diff options
Diffstat (limited to 'demos/blog/protected/Common')
-rw-r--r-- | demos/blog/protected/Common/BlogDataModule.php | 1414 | ||||
-rw-r--r-- | demos/blog/protected/Common/BlogErrorHandler.php | 90 | ||||
-rw-r--r-- | demos/blog/protected/Common/BlogException.php | 60 | ||||
-rw-r--r-- | demos/blog/protected/Common/BlogPage.php | 96 | ||||
-rw-r--r-- | demos/blog/protected/Common/BlogUser.php | 118 | ||||
-rw-r--r-- | demos/blog/protected/Common/BlogUserManager.php | 188 | ||||
-rw-r--r-- | demos/blog/protected/Common/XListMenu.php | 252 |
7 files changed, 1109 insertions, 1109 deletions
diff --git a/demos/blog/protected/Common/BlogDataModule.php b/demos/blog/protected/Common/BlogDataModule.php index 26dfc5cf..a071ba9a 100644 --- a/demos/blog/protected/Common/BlogDataModule.php +++ b/demos/blog/protected/Common/BlogDataModule.php @@ -1,708 +1,708 @@ -<?php
-/**
- * BlogDataModule class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright © 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- */
-
-/**
- * BlogDataModule class
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright © 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- */
-class BlogDataModule extends TModule
-{
- const DB_FILE_EXT='.db';
- const DEFAULT_DB_FILE='Application.Data.Blog';
- private $_db=null;
- private $_dbFile=null;
-
- public function init($config)
- {
- $this->connectDatabase();
- }
-
- public function getDbFile()
- {
- if($this->_dbFile===null)
- $this->_dbFile=Prado::getPathOfNamespace(self::DEFAULT_DB_FILE,self::DB_FILE_EXT);
- return $this->_dbFile;
- }
-
- public function setDbFile($value)
- {
- if(($this->_dbFile=Prado::getPathOfNamespace($value,self::DB_FILE_EXT))===null)
- throw new BlogException(500,'blogdatamodule_dbfile_invalid',$value);
- }
-
- protected function createDatabase()
- {
- $schemaFile=dirname(__FILE__).'/schema.sql';
- $statements=explode(';',file_get_contents($schemaFile));
- foreach($statements as $statement)
- {
- if(trim($statement)!=='')
- {
- try {
- $command=$this->_db->createCommand($statement);
- $command->execute();
- }
- catch(TDbException $e)
- {
- throw new BlogException(500,'blogdatamodule_createdatabase_failed',$e->getErrorMessage(),$statement);
- }
- }
- }
- }
-
- protected function connectDatabase()
- {
- $dbFile=$this->getDbFile();
- $newDb=!is_file($dbFile);
-
- try {
- $this->_db=new TDbConnection("sqlite:".$dbFile);
- $this->_db->Active=true;
- }
- catch(TDbException $e)
- {
- throw new BlogException(500,'blogdatamodule_dbconnect_failed',$e->getErrorMessage());
- }
-
- if($newDb)
- $this->createDatabase();
- }
-
- protected function generateModifier($filter,$orderBy,$limit)
- {
- $modifier='';
- if($filter!=='')
- $modifier=' WHERE '.$filter;
- if($orderBy!=='')
- $modifier.=' ORDER BY '.$orderBy;
- if($limit!=='')
- $modifier.=' LIMIT '.$limit;
- return $modifier;
- }
-
- public function query($sql)
- {
- try {
- $command=$this->_db->createCommand($sql);
- return $command->query();
- }
- catch(TDbException $e)
- {
- throw new BlogException(500,'blogdatamodule_query_failed',$e->getErrorMessage(),$sql);
- }
- }
-
- protected function populateUserRecord($row)
- {
- $userRecord=new UserRecord;
- $userRecord->ID=(integer)$row['id'];
- $userRecord->Name=$row['name'];
- $userRecord->FullName=$row['full_name'];
- $userRecord->Role=(integer)$row['role'];
- $userRecord->Password=$row['passwd'];
- $userRecord->VerifyCode=$row['vcode'];
- $userRecord->Email=$row['email'];
- $userRecord->CreateTime=(integer)$row['reg_time'];
- $userRecord->Status=(integer)$row['status'];
- $userRecord->Website=$row['website'];
- return $userRecord;
- }
-
- public function queryUsers($filter='',$orderBy='',$limit='')
- {
- if($filter!=='')
- $filter='WHERE '.$filter;
- $sql="SELECT * FROM tblUsers $filter $orderBy $limit";
- $rows=$this->query($sql);
- $users=array();
- foreach($rows as $row)
- $users[]=$this->populateUserRecord($row);
- return $users;
- }
-
- public function queryUserCount($filter)
- {
- if($filter!=='')
- $filter='WHERE '.$filter;
- $sql="SELECT COUNT(id) AS user_count FROM tblUsers $filter";
- $result=$this->query($sql);
- if(($row=$result->read())!==false)
- return $row['user_count'];
- else
- return 0;
- }
-
- public function queryUserByID($id)
- {
- $sql="SELECT * FROM tblUsers WHERE id=$id";
- $result=$this->query($sql);
- if(($row=$result->read())!==false)
- return $this->populateUserRecord($row);
- else
- return null;
- }
-
- public function queryUserByName($name)
- {
- $command=$this->_db->createCommand("SELECT * FROM tblUsers WHERE name=?");
- $command->bindValue(1, $name);
-
- $result=$command->query();
-
- if(($row=$result->read())!==false)
- return $this->populateUserRecord($row);
- else
- return null;
- }
-
- public function insertUser($user)
- {
- $command=$this->_db->createCommand("INSERT INTO tblUsers ".
- "(name,full_name,role,passwd,email,reg_time,status,website) ".
- "VALUES (?,?,?,?,?,?,?,?)");
- $command->bindValue(1, $user->Name);
- $command->bindValue(2, $user->FullName);
- $command->bindValue(3, $user->Role);
- $command->bindValue(4, $user->Password);
- $command->bindValue(5, $user->Email);
- $command->bindValue(6, time());
- $command->bindValue(7, $user->Status);
- $command->bindValue(8, $user->Website);
- $command->execute();
-
- $user->ID=$this->_db->getLastInsertID();
- }
-
- public function updateUser($user)
- {
- $command=$this->_db->createCommand("UPDATE tblUsers SET
- name=?,
- full_name=?,
- role=?,
- passwd=?,
- vcode=?,
- email=?,
- status=?,
- website=?
