From 75f28186a995aa930f6db9f05ec7b63bbd2cd284 Mon Sep 17 00:00:00 2001 From: xue <> Date: Tue, 30 May 2006 03:30:14 +0000 Subject: Merge from 3.0 branch till 1103 --- demos/blog/protected/Common/BlogDataModule.php | 66 ++++++++++++++++-------- demos/blog/protected/Common/BlogErrorHandler.php | 46 +++++++++++++++++ demos/blog/protected/Common/BlogErrors.php | 23 --------- demos/blog/protected/Common/BlogException.php | 19 ++++++- demos/blog/protected/Common/BlogPage.php | 23 +++++++++ demos/blog/protected/Common/BlogUser.php | 22 ++++++++ demos/blog/protected/Common/BlogUserManager.php | 21 +++++++- demos/blog/protected/Common/messages.txt | 10 +++- demos/blog/protected/Common/schema.sql | 2 +- 9 files changed, 183 insertions(+), 49 deletions(-) create mode 100644 demos/blog/protected/Common/BlogErrorHandler.php delete mode 100644 demos/blog/protected/Common/BlogErrors.php (limited to 'demos/blog/protected/Common') diff --git a/demos/blog/protected/Common/BlogDataModule.php b/demos/blog/protected/Common/BlogDataModule.php index 714743e7..a15701ab 100644 --- a/demos/blog/protected/Common/BlogDataModule.php +++ b/demos/blog/protected/Common/BlogDataModule.php @@ -1,7 +1,22 @@ + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Revision: $ $Date: $ + */ + +/** + * BlogDataModule class + * + * @author Qiang Xue + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + */ class BlogDataModule extends TModule { const DB_FILE_EXT='.db'; @@ -24,7 +39,7 @@ class BlogDataModule extends TModule public function setDbFile($value) { if(($this->_dbFile=Prado::getPathOfNamespace($value,self::DB_FILE_EXT))===null) - throw new BlogException('blogdatamodule_dbfile_invalid',$value); + throw new BlogException(500,'blogdatamodule_dbfile_invalid',$value); } protected function createDatabase() @@ -36,7 +51,7 @@ class BlogDataModule extends TModule if(trim($statement)!=='') { if(@sqlite_query($this->_db,$statement)===false) - throw new BlogException('blogdatamodule_createdatabase_failed',sqlite_error_string(sqlite_last_error($this->_db)),$statement); + throw new BlogException(500,'blogdatamodule_createdatabase_failed',sqlite_error_string(sqlite_last_error($this->_db)),$statement); } } } @@ -47,7 +62,7 @@ class BlogDataModule extends TModule $newDb=!is_file($dbFile); $error=''; if(($this->_db=sqlite_open($dbFile,0666,$error))===false) - throw new BlogException('blogdatamodule_dbconnect_failed',$error); + throw new BlogException(500,'blogdatamodule_dbconnect_failed',$error); if($newDb) $this->createDatabase(); } @@ -69,7 +84,7 @@ class BlogDataModule extends TModule if(($result=@sqlite_query($this->_db,$sql))!==false) return $result; else - throw new BlogException('blogdatamodule_query_failed',sqlite_error_string(sqlite_last_error($this->_db)),$sql); + throw new BlogException(500,'blogdatamodule_query_failed',sqlite_error_string(sqlite_last_error($this->_db)),$sql); } protected function populateUserRecord($row) @@ -143,8 +158,8 @@ class BlogDataModule extends TModule $website=sqlite_escape_string($user->Website); $createTime=time(); $sql="INSERT INTO tblUsers ". - "(name,full_name,role,passwd,email,reg_time,website) ". - "VALUES ('$name','$fullName',{$user->Role},'$passwd','$email',$createTime,'$website')"; + "(name,full_name,role,passwd,email,reg_time,status,website) ". + "VALUES ('$name','$fullName',{$user->Role},'$passwd','$email',$createTime,{$user->Status},'$website')"; $this->query($sql); $user->ID=sqlite_last_insert_rowid($this->_db); } @@ -192,13 +207,11 @@ class BlogDataModule extends TModule return $postRecord; } - public function queryPosts($authorFilter,$timeFilter,$categoryFilter,$orderBy,$limit) + public function queryPosts($postFilter,$categoryFilter,$orderBy,$limit) { $filter=''; - if($authorFilter!=='') - $filter.=" AND $authorFilter"; - if($timeFilter!=='') - $filter.=" AND $timeFilter"; + if($postFilter!=='') + $filter.=" AND $postFilter"; if($categoryFilter!=='') $filter.=" AND a.id IN (SELECT post_id AS id FROM tblPost2Category WHERE $categoryFilter)"; $sql="SELECT a.id AS id, @@ -221,13 +234,11 @@ class BlogDataModule extends TModule return $posts; } - public function queryPostCount($authorFilter,$timeFilter,$categoryFilter) + public function queryPostCount($postFilter,$categoryFilter) { $filter=''; - if($authorFilter!=='') - $filter.=" AND $authorFilter"; - if($timeFilter!=='') - $filter.=" AND $timeFilter"; + if($postFilter!=='') + $filter.=" AND $postFilter"; if($categoryFilter!=='') $filter.