diff options
Diffstat (limited to 'demos/blog-tutorial/samples/day5/blog')
17 files changed, 653 insertions, 653 deletions
diff --git a/demos/blog-tutorial/samples/day5/blog/index.php b/demos/blog-tutorial/samples/day5/blog/index.php index 7ccffe49..bffafde2 100644 --- a/demos/blog-tutorial/samples/day5/blog/index.php +++ b/demos/blog-tutorial/samples/day5/blog/index.php @@ -1,22 +1,22 @@ -<?php
-
-// The following directory checks may be removed if performance is required
-$basePath=dirname(__FILE__);
-$frameworkPath=$basePath.'/../../../../../framework/prado.php';
-$assetsPath=$basePath.'/assets';
-$runtimePath=$basePath.'/protected/runtime';
-
-if(!is_file($frameworkPath))
- die("Unable to find prado framework path $frameworkPath.");
-if(!is_writable($assetsPath))
- die("Please make sure that the directory $assetsPath is writable by Web server process.");
-if(!is_writable($runtimePath))
- die("Please make sure that the directory $runtimePath is writable by Web server process.");
-
-
-require_once($frameworkPath);
-
-$application=new TApplication;
-$application->run();
-
+<?php + +// The following directory checks may be removed if performance is required +$basePath=dirname(__FILE__); +$frameworkPath=$basePath.'/../../../../../framework/prado.php'; +$assetsPath=$basePath.'/assets'; +$runtimePath=$basePath.'/protected/runtime'; + +if(!is_file($frameworkPath)) + die("Unable to find prado framework path $frameworkPath."); +if(!is_writable($assetsPath)) + die("Please make sure that the directory $assetsPath is writable by Web server process."); +if(!is_writable($runtimePath)) + die("Please make sure that the directory $runtimePath is writable by Web server process."); + + +require_once($frameworkPath); + +$application=new TApplication; +$application->run(); + ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/BlogErrorHandler.php b/demos/blog-tutorial/samples/day5/blog/protected/BlogErrorHandler.php index 56b71f8a..e8908ba7 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/BlogErrorHandler.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/BlogErrorHandler.php @@ -1,40 +1,40 @@ -<?php
-
-Prado::using('System.Exceptions.TErrorHandler');
-Prado::using('Application.BlogException');
-
-class BlogErrorHandler extends TErrorHandler
-{
- /**
- * Retrieves the template used for displaying external exceptions.
- * This method overrides the parent implementation.
- */
- protected function getErrorTemplate($statusCode,$exception)
- {
- // use our own template for BlogException
- if($exception instanceof BlogException)
- {
- // get the path of the error template file: protected/error.html
- $templateFile=Prado::getPathOfNamespace('Application.error','.html');
- return file_get_contents($templateFile);
- }
- else // otherwise use the template defined by PRADO
- return parent::getErrorTemplate($statusCode,$exception);
- }
-
- /**
- * Handles external error caused by end-users.
- * This method overrides the parent implementation.
- * It is invoked by PRADO when an external exception is thrown.
- */
- protected function handleExternalError($statusCode,$exception)
- {
- // log the error (only for BlogException)
- if($exception instanceof BlogException)
- Prado::log($exception->getErrorMessage(),TLogger::ERROR,'BlogApplication');
- // call parent implementation to display the error
- parent::handleExternalError($statusCode,$exception);
- }
-}
-
+<?php + +Prado::using('System.Exceptions.TErrorHandler'); +Prado::using('Application.BlogException'); + +class BlogErrorHandler extends TErrorHandler +{ + /** + * Retrieves the template used for displaying external exceptions. + * This method overrides the parent implementation. + */ + protected function getErrorTemplate($statusCode,$exception) + { + // use our own template for BlogException + if($exception instanceof BlogException) + { + // get the path of the error template file: protected/error.html + $templateFile=Prado::getPathOfNamespace('Application.error','.html'); + return file_get_contents($templateFile); + } + else // otherwise use the template defined by PRADO + return parent::getErrorTemplate($statusCode,$exception); + } + + /** + * Handles external error caused by end-users. + * This method overrides the parent implementation. + * It is invoked by PRADO when an external exception is thrown. + */ + protected function handleExternalError($statusCode,$exception) + { + // log the error (only for BlogException) + if($exception instanceof BlogException) + Prado::log($exception->getErrorMessage(),TLogger::ERROR,'BlogApplication'); + // call parent implementation to display the error + parent::handleExternalError($statusCode,$exception); + } +} + ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/BlogException.php b/demos/blog-tutorial/samples/day5/blog/protected/BlogException.php index fd17fc84..946a1bfe 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/BlogException.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/BlogException.php @@ -1,7 +1,7 @@ -<?php
-
-class BlogException extends THttpException
-{
-}
-
+<?php + +class BlogException extends THttpException +{ +} + ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/BlogUser.php b/demos/blog-tutorial/samples/day5/blog/protected/BlogUser.php index 6b9e0a23..4f094a0c 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/BlogUser.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/BlogUser.php @@ -1,59 +1,59 @@ -<?php
-
-// Include TDbUserManager.php file which defines TDbUser
-Prado::using('System.Security.TDbUserManager');
-
-/**
- * BlogUser Class.
