summaryrefslogtreecommitdiff
path: root/demos/blog/protected/Common
diff options
context:
space:
mode:
Diffstat (limited to 'demos/blog/protected/Common')
-rw-r--r--demos/blog/protected/Common/BlogDataModule.php1414
-rw-r--r--demos/blog/protected/Common/BlogErrorHandler.php90
-rw-r--r--demos/blog/protected/Common/BlogException.php60
-rw-r--r--demos/blog/protected/Common/BlogPage.php96
-rw-r--r--demos/blog/protected/Common/BlogUser.php118
-rw-r--r--demos/blog/protected/Common/BlogUserManager.php188
-rw-r--r--demos/blog/protected/Common/XListMenu.php252
7 files changed, 1109 insertions, 1109 deletions
diff --git a/demos/blog/protected/Common/BlogDataModule.php b/demos/blog/protected/Common/BlogDataModule.php
index 26dfc5cf..a071ba9a 100644
--- a/demos/blog/protected/Common/BlogDataModule.php
+++ b/demos/blog/protected/Common/BlogDataModule.php
@@ -1,708 +1,708 @@
-<?php
-/**
- * BlogDataModule class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- */
-
-/**
- * BlogDataModule class
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- */
-class BlogDataModule extends TModule
-{
- const DB_FILE_EXT='.db';
- const DEFAULT_DB_FILE='Application.Data.Blog';
- private $_db=null;
- private $_dbFile=null;
-
- public function init($config)
- {
- $this->connectDatabase();
- }
-
- public function getDbFile()
- {
- if($this->_dbFile===null)
- $this->_dbFile=Prado::getPathOfNamespace(self::DEFAULT_DB_FILE,self::DB_FILE_EXT);
- return $this->_dbFile;
- }
-
- public function setDbFile($value)
- {
- if(($this->_dbFile=Prado::getPathOfNamespace($value,self::DB_FILE_EXT))===null)
- throw new BlogException(500,'blogdatamodule_dbfile_invalid',$value);
- }
-
- protected function createDatabase()
- {
- $schemaFile=dirname(__FILE__).'/schema.sql';
- $statements=explode(';',file_get_contents($schemaFile));
- foreach($statements as $statement)
- {
- if(trim($statement)!=='')
- {
- try {
- $command=$this->_db->createCommand($statement);
- $command->execute();
- }
- catch(TDbException $e)
- {
- throw new BlogException(500,'blogdatamodule_createdatabase_failed',$e->getErrorMessage(),$statement);
- }
- }
- }
- }
-
- protected function connectDatabase()
- {
- $dbFile=$this->getDbFile();
- $newDb=!is_file($dbFile);
-
- try {
- $this->_db=new TDbConnection("sqlite:".$dbFile);
- $this->_db->Active=true;
- }
- catch(TDbException $e)
- {
- throw new BlogException(500,'blogdatamodule_dbconnect_failed',$e->getErrorMessage());
- }
-
- if($newDb)
- $this->createDatabase();
- }
-
- protected function generateModifier($filter,$orderBy,$limit)
- {
- $modifier='';
- if($filter!=='')
- $modifier=' WHERE '.$filter;
- if($orderBy!=='')
- $modifier.=' ORDER BY '.$orderBy;
- if($limit!=='')
- $modifier.=' LIMIT '.$limit;
- return $modifier;
- }
-
- public function query($sql)
- {
- try {
- $command=$this->_db->createCommand($sql);
- return $command->query();
- }
- catch(TDbException $e)
- {
- throw new BlogException(500,'blogdatamodule_query_failed',$e->getErrorMessage(),$sql);
- }
- }
-
- protected function populateUserRecord($row)
- {
- $userRecord=new UserRecord;
- $userRecord->ID=(integer)$row['id'];
- $userRecord->Name=$row['name'];
- $userRecord->FullName=$row['full_name'];
- $userRecord->Role=(integer)$row['role'];
- $userRecord->Password=$row['passwd'];
- $userRecord->VerifyCode=$row['vcode'];
- $userRecord->Email=$row['email'];
- $userRecord->CreateTime=(integer)$row['reg_time'];
- $userRecord->Status=(integer)$row['status'];
- $userRecord->Website=$row['website'];
- return $userRecord;
- }
-
- public function queryUsers($filter='',$orderBy='',$limit='')
- {
- if($filter!=='')
- $filter='WHERE '.$filter;
- $sql="SELECT * FROM tblUsers $filter $orderBy $limit";
- $rows=$this->query($sql);
- $users=array();
- foreach($rows as $row)
- $users[]=$this->populateUserRecord($row);
- return $users;
- }
-
- public function queryUserCount($filter)
- {
- if($filter!=='')
- $filter='WHERE '.$filter;
- $sql="SELECT COUNT(id) AS user_count FROM tblUsers $filter";
- $result=$this->query($sql);
- if(($row=$result->read())!==false)
- return $row['user_count'];
- else
- return 0;
- }
-
- public function queryUserByID($id)
- {
- $sql="SELECT * FROM tblUsers WHERE id=$id";
- $result=$this->query($sql);
- if(($row=$result->read())!==false)
- return $this->populateUserRecord($row);
- else
- return null;
- }
-
- public function queryUserByName($name)
- {
- $command=$this->_db->createCommand("SELECT * FROM tblUsers WHERE name=?");
- $command->bindValue(1, $name);
-
- $result=$command->query();
-
- if(($row=$result->read())!==false)
- return $this->populateUserRecord($row);
- else
- return null;
- }
-
- public function insertUser($user)
- {
- $command=$this->_db->createCommand("INSERT INTO tblUsers ".
- "(name,full_name,role,passwd,email,reg_time,status,website) ".
- "VALUES (?,?,?,?,?,?,?,?)");
- $command->bindValue(1, $user->Name);
- $command->bindValue(2, $user->FullName);
- $command->bindValue(3, $user->Role);
- $command->bindValue(4, $user->Password);
- $command->bindValue(5, $user->Email);
- $command->bindValue(6, time());
- $command->bindValue(7, $user->Status);
- $command->bindValue(8, $user->Website);
- $command->execute();
-
- $user->ID=$this->_db->getLastInsertID();
- }
-
- public function updateUser($user)
- {
- $command=$this->_db->createCommand("UPDATE tblUsers SET
- name=?,
- full_name=?,
- role=?,
- passwd=?,
- vcode=?,
- email=?,
- status=?,
- website=?