- WHERE id=?");
- $command->bindValue(1, $user->Name);
- $command->bindValue(2, $user->FullName);
- $command->bindValue(3, $user->Role);
- $command->bindValue(4, $user->Password);
- $command->bindValue(5, $user->VerifyCode);
- $command->bindValue(6, $user->Email);
- $command->bindValue(7, $user->Status);
- $command->bindValue(8, $user->Website);
- $command->bindValue(9, $user->ID);
- $command->execute();
- }
-
- public function deleteUser($id)
- {
- $command=$this->_db->createCommand("DELETE FROM tblUsers WHERE id=?");
- $command->bindValue(1, $id);
- $command->execute();
- }
-
- protected function populatePostRecord($row)
- {
- $postRecord=new PostRecord;
- $postRecord->ID=(integer)$row['id'];
- $postRecord->AuthorID=(integer)$row['author_id'];
- if($row['author_full_name']!=='')
- $postRecord->AuthorName=$row['author_full_name'];
- else
- $postRecord->AuthorName=$row['author_name'];
- $postRecord->CreateTime=(integer)$row['create_time'];
- $postRecord->ModifyTime=(integer)$row['modify_time'];
- $postRecord->Title=$row['title'];
- $postRecord->Content=$row['content'];
- $postRecord->Status=(integer)$row['status'];
- $postRecord->CommentCount=(integer)$row['comment_count'];
- return $postRecord;
- }
-
- public function queryPosts($postFilter,$categoryFilter,$orderBy,$limit)
- {
- //FIXME this is insecure by design since it misses proper escaping
- $filter='';
- if($postFilter!=='')
- $filter.=" AND $postFilter";
- if($categoryFilter!=='')
- $filter.=" AND a.id IN (SELECT post_id AS id FROM tblPost2Category WHERE $categoryFilter)";
- $sql="SELECT a.id AS id,
- a.author_id AS author_id,
- b.name AS author_name,
- b.full_name AS author_full_name,
- a.create_time AS create_time,
- a.modify_time AS modify_time,
- a.title AS title,
- a.content AS content,
- a.status AS status,
- a.comment_count AS comment_count
- FROM tblPosts a, tblUsers b
- WHERE a.author_id=b.id $filter $orderBy $limit";
- $rows=$this->query($sql);
- $posts=array();
- foreach($rows as $row)
- $posts[]=$this->populatePostRecord($row);
- return $posts;
- }
-
- public function queryPostsSearch($keywords,$orderBy,$limit)
- {
- $sql="SELECT a.id AS id,
- a.author_id AS author_id,
- b.name AS author_name,
- b.full_name AS author_full_name,
- a.create_time AS create_time,
- a.modify_time AS modify_time,
- a.title AS title,
- a.content AS content,
- a.status AS status,
- a.comment_count AS comment_count
- FROM tblPosts a, tblUsers b
- WHERE a.author_id=b.id AND a.status=0";
-
- foreach($keywords as $keyword)
- $sql.=" AND (content LIKE ? OR title LIKE ?)";
-
- $sql.=" $orderBy $limit";
-
- $command=$this->_db->createCommand($sql);
-
- $i=1;
- foreach($keywords as $keyword)
- {
- $command->bindValue($i, "%".$keyword."%");
- $i++;
- }
-
- $rows=$command->query();
-
- $posts=array();
- foreach($rows as $row)
- $posts[]=$this->populatePostRecord($row);
- return $posts;
-
- }
-
- public function queryPostCount($postFilter,$categoryFilter)
- {
- //FIXME this is insecure by design since it misses proper escaping
- $filter='';
- if($postFilter!=='')
- $filter.=" AND $postFilter";
- if($categoryFilter!=='')
- $filter.=" AND a.id IN (SELECT post_id AS id FROM tblPost2Category WHERE $categoryFilter)";
- $sql="SELECT COUNT(a.id) AS post_count
- FROM tblPosts a, tblUsers b
- WHERE a.author_id=b.id $filter";
- $result=$this->query($sql);
- if(($row=$result->read())!==false)
- return $row['post_count'];
- else
- return 0;
- }
-
- public function queryPostByID($id)
- {
- $sql="SELECT a.id AS id,
- a.author_id AS author_id,
- b.name AS author_name,
- b.full_name AS author_full_name,
- a.create_time AS create_time,
- a.modify_time AS modify_time,
- a.title AS title,
- a.content AS content,
- a.status AS status,
- a.comment_count AS comment_count
- FROM tblPosts a, tblUsers b
- WHERE a.id=? AND a.author_id=b.id";
-
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $id);
-
- $result=$command->query();
-
- if(($row=$result->read())!==false)
- return $this->populatePostRecord($row);
- else
- return null;
- }
-
- public function insertPost($post,$catIDs)
- {
- $command=$this->_db->createCommand("INSERT INTO tblPosts
- (author_id,create_time,modify_time,title,content,status)
- VALUES (?,?,?,?,?,?)");
- $command->bindValue(1, $post->AuthorID);
- $command->bindValue(2, $post->CreateTime);
- $command->bindValue(3, $post->ModifyTime);
- $command->bindValue(4, $post->Title);
- $command->bindValue(5, $post->Content);
- $command->bindValue(6, $post->Status);
-
- $command->execute();
- $post->ID=$this->_db->getLastInsertID();
- foreach($catIDs as $catID)
- $this->insertPostCategory($post->ID,$catID);
- }
-
- public function updatePost($post,$newCatIDs=null)
- {
- if($newCatIDs!==null)
- {
- $cats=$this->queryCategoriesByPostID($post->ID);
- $catIDs=array();
- foreach($cats as $cat)
- $catIDs[]=$cat->ID;
- $deleteIDs=array_diff($catIDs,$newCatIDs);
- foreach($deleteIDs as $id)
- $this->deletePostCategory($post->ID,$id);
- $insertIDs=array_diff($newCatIDs,$catIDs);
- foreach($insertIDs as $id)
- $this->insertPostCategory($post->ID,$id);
- }
-
- $command=$this->_db->createCommand("UPDATE tblPosts SET
- modify_time=?,
- title=?,
- content=?,
- status=?
- WHERE id=?");
- $command->bindValue(1, $post->ModifyTime);
- $command->bindValue(2, $post->Title);
- $command->bindValue(3, $post->Content);
- $command->bindValue(4, $post->Status);
- $command->bindValue(5, $post->ID);
-
- $command->execute();
- }
-
- public function deletePost($id)
- {
- $cats=$this->queryCategoriesByPostID($id);
- foreach($cats as $cat)
- $this->deletePostCategory($id,$cat->ID);
-
- $command=$this->_db->createCommand("DELETE FROM tblComments WHERE post_id=?");
- $command->bindValue(1, $id);
- $command->execute();
-
- $command=$this->_db->createCommand("DELETE FROM tblPosts WHERE id=?");
- $command->bindValue(1, $id);
- $command->execute();
- }
-
- protected function populateCommentRecord($row)
- {
- $commentRecord=new CommentRecord;
- $commentRecord->ID=(integer)$row['id'];
- $commentRecord->PostID=(integer)$row['post_id'];
- $commentRecord->AuthorName=$row['author_name'];
- $commentRecord->AuthorEmail=$row['author_email'];
- $commentRecord->AuthorWebsite=$row['author_website'];
- $commentRecord->AuthorIP=$row['author_ip'];
- $commentRecord->CreateTime=(integer)$row['create_time'];
- $commentRecord->Content=$row['content'];
- $commentRecord->Status=(integer)$row['status'];
- return $commentRecord;
- }
-
- public function queryComments($filter,$orderBy,$limit)
- {
- //FIXME this is insecure by design since it misses proper escaping
- if($filter!=='')
- $filter='WHERE '.$filter;
- $sql="SELECT * FROM tblComments $filter $orderBy $limit";
- $rows=$this->query($sql);
- $comments=array();
- foreach($rows as $row)
- $comments[]=$this->populateCommentRecord($row);
- return $comments;
- }
-
- public function queryCommentsByPostID($id)
- {
- $sql="SELECT * FROM tblComments WHERE post_id=? ORDER BY create_time DESC";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $id);
-
- $rows=$command->query();
-
- $comments=array();
- foreach($rows as $row)
- $comments[]=$this->populateCommentRecord($row);
- return $comments;
- }
-
- public function insertComment($comment)
- {
- $sql="INSERT INTO tblComments
- (post_id,author_name,author_email,author_website,author_ip,create_time,status,content)
- VALUES (?,?,?,?,?,?,?,?)";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $comment->PostID);
- $command->bindValue(2, $comment->AuthorName);
- $command->bindValue(3, $comment->AuthorEmail);
- $command->bindValue(4, $comment->AuthorWebsite);
