Added admin privilages

2017-09-05 14:03:55 +07:00 · 2017-09-05 14:03:55 +07:00 · 57dc4ca0b9
commit 57dc4ca0b9
parent a4db3c8391
5 changed files with 63 additions and 18 deletions
--- a/App/Controllers/Home.php
+++ b/App/Controllers/Home.php
@ -41,4 +41,11 @@ class Home
            }
        }
    }
+
+    public function logout()
+    {
+        if ($this->access->logout()) {
+            Redirect::to('/');
+        }
+    }
 }
--- a/App/Controllers/Posts.php
+++ b/App/Controllers/Posts.php
@ -20,10 +20,17 @@ class Posts

    public function index()
    {
-        $posts = $this->post->showAll();
+        $posts = $this->post->showAll(['status' => 1]);
+        $url = 'Data/pengumuman.html';
+        $status = '';
        // echo "This is index of posts."; // Nanti di replace sama twig view ke App\Views\Data\pengumuman.html
-        View::render('Data/pengumuman.html', [
-            'posts' => $posts
+        if (Session::exists('userid')) {
+            $posts = $this->post->showAll();
+            $status = 'admin';
+        }
+        View::render($url, [
+            'posts' => $posts,
+            'status' => $status
        ]);
        return true;
    }
--- a/App/Models/Access.php
+++ b/App/Models/Access.php
@ -99,4 +99,21 @@ class Access extends \Core\Model
            echo $e->getMessage();
        }
    }
+
+    public function logout()
+    {
+        $id = \Core\Session::get('userid');
+        if ($this->update(
+            'user',
+            ['status' => 0],
+            $id
+        )) {
+            \Core\Session::delete('userid');
+            \Core\Session::delete('username');
+            \Core\Session::delete('name');
+
+            return true;
+        }
+        return false;
+    }
 }
--- a/App/Models/Post.php
+++ b/App/Models/Post.php
@ -32,15 +32,24 @@ class Post extends \Core\Model
        );
    }

-    public function showAll()
+    public function showAll($conds = [])
    {
        try {
            $db = static::connectDB();

-            $sql = "SELECT * FROM pengumuman ORDER BY created_at";
+            $sql = "SELECT * FROM pengumuman";
+
+            if ($conds) {
+                $key = implode('', array_keys($conds));
+                $sql .= " WHERE {$key} = ?";
+            }

            $query = $db->prepare($sql);

+            if ($conds) {
+                $query->bindValue(1, implode('', array_values($conds)));
+            }
+
            if ($query->execute()) {
                if ($query->rowCount() != 0) {
                    $result = $query->fetchAll(\PDO::FETCH_ASSOC);
--- a/App/Views/Data/pengumuman.html
+++ b/App/Views/Data/pengumuman.html
@ -7,6 +7,7 @@

    {% for post in posts %}
        <h3>Pengumuman {{ post.id }}</h3>
+        {% if status %}
            <a href="/posts/edit/{{ post.id }}">
            {% if post.status == 1 %}
                    Edit
@ -15,8 +16,12 @@
                    <strike>Edit</strike>
                </a> (Nonaktif)
            {% endif %}
+        {% endif %}
        <p>{{ post.content }}</p>
    {% endfor %}

-<a href="./posts/entry">+ Tambah Pengumuman</a>
+    {% if status %}
+        <a href="/posts/entry">+ Tambah Pengumuman</a>
+        <a href="/logout">Logout</a>
+    {% endif %}
 {% endblock %}