- WHERE id=?");
- $command->bindValue(1, $user->Name);
- $command->bindValue(2, $user->FullName);
- $command->bindValue(3, $user->Role);
- $command->bindValue(4, $user->Password);
- $command->bindValue(5, $user->VerifyCode);
- $command->bindValue(6, $user->Email);
- $command->bindValue(7, $user->Status);
- $command->bindValue(8, $user->Website);
- $command->bindValue(9, $user->ID);
- $command->execute();
- }
-
- public function deleteUser($id)
- {
- $command=$this->_db->createCommand("DELETE FROM tblUsers WHERE id=?");
- $command->bindValue(1, $id);
- $command->execute();
- }
-
- protected function populatePostRecord($row)
- {
- $postRecord=new PostRecord;
- $postRecord->ID=(integer)$row['id'];
- $postRecord->AuthorID=(integer)$row['author_id'];
- if($row['author_full_name']!=='')
- $postRecord->AuthorName=$row['author_full_name'];
- else
- $postRecord->AuthorName=$row['author_name'];
- $postRecord->CreateTime=(integer)$row['create_time'];
- $postRecord->ModifyTime=(integer)$row['modify_time'];
- $postRecord->Title=$row['title'];
- $postRecord->Content=$row['content'];
- $postRecord->Status=(integer)$row['status'];
- $postRecord->CommentCount=(integer)$row['comment_count'];
- return $postRecord;
- }
-
- public function queryPosts($postFilter,$categoryFilter,$orderBy,$limit)
- {
- //FIXME this is insecure by design since it misses proper escaping
- $filter='';
- if($postFilter!=='')
- $filter.=" AND $postFilter";
- if($categoryFilter!=='')
- $filter.=" AND a.id IN (SELECT post_id AS id FROM tblPost2Category WHERE $categoryFilter)";
- $sql="SELECT a.id AS id,
- a.author_id AS author_id,
- b.name AS author_name,
- b.full_name AS author_full_name,
- a.create_time AS create_time,
- a.modify_time AS modify_time,
- a.title AS title,
- a.content AS content,
- a.status AS status,
- a.comment_count AS comment_count
- FROM tblPosts a, tblUsers b
- WHERE a.author_id=b.id $filter $orderBy $limit";
- $rows=$this->query($sql);
- $posts=array();
- foreach($rows as $row)
- $posts[]=$this->populatePostRecord($row);
- return $posts;
- }
-
- public function queryPostsSearch($keywords,$orderBy,$limit)
- {
- $sql="SELECT a.id AS id,
- a.author_id AS author_id,
- b.name AS author_name,
- b.full_name AS author_full_name,
- a.create_time AS create_time,
- a.modify_time AS modify_time,
- a.title AS title,
- a.content AS content,
- a.status AS status,
- a.comment_count AS comment_count
- FROM tblPosts a, tblUsers b
- WHERE a.author_id=b.id AND a.status=0";
-
- foreach($keywords as $keyword)
- $sql.=" AND (content LIKE ? OR title LIKE ?)";
-
- $sql.=" $orderBy $limit";
-
- $command=$this->_db->createCommand($sql);
-
- $i=1;
- foreach($keywords as $keyword)
- {
- $command->bindValue($i, "%".$keyword."%");
- $i++;
- }
-
- $rows=$command->query();
-
- $posts=array();
- foreach($rows as $row)
- $posts[]=$this->populatePostRecord($row);
- return $posts;
-
- }
-
- public function queryPostCount($postFilter,$categoryFilter)
- {
- //FIXME this is insecure by design since it misses proper escaping
- $filter='';
- if($postFilter!=='')
- $filter.=" AND $postFilter";
- if($categoryFilter!=='')
- $filter.=" AND a.id IN (SELECT post_id AS id FROM tblPost2Category WHERE $categoryFilter)";
- $sql="SELECT COUNT(a.id) AS post_count
- FROM tblPosts a, tblUsers b
- WHERE a.author_id=b.id $filter";
- $result=$this->query($sql);
- if(($row=$result->read())!==false)
- return $row['post_count'];
- else
- return 0;
- }
-
- public function queryPostByID($id)
- {
- $sql="SELECT a.id AS id,
- a.author_id AS author_id,
- b.name AS author_name,
- b.full_name AS author_full_name,
- a.create_time AS create_time,
- a.modify_time AS modify_time,
- a.title AS title,
- a.content AS content,
- a.status AS status,
- a.comment_count AS comment_count
- FROM tblPosts a, tblUsers b
- WHERE a.id=? AND a.author_id=b.id";
-
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $id);
-
- $result=$command->query();
-
- if(($row=$result->read())!==false)
- return $this->populatePostRecord($row);
- else
- return null;
- }
-
- public function insertPost($post,$catIDs)
- {
- $command=$this->_db->createCommand("INSERT INTO tblPosts
- (author_id,create_time,modify_time,title,content,status)
- VALUES (?,?,?,?,?,?)");
- $command->bindValue(1, $post->AuthorID);
- $command->bindValue(2, $post->CreateTime);
- $command->bindValue(3, $post->ModifyTime);
- $command->bindValue(4, $post->Title);
- $command->bindValue(5, $post->Content);
- $command->bindValue(6, $post->Status);
-
- $command->execute();
- $post->ID=$this->_db->getLastInsertID();
- foreach($catIDs as $catID)
- $this->insertPostCategory($post->ID,$catID);
- }
-
- public function updatePost($post,$newCatIDs=null)
- {
- if($newCatIDs!==null)
- {
- $cats=$this->queryCategoriesByPostID($post->ID);
- $catIDs=array();
- foreach($cats as $cat)
- $catIDs[]=$cat->ID;
- $deleteIDs=array_diff($catIDs,$newCatIDs);
- foreach($deleteIDs as $id)
- $this->deletePostCategory($post->ID,$id);
- $insertIDs=array_diff($newCatIDs,$catIDs);
- foreach($insertIDs as $id)
- $this->insertPostCategory($post->ID,$id);
- }
-
- $command=$this->_db->createCommand("UPDATE tblPosts SET
- modify_time=?,
- title=?,
- content=?,
- status=?
- WHERE id=?");
- $command->bindValue(1, $post->ModifyTime);
- $command->bindValue(2, $post->Title);
- $command->bindValue(3, $post->Content);
- $command->bindValue(4, $post->Status);
- $command->bindValue(5, $post->ID);
-
- $command->execute();
- }
-
- public function deletePost($id)
- {
- $cats=$this->queryCategoriesByPostID($id);
- foreach($cats as $cat)
- $this->deletePostCategory($id,$cat->ID);
-
- $command=$this->_db->createCommand("DELETE FROM tblComments WHERE post_id=?");
- $command->bindValue(1, $id);
- $command->execute();
-
- $command=$this->_db->createCommand("DELETE FROM tblPosts WHERE id=?");
- $command->bindValue(1, $id);
- $command->execute();
- }
-
- protected function populateCommentRecord($row)
- {
- $commentRecord=new CommentRecord;
- $commentRecord->ID=(integer)$row['id'];
- $commentRecord->PostID=(integer)$row['post_id'];
- $commentRecord->AuthorName=$row['author_name'];
- $commentRecord->AuthorEmail=$row['author_email'];
- $commentRecord->AuthorWebsite=$row['author_website'];
- $commentRecord->AuthorIP=$row['author_ip'];
- $commentRecord->CreateTime=(integer)$row['create_time'];
- $commentRecord->Content=$row['content'];
- $commentRecord->Status=(integer)$row['status'];
- return $commentRecord;
- }
-
- public function queryComments($filter,$orderBy,$limit)
- {
- //FIXME this is insecure by design since it misses proper escaping
- if($filter!=='')
- $filter='WHERE '.$filter;
- $sql="SELECT * FROM tblComments $filter $orderBy $limit";
- $rows=$this->query($sql);
- $comments=array();
- foreach($rows as $row)
- $comments[]=$this->populateCommentRecord($row);
- return $comments;
- }
-
- public function queryCommentsByPostID($id)
- {
- $sql="SELECT * FROM tblComments WHERE post_id=? ORDER BY create_time DESC";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $id);
-
- $rows=$command->query();
-
- $comments=array();
- foreach($rows as $row)
- $comments[]=$this->populateCommentRecord($row);
- return $comments;
- }
-
- public function insertComment($comment)
- {
- $sql="INSERT INTO tblComments
- (post_id,author_name,author_email,author_website,author_ip,create_time,status,content)
- VALUES (?,?,?,?,?,?,?,?)";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $comment->PostID);
- $command->bindValue(2, $comment->AuthorName);
- $command->bindValue(3, $comment->AuthorEmail);
- $command->bindValue(4, $comment->AuthorWebsite);
- $command->bindValue(5, $comment->AuthorIP);
- $command->bindValue(6, $comment->CreateTime);
- $command->bindValue(7, $comment->Status);