- $command->bindValue(5, $comment->AuthorIP);
- $command->bindValue(6, $comment->CreateTime);
- $command->bindValue(7, $comment->Status);
- $command->bindValue(8, $comment->Content);
-
- $command->execute();
- $comment->ID=$this->_db->getLastInsertID();
- $this->query("UPDATE tblPosts SET comment_count=comment_count+1 WHERE id={$comment->PostID}");
- }
-
- public function updateComment($comment)
- {
- $sql="UPDATE tblComments SET status=? WHERE id=?";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $comment->Status);
- $command->bindValue(2, $comment->ID);
-
- $command->execute();
- }
-
- public function deleteComment($id)
- {
- $sql="SELECT post_id FROM tblComments WHERE id=?";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $id);
- $result=$command->query();
-
- if(($row=$result->read())!==false)
- {
- $command=$this->_db->createCommand("DELETE FROM tblComments WHERE id=?");
- $command->bindValue(1, $id);
- $command->execute();
-
- $command=$this->_db->createCommand("UPDATE tblPosts SET comment_count=comment_count-1 WHERE id=?");
- $command->bindValue(1, $row['post_id']);
- $command->execute();
- }
- }
-
- protected function populateCategoryRecord($row)
- {
- $catRecord=new CategoryRecord;
- $catRecord->ID=(integer)$row['id'];
- $catRecord->Name=$row['name'];
- $catRecord->Description=$row['description'];
- $catRecord->PostCount=$row['post_count'];
- return $catRecord;
- }
-
- public function queryCategories()
- {
- $sql="SELECT * FROM tblCategories ORDER BY name ASC";
- $rows=$this->query($sql);
- $cats=array();
- foreach($rows as $row)
- $cats[]=$this->populateCategoryRecord($row);
- return $cats;
- }
-
- public function queryCategoriesByPostID($postID)
- {
- $sql="SELECT a.id AS id,
- a.name AS name,
- a.description AS description,
- a.post_count AS post_count
- FROM tblCategories a, tblPost2Category b
- WHERE a.id=b.category_id AND b.post_id=? ORDER BY a.name";
-
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $postID);
- $rows=$command->query();
-
- $cats=array();
- foreach($rows as $row)
- $cats[]=$this->populateCategoryRecord($row);
- return $cats;
- }
-
- public function queryCategoryByID($id)
- {
- $sql="SELECT * FROM tblCategories WHERE id=?";
-
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $id);
- $result=$command->query();
-
- if(($row=$result->read())!==false)
- return $this->populateCategoryRecord($row);
- else
- return null;
- }
-
- public function queryCategoryByName($name)
- {
- $sql="SELECT * FROM tblCategories WHERE name=?";
-
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $name);
- $result=$command->query();
-
- if(($row=$result->read())!==false)
- return $this->populateCategoryRecord($row);
- else
- return null;
- }
-
- public function insertCategory($category)
- {
- $sql="INSERT INTO tblCategories
- (name,description)
- VALUES (?,?)";
-
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $category->Name);
- $command->bindValue(2, $category->Description);
- $command->execute();
-
- $category->ID=$this->_db->getLastInsertID();
- }
-
- public function updateCategory($category)
- {
- $sql="UPDATE tblCategories SET name=?, description=?, post_count=? WHERE id=?";
-
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $category->Name);
- $command->bindValue(2, $category->Description);
- $command->bindValue(3, $category->PostCount);
- $command->bindValue(4, $category->ID);
-
- $command->execute();
- }
-
- public function deleteCategory($id)
- {
- $sql="DELETE FROM tblPost2Category WHERE category_id=?";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $id);
- $command->execute();
-
- $sql="DELETE FROM tblCategories WHERE id=?";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $id);
- $command->execute();
- }
-
- public function insertPostCategory($postID,$categoryID)
- {
- $sql="INSERT INTO tblPost2Category (post_id, category_id) VALUES (?, ?)";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $postID);
- $command->bindValue(2, $categoryID);
- $command->execute();
-
- $sql="UPDATE tblCategories SET post_count=post_count+1 WHERE id=?";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $categoryID);
- $command->execute();
-
- }
-
- public function deletePostCategory($postID,$categoryID)
- {
- $sql="DELETE FROM tblPost2Category WHERE post_id=? AND category_id=?";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $postID);
- $command->bindValue(2, $categoryID);
- $result=$command->query();
-
- if($result->getRowCount()>0)
- {
- $sql="UPDATE tblCategories SET post_count=post_count-1 WHERE id=?";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $categoryID);
- $command->execute();
- }
- }
-
- public function queryEarliestPostTime()
- {
- $sql="SELECT MIN(create_time) AS create_time FROM tblPosts";
- $result=$this->query($sql);
- if(($row=$result->read())!==false)
- return $row['create_time'];
- else
- return time();
- }
-}
-
-class UserRecord
-{
- const ROLE_USER=0;
- const ROLE_ADMIN=1;
- const STATUS_NORMAL=0;
- const STATUS_DISABLED=1;
- const STATUS_PENDING=2;
- public $ID;
- public $Name;
- public $FullName;
- public $Role;
- public $Password;
- public $VerifyCode;
- public $Email;
- public $CreateTime;
- public $Status;
- public $Website;
-}
-
-class PostRecord
-{
- const STATUS_PUBLISHED=0;
- const STATUS_DRAFT=1;
- const STATUS_PENDING=2;
- const STATUS_STICKY=3;
- public $ID;
- public $AuthorID;
- public $AuthorName;
- public $CreateTime;
- public $ModifyTime;
- public $Title;
- public $Content;
- public $Status;
- public $CommentCount;
-}
-
-class CommentRecord
-{
- public $ID;
- public $PostID;
- public $AuthorName;
- public $AuthorEmail;
- public $AuthorWebsite;
- public $AuthorIP;
- public $CreateTime;
- public $Status;
- public $Content;
-}
-
-class CategoryRecord
-{
- public $ID;
- public $Name;
- public $Description;
- public $PostCount;
-}
-
+<?php +/** + * BlogDataModule class file + * + * @author Qiang Xue <qiang.xue@gmail.com> + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Id$ + */ + +/** + * BlogDataModule class + * + * @author Qiang Xue <qiang.xue@gmail.com> + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + */ +class BlogDataModule extends TModule +{ + const DB_FILE_EXT='.db'; + const DEFAULT_DB_FILE='Application.Data.Blog'; + private $_db=null; + private $_dbFile=null; + + public function init($config) + { + $this->connectDatabase(); + } + + public function getDbFile() + { + if($this->_dbFile===null) + $this->_dbFile=Prado::getPathOfNamespace(self::DEFAULT_DB_FILE,self::DB_FILE_EXT); + return $this->_dbFile; + } + + public function setDbFile($value) + { + if(($this->_dbFile=Prado::getPathOfNamespace($value,self::DB_FILE_EXT))===null) + throw new BlogException(500,'blogdatamodule_dbfile_invalid',$value); + } + + protected function createDatabase() + { + $schemaFile=dirname(__FILE__).'/schema.sql'; + $statements=explode(';',file_get_contents($schemaFile)); + foreach($statements as $statement) + { + if(trim($statement)!=='') + { + try { + $command=$this->_db->createCommand($statement); + $command->execute(); + } + catch(TDbException $e) + { + throw new BlogException(500,'blogdatamodule_createdatabase_failed',$e->getErrorMessage(),$statement); + } + } + } + } + + protected function connectDatabase() + { + $dbFile=$this->getDbFile(); + $newDb=!is_file($dbFile); + + try { + $this->_db=new TDbConnection("sqlite:".$dbFile); + $this->_db->Active=true; + } + catch(TDbException $e) + { + throw new BlogException(500,'blogdatamodule_dbconnect_failed',$e->getErrorMessage()); + } + + if($newDb) + $this->createDatabase(); + } + + protected function generateModifier($filter,$orderBy,$limit) + { + $modifier=''; + if($filter!