/halogy/application/modules/blog/controllers/admin.php

https://bitbucket.org/haloweb/halogy-1.0/ · PHP · 381 lines · 242 code · 65 blank · 74 comment · 32 complexity · 9090458279d66baca8a87aabef9b7fa2 MD5 · raw file

  1. <?php
  2. /**
  3. * Halogy
  4. *
  5. * A user friendly, modular content management system for PHP 5.0
  6. * Built on CodeIgniter - http://codeigniter.com
  7. *
  8. * @package Halogy
  9. * @author Haloweb Ltd.
  10. * @copyright Copyright (c) 2008-2011, Haloweb Ltd.
  11. * @license http://halogy.com/license
  12. * @link http://halogy.com/
  13. * @since Version 1.0
  14. * @filesource
  15. */
  16. // ------------------------------------------------------------------------
  17. class Admin extends Controller {
  18. // set defaults
  19. var $includes_path = '/includes/admin'; // path to includes for header and footer
  20. var $redirect = '/admin/blog/viewall'; // default redirect
  21. var $permissions = array();
  22. function Admin()
  23. {
  24. parent::Controller();
  25. // check user is logged in, if not send them away from this controller
  26. if (!$this->session->userdata('session_admin'))
  27. {
  28. redirect('/admin/login/'.$this->core->encode($this->uri->uri_string()));
  29. }
  30. // get permissions and redirect if they don't have access to this module
  31. if (!$this->permission->permissions)
  32. {
  33. redirect('/admin/dashboard/permissions');
  34. }
  35. if (!in_array($this->uri->segment(2), $this->permission->permissions))
  36. {
  37. redirect('/admin/dashboard/permissions');
  38. }
  39. // get siteID, if available
  40. if (defined('SITEID'))
  41. {
  42. $this->siteID = SITEID;
  43. }
  44. // load models and libs
  45. $this->load->model('blog_model', 'blog');
  46. $this->load->library('tags');
  47. }
  48. function index()
  49. {
  50. redirect($this->redirect);
  51. }
  52. function viewall()
  53. {
  54. // default where
  55. $where = array();
  56. // set by userID if 'access all' permission is not set
  57. if (!in_array('blog_all', $this->permission->permissions))
  58. {
  59. $where['userID'] = $this->session->userdata('userID');
  60. }
  61. // grab data and display
  62. $output = $this->core->viewall('blog_posts', $where, array('dateCreated', 'desc'));
  63. $this->load->view($this->includes_path.'/header');
  64. $this->load->view('admin/viewall',$output);
  65. $this->load->view($this->includes_path.'/footer');
  66. }
  67. function add_post()
  68. {
  69. // check permissions for this page
  70. if (!in_array('blog_edit', $this->permission->permissions))
  71. {
  72. redirect('/admin/dashboard/permissions');
  73. }
  74. // get values
  75. $output['data'] = $this->core->get_values('blog_posts');
  76. // get categories
  77. $output['categories'] = $this->blog->get_categories();
  78. if (count($_POST))
  79. {
  80. // required
  81. $this->core->required = array(
  82. 'postTitle' => array('label' => 'Title', 'rules' => 'required|trim'),
  83. 'body' => 'Body'
  84. );
  85. // tidy tags
  86. $tags = '';
  87. if ($this->input->post('tags'))
  88. {
  89. foreach (explode(',', $this->input->post('tags')) as $tag)
  90. {
  91. $tags[] = ucwords(trim(strtolower(str_replace('-', ' ', $tag))));
  92. }
  93. $tags = implode(', ', $tags);
  94. }
  95. // set date
  96. $this->core->set['dateCreated'] = date("Y-m-d H:i:s");
  97. $this->core->set['userID'] = $this->session->userdata('userID');
  98. $this->core->set['uri'] = url_title(strtolower($this->input->post('postTitle')));
  99. $this->core->set['tags'] = $tags;
  100. // update
  101. if ($this->core->update('blog_posts'))
  102. {
  103. $postID = $this->db->insert_id();
  104. // update categories
  105. $this->blog->update_cats($postID, $this->input->post('catsArray'));
  106. // update tags
  107. $this->tags->update_tags('blog_posts', $postID, $tags);
  108. // where to redirect to
  109. redirect($this->redirect);
  110. }
  111. }
  112. // templates
  113. $this->load->view($this->includes_path.'/header');
  114. $this->load->view('admin/add_post', $output);
  115. $this->load->view($this->includes_path.'/footer');
  116. }
  117. function edit_post($postID)
  118. {
  119. // check permissions for this page
  120. if (!in_array('blog_edit', $this->permission->permissions))
  121. {
  122. redirect('/admin/dashboard/permissions');
  123. }
  124. // set object ID
  125. $objectID = array('postID' => $postID);
  126. // get values
  127. $output['data'] = $this->core->get_values('blog_posts', $objectID);
  128. // get categories
  129. $output['categories'] = $this->blog->get_categories();
  130. // get categories for this post
  131. $output['data']['categories'] = $this->blog->get_cats_for_post($postID);
  132. if (count($_POST))
  133. {
  134. // required
  135. $this->core->required = array(
  136. 'postTitle' => array('label' => 'Title', 'rules' => 'required|trim'),
  137. 'body' => 'Body'
  138. );
  139. // set date
  140. if ($this->input->post('publishDate'))
  141. {
  142. $seconds = dateFmt($output['data']['dateCreated'], 'H:i:s');
  143. $this->core->set['dateCreated'] = date("Y-m-d H:i:s", strtotime($this->input->post('publishDate').' '.$seconds));
  144. }
  145. // tidy tags
  146. $tags = '';
  147. if ($this->input->post('tags'))
  148. {
  149. foreach (explode(',', $this->input->post('tags')) as $tag)
  150. {
  151. $tags[] = ucwords(trim(strtolower(str_replace('-', ' ', $tag))));
