diff options
Diffstat (limited to 'admin')
-rw-r--r-- | admin/auth.php | 11 | ||||
-rw-r--r-- | admin/index.php | 55 | ||||
-rw-r--r-- | admin/page/delete.php | 70 | ||||
-rw-r--r-- | admin/page/index.php | 29 | ||||
-rw-r--r-- | admin/page/insert.php | 46 | ||||
-rw-r--r-- | admin/page/search.php | 17 | ||||
-rw-r--r-- | admin/page/update.php | 107 | ||||
-rw-r--r-- | admin/post/delete.php | 70 | ||||
-rw-r--r-- | admin/post/index.php | 29 | ||||
-rw-r--r-- | admin/post/insert.php | 46 | ||||
-rw-r--r-- | admin/post/search.php | 17 | ||||
-rw-r--r-- | admin/post/update.php | 107 | ||||
-rw-r--r-- | admin/user/delete.php | 70 | ||||
-rw-r--r-- | admin/user/index.php | 24 | ||||
-rw-r--r-- | admin/user/insert.php | 35 | ||||
-rw-r--r-- | admin/user/update.php | 90 |
16 files changed, 426 insertions, 397 deletions
diff --git a/admin/auth.php b/admin/auth.php index 9674563..03460ba 100644 --- a/admin/auth.php +++ b/admin/auth.php @@ -28,11 +28,10 @@ if(Application::isAuthenticated()) { # IF: Login action #=============================================================================== if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'username', 'password')) { - try { - $User = User\Factory::buildByUsername(HTTP::POST('username')); - $password = $User->getAttribute()->get('password'); + $UserRepository = Application::getRepository('User'); - if(password_verify(HTTP::POST('password'), $password)) { + if($User = $UserRepository->findBy('username', HTTP::POST('username'))) { + if(password_verify(HTTP::POST('password'), $User->get('password'))) { $_SESSION['auth'] = $User->getID(); HTTP::redirect(Application::getAdminURL()); } @@ -40,7 +39,9 @@ if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'username', 'pa else { $messages[] = $Language->text('authentication_failure'); } - } catch(User\Exception $Exception){ + } + + else { $fake_hash = '$2y$10$xpnwDU2HumOgGQhVpMOP9uataEF82YXizniFhSUhYjUiXF8aoDk0C'; $fake_pass = HTTP::POST('password'); diff --git a/admin/index.php b/admin/index.php index b3508b5..c0383c4 100644 --- a/admin/index.php +++ b/admin/index.php @@ -11,42 +11,28 @@ define('AUTHENTICATION', TRUE); require '../core/application.php'; #=============================================================================== -# Fetch last items and item count +# Get repositories #=============================================================================== -$execute = 'SELECT id FROM %s ORDER BY time_insert DESC LIMIT 1'; -$LastPageStatement = $Database->query(sprintf($execute, Page\Attribute::TABLE)); -$LastPostStatement = $Database->query(sprintf($execute, Post\Attribute::TABLE)); -$LastUserStatement = $Database->query(sprintf($execute, User\Attribute::TABLE)); +$PageRepository = Application::getRepository('Page'); +$PostRepository = Application::getRepository('Post'); +$UserRepository = Application::getRepository('User'); -$execute = 'SELECT COUNT(*) FROM %s'; -$PageCountStatement = $Database->query(sprintf($execute, Page\Attribute::TABLE)); -$PostCountStatement = $Database->query(sprintf($execute, Post\Attribute::TABLE)); -$UserCountStatement = $Database->query(sprintf($execute, User\Attribute::TABLE)); - -try { - $LastPage = Page\Factory::build($LastPageStatement->fetchColumn()); - $LastPageUser = User\Factory::build($LastPage->get('user')); - - $PageItemTemplate = generatePageItemTemplate($LastPage, $LastPageUser); +#=============================================================================== +# Last items +#=============================================================================== +if($Page = $PageRepository->getLast()) { + $User = $UserRepository->find($Page->get('user')); + $PageItemTemplate = generatePageItemTemplate($Page, $User); } -catch(Page\Exception $Exception){} -catch(User\Exception $Exception){} - -try { - $LastPost = Post\Factory::build($LastPostStatement->fetchColumn()); - $LastPostUser = User\Factory::build($LastPost->get('user')); - - $PostItemTemplate = generatePostItemTemplate($LastPost, $LastPostUser); +if($Post = $PostRepository->getLast()) { + $User = $UserRepository->find($Post->get('user')); + $PostItemTemplate = generatePostItemTemplate($Post, $User); } -catch(Post\Exception $Exception){} -catch(User\Exception $Exception){} - -try { - $LastUser = User\Factory::build($LastUserStatement->fetchColumn()); - $UserItemTemplate = generateUserItemTemplate($LastUser); -} catch(User\Exception $Exception){} +if($User = $UserRepository->getLast()) { + $UserItemTemplate = generateUserItemTemplate($User); +} #=============================================================================== # Build document @@ -55,14 +41,13 @@ $HomeTemplate = Template\Factory::build('home'); $HomeTemplate->set('LAST', [ 'PAGE' => $PageItemTemplate ?? FALSE, 'POST' => $PostItemTemplate ?? FALSE, - 'USER' => $UserItemTemplate ?? FALSE, - + 'USER' => $UserItemTemplate ?? FALSE ]); $HomeTemplate->set('COUNT', [ - 'PAGE' => $PageCountStatement->fetchColumn(), - 'POST' => $PostCountStatement->fetchColumn(), - 'USER' => $UserCountStatement->fetchColumn(), + 'PAGE' => $PageRepository->getCount(), + 'POST' => $PostRepository->getCount(), + 'USER' => $UserRepository->getCount() ]); $MainTemplate = Template\Factory::build('main'); diff --git a/admin/page/delete.php b/admin/page/delete.php index e1c95f0..2465f62 100644 --- a/admin/page/delete.php +++ b/admin/page/delete.php @@ -11,46 +11,46 @@ define('AUTHENTICATION', TRUE); require '../../core/application.php'; #=============================================================================== -# TRY: Page\Exception +# Get repositories #=============================================================================== -try { - $Page = Page\Factory::build(HTTP::GET('id')); - $Attribute = $Page->getAttribute(); +$PageRepository = Application::getRepository('Page'); - if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'delete')) { - try { - if($Attribute->delete($Database)) { - HTTP::redirect(Application::getAdminURL('page/')); - } - } catch(PDOException $Exception) { - $messages[] = $Exception->getMessage(); +#=============================================================================== +# Throw 404 error if page could not be found +#=============================================================================== +if(!