From 4a9dd5c8513ed96d1e0cf43e370b170dc38fb502 Mon Sep 17 00:00:00 2001
From: xue <>
Date: Fri, 29 Jun 2007 17:41:20 +0000
Subject: finished blog-tutorial.

---
 .../day5/blog/protected/pages/posts/EditPost.page  | 27 ++++++++
 .../day5/blog/protected/pages/posts/EditPost.php   | 72 ++++++++++++++++++++++
 .../day5/blog/protected/pages/posts/ListPost.page  | 14 +++++
 .../day5/blog/protected/pages/posts/ListPost.php   | 64 +++++++++++++++++++
 .../day5/blog/protected/pages/posts/NewPost.page   | 27 ++++++++
 .../day5/blog/protected/pages/posts/NewPost.php    | 34 ++++++++++
 .../blog/protected/pages/posts/PostRenderer.php    |  7 +++
 .../blog/protected/pages/posts/PostRenderer.tpl    | 17 +++++
 .../day5/blog/protected/pages/posts/ReadPost.page  | 25 ++++++++
 .../day5/blog/protected/pages/posts/ReadPost.php   | 59 ++++++++++++++++++
 .../day5/blog/protected/pages/posts/config.xml     |  6 ++
 11 files changed, 352 insertions(+)
 create mode 100644 demos/blog-tutorial/samples/day5/blog/protected/pages/posts/EditPost.page
 create mode 100644 demos/blog-tutorial/samples/day5/blog/protected/pages/posts/EditPost.php
 create mode 100644 demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ListPost.page
 create mode 100644 demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ListPost.php
 create mode 100644 demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.page
 create mode 100644 demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.php
 create mode 100644 demos/blog-tutorial/samples/day5/blog/protected/pages/posts/PostRenderer.php
 create mode 100644 demos/blog-tutorial/samples/day5/blog/protected/pages/posts/PostRenderer.tpl
 create mode 100644 demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ReadPost.page
 create mode 100644 demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ReadPost.php
 create mode 100644 demos/blog-tutorial/samples/day5/blog/protected/pages/posts/config.xml

(limited to 'demos/blog-tutorial/samples/day5/blog/protected/pages/posts')

diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/EditPost.page b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/EditPost.page
new file mode 100644
index 00000000..579d833e
--- /dev/null
+++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/EditPost.page
@@ -0,0 +1,27 @@
+<%@ Title="My Blog - Edit Post" %>
+
+<com:TContent ID="Main">
+
+<h1>Edit Post</h1>
+
+<span>Title:</span>
+<com:TRequiredFieldValidator
+	ControlToValidate="TitleEdit"
+	ErrorMessage="Please provide a title."
+	Display="Dynamic" />
+<br/>
+<com:TTextBox ID="TitleEdit" Columns="50" />
+
+<br/>
+<span>Content:</span>
+<com:TRequiredFieldValidator
+	ControlToValidate="ContentEdit"
+	ErrorMessage="Please provide content."
+	Display="Dynamic" />
+<br/>
+<com:THtmlArea ID="ContentEdit" />
+
+<br/>
+<com:TButton Text="Save" OnClick="saveButtonClicked" />
+
+</com:TContent>
\ No newline at end of file
diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/EditPost.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/EditPost.php
new file mode 100644
index 00000000..e137b85e
--- /dev/null
+++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/EditPost.php
@@ -0,0 +1,72 @@
+<?php
+
+class EditPost extends TPage
+{
+	/**
+	 * Initializes the inputs with existing post data.
+	 * This method is invoked by the framework when the page is being initialized.
