diff options
| author | Christian Klinger | 2016-06-24 13:02:38 +0200 |
|---|---|---|
| committer | Christian Klinger | 2016-06-24 13:02:38 +0200 |
| commit | 5394876236afc3eb724ceebeac08abbbd9f2382b (patch) | |
| tree | 6175a968d612dc24e5e41b6de70ad7b15e876f99 /modules-available/news/page.inc.php | |
| parent | [exams] Apply formatting (diff) | |
| download | slx-admin-5394876236afc3eb724ceebeac08abbbd9f2382b.tar.gz slx-admin-5394876236afc3eb724ceebeac08abbbd9f2382b.tar.xz slx-admin-5394876236afc3eb724ceebeac08abbbd9f2382b.zip | |
also allow users to edit the help.
The code is still a little ugly.
Diffstat (limited to 'modules-available/news/page.inc.php')
| -rw-r--r-- | modules-available/news/page.inc.php | 393 |
1 files changed, 230 insertions, 163 deletions
diff --git a/modules-available/news/page.inc.php b/modules-available/news/page.inc.php index 0ba09fdb..ce24c424 100644 --- a/modules-available/news/page.inc.php +++ b/modules-available/news/page.inc.php @@ -2,166 +2,233 @@ class Page_News extends Page { - /** - * Member variables needed to represent a news entry. - * - * @var newsId int ID of the news entry attributed by the database. - * @var string Title of the entry. - * $newsContent string Content as text. (TODO: html-Support?) - * $newsDate string Unix epoch date of the news' creation. - */ - private $newsId = false; - private $newsTitle = false; - private $newsContent = false; - private $newsDate = false; - - /** - * Implementation of the abstract doPreprocess function - * - * Checks if the user is logged in and processes any - * action if one was specified in the request. - * - */ - protected function doPreprocess() - { - // load user, we will need it later - User::load(); - - // only admins should be able to edit news - if (!User::hasPermission('superadmin')) { - Message::addError('main.no-permission'); - Util::redirect('?do=Main'); - } - - // check which action we need to do - $action = Request::any('action', 'show'); - if ($action === 'clear') { - // clear news input fields - // TODO: is this the right way? - $this->newsId = false; - $this->newsTitle = false; - $this->newsContent = false; - $this->newsDate = false; - } elseif ($action === 'show') { - // show news - if (!$this->loadNews(Request::any('newsid'))) { - Message::addError('news-empty'); - } - } elseif ($action === 'save') { - // save to DB - if (!$this->saveNews()) { - // re-set the fields we got - Request::post('news-title') ? $this->newsTitle = Request::post('news-title') : $this->newsTitle = false; - Request::post('news-content') ? $this->newsContent = Request::post('news-content') : $this->newsContent = false; - } else { - Message::addSuccess('news-save-success'); - Util::redirect('?do=News'); - } - } elseif ($action === 'delete') { - // delete it - $this->delNews(Request::post('newsid')); - } else { - // unknown action, redirect user - Message::addError('invalid-action', $action); - Util::redirect('?do=News'); - } - } - - /** - * Implementation of the abstract doRender function - * - * Fetch the list of news from the database and paginate it. - * - */ - protected function doRender() - { - // fetch the list of the older news - $lines = array(); - $paginate = new Paginate("SELECT newsid, dateline, title, content FROM news ORDER BY dateline DESC", 10); - $res = $paginate->exec(); - while ($row = $res->fetch(PDO::FETCH_ASSOC)) { - $row['date'] = date('d.m.Y H:i', $row['dateline']); - - if ($row['newsid'] == $this->newsId) $row['active'] = "active"; - $lines[] = $row; - } - $paginate->render('page-news', array( - 'token' => Session::get('token'), - 'latestDate' => ($this->newsDate ? date('d.m.Y H:i', $this->newsDate) : '--'), - 'latestContent' => $this->newsContent, - 'latestTitle' => $this->newsTitle, - 'list' => $lines )); - - } - /** - * Loads the news with the given ID into the form. - * - * @param int $newsId ID of the news to be shown. - * @return boolean true if loading that news worked - * - */ - private function loadNews($newsId) - { - // check to see if we need to request a specific newsid - if ($newsId !