aboutsummaryrefslogtreecommitdiffstats
path: root/admin
AgeCommit message (Collapse)AuthorFilesLines
2021-09-27Fix incorrect parameter list for logout actionThomas Lange1-1/+1
2021-09-19Rename some session array keysThomas Lange1-1/+1
* Rename "auth" to "USER_ID" * Rename "token" to "CSRF_TOKEN"
2021-08-09Pass entity template data to the update templateThomas Lange4-0/+4
2021-08-09Fix some inconsistent variable namesThomas Lange4-12/+12
2021-08-05Don't check return value of insert/delete methodsThomas Lange8-24/+16
Don't check the return value of the Repository's "insert" and "delete" methods in the administration controllers for creating and modifying entities since a PDOException is thrown if an error occurs.
2021-08-05Show error message if CSRF token does not matchesThomas Lange6-49/+69
Print an error message for various actions in the administration area if the security token is invalid, instead of silently preventing the user's desired action to perform if the token is invalid for some reason. This change applies for the delete actions on all entity types and also for the login action and the database command execution form; the forms for creating/modifying entities had already shown a CSRF error before.
2021-08-05Simplify the insert/update HTTP-POST params checkThomas Lange8-8/+8
Simplify the HTTP-POST parameter presence check in the administration controllers for creating and modifying entities. Since we already use fallback values for each attribute, we don't need a full param check.
2021-07-24Show message if search was not successfulThomas Lange2-2/+12
Show a message in the administration area's post and page search form if the search query returned no results.
2021-07-22Add user and category filter on post searchThomas Lange1-2/+37
Add a user and category filter option for the post search in the administration area. Filter on default theme is followed later.
2021-07-22Catch possible PDOException for search requestThomas Lange2-6/+20
Catch possible PDOException on search requests with queries like "*" and pass the exception message to the template for displaying.
2021-07-22Add pagination for search resultsThomas Lange2-8/+66
Add pagination for search results in the admin and default theme.
2021-07-02Use createPaginationTemplate also in admin areaThomas Lange4-24/+12
2021-07-01Add category system to categorize posts (readme)Thomas Lange6-2/+324
This commit implements a new category system to categorize posts. Each category can have an unlimited number of nested children categories. A single post don't necessarily need to be in a category, but it can. Each category can have a full content body like posts or pages, so you have enough space to describe the content of your categories. Please note that you need to have at least the following MySQL/MariaDB versions to use the category system, because it uses "WITH RECURSIVE" database queries, the so-called "Common-Table-Expressions (CTE)". MariaDB: 10.2.2 MySQL: 8.0 See: https://mariadb.com/kb/en/with/ See: https://dev.mysql.com/doc/refman/8.0/en/with.html
2021-07-01Redirect to entity create form if no entity existsThomas Lange3-0/+21
2021-06-26Use const to define expressionless admin constantsThomas Lange17-33/+33
2021-06-26Use shorthand ternary operatorThomas Lange6-28/+28
2021-06-25Reorganize namespacesThomas Lange3-3/+3
2021-06-22Implement new Repository and Entity classesThomas Lange16-397/+426
This commit adds new Repository and Entity classes which are better abstracted from the rest of the application. They dont know anymore about configuration options or how to parse to HTML because this is not the job for the ORM but for other parts of the application. The previous commits were a preparation for this big change. An entity now represents just a single record from a specific table of the database – nothing more. The repositories job is it to fetch or update records of the database and instantiate the entities. Another problem that was solved is the high amount of database queries that was needed before. For example, on the blogs home page first were all 10 latest post IDs fetched from the database and then another query was executed with "WHERE id = :id" for *each* single post?! ... This problem is solved with the new repository classes; they now use a single query to fetch and build the entities of the 10 latest posts. This change also solves the problem with database queries spread across the application and limits the exzessive use of try/catch blocks which were used before. The new classes make the whole code much cleaner. :)
2021-06-21Fix prefixes for ADMIN.USER.LIST_* config optionsThomas Lange1-2/+2
2021-06-21Remove unnecessary $ItemTemplate variablesThomas Lange3-11/+3
2021-06-21Rename some template variablesThomas Lange5-10/+10
2021-06-21Rename "attr" method of Item class to "get"Thomas Lange9-18/+18
2021-06-21Use function parseEntityContentThomas Lange3-3/+3
2021-06-20Call password_verify directly in login scriptThomas Lange1-1/+2
2021-06-19Remove ID form field (and rearrange other fields)Thomas Lange3-6/+3
This commit removes the ID form field, enlarges the title form field and rearranges the other form fields in the grid layout.
2021-06-19Rename CRUD methods of Attribute classThomas Lange9-9/+9
2021-06-14Remove more redundant try/catch blocksThomas Lange17-518/+354
Remove all try/catch blocks where the exception handling did not differ from the exception handler already defined by "set_exception_handler".
2021-06-13Add configuration settings (admin prefixes)Thomas Lange3-6/+6
Introduce the following configuration settings to make it possible to use different settings for the number of displayed items and ordering on the administration areas overview pages. ADMIN.PAGE.LIST_SIZE ADMIN.POST.LIST_SIZE ADMIN.USER.LIST_SIZE ADMIN.PAGE.LIST_SORT ADMIN.POST.LIST_SORT ADMIN.USER.LIST_SORT
2019-10-29Remove PHP closing tags and add LF to text filesThomas Lange17-17/+0
Remove the unnecessary PHP closing tags and ensure that *all* text files ending with a LF character.
