gregorio/lepisi-pengumuman
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

- Added database validation

Browse Source 
- Added valid date for posts
- Fix passing data to htmls conflicts
This commit is contained in:
Gregorio Chiko Putra 2017-09-06 10:40:05 +07:00
parent 57dc4ca0b9
commit 71fb5e4933
8 changed files with 126 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
App/Controllers/Posts.php
View File

@ -6,6 +6,8 @@ use App\Models\Post;
use App\Models\Access; use App\Models\Access;
use \Core\Token; use \Core\Token;
use \Core\Session; use \Core\Session;
use \Core\Redirect;
use \Core\Validate;
class Posts class Posts
{ {
@ -18,31 +20,73 @@ class Posts
$this->access = new Access(); $this->access = new Access();
} }
public function checkExpired()
{
$date = new \DateTime();
$now = $date->format("Y-m-d");
if ($expired = $this->post->showAll('expired_at', '<', $now)) {
foreach ($expired as $value) {
$this->post->update('pengumuman', ['status' => 0], $value['id']);
}
}
}
public function checkValid()
{
$date = new \DateTime();
$date = $date->setTime(0,0);
$now = $date->format("Y-m-d");
if ($not_valid = $this->post->showAll('valid_at', '>', $now)) {
foreach ($not_valid as $value) {
$this->post->update('pengumuman', ['status' => 0], $value['id']);
}
}
}
public function index() public function index()
{ {
$posts = $this->post->showAll(['status' => 1]); $this->checkValid();
$this->checkExpired();
$posts = $this->post->showAll('status', '=', 1);
$url = 'Data/pengumuman.html'; $url = 'Data/pengumuman.html';
$status = ''; $status = '';
// echo "This is index of posts."; // Nanti di replace sama twig view ke App\Views\Data\pengumuman.html
if (Session::exists('userid')) { if (Session::exists('userid')) {
$posts = $this->post->showAll(); $posts = $this->post->showAll();
$status = 'admin'; $status = 'admin';
} }
// $x = 0;
for ($i=0; $i < count($posts); $i++) {
$posts[$i]['content'] = preg_replace('/[\r]/', '', $posts[$i]['content']);
$posts[$i]['content'] = preg_replace('/[\n]/', "<br/>", $posts[$i]['content']);
}
View::render($url, [ View::render($url, [
'posts' => $posts, 'posts' => $posts,
'status' => $status 'status' => $status
]); ]);
return true; return true;
} }
public function entry() public function entry()
{ {
$categories = $this->post->showCategories(); $categories = $this->post->showCategories();
// echo "You can entry new data here."; // Nanti di replace sama twig view ke App\Views\Data\entry_pengumuman.html
$user = Session::get('userid');
View::render('Data/entry_pengumuman.html', [ View::render('Data/entry_pengumuman.html', [
'categories' => $categories, 'categories' => $categories,
'user' => $user,
'token' => Token::generate() 'token' => Token::generate()
]); ]);
return true; return true;
} }
@ -52,55 +96,71 @@ class Posts
if (is_array($id)) { if (is_array($id)) {
$id = implode('', $id); $id = implode('', $id);
} }
$post = $this->post->showSingle($id);
$categories = $this->post->showCategories(); $categories = $this->post->showCategories();
$user = $this->access->showSingle($id);
$post = $this->post->showSingle($id);
$creator = $post['creator'];
$editor = $post['editor'];
$creator = $this->access->showSingle($creator);
$editor = $this->access->showSingle($editor);
$editor_now = Session::get('userid');
$date = new \DateTime(); $date = new \DateTime();
$timestamp = $date->format("Y/m/d H:i:s"); $timestamp = $date->format("Y/m/d H:i:s");
// echo "You can edit exists data with id $id here"; // Nanti di replace sama twig view ke App\Views\Data\edit_pengumuman.html
View::render( View::render(
'Data/edit_pengumuman.html', 'Data/edit_pengumuman.html',
[ [
'post' => $post, 'post' => $post,
'categories' => $categories, 'categories' => $categories,
'user' => $user, 'creator' => $creator,
'editor' => $editor,
'editor_now' => $editor_now,
'timestamp' => $timestamp, 'timestamp' => $timestamp,
'token' => Token::generate() 'token' => Token::generate()
] ]
); );
return true;
} }
return false;
} }
// Methods // Methods
public function post($args = []) public function post($args = [])
{ {
$table = 'pengumuman'; $table = 'pengumuman';
if ($this->post->entry($table, $args)) { if ($this->post->entry($table, $args)) {
Session::flash('info', 'Data successfuly uploaded'); Session::flash('info', 'Data successfuly uploaded');
return $this->index(); Redirect::to('/');
} }
} }
public function put($args = []) public function put($args = [])
{ {
$table = 'pengumuman'; $table = 'pengumuman';
$args['content'] = htmlspecialchars($args['content']);
$id = $args['id']; $id = $args['id'];
unset($args['id']); unset($args['id']);
if ($this->post->update($table, $args, $id)) { if ($this->post->update($table, $args, $id)) {
Session::flash('info', 'Data successfuly updated'); Session::flash('info', 'Data successfuly updated');
return $this->edit($id); Redirect::to('/');
} }
} }
public function delete($args = []) public function delete($args = [])
{ {
$table = 'pengumuman'; $table = 'pengumuman';
$id = $args['id']; $id = $args['id'];
if ($this->post->delete($table, $id)) { if ($this->post->delete($table, $id)) {
Session::flash('info', 'Data successfuly removed'); Session::flash('info', 'Data successfuly removed');
return $this->edit($id); Redirect::to('/');
} }
} }
} }

