From 4a9dd5c8513ed96d1e0cf43e370b170dc38fb502 Mon Sep 17 00:00:00 2001
From: xue <>
Date: Fri, 29 Jun 2007 17:41:20 +0000
Subject: finished blog-tutorial.

---
 .../day5/blog/protected/pages/posts/NewPost.php    | 34 ++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.php

(limited to 'demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.php')

diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.php
new file mode 100644
index 00000000..a5e3ea4d
--- /dev/null
+++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.php
@@ -0,0 +1,34 @@
+<?php
+
+class NewPost extends TPage
+{
+	/**
+	 * Creates a new post if all inputs are valid.
+	 * This method responds to the OnClick event of the "create" button.
+	 * @param mixed event sender
+	 * @param mixed event parameter
+	 */
+	public function createButtonClicked($sender,$param)
+	{
+		if($this->IsValid)  // when all validations succeed
+		{
+			// populates a PostRecord object with user inputs
+			$postRecord=new PostRecord;
+			// using SafeText instead of Text avoids Cross Site Scripting attack
+			$postRecord->title=$this->TitleEdit->SafeText;
+			$postRecord->content=$this->ContentEdit->SafeText;
+			$postRecord->author_id=$this->User->Name;
+			$postRecord->create_time=time();
+			$postRecord->status=0;
+
+			// saves to the database via Active Record mechanism
+			$postRecord->save();
+
+			// redirects the browser to the newly created post page
+			$url=$this->Service->constructUrl('posts.ReadPost',array('id'=>$postRecord->post_id));
+			$this->Response->redirect($url);
+		}
+	}
+}
+
+?>
\ No newline at end of file
-- 
cgit v1.2.3