== false) { - $row = Database::queryFirst("SELECT newsid, title, content, dateline FROM news WHERE newsid = :newsid LIMIT 1", array( - 'newsid' => $newsId - )); - } else { - $row = Database::queryFirst("SELECT newsid, title, content, dateline FROM news ORDER BY dateline DESC LIMIT 1"); - } - - // fetch the news to be shown - if ($row !== false) { - $this->newsId = $row['newsid']; - $this->newsTitle = $row['title']; - $this->newsContent = $row['content']; - $this->newsDate = $row['dateline']; - } - return $row !== false; - } - - /** - * Save the given $newsTitle and $newsContent as POST'ed into the database. - * - */ - private function saveNews() - { - // check if news content were set by the user - $newsTitle = Request::post('news-title'); - $newsContent = Request::post('news-content'); - if ($newsContent !== '' && $newsTitle !== '') { - // we got title and content, save it to DB - Database::exec("INSERT INTO news (dateline, title, content) VALUES (:dateline, :title, :content)", array( - 'dateline' => time(), - 'title' => $newsTitle, - 'content' => $newsContent - )); - return true; - } else { - Message::addError('main.empty-field'); - return false; - } - } - - /** - * Delete the news entry with ID $newsId - * - * @param int $newsId ID of the entry to be deleted. - */ - private function delNews($newsId) - { - // sanity check: is newsId even numeric? - if (!is_numeric($newsId)) { - Message::addError('main.value-invalid', 'newsid', $newsId); - } else { - // check passed - do delete - Database::exec("DELETE FROM news WHERE newsid = :newsid LIMIT 1", array( - 'newsid' => $newsId - )); - Message::addSuccess('news-del-success'); - } - Util::redirect('?do=News'); - } - -}
\ No newline at end of file + /** + * Member variables needed to represent a news entry. + * + * @var newsId int ID of the news entry attributed by the database. + * @var string Title of the entry. + * $newsContent string Content as text. (TODO: html-Support?) + * $newsDate string Unix epoch date of the news' creation. + */ + private $newsId = false; + private $newsTitle = false; + private $newsContent = false; + private $newsDate = false; + private $helpContent = ''; + private $editHelp = false; + + /** + * Implementation of the abstract doPreprocess function. + * + * Checks if the user is logged in and processes any + * action if one was specified in the request. + */ + protected function doPreprocess() + { + // load user, we will need it later + User::load(); + + // only admins should be able to edit news + if (!User::hasPermission('superadmin')) { + Message::addError('main.no-permission'); + Util::redirect('?do=Main'); + } + + // check which action we need to do + $action = Request::any('action', 'show'); + if ($action === 'clear') { + // clear news input fields + // TODO: is this the right way? + $this->newsId = false; + $this->newsTitle = false; + $this->newsContent = false; + $this->newsDate = false; + } elseif ($action === 'show') { + /* load latest help */ + $this->loadLatestHelp(Request::any('newsid')); + + /* and also the news (or help) with the given id */ + if (!$this->loadNews(Request::any('newsid'))) { + Message::addError('news-empty'); + } + + if (Request::any('editHelp')) { + $this->editHelp = true; + } + } elseif ($action === 'save') { + // save to DB + /* find out whether it's news or help */ + $x = Request::post('news-type'); + + if ($x == 'news') { + if (!$this->saveNews()) { + // re-set the fields we got + Request::post('news-title') ? $this->newsTitle = Request::post('news-title') : $this->newsTitle = false; + Request::post('news-content') ? $this->newsContent = Request::post('news-content') : $this->newsContent = false; + } else { + Message::addSuccess('news-save-success'); + $lastId = Database::lastInsertId(); + Util::redirect("?do=News&newsid=$lastId"); + } + } elseif ($x == 'help') { + if ($this->saveHelp()) { + Message::addSuccess('help-save-success'); + $lastId = Database::lastInsertId(); + Util::redirect("?do=News&newsid=$lastId"); + } + } + } elseif ($action === 'delete') { + // delete it + $this->delNews(Request::post('newsid')); + $x = Request::any('editHelp'); + Util::redirect("?do=News&editHelp=$x"); + } else { + // unknown action, redirect user + Message::addError('invalid-action', $action); + } + } + + /** + * Implementation of the