- * BlogUser represents the user data that needs to be kept in session.
- * Default implementation keeps username and role information.
- */
-class BlogUser extends TDbUser
-{
- /**
- * Creates a BlogUser object based on the specified username.
- * This method is required by TDbUser. It checks the database
- * to see if the specified username is there. If so, a BlogUser
- * object is created and initialized.
- * @param string the specified username
- * @return BlogUser the user object, null if username is invalid.
- */
- public function createUser($username)
- {
- // use UserRecord Active Record to look for the specified username
- $userRecord=UserRecord::finder()->findByPk($username);
- if($userRecord instanceof UserRecord) // if found
- {
- $user=new BlogUser($this->Manager);
- $user->Name=$username; // set username
- $user->Roles=($userRecord->role==1?'admin':'user'); // set role
- $user->IsGuest=false; // the user is not a guest
- return $user;
- }
- else
- return null;
- }
-
- /**
- * Checks if the specified (username, password) is valid.
- * This method is required by TDbUser.
- * @param string username
- * @param string password
- * @return boolean whether the username and password are valid.
- */
- public function validateUser($username,$password)
- {
- // use UserRecord Active Record to look for the (username, password) pair.
- return UserRecord::finder()->findBy_username_AND_password($username,$password)!==null;
- }
-
- /**
- * @return boolean whether this user is an administrator.
- */
- public function getIsAdmin()
- {
- return $this->isInRole('admin');
- }
-}
-
+<?php + +// Include TDbUserManager.php file which defines TDbUser +Prado::using('System.Security.TDbUserManager'); + +/** + * BlogUser Class. + * BlogUser represents the user data that needs to be kept in session. + * Default implementation keeps username and role information. + */ +class BlogUser extends TDbUser +{ + /** + * Creates a BlogUser object based on the specified username. + * This method is required by TDbUser. It checks the database + * to see if the specified username is there. If so, a BlogUser + * object is created and initialized. + * @param string the specified username + * @return BlogUser the user object, null if username is invalid. + */ + public function createUser($username) + { + // use UserRecord Active Record to look for the specified username + $userRecord=UserRecord::finder()->findByPk($username); + if($userRecord instanceof UserRecord) // if found + { + $user=new BlogUser($this->Manager); + $user->Name=$username; // set username + $user->Roles=($userRecord->role==1?'admin':'user'); // set role + $user->IsGuest=false; // the user is not a guest + return $user; + } + else + return null; + } + + /** + * Checks if the specified (username, password) is valid. + * This method is required by TDbUser. + * @param string username + * @param string password + * @return boolean whether the username and password are valid. + */ + public function validateUser($username,$password) + { + // use UserRecord Active Record to look for the (username, password) pair. + return UserRecord::finder()->findBy_username_AND_password($username,$password)!==null; + } + + /** + * @return boolean whether this user is an administrator. + */ + public function getIsAdmin() + { + return $this->isInRole('admin'); + } +} + ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/database/PostRecord.php b/demos/blog-tutorial/samples/day5/blog/protected/database/PostRecord.php index 25702727..3407c09b 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/database/PostRecord.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/database/PostRecord.php @@ -1,28 +1,28 @@ -<?php
-/**
- * Auto generated by prado-cli.php on 2007-04-07 10:44:20.
- */
-class PostRecord extends TActiveRecord
-{
- const TABLE='posts';
-
- public $post_id;
- public $author_id;
- public $create_time;
- public $title;
- public $content;
- public $status;
-
- public $author;
-
- public static $RELATIONS=array
- (
- 'author' => array(self::BELONGS_TO, 'UserRecord'),
- );
-
- public static function finder($className=__CLASS__)
- {
- return parent::finder($className);
- }
-}
+<?php +/** + * Auto generated by prado-cli.php on 2007-04-07 10:44:20. + */ +class PostRecord extends TActiveRecord +{ + const TABLE='posts'; + + public $post_id; + public $author_id; + public $create_time; + public $title; + public $content; + public $status; + + public $author; + + public static $RELATIONS=array + ( + 'author' => array(self::BELONGS_TO, 'UserRecord'), + ); + + public static function finder($className=__CLASS__) + { + return parent::finder($className); + } +} ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/database/UserRecord.php b/demos/blog-tutorial/samples/day5/blog/protected/database/UserRecord.php index 2051e5de..021f8b09 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/database/UserRecord.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/database/UserRecord.php @@ -1,28 +1,28 @@ -<?php
-/**
- * Auto generated by prado-cli.php on 2007-04-07 10:44:25.