- $command->bindValue(8, $comment->Content);
-
- $command->execute();
- $comment->ID=$this->_db->getLastInsertID();
- $this->query("UPDATE tblPosts SET comment_count=comment_count+1 WHERE id={$comment->PostID}");
- }
-
- public function updateComment($comment)
- {
- $sql="UPDATE tblComments SET status=? WHERE id=?";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $comment->Status);
- $command->bindValue(2, $comment->ID);
-
- $command->execute();
- }
-
- public function deleteComment($id)
- {
- $sql="SELECT post_id FROM tblComments WHERE id=?";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $id);
- $result=$command->query();
-
- if(($row=$result->read())!==false)
- {
- $command=$this->_db->createCommand("DELETE FROM tblComments WHERE id=?");
- $command->bindValue(1, $id);
- $command->execute();
-
- $command=$this->_db->createCommand("UPDATE tblPosts SET comment_count=comment_count-1 WHERE id=?");
- $command->bindValue(1, $row['post_id']);
- $command->execute();
- }
- }
-
- protected function populateCategoryRecord($row)
- {
- $catRecord=new CategoryRecord;
- $catRecord->ID=(integer)$row['id'];
- $catRecord->Name=$row['name'];
- $catRecord->Description=$row['description'];
- $catRecord->PostCount=$row['post_count'];
- return $catRecord;
- }
-
- public function queryCategories()
- {
- $sql="SELECT * FROM tblCategories ORDER BY name ASC";
- $rows=$this->query($sql);
- $cats=array();
- foreach($rows as $row)
- $cats[]=$this->populateCategoryRecord($row);
- return $cats;
- }
-
- public function queryCategoriesByPostID($postID)
- {
- $sql="SELECT a.id AS id,
- a.name AS name,
- a.description AS description,
- a.post_count AS post_count
- FROM tblCategories a, tblPost2Category b
- WHERE a.id=b.category_id AND b.post_id=? ORDER BY a.name";
-
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $postID);
- $rows=$command->query();
-
- $cats=array();
- foreach($rows as $row)
- $cats[]=$this->populateCategoryRecord($row);
- return $cats;
- }
-
- public function queryCategoryByID($id)
- {
- $sql="SELECT * FROM tblCategories WHERE id=?";
-
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $id);
- $result=$command->query();
-
- if(($row=$result->read())!==false)
- return $this->populateCategoryRecord($row);
- else
- return null;
- }
-
- public function queryCategoryByName($name)
- {
- $sql="SELECT * FROM tblCategories WHERE name=?";
-
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $name);
- $result=$command->query();
-
- if(($row=$result->read())!==false)
- return $this->populateCategoryRecord($row);
- else
- return null;
- }
-
- public function insertCategory($category)
- {
- $sql="INSERT INTO tblCategories
- (name,description)
- VALUES (?,?)";
-
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $category->Name);
- $command->bindValue(2, $category->Description);
- $command->execute();
-
- $category->ID=$this->_db->getLastInsertID();
- }
-
- public function updateCategory($category)
- {
- $sql="UPDATE tblCategories SET name=?, description=?, post_count=? WHERE id=?";
-
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $category->Name);
- $command->bindValue(2, $category->Description);
- $command->bindValue(3, $category->PostCount);
- $command->bindValue(4, $category->ID);
-
- $command->execute();
- }
-
- public function deleteCategory($id)
- {
- $sql="DELETE FROM tblPost2Category WHERE category_id=?";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $id);
- $command->execute();
-
- $sql="DELETE FROM tblCategories WHERE id=?";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $id);
- $command->execute();
- }
-
- public function insertPostCategory($postID,$categoryID)
- {
- $sql="INSERT INTO tblPost2Category (post_id, category_id) VALUES (?, ?)";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $postID);
- $command->bindValue(2, $categoryID);
- $command->execute();
-
- $sql="UPDATE tblCategories SET post_count=post_count+1 WHERE id=?";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $categoryID);
- $command->execute();
-
- }
-
- public function deletePostCategory($postID,$categoryID)
- {
- $sql="DELETE FROM tblPost2Category WHERE post_id=? AND category_id=?";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $postID);
- $command->bindValue(2, $categoryID);
- $result=$command->query();
-
- if($result->getRowCount()>0)
- {
- $sql="UPDATE tblCategories SET post_count=post_count-1 WHERE id=?";
- $command=$this->_db->createCommand($sql);
- $command->bindValue(1, $categoryID);
- $command->execute();
- }
- }
-
- public function queryEarliestPostTime()
- {
- $sql="SELECT MIN(create_time) AS create_time FROM tblPosts";
- $result=$this->query($sql);
- if(($row=$result->read())!==false)
- return $row['create_time'];
- else
- return time();
- }
-}
-
-class UserRecord
-{
- const ROLE_USER=0;
- const ROLE_ADMIN=1;
- const STATUS_NORMAL=0;
- const STATUS_DISABLED=1;
- const STATUS_PENDING=2;
- public $ID;
- public $Name;
- public $FullName;
- public $Role;
- public $Password;
- public $VerifyCode;
- public $Email;
- public $CreateTime;
- public $Status;
- public $Website;
-}
-
-class PostRecord
-{
- const STATUS_PUBLISHED=0;
- const STATUS_DRAFT=1;
- const STATUS_PENDING=2;
- const STATUS_STICKY=3;
- public $ID;
- public $AuthorID;
- public $AuthorName;
- public $CreateTime;
- public $ModifyTime;
- public $Title;
- public $Content;
- public $Status;
- public $CommentCount;
-}
-
-class CommentRecord
-{
- public $ID;
- public $PostID;
- public $AuthorName;
- public $AuthorEmail;
- public $AuthorWebsite;
- public $AuthorIP;
- public $CreateTime;
- public $Status;
- public $Content;
-}
-
-class CategoryRecord
-{
- public $ID;
- public $Name;
- public $Description;
- public $PostCount;
-}
-
+<?php
+/**
+ * BlogDataModule class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Id$
+ */
+
+/**
+ * BlogDataModule class
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ */
+class BlogDataModule extends TModule
+{
+ const DB_FILE_EXT='.db';
+ const DEFAULT_DB_FILE='Application.Data.Blog';
+ private $_db=null;
+ private $_dbFile=null;
+
+ public function init($config)
+ {
+ $this->connectDatabase();
+ }
+
+ public function getDbFile()
+ {
+ if($this->_dbFile===null)
+ $this->_dbFile=Prado::getPathOfNamespace(self::DEFAULT_DB_FILE,self::DB_FILE_EXT);
+ return $this->_dbFile;
+ }
+
+ public function setDbFile($value)
+ {
+ if(($this->_dbFile=Prado::getPathOfNamespace($value,self::DB_FILE_EXT))===null)
+ throw new BlogException(500,'blogdatamodule_dbfile_invalid',$value);
+ }
+
+ protected function createDatabase()
+ {
+ $schemaFile=dirname(__FILE__).'/schema.sql';
+ $statements=explode(';',file_get_contents($schemaFile));
+ foreach($statements as $statement)
+ {
+ if(trim($statement)!=='')
+ {
+ try {
+ $command=$this->_db->createCommand($statement);
+ $command->execute();
+ }
+ catch(TDbException $e)
+ {
+ throw new BlogException(500,'blogdatamodule_createdatabase_failed',$e->getErrorMessage(),$statement);
+ }
+ }
+ }
+ }
+
+ protected function connectDatabase()
+ {
+ $dbFile=$this->getDbFile();
+ $newDb=!is_file($dbFile);
+
+ try {
+ $this->_db=new TDbConnection("sqlite:".$dbFile);
+ $this->_db->Active=true;
+ }
+ catch(TDbException $e)
+ {
+ throw new BlogException(500,'blogdatamodule_dbconnect_failed',$e->getErrorMessage());
+ }
+
+ if($newDb)
+ $this->createDatabase();
+ }
+
+ protected function generateModifier($filter,$orderBy,$limit)
+ {
+ $modifier='';
+ if($filter!=='')
+ $modifier=' WHERE '.$filter;
+ if($orderBy!=='')
+ $modifier.=' ORDER BY '.$orderBy;
+ if($limit!=='')
+ $modifier.=' LIMIT '.$limit;
+ return $modifier;
+ }
+
+ public function query($sql)
+ {
+ try {
+ $command=$this->_db->createCommand($sql);
+ return $command->query();
+ }