+	 * @param mixed event parameter
+	 */
+	public function onInit($param)
+	{
+		parent::onInit($param);
+		// Retrieves the existing user data. This is equivalent to:
+		// $postRecord=$this->getPost();
+		$postRecord=$this->Post;
+		// Authorization check: only the author or the administrator can edit the post
+		if($postRecord->author_id!==$this->User->Name && !$this->User->IsAdmin)
+			throw new THttpException(500,'You are not allowed to edit this post.');
+
+		if(!$this->IsPostBack)  // if the page is initially requested
+		{
+			// Populates the input controls with the existing post data
+			$this->TitleEdit->Text=$postRecord->title;
+			$this->ContentEdit->Text=$postRecord->content;
+		}
+	}
+
+	/**
+	 * Saves the post if all inputs are valid.
+	 * This method responds to the OnClick event of the "Save" button.
+	 * @param mixed event sender
+	 * @param mixed event parameter
+	 */
+	public function saveButtonClicked($sender,$param)
+	{
+		if($this->IsValid)  // when all validations succeed
+		{
+			// Retrieves the existing user data. This is equivalent to:
+			// $postRecord=$this->getPost();
+			$postRecord=$this->Post;
+
+			// Fetches the input data
+			$postRecord->title=$this->TitleEdit->SafeText;
+			$postRecord->content=$this->ContentEdit->SafeText;
+
+			// saves to the database via Active Record mechanism
+			$postRecord->save();
+
+			// redirects the browser to the ReadPost page
+			$url=$this->Service->constructUrl('posts.ReadPost',array('id'=>$postRecord->post_id));
+			$this->Response->redirect($url);
+		}
+	}
+
+	/**
+	 * Returns the post data to be editted.
+	 * @return PostRecord the post data to be editted.
+	 * @throws THttpException if the post data is not found.
+	 */
+	protected function getPost()
+	{
+		// the ID of the post to be editted is passed via GET parameter 'id'
+		$postID=(int)$this->Request['id'];
+		// use Active Record to look for the specified post ID
+		$postRecord=PostRecord::finder()->findByPk($postID);
+		if($postRecord===null)
+			throw new THttpException(500,'Post is not found.');
+		return $postRecord;
+	}
+}
+
+?>
\ No newline at end of file
diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ListPost.page b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ListPost.page
new file mode 100644
index 00000000..e26bc2f5
--- /dev/null
+++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ListPost.page
@@ -0,0 +1,14 @@
+<%@ Title="My Blog" %>
+
+<com:TContent ID="Main">
+
+<com:TRepeater ID="Repeater"
+	ItemRenderer="Application.pages.posts.PostRenderer"
+	AllowPaging="true"
+	AllowCustomPaging="true"
+	PageSize="5"
+	/>
+
+<com:TPager ControlToPaginate="Repeater" OnPageIndexChanged="pageChanged" />
+
+</com:TContent>
\ No newline at end of file
diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ListPost.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ListPost.php
new file mode 100644
index 00000000..7402dace
--- /dev/null
+++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ListPost.php
@@ -0,0 +1,64 @@
+<?php
+
+class ListPost extends TPage
+{
+	/**
+	 * Initializes the repeater.
+	 * This method is invoked by the framework when initializing the page
+	 * @param mixed event parameter
+	 */
+	public function onInit($param)
+	{
+		parent::onInit($param);
+		if(!$this->IsPostBack)  // if the page is requested the first time
+		{
+			// get the total number of posts available
+			$this->Repeater->VirtualItemCount=PostRecord::finder()->count();
+			// populates post data into the repeater
+			$this->populateData();
+		}
+	}
+
+	/**
+	 * Event handler to the OnPageIndexChanged event of the pager.
+	 * This method is invoked when the user clicks on a page button
+	 * and thus changes the page of posts to display.
+	 */
+	public function pageChanged($sender,$param)
+	{
+		// change the current page index to the new one
+		$this->Repeater->CurrentPageIndex=$param->NewPageIndex;
+		// re-populate data into the repeater
+		$this->populateData();
+	}
+
+	/**
+	 * Determines which page of posts to be displayed and
+	 * populates the repeater with the fetched data.
