diff options
Diffstat (limited to 'admin/user/update.php')
-rw-r--r-- | admin/user/update.php | 90 |
1 files changed, 45 insertions, 45 deletions
diff --git a/admin/user/update.php b/admin/user/update.php index f53d996..1f3309b 100644 --- a/admin/user/update.php +++ b/admin/user/update.php @@ -11,59 +11,59 @@ define('AUTHENTICATION', TRUE); require '../../core/application.php'; #=============================================================================== -# TRY: User\Exception +# Get repositories #=============================================================================== -try { - $User = User\Factory::build(HTTP::GET('id')); - $Attribute = $User->getAttribute(); +$UserRepository = Application::getRepository('User'); - if(HTTP::issetPOST('slug', 'username', 'password', 'fullname', 'mailaddr', 'body', 'argv', 'time_insert', 'time_update', 'update')) { - $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('username'))); - $Attribute->set('username', HTTP::POST('username') ? HTTP::POST('username') : NULL); - $Attribute->set('password', HTTP::POST('password') ? password_hash(HTTP::POST('password'), PASSWORD_BCRYPT, ['cost' => 10]) : FALSE); - $Attribute->set('fullname', HTTP::POST('fullname') ? HTTP::POST('fullname') : NULL); - $Attribute->set('mailaddr', HTTP::POST('mailaddr') ? HTTP::POST('mailaddr') : NULL); - $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); - $Attribute->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL); - $Attribute->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s')); - $Attribute->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s')); +#=============================================================================== +# Throw 404 error if user could not be found +#=============================================================================== +if(!$User = $UserRepository->find(HTTP::GET('id'))) { + Application::error404(); +} - if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) { - try { - $Attribute->update($Database); - } catch(PDOException $Exception) { - $messages[] = $Exception->getMessage(); - } - } +#=============================================================================== +# Check for update request +#=============================================================================== +if(HTTP::issetPOST('slug', 'username', 'password', 'fullname', 'mailaddr', 'body', 'argv', 'time_insert', 'time_update', 'update')) { + $User->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('username'))); + $User->set('username', HTTP::POST('username') ? HTTP::POST('username') : NULL); + $User->set('password', HTTP::POST('password') ? password_hash(HTTP::POST('password'), PASSWORD_BCRYPT, ['cost' => 10]) : FALSE); + $User->set('fullname', HTTP::POST('fullname') ? HTTP::POST('fullname') : NULL); + $User->set('mailaddr', HTTP::POST('mailaddr') ? HTTP::POST('mailaddr') : NULL); + $User->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); + $User->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL); + $User->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s')); + $User->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s')); - else { - $messages[] = $Language->text('error_security_csrf'); + if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) { + try { + $UserRepository->update($User); + } catch(PDOException $Exception) { + $messages[] = $Exception->getMessage(); } } - #=============================================================================== - # Build document - #=============================================================================== - $FormTemplate = Template\Factory::build('user/form'); - $FormTemplate->set('FORM', [ - 'TYPE' => 'UPDATE', - 'INFO' => $messages ?? [], - 'DATA' => array_change_key_case($Attribute->getAll(['password']), CASE_UPPER), - 'TOKEN' => Application::getSecurityToken() - ]); - - $InsertTemplate = Template\Factory::build('user/update'); - $InsertTemplate->set('HTML', $FormTemplate); - - $MainTemplate = Template\Factory::build('main'); - $MainTemplate->set('NAME', $Language->text('title_user_update')); - $MainTemplate->set('HTML', $InsertTemplate); - echo $MainTemplate; + else { + $messages[] = $Language->text('error_security_csrf'); + } } #=============================================================================== -# CATCH: User\Exception +# Build document #=============================================================================== -catch(User\Exception $Exception) { - Application::error404(); -} +$FormTemplate = Template\Factory::build('user/form'); +$FormTemplate->set('FORM', [ + 'TYPE' => 'UPDATE', + 'INFO' => $messages ?? [], + 'DATA' => array_change_key_case($User->getAll(['password']), CASE_UPPER), + 'TOKEN' => Application::getSecurityToken() +]); + +$InsertTemplate = Template\Factory::build('user/update'); +$InsertTemplate->set('HTML', $FormTemplate); + +$MainTemplate = Template\Factory::build('main'); +$MainTemplate->set('NAME', $Language->text('title_user_update')); +$MainTemplate->set('HTML', $InsertTemplate); +echo $MainTemplate; |