$Page = $PageRepository->find(HTTP::GET('id'))) { + Application::error404(); +} + +#=============================================================================== +# Check for delete request +#=============================================================================== +if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'delete')) { + try { + if($PageRepository->delete($Page)) { + HTTP::redirect(Application::getAdminURL('page/')); } + } catch(PDOException $Exception) { + $messages[] = $Exception->getMessage(); } - - #=============================================================================== - # Build document - #=============================================================================== - $FormTemplate = Template\Factory::build('page/form'); - $FormTemplate->set('HTML', parseEntityContent($Page)); - $FormTemplate->set('FORM', [ - 'TYPE' => 'DELETE', - 'INFO' => $messages ?? [], - 'DATA' => array_change_key_case($Attribute->getAll(), CASE_UPPER), - 'TOKEN' => Application::getSecurityToken() - ]); - - $DeleteTemplate = Template\Factory::build('page/delete'); - $DeleteTemplate->set('HTML', $FormTemplate); - - $MainTemplate = Template\Factory::build('main'); - $MainTemplate->set('NAME', $Language->text('title_page_delete')); - $MainTemplate->set('HTML', $DeleteTemplate); - echo $MainTemplate; } #=============================================================================== -# CATCH: Page\Exception +# Build document #=============================================================================== -catch(Page\Exception $Exception) { - Application::error404(); -} +$FormTemplate = Template\Factory::build('page/form'); +$FormTemplate->set('HTML', parseEntityContent($Page)); +$FormTemplate->set('FORM', [ + 'TYPE' => 'DELETE', + 'INFO' => $messages ?? [], + 'DATA' => array_change_key_case($Page->getAll(), CASE_UPPER), + 'TOKEN' => Application::getSecurityToken() +]); + +$DeleteTemplate = Template\Factory::build('page/delete'); +$DeleteTemplate->set('HTML', $FormTemplate); + +$MainTemplate = Template\Factory::build('main'); +$MainTemplate->set('NAME', $Language->text('title_page_delete')); +$MainTemplate->set('HTML', $DeleteTemplate); +echo $MainTemplate; diff --git a/admin/page/index.php b/admin/page/index.php index 7527afa..63839a9 100644 --- a/admin/page/index.php +++ b/admin/page/index.php @@ -11,12 +11,19 @@ define('AUTHENTICATION', TRUE); require '../../core/application.php'; #=============================================================================== +# Get repositories +#=============================================================================== +$PageRepository = Application::getRepository('Page'); +$UserRepository = Application::getRepository('User'); + +#=============================================================================== # Pagination #=============================================================================== $site_size = Application::get('ADMIN.PAGE.LIST_SIZE'); $site_sort = Application::get('ADMIN.PAGE.LIST_SORT'); -$lastSite = ceil($Database->query(sprintf('SELECT COUNT(id) FROM %s', Page\Attribute::TABLE))->fetchColumn() / $site_size); +$count = $PageRepository->getCount(); +$lastSite = ceil($count / $site_size); $currentSite = HTTP::GET('site') ?? 1; $currentSite = intval($currentSite); @@ -26,19 +33,17 @@ if($currentSite < 1 OR ($currentSite > $lastSite AND $lastSite > 0)) { } #=============================================================================== -# Fetch page IDs from database +# Get paginated page list #=============================================================================== -$execSQL = "SELECT id FROM %s ORDER BY {$site_sort} LIMIT ".(($currentSite-1) * $site_size).", {$site_size}"; -$pageIDs = $Database->query(sprintf($execSQL, Page\Attribute::TABLE))->fetchAll($Database::FETCH_COLUMN); +$pages = $PageRepository->getPaginated( + $site_sort, + $site_size, + ($currentSite-1) * $site_size +); -foreach($pageIDs as $pageID) { - try { - $Page = Page\Factory::build($pageID); - $User = User\Factory::build($Page->get('user')); - $templates[] = generatePageItemTemplate($Page, $User); - } - catch(Page\Exception $Exception){} - catch(User\Exception $Exception){} +foreach($pages as $Page) { + $User = $UserRepository->find($Page->get('user')); + $templates[] = generatePageItemTemplate($Page, $User); } #=============================================================================== diff --git a/admin/page/insert.php b/admin/page/insert.php index 1f9d391..6acfcfb 100644 --- a/admin/page/insert.php +++ b/admin/page/insert.php @@ -10,20 +10,32 @@ define('AUTHENTICATION', TRUE); #=============================================================================== require '../../core/application.php'; -$Attribute = new Page\Attribute(); +#=============================================================================== +# Get repositories +#=============================================================================== +$PageRepository = Application::getRepository('Page'); +$UserRepository = Application::getRepository('User'); + +#=============================================================================== +# Instantiate new Page entity +#=============================================================================== +$Page = new Page\Entity; +#=============================================================================== +# Check for insert request +#=============================================================================== if(HTTP::issetPOST('user', 'slug', 'name', 'body', 'argv', 'time_insert', 'time_update', 