rohmer
*/
public function __construct()
{
/// Check that current user is an admin or an uploader
if (!(CurrentUser::$admin || CurrentUser::$uploader)) {
return;
}
/// Get actions available for Uploaders too
if (isset($_GET['a'])) {
switch ($_GET['a']) {
case "Abo":
$this->page = new AdminAbout();
break;
case "Upl":
if (isset($_POST['path'])) {
AdminUpload::upload();
CurrentUser::$path = File::r2a(stripslashes($_POST['path']));
}
break;
case "Mov":
if (isset($_POST['pathFrom'])) {
try {
CurrentUser::$path = File::r2a(dirname(stripslashes($_POST['pathFrom'])));
} catch (Exception $e) {
CurrentUser::$path = Settings::$photos_dir;
}
}
Admin::move();
if (isset($_POST['move']) && $_POST['move'] == "rename") {
try {
if (is_dir(File::r2a(stripslashes($_POST['pathFrom'])))) {
CurrentUser::$path = dirname(File::r2a(stripslashes($_POST['pathFrom']))) . "/" . stripslashes($_POST['pathTo']);
}
} catch (Exception $e) {
CurrentUser::$path = Settings::$photos_dir;
}
}
break;
case "Del":
if (isset($_POST['del'])) {
if (!is_array($_POST['del'])) {
CurrentUser::$path = dirname(File::r2a(stripslashes($_POST['del'])));
} else {
CurrentUser::$path = dirname(File::r2a(stripslashes($_POST['del'][0])));
}
Admin::delete();
}
break;
}
}
/// Check that current user is an admin
if (!CurrentUser::$admin) {
return;
}
/// Get action
if (isset($_GET['a'])) {
switch ($_GET['a']) {
case "Sta":
$this->page = new AdminStats();
break;
case "VTk":
$this->page = new GuestToken();
break;
case "DTk":
if (isset($_POST['tokenkey'])) {
GuestToken::delete($_POST['tokenkey']);
}
$this->page = new GuestToken();
break;
case "Acc":
if (isset($_POST['edit'])) {
Account::edit($_POST['login'], $_POST['old_password'], $_POST['password'], $_POST['name'], $_POST['email'], NULL, $_POST['language']);
}
if (isset($_POST['login'])) {
$this->page = new Account($_POST['login']);
} else {
$this->page = CurrentUser::$account;
}
break;
case "GC":
Group::create($_POST['group']);
$this->page = new Group();
break;
case "AAc":
Account::create($_POST['login'], $_POST['password'], $_POST['verif']);
$this->page = new Group();
break;
case "AGA":
$a = new Account($_POST['acc']);
$a->add_group($_POST['group']);
$a->save();
$this->page = CurrentUser::$account;
break;
case "AGR":
$a = new Account($_POST['acc']);
$a->remove_group($_POST['group']);
$a->save();
$this->page = CurrentUser::$account;
break;
case "ADe":
Account::delete($_POST['name']);
$this->page = new Group();
break;
case "GEd":
Group::edit($_POST);
$this->page = new Group();
break;
case "GDe":
Group::delete($_GET['g']);
$this->page = new Group();
break;
case "CDe":
CurrentUser::$path = File::r2a($_POST['image']);
Comments::delete($_POST['id']);
$this->page = new MainPage();
break;
case "JS":
break;
case "EdA":
$this->page = new Group();
break;
case "GAl":
if (isset($_POST['path'])) {
Settings::gener_all(File::r2a(stripslashes($_POST['path'])));
}
case "Set":
if (isset($_POST['name'])) {
Settings::set();
}
$this->page = new Settings();
break;
}
}
if (!isset($this->page)) {
$this->page = new AdminAbout();
}
/// Create menu
$this->menu = new AdminMenu();
}