- */
-class UserRecord extends TActiveRecord
-{
- const TABLE='users';
-
- public $username;
- public $email;
- public $password;
- public $role;
- public $first_name;
- public $last_name;
-
- public $posts=array();
-
- public static $RELATIONS=array
- (
- 'posts' => array(self::HAS_MANY, 'PostRecord'),
- );
-
- public static function finder($className=__CLASS__)
- {
- return parent::finder($className);
- }
-}
+<?php +/** + * Auto generated by prado-cli.php on 2007-04-07 10:44:25. + */ +class UserRecord extends TActiveRecord +{ + const TABLE='users'; + + public $username; + public $email; + public $password; + public $role; + public $first_name; + public $last_name; + + public $posts=array(); + + public static $RELATIONS=array + ( + 'posts' => array(self::HAS_MANY, 'PostRecord'), + ); + + public static function finder($className=__CLASS__) + { + return parent::finder($className); + } +} ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/layouts/MainLayout.php b/demos/blog-tutorial/samples/day5/blog/protected/layouts/MainLayout.php index 46c1483d..f605f75c 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/layouts/MainLayout.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/layouts/MainLayout.php @@ -1,19 +1,19 @@ -<?php
-
-class MainLayout extends TTemplateControl
-{
- /**
- * Logs out a user.
- * This method responds to the "logout" button's OnClick event.
- * @param mixed event sender
- * @param mixed event parameter
- */
- public function logoutButtonClicked($sender,$param)
- {
- $this->Application->getModule('auth')->logout();
- $url=$this->Service->constructUrl($this->Service->DefaultPage);
- $this->Response->redirect($url);
- }
-}
-
+<?php + +class MainLayout extends TTemplateControl +{ + /** + * Logs out a user. + * This method responds to the "logout" button's OnClick event. + * @param mixed event sender + * @param mixed event parameter + */ + public function logoutButtonClicked($sender,$param) + { + $this->Application->getModule('auth')->logout(); + $url=$this->Service->constructUrl($this->Service->DefaultPage); + $this->Response->redirect($url); + } +} + ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/Contact.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/Contact.php index b6ce575e..77d7374a 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/pages/Contact.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/Contact.php @@ -1,30 +1,30 @@ -<?php
-
-class Contact extends TPage
-{
- /**
- * Event handler for the OnClick event of the submit button.
- * @param TButton the button triggering the event
- * @param TEventParameter event parameter (null here)
- */
- public function submitButtonClicked($sender, $param)
- {
- if ($this->IsValid) // check if input validation is successful
- {
- // obtain the user name, email, feedback from the textboxes
- $name = $this->Name->Text;
- $email = $this->Email->Text;
- $feedback = $this->Feedback->Text;
-
- // send an email to administrator with the above information
- $this->mailFeedback($name, $email, $feedback);
- }
- }
-
- protected function mailFeedback($name, $email, $feedback)
- {
- // implementation of sending the feedback email
- }
-}
-
+<?php + +class Contact extends TPage +{ + /** + * Event handler for the OnClick event of the submit button. + * @param TButton the button triggering the event + * @param TEventParameter event parameter (null here) + */ + public function submitButtonClicked($sender, $param) + { + if ($this->IsValid) // check if input validation is successful + { + // obtain the user name, email, feedback from the textboxes + $name = $this->Name->Text; + $email = $this->Email->Text; + $feedback = $this->Feedback->Text; + + // send an email to administrator with the above information + $this->mailFeedback($name, $email, $feedback); + } + } + + protected function mailFeedback($name, $email, $feedback) + { + // implementation of sending the feedback email + } +} + ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/EditPost.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/EditPost.php index e137b85e..1b0f82b6 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/EditPost.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/EditPost.php @@ -1,72 +1,72 @@ -<?php
-
-class EditPost extends TPage
-{
- /**
- * Initializes the inputs with existing post data.
- * This method is invoked by the framework when the page is being initialized.
- * @param mixed event parameter
- */
- public function onInit($param)
- {
- parent::onInit($param);
- // Retrieves the existing user data. This is equivalent to:
- // $postRecord=$this->getPost();
- $postRecord=$this->Post;
- // Authorization check: only the author or the administrator can edit the post
- if($postRecord->author_id!==$this->User->Name && !$this->User->IsAdmin)
- throw new THttpException(500,'You are not allowed to edit this post.');
-
- if(!$this->IsPostBack) // if the page is initially requested
- {
- // Populates the input controls with the existing post data
- $this->TitleEdit->Text=$postRecord->title;
- $this->ContentEdit->Text=$postRecord->content;
- }
- }
-
- /**
- * Saves the post if all inputs are valid.
- * This method responds to the OnClick event of the "Save" button.