'insert')) { - $Attribute->set('user', HTTP::POST('user')); - $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('name'))); - $Attribute->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL); - $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); - $Attribute->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL); - $Attribute->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s')); - $Attribute->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s')); + $Page->set('user', HTTP::POST('user')); + $Page->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('name'))); + $Page->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL); + $Page->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); + $Page->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL); + $Page->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s')); + $Page->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s')); if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) { try { - if($Attribute->insert($Database)) { + if($PageRepository->insert($Page)) { HTTP::redirect(Application::getAdminURL('page/')); } } catch(PDOException $Exception) { @@ -36,12 +48,12 @@ if(HTTP::issetPOST('user', 'slug', 'name', 'body', 'argv', 'time_insert', 'time_ } } -$userIDs = $Database->query(sprintf('SELECT id FROM %s ORDER BY fullname ASC', User\Attribute::TABLE)); - -foreach($userIDs->fetchAll($Database::FETCH_COLUMN) as $userID) { - $User = User\Factory::build($userID); - $userAttributes[] = [ - 'ID' => $User->get('id'), +#=============================================================================== +# Generate user list +#=============================================================================== +foreach($UserRepository->getAll([], 'fullname ASC') as $User) { + $userList[] = [ + 'ID' => $User->getID(), 'FULLNAME' => $User->get('fullname'), 'USERNAME' => $User->get('username'), ]; @@ -54,8 +66,8 @@ $FormTemplate = Template\Factory::build('page/form'); $FormTemplate->set('FORM', [ 'TYPE' => 'INSERT', 'INFO' => $messages ?? [], - 'DATA' => array_change_key_case($Attribute->getAll(), CASE_UPPER), - 'USER_LIST' => $userAttributes ?? [], + 'DATA' => array_change_key_case($Page->getAll(), CASE_UPPER), + 'USER_LIST' => $userList ?? [], 'TOKEN' => Application::getSecurityToken() ]); diff --git a/admin/page/search.php b/admin/page/search.php index 7d879f4..b74615f 100644 --- a/admin/page/search.php +++ b/admin/page/search.php @@ -11,20 +11,15 @@ define('AUTHENTICATION', TRUE); require '../../core/application.php'; #=============================================================================== -# IF: Handle search request +# Check for search request #=============================================================================== if($search = HTTP::GET('q')) { - if($pageIDs = Page\Item::getSearchResultIDs($search, $Database)) { - foreach($pageIDs as $pageID) { - try { - $Page = Page\Factory::build($pageID); - $User = User\Factory::build($Page->get('user')); + $PageRepository = Application::getRepository('Page'); + $UserRepository = Application::getRepository('User'); - $templates[] = generatePageItemTemplate($Page, $User); - } - catch(Page\Exception $Exception){} - catch(User\Exception $Exception){} - } + foreach($PageRepository->search($search) as $Page) { + $User = $UserRepository->find($Page->get('user')); + $templates[] = generatePageItemTemplate($Page, $User); } } diff --git a/admin/page/update.php b/admin/page/update.php index 5e54b03..2db0bc1 100644 --- a/admin/page/update.php +++ b/admin/page/update.php @@ -11,69 +11,70 @@ define('AUTHENTICATION', TRUE); require '../../core/application.php'; #=============================================================================== -# TRY: Page\Exception +# Get repositories #=============================================================================== -try { - $Page = Page\Factory::build(HTTP::GET('id')); - $Attribute = $Page->getAttribute(); +$PageRepository = Application::getRepository('Page'); +$UserRepository = Application::getRepository('User'); - if(HTTP::issetPOST('user', 'slug', 'name', 'body', 'argv', 'time_insert', 'time_update', 'update')) { - $Attribute->set('user', HTTP::POST('user')); - $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('name'))); - $Attribute->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL); - $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); - $Attribute->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL); - $Attribute->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s')); - $Attribute->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s')); +#=============================================================================== +# Throw 404 error if page could not be found +#=============================================================================== +if(!$Page = $PageRepository->find(HTTP::GET('id'))) { + Application::error404(); +} - if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) { - try { - $Attribute->update($Database); - } catch(PDOException $Exception) { - $messages[] = $Exception->getMessage(); - } - } +#=============================================================================== +# Check for update request +#=============================================================================== +if(HTTP::issetPOST('user', 'slug', 'name', 'body', 'argv', 'time_insert', 'time_update', 'update')) { + $Page->set('user', HTTP::POST('user')); + $Page->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('name'))); + $Page->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL); + $Page->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); + $Page->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL); + $Page->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s')); + $Page->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s')); - else { - $messages[] = $Language->text('error_security_csrf'); + if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) { + try { + $PageRepository->update($Page); + } catch(PDOException $Exception) { + $messages[] = $Exception->getMessage(); } } - $userIDs = $Database->query(sprintf('SELECT id FROM %s ORDER BY fullname ASC', User\Attribute::TABLE)); - - foreach($userIDs->fetchAll($Database::FETCH_COLUMN) as $userID) { - $User = User\Factory::build($userID); - $userAttributes[] = [ - 'ID' => $User->get('id'), - 'FULLNAME' => $User->get('fullname'), - 'USERNAME' => $User->get('username'), - ]; + else { + $messages[] = $Language->text('error_security_csrf'); } - - #=============================================================================== - # Build document - #=============================================================================== - $FormTemplate = Template\Factory::build('page/form'); - $FormTemplate->set('FORM', [ - 'TYPE' => 'UPDATE', - 'INFO' => $messages ?? [], - 'DATA' => array_change_key_case($Attribute->getAll(), CASE_UPPER), - 'USER_LIST' => $userAttributes ?? [], - 'TOKEN' => Application::getSecurityToken() - ]); - - $PageUpdateTemplate = Template\Factory::build('page/update'); - $PageUpdateTemplate->set('HTML', $FormTemplate); - - $MainTemplate = Template\Factory::build('main'); - $MainTemplate->set('NAME', $Language->text('title_page_update')); - $MainTemplate->set('HTML', $PageUpdateTemplate); - echo $MainTemplate; } #=============================================================================== -# CATCH: Page\Exception +# Generate user list #=============================================================================== -catch(Page\Exception $Exception) { - Application::error404(); +foreach($UserRepository->getAll([], 'fullname ASC') as $User) { + $userList[] = [ + 'ID' => $User->getID(), + 'FULLNAME' => $User->get('fullname'), + 'USERNAME' => $User->get('username'), + ]; } + +#=============================================================================== +# Build document +#=============================================================================== +$FormTemplate = Template\Factory::build('page/form'); +$FormTemplate->set('FORM', [ + 'TYPE' => 'UPDATE', + 'INFO' => $messages ?? [], + 'DATA' => array_change_key_case($Page->getAll(), CASE_UPPER), + 'USER_LIST' => $userList ?? [], + 'TOKEN' => Application::getSecurityToken() +]); + +$PageUpdateTemplate = Template\Factory::build('page/update'); +$PageUpdateTemplate->set('HTML', $FormTemplate); + +$MainTemplate = Template\Factory::build('main'); +$MainTemplate->set('NAME', $Language->text('title_page_update')); +$MainTemplate->set('HTML', $PageUpdateTemplate); +echo $MainTemplate; diff --git a/admin/post/delete.php b/admin/post/delete.php index 94b60fc..1f398e1 100644 --- a/admin/post/delete.php +++ b/admin/post/delete.php @@ -11,46 +11,46 @@ define('AUTHENTICATION', TRUE); require '../../core/application.php'; #=============================================================================== -# TRY: Post\Exception +# Get repositories #=============================================================================== -try { - $Post = Post\Factory::build(HTTP::GET('id')); - $Attribute = $Post->getAttribute(); +$PostRepository = Application::getRepository('Post'); - if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'delete')) { - try { - if($Attribute->delete($Database)) { - HTTP::redirect(Application::getAdminURL('post/')); - } - } catch(PDOException $Exception) { - $messages[] = $Exception->getMessage(); +#=============================================================================== +# Throw 404 error if post could not be found +#=============================================================================== +if(!$Post = $PostRepository->find(HTTP::GET('id'))) { + Application::error404(); +} + +#=============================================================================== +# Check for delete request +#=============================================================================== +if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'delete')) { + try { + if($PostRepository->delete($Post)) { + HTTP::redirect(Application::getAdminURL('post/')); } + } catch(PDOException $Exception) { + $messages[] = $Exception->getMessage(); } - - #=============================================================================== - # Build document - #=============================================================================== - $FormTemplate = Template\Factory::build('post/form'); - $FormTemplate->set('HTML', parseEntityContent($Post)); - $FormTemplate->set('FORM', [ - 'TYPE' => 'DELETE', - 'INFO' => $messages ?? [], - 'DATA' => array_change_key_case($Attribute->getAll(), CASE_UPPER), - 'TOKEN' => Application::getSecurityToken() - ]); - - $DeleteTemplate = Template\Factory::build('post/delete'); - $DeleteTemplate->set('HTML', $FormTemplate); - - $MainTemplate = Template\Factory::build('main'); - $MainTemplate->set('NAME', $Language->text('title_post_delete')); - $MainTemplate->set('HTML', $DeleteTemplate); - echo $MainTemplate; } #=============================================================================== -# CATCH: Post\Exception +# Build document #=============================================================================== -catch(Post\Exception $Exception) { - Application::error404(); -} +$FormTemplate = Template\Factory::build('post/form'); +$FormTemplate->set('HTML', parseEntityContent($Post)); +$FormTemplate->set('FORM', [ + 'TYPE' => 'DELETE', + 'INFO' => $messages ?? [], + 'DATA' => array_change_key_case($Post->getAll(), CASE_UPPER), + 'TOKEN' => Application::getSecurityToken() +]); + +$DeleteTemplate = Template\Factory::build('post/delete'); +$DeleteTemplate->set('HTML', $FormTemplate); + +$MainTemplate = Template\Factory::build('main'); +$MainTemplate->set('NAME', $Language->text('title_post_delete')); +$MainTemplate->set('HTML', $DeleteTemplate); +echo $MainTemplate; diff --git a/admin/post/index.php b/admin/post/index.php index 8eedfbd..f6fcfb6 100644 --- a/admin/post/index.php +++ b/admin/post/index.php @@ -11,12 +11,19 @@ define('AUTHENTICATION', TRUE); require '../../core/application.php'; #=============================================================================== +# Get repositories +#=============================================================================== +$PostRepository = Application::getRepository('Post'); +$UserRepository = Application::getRepository('User'); + +#=============================================================================== # Pagination #=============================================================================== $site_size = Application::get('ADMIN.POST.LIST_SIZE'); $site_sort = Application::get('ADMIN.POST.LIST_SORT'); -$lastSite = ceil($Database->query(sprintf('SELECT COUNT(id) FROM %s', Post\Attribute::TABLE))->fetchColumn() / $site_size); +$count = $PostRepository->getCount(); +$lastSite = ceil($count / $site_size); $currentSite = HTTP::GET('site') ?? 