From f92ca63a225d43e7ecca4ebe528c2a1e206a40f1 Mon Sep 17 00:00:00 2001 From: xue <> Date: Tue, 26 Jun 2007 15:59:16 +0000 Subject: Completed day 4 for blog tutorial. --- .../samples/day4/blog/protected/.htaccess | 1 + .../samples/day4/blog/protected/BlogUser.php | 59 +++++++++++++++ .../samples/day4/blog/protected/application.xml | 56 ++++++++++++++ .../samples/day4/blog/protected/data/blog.db | Bin 0 -> 4096 bytes .../day4/blog/protected/database/PostRecord.php | 28 +++++++ .../day4/blog/protected/database/UserRecord.php | 28 +++++++ .../day4/blog/protected/layouts/MainLayout.php | 19 +++++ .../day4/blog/protected/layouts/MainLayout.tpl | 40 ++++++++++ .../samples/day4/blog/protected/pages/Contact.page | 47 ++++++++++++ .../samples/day4/blog/protected/pages/Contact.php | 30 ++++++++ .../samples/day4/blog/protected/pages/Home.page | 7 ++ .../day4/blog/protected/pages/posts/EditPost.page | 27 +++++++ .../day4/blog/protected/pages/posts/EditPost.php | 72 ++++++++++++++++++ .../day4/blog/protected/pages/posts/ListPost.page | 14 ++++ .../day4/blog/protected/pages/posts/ListPost.php | 64 ++++++++++++++++ .../day4/blog/protected/pages/posts/NewPost.page | 27 +++++++ .../day4/blog/protected/pages/posts/NewPost.php | 34 +++++++++ .../blog/protected/pages/posts/PostRenderer.php | 7 ++ .../blog/protected/pages/posts/PostRenderer.tpl | 15 ++++ .../day4/blog/protected/pages/posts/ReadPost.page | 25 +++++++ .../day4/blog/protected/pages/posts/ReadPost.php | 57 ++++++++++++++ .../day4/blog/protected/pages/posts/config.xml | 6 ++ .../day4/blog/protected/pages/users/AdminUser.page | 40 ++++++++++ .../day4/blog/protected/pages/users/AdminUser.php | 36 +++++++++ .../day4/blog/protected/pages/users/EditUser.page | 61 +++++++++++++++ .../day4/blog/protected/pages/users/EditUser.php | 83 +++++++++++++++++++++ .../day4/blog/protected/pages/users/LoginUser.page | 28 +++++++ .../day4/blog/protected/pages/users/LoginUser.php | 37 +++++++++ .../day4/blog/protected/pages/users/NewUser.page | 73 ++++++++++++++++++ .../day4/blog/protected/pages/users/NewUser.php | 45 +++++++++++ .../day4/blog/protected/pages/users/config.xml | 7 ++ .../samples/day4/blog/protected/schema.sql | 25 +++++++ 32 files changed, 1098 insertions(+) create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/.htaccess create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/BlogUser.php create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/application.xml create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/data/blog.db create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/database/PostRecord.php create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/database/UserRecord.php create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/layouts/MainLayout.php create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/layouts/MainLayout.tpl create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/Contact.page create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/Contact.php create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/Home.page create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/posts/EditPost.page create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/posts/EditPost.php create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ListPost.page create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ListPost.php create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/posts/NewPost.page create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/posts/NewPost.php create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/posts/PostRenderer.php create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/posts/PostRenderer.tpl create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ReadPost.page create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ReadPost.php create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/posts/config.xml create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/users/AdminUser.page create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/users/AdminUser.php create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/users/EditUser.page create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/users/EditUser.php create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/users/LoginUser.page create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/users/LoginUser.php