|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* BlogDataModule class file |
|
4
|
|
|
* |
|
5
|
|
|
* @author Qiang Xue <[email protected]> |
|
6
|
|
|
* @link https://github.com/pradosoft/prado |
|
7
|
|
|
* @copyright Copyright © 2006-2016 The PRADO Group |
|
8
|
|
|
* @license https://github.com/pradosoft/prado/blob/master/COPYRIGHT |
|
9
|
|
|
*/ |
|
10
|
|
|
|
|
11
|
|
|
/** |
|
12
|
|
|
* BlogDataModule class |
|
13
|
|
|
* |
|
14
|
|
|
* @author Qiang Xue <[email protected]> |
|
15
|
|
|
* @link https://github.com/pradosoft/prado |
|
16
|
|
|
* @copyright Copyright © 2006-2016 The PRADO Group |
|
17
|
|
|
* @license https://github.com/pradosoft/prado/blob/master/COPYRIGHT |
|
18
|
|
|
*/ |
|
19
|
|
|
class BlogDataModule extends TModule |
|
20
|
|
|
{ |
|
21
|
|
|
const DB_FILE_EXT='.db'; |
|
22
|
|
|
const DEFAULT_DB_FILE='Application.Data.Blog'; |
|
23
|
|
|
private $_db=null; |
|
24
|
|
|
private $_dbFile=null; |
|
25
|
|
|
|
|
26
|
|
|
public function init($config) |
|
27
|
|
|
{ |
|
28
|
|
|
$this->connectDatabase(); |
|
29
|
|
|
} |
|
30
|
|
|
|
|
31
|
|
|
public function getDbFile() |
|
32
|
|
|
{ |
|
33
|
|
|
if($this->_dbFile===null) |
|
34
|
|
|
$this->_dbFile=Prado::getPathOfNamespace(self::DEFAULT_DB_FILE,self::DB_FILE_EXT); |
|
35
|
|
|
return $this->_dbFile; |
|
36
|
|
|
} |
|
37
|
|
|
|
|
38
|
|
|
public function setDbFile($value) |
|
39
|
|
|
{ |
|
40
|
|
|
if(($this->_dbFile=Prado::getPathOfNamespace($value,self::DB_FILE_EXT))===null) |
|
41
|
|
|
throw new BlogException(500,'blogdatamodule_dbfile_invalid',$value); |
|
42
|
|
|
} |
|
43
|
|
|
|
|
44
|
|
|
protected function createDatabase() |
|
45
|
|
|
{ |
|
46
|
|
|
$schemaFile=dirname(__FILE__).'/schema.sql'; |
|
47
|
|
|
$statements=explode(';',file_get_contents($schemaFile)); |
|
48
|
|
|
foreach($statements as $statement) |
|
49
|
|
|
{ |
|
50
|
|
|
if(trim($statement)!=='') |
|
51
|
|
|
{ |
|
52
|
|
|
try { |
|
53
|
|
|
$command=$this->_db->createCommand($statement); |
|
54
|
|
|
$command->execute(); |
|
55
|
|
|
} |
|
56
|
|
|
catch(TDbException $e) |
|
57
|
|
|
{ |
|
58
|
|
|
throw new BlogException(500,'blogdatamodule_createdatabase_failed',$e->getErrorMessage(),$statement); |
|
59
|
|
|
} |
|
60
|
|
|
} |
|
61
|
|
|
} |
|
62
|
|
|
} |
|
63
|
|
|
|
|
64
|
|
|
protected function connectDatabase() |
|
65
|
|
|
{ |
|
66
|
|
|
$dbFile=$this->getDbFile(); |
|
67
|
|
|
$newDb=!is_file($dbFile); |
|
68
|
|
|
|
|
69
|
|
|
try { |
|
70
|
|
|
$this->_db=new TDbConnection("sqlite:".$dbFile); |
|
71
|
|
|
$this->_db->Active=true; |
|
|
|
|
|
|
72
|
|
|
} |
|
73
|
|
|
catch(TDbException $e) |
|
74
|
|
|
{ |
|
75
|
|
|
throw new BlogException(500,'blogdatamodule_dbconnect_failed',$e->getErrorMessage()); |
|
76
|
|
|
} |
|
77
|
|
|
|
|
78
|
|
|
if($newDb) |
|
79
|
|
|
$this->createDatabase(); |
|
80
|
|
|
} |
|
81
|
|
|
|
|
82
|
|
|
protected function generateModifier($filter,$orderBy,$limit) |
|
83
|
|
|
{ |
|
84
|
|
|
$modifier=''; |
|
85
|
|
|
if($filter!=='') |
|
86
|
|
|
$modifier=' WHERE '.$filter; |
|
87
|
|
|
if($orderBy!=='') |