1; $currentSite = intval($currentSite); @@ -26,19 +33,17 @@ if($currentSite < 1 OR ($currentSite > $lastSite AND $lastSite > 0)) { } #=============================================================================== -# Fetch post IDs from database +# Get paginated post list #=============================================================================== -$execSQL = "SELECT id FROM %s ORDER BY {$site_sort} LIMIT ".(($currentSite-1) * $site_size).", {$site_size}"; -$postIDs = $Database->query(sprintf($execSQL, Post\Attribute::TABLE))->fetchAll($Database::FETCH_COLUMN); +$posts = $PostRepository->getPaginated( + $site_sort, + $site_size, + ($currentSite-1) * $site_size +); -foreach($postIDs as $postID) { - try { - $Post = Post\Factory::build($postID); - $User = User\Factory::build($Post->get('user')); - $templates[] = generatePostItemTemplate($Post, $User); - } - catch(Post\Exception $Exception){} - catch(User\Exception $Exception){} +foreach($posts as $Post) { + $User = $UserRepository->find($Post->get('user')); + $templates[] = generatePostItemTemplate($Post, $User); } #=============================================================================== diff --git a/admin/post/insert.php b/admin/post/insert.php index b4e2542..c640a39 100644 --- a/admin/post/insert.php +++ b/admin/post/insert.php @@ -10,20 +10,32 @@ define('AUTHENTICATION', TRUE); #=============================================================================== require '../../core/application.php'; -$Attribute = new Post\Attribute(); +#=============================================================================== +# Get repositories +#=============================================================================== +$PostRepository = Application::getRepository('Post'); +$UserRepository = Application::getRepository('User'); + +#=============================================================================== +# Instantiate new Post entity +#=============================================================================== +$Post = new Post\Entity; +#=============================================================================== +# Check for insert request +#=============================================================================== if(HTTP::issetPOST('user', 'slug', 'name', 'body', 'argv', 'time_insert', 'time_update', 'insert')) { - $Attribute->set('user', HTTP::POST('user')); - $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('name'))); - $Attribute->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL); - $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); - $Attribute->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL); - $Attribute->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s')); - $Attribute->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s')); + $Post->set('user', HTTP::POST('user')); + $Post->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('name'))); + $Post->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL); + $Post->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); + $Post->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL); + $Post->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s')); + $Post->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s')); if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) { try { - if($Attribute->insert($Database)) { + if($PostRepository->insert($Post)) { HTTP::redirect(Application::getAdminURL('post/')); } } catch(PDOException $Exception) { @@ -36,12 +48,12 @@ if(HTTP::issetPOST('user', 'slug', 'name', 'body', 'argv', 'time_insert', 'time_ } } -$userIDs = $Database->query(sprintf('SELECT id FROM %s ORDER BY fullname ASC', User\Attribute::TABLE)); - -foreach($userIDs->fetchAll($Database::FETCH_COLUMN) as $userID) { - $User = User\Factory::build($userID); - $userAttributes[] = [ - 'ID' => $User->get('id'), +#=============================================================================== +# Generate user list +#=============================================================================== +foreach($UserRepository->getAll([], 'fullname ASC') as $User) { + $userList[] = [ + 'ID' => $User->getID(), 'FULLNAME' => $User->get('fullname'), 'USERNAME' => $User->get('username'), ]; @@ -54,8 +66,8 @@ $FormTemplate = Template\Factory::build('post/form'); $FormTemplate->set('FORM', [ 'TYPE' => 'INSERT', 'INFO' => $messages ?? [], - 'DATA' => array_change_key_case($Attribute->getAll(), CASE_UPPER), - 'USER_LIST' => $userAttributes ?? [], + 'DATA' => array_change_key_case($Post->getAll(), CASE_UPPER), + 'USER_LIST' => $userList ?? [], 'TOKEN' => Application::getSecurityToken() ]); diff --git a/admin/post/search.php b/admin/post/search.php index 616359e..cfa2159 100644 --- a/admin/post/search.php +++ b/admin/post/search.php @@ -11,20 +11,15 @@ define('AUTHENTICATION', TRUE); require '../../core/application.php'; #=============================================================================== -# IF: Handle search request +# Check for search request #=============================================================================== if($search = HTTP::GET('q')) { - if($postIDs = Post\Item::getSearchResultIDs($search, [NULL, NULL, NULL], $Database)) { - foreach($postIDs as $postID) { - try { - $Post = Post\Factory::build($postID); - $User = User\Factory::build($Post->get('user')); + $PostRepository = Application::getRepository('Post'); + $UserRepository = Application::getRepository('User'); - $templates[] = generatePostItemTemplate($Post, $User); - } - catch(Post\Exception $Exception){} - catch(User\Exception $Exception){} - } + foreach($PostRepository->search($search) as $Post) { + $User = $UserRepository->find($Post->get('user')); + $templates[] = generatePostItemTemplate($Post, $User); } } diff --git a/admin/post/update.php b/admin/post/update.php index e22a54a..df0956b 100644 --- a/admin/post/update.php +++ b/admin/post/update.php @@ -11,69 +11,70 @@ define('AUTHENTICATION', TRUE); require '../../core/application.php'; #=============================================================================== -# TRY: Post\Exception +# Get repositories #=============================================================================== -try { - $Post = Post\Factory::build(HTTP::GET('id')); - $Attribute = $Post->getAttribute(); +$PostRepository = Application::getRepository('Post'); +$UserRepository = Application::getRepository('User'); - if(HTTP::issetPOST('user', 'slug', 'name', 'body', 'argv', 'time_insert', 'time_update', 'update')) { - $Attribute->set('user', HTTP::POST('user')); - $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('name'))); - $Attribute->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL); - $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); - $Attribute->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL); - $Attribute->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s')); - $Attribute->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s')); +#=============================================================================== +# Throw 404 error if post could not be found +#=============================================================================== +if(!$Post = $PostRepository->find(HTTP::GET('id'))) { + Application::error404(); +} - if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) { - try { - $Attribute->update($Database); - } catch(PDOException $Exception) { - $messages[] = $Exception->getMessage(); - } - } +#=============================================================================== +# Check for update request +#=============================================================================== +if(HTTP::issetPOST('user', 'slug', 'name', 'body', 'argv', 'time_insert', 'time_update', 'update')) { + $Post->set('user', HTTP::POST('user')); + $Post->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('name'))); + $Post->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL); + $Post->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); + $Post->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL); + $Post->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s')); + $Post->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s')); - else { - $messages[] = $Language->text('error_security_csrf'); + if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) { + try { + $PostRepository->update($Post); + } catch(PDOException $Exception) { + $messages[] = $Exception->getMessage(); } } - $userIDs = $Database->query(sprintf('SELECT id FROM %s ORDER BY fullname ASC', User\Attribute::TABLE)); - - foreach($userIDs->fetchAll($Database::FETCH_COLUMN) as $userID) { - $User = User\Factory::build($userID); - $userAttributes[] = [ - 'ID' => $User->get('id'), - 'FULLNAME' => $User->get('fullname'), - 'USERNAME' => $User->get('username'), - ]; + else { + $messages[] = $Language->text('error_security_csrf'); } - - #=============================================================================== - # Build document - #=============================================================================== - $FormTemplate = Template\Factory::build('post/form'); - $FormTemplate->set('FORM', [ - 'TYPE' => 'UPDATE', - 'INFO' => $messages ?? [], - 'DATA' => array_change_key_case($Attribute->getAll(), CASE_UPPER), - 'USER_LIST' => $userAttributes ?? [], - 'TOKEN' => Application::getSecurityToken() - ]); - - $PostUpdateTemplate = Template\Factory::build('post/update'); - $PostUpdateTemplate->set('HTML', $FormTemplate); - - $MainTemplate = Template\Factory::build('main'); - $MainTemplate->set('NAME', $Language->text('title_post_update')); - $MainTemplate->set('HTML', $PostUpdateTemplate); - echo $MainTemplate; } #=============================================================================== -# CATCH: Post\Exception +# Generate user list #=============================================================================== -catch(Post\Exception $Exception) { - Application::error404(); +foreach($UserRepository->getAll([], 'fullname ASC') as $User) { + $userList[] = [ + 'ID' => $User->getID(), + 'FULLNAME' => $User->get('fullname'), + 'USERNAME' => $User->get('username'), + ]; } + +#=============================================================================== +# Build document +#=============================================================================== +$FormTemplate = Template\Factory::build('post/form'); +$FormTemplate->set('FORM', [ + 'TYPE' => 'UPDATE', + 'INFO' => $messages ?? [], + 'DATA' => array_change_key_case($Post->getAll(), CASE_UPPER), + 'USER_LIST' => $userList ?? [], + 'TOKEN' => Application::getSecurityToken() +]); + +$PostUpdateTemplate = Template\Factory::build('post/update'); +$PostUpdateTemplate->set('HTML', $FormTemplate); + +$MainTemplate = Template\Factory::build('main'); +$MainTemplate->set('NAME', $Language->text('title_post_update')); +$MainTemplate->set('HTML', $PostUpdateTemplate); +echo $MainTemplate; diff --git a/admin/user/delete.php b/admin/user/delete.php index 6f0af6f..758e536 100644 --- a/admin/user/delete.php +++ b/admin/user/delete.php @@ -11,46 +11,46 @@ define('AUTHENTICATION', TRUE); require '../../core/application.php'; #=============================================================================== -# TRY: User\Exception +# Get repositories #=============================================================================== -try { - $User = User\Factory::build(HTTP::GET('id')); - $Attribute = $User->getAttribute(); +$UserRepository = Application::getRepository('User'); - if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'delete')) { - try { - if($Attribute->delete($Database)) { - HTTP::redirect(Application::getAdminURL('user/')); - } - } catch(PDOException $Exception) { - $messages[] = $Exception->getMessage(); +#=============================================================================== +# Throw 404 error if user could not be found +#=============================================================================== +if(!