<com:TContent ID="Main"> <h1>Creating <tt>EditPost</tt> Page</h1> <p> The <tt>EditPost</tt> page is provided to authors and the administrator to edit existing blog posts. Like the <a href="?page=Day4.CreateNewPost">NewPost</a> page, it displays a form to collect the change to the title and content of a post. </p> <p> We create two files <tt>protected/pages/posts/EditPost.page</tt> and <tt>protected/pages/posts/EditPost.php</tt> to save the page template and page class, respectively. </p> <h2>Creating Page Template</h2> <p> The <tt>EditPost</tt> page template is very similar to the <tt>NewPost</tt> template. Only the page title and the button caption are different. </p> <com:TTextHighlighter CssClass="source" Language="prado"> <%@ Title="My Blog - Edit Post" %> <com:TContent ID="Main"> <h1>Edit Post</h1> <span>Title:</span> <com:TRequiredFieldValidator ControlToValidate="TitleEdit" ErrorMessage="Please provide a title." Display="Dynamic" /> <br/> <com:TTextBox ID="TitleEdit" Columns="50" /> <br/> <span>Content:</span> <com:TRequiredFieldValidator ControlToValidate="ContentEdit" ErrorMessage="Please provide content." Display="Dynamic" /> <br/> <com:THtmlArea ID="ContentEdit" /> <br/> <com:TButton Text="Save" OnClick="saveButtonClicked" /> </com:TContent> </com:TTextHighlighter> <h2>Creating Page Class</h2> <p> The <tt>EditPage</tt> page class is slightly complex than <tt>NewPage</tt> because it needs to load the specified post data first. It also needs to perform additional authorization check. In particular, it needs to ensure that a post can only be editted by the author or the administrator. Such authorization check is not provided by PRADO itself. </p> <com:TTextHighlighter CssClass="source" Language="php"> class EditPost extends TPage { /** * Initializes the inputs with existing post data. * This method is invoked by the framework when the page is being initialized. * @param mixed event parameter */ public function onInit($param) { parent::onInit($param); // Retrieves the existing user data. This is equivalent to: // $postRecord=$this->getPost(); $postRecord=$this->Post; // Authorization check: only the author or the administrator can edit the post if($postRecord->author_id!==$this->User->Name && !$this->User->IsAdmin) throw new THttpException(500,'You are not allowed to edit this post.'); if(!$this->IsPostBack) // if the page is initially requested { // Populates the input controls with the existing post data $this->TitleEdit->Text=$postRecord->title; $this->ContentEdit->Text=$postRecord->content; } } /** * Saves the post if all inputs are valid. * This method responds to the OnClick event of the "Save" button. * @param mixed event sender * @param mixed event parameter */ public function saveButtonClicked($sender,$param) { if($this->IsValid) // when all validations succeed { // Retrieves the existing user data. This is equivalent to: // $postRecord=$this->getPost(); $postRecord=$this->Post; // Fetches the input data $postRecord->title=$this->TitleEdit->SafeText; $postRecord->content=$this->ContentEdit->SafeText; // saves to the database via Active Record mechanism $postRecord->save(); // redirects the browser to the ReadPost page $url=$this->Service->constructUrl('posts.ReadPost',array('id'=>$postRecord->post_id)); $this->Response->redirect($url); } } /** * Returns the post data to be editted. * @return PostRecord the post data to be editted. * @throws THttpException if the post data is not found. */ protected function getPost() { // the ID of the post to be editted is passed via GET parameter 'id' $postID=(int)$this->Request['id']; // use Active Record to look for the specified post ID $postRecord=PostRecord::finder()->findByPk($postID); if($postRecord===null) throw new THttpException(500,'Post is not found.'); return $postRecord; } } </com:TTextHighlighter> <h2>Testing</h2> <p> To test the <tt>EditPost</tt> page, login first and visit the following URL: <tt>http://hostname/blog/index.php?page=EditPost&id=1</tt>. This URL can also be reached by clicking on the <tt>Edit</tt> link on a post detail page. </p> <img src="<%~ output4.gif %>" class="output" /> </com:TContent>