- * @param mixed event sender
- * @param mixed event parameter
- */
- public function saveButtonClicked($sender,$param)
- {
- if($this->IsValid) // when all validations succeed
- {
- // Retrieves the existing user data. This is equivalent to:
- // $postRecord=$this->getPost();
- $postRecord=$this->Post;
-
- // Fetches the input data
- $postRecord->title=$this->TitleEdit->SafeText;
- $postRecord->content=$this->ContentEdit->SafeText;
-
- // saves to the database via Active Record mechanism
- $postRecord->save();
-
- // redirects the browser to the ReadPost page
- $url=$this->Service->constructUrl('posts.ReadPost',array('id'=>$postRecord->post_id));
- $this->Response->redirect($url);
- }
- }
-
- /**
- * Returns the post data to be editted.
- * @return PostRecord the post data to be editted.
- * @throws THttpException if the post data is not found.
- */
- protected function getPost()
- {
- // the ID of the post to be editted is passed via GET parameter 'id'
- $postID=(int)$this->Request['id'];
- // use Active Record to look for the specified post ID
- $postRecord=PostRecord::finder()->findByPk($postID);
- if($postRecord===null)
- throw new THttpException(500,'Post is not found.');
- return $postRecord;
- }
-}
-
+<?php + +class EditPost extends TPage +{ + /** + * Initializes the inputs with existing post data. + * This method is invoked by the framework when the page is being initialized. + * @param mixed event parameter + */ + public function onInit($param) + { + parent::onInit($param); + // Retrieves the existing user data. This is equivalent to: + // $postRecord=$this->getPost(); + $postRecord=$this->Post; + // Authorization check: only the author or the administrator can edit the post + if($postRecord->author_id!==$this->User->Name && !$this->User->IsAdmin) + throw new THttpException(500,'You are not allowed to edit this post.'); + + if(!$this->IsPostBack) // if the page is initially requested + { + // Populates the input controls with the existing post data + $this->TitleEdit->Text=$postRecord->title; + $this->ContentEdit->Text=$postRecord->content; + } + } + + /** + * Saves the post if all inputs are valid. + * This method responds to the OnClick event of the "Save" button. + * @param mixed event sender + * @param mixed event parameter + */ + public function saveButtonClicked($sender,$param) + { + if($this->IsValid) // when all validations succeed + { + // Retrieves the existing user data. This is equivalent to: + // $postRecord=$this->getPost(); + $postRecord=$this->Post; + + // Fetches the input data + $postRecord->title=$this->TitleEdit->SafeText; + $postRecord->content=$this->ContentEdit->SafeText; + + // saves to the database via Active Record mechanism + $postRecord->save(); + + // redirects the browser to the ReadPost page + $url=$this->Service->constructUrl('posts.ReadPost',array('id'=>$postRecord->post_id)); + $this->Response->redirect($url); + } + } + + /** + * Returns the post data to be editted. + * @return PostRecord the post data to be editted. + * @throws THttpException if the post data is not found. + */ + protected function getPost() + { + // the ID of the post to be editted is passed via GET parameter 'id' + $postID=(int)$this->Request['id']; + // use Active Record to look for the specified post ID + $postRecord=PostRecord::finder()->findByPk($postID); + if($postRecord===null) + throw new THttpException(500,'Post is not found.'); + return $postRecord; + } +} + ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ListPost.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ListPost.php index 7402dace..ae5a7eeb 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ListPost.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ListPost.php @@ -1,64 +1,64 @@ -<?php
-
-class ListPost extends TPage
-{
- /**
- * Initializes the repeater.
- * This method is invoked by the framework when initializing the page
- * @param mixed event parameter
- */
- public function onInit($param)
- {
- parent::onInit($param);
- if(!$this->IsPostBack) // if the page is requested the first time
- {
- // get the total number of posts available
- $this->Repeater->VirtualItemCount=PostRecord::finder()->count();
- // populates post data into the repeater
- $this->populateData();
- }
- }
-
- /**
- * Event handler to the OnPageIndexChanged event of the pager.
- * This method is invoked when the user clicks on a page button
- * and thus changes the page of posts to display.
- */
- public function pageChanged($sender,$param)
- {
- // change the current page index to the new one
- $this->Repeater->CurrentPageIndex=$param->NewPageIndex;
- // re-populate data into the repeater
- $this->populateData();
- }
-
- /**
- * Determines which page of posts to be displayed and
- * populates the repeater with the fetched data.
- */
- protected function populateData()
- {
- $offset=$this->Repeater->CurrentPageIndex*$this->Repeater->PageSize;
- $limit=$this->Repeater->PageSize;
- if($offset+$limit>$this->Repeater->VirtualItemCount)
- $limit=$this->Repeater->VirtualItemCount-$offset;
- $this->Repeater->DataSource=$this->getPosts($offset,$limit);
- $this->Repeater->dataBind();
- }
-
- /**
- * Fetches posts from database with offset and limit.