$User = $UserRepository->find(HTTP::GET('id'))) { + Application::error404(); +} + +#=============================================================================== +# Check for delete request +#=============================================================================== +if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'delete')) { + try { + if($UserRepository->delete($User)) { + HTTP::redirect(Application::getAdminURL('user/')); } + } catch(PDOException $Exception) { + $messages[] = $Exception->getMessage(); } - - #=============================================================================== - # Build document - #=============================================================================== - $FormTemplate = Template\Factory::build('user/form'); - $FormTemplate->set('HTML', parseEntityContent($User)); - $FormTemplate->set('FORM', [ - 'TYPE' => 'DELETE', - 'INFO' => $messages ?? [], - 'DATA' => array_change_key_case($Attribute->getAll(['password']), CASE_UPPER), - 'TOKEN' => Application::getSecurityToken() - ]); - - $DeleteTemplate = Template\Factory::build('user/delete'); - $DeleteTemplate->set('HTML', $FormTemplate); - - $MainTemplate = Template\Factory::build('main'); - $MainTemplate->set('NAME', $Language->text('title_user_delete')); - $MainTemplate->set('HTML', $DeleteTemplate); - echo $MainTemplate; } #=============================================================================== -# CATCH: User\Exception +# Build document #=============================================================================== -catch(User\Exception $Exception) { - Application::error404(); -} +$FormTemplate = Template\Factory::build('user/form'); +$FormTemplate->set('HTML', parseEntityContent($User)); +$FormTemplate->set('FORM', [ + 'TYPE' => 'DELETE', + 'INFO' => $messages ?? [], + 'DATA' => array_change_key_case($User->getAll(['password']), CASE_UPPER), + 'TOKEN' => Application::getSecurityToken() +]); + +$DeleteTemplate = Template\Factory::build('user/delete'); +$DeleteTemplate->set('HTML', $FormTemplate); + +$MainTemplate = Template\Factory::build('main'); +$MainTemplate->set('NAME', $Language->text('title_user_delete')); +$MainTemplate->set('HTML', $DeleteTemplate); +echo $MainTemplate; diff --git a/admin/user/index.php b/admin/user/index.php index 8ae4f1a..78219f3 100644 --- a/admin/user/index.php +++ b/admin/user/index.php @@ -11,12 +11,18 @@ define('AUTHENTICATION', TRUE); require '../../core/application.php'; #=============================================================================== +# Get repositories +#=============================================================================== +$UserRepository = Application::getRepository('User'); + +#=============================================================================== # Pagination #=============================================================================== $site_size = Application::get('ADMIN.USER.LIST_SIZE'); $site_sort = Application::get('ADMIN.USER.LIST_SORT'); -$lastSite = ceil($Database->query(sprintf('SELECT COUNT(id) FROM %s', User\Attribute::TABLE))->fetchColumn() / $site_size); +$count = $UserRepository->getCount(); +$lastSite = ceil($count / $site_size); $currentSite = HTTP::GET('site') ?? 1; $currentSite = intval($currentSite); @@ -26,16 +32,16 @@ if($currentSite < 1 OR ($currentSite > $lastSite AND $lastSite > 0)) { } #=============================================================================== -# Fetch user IDs from database +# Get paginated user list #=============================================================================== -$execSQL = "SELECT id FROM %s ORDER BY {$site_sort} LIMIT ".(($currentSite-1) * $site_size).", {$site_size}"; -$userIDs = $Database->query(sprintf($execSQL, User\Attribute::TABLE))->fetchAll($Database::FETCH_COLUMN); +$users = $UserRepository->getPaginated( + $site_sort, + $site_size, + ($currentSite-1) * $site_size +); -foreach($userIDs as $userID) { - try { - $User = User\Factory::build($userID); - $templates[] = generateUserItemTemplate($User); - } catch(User\Exception $Exception){} +foreach($users as $User) { + $templates[] = generateUserItemTemplate($User); } #=============================================================================== diff --git a/admin/user/insert.php b/admin/user/insert.php index acb49ad..96fcb84 100644 --- a/admin/user/insert.php +++ b/admin/user/insert.php @@ -10,22 +10,33 @@ define('AUTHENTICATION', TRUE); #=============================================================================== require '../../core/application.php'; -$Attribute = new User\Attribute(); +#=============================================================================== +# Get repositories +#=============================================================================== +$UserRepository = Application::getRepository('User'); +#=============================================================================== +# Instantiate new User entity +#=============================================================================== +$User = new User\Entity; + +#=============================================================================== +# Check for insert request +#=============================================================================== if(HTTP::issetPOST('slug', 'username', 'password', 'fullname', 'mailaddr', 'body', 'argv', 'time_insert', 'time_update', 'insert')) { - $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('username'))); - $Attribute->set('username', HTTP::POST('username') ? HTTP::POST('username') : NULL); - $Attribute->set('password', HTTP::POST('password') ? password_hash(HTTP::POST('password'), PASSWORD_BCRYPT, ['cost' => 10]) : FALSE); - $Attribute->set('fullname', HTTP::POST('fullname') ? HTTP::POST('fullname') : NULL); - $Attribute->set('mailaddr', HTTP::POST('mailaddr') ? HTTP::POST('mailaddr') : NULL); - $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); - $Attribute->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL); - $Attribute->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s')); - $Attribute->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s')); + $User->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('username'))); + $User->set('username', HTTP::POST('username') ? HTTP::POST('username') : NULL); + $User->set('password', HTTP::POST('password') ? password_hash(HTTP::POST('password'), PASSWORD_BCRYPT, ['cost' => 