diff options
Diffstat (limited to 'admin/post/update.php')
-rw-r--r-- | admin/post/update.php | 96 |
1 files changed, 96 insertions, 0 deletions
diff --git a/admin/post/update.php b/admin/post/update.php new file mode 100644 index 0000000..875d947 --- /dev/null +++ b/admin/post/update.php @@ -0,0 +1,96 @@ +<?php +#=============================================================================== +# DEFINE: Administration +#=============================================================================== +define('ADMINISTRATION', TRUE); +define('AUTHENTICATION', TRUE); + +#=============================================================================== +# INCLUDE: Main configuration +#=============================================================================== +require_once '../../core/application.php'; + +#=============================================================================== +# TRY: Post\Exception +#=============================================================================== +try { + $Post = Post\Factory::build(HTTP::GET('id')); + $Attribute = $Post->getAttribute(); + + if(HTTP::issetPOST('user', 'slug', 'name', 'body', 'time_insert', 'time_update', 'update')) { + $Attribute->set('user', HTTP::POST('user')); + $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : makeSlugURL(HTTP::POST('name'))); + $Attribute->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL); + $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : FALSE); + $Attribute->set('time_insert', HTTP::POST('time_insert') ? HTTP::POST('time_insert') : date('Y-m-d H:i:s')); + $Attribute->set('time_update', HTTP::POST('time_update') ? HTTP::POST('time_update') : date('Y-m-d H:i:s')); + + if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) { + try { + $Attribute->databaseUPDATE($Database); + } catch(PDOException $Exception) { + $messages[] = $Exception->getMessage(); + } + } + + else { + $messages[] = $Language->text('error_security_csrf'); + } + } + + #=============================================================================== + # TRY: Template\Exception + #=============================================================================== + try { + $userIDs = $Database->query(sprintf('SELECT id FROM %s ORDER BY fullname ASC', User\Attribute::TABLE)); + + foreach($userIDs->fetchAll(PDO::FETCH_COLUMN) as $userID) { + $User = User\Factory::build($userID); + $userAttributes[] = [ + 'ID' => $User->attr('id'), + 'FULLNAME' => $User->attr('fullname'), + 'USERNAME' => $User->attr('username'), + ]; + } + + $FormTemplate = Template\Factory::build('post/form'); + $FormTemplate->set('FORM', [ + 'TYPE' => 'UPDATE', + 'INFO' => $messages ?? [], + 'DATA' => [ + 'ID' => $Attribute->get('id'), + 'USER' => $Attribute->get('user'), + 'SLUG' => $Attribute->get('slug'), + 'NAME' => $Attribute->get('name'), + 'BODY' => $Attribute->get('body'), + 'TIME_INSERT' => $Attribute->get('time_insert'), + 'TIME_UPDATE' => $Attribute->get('time_update'), + ], + 'USER_LIST' => $userAttributes ?? [], + 'TOKEN' => Application::getSecurityToken() + ]); + + $PostUpdateTemplate = Template\Factory::build('post/update'); + $PostUpdateTemplate->set('HTML', $FormTemplate); + + $MainTemplate = Template\Factory::build('main'); + $MainTemplate->set('NAME', $Language->text('title_post_update')); + $MainTemplate->set('HTML', $PostUpdateTemplate); + echo $MainTemplate; + } + + #=============================================================================== + # CATCH: Template\Exception + #=============================================================================== + catch(Template\Exception $Exception) { + $Exception->defaultHandler(); + } +} + +#=============================================================================== +# CATCH: Post\Exception +#=============================================================================== +catch(Post\Exception $Exception) { + Application::exit(404); +} +?>
\ No newline at end of file |