- */
- protected function getPosts($offset, $limit)
- {
- // Construts a query criteria
- $criteria=new TActiveRecordCriteria;
- $criteria->OrdersBy['create_time']='desc';
- $criteria->Limit=$limit;
- $criteria->Offset=$offset;
- // query for the posts with the above criteria and with author information
- return PostRecord::finder()->withAuthor()->findAll($criteria);
- }
-}
-
+<?php + +class ListPost extends TPage +{ + /** + * Initializes the repeater. + * This method is invoked by the framework when initializing the page + * @param mixed event parameter + */ + public function onInit($param) + { + parent::onInit($param); + if(!$this->IsPostBack) // if the page is requested the first time + { + // get the total number of posts available + $this->Repeater->VirtualItemCount=PostRecord::finder()->count(); + // populates post data into the repeater + $this->populateData(); + } + } + + /** + * Event handler to the OnPageIndexChanged event of the pager. + * This method is invoked when the user clicks on a page button + * and thus changes the page of posts to display. + */ + public function pageChanged($sender,$param) + { + // change the current page index to the new one + $this->Repeater->CurrentPageIndex=$param->NewPageIndex; + // re-populate data into the repeater + $this->populateData(); + } + + /** + * Determines which page of posts to be displayed and + * populates the repeater with the fetched data. + */ + protected function populateData() + { + $offset=$this->Repeater->CurrentPageIndex*$this->Repeater->PageSize; + $limit=$this->Repeater->PageSize; + if($offset+$limit>$this->Repeater->VirtualItemCount) + $limit=$this->Repeater->VirtualItemCount-$offset; + $this->Repeater->DataSource=$this->getPosts($offset,$limit); + $this->Repeater->dataBind(); + } + + /** + * Fetches posts from database with offset and limit. + */ + protected function getPosts($offset, $limit) + { + // Construts a query criteria + $criteria=new TActiveRecordCriteria; + $criteria->OrdersBy['create_time']='desc'; + $criteria->Limit=$limit; + $criteria->Offset=$offset; + // query for the posts with the above criteria and with author information + return PostRecord::finder()->withAuthor()->findAll($criteria); + } +} + ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.php index a5e3ea4d..d3a36133 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.php @@ -1,34 +1,34 @@ -<?php
-
-class NewPost extends TPage
-{
- /**
- * Creates a new post if all inputs are valid.
- * This method responds to the OnClick event of the "create" button.
- * @param mixed event sender
- * @param mixed event parameter
- */
- public function createButtonClicked($sender,$param)
- {
- if($this->IsValid) // when all validations succeed
- {
- // populates a PostRecord object with user inputs
- $postRecord=new PostRecord;
- // using SafeText instead of Text avoids Cross Site Scripting attack
- $postRecord->title=$this->TitleEdit->SafeText;
- $postRecord->content=$this->ContentEdit->SafeText;
- $postRecord->author_id=$this->User->Name;
- $postRecord->create_time=time();
- $postRecord->status=0;
-
- // saves to the database via Active Record mechanism
- $postRecord->save();
-
- // redirects the browser to the newly created post page
- $url=$this->Service->constructUrl('posts.ReadPost',array('id'=>$postRecord->post_id));
- $this->Response->redirect($url);
- }
- }
-}
-
+<?php + +class NewPost extends TPage +{ + /** + * Creates a new post if all inputs are valid. + * This method responds to the OnClick event of the "create" button. + * @param mixed event sender + * @param mixed event parameter + */ + public function createButtonClicked($sender,$param) + { + if($this->IsValid) // when all validations succeed + { + // populates a PostRecord object with user inputs + $postRecord=new PostRecord; + // using SafeText instead of Text avoids Cross Site Scripting attack + $postRecord->title=$this->TitleEdit->SafeText; + $postRecord->content=$this->ContentEdit->SafeText; + $postRecord->author_id=$this->User->Name; + $postRecord->create_time=time(); + $postRecord->status=0; + + // saves to the database via Active Record mechanism + $postRecord->save(); + + // redirects the browser to the newly created post page + $url=$this->Service->constructUrl('posts.ReadPost',array('id'=>$postRecord->post_id)); + $this->Response->redirect($url); + } + } +} + ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/PostRenderer.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/PostRenderer.php index cf0539a1..ed80f10c 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/PostRenderer.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/PostRenderer.php @@ -1,7 +1,7 @@ -<?php
-
-class PostRenderer extends TRepeaterItemRenderer
-{
-}
-
+<?php + +class PostRenderer extends TRepeaterItemRenderer +{ +} + ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ReadPost.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ReadPost.php index 0c120824..ab7429c3 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ReadPost.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ReadPost.php @@ -1,59 +1,59 @@ -<?php
-
-Prado::using('Application.BlogException');
-
-class ReadPost extends TPage
-{
- private $_post;
- /**
- * Fetches the post data.