=" AND a.id IN (SELECT post_id AS id FROM tblPost2Category WHERE $categoryFilter)"; $sql="SELECT COUNT(a.id) AS post_count @@ -261,6 +272,11 @@ class BlogDataModule extends TModule return null; } + public function escapeString($string) + { + return sqlite_escape_string($string); + } + public function insertPost($post,$catIDs) { $title=sqlite_escape_string($post->Title); @@ -382,7 +398,7 @@ class BlogDataModule extends TModule public function queryCategories() { - $sql="SELECT * FROM tblCategories"; + $sql="SELECT * FROM tblCategories ORDER BY name ASC"; $result=$this->query($sql); $rows=sqlite_fetch_all($result,SQLITE_ASSOC); $cats=array(); @@ -398,7 +414,7 @@ class BlogDataModule extends TModule a.description AS description, a.post_count AS post_count FROM tblCategories a, tblPost2Category b - WHERE a.id=b.category_id AND b.post_id=$postID"; + WHERE a.id=b.category_id AND b.post_id=$postID ORDER BY a.name"; $result=$this->query($sql); $rows=sqlite_fetch_all($result,SQLITE_ASSOC); $cats=array(); @@ -486,6 +502,11 @@ class BlogDataModule extends TModule class UserRecord { + const ROLE_USER=0; + const ROLE_ADMIN=1; + const STATUS_NORMAL=0; + const STATUS_DISABLED=1; + const STATUS_PENDING=2; public $ID; public $Name; public $FullName; @@ -500,6 +521,9 @@ class UserRecord class PostRecord { + const STATUS_PUBLISHED=0; + const STATUS_DRAFT=1; + const STATUS_PENDING=2; public $ID; public $AuthorID; public $AuthorName; diff --git a/demos/blog/protected/Common/BlogErrorHandler.php b/demos/blog/protected/Common/BlogErrorHandler.php new file mode 100644 index 00000000..6dab2a29 --- /dev/null +++ b/demos/blog/protected/Common/BlogErrorHandler.php @@ -0,0 +1,46 @@ + + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Revision: $ $Date: $ + */ + +Prado::using('System.Exceptions.TErrorHandler'); +Prado::using('Application.Common.BlogException'); + +/** + * BlogErrorHandler class + * + * @author Qiang Xue + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + */ +class BlogErrorHandler extends TErrorHandler +{ + /** + * Displays error to the client user. + * THttpException and errors happened when the application is in Debug + * mode will be displayed to the client user. + * @param integer response status code + * @param Exception exception instance + */ + protected function handleExternalError($statusCode,$exception) + { + if($exception instanceof BlogException) + { + $message=$exception->getMessage(); + Prado::log($message,TLogger::ERROR,'BlogApplication'); + $message=urldecode($this->getApplication()->getSecurityManager()->hashData($message)); + $this->Response->redirect($this->Service->constructUrl('ErrorReport',array('msg'=>$message))); + } + else + parent::handleExternalError($statusCode,$exception); + } +} + +?> \ No newline at end of file diff --git a/demos/blog/protected/Common/BlogErrors.php b/demos/blog/protected/Common/BlogErrors.php deleted file mode 100644 index 501ec1c9..00000000 --- a/demos/blog/protected/Common/BlogErrors.php +++ /dev/null @@ -1,23 +0,0 @@ -'Unknown error.', - self::ERROR_POST_NOT_FOUND=>'The specified post cannot be found.', - self::ERROR_USER_NOT_FOUND=>'The specified user account cannot be found.', - self::ERROR_PERMISSION_DENIED=>'Sorry, you do not have permission to perform this action.', - ); - - public static function getMessage($errorCode) - { - return isset(self::$_errorMessages[$errorCode])?self::$_errorMessages[$errorCode]:self::$_errorMessages[0]; - } -} - -?> \ No newline at end of file diff --git a/demos/blog/protected/Common/BlogException.php b/demos/blog/protected/Common/BlogException.php index ab8020d1..64609366 100644 --- a/demos/blog/protected/Common/BlogException.php +++ b/demos/blog/protected/Common/BlogException.php @@ -1,6 +1,23 @@ + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Revision: $ $Date: $ + */ -class BlogException extends TApplicationException +/** + * BlogException class + * + * @author Qiang Xue + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + */ +class BlogException extends THttpException { /** * @return string path to the error message file diff --git a/demos/blog/protected/Common/BlogPage.php b/demos/blog/protected/Common/BlogPage.php index f1634a80..85a995c0 100644 --- a/demos/blog/protected/Common/BlogPage.php +++ b/demos/blog/protected/Common/BlogPage.php @@ -1,7 +1,30 @@ + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Revision: $ $Date: $ + */ +/** + * BlogPage class + * + * @author Qiang Xue + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + */ class BlogPage extends TPage { + public function