10
App/Models/Access.php
View File

@ -10,11 +10,11 @@ class Access extends \Core\Model
[ [
'id int(3) NOT NULL AUTO_INCREMENT', 'id int(3) NOT NULL AUTO_INCREMENT',
'username varchar(25) NOT NULL', 'username varchar(25) NOT NULL',
'password char(13)', 'password char(13) NOT NULL',
'salt char(23)', 'salt char(23) NOT NULL',
'name varchar(50)', 'name varchar(50) NOT NULL',
'registered_at timestamp DEFAULT CURRENT_TIMESTAMP', 'registered_at date NOT NULL DEFAULT CURRENT_TIMESTAMP',
'status tinyint DEFAULT 1', 'status tinyint NOT NULL DEFAULT 1',
'PRIMARY KEY (id)' 'PRIMARY KEY (id)'
] ]
); );

22
App/Models/Post.php
View File

@ -11,12 +11,14 @@ class Post extends \Core\Model
[ [
'id int(3) NOT NULL AUTO_INCREMENT', 'id int(3) NOT NULL AUTO_INCREMENT',
'category int(3) NOT NULL', 'category int(3) NOT NULL',
'created_at timestamp DEFAULT CURRENT_TIMESTAMP', 'created_at date NOT NULL DEFAULT CURRENT_TIMESTAMP',
'expired_at timestamp NOT NULL', 'valid_at date NOT NULL DEFAULT CURRENT_TIMESTAMP',
'expired_at date NOT NULL',
'creator int(3) NOT NULL', 'creator int(3) NOT NULL',
'edited_at timestamp', 'edited_at date',
'editor timestamp', 'editor date',
'content varchar(255) NOT NULL', 'content varchar(255) NOT NULL',
'status tinyint NOT NULL DEFAULT 1',
'PRIMARY KEY (id)' 'PRIMARY KEY (id)'
] ]
); );
@ -32,22 +34,21 @@ class Post extends \Core\Model
); );
} }
public function showAll($conds = []) public function showAll($key = '', $operator = '', $cond = '')
{ {
try { try {
$db = static::connectDB(); $db = static::connectDB();
$sql = "SELECT * FROM pengumuman"; $sql = "SELECT * FROM pengumuman";
if ($conds) { if ($key && $operator && $cond) {
$key = implode('', array_keys($conds)); $sql .= " WHERE {$key} {$operator} ?";
$sql .= " WHERE {$key} = ?";
} }
$query = $db->prepare($sql); $query = $db->prepare($sql);
if ($conds) { if ($key && $operator && $cond) {
$query->bindValue(1, implode('', array_values($conds))); $query->bindValue(1, $cond);
} }
if ($query->execute()) { if ($query->execute()) {
@ -56,6 +57,7 @@ class Post extends \Core\Model
return $result; return $result;
} }
} }
return false;
} catch (PDOException $e) { } catch (PDOException $e) {
echo $e->getMessage(); echo $e->getMessage();
} }