=='') + $modifier=' WHERE '.$filter; + if($orderBy!=='') + $modifier.=' ORDER BY '.$orderBy; + if($limit!=='') + $modifier.=' LIMIT '.$limit; + return $modifier; + } + + public function query($sql) + { + try { + $command=$this->_db->createCommand($sql); + return $command->query(); + } + catch(TDbException $e) + { + throw new BlogException(500,'blogdatamodule_query_failed',$e->getErrorMessage(),$sql); + } + } + + protected function populateUserRecord($row) + { + $userRecord=new UserRecord; + $userRecord->ID=(integer)$row['id']; + $userRecord->Name=$row['name']; + $userRecord->FullName=$row['full_name']; + $userRecord->Role=(integer)$row['role']; + $userRecord->Password=$row['passwd']; + $userRecord->VerifyCode=$row['vcode']; + $userRecord->Email=$row['email']; + $userRecord->CreateTime=(integer)$row['reg_time']; + $userRecord->Status=(integer)$row['status']; + $userRecord->Website=$row['website']; + return $userRecord; + } + + public function queryUsers($filter='',$orderBy='',$limit='') + { + if($filter!=='') + $filter='WHERE '.$filter; + $sql="SELECT * FROM tblUsers $filter $orderBy $limit"; + $rows=$this->query($sql); + $users=array(); + foreach($rows as $row) + $users[]=$this->populateUserRecord($row); + return $users; + } + + public function queryUserCount($filter) + { + if($filter!=='') + $filter='WHERE '.$filter; + $sql="SELECT COUNT(id) AS user_count FROM tblUsers $filter"; + $result=$this->query($sql); + if(($row=$result->read())!==false) + return $row['user_count']; + else + return 0; + } + + public function queryUserByID($id) + { + $sql="SELECT * FROM tblUsers WHERE id=$id"; + $result=$this->query($sql); + if(($row=$result->read())!==false) + return $this->populateUserRecord($row); + else + return null; + } + + public function queryUserByName($name) + { + $command=$this->_db->createCommand("SELECT * FROM tblUsers WHERE name=?"); + $command->bindValue(1, $name); + + $result=$command->query(); + + if(($row=$result->read())!==false) + return $this->populateUserRecord($row); + else + return null; + } + + public function insertUser($user) + { + $command=$this->_db->createCommand("INSERT INTO tblUsers ". + "(name,full_name,role,passwd,email,reg_time,status,website) ". + "VALUES (?,?,?,?,?,?,?,?)"); + $command->bindValue(1, $user->Name); + $command->bindValue(2, $user->FullName); + $command->bindValue(3, $user->Role); + $command->bindValue(4, $user->Password); + $command->bindValue(5, $user->Email); + $command->bindValue(6, time()); + $command->bindValue(7, $user->Status); + $command->bindValue(8, $user->Website); + $command->execute(); + + $user->ID=$this->_db->getLastInsertID(); + } + + public function updateUser($user) + { + $command=$this->_db->createCommand("UPDATE tblUsers SET + name=?, + full_name=?, + role=?, + passwd=?, + vcode=?, + email=?, + status=?, + website=? + WHERE id=?"); + $command->bindValue(1, $user->Name); + $command->bindValue(2, $user->FullName); + $command->bindValue(3, $user->Role); + $command->bindValue(4, $user->Password); + $command->bindValue(5, $user->VerifyCode); + $command->bindValue(6, $user->Email); + $command->bindValue(7, $user->Status); + $command->bindValue(8, $user->Website); + $command->bindValue(9, $user->ID); + $command->execute(); + } + + public function deleteUser($id) + { + $command=$this->_db->createCommand("DELETE FROM tblUsers WHERE id=?"); + $command->bindValue(1, $id); + $command->execute(); + } + + protected function populatePostRecord($row) + { + $postRecord=new PostRecord; + $postRecord->ID=(integer)$row['id']; + $postRecord->AuthorID=(integer)$row['author_id']; + if($row['author_full_name']!=='') + $postRecord->AuthorName=$row['author_full_name']; + else + $postRecord->AuthorName=$row['author_name']; + $postRecord->CreateTime=(integer)$row['create_time']; + $postRecord->ModifyTime=(integer)$row['modify_time']; + $postRecord->Title=$row['title']; + $postRecord->Content=$row['content']; + $postRecord->Status=(integer)$row['status']; + $postRecord->CommentCount=(integer)$row['comment_count']; + return $postRecord; + } + + public function queryPosts($postFilter,$categoryFilter,$orderBy,$limit) + { + //FIXME this is insecure by design since it misses proper escaping + $filter=''; + if($postFilter!=='') + $filter.=" AND $postFilter"; + if($categoryFilter!=='') + $filter.=" AND a.id IN (SELECT post_id AS id FROM tblPost2Category WHERE $categoryFilter)"; + $sql="SELECT a.id AS id, + a.author_id AS author_id, + b.name AS author_name, + b.full_name AS author_full_name, + a.create_time AS create_time, + a.modify_time AS modify_time, + a.title AS title, + a.content AS content, + a.status AS status, + a.comment_count AS comment_count + FROM tblPosts a, tblUsers b + WHERE a.author_id=b.id $filter $orderBy $limit"; + $rows=$this->query($sql); + $posts=array(); + foreach($rows as $row) + $posts[]=$this->populatePostRecord($row); + return $posts; + } + + public function queryPostsSearch($keywords,$orderBy,$limit) + { + $sql="SELECT a.id AS id, + a.author_id AS author_id, + b.name AS author_name, + b.full_name AS author_full_name, + a.create_time AS create_time, + a.modify_time AS modify_time, + a.title AS title, + a.content AS content, + a.status AS status, + a.comment_count AS comment_count + FROM tblPosts a, tblUsers b + WHERE a.author_id=b.id AND a.status=0"; + + foreach($keywords as $keyword) + $sql.=" AND (content LIKE ? OR title LIKE ?)"; + + $sql.=" $orderBy $limit"; + + $command=$this->_db->createCommand($sql); + + $i=1; + foreach($keywords as $keyword) + { + $command->bindValue($i, "%".$keyword."%"); + $i++; + } + + $rows=$command->query(); + + $posts=array(); + foreach($rows as $row) + $posts[]=$this->populatePostRecord($row); + return $posts; + + } + + public function queryPostCount($postFilter,$categoryFilter) + { + //FIXME this is insecure by design since it misses proper escaping + $filter=''; + if($postFilter!=='') + $filter.=" AND $postFilter"; + if($categoryFilter!=='') + $filter.=" AND a.id IN (SELECT post_id AS id FROM tblPost2Category WHERE $categoryFilter)"; + $sql="SELECT COUNT(a.id) AS post_count + FROM tblPosts a, tblUsers b + WHERE a.author_id=b.id $filter"; + $result=$this->query($sql); + if(($row=$result->read())!==false) + return $row['post_count']; + else + return 0; + } + + public function queryPostByID($id) + { + $sql="SELECT a.id AS id, + a.author_id AS author_id, + b.name AS author_name, + b.full_name AS author_full_name, + a.create_time AS create_time, + a.modify_time AS modify_time, + a.title AS title, + a.content AS content, + a.status AS status, + a.comment_count AS comment_count + FROM tblPosts a, tblUsers b + WHERE a.id=? AND a.author_id=b.id"; + + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $id); + + $result=$command->query(); + + if(($row=$result->read())!==false) + return $this->populatePostRecord($row); + else + return null; + } + + public function insertPost($post,$catIDs) + { + $command=$this->_db->createCommand("INSERT INTO tblPosts + (author_id,create_time,modify_time,title,content,status) + VALUES (?,?,?,?,?,?)"); + $command->bindValue(1, $post->AuthorID); + $command->bindValue(2, $post->CreateTime); + $command->bindValue(3, $post->ModifyTime); + $command->bindValue(4, $post->Title); + $command->bindValue(5, $post->Content); + $command->bindValue(6, $post->Status); + + $command->execute(); + $post->ID=$this->_db->getLastInsertID(); + foreach($catIDs as $catID) + $this->insertPostCategory($post->ID,$catID); + } + + public function updatePost($post,$newCatIDs=null) + { + if($newCatIDs!