- * This method is invoked by the framework when initializing the page
- * @param mixed event parameter
- */
- public function onInit($param)
- {
- parent::onInit($param);
- // post id is passed via the 'id' GET parameter
- $postID=(int)$this->Request['id'];
- // retrieves PostRecord with author information filled in
- $this->_post=PostRecord::finder()->withAuthor()->findByPk($postID);
- if($this->_post===null) // if post id is invalid
- throw new BlogException(500,'Unable to find the specified post.');
- // set the page title as the post title
- $this->Title=$this->_post->title;
- }
-
- /**
- * @return PostRecord the PostRecord currently being viewed
- */
- public function getPost()
- {
- return $this->_post;
- }
-
- /**
- * Deletes the post currently being viewed
- * This method is invoked when the user clicks on the "Delete" button
- */
- public function deletePost($sender,$param)
- {
- // only the author or the administrator can delete a post
- if(!$this->canEdit())
- throw new THttpException('You are not allowed to perform this action.');
- // delete it from DB
- $this->_post->delete();
- // redirect the browser to the homepage
- $this->Response->redirect($this->Service->DefaultPageUrl);
- }
-
- /**
- * @return boolean whether the current user can edit/delete the post being viewed
- */
- public function canEdit()
- {
- // only the author or the administrator can edit/delete a post
- return $this->User->Name===$this->Post->author_id || $this->User->IsAdmin;
- }
-}
-
+<?php + +Prado::using('Application.BlogException'); + +class ReadPost extends TPage +{ + private $_post; + /** + * Fetches the post data. + * This method is invoked by the framework when initializing the page + * @param mixed event parameter + */ + public function onInit($param) + { + parent::onInit($param); + // post id is passed via the 'id' GET parameter + $postID=(int)$this->Request['id']; + // retrieves PostRecord with author information filled in + $this->_post=PostRecord::finder()->withAuthor()->findByPk($postID); + if($this->_post===null) // if post id is invalid + throw new BlogException(500,'Unable to find the specified post.'); + // set the page title as the post title + $this->Title=$this->_post->title; + } + + /** + * @return PostRecord the PostRecord currently being viewed + */ + public function getPost() + { + return $this->_post; + } + + /** + * Deletes the post currently being viewed + * This method is invoked when the user clicks on the "Delete" button + */ + public function deletePost($sender,$param) + { + // only the author or the administrator can delete a post + if(!$this->canEdit()) + throw new THttpException('You are not allowed to perform this action.'); + // delete it from DB + $this->_post->delete(); + // redirect the browser to the homepage + $this->Response->redirect($this->Service->DefaultPageUrl); + } + + /** + * @return boolean whether the current user can edit/delete the post being viewed + */ + public function canEdit() + { + // only the author or the administrator can edit/delete a post + return $this->User->Name===$this->Post->author_id || $this->User->IsAdmin; + } +} + ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/users/AdminUser.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/users/AdminUser.php index ad8f6e3d..ad668e1a 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/pages/users/AdminUser.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/users/AdminUser.php @@ -1,36 +1,36 @@ -<?php
-
-class AdminUser extends TPage
-{
- /**
- * Populates the datagrid with user lists.
- * This method is invoked by the framework when initializing the page
- * @param mixed event parameter
- */
- public function onInit($param)
- {
- parent::onInit($param);
- // fetches all data account information
- $this->UserGrid->DataSource=UserRecord::finder()->findAll();
- // binds the data to interface components
- $this->UserGrid->dataBind();
- }
-
- /**
- * Deletes a specified user record.
- * This method responds to the datagrid's OnDeleteCommand event.
- * @param TDataGrid the event sender
- * @param TDataGridCommandEventParameter the event parameter
- */
- public function deleteButtonClicked($sender,$param)
- {
- // obtains the datagrid item that contains the clicked delete button
- $item=$param->Item;
- // obtains the primary key corresponding to the datagrid item
- $username=$this->UserGrid->DataKeys[$item->ItemIndex];
- // deletes the user record with the specified username primary key
- UserRecord::finder()->deleteByPk($username);
- }
-}
-
+<?php + +class AdminUser extends TPage +{ + /** + * Populates the datagrid with user lists. + * This method is invoked by the framework when initializing the page + * @param mixed event parameter + */ + public function onInit($param) + { + parent::onInit($param); + // fetches all data account information + $this->UserGrid->DataSource=UserRecord::finder()->findAll(); + // binds the data to interface components + $this->UserGrid->dataBind(); + } + + /** + * Deletes a specified user record. + * This method responds to the datagrid's OnDeleteCommand event. + * @param TDataGrid the event sender + * @param TDataGridCommandEventParameter the event parameter + */ + public function deleteButtonClicked($sender,$param) + { + // obtains the datagrid item that contains the clicked delete button + $item=$param->Item; + // obtains the primary key corresponding to the datagrid item + $username=$this->UserGrid->DataKeys[$item->ItemIndex]; + // deletes the user record with the specified username primary key + UserRecord::finder()->deleteByPk($username); + } +} + ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/users/EditUser.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/users/EditUser.php index 81538c33..f8c61463 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/pages/users/EditUser.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/users/EditUser.php @@ -1,83 +1,83 @@ -<?php
-
-class EditUser extends TPage
-{
- /**
- * Initializes the inputs with existing user data.
- * This method is invoked by the framework when the page is being initialized.