+ catch(TDbException $e)
+ {
+ throw new BlogException(500,'blogdatamodule_query_failed',$e->getErrorMessage(),$sql);
+ }
+ }
+
+ protected function populateUserRecord($row)
+ {
+ $userRecord=new UserRecord;
+ $userRecord->ID=(integer)$row['id'];
+ $userRecord->Name=$row['name'];
+ $userRecord->FullName=$row['full_name'];
+ $userRecord->Role=(integer)$row['role'];
+ $userRecord->Password=$row['passwd'];
+ $userRecord->VerifyCode=$row['vcode'];
+ $userRecord->Email=$row['email'];
+ $userRecord->CreateTime=(integer)$row['reg_time'];
+ $userRecord->Status=(integer)$row['status'];
+ $userRecord->Website=$row['website'];
+ return $userRecord;
+ }
+
+ public function queryUsers($filter='',$orderBy='',$limit='')
+ {
+ if($filter!=='')
+ $filter='WHERE '.$filter;
+ $sql="SELECT * FROM tblUsers $filter $orderBy $limit";
+ $rows=$this->query($sql);
+ $users=array();
+ foreach($rows as $row)
+ $users[]=$this->populateUserRecord($row);
+ return $users;
+ }
+
+ public function queryUserCount($filter)
+ {
+ if($filter!=='')
+ $filter='WHERE '.$filter;
+ $sql="SELECT COUNT(id) AS user_count FROM tblUsers $filter";
+ $result=$this->query($sql);
+ if(($row=$result->read())!==false)
+ return $row['user_count'];
+ else
+ return 0;
+ }
+
+ public function queryUserByID($id)
+ {
+ $sql="SELECT * FROM tblUsers WHERE id=$id";
+ $result=$this->query($sql);
+ if(($row=$result->read())!==false)
+ return $this->populateUserRecord($row);
+ else
+ return null;
+ }
+
+ public function queryUserByName($name)
+ {
+ $command=$this->_db->createCommand("SELECT * FROM tblUsers WHERE name=?");
+ $command->bindValue(1, $name);
+
+ $result=$command->query();
+
+ if(($row=$result->read())!==false)
+ return $this->populateUserRecord($row);
+ else
+ return null;
+ }
+
+ public function insertUser($user)
+ {
+ $command=$this->_db->createCommand("INSERT INTO tblUsers ".
+ "(name,full_name,role,passwd,email,reg_time,status,website) ".
+ "VALUES (?,?,?,?,?,?,?,?)");
+ $command->bindValue(1, $user->Name);
+ $command->bindValue(2, $user->FullName);
+ $command->bindValue(3, $user->Role);
+ $command->bindValue(4, $user->Password);
+ $command->bindValue(5, $user->Email);
+ $command->bindValue(6, time());
+ $command->bindValue(7, $user->Status);
+ $command->bindValue(8, $user->Website);
+ $command->execute();
+
+ $user->ID=$this->_db->getLastInsertID();
+ }
+
+ public function updateUser($user)
+ {
+ $command=$this->_db->createCommand("UPDATE tblUsers SET
+ name=?,
+ full_name=?,
+ role=?,
+ passwd=?,
+ vcode=?,
+ email=?,
+ status=?,
+ website=?
+ WHERE id=?");
+ $command->bindValue(1, $user->Name);
+ $command->bindValue(2, $user->FullName);
+ $command->bindValue(3, $user->Role);
+ $command->bindValue(4, $user->Password);
+ $command->bindValue(5, $user->VerifyCode);
+ $command->bindValue(6, $user->Email);
+ $command->bindValue(7, $user->Status);
+ $command->bindValue(8, $user->Website);
+ $command->bindValue(9, $user->ID);
+ $command->execute();
+ }
+
+ public function deleteUser($id)
+ {
+ $command=$this->_db->createCommand("DELETE FROM tblUsers WHERE id=?");
+ $command->bindValue(1, $id);
+ $command->execute();
+ }
+
+ protected function populatePostRecord($row)
+ {
+ $postRecord=new PostRecord;
+ $postRecord->ID=(integer)$row['id'];
+ $postRecord->AuthorID=(integer)$row['author_id'];
+ if($row['author_full_name']!=='')
+ $postRecord->AuthorName=$row['author_full_name'];
+ else
+ $postRecord->AuthorName=$row['author_name'];
+ $postRecord->CreateTime=(integer)$row['create_time'];
+ $postRecord->ModifyTime=(integer)$row['modify_time'];
+ $postRecord->Title=$row['title'];
+ $postRecord->Content=$row['content'];
+ $postRecord->Status=(integer)$row['status'];
+ $postRecord->CommentCount=(integer)$row['comment_count'];
+ return $postRecord;
+ }
+
+ public function queryPosts($postFilter,$categoryFilter,$orderBy,$limit)
+ {
+ //FIXME this is insecure by design since it misses proper escaping
+ $filter='';
+ if($postFilter!=='')
+ $filter.=" AND $postFilter";
+ if($categoryFilter!=='')
+ $filter.=" AND a.id IN (SELECT post_id AS id FROM tblPost2Category WHERE $categoryFilter)";
+ $sql="SELECT a.id AS id,
+ a.author_id AS author_id,
+ b.name AS author_name,
+ b.full_name AS author_full_name,
+ a.create_time AS create_time,
+ a.modify_time AS modify_time,
+ a.title AS title,
+ a.content AS content,
+ a.status AS status,
+ a.comment_count AS comment_count
+ FROM tblPosts a, tblUsers b
+ WHERE a.author_id=b.id $filter $orderBy $limit";
+ $rows=$this->query($sql);
+ $posts=array();
+ foreach($rows as $row)
+ $posts[]=$this->populatePostRecord($row);
+ return $posts;
+ }
+
+ public function queryPostsSearch($keywords,$orderBy,$limit)
+ {
+ $sql="SELECT a.id AS id,
+ a.author_id AS author_id,
+ b.name AS author_name,
+ b.full_name AS author_full_name,
+ a.create_time AS create_time,
+ a.modify_time AS modify_time,
+ a.title AS title,
+ a.content AS content,
+ a.status AS status,
+ a.comment_count AS comment_count
+ FROM tblPosts a, tblUsers b
+ WHERE a.author_id=b.id AND a.status=0";
+
+ foreach($keywords as $keyword)
+ $sql.=" AND (content LIKE ? OR title LIKE ?)";
+
+ $sql.=" $orderBy $limit";
+
+ $command=$this->_db->createCommand($sql);
+
+ $i=1;
+ foreach($keywords as $keyword)
+ {
+ $command->bindValue($i, "%".$keyword."%");
+ $i++;
+ }
+
+ $rows=$command->query();
+
+ $posts=array();
+ foreach($rows as $row)
+ $posts[]=$this->populatePostRecord($row);
+ return $posts;
+
+ }
+
+ public function queryPostCount($postFilter,$categoryFilter)
+ {
+ //FIXME this is insecure by design since it misses proper escaping
+ $filter='';
+ if($postFilter!=='')
+ $filter.=" AND $postFilter";
+ if($categoryFilter!=='')
+ $filter.=" AND a.id IN (SELECT post_id AS id FROM tblPost2Category WHERE $categoryFilter)";
+ $sql="SELECT COUNT(a.id) AS post_count
+ FROM tblPosts a, tblUsers b
+ WHERE a.author_id=b.id $filter";
+ $result=$this->query($sql);
+ if(($row=$result->read())!==false)
+ return $row['post_count'];
+ else
+ return 0;
+ }
+
+ public function queryPostByID($id)
+ {
+ $sql="SELECT a.id AS id,
+ a.author_id AS author_id,
+ b.name AS author_name,
+ b.full_name AS author_full_name,
+ a.create_time AS create_time,
+ a.modify_time AS modify_time,
+ a.title AS title,
+ a.content AS content,
+ a.status AS status,
+ a.comment_count AS comment_count
+ FROM tblPosts a, tblUsers b
+ WHERE a.id=? AND a.author_id=b.id";
+
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $id);
+
+ $result=$command->query();
+
+ if(($row=$result->read())!==false)
+ return $this->populatePostRecord($row);
+ else
+ return null;
+ }
+
+ public function insertPost($post,$catIDs)
+ {
+ $command=$this->_db->createCommand("INSERT INTO tblPosts
+ (author_id,create_time,modify_time,title,content,status)
+ VALUES (?,?,?,?,?,?)");
+ $command->bindValue(1, $post->AuthorID);
+ $command->bindValue(2, $post->CreateTime);
+ $command->bindValue(3, $post->ModifyTime);
+ $command->bindValue(4, $post->Title);
+ $command->bindValue(5, $post->Content);
+ $command->bindValue(6, $post->Status);
+
+ $command->execute();
+ $post->ID=$this->_db->getLastInsertID();
+ foreach($catIDs as $catID)
+ $this->insertPostCategory($post->ID,$catID);
+ }
+
+ public function updatePost($post,$newCatIDs=null)
+ {
+ if($newCatIDs!==null)
+ {
+ $cats=$this->queryCategoriesByPostID($post->ID);
+ $catIDs=array();
+ foreach($cats as $cat)
+ $catIDs[]=$cat->ID;
+ $deleteIDs=array_diff($catIDs,$newCatIDs);
+ foreach($deleteIDs as $id)
+ $this->deletePostCategory($post->ID,$id);
+ $insertIDs=array_diff($newCatIDs,$catIDs);
+ foreach($insertIDs as $id)
+ $this->insertPostCategory($post->ID,$id);
+ }
+
+ $command=$this->_db->createCommand("UPDATE tblPosts SET
+ modify_time=?,
+ title=?,
+ content=?,
+ status=?
