/** * Run method with main page logic * * Read in list of the latest published articles. Pagination enabled. * Populate template and display results in the page. * @access public */ public function run() { $PAGINATION_LIMIT = 10; $session = Session::getInstance(); $user = $session->getUser(); /* if ($user == null || !$user->validUser ()) { header ("Location: " . BASE_URL); return; } */ $articleDAO = ArticleDAO::getInstance(); $tagDAO = ArticleTagDAO::getInstance(); $page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1; if ($page < 1) { $page = 1; } $count = $paginator = $paginator_page = null; $article = $articletags_array = null; $title = ""; $count = $articleDAO->countPublished(true); $paginator = new Paginator($count, $PAGINATION_LIMIT); $paginator_page = $paginator->getPage($page); $article_array = $articleDAO->allPublished(true, array("order" => "{$articleDAO->getTableName()}.postDate DESC, {$articleDAO->getTableName()}.id DESC", "limit" => $paginator_page, "joins" => true)); foreach ($article_array as $article) { $articletags_array[] = $tagDAO->allArticleTags($article, array("order" => "name")); } $this->template->render(array("title" => "Latests Articles", "main_page" => "article_list_tpl.php", "session" => $session, "article_array" => $article_array, "articletags_array" => $articletags_array, "paginator_page" => $paginator_page)); }
/** * Run method with main page logic * * Read in the specified article from the database. * Populate template and display article in the page * @access public */ public function run() { $session = Session::getInstance(); $user = $session->getUser(); /* if ($user == null || !$user->validUser ()) { header ("Location: " . BASE_URL); return; } */ $articleDAO = ArticleDAO::getInstance(); $tagDAO = ArticleTagDAO::getInstance(); $article = $articletags = null; $title = ""; if (!empty($_GET["id"]) && is_numeric($_GET["id"])) { $article_id = intval($_GET["id"]); $article = $articleDAO->load($article_id, array("joins" => true)); if ($article) { $title .= "{$article->getTitle()}"; $articletags = $tagDAO->allArticleTags($article, array("order" => "name")); } } //print_r ($articletags); $this->template->render(array("title" => "Article - " . $title, "main_page" => "view_article_tpl.php", "session" => $session, "article" => $article, "articletags" => $articletags)); }
/** * Run method with main page logic * * Populate template and display confirmation for article deletion. For POST request, * check user credentials, check if article exists and then delete entry from database. * Available to admins only * @access public */ public function run() { $session = Session::getInstance(); $user = $session->getUser(); // Check for an admin user if (!$user || !$user->isAdmin()) { $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR); header("Location: " . BASE_URL); return; } $articleDAO = ArticleDAO::getInstance(); $delete_article = null; $form_errors = array(); $form_values = array("id" => ""); if (!empty($_POST)) { // Check if a number was passed for the id $id = isset($_POST["id"]) && is_numeric($_POST["id"]) ? intval($_POST["id"]) : ""; if (empty($id)) { header("Location: " . BASE_URL); return; } else { $delete_article = $articleDAO->load($id); // Article exists. Delete if ($delete_article) { if ($articleDAO->delete($delete_article)) { $session->setMessage("Article deleted"); //header ("Location: " . BASE_URL); return; } else { $session->setMessage("Could not delete article", Session::MESSAGE_ERROR); } } } } else { if (!empty($_GET)) { $id = isset($_GET["id"]) ? trim($_GET["id"]) : ""; if (empty($id)) { header("Location: " . BASE_URL); return; } else { if (is_numeric($id)) { $delete_article = $articleDAO->load($id); if ($delete_article) { $form_values["id"] = $delete_article->getId(); } } } } else { header("Location: " . BASE_URL); return; } } $this->template->render(array("title" => "Delete Article", "main_page" => "delete_article_tpl.php", "user" => $user, "session" => $session, "delete_article" => $delete_article, "form_errors" => $form_errors, "form_values" => $form_values)); }