create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/users/NewUser.page create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/users/NewUser.php create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/pages/users/config.xml create mode 100644 demos/blog-tutorial/samples/day4/blog/protected/schema.sql (limited to 'demos/blog-tutorial/samples/day4/blog/protected') diff --git a/demos/blog-tutorial/samples/day4/blog/protected/.htaccess b/demos/blog-tutorial/samples/day4/blog/protected/.htaccess new file mode 100644 index 00000000..3418e55a --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/.htaccess @@ -0,0 +1 @@ +deny from all \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/BlogUser.php b/demos/blog-tutorial/samples/day4/blog/protected/BlogUser.php new file mode 100644 index 00000000..6b9e0a23 --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/BlogUser.php @@ -0,0 +1,59 @@ +findByPk($username); + if($userRecord instanceof UserRecord) // if found + { + $user=new BlogUser($this->Manager); + $user->Name=$username; // set username + $user->Roles=($userRecord->role==1?'admin':'user'); // set role + $user->IsGuest=false; // the user is not a guest + return $user; + } + else + return null; + } + + /** + * Checks if the specified (username, password) is valid. + * This method is required by TDbUser. + * @param string username + * @param string password + * @return boolean whether the username and password are valid. + */ + public function validateUser($username,$password) + { + // use UserRecord Active Record to look for the (username, password) pair. + return UserRecord::finder()->findBy_username_AND_password($username,$password)!==null; + } + + /** + * @return boolean whether this user is an administrator. + */ + public function getIsAdmin() + { + return $this->isInRole('admin'); + } +} + +?> \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/application.xml b/demos/blog-tutorial/samples/day4/blog/protected/application.xml new file mode 100644 index 00000000..fd6781df --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/application.xml @@ -0,0 +1,56 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/data/blog.db b/demos/blog-tutorial/samples/day4/blog/protected/data/blog.db new file mode 100644 index 00000000..fa48526a Binary files /dev/null and b/demos/blog-tutorial/samples/day4/blog/protected/data/blog.db differ diff --git a/demos/blog-tutorial/samples/day4/blog/protected/database/PostRecord.php b/demos/blog-tutorial/samples/day4/blog/protected/database/PostRecord.php new file mode 100644 index 00000000..01f84437 --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/database/PostRecord.php @@ -0,0 +1,28 @@ + array(self::BELONGS_TO, 'UserRecord'), + ); + + public static function finder($className=__CLASS__) + { + return parent::finder($className); + } +} +?> \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/database/UserRecord.php b/demos/blog-tutorial/samples/day4/blog/protected/database/UserRecord.php new file mode 100644 index 00000000..18d5ebbe --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/database/UserRecord.php @@ -0,0 +1,28 @@ + array(self::HAS_MANY, 'PostRecord'), + ); + + public static function finder($className=__CLASS__) + { + return parent::finder($className); + } +} +?> \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/layouts/MainLayout.php b/demos/blog-tutorial/samples/day4/blog/protected/layouts/MainLayout.php new file mode 100644 index 00000000..46c1483d --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/layouts/MainLayout.php @@ -0,0 +1,19 @@ +Application->getModule('auth')->logout(); + $url=$this->Service->constructUrl($this->Service->DefaultPage); + $this->Response->redirect($url); + } +} + +?> \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/layouts/MainLayout.tpl b/demos/blog-tutorial/samples/day4/blog/protected/layouts/MainLayout.tpl new file mode 100644 index 00000000..3f0a9a4f --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/layouts/MainLayout.tpl @@ -0,0 +1,40 @@ + + + + + + + +
+ +
+ + + +
+ + \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/Contact.page b/demos/blog-tutorial/samples/day4/blog/protected/pages/Contact.page new file mode 100644 index 00000000..c36149ca --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/Contact.page @@ -0,0 +1,47 @@ +<%@ Title="My Blog - Contact" %> + + + +