+ WHERE id=?");
+ $command->bindValue(1, $post->ModifyTime);
+ $command->bindValue(2, $post->Title);
+ $command->bindValue(3, $post->Content);
+ $command->bindValue(4, $post->Status);
+ $command->bindValue(5, $post->ID);
+
+ $command->execute();
+ }
+
+ public function deletePost($id)
+ {
+ $cats=$this->queryCategoriesByPostID($id);
+ foreach($cats as $cat)
+ $this->deletePostCategory($id,$cat->ID);
+
+ $command=$this->_db->createCommand("DELETE FROM tblComments WHERE post_id=?");
+ $command->bindValue(1, $id);
+ $command->execute();
+
+ $command=$this->_db->createCommand("DELETE FROM tblPosts WHERE id=?");
+ $command->bindValue(1, $id);
+ $command->execute();
+ }
+
+ protected function populateCommentRecord($row)
+ {
+ $commentRecord=new CommentRecord;
+ $commentRecord->ID=(integer)$row['id'];
+ $commentRecord->PostID=(integer)$row['post_id'];
+ $commentRecord->AuthorName=$row['author_name'];
+ $commentRecord->AuthorEmail=$row['author_email'];
+ $commentRecord->AuthorWebsite=$row['author_website'];
+ $commentRecord->AuthorIP=$row['author_ip'];
+ $commentRecord->CreateTime=(integer)$row['create_time'];
+ $commentRecord->Content=$row['content'];
+ $commentRecord->Status=(integer)$row['status'];
+ return $commentRecord;
+ }
+
+ public function queryComments($filter,$orderBy,$limit)
+ {
+ //FIXME this is insecure by design since it misses proper escaping
+ if($filter!=='')
+ $filter='WHERE '.$filter;
+ $sql="SELECT * FROM tblComments $filter $orderBy $limit";
+ $rows=$this->query($sql);
+ $comments=array();
+ foreach($rows as $row)
+ $comments[]=$this->populateCommentRecord($row);
+ return $comments;
+ }
+
+ public function queryCommentsByPostID($id)
+ {
+ $sql="SELECT * FROM tblComments WHERE post_id=? ORDER BY create_time DESC";
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $id);
+
+ $rows=$command->query();
+
+ $comments=array();
+ foreach($rows as $row)
+ $comments[]=$this->populateCommentRecord($row);
+ return $comments;
+ }
+
+ public function insertComment($comment)
+ {
+ $sql="INSERT INTO tblComments
+ (post_id,author_name,author_email,author_website,author_ip,create_time,status,content)
+ VALUES (?,?,?,?,?,?,?,?)";
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $comment->PostID);
+ $command->bindValue(2, $comment->AuthorName);
+ $command->bindValue(3, $comment->AuthorEmail);
+ $command->bindValue(4, $comment->AuthorWebsite);
+ $command->bindValue(5, $comment->AuthorIP);
+ $command->bindValue(6, $comment->CreateTime);
+ $command->bindValue(7, $comment->Status);
+ $command->bindValue(8, $comment->Content);
+
+ $command->execute();
+ $comment->ID=$this->_db->getLastInsertID();
+ $this->query("UPDATE tblPosts SET comment_count=comment_count+1 WHERE id={$comment->PostID}");
+ }
+
+ public function updateComment($comment)
+ {
+ $sql="UPDATE tblComments SET status=? WHERE id=?";
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $comment->Status);
+ $command->bindValue(2, $comment->ID);
+
+ $command->execute();
+ }
+
+ public function deleteComment($id)
+ {
+ $sql="SELECT post_id FROM tblComments WHERE id=?";
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $id);
+ $result=$command->query();
+
+ if(($row=$result->read())!==false)
+ {
+ $command=$this->_db->createCommand("DELETE FROM tblComments WHERE id=?");
+ $command->bindValue(1, $id);
+ $command->execute();
+
+ $command=$this->_db->createCommand("UPDATE tblPosts SET comment_count=comment_count-1 WHERE id=?");
+ $command->bindValue(1, $row['post_id']);
+ $command->execute();
+ }
+ }
+
+ protected function populateCategoryRecord($row)
+ {
+ $catRecord=new CategoryRecord;
+ $catRecord->ID=(integer)$row['id'];
+ $catRecord->Name=$row['name'];
+ $catRecord->Description=$row['description'];
+ $catRecord->PostCount=$row['post_count'];
+ return $catRecord;
+ }
+
+ public function queryCategories()
+ {
+ $sql="SELECT * FROM tblCategories ORDER BY name ASC";
+ $rows=$this->query($sql);
+ $cats=array();
+ foreach($rows as $row)
+ $cats[]=$this->populateCategoryRecord($row);
+ return $cats;
+ }
+
+ public function queryCategoriesByPostID($postID)
+ {
+ $sql="SELECT a.id AS id,
+ a.name AS name,
+ a.description AS description,
+ a.post_count AS post_count
+ FROM tblCategories a, tblPost2Category b
+ WHERE a.id=b.category_id AND b.post_id=? ORDER BY a.name";
+
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $postID);
+ $rows=$command->query();
+
+ $cats=array();
+ foreach($rows as $row)
+ $cats[]=$this->populateCategoryRecord($row);
+ return $cats;
+ }
+
+ public function queryCategoryByID($id)
+ {
+ $sql="SELECT * FROM tblCategories WHERE id=?";
+
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $id);
+ $result=$command->query();
+
+ if(($row=$result->read())!==false)
+ return $this->populateCategoryRecord($row);
+ else
+ return null;
+ }
+
+ public function queryCategoryByName($name)
+ {
+ $sql="SELECT * FROM tblCategories WHERE name=?";
+
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $name);
+ $result=$command->query();
+
+ if(($row=$result->read())!==false)
+ return $this->populateCategoryRecord($row);
+ else
+ return null;
+ }
+
+ public function insertCategory($category)
+ {
+ $sql="INSERT INTO tblCategories
+ (name,description)
+ VALUES (?,?)";
+
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $category->Name);
+ $command->bindValue(2, $category->Description);
+ $command->execute();
+
+ $category->ID=$this->_db->getLastInsertID();
+ }
+
+ public function updateCategory($category)
+ {
+ $sql="UPDATE tblCategories SET name=?, description=?, post_count=? WHERE id=?";
+
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $category->Name);
+ $command->bindValue(2, $category->Description);
+ $command->bindValue(3, $category->PostCount);
+ $command->bindValue(4, $category->ID);
+
+ $command->execute();
+ }
+
+ public function deleteCategory($id)
+ {
+ $sql="DELETE FROM tblPost2Category WHERE category_id=?";
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $id);
+ $command->execute();
+
+ $sql="DELETE FROM tblCategories WHERE id=?";
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $id);
+ $command->execute();
+ }
+
+ public function insertPostCategory($postID,$categoryID)
+ {
+ $sql="INSERT INTO tblPost2Category (post_id, category_id) VALUES (?, ?)";
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $postID);
+ $command->bindValue(2, $categoryID);
+ $command->execute();
+
+ $sql="UPDATE tblCategories SET post_count=post_count+1 WHERE id=?";
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $categoryID);
+ $command->execute();
+
+ }
+
+ public function deletePostCategory($postID,$categoryID)
+ {
+ $sql="DELETE FROM tblPost2Category WHERE post_id=? AND category_id=?";
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $postID);
