- Added database validation

- Added valid date for posts - Fix passing data to htmls conflicts
2017-09-06 10:40:05 +07:00
parent 57dc4ca0b9
commit 71fb5e4933
8 changed files with 126 additions and 46 deletions
--- a/App/Models/Access.php
+++ b/App/Models/Access.php
@@ -10,11 +10,11 @@ class Access extends \Core\Model
            [
                'id int(3) NOT NULL AUTO_INCREMENT',
                'username varchar(25) NOT NULL',
-                'password char(13)',
-                'salt char(23)',
-                'name varchar(50)',
-                'registered_at timestamp DEFAULT CURRENT_TIMESTAMP',
-                'status tinyint DEFAULT 1',
+                'password char(13) NOT NULL',
+                'salt char(23) NOT NULL',
+                'name varchar(50) NOT NULL',
+                'registered_at date NOT NULL DEFAULT CURRENT_TIMESTAMP',
+                'status tinyint NOT NULL DEFAULT 1',
                'PRIMARY KEY (id)'
            ]
        );
--- a/App/Models/Post.php
+++ b/App/Models/Post.php
@@ -11,12 +11,14 @@ class Post extends \Core\Model
            [
                'id int(3) NOT NULL AUTO_INCREMENT',
                'category int(3) NOT NULL',
-                'created_at timestamp DEFAULT CURRENT_TIMESTAMP',
-                'expired_at timestamp NOT NULL',
+                'created_at date NOT NULL DEFAULT CURRENT_TIMESTAMP',
+                'valid_at date NOT NULL DEFAULT CURRENT_TIMESTAMP',
+                'expired_at date NOT NULL',
                'creator int(3) NOT NULL',
-                'edited_at timestamp',
-                'editor timestamp',
+                'edited_at date',
+                'editor date',
                'content varchar(255) NOT NULL',
+                'status tinyint NOT NULL DEFAULT 1',
                'PRIMARY KEY (id)'
            ]
        );
@@ -32,22 +34,21 @@ class Post extends \Core\Model
        );
    }

-    public function showAll($conds = [])
+    public function showAll($key = '', $operator = '', $cond = '')
    {
        try {
            $db = static::connectDB();

            $sql = "SELECT * FROM pengumuman";

-            if ($conds) {
-                $key = implode('', array_keys($conds));
-                $sql .= " WHERE {$key} = ?";
+            if ($key && $operator && $cond) {
+                $sql .= " WHERE {$key} {$operator} ?";
            }

            $query = $db->prepare($sql);

-            if ($conds) {
-                $query->bindValue(1, implode('', array_values($conds)));
+            if ($key && $operator && $cond) {
+                $query->bindValue(1, $cond);
            }

            if ($query->execute()) {
@@ -56,6 +57,7 @@ class Post extends \Core\Model
                    return $result;
                }
            }
+            return false;
        } catch (PDOException $e) {
            echo $e->getMessage();
        }