369 lines
10 KiB
PHP
369 lines
10 KiB
PHP
<?php
|
|
namespace App\Controllers;
|
|
|
|
use \Core\View;
|
|
use App\Models\Post;
|
|
use App\Models\Access;
|
|
use \Core\Token;
|
|
use \Core\Session;
|
|
use \Core\Redirect;
|
|
use \Core\XSS;
|
|
use \Michelf\Markdown;
|
|
|
|
class Posts
|
|
{
|
|
private $post;
|
|
|
|
public function __construct()
|
|
{
|
|
$this->model = new Post();
|
|
}
|
|
|
|
public function checkValid()
|
|
{
|
|
$date = new \DateTime();
|
|
$now = $date->format("Y-m-d");
|
|
|
|
$valid = $this->model->showAll([
|
|
['valid_at', '<=', $now],
|
|
['status', '!=', 0]
|
|
]);
|
|
if ($valid) {
|
|
foreach ($valid as $fields) {
|
|
if (is_array($fields)) {
|
|
$id = $fields['id'];
|
|
} else {
|
|
$id = $valid['id'];
|
|
}
|
|
$this->model->update(['status' => 1], $id);
|
|
}
|
|
}
|
|
|
|
$not_valid = $this->model->showAll([
|
|
['valid_at', '>', $now],
|
|
['status', '!=', 0]
|
|
]);
|
|
if ($not_valid) {
|
|
foreach ($not_valid as $fields) {
|
|
if (is_array($fields)) {
|
|
$id = $fields['id'];
|
|
} else {
|
|
$id = $not_valid['id'];
|
|
}
|
|
$this->model->update(['status' => 2], $id);
|
|
}
|
|
}
|
|
|
|
$expired = $this->model->showAll([
|
|
['expired_at', '<', $now],
|
|
['status', '!=', 0]
|
|
]);
|
|
if ($expired) {
|
|
foreach ($expired as $fields) {
|
|
if (is_array($fields)) {
|
|
$id = $fields['id'];
|
|
} else {
|
|
$id = $expired['id'];
|
|
}
|
|
$this->model->update(['status' => 0], $id);
|
|
}
|
|
}
|
|
}
|
|
|
|
/* Routes */
|
|
public function index($args = '')
|
|
{
|
|
$this->checkValid();
|
|
|
|
$posts = [];
|
|
|
|
$post = $this->model->showAll([
|
|
['status', '=', 1]
|
|
]);
|
|
|
|
$url = 'Data/pengumuman.html';
|
|
|
|
$status = '';
|
|
$privilege = '';
|
|
|
|
if (Session::exists('userid')) {
|
|
$post = $this->model->showAll();
|
|
if ($args != '') {
|
|
$post = $this->model->showAll([
|
|
['status', '=', $args]
|
|
]);
|
|
}
|
|
$privilege = Session::get('privilege');
|
|
$status = 'loggedin';
|
|
}
|
|
|
|
if ($post !== false) {
|
|
if (array_key_exists(0, $post)) {
|
|
$posts = $post;
|
|
} else {
|
|
$posts[] = $post;
|
|
}
|
|
|
|
// Replace \n or \r with <br />
|
|
for ($i=0; $i < count($posts); $i++) {
|
|
$posts[$i]['content'] = preg_replace('/\r\n/', '<br />', $posts[$i]['content']);
|
|
}
|
|
}
|
|
View::render($url, [
|
|
'posts' => $posts,
|
|
'status' => $status,
|
|
'privilege' => $privilege,
|
|
'token' => Token::generate()
|
|
]);
|
|
}
|
|
|
|
public function entry()
|
|
{
|
|
if (Session::exists('userid')) {
|
|
$date = new \DateTime();
|
|
$now = $date->format("d-m-Y");
|
|
|
|
$get_categories = $this->model->showAll([], 'kategori');
|
|
$categories = [];
|
|
|
|
if ($get_categories) {
|
|
if (array_key_exists(0, $get_categories)) {
|
|
$categories = $get_categories;
|
|
} else {
|
|
$categories[] = $get_categories;
|
|
}
|
|
}
|
|
|
|
$user = Session::get('userid');
|
|
|
|
View::render('Data/entry_pengumuman.html', [
|
|
'categories' => $categories,
|
|
'timestamp' => $now,
|
|
'user' => $user,
|
|
'token' => Token::generate()
|
|
]);
|
|
} else {
|
|
throw new \Exception("Page not found", 404);
|
|
}
|
|
}
|
|
|
|
public function edit($id)
|
|
{
|
|
if (Session::exists('userid')) {
|
|
if ($id) {
|
|
if (is_array($id)) {
|
|
$id = implode('', $id);
|
|
}
|
|
|
|
$get_categories = $this->model->showAll([
|
|
['status', '=', 1]
|
|
], 'kategori');
|
|
|
|
if (array_key_exists(0, $get_categories)) {
|
|
$categories = $get_categories;
|
|
} else {
|
|
$categories[] = $get_categories;
|
|
}
|
|
|
|
$post = $this->model->showAll([
|
|
['id', '=', $id]
|
|
]);
|
|
$creator = $post['creator'];
|
|
$editor = $post['editor'];
|
|
|
|
// Decode XSS data
|
|
$post = XSS::decode($post);
|
|
|
|
$table = 'users';
|
|
|
|
$creator = $this->model->showAll([
|
|
['id', '=', $creator]
|
|
], $table);
|
|
$editor = $this->model->showAll([
|
|
['id', '=', $editor]
|
|
], $table);
|
|
|
|
$editor_now = $this->model->showAll([
|
|
['id', '=', Session::get('userid')]
|
|
], $table);
|
|
|