|
88
|
|
|
$modifier.=' ORDER BY '.$orderBy; |
|
89
|
|
|
if($limit!=='') |
|
90
|
|
|
$modifier.=' LIMIT '.$limit; |
|
91
|
|
|
return $modifier; |
|
92
|
|
|
} |
|
93
|
|
|
|
|
94
|
|
|
public function query($sql) |
|
95
|
|
|
{ |
|
96
|
|
|
try { |
|
97
|
|
|
$command=$this->_db->createCommand($sql); |
|
98
|
|
|
return $command->query(); |
|
99
|
|
|
} |
|
100
|
|
|
catch(TDbException $e) |
|
101
|
|
|
{ |
|
102
|
|
|
throw new BlogException(500,'blogdatamodule_query_failed',$e->getErrorMessage(),$sql); |
|
103
|
|
|
} |
|
104
|
|
|
} |
|
105
|
|
|
|
|
106
|
|
|
protected function populateUserRecord($row) |
|
107
|
|
|
{ |
|
108
|
|
|
$userRecord=new UserRecord; |
|
109
|
|
|
$userRecord->ID=(integer)$row['id']; |
|
110
|
|
|
$userRecord->Name=$row['name']; |
|
111
|
|
|
$userRecord->FullName=$row['full_name']; |
|
112
|
|
|
$userRecord->Role=(integer)$row['role']; |
|
113
|
|
|
$userRecord->Password=$row['passwd']; |
|
|
|
|
|
|
114
|
|
|
$userRecord->VerifyCode=$row['vcode']; |
|
115
|
|
|
$userRecord->Email=$row['email']; |
|
116
|
|
|
$userRecord->CreateTime=(integer)$row['reg_time']; |
|
117
|
|
|
$userRecord->Status=(integer)$row['status']; |
|
118
|
|
|
$userRecord->Website=$row['website']; |
|
119
|
|
|
return $userRecord; |
|
120
|
|
|
} |
|
121
|
|
|
|
|
122
|
|
View Code Duplication |
public function queryUsers($filter='',$orderBy='',$limit='') |
|
|
|
|
|
|
123
|
|
|
{ |
|
124
|
|
|
if($filter!=='') |
|
125
|
|
|
$filter='WHERE '.$filter; |
|
126
|
|
|
$sql="SELECT * FROM tblUsers $filter $orderBy $limit"; |
|
127
|
|
|
$rows=$this->query($sql); |
|
128
|
|
|
$users=array(); |
|
129
|
|
|
foreach($rows as $row) |
|
130
|
|
|
$users[]=$this->populateUserRecord($row); |
|
131
|
|
|
return $users; |
|
132
|
|
|
} |
|
133
|
|
|
|
|
134
|
|
|
public function queryUserCount($filter) |
|
135
|
|
|
{ |
|
136
|
|
|
if($filter!=='') |
|
137
|
|
|
$filter='WHERE '.$filter; |
|
138
|
|
|
$sql="SELECT COUNT(id) AS user_count FROM tblUsers $filter"; |
|
139
|
|
|
$result=$this->query($sql); |
|
140
|
|
|
if(($row=$result->read())!==false) |
|
141
|
|
|
return $row['user_count']; |
|
142
|
|
|
else |
|
143
|
|
|
return 0; |
|
144
|
|
|
} |
|
145
|
|
|
|
|
146
|
|
|
public function queryUserByID($id) |
|
147
|
|
|
{ |
|
148
|
|
|
$sql="SELECT * FROM tblUsers WHERE id=$id"; |
|
149
|
|
|
$result=$this->query($sql); |
|
150
|
|
|
if(($row=$result->read())!==false) |
|
151
|
|
|
return $this->populateUserRecord($row); |
|
152
|
|
|
else |
|
153
|
|
|
return null; |
|
154
|
|
|
} |
|
155
|
|
|
|
|
156
|
|
|
public function queryUserByName($name) |
|
157
|
|
|
{ |
|
158
|
|
|
$command=$this->_db->createCommand("SELECT * FROM tblUsers WHERE name=?"); |
|
159
|
|
|
$command->bindValue(1, $name); |
|
160
|
|
|
|
|
161
|
|
|
$result=$command->query(); |
|
162
|
|
|
|
|
163
|
|
|
if(($row=$result->read())!==false) |
|
164
|
|
|
return $this->populateUserRecord($row); |
|
165
|
|
|
else |
|
166
|
|
|
return null; |
|
167
|
|
|
} |
|
168
|
|
|
|
|
169
|
|
|
public function insertUser($user) |
|
170
|
|
|
{ |
|
171
|
|
|