- * @param mixed event parameter
- */
- public function onInit($param)
- {
- parent::onInit($param);
- if(!$this->IsPostBack) // if the page is initially requested
- {
- // Retrieves the existing user data. This is equivalent to:
- // $userRecord=$this->getUserRecord();
- $userRecord=$this->UserRecord;
-
- // Populates the input controls with the existing user data
- $this->Username->Text=$userRecord->username;
- $this->Email->Text=$userRecord->email;
- $this->Role->SelectedValue=$userRecord->role;
- $this->FirstName->Text=$userRecord->first_name;
- $this->LastName->Text=$userRecord->last_name;
- }
- }
-
- /**
- * Saves the user account if all inputs are valid.
- * This method responds to the OnClick event of the "save" button.
- * @param mixed event sender
- * @param mixed event parameter
- */
- public function saveButtonClicked($sender,$param)
- {
- if($this->IsValid) // when all validations succeed
- {
- // Retrieves the existing user data. This is equivalent to:
- $userRecord=$this->UserRecord;
-
- // Fetches the input data
- $userRecord->username=$this->Username->Text;
- // update password when the input is not empty
- if(!empty($this->Password->Text))
- $userRecord->password=$this->Password->Text;
- $userRecord->email=$this->Email->Text;
- // update the role if the current user is an administrator
- if($this->User->IsAdmin)
- $userRecord->role=(int)$this->Role->SelectedValue;
- $userRecord->first_name=$this->FirstName->Text;
- $userRecord->last_name=$this->LastName->Text;
-
- // saves to the database via Active Record mechanism
- $userRecord->save();
-
- // redirects the browser to the homepage
- $this->Response->redirect($this->Service->DefaultPageUrl);
- }
- }
-
- /**
- * Returns the user data to be editted.
- * @return UserRecord the user data to be editted.
- * @throws THttpException if the user data is not found.
- */
- protected function getUserRecord()
- {
- // the user to be editted is the currently logged-in user
- $username=$this->User->Name;
- // if the 'username' GET var is not empty and the current user
- // is an administrator, we use the GET var value instead.
- if($this->User->IsAdmin && $this->Request['username']!==null)
- $username=$this->Request['username'];
-
- // use Active Record to look for the specified username
- $userRecord=UserRecord::finder()->findByPk($username);
- if(!($userRecord instanceof UserRecord))
- throw new THttpException(500,'Username is invalid.');
- return $userRecord;
- }
-}
-
+<?php + +class EditUser extends TPage +{ + /** + * Initializes the inputs with existing user data. + * This method is invoked by the framework when the page is being initialized. + * @param mixed event parameter + */ + public function onInit($param) + { + parent::onInit($param); + if(!$this->IsPostBack) // if the page is initially requested + { + // Retrieves the existing user data. This is equivalent to: + // $userRecord=$this->getUserRecord(); + $userRecord=$this->UserRecord; + + // Populates the input controls with the existing user data + $this->Username->Text=$userRecord->username; + $this->Email->Text=$userRecord->email; + $this->Role->SelectedValue=$userRecord->role; + $this->FirstName->Text=$userRecord->first_name; + $this->LastName->Text=$userRecord->last_name; + } + } + + /** + * Saves the user account if all inputs are valid. + * This method responds to the OnClick event of the "save" button. + * @param mixed event sender + * @param mixed event parameter + */ + public function saveButtonClicked($sender,$param) + { + if($this->IsValid) // when all validations succeed + { + // Retrieves the existing user data. This is equivalent to: + $userRecord=$this->UserRecord; + + // Fetches the input data + $userRecord->username=$this->Username->Text; + // update password when the input is not empty + if(!empty($this->Password->Text)) + $userRecord->password=$this->Password->Text; + $userRecord->email=$this->Email->Text; + // update the role if the current user is an administrator + if($this->User->IsAdmin) + $userRecord->role=(int)$this->Role->SelectedValue; + $userRecord->first_name=$this->FirstName->Text; + $userRecord->last_name=$this->LastName->Text; + + // saves to the database via Active Record mechanism + $userRecord->save(); + + // redirects the browser to the homepage + $this->Response->redirect($this->Service->DefaultPageUrl); + } + } + + /** + * Returns the user data to be editted. + * @return UserRecord the user data to be editted. + * @throws THttpException if the user data is not found. + */ + protected function getUserRecord() + { + // the user to be editted is the currently logged-in user + $username=$this->User->Name; + // if the 'username' GET var is not empty and the current user + // is an administrator, we use the GET var value instead. + if($this->User->IsAdmin && $this->Request['username']!==null) + $username=$this->Request['username']; + + // use Active Record to look for the specified username + $userRecord=UserRecord::finder()->findByPk($username); + if(!($userRecord instanceof UserRecord)) + throw new THttpException(500,'Username is invalid.'); + return $userRecord; + } +} + ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/users/LoginUser.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/users/LoginUser.php index a0955490..407906ae 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/pages/users/LoginUser.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/users/LoginUser.php @@ -1,37 +1,37 @@ -<?php
-
-class LoginUser extends TPage
-{
- /**
- * Validates whether the username and password are correct.