+ $command->bindValue(2, $categoryID);
+ $result=$command->query();
+
+ if($result->getRowCount()>0)
+ {
+ $sql="UPDATE tblCategories SET post_count=post_count-1 WHERE id=?";
+ $command=$this->_db->createCommand($sql);
+ $command->bindValue(1, $categoryID);
+ $command->execute();
+ }
+ }
+
+ public function queryEarliestPostTime()
+ {
+ $sql="SELECT MIN(create_time) AS create_time FROM tblPosts";
+ $result=$this->query($sql);
+ if(($row=$result->read())!==false)
+ return $row['create_time'];
+ else
+ return time();
+ }
+}
+
+class UserRecord
+{
+ const ROLE_USER=0;
+ const ROLE_ADMIN=1;
+ const STATUS_NORMAL=0;
+ const STATUS_DISABLED=1;
+ const STATUS_PENDING=2;
+ public $ID;
+ public $Name;
+ public $FullName;
+ public $Role;
+ public $Password;
+ public $VerifyCode;
+ public $Email;
+ public $CreateTime;
+ public $Status;
+ public $Website;
+}
+
+class PostRecord
+{
+ const STATUS_PUBLISHED=0;
+ const STATUS_DRAFT=1;
+ const STATUS_PENDING=2;
+ const STATUS_STICKY=3;
+ public $ID;
+ public $AuthorID;
+ public $AuthorName;
+ public $CreateTime;
+ public $ModifyTime;
+ public $Title;
+ public $Content;
+ public $Status;
+ public $CommentCount;
+}
+
+class CommentRecord
+{
+ public $ID;
+ public $PostID;
+ public $AuthorName;
+ public $AuthorEmail;
+ public $AuthorWebsite;
+ public $AuthorIP;
+ public $CreateTime;
+ public $Status;
+ public $Content;
+}
+
+class CategoryRecord
+{
+ public $ID;
+ public $Name;
+ public $Description;
+ public $PostCount;
+}
+
?> \ No newline at end of file
diff --git a/demos/blog/protected/Common/BlogErrorHandler.php b/demos/blog/protected/Common/BlogErrorHandler.php
index 06042be1..f5144fff 100644
--- a/demos/blog/protected/Common/BlogErrorHandler.php
+++ b/demos/blog/protected/Common/BlogErrorHandler.php
@@ -1,46 +1,46 @@
-<?php
-/**
- * BlogErrorHandler class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- */
-
-Prado::using('System.Exceptions.TErrorHandler');
-Prado::using('Application.Common.BlogException');
-
-/**
- * BlogErrorHandler class
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- */
-class BlogErrorHandler extends TErrorHandler
-{
- /**
- * Displays error to the client user.
- * THttpException and errors happened when the application is in <b>Debug</b>
- * mode will be displayed to the client user.
- * @param integer response status code
- * @param Exception exception instance
- */
- protected function handleExternalError($statusCode,$exception)
- {
- if($exception instanceof BlogException)
- {
- $message=$exception->getMessage();
- Prado::log($message,TLogger::ERROR,'BlogApplication');
- $message=urldecode($this->getApplication()->getSecurityManager()->hashData($message));
- $this->Response->redirect($this->Service->constructUrl('ErrorReport',array('msg'=>$message),false));
- }
- else
- parent::handleExternalError($statusCode,$exception);
- }
-}
-
+<?php
+/**
+ * BlogErrorHandler class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Id$
+ */
+
+Prado::using('System.Exceptions.TErrorHandler');
+Prado::using('Application.Common.BlogException');
+
+/**
+ * BlogErrorHandler class
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ */
+class BlogErrorHandler extends TErrorHandler
+{
+ /**
+ * Displays error to the client user.
+ * THttpException and errors happened when the application is in <b>Debug</b>
+ * mode will be displayed to the client user.
+ * @param integer response status code
+ * @param Exception exception instance
+ */
+ protected function handleExternalError($statusCode,$exception)
+ {
+ if($exception instanceof BlogException)
+ {
+ $message=$exception->getMessage();
+ Prado::log($message,TLogger::ERROR,'BlogApplication');
+ $message=urldecode($this->getApplication()->getSecurityManager()->hashData($message));
+ $this->Response->redirect($this->Service->constructUrl('ErrorReport',array('msg'=>$message),false));
+ }
+ else
+ parent::handleExternalError($statusCode,$exception);
+ }
+}
+
?> \ No newline at end of file
diff --git a/demos/blog/protected/Common/BlogException.php b/demos/blog/protected/Common/BlogException.php
index 17ae526f..e5ade8a3 100644
--- a/demos/blog/protected/Common/BlogException.php
+++ b/demos/blog/protected/Common/BlogException.php
@@ -1,31 +1,31 @@
-<?php
-/**
- * BlogException class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- */
-
-/**
- * BlogException class
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- */
-class BlogException extends THttpException
-{
- /**
- * @return string path to the error message file
- */
- protected function getErrorMessageFile()
- {
- return dirname(__FILE__).'/messages.txt';
- }
-}
-
+<?php
+/**
+ * BlogException class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Id$
+ */
+
+/**
+ * BlogException class
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ */
+class BlogException extends THttpException
+{
+ /**
+ * @return string path to the error message file
+ */
+ protected function getErrorMessageFile()
+ {
+ return dirname(__FILE__).'/messages.txt';
+ }
+}
+
?> \ No newline at end of file
diff --git a/demos/blog/protected/Common/BlogPage.php b/demos/blog/protected/Common/BlogPage.php
index aaf0c7e1..a5ac514e 100644
--- a/demos/blog/protected/Common/BlogPage.php
+++ b/demos/blog/protected/Common/BlogPage.php
@@ -1,49 +1,49 @@
-<?php
-/**
- * BlogPage class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- */
-
-/**
- * BlogPage class
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- */
-class BlogPage extends TPage
-{
- public function onPreInit($param)
- {
- parent::onPreInit($param);
- $this->Theme=$this->Application->Parameters['ThemeName'];
- }
-
- public function getDataAccess()
- {
- return $this->getApplication()->getModule('data');
- }
-
- public function gotoDefaultPage()
- {
- $this->gotoPage($this->Service->DefaultPage);
- }
-
- public function gotoPage($pagePath,$getParameters=null)
- {
- $this->Response->redirect($this->Service->constructUrl($pagePath,$getParameters,false));
- }
-
- public function reportError($errorCode)
- {
- $this->gotoPage('ErrorReport',array('id'=>$errorCode));
- }
-}
-
+<?php
+/**
+ * BlogPage class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Id$
+ */
+
+/**
+ * BlogPage class
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ */
+class BlogPage extends TPage
+{
+ public function onPreInit($param)
+ {
+ parent::onPreInit($param);
+ $this->Theme=$this->Application->Parameters['ThemeName'];
+ }
+
+ public function getDataAccess()
+ {
+ return $this->getApplication()->getModule('data');
+ }
+
+ public function gotoDefaultPage()
+ {
+ $this->gotoPage($this->Service->DefaultPage);
+ }
+
+ public function gotoPage($pagePath,$getParameters=null)
+ {
