diff options
author | xue <> | 2007-06-26 15:59:16 +0000 |
---|---|---|
committer | xue <> | 2007-06-26 15:59:16 +0000 |
commit | f92ca63a225d43e7ecca4ebe528c2a1e206a40f1 (patch) | |
tree | 0fb92aafab5fedc866c6cafd49433d72bf719114 /demos/blog-tutorial/samples/day4/blog/protected/pages/posts/NewPost.php | |
parent | c31e5ab3ebd4ae1561cbdaeaa504d1095dcbbb0a (diff) |
Completed day 4 for blog tutorial.
Diffstat (limited to 'demos/blog-tutorial/samples/day4/blog/protected/pages/posts/NewPost.php')
-rw-r--r-- | demos/blog-tutorial/samples/day4/blog/protected/pages/posts/NewPost.php | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/NewPost.php b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/NewPost.php new file mode 100644 index 00000000..a5e3ea4d --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/NewPost.php @@ -0,0 +1,34 @@ +<?php
+
+class NewPost extends TPage
+{
+ /**
+ * Creates a new post if all inputs are valid.
+ * This method responds to the OnClick event of the "create" button.
+ * @param mixed event sender
+ * @param mixed event parameter
+ */
+ public function createButtonClicked($sender,$param)
+ {
+ if($this->IsValid) // when all validations succeed
+ {
+ // populates a PostRecord object with user inputs
+ $postRecord=new PostRecord;
+ // using SafeText instead of Text avoids Cross Site Scripting attack
+ $postRecord->title=$this->TitleEdit->SafeText;
+ $postRecord->content=$this->ContentEdit->SafeText;
+ $postRecord->author_id=$this->User->Name;
+ $postRecord->create_time=time();
+ $postRecord->status=0;
+
+ // saves to the database via Active Record mechanism
+ $postRecord->save();
+
+ // redirects the browser to the newly created post page
+ $url=$this->Service->constructUrl('posts.ReadPost',array('id'=>$postRecord->post_id));
+ $this->Response->redirect($url);
+ }
+ }
+}
+
+?>
\ No newline at end of file |