/** * Get all data! * @param string $criteria * @return \PDOStatement : fetchAll query */ public static function all($criteria = 'from') { if ('to' === $criteria) { $criteria = 'WHERE A.to_account=' . Request::user()->id; } else { $criteria = 'WHERE A.from_account=' . Request::user()->id; } $sql = sprintf("SELECT A.*, (\n SELECT name FROM accounts WHERE id=A.from_account\n ) as from_account_display, B.name as to_account_display, B.id as account_id, B.photo as account_photo\n FROM messages A LEFT JOIN accounts B\n ON A.to_account = B.id %s", $criteria); return self::query($sql); }
/** * @param $id */ public static function delete($id) { $comment = Comments::findByPK($id); if (!Request::is_authenticated()) { Response::redirect(''); } else { if (Request::user()->id !== $comment['id_account'] and !Request::is_admin()) { Session::push('flash-message', 'You does not have permission to delete the other Member\'s post!'); Response::redirect(''); } } # perform the post deletion Comments::delete($id); # redirect to main page Response::redirect(''); }
public static function add() { if (!Request::is_admin()) { Response::redirect(''); } if ("POST" == Request::method()) { $id_acc = Request::user()->id; $name = Request::POST()->name; $decsription = Request::POST()->description; Categories::create($id_acc, $name, $decsription); # push flash-message Session::push('flash-message', 'That category has successfuly added!'); Response::redirect('categories'); } else { $categories = Categories::all()->fetchAll(\PDO::FETCH_CLASS); View::render('categories/add', ['categories' => $categories]); } }
public static function edit() { # login required decorator self::login_required(); # if user perform the form submit button if ("POST" == Request::method()) { $id = Request::user()->id; $name = Request::POST()->name; $username = Request::POST()->username; $bio = Request::POST()->bio; $profile_picture = File::upload('img', 'change_photo'); $member = Accounts::find(['username' => $username]); if ($member and $member['username'] !== Request::user()->username) { Session::push('flash-message-form', 'That username has used by other member, please use another!'); Response::redirect('profile/' . Request::user()->username); } if ($profile_picture) { Accounts::edit($id, $name, $username, $bio, $profile_picture); } else { Accounts::edit($id, $name, $username, $bio); } # push a flash message Session::push('flash-message', 'Your profile biodata has changed successfully!'); # if username or name has changed # reconfigure the member session data if ($name !== Request::user()->name or $username !== Request::user()->username) { # get member data by id $data = Accounts::findByPK($id); # Set a session ID $account = array($data['id'], $data['username'], $data['name'], $data['type']); $session = new Session(); $session->set('id_account', implode('|', $account)); } # redirect member profile page Response::redirect('profile/' . Request::user()->username); } else { # redirect to home Response::redirect(''); } }
<?php use Ngaji\Http\Request; if (Request::is_authenticated()) { $account = app\models\Accounts::findByPK(Request::user()->id); } ?> <? if (Request::is_admin()): ?> <!-- Logo --> <?php echo Html::anchor('', '<b>IniForum</b>LTE', ['class' => 'logo']); ?> <nav class="navbar navbar-static-top" role="navigation"> <!-- Sidebar toggle button--> <a href="#" class="sidebar-toggle" data-toggle="offcanvas" role="button"> <span class="sr-only">Toggle navigation</span> </a> <!-- Navbar Right Menu --> <div class="navbar-custom-menu"> <ul class="nav navbar-nav"> <li class="dropdown user user-menu"> <a href="#" class="dropdown-toggle" data-toggle="dropdown"> <?php echo Html::loadIMG($account['photo'], ['class' => 'user-image', 'alt' => 'User Image']); ?> <span class="hidden-xs"><?php echo Request::get_user('name'); ?> </span> </a>
<i class="fa fa-clock-o"></i> <?php echo date_format_en($post['created_at']) . " "; ?> </small> <?php echo $post['name']; ?> </a> <?php echo Html::anchor('post/read/' . $post['id'], $post['title']); ?> <? # menampilkan aksi edit dan hapus untuk artikel milik member login if (\Ngaji\Http\Request::is_authenticated() and $post['account_id'] == \Ngaji\Http\Request::user()->id ): ?> <?php echo Html::anchor("post/edit/" . $post['id'], '<i class="fa fa-edit"></i> Edit', ['class' => 'btn btn-sm btn-flat']); ?> <?php echo Html::anchor("#", '<i class="fa fa-trash-o"></i> Delete', ['class' => 'btn btn-sm btn-flat', 'data-post-id' => $post['id'], 'data-post-title' => $post['title'], 'data-href' => sprintf("%s/post/delete/%d", HOSTNAME, $post['id']), 'data-toggle' => "modal", 'data-target' => "#confirm-delete"]); ?> <? endif; ?> </p> <div class="attachment"> <article> <?php echo Post::limit($post['post']); ?> </article>
</div> </div> <!-- /.box --> </div> <!--/.col (right) --> <div class="col-md-4"> <!-- PROFILE --> <div class="box box-primary"> <div class="box-header with-border"> <h3 class="box-title text-center">Profile</h3> <div class="pull-right box-tools"> <? # menampilkan aksi edit dan hapus untuk artikel milik member login if (\Ngaji\Http\Request::is_authenticated() and $account['id'] == \Ngaji\Http\Request::user()->id ): ?> <?php echo Html::button('<i class="fa fa-edit"></i> Edit', ['class' => 'btn btn-info btn-sm btn-flat', 'id' => 'edit-profile']); ?> <? endif; ?> </div> </div> <!-- /.box-header --> <div class="box-body"> <div class="col-center-block"> <?php echo Html::loadIMG($account['photo'], ['alt' => 'account image', 'class' => 'img-responsive img-circle center-block', 'width' => '140', 'height' => '140']); ?> <?php