+ $this->Response->redirect($this->Service->constructUrl($pagePath,$getParameters,false));
+ }
+
+ public function reportError($errorCode)
+ {
+ $this->gotoPage('ErrorReport',array('id'=>$errorCode));
+ }
+}
+
?> \ No newline at end of file
diff --git a/demos/blog/protected/Common/BlogUser.php b/demos/blog/protected/Common/BlogUser.php
index 865d7659..08418965 100644
--- a/demos/blog/protected/Common/BlogUser.php
+++ b/demos/blog/protected/Common/BlogUser.php
@@ -1,60 +1,60 @@
-<?php
-/**
- * BlogUser class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- */
-
-Prado::using('System.Security.TUser');
-
-/**
- * BlogUser class
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- */
-class BlogUser extends TUser
-{
- private $_id;
-
- public function getID()
- {
- return $this->_id;
- }
-
- public function setID($value)
- {
- $this->_id=$value;
- }
-
- public function getIsAdmin()
- {
- return $this->isInRole('admin');
- }
-
- public function saveToString()
- {
- $a=array($this->_id,parent::saveToString());
- return serialize($a);
- }
-
- public function loadFromString($data)
- {
- if(!empty($data))
- {
- list($id,$str)=unserialize($data);
- $this->_id=$id;
- return parent::loadFromString($str);
- }
- else
- return $this;
- }
-}
-
+<?php
+/**
+ * BlogUser class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Id$
+ */
+
+Prado::using('System.Security.TUser');
+
+/**
+ * BlogUser class
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ */
+class BlogUser extends TUser
+{
+ private $_id;
+
+ public function getID()
+ {
+ return $this->_id;
+ }
+
+ public function setID($value)
+ {
+ $this->_id=$value;
+ }
+
+ public function getIsAdmin()
+ {
+ return $this->isInRole('admin');
+ }
+
+ public function saveToString()
+ {
+ $a=array($this->_id,parent::saveToString());
+ return serialize($a);
+ }
+
+ public function loadFromString($data)
+ {
+ if(!empty($data))
+ {
+ list($id,$str)=unserialize($data);
+ $this->_id=$id;
+ return parent::loadFromString($str);
+ }
+ else
+ return $this;
+ }
+}
+
?> \ No newline at end of file
diff --git a/demos/blog/protected/Common/BlogUserManager.php b/demos/blog/protected/Common/BlogUserManager.php
index efaa7f1f..26a4427a 100644
--- a/demos/blog/protected/Common/BlogUserManager.php
+++ b/demos/blog/protected/Common/BlogUserManager.php
@@ -1,95 +1,95 @@
-<?php
-/**
- * BlogUserManager class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- */
-
-Prado::using('System.Security.IUserManager');
-Prado::using('Application.Common.BlogUser');
-
-/**
- * BlogUserManager class
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- */
-class BlogUserManager extends TModule implements IUserManager
-{
- public function getGuestName()
- {
- return 'Guest';
- }
-
- /**
- * Returns a user instance given the user name.
- * @param string user name, null if it is a guest.
- * @return TUser the user instance, null if the specified username is not in the user database.
- */
- public function getUser($username=null)
- {
- if($username===null)
- return new BlogUser($this);
- else
- {
- $username=strtolower($username);
- $db=$this->Application->getModule('data');
- if(($userRecord=$db->queryUserByName($username))!==null)
- {
- $user=new BlogUser($this);
- $user->setID($userRecord->ID);
- $user->setName($username);
- $user->setIsGuest(false);
- $user->setRoles($userRecord->Role===UserRecord::ROLE_USER?'user':'admin');
- return $user;
- }
- else
- return null;
- }
- }
-
- /**
- * Validates if the username and password are correct.
- * @param string user name
- * @param string password
- * @return boolean true if validation is successful, false otherwise.
- */
- public function validateUser($username,$password)
- {
- $db=$this->Application->getModule('data');
- if(($userRecord=$db->queryUserByName($username))!==null)
- return $userRecord->Password===md5($password) && $userRecord->Status===UserRecord::STATUS_NORMAL;
- else
- return false;
- }
-
- /**
- * Saves user auth data into a cookie.
- * @param THttpCookie the cookie to receive the user auth data.
- * @since 3.1.1
- */
- public function saveUserToCookie($cookie)
- {
- // do nothing since we don't support cookie-based auth in this example
- }
-
- /**
- * Returns a user instance according to auth data stored in a cookie.
- * @param THttpCookie the cookie storing user authentication information
- * @return TUser the user instance generated based on the cookie auth data, null if the cookie does not have valid auth data.
- * @since 3.1.1
- */
- public function getUserFromCookie($cookie)
- {
- // do nothing since we don't support cookie-based auth in this example
- return null;
- }
-}
-
+<?php
+/**
+ * BlogUserManager class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Id$
+ */
+
+Prado::using('System.Security.IUserManager');
+Prado::using('Application.Common.BlogUser');
+
+/**
+ * BlogUserManager class
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ */
+class BlogUserManager extends TModule implements IUserManager
+{
+ public function getGuestName()
+ {
+ return 'Guest';
+ }
+
+ /**
+ * Returns a user instance given the user name.
+ * @param string user name, null if it is a guest.
+ * @return TUser the user instance, null if the specified username is not in the user database.
+ */
+ public function getUser($username=null)
+ {
+ if($username===null)
+ return new BlogUser($this);
+ else
+ {
+ $username=strtolower($username);
+ $db=$this->Application->getModule('data');
+ if(($userRecord=$db->queryUserByName($username))!==null)
+ {
+ $user=new BlogUser($this);
+ $user->setID($userRecord->ID);
+ $user->setName($username);
+ $user->setIsGuest(false);
+ $user->setRoles($userRecord->Role===UserRecord::ROLE_USER?'user':'admin');
+ return $user;
+ }
+ else
+ return null;
+ }
+ }
+
+ /**
+ * Validates if the username and password are correct.
+ * @param string user name
+ * @param string password
+ * @return boolean true if validation is successful, false otherwise.
+ */
+ public function validateUser($username,$password)
+ {
+ $db=$this->Application->getModule('data');
+ if(($userRecord=$db->queryUserByName($username))!==null)
+ return $userRecord->Password===md5($password) && $userRecord->Status===UserRecord::STATUS_NORMAL;
+ else
+ return false;
+ }
+
+ /**
+ * Saves user auth data into a cookie.
+ * @param THttpCookie the cookie to receive the user auth data.
+ * @since 3.1.1
+ */
+ public function saveUserToCookie($cookie)
+ {
+ // do nothing since we don't support cookie-based auth in this example
+ }
+
+ /**
+ * Returns a user instance according to auth data stored in a cookie.
+ * @param THttpCookie the cookie storing user authentication information
+ * @return TUser the user instance generated based on the cookie auth data, null if the cookie does not have valid auth data.