Contact

+

Please fill out the following form to let me know your feedback on my blog. Thanks!

+ +Your Name: + +
+ + +
+ +Your Email: + + +
+ + +
+ +Feedback: + +
+ + +
+ + + +
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/Contact.php b/demos/blog-tutorial/samples/day4/blog/protected/pages/Contact.php new file mode 100644 index 00000000..b6ce575e --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/Contact.php @@ -0,0 +1,30 @@ +IsValid) // check if input validation is successful + { + // obtain the user name, email, feedback from the textboxes + $name = $this->Name->Text; + $email = $this->Email->Text; + $feedback = $this->Feedback->Text; + + // send an email to administrator with the above information + $this->mailFeedback($name, $email, $feedback); + } + } + + protected function mailFeedback($name, $email, $feedback) + { + // implementation of sending the feedback email + } +} + +?> \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/Home.page b/demos/blog-tutorial/samples/day4/blog/protected/pages/Home.page new file mode 100644 index 00000000..7a9c4a7d --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/Home.page @@ -0,0 +1,7 @@ +<%@ Title="Welcome to PRADO" %> + + + +

Welcome to PRADO!

+ +
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/EditPost.page b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/EditPost.page new file mode 100644 index 00000000..579d833e --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/EditPost.page @@ -0,0 +1,27 @@ +<%@ Title="My Blog - Edit Post" %> + + + +

Edit Post

+ +Title: + +
+ + +
+Content: + +
+ + +
+ + +
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/EditPost.php b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/EditPost.php new file mode 100644 index 00000000..e137b85e --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/EditPost.php @@ -0,0 +1,72 @@ +getPost(); + $postRecord=$this->Post; + // Authorization check: only the author or the administrator can edit the post + if($postRecord->author_id!==$this->User->Name && !$this->User->IsAdmin) + throw new THttpException(500,'You are not allowed to edit this post.'); + + if(!$this->IsPostBack) // if the page is initially requested + { + // Populates the input controls with the existing post data + $this->TitleEdit->Text=$postRecord->title; + $this->ContentEdit->Text=$postRecord->content; + } + } + + /** + * Saves the post if all inputs are valid. + * This method responds to the OnClick event of the "Save" button. + * @param mixed event sender + * @param mixed event parameter + */ + public function saveButtonClicked($sender,$param) + { + if($this->IsValid) // when all validations succeed + { + // Retrieves the existing user data. This is equivalent to: + // $postRecord=$this->getPost(); + $postRecord=$this->Post; + + // Fetches the input data + $postRecord->title=$this->TitleEdit->SafeText; + $postRecord->content=$this->ContentEdit->SafeText; + + // saves to the database via Active Record mechanism + $postRecord->save(); + + // redirects the browser to the ReadPost page + $url=$this->Service->constructUrl('posts.ReadPost',array('id'=>$postRecord->post_id)); + $this->Response->redirect($url); + } + } + + /** + * Returns the post data to be editted. + * @return PostRecord the post data to be editted. + * @throws THttpException if the post data is not found. + */ + protected function getPost() + { + // the ID of the post to be editted is passed via GET parameter 'id' + $postID=(int)$this->Request['id']; + // use Active Record to look for the specified post ID + $postRecord=PostRecord::finder()->findByPk($postID); + if($postRecord===null) + throw new THttpException(500,'Post is not found.'); + return $postRecord; + } +} + +?> \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ListPost.page b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ListPost.page new file mode 100644 index 00000000..e26bc2f5 --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ListPost.page @@ -0,0 +1,14 @@ +<%@ Title="My Blog" %> + + + + + + + + \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ListPost.php b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ListPost.php new file mode 100644 index 00000000..7402dace --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ListPost.php @@ -0,0 +1,64 @@ +IsPostBack) // if the page is requested the first time + { + // get the total number of posts available + $this->Repeater->VirtualItemCount=PostRecord::finder()->count(); + // populates post data into the repeater + $this->populateData(); + } + } + + /** + * Event handler to the OnPageIndexChanged event of the pager. + * This method is invoked when the user clicks on a page button + * and thus changes the page of posts to display. + */ + public function pageChanged($sender,$param) + { + // change the current page index to the new one + $this->Repeater->CurrentPageIndex=$param->NewPageIndex; + // re-populate data into the repeater + $this->populateData(); + } + + /** + * Determines which page of posts to be displayed and + * populates the repeater with the fetched data. + */ + protected function populateData() + { + $offset=$this->Repeater->CurrentPageIndex*$this->Repeater->PageSize; + $limit=$this->Repeater->PageSize; + if($offset+$limit>$this->Repeater->VirtualItemCount) + $limit=$this->Repeater->VirtualItemCount-$offset; + $this->Repeater->DataSource=$this->getPosts($offset,$limit); + $this->Repeater->dataBind(); + } + + /** + * Fetches posts from database with offset and limit. + */ + protected function getPosts($offset, $limit) + { + // Construts a query criteria + $criteria=new TActiveRecordCriteria; + $criteria->OrdersBy['create_time']='desc'; + $criteria->Limit=$limit; + $criteria->Offset=$offset; + // query for the posts with the above criteria and with author information + return PostRecord::finder()->withAuthor()->findAll($criteria); + } +} + +?> \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/NewPost.page b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/NewPost.page new file mode 100644 index 00000000..bd46dfbb --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/NewPost.page @@ -0,0 +1,27 @@ +<%@ Title="My Blog - New Post" %> + + + +