/** * Run method with main page logic * * Read in articles from the database. Displays an interface to administer article data * for allowing bulk deletion of articles, deletion of a single * article, links to editing each article entry. Pagination enabled. * Available to admins only. * @access public */ public function run() { $PAGINATION_LIMIT = 10; $session = Session::getInstance(); $user = $session->getUser(); if (!$user || !$user->isAdmin()) { $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR); header("Location: " . BASE_URL); return; } $page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1; if ($page < 1) { $page = 1; } $action = isset($_GET["action"]) ? trim($_GET["action"]) : ""; $articleDAO = ArticleDAO::getInstance(); $article_array = $paginator_page = null; $content_title = ""; if (!empty($_POST) && !empty($_POST["ids"]) && !empty($_POST["action"])) { $action = isset($_POST["action"]) ? trim($_POST["action"]) : ""; if (!strcmp($action, "delete") == 0) { header("Location: " . BASE_URL); return; } $status = $articleDAO->deleteByIds($_POST["ids"]); if ($status) { $session->setMessage("Selected pages deleted"); header("Location: {$_SERVER["PHP_SELF"]}"); return; } else { $session->setMessage("Deletion failed", Session::MESSAGE_ERROR); header("Location: {$_SERVER["PHP_SELF"]}"); return; } } else { if (strcmp($action, "delete") == 0 && !empty($_GET["ids"])) { $content_title = "Delete Articles"; $article_array = $articleDAO->allByIds($_GET["ids"]); } else { if (strcmp($action, "delete") == 0) { } else { $count = $articleDAO->count(); $paginator = new Paginator($count, $PAGINATION_LIMIT); $paginator_page = $paginator->getPage($page); $article_array = $articleDAO->all(array("limit" => $paginator_page)); } } } $this->template->render(array("title" => "Admin - Article Options", "main_page" => "article_options_tpl.php", "session" => $session, "article_array" => $article_array, "paginator_page" => $paginator_page, "action" => $action, "content_title" => $content_title)); }
/** * Delete instances of a User entities with the ids specified in the ids array. LEFT JOIN clauses will be added to delete any associated attendance records, pages, articles and events * * @access public * @param array $ids Array containing int ids of User entities to delete * @param array $options (Optional) Read documentation on parseOptions for details * @return bool Return status of PDOStatement execute method */ public function deleteByIds($ids, $options = null) { if (!is_array($ids)) { throw new InvalidArgumentException("Must pass array of ids as the first parameter"); } // Import associated DAOs require_once "Attendance.php"; require_once "Page.php"; require_once "Article.php"; require_once "Event.php"; $attendDAO = AttendanceDAO::getInstance(); $pagesDAO = PageDAO::getInstance(); $articlesDAO = ArticleDAO::getInstance(); $eventsDAO = EventDAO::getInstance(); $str = ""; for ($i = 0; $i < count($ids) - 1; $i++) { $str .= "?,"; } $str .= "?"; // Use LEFT JOIN in case user does not have some entries $query = "DELETE FROM {$this->tableName}, {$attendDAO->getTableName()}, {$pagesDAO->getTableName()}, {$articlesDAO->getTableName()}, {$eventsDAO->getTableName()} USING {$this->tableName} LEFT JOIN {$attendDAO->getTableName()} ON {$this->tableName}.id = {$attendDAO->getTableName()}.userId LEFT JOIN {$pagesDAO->getTableName()} ON {$this->tableName}.id = {$pagesDAO->getTableName()}.userId LEFT JOIN {$articlesDAO->getTableName()} ON {$this->tableName}.id = {$articlesDAO->getTableName()}.userId LEFT JOIN {$eventsDAO->getTableName()} ON {$this->tableName}.id = {$eventsDAO->getTableName()}.userId WHERE {$this->tableName}.id IN ({$str})"; //echo $query; $stmt = self::$dbh->prepare($query); $params = $ids; $status = $stmt->execute($params); return $status; }