abstract doRender function. + * + * Fetch the list of news from the database and paginate it. + */ + protected function doRender() + { + // fetch the list of the older news + $lines = array(); + $paginate = new Paginate("SELECT newsid, dateline, title, content FROM vmchooser_pages WHERE type='news' ORDER BY dateline DESC", 10); + $res = $paginate->exec(); + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $row['date'] = date('d.m.Y H:i', $row['dateline']); + + if ($row['newsid'] == $this->newsId) { + $row['active'] = 'active'; + } + $lines[] = $row; + } + // fetch the list of the older helps + $linesHelp = array(); + $paginateHelp = new Paginate("SELECT newsid, dateline, content FROM vmchooser_pages WHERE type='help' ORDER BY dateline DESC", 10); + $resHelp = $paginateHelp->exec(); + while ($row = $resHelp->fetch(PDO::FETCH_ASSOC)) { + $row['date'] = date('d.m.Y H:i', $row['dateline']); + if ($row['newsid'] == $this->newsId) { + $row['active'] = 'active'; + } + $linesHelp[] = $row; + } + // print_r($llist); + // die(); + + $paginate->render('page-news', array( + 'token' => Session::get('token'), + 'latestDate' => ($this->newsDate ? date('d.m.Y H:i', $this->newsDate) : '--'), + 'latestContent' => $this->newsContent, + 'latestTitle' => $this->newsTitle, + 'latestHelp' => $this->helpContent, + 'editHelp' => $this->editHelp, + 'list' => $lines, + 'listHelp' => $linesHelp, )); + } + /** + * Loads the news with the given ID into the form. + * + * @param int $newsId ID of the news to be shown. + * + * @return bool true if loading that news worked + */ + private function loadNews($newsId) + { + // check to see if we need to request a specific newsid + if ($newsId !== false) { + $row = Database::queryFirst('SELECT newsid, title, content, dateline, type FROM vmchooser_pages WHERE newsid = :newsid LIMIT 1', array( + 'newsid' => $newsId, + )); + } else { + $row = Database::queryFirst("SELECT newsid, title, content, dateline, type FROM vmchooser_pages WHERE type='news' ORDER BY dateline DESC LIMIT 1"); + } + + // fetch the news to be shown + if ($row !== false) { + if ($row['type'] == 'news') { + $this->newsId = $row['newsid']; + $this->newsTitle = $row['title']; + $this->newsContent = $row['content']; + $this->newsDate = $row['dateline']; + } else { + $this->editHelp = true; + $this->helpContent = $row['content']; + } + } + + return $row !== false; + } + + private function loadLatestHelp() + { + $row = Database::queryFirst("SELECT newsid, content, dateline, type FROM vmchooser_pages WHERE type='help' ORDER BY dateline DESC LIMIT 1", []); + if ($row !== false) { + $this->helpContent = $row['content']; + } + } + + /** + * Save the given $newsTitle and $newsContent as POST'ed into the database. + */ + private function saveNews() + { + // check if news content were set by the user + $newsTitle = Request::post('news-title'); + $newsContent = Request::post('news-content'); + if ($newsContent !== '' && $newsTitle !== '') { + // we got title and content, save it to DB + Database::exec("INSERT INTO vmchooser_pages (dateline, title, content, type) VALUES (:dateline, :title, :content, 'news')", array( + 'dateline' => time(), + 'title' => $newsTitle, + 'content' => $newsContent, + )); + + return true; + } else { + Message::addError('main.empty-field'); + + return false; + } + } + private function saveHelp() + { + $content = Request::post('help-content'); + if ($content !== '') { + Database::exec("INSERT INTO vmchooser_pages (dateline, content, type) VALUES (:dateline, :content, 'help')", array( + 'dateline' => time(), + 'content' => $content, + )); + + return true; + } else { + Message::addError('main.empty-field'); + + return false; + } + } + + /** + * Delete the news entry with ID $newsId. + * + * @param int $newsId ID of the entry to be deleted. + */ + private function delNews($newsId) + { + // sanity check: is newsId even numeric? + if (!is_numeric($newsId)) { + Message::addError('main.value-invalid', 'newsid', $newsId); + } else { + // check passed - do delete + Database::exec('DELETE FROM vmchooser_pages WHERE newsid = :newsid LIMIT 1', array( + 'newsid' => $newsId, + )); + Message::addSuccess('news-del-success'); + } + } +} |