Create New Post

+ +Title: + +
+ + +
+Content: + +
+ + +
+ + +
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/NewPost.php b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/NewPost.php new file mode 100644 index 00000000..a5e3ea4d --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/NewPost.php @@ -0,0 +1,34 @@ +IsValid) // when all validations succeed + { + // populates a PostRecord object with user inputs + $postRecord=new PostRecord; + // using SafeText instead of Text avoids Cross Site Scripting attack + $postRecord->title=$this->TitleEdit->SafeText; + $postRecord->content=$this->ContentEdit->SafeText; + $postRecord->author_id=$this->User->Name; + $postRecord->create_time=time(); + $postRecord->status=0; + + // saves to the database via Active Record mechanism + $postRecord->save(); + + // redirects the browser to the newly created post page + $url=$this->Service->constructUrl('posts.ReadPost',array('id'=>$postRecord->post_id)); + $this->Response->redirect($url); + } + } +} + +?> \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/PostRenderer.php b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/PostRenderer.php new file mode 100644 index 00000000..cf0539a1 --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/PostRenderer.php @@ -0,0 +1,7 @@ + \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/PostRenderer.tpl b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/PostRenderer.tpl new file mode 100644 index 00000000..862df1ab --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/PostRenderer.tpl @@ -0,0 +1,15 @@ +

+ +

+ +

+Author: +
+Time: + +

+ +

+ +

diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ReadPost.page b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ReadPost.page new file mode 100644 index 00000000..60a8cf1e --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ReadPost.page @@ -0,0 +1,25 @@ + + +

+ +

+ + + Edit | + + + +

+Author: +
+Time: + +

+ +

+ +

+ +
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ReadPost.php b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ReadPost.php new file mode 100644 index 00000000..2aeaa4d3 --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/ReadPost.php @@ -0,0 +1,57 @@ +Request['id']; + // retrieves PostRecord with author information filled in + $this->_post=PostRecord::finder()->withAuthor()->findByPk($postID); + if($this->_post===null) // if post id is invalid + throw new THttpException(500,'Unable to find the specified post.'); + // set the page title as the post title + $this->Title=$this->_post->title; + } + + /** + * @return PostRecord the PostRecord currently being viewed + */ + public function getPost() + { + return $this->_post; + } + + /** + * Deletes the post currently being viewed + * This method is invoked when the user clicks on the "Delete" button + */ + public function deletePost($sender,$param) + { + // only the author or the administrator can delete a post + if(!$this->canEdit()) + throw new THttpException('You are not allowed to perform this action.'); + // delete it from DB + $this->_post->delete(); + // redirect the browser to the homepage + $this->Response->redirect($this->Service->DefaultPageUrl); + } + + /** + * @return boolean whether the current user can edit/delete the post being viewed + */ + public function canEdit() + { + // only the author or the administrator can edit/delete a post + return $this->User->Name===$this->Post->author_id || $this->User->IsAdmin; + } +} + +?> \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/config.xml b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/config.xml new file mode 100644 index 00000000..64065ed5 --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/posts/config.xml @@ -0,0 +1,6 @@ + + + + + + \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/users/AdminUser.page b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/AdminUser.page new file mode 100644 index 00000000..af03b858 --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/AdminUser.page @@ -0,0 +1,40 @@ +<%@ Title="My Blog - Manage User Accounts" %> + + + +