+	 */
+	protected function populateData()
+	{
+		$offset=$this->Repeater->CurrentPageIndex*$this->Repeater->PageSize;
+		$limit=$this->Repeater->PageSize;
+		if($offset+$limit>$this->Repeater->VirtualItemCount)
+			$limit=$this->Repeater->VirtualItemCount-$offset;
+		$this->Repeater->DataSource=$this->getPosts($offset,$limit);
+		$this->Repeater->dataBind();
+	}
+
+	/**
+	 * Fetches posts from database with offset and limit.
+	 */
+	protected function getPosts($offset, $limit)
+	{
+		// Construts a query criteria
+		$criteria=new TActiveRecordCriteria;
+		$criteria->OrdersBy['create_time']='desc';
+		$criteria->Limit=$limit;
+		$criteria->Offset=$offset;
+		// query for the posts with the above criteria and with author information
+		return PostRecord::finder()->withAuthor()->findAll($criteria);
+	}
+}
+
+?>
\ No newline at end of file
diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.page b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.page
new file mode 100644
index 00000000..bd46dfbb
--- /dev/null
+++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.page
@@ -0,0 +1,27 @@
+<%@ Title="My Blog - New Post" %>
+
+<com:TContent ID="Main">
+
+<h1>Create New Post</h1>
+
+<span>Title:</span>
+<com:TRequiredFieldValidator
+	ControlToValidate="TitleEdit"
+	ErrorMessage="Please provide a title."
+	Display="Dynamic" />
+<br/>
+<com:TTextBox ID="TitleEdit" Columns="50" />
+
+<br/>
+<span>Content:</span>
+<com:TRequiredFieldValidator
+	ControlToValidate="ContentEdit"
+	ErrorMessage="Please provide content."
+	Display="Dynamic" />
+<br/>
+<com:THtmlArea ID="ContentEdit" />
+
+<br/>
+<com:TButton Text="Create" OnClick="createButtonClicked" />
+
+</com:TContent>
\ No newline at end of file
diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.php
new file mode 100644
index 00000000..a5e3ea4d
--- /dev/null
+++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/NewPost.php
@@ -0,0 +1,34 @@
+<?php
+
+class NewPost extends TPage
+{
+	/**
+	 * Creates a new post if all inputs are valid.
+	 * This method responds to the OnClick event of the "create" button.
+	 * @param mixed event sender
+	 * @param mixed event parameter
+	 */
+	public function createButtonClicked($sender,$param)
+	{
+		if($this->IsValid)  // when all validations succeed
+		{
+			// populates a PostRecord object with user inputs
+			$postRecord=new PostRecord;
+			// using SafeText instead of Text avoids Cross Site Scripting attack
+			$postRecord->title=$this->TitleEdit->SafeText;
+			$postRecord->content=$this->ContentEdit->SafeText;
+			$postRecord->author_id=$this->User->Name;
+			$postRecord->create_time=time();
+			$postRecord->status=0;
+
+			// saves to the database via Active Record mechanism
+			$postRecord->save();
+
+			// redirects the browser to the newly created post page
+			$url=$this->Service->constructUrl('posts.ReadPost',array('id'=>$postRecord->post_id));
+			$this->Response->redirect($url);
+		}
+	}
+}
+
+?>
\ No newline at end of file
diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/PostRenderer.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/PostRenderer.php
new file mode 100644
index 00000000..cf0539a1
--- /dev/null
+++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/PostRenderer.php
@@ -0,0 +1,7 @@
+<?php
+
+class PostRenderer extends TRepeaterItemRenderer
+{
+}
+
+?>
\ No newline at end of file
diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/PostRenderer.tpl b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/PostRenderer.tpl
new file mode 100644
index 00000000..8f4a0502
--- /dev/null
+++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/PostRenderer.tpl
@@ -0,0 +1,17 @@
+<div class="post-box">
+<h3>
+<com:THyperLink Text="<%# $this->Data->title %>"
