From 793d99616613168e67e359fb4aa622ce593844b4 Mon Sep 17 00:00:00 2001 From: Marcin Kurczewski Date: Mon, 7 Oct 2013 20:44:14 +0200 Subject: [PATCH] Very rough post list sketch; user list placeholder --- config.ini | 2 + src/Controllers/IndexController.php | 9 +++- src/Controllers/PostController.php | 68 ++++++++++++++++++++++++++--- src/Models/Privilege.php | 2 + src/Views/layout-normal.phtml | 55 +++++++++++------------ src/Views/post-list.phtml | 6 ++- 6 files changed, 104 insertions(+), 38 deletions(-) diff --git a/config.ini b/config.ini index 8c3beb2e..248663aa 100644 --- a/config.ini +++ b/config.ini @@ -28,3 +28,5 @@ Kind regards, [privileges] uploadPost=registered +listPosts=anonymous +listUsers=registered diff --git a/src/Controllers/IndexController.php b/src/Controllers/IndexController.php index 25002e47..7592fdb4 100644 --- a/src/Controllers/IndexController.php +++ b/src/Controllers/IndexController.php @@ -7,7 +7,14 @@ class IndexController */ public function indexAction() { - $this->context->activeSection = 'home'; $this->context->subTitle = 'home'; } + + /** + * @route /help + */ + public function helpAction() + { + $this->context->subTitle = 'help'; + } } diff --git a/src/Controllers/PostController.php b/src/Controllers/PostController.php index 0a77b1a8..ab5f1da2 100644 --- a/src/Controllers/PostController.php +++ b/src/Controllers/PostController.php @@ -26,7 +26,25 @@ class PostController $this->context->subTitle = 'browsing posts'; $this->context->searchQuery = $query; - throw new Exception('Not implemented'); + + PrivilegesHelper::confirmWithException($this->context->user, Privilege::ListPosts); + + $page = 1; + $params = []; + $params[':limit'] = 20; + $params[':offset'] = ($page - 1) * $params[':limit']; + + //todo safety + //todo construct WHERE based on filters + $whereSql = ''; + + //todo construct ORDER based on filers + $orderSql = 'ORDER BY upload_date DESC'; + + $limitSql = 'LIMIT :limit OFFSET :offset'; + + $posts = R::findAll('post', sprintf('%s %s %s', $whereSql, $orderSql, $limitSql), $params); + $this->context->transport->posts = $posts; } /** @@ -51,7 +69,7 @@ class PostController $suppliedTags = array_filter($suppliedTags); $suppliedTags = array_unique($suppliedTags); foreach ($suppliedTags as $tag) - if (!preg_match('/^\w+$/i', $tag)) + if (!preg_match('/^[a-zA-Z0-9_-]+$/i', $tag)) throw new SimpleException('Invalid tag "' . $tag . '"'); $suppliedFile = $_FILES['file']; @@ -95,9 +113,11 @@ class PostController $dbPost = R::dispense('post'); $dbPost->type = $postType; $dbPost->name = $name; - $dbPost->mimeType = $suppliedFile['type']; + $dbPost->mime_type = $suppliedFile['type']; $dbPost->safety = $suppliedSafety; + $dbPost->upload_date = time(); $dbPost->sharedTag = $dbTags; + $dbPost->ownUser = $this->context->user; move_uploaded_file($suppliedFile['tmp_name'], $path); R::store($dbPost); @@ -109,12 +129,47 @@ class PostController } /** + * Action that decorates the page containing the post. * @route /post/{id} */ - public function showAction($id) + public function viewAction($id) { - $this->context->subTitle = 'showing @' . $id; - throw new Exception('Not implemented'); + $post = R::findOne('post', 'id = ?', [$id]); + if (!$post) + throw new SimpleException('Invalid post ID "' . $id . '"'); + + //todo: verify access rank...? + //todo: verify sketchy, nsfw, sfw + + $this->context->subTitle = 'showing @' . $post->id; + $this->context->transport->post = $post; + } + + /** + * Action that renders the requested file itself and sends it to user. + * @route /post/send/{name} + */ + public function sendAction($name) + { + $this->context->layoutName = 'layout-file'; + + $post = R::findOne('post', 'name = ?', [$name]); + if (!$post) + throw new SimpleException('Invalid post name "' . $name . '"'); + + //I guess access rank shouldn't be verified here. If someone arrives + //here, they already know the full name of the post (not just the ID) + //either by visiting the HTML container page or by having hotlink. + //Such users should be trusted. + + $path = $this->config->main->filesPath . DIRECTORY_SEPARATOR . $post->name; + if (!file_exists($path)) + throw new SimpleException('Post file does not exist'); + if (!is_readable($path)) + throw new SimpleException('Post file is not readable'); + + $this->context->transport->mimeType = $post->mimeType; + $this->context->transport->filePath = $path; } /** @@ -123,5 +178,6 @@ class PostController public function favoritesAction() { $this->listAction('favmin:1'); + $this->context->viewName = 'post-list'; } } diff --git a/src/Models/Privilege.php b/src/Models/Privilege.php index 38217899..7315b1d6 100644 --- a/src/Models/Privilege.php +++ b/src/Models/Privilege.php @@ -2,4 +2,6 @@ class Privilege { const UploadPost = 1; + const ListPosts = 2; + const ListUsers = 3; } diff --git a/src/Views/layout-normal.phtml b/src/Views/layout-normal.phtml index 5bab8d1c..a31043a2 100644 --- a/src/Views/layout-normal.phtml +++ b/src/Views/layout-normal.phtml @@ -24,49 +24,44 @@
diff --git a/src/Views/post-list.phtml b/src/Views/post-list.phtml index c5fbe7c7..d910acd3 100644 --- a/src/Views/post-list.phtml +++ b/src/Views/post-list.phtml @@ -1 +1,5 @@ -Todo: view posts +context->transport->posts as $post): ?> + + Post id; ?> + +