Manage User Accounts

+ +Create New User +
+ + + + + # + $this->Service->constructUrl('users.EditUser',array('username'=>{0})) + + + + + + + + + + + +
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/users/AdminUser.php b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/AdminUser.php new file mode 100644 index 00000000..ad8f6e3d --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/AdminUser.php @@ -0,0 +1,36 @@ +UserGrid->DataSource=UserRecord::finder()->findAll(); + // binds the data to interface components + $this->UserGrid->dataBind(); + } + + /** + * Deletes a specified user record. + * This method responds to the datagrid's OnDeleteCommand event. + * @param TDataGrid the event sender + * @param TDataGridCommandEventParameter the event parameter + */ + public function deleteButtonClicked($sender,$param) + { + // obtains the datagrid item that contains the clicked delete button + $item=$param->Item; + // obtains the primary key corresponding to the datagrid item + $username=$this->UserGrid->DataKeys[$item->ItemIndex]; + // deletes the user record with the specified username primary key + UserRecord::finder()->deleteByPk($username); + } +} + +?> \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/users/EditUser.page b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/EditUser.page new file mode 100644 index 00000000..8aa3670e --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/EditUser.page @@ -0,0 +1,61 @@ +<%@ Title="My Blog - Edit User" %> + + + +

Edit User

+ +Username: + + +
+Password: +
+ + +
+Re-type Password: + +
+ + +
+Email Address: + + +
+ + + +
+Role: +
+ + + + +
+ +
+First Name: +
+ + +
+Last Name: +
+ + +
+ + +
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/users/EditUser.php b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/EditUser.php new file mode 100644 index 00000000..81538c33 --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/EditUser.php @@ -0,0 +1,83 @@ +IsPostBack) // if the page is initially requested + { + // Retrieves the existing user data. This is equivalent to: + // $userRecord=$this->getUserRecord(); + $userRecord=$this->UserRecord; + + // Populates the input controls with the existing user data + $this->Username->Text=$userRecord->username; + $this->Email->Text=$userRecord->email; + $this->Role->SelectedValue=$userRecord->role; + $this->FirstName->Text=$userRecord->first_name; + $this->LastName->Text=$userRecord->last_name; + } + } + + /** + * Saves the user account if all inputs are valid. + * This method responds to the OnClick event of the "save" button. + * @param mixed event sender + * @param mixed event parameter + */ + public function saveButtonClicked($sender,$param) + { + if($this->IsValid) // when all validations succeed + { + // Retrieves the existing user data. This is equivalent to: + $userRecord=$this->UserRecord; + + // Fetches the input data + $userRecord->username=$this->Username->Text; + // update password when the input is not empty + if(!empty($this->Password->Text)) + $userRecord->password=$this->Password->Text; + $userRecord->email=$this->Email->Text; + // update the role if the current user is an administrator + if($this->User->IsAdmin) + $userRecord->role=(int)$this->Role->SelectedValue; + $userRecord->first_name=$this->FirstName->Text; + $userRecord->last_name=$this->LastName->Text; + + // saves to the database via Active Record mechanism + $userRecord->save(); + + // redirects the browser to the homepage + $this->Response->redirect($this->Service->DefaultPageUrl); + } + } + + /** + * Returns the user data to be editted. + * @return UserRecord the user data to be editted. + * @throws THttpException if the user data is not found. + */ + protected function getUserRecord() + { + // the user to be editted is the currently logged-in user + $username=$this->User->Name; + // if the 'username' GET var is not empty and the current user + // is an administrator, we use the GET var value instead. + if($this->User->IsAdmin && $this->Request['username']!==null) + $username=$this->Request['username']; + + // use Active Record to look for the specified username + $userRecord=UserRecord::finder()->findByPk($username); + if(!($userRecord instanceof UserRecord)) + throw new THttpException(500,'Username is invalid.'); + return $userRecord; + } +} + +?> \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/users/LoginUser.page b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/LoginUser.page new file mode 100644 index 00000000..f7fc7367 --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/LoginUser.page @@ -0,0 +1,28 @@ +<%@ Title="My Blog - Login" %> + + + +

