diff options
Diffstat (limited to 'demos/blog/protected/Common')
-rw-r--r-- | demos/blog/protected/Common/BlogDataModule.php | 66 | ||||
-rw-r--r-- | demos/blog/protected/Common/BlogErrorHandler.php | 46 | ||||
-rw-r--r-- | demos/blog/protected/Common/BlogErrors.php | 23 | ||||
-rw-r--r-- | demos/blog/protected/Common/BlogException.php | 19 | ||||
-rw-r--r-- | demos/blog/protected/Common/BlogPage.php | 17 | ||||
-rw-r--r-- | demos/blog/protected/Common/BlogUser.php | 22 | ||||
-rw-r--r-- | demos/blog/protected/Common/BlogUserManager.php | 21 | ||||
-rw-r--r-- | demos/blog/protected/Common/messages.txt | 10 |
8 files changed, 176 insertions, 48 deletions
diff --git a/demos/blog/protected/Common/BlogDataModule.php b/demos/blog/protected/Common/BlogDataModule.php index 714743e7..a15701ab 100644 --- a/demos/blog/protected/Common/BlogDataModule.php +++ b/demos/blog/protected/Common/BlogDataModule.php @@ -1,7 +1,22 @@ <?php
-
-// post status: 0 - draft, 1 - published
-// comment status: 0 - awaiting approval, 1 - published
+/**
+ * BlogDataModule class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Revision: $ $Date: $
+ */
+
+/**
+ * BlogDataModule class
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ */
class BlogDataModule extends TModule
{
const DB_FILE_EXT='.db';
@@ -24,7 +39,7 @@ class BlogDataModule extends TModule public function setDbFile($value)
{
if(($this->_dbFile=Prado::getPathOfNamespace($value,self::DB_FILE_EXT))===null)
- throw new BlogException('blogdatamodule_dbfile_invalid',$value);
+ throw new BlogException(500,'blogdatamodule_dbfile_invalid',$value);
}
protected function createDatabase()
@@ -36,7 +51,7 @@ class BlogDataModule extends TModule if(trim($statement)!=='')
{
if(@sqlite_query($this->_db,$statement)===false)
- throw new BlogException('blogdatamodule_createdatabase_failed',sqlite_error_string(sqlite_last_error($this->_db)),$statement);
+ throw new BlogException(500,'blogdatamodule_createdatabase_failed',sqlite_error_string(sqlite_last_error($this->_db)),$statement);
}
}
}
@@ -47,7 +62,7 @@ class BlogDataModule extends TModule $newDb=!is_file($dbFile);
$error='';
if(($this->_db=sqlite_open($dbFile,0666,$error))===false)
- throw new BlogException('blogdatamodule_dbconnect_failed',$error);
+ throw new BlogException(500,'blogdatamodule_dbconnect_failed',$error);
if($newDb)
$this->createDatabase();
}
@@ -69,7 +84,7 @@ class BlogDataModule extends TModule if(($result=@sqlite_query($this->_db,$sql))!==false)
return $result;
else
- throw new BlogException('blogdatamodule_query_failed',sqlite_error_string(sqlite_last_error($this->_db)),$sql);
+ throw new BlogException(500,'blogdatamodule_query_failed',sqlite_error_string(sqlite_last_error($this->_db)),$sql);
}
protected function populateUserRecord($row)
@@ -143,8 +158,8 @@ class BlogDataModule extends TModule $website=sqlite_escape_string($user->Website);
$createTime=time();
$sql="INSERT INTO tblUsers ".
- "(name,full_name,role,passwd,email,reg_time,website) ".
- "VALUES ('$name','$fullName',{$user->Role},'$passwd','$email',$createTime,'$website')";
+ "(name,full_name,role,passwd,email,reg_time,status,website) ".