==null) + { + $cats=$this->queryCategoriesByPostID($post->ID); + $catIDs=array(); + foreach($cats as $cat) + $catIDs[]=$cat->ID; + $deleteIDs=array_diff($catIDs,$newCatIDs); + foreach($deleteIDs as $id) + $this->deletePostCategory($post->ID,$id); + $insertIDs=array_diff($newCatIDs,$catIDs); + foreach($insertIDs as $id) + $this->insertPostCategory($post->ID,$id); + } + + $command=$this->_db->createCommand("UPDATE tblPosts SET + modify_time=?, + title=?, + content=?, + status=? + WHERE id=?"); + $command->bindValue(1, $post->ModifyTime); + $command->bindValue(2, $post->Title); + $command->bindValue(3, $post->Content); + $command->bindValue(4, $post->Status); + $command->bindValue(5, $post->ID); + + $command->execute(); + } + + public function deletePost($id) + { + $cats=$this->queryCategoriesByPostID($id); + foreach($cats as $cat) + $this->deletePostCategory($id,$cat->ID); + + $command=$this->_db->createCommand("DELETE FROM tblComments WHERE post_id=?"); + $command->bindValue(1, $id); + $command->execute(); + + $command=$this->_db->createCommand("DELETE FROM tblPosts WHERE id=?"); + $command->bindValue(1, $id); + $command->execute(); + } + + protected function populateCommentRecord($row) + { + $commentRecord=new CommentRecord; + $commentRecord->ID=(integer)$row['id']; + $commentRecord->PostID=(integer)$row['post_id']; + $commentRecord->AuthorName=$row['author_name']; + $commentRecord->AuthorEmail=$row['author_email']; + $commentRecord->AuthorWebsite=$row['author_website']; + $commentRecord->AuthorIP=$row['author_ip']; + $commentRecord->CreateTime=(integer)$row['create_time']; + $commentRecord->Content=$row['content']; + $commentRecord->Status=(integer)$row['status']; + return $commentRecord; + } + + public function queryComments($filter,$orderBy,$limit) + { + //FIXME this is insecure by design since it misses proper escaping + if($filter!=='') + $filter='WHERE '.$filter; + $sql="SELECT * FROM tblComments $filter $orderBy $limit"; + $rows=$this->query($sql); + $comments=array(); + foreach($rows as $row) + $comments[]=$this->populateCommentRecord($row); + return $comments; + } + + public function queryCommentsByPostID($id) + { + $sql="SELECT * FROM tblComments WHERE post_id=? ORDER BY create_time DESC"; + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $id); + + $rows=$command->query(); + + $comments=array(); + foreach($rows as $row) + $comments[]=$this->populateCommentRecord($row); + return $comments; + } + + public function insertComment($comment) + { + $sql="INSERT INTO tblComments + (post_id,author_name,author_email,author_website,author_ip,create_time,status,content) + VALUES (?,?,?,?,?,?,?,?)"; + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $comment->PostID); + $command->bindValue(2, $comment->AuthorName); + $command->bindValue(3, $comment->AuthorEmail); + $command->bindValue(4, $comment->AuthorWebsite); + $command->bindValue(5, $comment->AuthorIP); + $command->bindValue(6, $comment->CreateTime); + $command->bindValue(7, $comment->Status); + $command->bindValue(8, $comment->Content); + + $command->execute(); + $comment->ID=$this->_db->getLastInsertID(); + $this->query("UPDATE tblPosts SET comment_count=comment_count+1 WHERE id={$comment->PostID}"); + } + + public function updateComment($comment) + { + $sql="UPDATE tblComments SET status=? WHERE id=?"; + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $comment->Status); + $command->bindValue(2, $comment->ID); + + $command->execute(); + } + + public function deleteComment($id) + { + $sql="SELECT post_id FROM tblComments WHERE id=?"; + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $id); + $result=$command->query(); + + if(($row=$result->read())!==false) + { + $command=$this->_db->createCommand("DELETE FROM tblComments WHERE id=?"); + $command->bindValue(1, $id); + $command->execute(); + + $command=$this->_db->createCommand("UPDATE tblPosts SET comment_count=comment_count-1 WHERE id=?"); + $command->bindValue(1, $row['post_id']); + $command->execute(); + } + } + + protected function populateCategoryRecord($row) + { + $catRecord=new CategoryRecord; + $catRecord->ID=(integer)$row['id']; + $catRecord->Name=$row['name']; + $catRecord->Description=$row['description']; + $catRecord->PostCount=$row['post_count']; + return $catRecord; + } + + public function queryCategories() + { + $sql="SELECT * FROM tblCategories ORDER BY name ASC"; + $rows=$this->query($sql); + $cats=array(); + foreach($rows as $row) + $cats[]=$this->populateCategoryRecord($row); + return $cats; + } + + public function queryCategoriesByPostID($postID) + { + $sql="SELECT a.id AS id, + a.name AS name, + a.description AS description, + a.post_count AS post_count + FROM tblCategories a, tblPost2Category b + WHERE a.id=b.category_id AND b.post_id=? ORDER BY a.name"; + + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $postID); + $rows=$command->query(); + + $cats=array(); + foreach($rows as $row) + $cats[]=$this->populateCategoryRecord($row); + return $cats; + } + + public function queryCategoryByID($id) + { + $sql="SELECT * FROM tblCategories WHERE id=?"; + + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $id); + $result=$command->query(); + + if(($row=$result->read())!==false) + return $this->populateCategoryRecord($row); + else + return null; + } + + public function queryCategoryByName($name) + { + $sql="SELECT * FROM tblCategories WHERE name=?"; + + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $name); + $result=$command->query(); + + if(($row=$result->read())!==false) + return $this->populateCategoryRecord($row); + else + return null; + } + + public function insertCategory($category) + { + $sql="INSERT INTO tblCategories + (name,description) + VALUES (?,?)"; + + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $category->Name); + $command->bindValue(2, $category->Description); + $command->execute(); + + $category->ID=$this->_db->getLastInsertID(); + } + + public function updateCategory($category) + { + $sql="UPDATE tblCategories SET name=?, description=?, post_count=? WHERE id=?"; + + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $category->Name); + $command->bindValue(2, $category->Description); + $command->bindValue(3, $category->PostCount); + $command->bindValue(4, $category->ID); + + $command->execute(); + } + + public function deleteCategory($id) + { + $sql="DELETE FROM tblPost2Category WHERE category_id=?"; + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $id); + $command->execute(); + + $sql="DELETE FROM tblCategories WHERE id=?"; + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $id); + $command->execute(); + } + + public function insertPostCategory($postID,$categoryID) + { + $sql="INSERT INTO tblPost2Category (post_id, category_id) VALUES (?, ?)"; + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $postID); + $command->bindValue(2, $categoryID); + $command->execute(); + + $sql="UPDATE tblCategories SET post_count=post_count+1 WHERE id=?"; + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $categoryID); + $command->execute(); + + } + + public function deletePostCategory($postID,$categoryID) + { + $sql="DELETE FROM tblPost2Category WHERE post_id=? AND category_id=?"; + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $postID); + $command->bindValue(2, $categoryID); + $result=$command->query(); + + if($result->getRowCount()>0) + { + $sql="UPDATE tblCategories SET post_count=post_count-1 WHERE id=?"; + $command=$this->_db->createCommand($sql); + $command->bindValue(1, $categoryID); + $command->execute(); + } + } + + public function queryEarliestPostTime() + { + $sql="SELECT MIN(create_time) AS create_time FROM tblPosts"; + $result=$this->query($sql); + if(($row=$result->read())!