$command=$this->_db->createCommand("INSERT INTO tblUsers ". |
|
172
|
|
|
"(name,full_name,role,passwd,email,reg_time,status,website) ". |
|
173
|
|
|
"VALUES (?,?,?,?,?,?,?,?)"); |
|
174
|
|
|
$command->bindValue(1, $user->Name); |
|
175
|
|
|
$command->bindValue(2, $user->FullName); |
|
176
|
|
|
$command->bindValue(3, $user->Role); |
|
177
|
|
|
$command->bindValue(4, $user->Password); |
|
178
|
|
|
$command->bindValue(5, $user->Email); |
|
179
|
|
|
$command->bindValue(6, time()); |
|
180
|
|
|
$command->bindValue(7, $user->Status); |
|
181
|
|
|
$command->bindValue(8, $user->Website); |
|
182
|
|
|
$command->execute(); |
|
183
|
|
|
|
|
184
|
|
|
$user->ID=$this->_db->getLastInsertID(); |
|
185
|
|
|
} |
|
186
|
|
|
|
|
187
|
|
|
public function updateUser($user) |
|
188
|
|
|
{ |
|
189
|
|
|
$command=$this->_db->createCommand("UPDATE tblUsers SET |
|
190
|
|
|
name=?, |
|
191
|
|
|
full_name=?, |
|
192
|
|
|
role=?, |
|
193
|
|
|
passwd=?, |
|
194
|
|
|
vcode=?, |
|
195
|
|
|
email=?, |
|
196
|
|
|
status=?, |
|
197
|
|
|
website=? |
|
198
|
|
|
WHERE id=?"); |
|
199
|
|
|
$command->bindValue(1, $user->Name); |
|
200
|
|
|
$command->bindValue(2, $user->FullName); |
|
201
|
|
|
$command->bindValue(3, $user->Role); |
|
202
|
|
|
$command->bindValue(4, $user->Password); |
|
203
|
|
|
$command->bindValue(5, $user->VerifyCode); |
|
204
|
|
|
$command->bindValue(6, $user->Email); |
|
205
|
|
|
$command->bindValue(7, $user->Status); |
|
206
|
|
|
$command->bindValue(8, $user->Website); |
|
207
|
|
|
$command->bindValue(9, $user->ID); |
|
208
|
|
|
$command->execute(); |
|
209
|
|
|
} |
|
210
|
|
|
|
|
211
|
|
|
public function deleteUser($id) |
|
212
|
|
|
{ |
|
213
|
|
|
$command=$this->_db->createCommand("DELETE FROM tblUsers WHERE id=?"); |
|
214
|
|
|
$command->bindValue(1, $id); |
|
215
|
|
|
$command->execute(); |
|
216
|
|
|
} |
|
217
|
|
|
|
|
218
|
|
|
protected function populatePostRecord($row) |
|
219
|
|
|
{ |
|
220
|
|
|
$postRecord=new PostRecord; |
|
221
|
|
|
$postRecord->ID=(integer)$row['id']; |
|
222
|
|
|
$postRecord->AuthorID=(integer)$row['author_id']; |
|
|
|
|
|
|
223
|
|
|
if($row['author_full_name']!=='') |
|
224
|
|
|
$postRecord->AuthorName=$row['author_full_name']; |
|
|
|
|
|
|
225
|
|
|
else |
|
226
|
|
|
$postRecord->AuthorName=$row['author_name']; |
|
|
|
|
|
|
227
|
|
|
$postRecord->CreateTime=(integer)$row['create_time']; |
|
228
|
|
|
$postRecord->ModifyTime=(integer)$row['modify_time']; |
|
229
|
|
|
$postRecord->Title=$row['title']; |
|
230
|
|
|
$postRecord->Content=$row['content']; |
|
|
|
|
|
|
231
|
|
|
$postRecord->Status=(integer)$row['status']; |
|
|
|
|
|
|
232
|
|
|
$postRecord->CommentCount=(integer)$row['comment_count']; |
|
233
|
|
|
return $postRecord; |
|
234
|
|
|
} |
|
235
|
|
|
|
|
236
|
|
|
public function queryPosts($postFilter,$categoryFilter,$orderBy,$limit) |
|
237
|
|
|
{ |
|
238
|
|
|
//FIXME this is insecure by design since it misses proper escaping |
|
239
|
|
|
$filter=''; |
|
240
|
|
|
if($postFilter!=='') |
|
241
|
|
|
$filter.=" AND $postFilter"; |
|