10
App/Views/Data/edit_pengumuman.html
View File

@ -35,9 +35,7 @@
<label>Dibuat oleh: </label> <label>Dibuat oleh: </label>
<span> <span>
{% if post.creator == user.id %} {{ creator.name }}
{{ user.name }}
{% endif %}
</span> </span>
<br> <br>
@ -66,12 +64,10 @@
{% if post.editor == "0" %} {% if post.editor == "0" %}
- -
{% else %} {% else %}
{% if post.editor == user.id %} {{ editor.name }}
{{ user.name }}
{% endif %}
{% endif %} {% endif %}
</span> </span>
<input type="hidden" name="editor" value="3"><!-- User --> <input type="hidden" name="editor" value="{{ editor_now }}">
<br> <br>

7
App/Views/Data/entry_pengumuman.html
View File

@ -15,6 +15,11 @@
<br> <br>
<label for="expired_at">Berlaku dari</label>
<input type="date" name="valid_at" value="">
<br>
<label for="expired_at">Berlaku sampai</label> <label for="expired_at">Berlaku sampai</label>
<input type="date" name="expired_at" value=""> <input type="date" name="expired_at" value="">
@ -23,7 +28,7 @@
<label for="content">Konten</label> <label for="content">Konten</label>
<textarea name="content" rows="3" cols="30"></textarea> <textarea name="content" rows="3" cols="30"></textarea>
<input type="hidden" name="creator" value="1"> <!-- Nanti diganti user id --> <input type="hidden" name="creator" value="{{ user }}">
<!-- Current Timestamp --> <!-- Current Timestamp -->
<input type="hidden" name="_currts" value="{{ timestamp }}" disabled> <input type="hidden" name="_currts" value="{{ timestamp }}" disabled>

22
App/Views/Data/pengumuman.html
View File

@ -6,18 +6,20 @@
<h2>List Pengumuman</h2> <h2>List Pengumuman</h2>
{% for post in posts %} {% for post in posts %}
<h3>Pengumuman {{ post.id }}</h3> {% if post.id %}
{% if status %} <h3>Pengumuman {{ post.id }}</h3>
<a href="/posts/edit/{{ post.id }}"> {% if status %}
{% if post.status == 1 %} <a href="/posts/edit/{{ post.id }}">
Edit {% if post.status == 1 %}
</a> Edit
{% else %} </a>
<strike>Edit</strike> {% elseif post.status == 0 %}
</a> (Nonaktif) <strike>Edit</strike>
</a> (Nonaktif)
{% endif %}
{% endif %} {% endif %}
<p>{{ post.content|raw }}</p>
{% endif %} {% endif %}
<p>{{ post.content }}</p>
{% endfor %} {% endfor %}
{% if status %} {% if status %}

3
Core/Router.php
View File

@ -76,7 +76,8 @@ class Router
} else { } else {
// Token invalid // Token invalid
$flash = Session::flash('info', 'Token invalid, try again'); $flash = Session::flash('info', 'Token invalid, try again');
die($flash); $error = Session::flash('info');
die($error);
} }
unset($var['_token']); unset($var['_token']);
unset($var['_method']); unset($var['_method']);

14
Core/Validate.php Normal file
View File

@ -0,0 +1,14 @@
<?php
namespace Core;
class Validate
{
public static function check($items)
{
foreach ($items as $item) {
$item = preg_replace('/^<[\Ww\/]>$/', '', $item);
return true;
}
return false;
}
}