|
$date = new \DateTime();
|
|
$timestamp = $date->format("d-m-Y");
|
|
|
|
View::render(
|
|
'Data/edit_pengumuman.html',
|
|
[
|
|
'post' => $post,
|
|
'categories' => $categories,
|
|
'creator' => $creator,
|
|
'editor' => $editor,
|
|
'editor_now' => $editor_now,
|
|
'timestamp' => $timestamp,
|
|
'token' => Token::generate()
|
|
]
|
|
);
|
|
}
|
|
} else {
|
|
throw new \Exception("Page not found", 404);
|
|
}
|
|
}
|
|
|
|
public function category()
|
|
{
|
|
if (Session::exists('userid')) {
|
|
if (Session::get('privilege') != 1) {
|
|
Session::flash('info', 'Hanya admin yang bisa mengatur kategori');
|
|
Redirect::to('/');
|
|
die();
|
|
}
|
|
$categories = [];
|
|
$get_categories = $this->model->showAll([], 'kategori');
|
|
|
|
if ($get_categories) {
|
|
if (!array_key_exists(0, $get_categories)) {
|
|
$categories[] = $get_categories;
|
|
} else {
|
|
$categories = $get_categories;
|
|
}
|
|
}
|
|
|
|
View::render('Data/kategori.html', [
|
|
'categories' => $categories,
|
|
'token' => Token::generate()
|
|
]);
|
|
} else {
|
|
throw new \Exception("Page not found", 404);
|
|
}
|
|
}
|
|
|
|
/* Methods */
|
|
public function post($args = [])
|
|
{
|
|
if (isset($args['_addon'])) {
|
|
$table = $args['_addon'];
|
|
unset($args['_addon']);
|
|
}
|
|
|
|
foreach ($args as $value) {
|
|
if ($value == '') {
|
|
Session::flash('info', 'Semua data harus diisi');
|
|
if (isset($table)) {
|
|
Redirect::to("/posts/category");
|
|
} else {
|
|
Redirect::to('/posts/entry');
|
|
}
|
|
die();
|
|
}
|
|
}
|
|
|
|
// Avoid XSS attack
|
|
$args = XSS::avoid($args);
|
|
|
|
if (isset($table)) {
|
|
if ($this->model->entry($args, $table)) {
|
|
Session::flash('info', 'Data berhasil diunggah');
|
|
Redirect::to('/posts/category');
|
|
}
|
|
} else {
|
|
if ($this->model->entry($args)) {
|
|
Session::flash('info', 'Data berhasil diunggah');
|
|
Redirect::to('/');
|
|
}
|
|
}
|
|
die();
|
|
}
|
|
|
|
public function put($args)
|
|
{
|
|
if (isset($args['_addon'])) {
|
|
$table = $args['_addon'];
|
|
unset($args['_addon']);
|
|
|
|
$this->model->update($args, $args['id'], $table);
|
|
|
|
Session::flash('info', 'Data berhasil diaktifkan');
|
|
Redirect::to('/posts/category');
|
|
die();
|
|
}
|
|
|
|
// Avoid XSS attack
|
|
$args = XSS::avoid($args);
|
|
|
|
$id = $args['id'];
|
|
unset($args['id']);
|
|
|
|
// Check if data same with old data
|
|
$keys = array_keys($args);
|
|
$old_data = [];
|
|
|
|
if ($matches = preg_grep('/^old_/', $keys)) {
|
|
foreach ($matches as $match) {
|
|
$old_data[] = $args[$match];
|
|
unset($args[$match]);
|
|
}
|
|
$new_data = [
|
|
$args['category'],
|
|
$args['content'],
|
|
$args['valid_at'],
|
|
$args['expired_at']
|
|
];
|
|
if ($old_data == $new_data) {
|
|
Session::flash('info', 'Tidak ada data yang diubah');
|
|
Redirect::to("./$id");
|
|
die();
|
|
}
|
|
}
|
|
|
|
foreach ($args as $key => $val) {
|
|
if (strpos($val, "##date##") !== false) {
|
|
$date = new \DateTime();
|
|
$now = $date->format("Y-m-d");
|
|
$args[$key] = $now;
|
|
}
|
|
}
|
|
|
|
var_dump($args);
|
|
|
|
if ($this->model->update($args, $id)) {
|
|
Session::flash('info', 'Data berhasil diperbarui');
|
|
Redirect::to('/');
|
|
} else {
|
|
Session::flash('info', 'Terjadi kesalahan. Silahkan coba lagi dalam beberapa saat');
|
|
Redirect::to("./$id");
|
|
}
|
|
die();
|
|
}
|
|
|
|
public function delete($args = [])
|
|
{
|
|
if (isset($args['_addon'])) {
|
|
$table = $args['_addon'];
|
|
unset($args['_addon']);
|
|
}
|
|
|
|
$id = $args['id'];
|
|
unset($args['id']);
|
|
|
|
if (isset($table)) {
|
|
$delete = $this->model->update($args, $id, $table);
|
|
} else {
|
|
$delete = $this->model->update($args, $id);
|
|
}
|
|
|
|
if ($delete == true) {
|
|
$info = 'Data berhasil dinonaktifkan.';
|
|
} else {
|
|
$info = 'Terjadi kesalahan. Silahkan coba lagi dalam beberapa saat';
|
|
}
|
|
|
|
Session::flash('info', $info);
|
|
|
|
if (isset($table)) {
|
|
Redirect::to("/posts/category");
|
|
} else {
|
|
Redirect::to('/');
|
|
}
|
|
die();
|
|
}
|
|
}
|