==false) + return $row['create_time']; + else + return time(); + } +} + +class UserRecord +{ + const ROLE_USER=0; + const ROLE_ADMIN=1; + const STATUS_NORMAL=0; + const STATUS_DISABLED=1; + const STATUS_PENDING=2; + public $ID; + public $Name; + public $FullName; + public $Role; + public $Password; + public $VerifyCode; + public $Email; + public $CreateTime; + public $Status; + public $Website; +} + +class PostRecord +{ + const STATUS_PUBLISHED=0; + const STATUS_DRAFT=1; + const STATUS_PENDING=2; + const STATUS_STICKY=3; + public $ID; + public $AuthorID; + public $AuthorName; + public $CreateTime; + public $ModifyTime; + public $Title; + public $Content; + public $Status; + public $CommentCount; +} + +class CommentRecord +{ + public $ID; + public $PostID; + public $AuthorName; + public $AuthorEmail; + public $AuthorWebsite; + public $AuthorIP; + public $CreateTime; + public $Status; + public $Content; +} + +class CategoryRecord +{ + public $ID; + public $Name; + public $Description; + public $PostCount; +} + ?>
\ No newline at end of file diff --git a/demos/blog/protected/Common/BlogErrorHandler.php b/demos/blog/protected/Common/BlogErrorHandler.php index 06042be1..f5144fff 100644 --- a/demos/blog/protected/Common/BlogErrorHandler.php +++ b/demos/blog/protected/Common/BlogErrorHandler.php @@ -1,46 +1,46 @@ -<?php
-/**
- * BlogErrorHandler class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright © 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- */
-
-Prado::using('System.Exceptions.TErrorHandler');
-Prado::using('Application.Common.BlogException');
-
-/**
- * BlogErrorHandler class
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright © 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- */
-class BlogErrorHandler extends TErrorHandler
-{
- /**
- * Displays error to the client user.
- * THttpException and errors happened when the application is in <b>Debug</b>
- * mode will be displayed to the client user.
- * @param integer response status code
- * @param Exception exception instance
- */
- protected function handleExternalError($statusCode,$exception)
- {
- if($exception instanceof BlogException)
- {
- $message=$exception->getMessage();
- Prado::log($message,TLogger::ERROR,'BlogApplication');
- $message=urldecode($this->getApplication()->getSecurityManager()->hashData($message));
- $this->Response->redirect($this->Service->constructUrl('ErrorReport',array('msg'=>$message),false));
- }
- else
- parent::handleExternalError($statusCode,$exception);
- }
-}
-
+<?php +/** + * BlogErrorHandler class file + * + * @author Qiang Xue <qiang.xue@gmail.com> + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Id$ + */ + +Prado::using('System.Exceptions.TErrorHandler'); +Prado::using('Application.Common.BlogException'); + +/** + * BlogErrorHandler class + * + * @author Qiang Xue <qiang.xue@gmail.com> + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + */ +class BlogErrorHandler extends TErrorHandler +{ + /** + * Displays error to the client user. + * THttpException and errors happened when the application is in <b>Debug</b> + * mode will be displayed to the client user. + * @param integer response status code + * @param Exception exception instance + */ + protected function handleExternalError($statusCode,$exception) + { + if($exception instanceof BlogException) + { + $message=$exception->getMessage(); + Prado::log($message,TLogger::ERROR,'BlogApplication'); + $message=urldecode($this->getApplication()->getSecurityManager()->hashData($message)); + $this->Response->redirect($this->Service->constructUrl('ErrorReport',array('msg'=>$message),false)); + } + else + parent::handleExternalError($statusCode,$exception); + } +} + ?>
\ No newline at end of file diff --git a/demos/blog/protected/Common/BlogException.php b/demos/blog/protected/Common/BlogException.php index 17ae526f..e5ade8a3 100644 --- a/demos/blog/protected/Common/BlogException.php +++ b/demos/blog/protected/Common/BlogException.php @@ -1,31 +1,31 @@ -<?php
-/**
- * BlogException class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright © 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- */
-
-/**
- * BlogException class
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright © 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- */
-class BlogException extends THttpException
-{
- /**
- * @return string path to the error message file
- */
- protected function getErrorMessageFile()
- {
- return dirname(__FILE__).'/messages.txt';
- }
-}
-
+<?php +/** + * BlogException class file + * + * @author Qiang Xue <qiang.xue@gmail.com> + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Id$ + */ + +/** + * BlogException class + * + * @author Qiang Xue <qiang.xue@gmail.com> + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + */ +class BlogException extends THttpException +{ + /** + * @return string path to the error message file + */ + protected function getErrorMessageFile() + { + return dirname(__FILE__).'/messages.txt'; + } +} + ?>
\ No newline at end of file diff --git a/demos/blog/protected/Common/BlogPage.php b/demos/blog/protected/Common/BlogPage.php index aaf0c7e1..a5ac514e 100644 --- a/demos/blog/protected/Common/BlogPage.php +++ b/demos/blog/protected/Common/BlogPage.php @@ -1,49 +1,49 @@ -<?php
-/**
- * BlogPage class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright © 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- */
-
-/**
- * BlogPage class
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright © 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- */
-class BlogPage extends TPage
-{
- public function onPreInit($param)
- {
- parent::onPreInit($param);
- $this->Theme=$this->Application->Parameters['ThemeName'];
- }
-
- public function getDataAccess()
- {
- return $this->getApplication()->getModule('data');
- }
-
- public function gotoDefaultPage()
- {
- $this->gotoPage($this->Service->DefaultPage);
- }
-
- public function gotoPage($pagePath,$getParameters=null)
- {
- $this->Response->redirect($this->Service->constructUrl($pagePath,$getParameters,false));
- }
-
- public function reportError($errorCode)
- {
- $this->gotoPage('ErrorReport',array('id'=>$errorCode));
- }
-}
-
+<?php +/** + * BlogPage class file + * + * @author Qiang Xue <qiang.xue@gmail.com> + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Id$ + */ + +/** + * BlogPage class + * + * @author Qiang Xue <qiang.xue@gmail.com> + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + */ +class BlogPage extends TPage +{ + public function onPreInit($param) + { + parent::onPreInit($param); + $this->Theme=$this->Application->Parameters['ThemeName']; + } + + public function getDataAccess() + { + return $this->getApplication()->getModule('data'); + } + + public function gotoDefaultPage() + { + $this->gotoPage($this->Service->DefaultPage); + } + + public function gotoPage($pagePath,$getParameters=null) + { + $this->Response->redirect($this->Service->constructUrl($pagePath,$getParameters,false)); + } + + public function reportError($errorCode) + { + $this->gotoPage('ErrorReport',array('id'=>$errorCode)); + } +} + ?>
\ No newline at end of file diff --git a/demos/blog/protected/Common/BlogUser.php b/demos/blog/protected/Common/BlogUser.php index 865d7659..08418965 100644 --- a/demos/blog/protected/Common/BlogUser.php +++ b/demos/blog/protected/Common/BlogUser.php @@ -1,60 +1,60 @@ -<?php