2019-04-27Add missing indentationThomas Lange1-6/+6
2019-04-27Remove if condition with empty bodyThomas Lange1-2/+1
2017-10-24Some comments have been updated, unnecessary whitespace at the end of some ↵Thomas Lange17-25/+21
files was removed and some missing PHP closing tags were added.
2017-10-22Implemented: A full-text search functionality for posts and pages in the ↵Thomas Lange2-0/+104
administration area. In addition, some markup within the "/*/index.php" files of the admin template was re-formatted.
2017-09-02Some code optimizations has been made in admin/index.php to prevent ↵Thomas Lange1-6/+10
duplicate definitions of the same SQL query. Additionally, the default database fetch mode was changed to FETCH_ASSOC.
2017-09-02An unnecessary "else" block in admin/auth.php was removed and spelling ↵Thomas Lange1-21/+16
mistakes and inconsistencies in some comments were corrected.
2017-07-07The function "makeSlugURL" has been renamed to "generateSlug" because the ↵Thomas Lange6-18/+18
name was misleading because the function did not generate a complete URL, but only a partial string (the slug) for the final URL. By the way, some improvements were made to the code.
2017-05-30 Several changes have been made in this commit, which together with the ↵v2.2Thomas Lange9-82/+9
previous commits result in version 2.2 [changed template parameters]: + Implemented [core]: A new method called "getAll" has been added to the "Attribute" class which now returns all attributes as key->value array. The first parameter can be an array with attribute names which shall be excluded from returning. + Optimization [core]: The function "generateItemData" has been renamed to "generateItemTemplateData" and has been restructured to use the new implemented method "getAll" from the "Attribute" class. + Optimization [core]: The function "generateNaviTemplate" has been added and the functions "generatePageNaviTemplate", "generatePostNaviTemplate" and "generateUserNaviTemplate" have been restructured to make use of the new "generateNaviTemplate" function to reduce duplicate code. + Optimization [core]: Several files within the admin directory has been optimized to use the new "getAll" method of the "Attribute" class. + Optimization [core]: Several code optimizations have been made to the "HTTP" class. + Optimization [admin template]: All occurences of $PAGE['ID'], $POST['ID'] and $USER['ID'] have been replaced with $PAGE['ATTR']['ID'], $POST['ATTR']['ID'] and $USER['ATTR']['ID'] to make it more consistent. You now have to use ['ATTR']['ID'] instead of ['ID'] in your templates to get the ID of an item! Template upgrade to version 2.2 (only for customized templates): SEARCH: ['ID'] REPLACE: ['ATTR']['ID']
2017-04-27Several changes have been made in this commit, which together with the ↵v2.0Thomas Lange6-9/+21
previous commits result in version 2.0 (database update required): + Implemented [core]: A new database field has been added to all tables to define optional "arguments" for a page, post or user through the content editor. These arguments will be parsed into key->value pairs and can be used within templates to do something special. Please read the wiki of this repository for further information about this new feature. + Bugfix [core]: The function "makeSlugURL" had not convert uppercase umlauts to lowercase because "strtolower" was used instead of the multibyte equivalent "mb_strtolower". + Optimization [core]: The first regular expression within the function "makeSlugURL" has been optimized (checking for uppercase characters at this point is unnecessary because $string is only lowercase). + Optimization [all templates]: Markup for the pagination.php has been simplified (a little bit). + Optimization [admin template]: The javascript for the arrow key navigation has been outsourced to the main.js file. + Optimization [admin template]: The javascript file will now be included with the "defer" attribute. + Optimization [standard template]: Some language variables have been changed. Database update to version 2.0 (no existing data will be lost or changed): ALTER TABLE `page` ADD `argv` VARCHAR(100) NULL DEFAULT NULL AFTER `body`; ALTER TABLE `post` ADD `argv` VARCHAR(100) NULL DEFAULT NULL AFTER `body`; ALTER TABLE `user` ADD `argv` VARCHAR(100) NULL DEFAULT NULL AFTER `body`;
2017-04-19Comments added and unnecessary "abs" function calls removed.Thomas Lange3-3/+12
2017-04-12Inconsistency in the admin template parameters fixed (this does not affect ↵Thomas Lange1-3/+1
any template parameters for the frontend templates).
2017-04-11The control structures "require_once" have been replaced by a simple ↵Thomas Lange15-15/+15
"require" (except within the 403.php and 404.php where it makes sense, because these files can be directly called or included).
2017-04-11Class "ExceptionHandler" has been removed and several files has been changed.Thomas Lange15-15/+15
2017-04-11Methods "error403" and "error404" has been added to the "Application" class; ↵Thomas Lange9-9/+9
several files has been changed.
2017-03-06Hardcoded PDO class name replaced with $Database class.Thomas Lange4-4/+4
2017-02-26Added support for multiple queries in a single request.Thomas Lange1-2/+5
2017-02-24Initial commit.v1.0Thomas Lange15-0/+1194