  152. }
  153. $tags = implode(', ', $tags);
  154. }
  155. // set stuff
  156. $this->core->set['dateModified'] = date("Y-m-d H:i:s");
  157. $this->core->set['uri'] = url_title(strtolower($this->input->post('postTitle')));
  158. $this->core->set['tags'] = $tags;
  159. // update
  160. if ($this->core->update('blog_posts', $objectID))
  161. {
  162. // update categories
  163. $this->blog->update_cats($postID, $this->input->post('catsArray'));
  164. // update tags
  165. $this->tags->update_tags('blog_posts', $postID, $tags);
  166. // set success message
  167. $this->session->set_flashdata('success', TRUE);
  168. // view page
  169. if ($this->input->post('view'))
  170. {
  171. redirect('/blog/'.dateFmt($output['data']['dateCreated'], 'Y/m').'/'.url_title(strtolower($this->input->post('postTitle'))));
  172. }
  173. else
  174. {
  175. // where to redirect to
  176. redirect('/admin/blog/edit_post/'.$postID);
  177. }
  178. }
  179. }
  180. // set message
  181. if ($this->session->flashdata('success'))
  182. {
  183. $output['message'] = '<p>Your changes were saved.</p>';
  184. }
  185. // templates
  186. $this->load->view($this->includes_path.'/header');
  187. $this->load->view('admin/edit_post', $output);
  188. $this->load->view($this->includes_path.'/footer');
  189. }
  190. function delete_post($objectID)
  191. {
  192. // check permissions for this page
  193. if (!in_array('blog_delete', $this->permission->permissions))
  194. {
  195. redirect('/admin/dashboard/permissions');
  196. }
  197. if ($this->core->soft_delete('blog_posts', array('postID' => $objectID)))
  198. {
  199. // remove category mappings
  200. $this->blog->update_cats($objectID);
  201. // where to redirect to
  202. redirect($this->redirect);
  203. }
  204. }
  205. function preview()
  206. {
  207. // get parsed body
  208. $html = $this->template->parse_body($this->input->post('body'));
  209. // filter for scripts
  210. $html = preg_replace('/<script(.*)<\/script>/is', '<em>This block contained scripts, please refresh page.</em>', $html);
  211. // output
  212. $this->output->set_output($html);
  213. }
  214. function comments()
  215. {
  216. // grab data and display
  217. $output['comments'] = $this->blog->get_latest_comments();
  218. $this->load->view($this->includes_path.'/header');
  219. $this->load->view('admin/comments',$output);
  220. $this->load->view($this->includes_path.'/footer');
  221. }
  222. function approve_comment($commentID)
  223. {
  224. if ($this->blog->approve_comment($commentID))
  225. {
  226. redirect('/admin/blog/comments');
  227. }
  228. }
  229. function delete_comment($objectID)
  230. {
  231. // check permissions for this page
  232. if (!in_array('blog_edit', $this->permission->permissions))
  233. {
  234. redirect('/admin/dashboard/permissions');
  235. }
  236. if ($this->core->soft_delete('blog_comments', array('commentID' => $objectID)))
  237. {
  238. // where to redirect to
  239. redirect('/admin/blog/comments/');
  240. }
  241. }
  242. function categories()
  243. {
  244. // check permissions for this page
  245. if (!in_array('blog_cats', $this->permission->permissions))
  246. {
  247. redirect('/admin/dashboard/permissions');
  248. }
  249. // get values
  250. $output = $this->core->get_values('blog_cats');
  251. // get categories
  252. $output['categories'] = $this->blog->get_categories();
  253. if (count($_POST))
  254. {
  255. // required fields
  256. $this->core->required = array('catName' => 'Category name');
  257. // set date
  258. $this->core->set['dateCreated'] = date("Y-m-d H:i:s");
  259. $this->core->set['catSafe'] = url_title(strtolower(trim($this->input->post('catName'))));
  260. // update
  261. if ($this->core->update('blog_cats'))
  262. {
  263. // where to redirect to
  264. redirect('/admin/blog/categories');
  265. }
  266. }
  267. $this->load->view($this->includes_path.'/header');
  268. $this->load->view('admin/categories',$output);
  269. $this->load->view($this->includes_path.'/footer');
  270. }
  271. function edit_cat()
  272. {
  273. // check permissions for this page
  274. if (!in_array('blog_cats', $this->permission->permissions))
  275. {
  276. redirect('/admin/dashboard/permissions');
  277. }
  278. // go through post and edit each list item
  279. $listArray = $this->core->get_post();
  280. if (count($listArray))
  281. {
  282. foreach($listArray as $ID => $value)
  283. {
  284. if ($ID != '' && sizeof($value) > 0 && $value['catName'])
  285. {
  286. // set object ID
  287. $objectID = array('catID' => $ID);
  288. $this->core->set['catName'] = $value['catName'];
  289. $this->core->set['catSafe'] = url_title(strtolower(trim($value['catName'])));
  290. $this->core->update('blog_cats', $objectID);
  291. }
  292. }
  293. }
  294. // where to redirect to
  295. redirect('/admin/blog/categories');
  296. }
  297. function delete_cat($catID)
  298. {
  299. // check permissions for this page
  300. if (!in_array('blog_cats', $this->permission->permissions))
  301. {
  302. redirect('/admin/dashboard/permissions');
  303. }
  304. // where
  305. $objectID = array('catID' => $catID);
  306. if ($this->core->soft_delete('blog_cats', $objectID))
  307. {
  308. // where to redirect to
  309. redirect('/admin/blog/categories');
  310. }
  311. }
  312. function order($field = '')
  313. {
  314. $this->core->order(key($_POST), $field);
  315. }
  316. }