-/**
- * BlogUser class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright © 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- */
-
-Prado::using('System.Security.TUser');
-
-/**
- * BlogUser class
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright © 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- */
-class BlogUser extends TUser
-{
- private $_id;
-
- public function getID()
- {
- return $this->_id;
- }
-
- public function setID($value)
- {
- $this->_id=$value;
- }
-
- public function getIsAdmin()
- {
- return $this->isInRole('admin');
- }
-
- public function saveToString()
- {
- $a=array($this->_id,parent::saveToString());
- return serialize($a);
- }
-
- public function loadFromString($data)
- {
- if(!empty($data))
- {
- list($id,$str)=unserialize($data);
- $this->_id=$id;
- return parent::loadFromString($str);
- }
- else
- return $this;
- }
-}
-
+<?php +/** + * BlogUser class file + * + * @author Qiang Xue <qiang.xue@gmail.com> + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Id$ + */ + +Prado::using('System.Security.TUser'); + +/** + * BlogUser class + * + * @author Qiang Xue <qiang.xue@gmail.com> + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + */ +class BlogUser extends TUser +{ + private $_id; + + public function getID() + { + return $this->_id; + } + + public function setID($value) + { + $this->_id=$value; + } + + public function getIsAdmin() + { + return $this->isInRole('admin'); + } + + public function saveToString() + { + $a=array($this->_id,parent::saveToString()); + return serialize($a); + } + + public function loadFromString($data) + { + if(!empty($data)) + { + list($id,$str)=unserialize($data); + $this->_id=$id; + return parent::loadFromString($str); + } + else + return $this; + } +} + ?>
\ No newline at end of file diff --git a/demos/blog/protected/Common/BlogUserManager.php b/demos/blog/protected/Common/BlogUserManager.php index efaa7f1f..26a4427a 100644 --- a/demos/blog/protected/Common/BlogUserManager.php +++ b/demos/blog/protected/Common/BlogUserManager.php @@ -1,95 +1,95 @@ -<?php
-/**
- * BlogUserManager class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright © 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- */
-
-Prado::using('System.Security.IUserManager');
-Prado::using('Application.Common.BlogUser');
-
-/**
- * BlogUserManager class
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright © 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- */
-class BlogUserManager extends TModule implements IUserManager
-{
- public function getGuestName()
- {
- return 'Guest';
- }
-
- /**
- * Returns a user instance given the user name.
- * @param string user name, null if it is a guest.
- * @return TUser the user instance, null if the specified username is not in the user database.
- */
- public function getUser($username=null)
- {
- if($username===null)
- return new BlogUser($this);
- else
- {
- $username=strtolower($username);
- $db=$this->Application->getModule('data');
- if(($userRecord=$db->queryUserByName($username))!==null)
- {
- $user=new BlogUser($this);
- $user->setID($userRecord->ID);
- $user->setName($username);
- $user->setIsGuest(false);
- $user->setRoles($userRecord->Role===UserRecord::ROLE_USER?'user':'admin');
- return $user;
- }
- else
- return null;
- }
- }
-
- /**
- * Validates if the username and password are correct.
- * @param string user name
- * @param string password
- * @return boolean true if validation is successful, false otherwise.
- */
- public function validateUser($username,$password)
- {
- $db=$this->Application->getModule('data');
- if(($userRecord=$db->queryUserByName($username))!==null)
- return $userRecord->Password===md5($password) && $userRecord->Status===UserRecord::STATUS_NORMAL;
- else
- return false;
- }
-
- /**
- * Saves user auth data into a cookie.
- * @param THttpCookie the cookie to receive the user auth data.
- * @since 3.1.1
- */
- public function saveUserToCookie($cookie)
- {
- // do nothing since we don't support cookie-based auth in this example
- }
-
- /**
- * Returns a user instance according to auth data stored in a cookie.
- * @param THttpCookie the cookie storing user authentication information
- * @return TUser the user instance generated based on the cookie auth data, null if the cookie does not have valid auth data.
- * @since 3.1.1
- */
- public function getUserFromCookie($cookie)
- {
- // do nothing since we don't support cookie-based auth in this example
- return null;
- }
-}
-
+<?php +/** + * BlogUserManager class file + * + * @author Qiang Xue <qiang.xue@gmail.com> + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Id$ + */ + +Prado::using('System.Security.IUserManager'); +Prado::using('Application.Common.BlogUser'); + +/** + * BlogUserManager class + * + * @author Qiang Xue <qiang.xue@gmail.com> + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + */ +class BlogUserManager extends TModule implements IUserManager +{ + public function getGuestName() + { + return 'Guest'; + } + + /** + * Returns a user instance given the user name. + * @param string user name, null if it is a guest. + * @return TUser the user instance, null if the specified username is not in the user database. + */ + public function getUser($username=null) + { + if($username===null) + return new BlogUser($this); + else + { + $username=strtolower($username); + $db=$this->Application->getModule('data'); + if(($userRecord=$db->queryUserByName($username))!==null) + { + $user=new BlogUser($this); + $user->setID($userRecord->ID); + $user->setName($username); + $user->setIsGuest(false); + $user->setRoles($userRecord->Role===UserRecord::ROLE_USER?'user':'admin'); + return $user; + } + else + return null; + } + } + + /** + * Validates if the username and password are correct. + * @param string user name + * @param string password + * @return boolean true if validation is successful, false otherwise. + */ + public function validateUser($username,$password) + { + $db=$this->Application->getModule('data'); + if(($userRecord=$db->queryUserByName($username))!==null) + return $userRecord->Password===md5($password) && $userRecord->Status===UserRecord::STATUS_NORMAL; + else + return false; + } + + /** + * Saves user auth data into a cookie. + * @param THttpCookie the cookie to receive the user auth data. + * @since 3.1.1 + */ + public function saveUserToCookie($cookie) + { + // do nothing since we don't support cookie-based auth in this example + } + + /** + * Returns a user instance according to auth data stored in a cookie. + * @param THttpCookie the cookie storing user authentication information + * @return TUser the user instance generated based on the cookie auth data, null if the cookie does not have valid auth data. + * @since 3.1.1 + */ + public function getUserFromCookie($cookie) + { + // do nothing since we don't support cookie-based auth in this example + return null; + } +} + ?>
\ No newline at end of file diff --git a/demos/blog/protected/Common/XListMenu.php b/demos/blog/protected/Common/XListMenu.php index 7dadfbe4..92ab2984 100644 --- a/demos/blog/protected/Common/XListMenu.php +++ b/demos/blog/protected/Common/XListMenu.php @@ -1,127 +1,127 @@ -<?php
-/**
- * XListMenu and XListMenuItem class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright © 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- */
-
-Prado::using('System.Web.UI.WebControls.TListControl');
-
-/**
- * XListMenu class
- *
- * XListMenu displays a list of hyperlinks that can be used for page menus.