Login

+ +Username: + +
+ + +
+Password: + +
+ + +
+ + +
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/users/LoginUser.php b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/LoginUser.php new file mode 100644 index 00000000..a0955490 --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/LoginUser.php @@ -0,0 +1,37 @@ +Application->getModule('auth'); + if(!$authManager->login($this->Username->Text,$this->Password->Text)) + $param->IsValid=false; // tell the validator that validation fails + } + + /** + * Redirects the user's browser to appropriate URL if login succeeds. + * This method responds to the login button's OnClick event. + * @param mixed event sender + * @param mixed event parameter + */ + public function loginButtonClicked($sender,$param) + { + if($this->Page->IsValid) // all validations succeed + { + // obtain the URL of the privileged page that the user wanted to visit originally + $url=$this->Application->getModule('auth')->ReturnUrl; + if(empty($url)) // the user accesses the login page directly + $url=$this->Service->DefaultPageUrl; + $this->Response->redirect($url); + } + } +} + +?> \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/users/NewUser.page b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/NewUser.page new file mode 100644 index 00000000..d1547a9a --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/NewUser.page @@ -0,0 +1,73 @@ +<%@ Title="My Blog - New User" %> + + + +

Create New User

+ +Username: + + +
+ + +
+Password: + +
+ + +
+Re-type Password: + +
+ + +
+Email Address: + + +
+ + +
+Role: +
+ + + + + +
+First Name: +
+ + +
+Last Name: +
+ + +
+ + +
\ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/users/NewUser.php b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/NewUser.php new file mode 100644 index 00000000..76e8cb88 --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/NewUser.php @@ -0,0 +1,45 @@ +IsValid=UserRecord::finder()->findByPk($this->Username->Text)===null; + } + + /** + * Creates a new user account if all inputs are valid. + * This method responds to the OnClick event of the "create" button. + * @param mixed event sender + * @param mixed event parameter + */ + public function createButtonClicked($sender,$param) + { + if($this->IsValid) // when all validations succeed + { + // populates a UserRecord object with user inputs + $userRecord=new UserRecord; + $userRecord->username=$this->Username->Text; + $userRecord->password=$this->Password->Text; + $userRecord->email=$this->Email->Text; + $userRecord->role=(int)$this->Role->SelectedValue; + $userRecord->first_name=$this->FirstName->Text; + $userRecord->last_name=$this->LastName->Text; + + // saves to the database via Active Record mechanism + $userRecord->save(); + + // redirects the browser to the homepage + $this->Response->redirect($this->Service->DefaultPageUrl); + } + } +} + +?> \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/pages/users/config.xml b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/config.xml new file mode 100644 index 00000000..56554441 --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/pages/users/config.xml @@ -0,0 +1,7 @@ + + + + + + + \ No newline at end of file diff --git a/demos/blog-tutorial/samples/day4/blog/protected/schema.sql b/demos/blog-tutorial/samples/day4/blog/protected/schema.sql new file mode 100644 index 00000000..89f7388e --- /dev/null +++ b/demos/blog-tutorial/samples/day4/blog/protected/schema.sql @@ -0,0 +1,25 @@ +/* create users table */ +CREATE TABLE users ( + username VARCHAR(128) NOT NULL PRIMARY KEY, + email VARCHAR(128) NOT NULL, + password VARCHAR(128) NOT NULL, /* in plain text */ + role INTEGER NOT NULL, /* 0: normal user, 1: administrator */ + first_name VARCHAR(128), + last_name VARCHAR(128) +); + +/* create posts table */ +CREATE TABLE posts ( + post_id INTEGER NOT NULL PRIMARY KEY, + author_id VARCHAR(128) NOT NULL + CONSTRAINT fk_author REFERENCES users(username), + create_time INTEGER NOT NULL, /* UNIX timestamp */ + title VARCHAR(256) NOT NULL, /* title of the post */ + content TEXT, /* post body */ + status INTEGER NOT NULL /* 0: published; 1: draft; 2: pending; 2: denied */ +); + +/* insert some initial data records for testing */ +INSERT INTO users VALUES ('admin', 'admin@example.com', 'demo', 1, 'Qiang', 'Xue'); +INSERT INTO users VALUES ('demo', 'demo@example.com', 'demo', 0, 'Wei', 'Zhuo'); +INSERT INTO posts VALUES (NULL, 'admin', 1175708482, 'first post', 'this is my first post', 0); -- cgit v1.2.3