onPreInit($param) + { + parent::onPreInit($param); + $this->Theme=$this->Application->Parameters['ThemeName']; + } + public function getDataAccess() { return $this->getApplication()->getModule('data'); diff --git a/demos/blog/protected/Common/BlogUser.php b/demos/blog/protected/Common/BlogUser.php index af49c8d7..42a171a6 100644 --- a/demos/blog/protected/Common/BlogUser.php +++ b/demos/blog/protected/Common/BlogUser.php @@ -1,7 +1,24 @@ + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Revision: $ $Date: $ + */ Prado::using('System.Security.TUser'); +/** + * BlogUser class + * + * @author Qiang Xue + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + */ class BlogUser extends TUser { private $_id; @@ -16,6 +33,11 @@ class BlogUser extends TUser $this->_id=$value; } + public function getIsAdmin() + { + return $this->isInRole('admin'); + } + public function saveToString() { $a=array($this->_id,parent::saveToString()); diff --git a/demos/blog/protected/Common/BlogUserManager.php b/demos/blog/protected/Common/BlogUserManager.php index c3ddb80b..3a7f4789 100644 --- a/demos/blog/protected/Common/BlogUserManager.php +++ b/demos/blog/protected/Common/BlogUserManager.php @@ -1,8 +1,25 @@ + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Revision: $ $Date: $ + */ Prado::using('System.Security.IUserManager'); Prado::using('Application.Common.BlogUser'); +/** + * BlogUserManager class + * + * @author Qiang Xue + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + */ class BlogUserManager extends TModule implements IUserManager { public function getGuestName() @@ -29,7 +46,7 @@ class BlogUserManager extends TModule implements IUserManager $user->setID($userRecord->ID); $user->setName($username); $user->setIsGuest(false); - $user->setRoles($userRecord->Role===0?'user':'admin'); + $user->setRoles($userRecord->Role===UserRecord::ROLE_USER?'user':'admin'); return $user; } else @@ -47,7 +64,7 @@ class BlogUserManager extends TModule implements IUserManager { $db=$this->Application->getModule('data'); if(($userRecord=$db->queryUserByName($username))!==null) - return $userRecord->Password===md5($password); + return $userRecord->Password===md5($password) && $userRecord->Status===UserRecord::STATUS_NORMAL; else return false; } diff --git a/demos/blog/protected/Common/messages.txt b/demos/blog/protected/Common/messages.txt index deb15ee3..2a18aac2 100644 --- a/demos/blog/protected/Common/messages.txt +++ b/demos/blog/protected/Common/messages.txt @@ -1,4 +1,12 @@ blogdatamodule_dbconnect_failed = Unable to connect to database: {0} blogdatamodule_dbfile_invalid = BlogDataModule.DbFile='{0}' is invalid. blogdatamodule_createdatabase_failed = BlogDataModule failed to create database when executing SQL: {1}. Last SQL error is: {0}. -blogdatamodule_query_failed = Failed to execute SQL: {1}. Last SQL error is: {0}. \ No newline at end of file +blogdatamodule_query_failed = Failed to execute SQL: {1}. Last SQL error is: {0}. + +newuser_registration_disallowed = The Weblog system is running in single user mode and does not allow new user registration. +profile_edit_disallowed = You are not allowed to modify user profile {0}. +profile_id_invalid = Unable to retrieve user profile {0}. + +post_id_invalid = Unable to retrieve post {0}. +post_edit_disallowed = You are not allowed to modify post {0}. +post_view_disallowed = You are not allowed to read post {0}. \ No newline at end of file diff --git a/demos/blog/protected/Common/schema.sql b/demos/blog/protected/Common/schema.sql index 49f6f429..a93512df 100644 --- a/demos/blog/protected/Common/schema.sql +++ b/demos/blog/protected/Common/schema.sql @@ -61,7 +61,7 @@ INSERT INTO tblUsers (id,name,full_name,role,status,passwd,email,reg_time,websit VALUES (1,'admin','Prado User',1,0,'4d688da592969d0a56b5accec3ce8554','admin@example.com',1148819681,'http://www.pradosoft.com'); INSERT INTO tblPosts (id,author_id,create_time,title,content,status) - VALUES (1,1,1148819691,'Welcome to Prado Weblog','Congratulations! You have successfully installed Prado Weblog. An administrator account has been created. Please login with admin/prado and update your password as soon as possible.',0); + VALUES (1,1,1148819691,'Welcome to Prado Weblog','Congratulations! You have successfully installed Prado Blog -- a PRADO-driven weblog system. A default administrator account has been created. Please login with admin/prado and update your password as soon as possible.',0); INSERT INTO tblCategories (name,description,post_count) VALUES ('Miscellaneous','This category holds posts on any topic.',1); -- cgit v1.2.3