/** * Run method with main page logic * * Populate template and display form for creating a new article entry. For POST requests, * validate form data and save information to database. Available to admins only * @access public */ public function run() { $session = Session::getInstance(); $user = $session->getUser(); if (!$user || !$user->isAdmin()) { $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR); header("Location: " . BASE_URL); return; } $form_errors = array(); $form_values = array("title" => "", "content" => "", "postDate" => "", "published" => "", "tags" => ""); $articleDAO = ArticleDAO::getInstance(); $tagDAO = ArticleTagDAO::getInstance(); if (!empty($_POST)) { $form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : ""; $form_values["content"] = isset($_POST["content"]) ? trim($_POST["content"]) : ""; $form_values["postDate"] = isset($_POST["postDate"]) ? trim($_POST["postDate"]) : ""; $form_values["published"] = isset($_POST["published"]) ? trim($_POST["published"]) : ""; $form_values["tags"] = isset($_POST["tags"]) ? trim($_POST["tags"]) : ""; if (empty($form_values["title"])) { $form_errors["title"] = "No title specified"; } if (empty($form_values["content"])) { $form_errors["content"] = "No content specified"; } if (empty($form_values["postDate"])) { $form_errors["postDate"] = "No post date specified"; } else { if (strtotime($_POST["postDate"]) == 0) { $form_errors["postDate"] = "An invalid post date was specified"; $form_values["postDate"] = ""; } } if ($form_values["published"] != "true" && $form_values["published"] != "false") { $form_errors["published"] = "Invalid published choice"; } if (empty($form_errors)) { $article = new Article(); $article->setTitle($form_values["title"]); $article->setContent($form_values["content"]); $article->setPostDate(strtotime($form_values["postDate"])); $article->setUpdateDate(0); $published = $form_values["published"] == "true" ? 1 : 0; $article->setPublished($published); $article->setUserId($user->id); //$article->setTags ($form_values["tags"]); $sorted_tag_array = ArticleTag::tagsFromString($form_values["tags"]); $sorted_tags = implode(" ", $sorted_tag_array); $article->setTags($sorted_tags); if ($articleDAO->insert($article)) { $tagDAO->updateTags($article); $session->setMessage("Article details saved"); header("Location: edit_article.php?id={$article->id}"); return; } else { $session->setMessage("Article details could not be saved", Session::MESSAGE_ERROR); } } } $this->template->render(array("title" => "Create Article", "extra_header" => joinPath("headers", "jscal_header_tpl.php"), "main_page" => "create_article_tpl.php", "session" => $session, "form_errors" => $form_errors, "form_values" => $form_values)); }
/** * Load all instances of ArticleTag entities associated with an Article. Use options array to limit results read. * * @access public * @param Article $article * @param array $options (Optional) Read documentation on parseOptions for details * @return array */ public function allArticleTags(Article $article, $options = null) { $articleDAO = ArticleDAO::getInstance(); $taggedDAO = TaggedArticleDAO::getInstance(); $this->resetQueryStrings(); $this->query_reset_lock = true; $this->query_joins = " INNER JOIN {$taggedDAO->getTableName()} ON {$taggedDAO->getTableName()}.tagId = {$this->getTableName()}.id INNER JOIN {$articleDAO->getTableName()} ON {$articleDAO->getTableName()}.id = {$taggedDAO->getTableName()}.articleId "; $this->query_where = "WHERE {$articleDAO->getTableName()}.id = ?"; $this->query_params = array($article->getId()); $result_array = $this->all($options); $this->query_reset_lock = false; return $result_array; }
/** * Run method with main page logic * * Populate template and display form for editing an article entry. For POST requests, * check user credentials, check if article exists and then update entry in database. * Available to admins only * @access public */ public function run() { $session = Session::getInstance(); $user = $session->getUser(); if (!$user || !