10]) : FALSE); + $User->set('fullname', HTTP::POST('fullname') ? HTTP::POST('fullname') : NULL); + $User->set('mailaddr', HTTP::POST('mailaddr') ? HTTP::POST('mailaddr') : NULL); + $User->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); + $User->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL); + $User->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s')); + $User->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s')); if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) { try { - if($Attribute->insert($Database)) { + if($UserRepository->insert($User)) { HTTP::redirect(Application::getAdminURL('user/')); } } catch(PDOException $Exception) { @@ -45,7 +56,7 @@ $FormTemplate = Template\Factory::build('user/form'); $FormTemplate->set('FORM', [ 'TYPE' => 'INSERT', 'INFO' => $messages ?? [], - 'DATA' => array_change_key_case($Attribute->getAll(['password']), CASE_UPPER), + 'DATA' => array_change_key_case($User->getAll(['password']), CASE_UPPER), 'TOKEN' => Application::getSecurityToken() ]); diff --git a/admin/user/update.php b/admin/user/update.php index f53d996..1f3309b 100644 --- a/admin/user/update.php +++ b/admin/user/update.php @@ -11,59 +11,59 @@ define('AUTHENTICATION', TRUE); require '../../core/application.php'; #=============================================================================== -# TRY: User\Exception +# Get repositories #=============================================================================== -try { - $User = User\Factory::build(HTTP::GET('id')); - $Attribute = $User->getAttribute(); +$UserRepository = Application::getRepository('User'); - if(HTTP::issetPOST('slug', 'username', 'password', 'fullname', 'mailaddr', 'body', 'argv', 'time_insert', 'time_update', 'update')) { - $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('username'))); - $Attribute->set('username', HTTP::POST('username') ? HTTP::POST('username') : NULL); - $Attribute->set('password', HTTP::POST('password') ? password_hash(HTTP::POST('password'), PASSWORD_BCRYPT, ['cost' => 10]) : FALSE); - $Attribute->set('fullname', HTTP::POST('fullname') ? HTTP::POST('fullname') : NULL); - $Attribute->set('mailaddr', HTTP::POST('mailaddr') ? HTTP::POST('mailaddr') : NULL); - $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); - $Attribute->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL); - $Attribute->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s')); - $Attribute->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s')); +#=============================================================================== +# Throw 404 error if user could not be found +#=============================================================================== +if(!$User = $UserRepository->find(HTTP::GET('id'))) { + Application::error404(); +} - if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) { - try { - $Attribute->update($Database); - } catch(PDOException $Exception) { - $messages[] = $Exception->getMessage(); - } - } +#=============================================================================== +# Check for update request +#=============================================================================== +if(HTTP::issetPOST('slug', 'username', 'password', 'fullname', 'mailaddr', 'body', 'argv', 'time_insert', 'time_update', 'update')) { + $User->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('username'))); + $User->set('username', HTTP::POST('username') ? HTTP::POST('username') : NULL); + $User->set('password', HTTP::POST('password') ? password_hash(HTTP::POST('password'), PASSWORD_BCRYPT, ['cost' => 10]) : FALSE); + $User->set('fullname', HTTP::POST('fullname') ? HTTP::POST('fullname') : NULL); + $User->set('mailaddr', HTTP::POST('mailaddr') ? HTTP::POST('mailaddr') : NULL); + $User->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); + $User->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL); + $User->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s')); + $User->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s')); - else { - $messages[] = $Language->text('error_security_csrf'); + if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) { + try { + $UserRepository->update($User); + } catch(PDOException $Exception) { + $messages[] = $Exception->getMessage(); } } - #=============================================================================== - # Build document - #=============================================================================== - $FormTemplate = Template\Factory::build('user/form'); - $FormTemplate->set('FORM', [ - 'TYPE' => 'UPDATE', - 'INFO' => $messages ?? [], - 'DATA' => array_change_key_case($Attribute->getAll(['password']), CASE_UPPER), - 'TOKEN' => Application::getSecurityToken() - ]); - - $InsertTemplate = Template\Factory::build('user/update'); - $InsertTemplate->set('HTML', $FormTemplate); - - $MainTemplate = Template\Factory::build('main'); - $MainTemplate->set('NAME', $Language->text('title_user_update')); - $MainTemplate->set('HTML', $InsertTemplate); - echo $MainTemplate; + else { + $messages[] = $Language->text('error_security_csrf'); + } } #=============================================================================== -# CATCH: User\Exception +# Build document #=============================================================================== -catch(User\Exception $Exception) { - Application::error404(); -} +$FormTemplate = Template\Factory::build('user/form'); +$FormTemplate->set('FORM', [ + 'TYPE' => 'UPDATE', + 'INFO' => $messages ?? [], + 'DATA' => array_change_key_case($User->getAll(['password']), CASE_UPPER), + 'TOKEN' => Application::getSecurityToken() +]); + +$InsertTemplate = Template\Factory::build('user/update'); +$InsertTemplate->set('HTML', $FormTemplate); + +$MainTemplate = Template\Factory::build('main'); +$MainTemplate->set('NAME', $Language->text('title_user_update')); +$MainTemplate->set('HTML', $InsertTemplate); +echo $MainTemplate; |