+ * @since 3.1.1
+ */
+ public function getUserFromCookie($cookie)
+ {
+ // do nothing since we don't support cookie-based auth in this example
+ return null;
+ }
+}
+
?> \ No newline at end of file
diff --git a/demos/blog/protected/Common/XListMenu.php b/demos/blog/protected/Common/XListMenu.php
index 7dadfbe4..92ab2984 100644
--- a/demos/blog/protected/Common/XListMenu.php
+++ b/demos/blog/protected/Common/XListMenu.php
@@ -1,127 +1,127 @@
-<?php
-/**
- * XListMenu and XListMenuItem class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- */
-
-Prado::using('System.Web.UI.WebControls.TListControl');
-
-/**
- * XListMenu class
- *
- * XListMenu displays a list of hyperlinks that can be used for page menus.
- * Menu items adjust their css class automatically according to the current
- * page displayed. In particular, a menu item is considered as active if
- * the URL it represents is for the page currently displayed.
- *
- * Usage of XListMenu is similar to PRADO list controls. Each list item has
- * two extra properties: {@link XListMenuItem::setPagePath PagePath} and
- * {@link XListMenuItem::setNavigateUrl NavigateUrl}. The former is used to
- * determine if the item is active or not, while the latter specifies the
- * URL for the item. If the latter is not specified, a URL to the page is
- * generated automatically.
- *
- * In template, you may use the following tags to specify a menu:
- * <code>
- * <com:XListMenu ActiveCssClass="class1" InactiveCssClass="class2">
- * <com:XListMenuItem Text="Menu 1" PagePath="Page1" />
- * <com:XListMenuItem Text="Menu 2" PagePath="Page2" NavigateUrl="/page2" />
- * </com:XListMenu>
- * </code>
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2006 PradoSoft
- * @license http://www.pradosoft.com/license/
- */
-class XListMenu extends TListControl
-{
- public function addParsedObject($object)
- {
- if($object instanceof XListMenuItem)
- parent::addParsedObject($object);
- }
-
- public function getActiveCssClass()
- {
- return $this->getViewState('ActiveCssClass','');
- }
-
- public function setActiveCssClass($value)
- {
- $this->setViewState('ActiveCssClass',$value,'');
- }
-
- public function getInactiveCssClass()
- {
- return $this->getViewState('InactiveCssClass','');
- }
-
- public function setInactiveCssClass($value)
- {
- $this->setViewState('InactiveCssClass',$value,'');
- }
-
- public function render($writer)
- {
- if(($activeClass=$this->getActiveCssClass())!=='')
- $activeClass=' class="'.$activeClass.'"';
- if(($inactiveClass=$this->getInactiveCssClass())!=='')
- $inactiveClass=' class="'.$inactiveClass.'"';
- $currentPagePath=$this->getPage()->getPagePath();
- $writer->write("<ul>\n");
- foreach($this->getItems() as $item)
- {
- $pagePath=$item->getPagePath();
- //if(strpos($currentPagePath.'.',$pagePath.'.')===0)
- if($pagePath[strlen($pagePath)-1]==='*')
- {
- if(strpos($currentPagePath.'.',rtrim($pagePath,'*'))===0)
- $cssClass=$activeClass;
- else
- $cssClass=$inactiveClass;
- }
- else
- {
- if($pagePath===$currentPagePath)
- $cssClass=$activeClass;
- else
- $cssClass=$inactiveClass;
- }
- if(($url=$item->getNavigateUrl())==='')
- $url=$this->getService()->constructUrl($pagePath);
- $writer->write("<li><a href=\"$url\"$cssClass>".$item->getText()."</a></li>\n");
- }
- $writer->write("</ul>");
- }
-}
-
-class XListMenuItem extends TListItem
-{
- public function getPagePath()
- {
- return $this->getValue();
- }
-
- public function setPagePath($value)
- {
- $this->setValue($value);
- }
-
- public function getNavigateUrl()
- {
- return $this->hasAttribute('NavigateUrl')?$this->getAttribute('NavigateUrl'):'';
- }
-
- public function setNavigateUrl($value)
- {
- $this->setAttribute('NavigateUrl',$value);
- }
-}
-
+<?php
+/**
+ * XListMenu and XListMenuItem class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Id$
+ */
+
+Prado::using('System.Web.UI.WebControls.TListControl');
+
+/**
+ * XListMenu class
+ *
+ * XListMenu displays a list of hyperlinks that can be used for page menus.
+ * Menu items adjust their css class automatically according to the current
+ * page displayed. In particular, a menu item is considered as active if
+ * the URL it represents is for the page currently displayed.
+ *
+ * Usage of XListMenu is similar to PRADO list controls. Each list item has
+ * two extra properties: {@link XListMenuItem::setPagePath PagePath} and
+ * {@link XListMenuItem::setNavigateUrl NavigateUrl}. The former is used to
+ * determine if the item is active or not, while the latter specifies the
+ * URL for the item. If the latter is not specified, a URL to the page is
+ * generated automatically.
+ *
+ * In template, you may use the following tags to specify a menu:
+ * <code>
+ * <com:XListMenu ActiveCssClass="class1" InactiveCssClass="class2">
+ * <com:XListMenuItem Text="Menu 1" PagePath="Page1" />
+ * <com:XListMenuItem Text="Menu 2" PagePath="Page2" NavigateUrl="/page2" />
+ * </com:XListMenu>
+ * </code>
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2006 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ */
+class XListMenu extends TListControl
+{
+ public function addParsedObject($object)
+ {
+ if($object instanceof XListMenuItem)
+ parent::addParsedObject($object);
+ }
+
+ public function getActiveCssClass()
+ {
+ return $this->getViewState('ActiveCssClass','');
+ }
+
+ public function setActiveCssClass($value)
+ {
+ $this->setViewState('ActiveCssClass',$value,'');
+ }
+
+ public function getInactiveCssClass()
+ {
+ return $this->getViewState('InactiveCssClass','');
+ }
+
+ public function setInactiveCssClass($value)
+ {
+ $this->setViewState('InactiveCssClass',$value,'');
+ }
+
+ public function render($writer)
+ {
+ if(($activeClass=$this->getActiveCssClass())!=='')
+ $activeClass=' class="'.$activeClass.'"';
+ if(($inactiveClass=$this->getInactiveCssClass())!=='')
+ $inactiveClass=' class="'.$inactiveClass.'"';
+ $currentPagePath=$this->getPage()->getPagePath();
+ $writer->write("<ul>\n");
+ foreach($this->getItems() as $item)
+ {
+ $pagePath=$item->getPagePath();
+ //if(strpos($currentPagePath.'.',$pagePath.'.')===0)
+ if($pagePath[strlen($pagePath)-1]==='*')
+ {
+ if(strpos($currentPagePath.'.',rtrim($pagePath,'*'))===0)
+ $cssClass=$activeClass;
+ else
+ $cssClass=$inactiveClass;
+ }
+ else
+ {
+ if($pagePath===$currentPagePath)
+ $cssClass=$activeClass;
+ else
+ $cssClass=$inactiveClass;
+ }
+ if(($url=$item->getNavigateUrl())==='')
+ $url=$this->getService()->constructUrl($pagePath);
+ $writer->write("<li><a href=\"$url\"$cssClass>".$item->getText()."</a></li>\n");
+ }
+ $writer->write("</ul>");
+ }
+}
+
+class XListMenuItem extends TListItem
+{
+ public function getPagePath()
+ {
+ return $this->getValue();
+ }
+
+ public function setPagePath($value)
+ {
+ $this->setValue($value);
+ }
+
+ public function getNavigateUrl()
+ {
+ return $this->hasAttribute('NavigateUrl')?$this->getAttribute('NavigateUrl'):'';
+ }
+
+ public function setNavigateUrl($value)
+ {
+ $this->setAttribute('NavigateUrl',$value);
+ }
+}
+
?> \ No newline at end of file