- * This method responds to the TCustomValidator's OnServerValidate event.
- * @param mixed event sender
- * @param mixed event parameter
- */
- public function validateUser($sender,$param)
- {
- $authManager=$this->Application->getModule('auth');
- if(!$authManager->login($this->Username->Text,$this->Password->Text))
- $param->IsValid=false; // tell the validator that validation fails
- }
-
- /**
- * Redirects the user's browser to appropriate URL if login succeeds.
- * This method responds to the login button's OnClick event.
- * @param mixed event sender
- * @param mixed event parameter
- */
- public function loginButtonClicked($sender,$param)
- {
- if($this->Page->IsValid) // all validations succeed
- {
- // obtain the URL of the privileged page that the user wanted to visit originally
- $url=$this->Application->getModule('auth')->ReturnUrl;
- if(empty($url)) // the user accesses the login page directly
- $url=$this->Service->DefaultPageUrl;
- $this->Response->redirect($url);
- }
- }
-}
-
+<?php + +class LoginUser extends TPage +{ + /** + * Validates whether the username and password are correct. + * This method responds to the TCustomValidator's OnServerValidate event. + * @param mixed event sender + * @param mixed event parameter + */ + public function validateUser($sender,$param) + { + $authManager=$this->Application->getModule('auth'); + if(!$authManager->login($this->Username->Text,$this->Password->Text)) + $param->IsValid=false; // tell the validator that validation fails + } + + /** + * Redirects the user's browser to appropriate URL if login succeeds. + * This method responds to the login button's OnClick event. + * @param mixed event sender + * @param mixed event parameter + */ + public function loginButtonClicked($sender,$param) + { + if($this->Page->IsValid) // all validations succeed + { + // obtain the URL of the privileged page that the user wanted to visit originally + $url=$this->Application->getModule('auth')->ReturnUrl; + if(empty($url)) // the user accesses the login page directly + $url=$this->Service->DefaultPageUrl; + $this->Response->redirect($url); + } + } +} + ?>
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/users/NewUser.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/users/NewUser.php index 76e8cb88..3bf6768a 100644 --- a/demos/blog-tutorial/samples/day5/blog/protected/pages/users/NewUser.php +++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/users/NewUser.php @@ -1,45 +1,45 @@ -<?php
-
-class NewUser extends TPage
-{
- /**
- * Checks whether the username exists in the database.
- * This method responds to the OnServerValidate event of username's custom validator.
- * @param mixed event sender
- * @param mixed event parameter
- */
- public function checkUsername($sender,$param)
- {
- // valid if the username is not found in the database
- $param->IsValid=UserRecord::finder()->findByPk($this->Username->Text)===null;
- }
-
- /**
- * Creates a new user account if all inputs are valid.
- * This method responds to the OnClick event of the "create" button.
- * @param mixed event sender
- * @param mixed event parameter
- */
- public function createButtonClicked($sender,$param)
- {
- if($this->IsValid) // when all validations succeed
- {
- // populates a UserRecord object with user inputs
- $userRecord=new UserRecord;
- $userRecord->username=$this->Username->Text;
- $userRecord->password=$this->Password->Text;
- $userRecord->email=$this->Email->Text;
- $userRecord->role=(int)$this->Role->SelectedValue;
- $userRecord->first_name=$this->FirstName->Text;
- $userRecord->last_name=$this->LastName->Text;
-
- // saves to the database via Active Record mechanism
- $userRecord->save();
-
- // redirects the browser to the homepage
- $this->Response->redirect($this->Service->DefaultPageUrl);
- }
- }
-}
-
+<?php + +class NewUser extends TPage +{ + /** + * Checks whether the username exists in the database. + * This method responds to the OnServerValidate event of username's custom validator. + * @param mixed event sender + * @param mixed event parameter + */ + public function checkUsername($sender,$param) + { + // valid if the username is not found in the database + $param->IsValid=UserRecord::finder()->findByPk($this->Username->Text)===null; + } + + /** + * Creates a new user account if all inputs are valid. + * This method responds to the OnClick event of the "create" button. + * @param mixed event sender + * @param mixed event parameter + */ + public function createButtonClicked($sender,$param) + { + if($this->IsValid) // when all validations succeed + { + // populates a UserRecord object with user inputs + $userRecord=new UserRecord; + $userRecord->username=$this->Username->Text; + $userRecord->password=$this->Password->Text; + $userRecord->email=$this->Email->Text; + $userRecord->role=(int)$this->Role->SelectedValue; + $userRecord->first_name=$this->FirstName->Text; + $userRecord->last_name=$this->LastName->Text; + + // saves to the database via Active Record mechanism + $userRecord->save(); + + // redirects the browser to the homepage + $this->Response->redirect($this->Service->DefaultPageUrl); + } + } +} + ?>
\ No newline at end of file |