+	NavigateUrl="<%# $this->Service->constructUrl('posts.ReadPost',array('id'=>$this->Data->post_id)) %>" />
+</h3>
+
+<p>
+Author:
+<com:TLiteral Text="<%# $this->Data->author->username %>" /><br/>
+Time:
+<com:TLiteral Text="<%# date('m/d/Y h:m:sa', $this->Data->create_time) %>" />
+</p>
+
+<p>
+<com:TLiteral Text="<%# $this->Data->content %>" />
+</p>
+</div>
\ No newline at end of file
diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ReadPost.page b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ReadPost.page
new file mode 100644
index 00000000..60a8cf1e
--- /dev/null
+++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ReadPost.page
@@ -0,0 +1,25 @@
+<com:TContent ID="Main">
+
+<h2>
+<com:TLiteral Text="<%= $this->Post->title %>" />
+</h2>
+
+<com:TControl Visible="<%= $this->canEdit() %>">
+	<a href="<%= $this->Service->constructUrl('posts.EditPost',array('id'=>$this->Post->post_id))%>">Edit</a> |
+	<com:TLinkButton Text="Delete"
+		OnClick="deletePost"
+		Attributes.onclick="javascript:if(!confirm('Are you sure?')) return false;" />
+</com:TControl>
+
+<p>
+Author:
+<com:TLiteral Text="<%= $this->Post->author->username %>" /><br/>
+Time:
+<com:TLiteral Text="<%= date('m/d/Y h:m:sa', $this->Post->create_time) %>" />
+</p>
+
+<p>
+<com:TLiteral Text="<%= $this->Post->content %>" />
+</p>
+
+</com:TContent>
\ No newline at end of file
diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ReadPost.php b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ReadPost.php
new file mode 100644
index 00000000..0c120824
--- /dev/null
+++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/ReadPost.php
@@ -0,0 +1,59 @@
+<?php
+
+Prado::using('Application.BlogException');
+
+class ReadPost extends TPage
+{
+	private $_post;
+	/**
+	 * Fetches the post data.
+	 * This method is invoked by the framework when initializing the page
+	 * @param mixed event parameter
+	 */
+	public function onInit($param)
+	{
+		parent::onInit($param);
+		// post id is passed via the 'id' GET parameter
+		$postID=(int)$this->Request['id'];
+		// retrieves PostRecord with author information filled in
+		$this->_post=PostRecord::finder()->withAuthor()->findByPk($postID);
+		if($this->_post===null)  // if post id is invalid
+			throw new BlogException(500,'Unable to find the specified post.');
+		// set the page title as the post title
+		$this->Title=$this->_post->title;
+	}
+
+	/**
+	 * @return PostRecord the PostRecord currently being viewed
+	 */
+	public function getPost()
+	{
+		return $this->_post;
+	}
+
+	/**
+	 * Deletes the post currently being viewed
+	 * This method is invoked when the user clicks on the "Delete" button
+	 */
+	public function deletePost($sender,$param)
+	{
+		// only the author or the administrator can delete a post
+		if(!$this->canEdit())
+			throw new THttpException('You are not allowed to perform this action.');
+		// delete it from DB
+		$this->_post->delete();
+		// redirect the browser to the homepage
+		$this->Response->redirect($this->Service->DefaultPageUrl);
+	}
+
+	/**
+	 * @return boolean whether the current user can edit/delete the post being viewed
+	 */
+	public function canEdit()
+	{
+		// only the author or the administrator can edit/delete a post
+		return $this->User->Name===$this->Post->author_id || $this->User->IsAdmin;
+	}
+}
+
+?>
\ No newline at end of file
diff --git a/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/config.xml b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/config.xml
new file mode 100644
index 00000000..64065ed5
--- /dev/null
+++ b/demos/blog-tutorial/samples/day5/blog/protected/pages/posts/config.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+  <authorization>
+    <deny pages="NewPost,EditPost" roles="?" />
+  </authorization>
+</configuration>
\ No newline at end of file
-- 
cgit v1.2.3