+ "VALUES ('$name','$fullName',{$user->Role},'$passwd','$email',$createTime,{$user->Status},'$website')";
$this->query($sql);
$user->ID=sqlite_last_insert_rowid($this->_db);
}
@@ -192,13 +207,11 @@ class BlogDataModule extends TModule return $postRecord;
}
- public function queryPosts($authorFilter,$timeFilter,$categoryFilter,$orderBy,$limit)
+ public function queryPosts($postFilter,$categoryFilter,$orderBy,$limit)
{
$filter='';
- if($authorFilter!=='')
- $filter.=" AND $authorFilter";
- if($timeFilter!=='')
- $filter.=" AND $timeFilter";
+ if($postFilter!=='')
+ $filter.=" AND $postFilter";
if($categoryFilter!=='')
$filter.=" AND a.id IN (SELECT post_id AS id FROM tblPost2Category WHERE $categoryFilter)";
$sql="SELECT a.id AS id,
@@ -221,13 +234,11 @@ class BlogDataModule extends TModule return $posts;
}
- public function queryPostCount($authorFilter,$timeFilter,$categoryFilter)
+ public function queryPostCount($postFilter,$categoryFilter)
{
$filter='';
- if($authorFilter!=='')
- $filter.=" AND $authorFilter";
- if($timeFilter!=='')
- $filter.=" AND $timeFilter";
+ if($postFilter!=='')
+ $filter.=" AND $postFilter";
if($categoryFilter!=='')
$filter.=" AND a.id IN (SELECT post_id AS id FROM tblPost2Category WHERE $categoryFilter)";
$sql="SELECT COUNT(a.id) AS post_count
@@ -261,6 +272,11 @@ class BlogDataModule extends TModule return null;
}
+ public function escapeString($string)
+ {
+ return sqlite_escape_string($string);
+ }
+
public function insertPost($post,$catIDs)
{
$title=sqlite_escape_string($post->Title);
@@ -382,7 +398,7 @@ class BlogDataModule extends TModule public function queryCategories()
{
- $sql="SELECT * FROM tblCategories";
+ $sql="SELECT * FROM tblCategories ORDER BY name ASC";
$result=$this->query($sql);
$rows=sqlite_fetch_all($result,SQLITE_ASSOC);
$cats=array();
@@ -398,7 +414,7 @@ class BlogDataModule extends TModule a.description AS description,
a.post_count AS post_count
FROM tblCategories a, tblPost2Category b
- WHERE a.id=b.category_id AND b.post_id=$postID";
+ WHERE a.id=b.category_id AND b.post_id=$postID ORDER BY a.name";
$result=$this->query($sql);
$rows=sqlite_fetch_all($result,SQLITE_ASSOC);
$cats=array();
@@ -486,6 +502,11 @@ class BlogDataModule extends TModule class UserRecord
{
+ const ROLE_USER=0;
+ const ROLE_ADMIN=1;
+ const STATUS_NORMAL=0;
+ const STATUS_DISABLED=1;
+ const STATUS_PENDING=2;
public $ID;
public $Name;
public $FullName;
@@ -500,6 +521,9 @@ class UserRecord class PostRecord
{
+ const STATUS_PUBLISHED=0;
+ const STATUS_DRAFT=1;
+ const STATUS_PENDING=2;
public $ID;
public $AuthorID;
public $AuthorName;
diff --git a/demos/blog/protected/Common/BlogErrorHandler.php b/demos/blog/protected/Common/BlogErrorHandler.php new file mode 100644 index 00000000..6dab2a29 --- /dev/null +++ b/demos/blog/protected/Common/BlogErrorHandler.php @@ -0,0 +1,46 @@ +<?php
+/**
+ * BlogErrorHandler class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Revision: $ $Date: $
+ */
+
+Prado::using('System.Exceptions.TErrorHandler');
+Prado::using('Application.Common.BlogException');
+
+/**
+ * BlogErrorHandler class
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ */
+class BlogErrorHandler extends TErrorHandler
+{
+ /**
+ * Displays error to the client user.
+ * THttpException and errors happened when the application is in <b>Debug</b>
+ * mode will be displayed to the client user.
+ * @param integer response status code
+ * @param Exception exception instance
+ */
+ protected function handleExternalError($statusCode,$exception)
+ {
+ if($exception instanceof BlogException)
+ {
+ $message=$exception->getMessage();
+ Prado::log($message,TLogger::ERROR,'BlogApplication');
+ $message=urldecode($this->getApplication()->getSecurityManager()->hashData($message));
+ $this->Response->redirect($this->Service->constructUrl('ErrorReport',array('msg'=>$message)));
+ }
+ else
+ parent::handleExternalError($statusCode,$exception);
+ }
+}
+
+?>
\ No newline at end of file diff --git a/demos/blog/protected/Common/BlogErrors.php b/demos/blog/protected/Common/BlogErrors.php deleted file mode 100644 index 501ec1c9..00000000 --- a/demos/blog/protected/Common/BlogErrors.php +++ /dev/null @@ -1,23 +0,0 @@ -<?php
-
-class BlogErrors
-{
- const ERROR_UKNOWN=0;
- const ERROR_POST_NOT_FOUND=1;
- const ERROR_USER_NOT_FOUND=2;
- const ERROR_PERMISSION_DENIED=3;
-
- private static $_errorMessages=array(
- self::ERROR_UKNOWN=>'Unknown error.',
- self::ERROR_POST_NOT_FOUND=>'The specified post cannot be found.',
- self::ERROR_USER_NOT_FOUND=>'The specified user account cannot be found.',
