From 75f28186a995aa930f6db9f05ec7b63bbd2cd284 Mon Sep 17 00:00:00 2001 From: xue <> Date: Tue, 30 May 2006 03:30:14 +0000 Subject: Merge from 3.0 branch till 1103 --- demos/blog/protected/Pages/Posts/EditPost.php | 49 +++++++++++++++++++++------ 1 file changed, 38 insertions(+), 11 deletions(-) (limited to 'demos/blog/protected/Pages/Posts/EditPost.php') diff --git a/demos/blog/protected/Pages/Posts/EditPost.php b/demos/blog/protected/Pages/Posts/EditPost.php index 57e92b1c..24b58529 100644 --- a/demos/blog/protected/Pages/Posts/EditPost.php +++ b/demos/blog/protected/Pages/Posts/EditPost.php @@ -1,14 +1,36 @@ + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Revision: $ $Date: $ + */ +/** + * EditPost class + * + * @author Qiang Xue + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2006 PradoSoft + * @license http://www.pradosoft.com/license/ + */ class EditPost extends BlogPage { - public function getCurrentPost() + private $_postRecord=null; + + public function onInit($param) { + parent::onInit($param); $id=TPropertyValue::ensureInteger($this->Request['id']); - if(($post=$this->DataAccess->queryPostByID($id))!==null) - return $post; - else - throw new BlogException('xxx'); + $this->_postRecord=$this->DataAccess->queryPostByID($id); + if($this->_postRecord===null) + throw new BlogException(500,'post_id_invalid',$id); + // only the author and admin can edit the post + if(!$this->User->IsAdmin && $this->User->ID!==$this->_postRecord->AuthorID) + throw new BlogException(500,'post_edit_disallowed',$id); } public function onLoad($param) @@ -16,10 +38,10 @@ class EditPost extends BlogPage parent::onLoad($param); if(!$this->IsPostBack) { - $postRecord=$this->getCurrentPost(); + $postRecord=$this->_postRecord; $this->Title->Text=$postRecord->Title; $this->Content->Text=$postRecord->Content; - $this->DraftMode->Checked=$postRecord->Status===0; + $this->DraftMode->Checked=$postRecord->Status!==PostRecord::STATUS_PUBLISHED; $this->Categories->DataSource=$this->DataAccess->queryCategories(); $this->Categories->dataBind(); $cats=$this->DataAccess->queryCategoriesByPostID($postRecord->ID); @@ -34,10 +56,15 @@ class EditPost extends BlogPage { if($this->IsValid) { - $postRecord=$this->getCurrentPost(); - $postRecord->Title=$this->Title->Text; - $postRecord->Content=$this->Content->Text; - $postRecord->Status=$this->DraftMode->Checked?0:1; + $postRecord=$this->_postRecord; + $postRecord->Title=$this->Title->SafeText; + $postRecord->Content=$this->Content->SafeText; + if($this->DraftMode->Checked) + $postRecord->Status=PostRecord::STATUS_DRAFT; + else if(!$this->User->IsAdmin && TPropertyValue::ensureBoolean($this->Application->Parameters['PostApproval'])) + $postRecord->Status=PostRecord::STATUS_PENDING; + else + $postRecord->Status=PostRecord::STATUS_PUBLISHED; $postRecord->ModifyTime=time(); $cats=array(); foreach($this->Categories->SelectedValues as $value) -- cgit v1.2.3