- * Menu items adjust their css class automatically according to the current
- * page displayed. In particular, a menu item is considered as active if
- * the URL it represents is for the page currently displayed.
- *
- * Usage of XListMenu is similar to PRADO list controls. Each list item has
- * two extra properties: {@link XListMenuItem::setPagePath PagePath} and
- * {@link XListMenuItem::setNavigateUrl NavigateUrl}. The former is used to
- * determine if the item is active or not, while the latter specifies the
- * URL for the item. If the latter is not specified, a URL to the page is
- * generated automatically.
- *
- * In template, you may use the following tags to specify a menu:
- * <code>
- * <com:XListMenu ActiveCssClass="class1" InactiveCssClass="class2">
- * <com:XListMenuItem Text="Menu 1" PagePath="Page1" />
- * <com:XListMenuItem Text="Menu 2" PagePath="Page2" NavigateUrl="/page2" />
- * </com:XListMenu>
- * </code>
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright © 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- */
-class XListMenu extends TListControl
-{
- public function addParsedObject($object)
- {
- if($object instanceof XListMenuItem)
- parent::addParsedObject($object);
- }
-
- public function getActiveCssClass()
- {
- return $this->getViewState('ActiveCssClass','');
- }
-
- public function setActiveCssClass($value)
- {
- $this->setViewState('ActiveCssClass',$value,'');
- }
-
- public function getInactiveCssClass()
- {
- return $this->getViewState('InactiveCssClass','');
- }
-
- public function setInactiveCssClass($value)
- {
- $this->setViewState('InactiveCssClass',$value,'');
- }
-
- public function render($writer)
- {
- if(($activeClass=$this->getActiveCssClass())!=='')
- $activeClass=' class="'.$activeClass.'"';
- if(($inactiveClass=$this->getInactiveCssClass())!=='')
- $inactiveClass=' class="'.$inactiveClass.'"';
- $currentPagePath=$this->getPage()->getPagePath();
- $writer->write("<ul>\n");
- foreach($this->getItems() as $item)
- {
- $pagePath=$item->getPagePath();
- //if(strpos($currentPagePath.'.',$pagePath.'.')===0)
- if($pagePath[strlen($pagePath)-1]==='*')
- {
- if(strpos($currentPagePath.'.',rtrim($pagePath,'*'))===0)
- $cssClass=$activeClass;
- else
- $cssClass=$inactiveClass;
- }
- else
- {
- if($pagePath===$currentPagePath)
- $cssClass=$activeClass;
- else
- $cssClass=$inactiveClass;
- }
- if(($url=$item->getNavigateUrl())==='')
- $url=$this->getService()->constructUrl($pagePath);
- $writer->write("<li><a href=\"$url\"$cssClass>".$item->getText()."</a></li>\n");
- }
- $writer->write("</ul>");
- }
-}
-
-class XListMenuItem extends TListItem
-{
- public function getPagePath()
- {
- return $this->getValue();
- }
-
- public function setPagePath($value)
- {
- $this->setValue($value);
- }
-
- public function getNavigateUrl()
- {
- return $this->hasAttribute('NavigateUrl')?$this->getAttribute('NavigateUrl'):'';
- }
-
- public function setNavigateUrl($value)
- {
- $this->setAttribute('NavigateUrl',$value);
- }
-}
-
+<?php +/** + * XListMenu and XListMenuItem class file + * + * @author Qiang Xue <qiang.xue@gmail.com> + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Id$ + */ + +Prado::using('System.Web.UI.WebControls.TListControl'); + +/** + * XListMenu class + * + * XListMenu displays a list of hyperlinks that can be used for page menus. + * Menu items adjust their css class automatically according to the current + * page displayed. In particular, a menu item is considered as active if + * the URL it represents is for the page currently displayed. + * + * Usage of XListMenu is similar to PRADO list controls. Each list item has + * two extra properties: {@link XListMenuItem::setPagePath PagePath} and + * {@link XListMenuItem::setNavigateUrl NavigateUrl}. The former is used to + * determine if the item is active or not, while the latter specifies the + * URL for the item. If the latter is not specified, a URL to the page is + * generated automatically. + * + * In template, you may use the following tags to specify a menu: + * <code> + * <com:XListMenu ActiveCssClass="class1" InactiveCssClass="class2"> + * <com:XListMenuItem Text="Menu 1" PagePath="Page1" /> + * <com:XListMenuItem Text="Menu 2" PagePath="Page2" NavigateUrl="/page2" /> + * </com:XListMenu> + * </code> + * + * @author Qiang Xue <qiang.xue@gmail.com> + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + */ +class XListMenu extends TListControl +{ + public function addParsedObject($object) + { + if($object instanceof XListMenuItem) + parent::addParsedObject($object); + } + + public function getActiveCssClass() + { + return $this->getViewState('ActiveCssClass',''); + } + + public function setActiveCssClass($value) + { + $this->setViewState('ActiveCssClass',$value,''); + } + + public function getInactiveCssClass() + { + return $this->getViewState('InactiveCssClass',''); + } + + public function setInactiveCssClass($value) + { + $this->setViewState('InactiveCssClass',$value,''); + } + + public function render($writer) + { + if(($activeClass=$this->getActiveCssClass())!=='') + $activeClass=' class="'.$activeClass.'"'; + if(($inactiveClass=$this->getInactiveCssClass())!=='') + $inactiveClass=' class="'.$inactiveClass.'"'; + $currentPagePath=$this->getPage()->getPagePath(); + $writer->write("<ul>\n"); + foreach($this->getItems() as $item) + { + $pagePath=$item->getPagePath(); + //if(strpos($currentPagePath.'.',$pagePath.'.')===0) + if($pagePath[strlen($pagePath)-1]==='*') + { + if(strpos($currentPagePath.'.',rtrim($pagePath,'*'))===0) + $cssClass=$activeClass; + else + $cssClass=$inactiveClass; + } + else + { + if($pagePath===$currentPagePath) + $cssClass=$activeClass; + else + $cssClass=$inactiveClass; + } + if(($url=$item->getNavigateUrl())==='') + $url=$this->getService()->constructUrl($pagePath); + $writer->write("<li><a href=\"$url\"$cssClass>".$item->getText()."</a></li>\n"); + } + $writer->write("</ul>"); + } +} + +class XListMenuItem extends TListItem +{ + public function getPagePath() + { + return $this->getValue(); + } + + public function setPagePath($value) + { + $this->setValue($value); + } + + public function getNavigateUrl() + { + return $this->hasAttribute('NavigateUrl')?$this->getAttribute('NavigateUrl'):''; + } + + public function setNavigateUrl($value) + { + $this->setAttribute('NavigateUrl',$value); + } +} + ?>
\ No newline at end of file |