$user->isAdmin()) { $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR); header("Location: " . BASE_URL); return; } $form_errors = array(); $form_values = array("id" => "", "title" => "", "content" => "", "postDate" => "", "updateDate" => "", "published" => "", "tags" => ""); $articleDAO = ArticleDAO::getInstance(); $tagDAO = ArticleTagDAO::getInstance(); $article = null; if (!empty($_POST)) { $form_values["id"] = isset($_POST["id"]) && is_numeric($_POST["id"]) ? intval($_POST["id"]) : ""; $form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : ""; $form_values["content"] = isset($_POST["content"]) ? trim($_POST["content"]) : ""; $form_values["postDate"] = isset($_POST["postDate"]) ? trim($_POST["postDate"]) : ""; $form_values["updateDate"] = isset($_POST["updateDate"]) ? trim($_POST["updateDate"]) : ""; $form_values["published"] = isset($_POST["published"]) ? trim($_POST["published"]) : ""; $form_values["tags"] = isset($_POST["tags"]) ? trim($_POST["tags"]) : ""; if (empty($form_values["id"])) { $form_errors["id"] = "No id specified"; } if (empty($form_values["title"])) { $form_errors["title"] = "No title specified"; } if (empty($form_values["content"])) { $form_errors["content"] = "No content specified"; } if (empty($form_values["postDate"])) { $form_errors["postDate"] = "No post date specified"; } else { if (strtotime($form_values["postDate"]) == 0) { $form_errors["postDate"] = "An invalid post date was specified"; $form_values["postDate"] = ""; } } if (!empty($form_values["updateDate"]) && strtotime($form_values["updateDate"]) == 0) { $form_errors["updateDate"] = "An invalid update date was specified"; $form_values["updateDate"] = ""; } if ($form_values["published"] != "true" && $form_values["published"] != "false") { $form_errors["published"] = "Invalid published choice"; } if (empty($form_errors)) { $article = $articleDAO->load($form_values["id"]); if ($article && ($user->isAdmin() || $article->userId == $user->id)) { $article->setTitle($form_values["title"]); $article->setContent($form_values["content"]); $article->setPostDate(strtotime($form_values["postDate"])); if (!empty($form_values["updateDate"])) { $article->setUpdateDate(strtotime($form_values["updateDate"])); } //$article->setUpdateDate (time ()); $published = $form_values["published"] == "true" ? 1 : 0; $article->setPublished($published); $article->setUserId($user->id); $sorted_tag_array = ArticleTag::tagsFromString($form_values["tags"]); $sorted_tags = implode(" ", $sorted_tag_array); $article->setTags($sorted_tags); //print_r ($article); if ($articleDAO->save($article)) { $tagDAO->updateTags($article); $session->setMessage("Article details saved"); header("Location: edit_article.php?id={$article->id}"); return; } else { $session->setMessage("Article details could not be saved", Session::MESSAGE_ERROR); } } else { $session->setMessage("Do not have permission to edit the article", Session::MESSAGE_ERROR); header("Location: " . BASE_URL); return; } } else { if (empty($form_errors["id"])) { $article = $articleDAO->load($form_values["id"]); } } } else { if (!empty($_GET)) { $form_values["id"] = isset($_GET["id"]) ? $_GET["id"] : ""; if (empty($form_values["id"])) { header("Location: " . BASE_URL); return; } else { $article = $articleDAO->load($form_values["id"]); // Article does not exist. Pass null to template if (!$article) { } else { if (!$user->isAdmin() && $article->userId != $user->id) { $session->setMessage("Do not have permission to edit article", Session::MESSAGE_ERROR); header("Location: " . BASE_URL); return; } else { $form_values["id"] = $article->getId(); $form_values["title"] = $article->getTitle(); $form_values["content"] = $article->getContent(); $form_values["published"] = $article->getPublished() == true ? "true" : "false"; $form_values["postDate"] = strftime("%d %B %Y", $article->getPostDate()); $form_values["updateDate"] = $article->getUpdateDate() > 0 ? strftime("%d %B %Y", $article->getUpdateDate()) : ""; $form_values["tags"] = $article->getTags(); } } } } } $this->template->render(array("title" => "Edit Article", "extra_header" => joinPath("headers", "jscal_header_tpl.php"), "main_page" => "edit_article_tpl.php", "session" => $session, "article" => $article, "form_errors" => $form_errors, "form_values" => $form_values)); }