- self::ERROR_PERMISSION_DENIED=>'Sorry, you do not have permission to perform this action.',
- );
-
- public static function getMessage($errorCode)
- {
- return isset(self::$_errorMessages[$errorCode])?self::$_errorMessages[$errorCode]:self::$_errorMessages[0];
- }
-}
-
-?>
\ No newline at end of file diff --git a/demos/blog/protected/Common/BlogException.php b/demos/blog/protected/Common/BlogException.php index ab8020d1..64609366 100644 --- a/demos/blog/protected/Common/BlogException.php +++ b/demos/blog/protected/Common/BlogException.php @@ -1,6 +1,23 @@ <?php
+/**
+ * BlogException class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Revision: $ $Date: $
+ */
-class BlogException extends TApplicationException
+/**
+ * BlogException class
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ */
+class BlogException extends THttpException
{
/**
* @return string path to the error message file
diff --git a/demos/blog/protected/Common/BlogPage.php b/demos/blog/protected/Common/BlogPage.php index f69e4c48..85a995c0 100644 --- a/demos/blog/protected/Common/BlogPage.php +++ b/demos/blog/protected/Common/BlogPage.php @@ -1,5 +1,22 @@ <?php
+/**
+ * BlogPage class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Revision: $ $Date: $
+ */
+/**
+ * BlogPage class
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ */
class BlogPage extends TPage
{
public function onPreInit($param)
diff --git a/demos/blog/protected/Common/BlogUser.php b/demos/blog/protected/Common/BlogUser.php index af49c8d7..42a171a6 100644 --- a/demos/blog/protected/Common/BlogUser.php +++ b/demos/blog/protected/Common/BlogUser.php @@ -1,7 +1,24 @@ <?php
+/**
+ * BlogUser class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Revision: $ $Date: $
+ */
Prado::using('System.Security.TUser');
+/**
+ * BlogUser class
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ */
class BlogUser extends TUser
{
private $_id;
@@ -16,6 +33,11 @@ class BlogUser extends TUser $this->_id=$value;
}
+ public function getIsAdmin()
+ {
+ return $this->isInRole('admin');
+ }
+
public function saveToString()
{
$a=array($this->_id,parent::saveToString());
diff --git a/demos/blog/protected/Common/BlogUserManager.php b/demos/blog/protected/Common/BlogUserManager.php index c3ddb80b..3a7f4789 100644 --- a/demos/blog/protected/Common/BlogUserManager.php +++ b/demos/blog/protected/Common/BlogUserManager.php @@ -1,8 +1,25 @@ <?php
+/**
+ * BlogUserManager class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Revision: $ $Date: $
+ */
Prado::using('System.Security.IUserManager');
Prado::using('Application.Common.BlogUser');
+/**
+ * BlogUserManager class
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ */
class BlogUserManager extends TModule implements IUserManager
{
public function getGuestName()
@@ -29,7 +46,7 @@ class BlogUserManager extends TModule implements IUserManager $user->setID($userRecord->ID);
$user->setName($username);
$user->setIsGuest(false);
- $user->setRoles($userRecord->Role===0?'user':'admin');
+ $user->setRoles($userRecord->Role===UserRecord::ROLE_USER?'user':'admin');
return $user;
}
else
@@ -47,7 +64,7 @@ class BlogUserManager extends TModule implements IUserManager {
$db=$this->Application->getModule('data');
if(($userRecord=$db->queryUserByName($username))!==null)
- return $userRecord->Password===md5($password);
+ return $userRecord->Password===md5($password) && $userRecord->Status===UserRecord::STATUS_NORMAL;
else
return false;
}
diff --git a/demos/blog/protected/Common/messages.txt b/demos/blog/protected/Common/messages.txt index deb15ee3..2a18aac2 100644 --- a/demos/blog/protected/Common/messages.txt +++ b/demos/blog/protected/Common/messages.txt @@ -1,4 +1,12 @@ blogdatamodule_dbconnect_failed = Unable to connect to database: {0}
blogdatamodule_dbfile_invalid = BlogDataModule.DbFile='{0}' is invalid.
blogdatamodule_createdatabase_failed = BlogDataModule failed to create database when executing SQL: {1}. Last SQL error is: {0}.
-blogdatamodule_query_failed = Failed to execute SQL: {1}. Last SQL error is: {0}.
\ No newline at end of file +blogdatamodule_query_failed = Failed to execute SQL: {1}. Last SQL error is: {0}.
+
+newuser_registration_disallowed = The Weblog system is running in single user mode and does not allow new user registration.
+profile_edit_disallowed = You are not allowed to modify user profile {0}.
+profile_id_invalid = Unable to retrieve user profile {0}.
+
+post_id_invalid = Unable to retrieve post {0}.
+post_edit_disallowed = You are not allowed to modify post {0}.
+post_view_disallowed = You are not allowed to read post {0}.
\ No newline at end of file |