242
|
|
|
if($categoryFilter!=='') |
|
243
|
|
|
$filter.=" AND a.id IN (SELECT post_id AS id FROM tblPost2Category WHERE $categoryFilter)"; |
|
244
|
|
|
$sql="SELECT a.id AS id, |
|
245
|
|
|
a.author_id AS author_id, |
|
246
|
|
|
b.name AS author_name, |
|
247
|
|
|
b.full_name AS author_full_name, |
|
248
|
|
|
a.create_time AS create_time, |
|
249
|
|
|
a.modify_time AS modify_time, |
|
250
|
|
|
a.title AS title, |
|
251
|
|
|
a.content AS content, |
|
252
|
|
|
a.status AS status, |
|
253
|
|
|
a.comment_count AS comment_count |
|
254
|
|
|
FROM tblPosts a, tblUsers b |
|
255
|
|
|
WHERE a.author_id=b.id $filter $orderBy $limit"; |
|
256
|
|
|
$rows=$this->query($sql); |
|
257
|
|
|
$posts=array(); |
|
258
|
|
|
foreach($rows as $row) |
|
259
|
|
|
$posts[]=$this->populatePostRecord($row); |
|
260
|
|
|
return $posts; |
|
261
|
|
|
} |
|
262
|
|
|
|
|
263
|
|
|
public function queryPostsSearch($keywords,$orderBy,$limit) |
|
264
|
|
|
{ |
|
265
|
|
|
$sql="SELECT a.id AS id, |
|
266
|
|
|
a.author_id AS author_id, |
|
267
|
|
|
b.name AS author_name, |
|
268
|
|
|
b.full_name AS author_full_name, |
|
269
|
|
|
a.create_time AS create_time, |
|
270
|
|
|
a.modify_time AS modify_time, |
|
271
|
|
|
a.title AS title, |
|
272
|
|
|
a.content AS content, |
|
273
|
|
|
a.status AS status, |
|
274
|
|
|
a.comment_count AS comment_count |
|
275
|
|
|
FROM tblPosts a, tblUsers b |
|
276
|
|
|
WHERE a.author_id=b.id AND a.status=0"; |
|
277
|
|
|
|
|
278
|
|
|
foreach($keywords as $keyword) |
|
279
|
|
|
$sql.=" AND (content LIKE ? OR title LIKE ?)"; |
|
280
|
|
|
|
|
281
|
|
|
$sql.=" $orderBy $limit"; |
|
282
|
|
|
|
|
283
|
|
|
$command=$this->_db->createCommand($sql); |
|
284
|
|
|
|
|
285
|
|
|
$i=1; |
|
286
|
|
|
foreach($keywords as $keyword) |
|
287
|
|
|
{ |
|
288
|
|
|
$command->bindValue($i, "%".$keyword."%"); |
|
289
|
|
|
$i++; |
|
290
|
|
|
} |
|
291
|
|
|
|
|
292
|
|
|
$rows=$command->query(); |
|
293
|
|
|
|
|
294
|
|
|
$posts=array(); |
|
295
|
|
|
foreach($rows as $row) |
|
296
|
|
|
$posts[]=$this->populatePostRecord($row); |
|
297
|
|
|
return $posts; |
|
298
|
|
|
|
|
299
|
|
|
} |
|
300
|
|
|
|
|
301
|
|
|
public function queryPostCount($postFilter,$categoryFilter) |
|
302
|
|
|
{ |
|
303
|
|
|
//FIXME this is insecure by design since it misses proper escaping |
|
304
|
|
|
$filter=''; |
|
305
|
|
|
if($postFilter!=='') |
|
306
|
|
|
$filter.=" AND $postFilter"; |
|
307
|
|
|
if($categoryFilter!=='') |
|
308
|
|
|
$filter.=" AND a.id IN (SELECT post_id AS id FROM tblPost2Category WHERE $categoryFilter)"; |
|
309
|
|
|
$sql="SELECT COUNT(a.id) AS post_count |
|
310
|
|
|
FROM tblPosts a, tblUsers b |
|
311
|
|
|
WHERE a.author_id=b.id $filter"; |
|
312
|
|
|
$result=$this->query($sql); |
|
313
|
|
|
if(($row=$result->read())!==false) |
|
314
|
|
|
return $row['post_count']; |
|
315
|
|
|
else |
|
316
|
|
|
return 0; |
|
317
|
|
|
} |
|
318
|
|
|
|
|
319
|
|
View Code Duplication |
public function queryPostByID($id) |
|
|
|
|
|
|
320
|
|
|
{ |
|
321
|
|
|
$sql="SELECT a.id AS id, |
|
322
|
|
|
a.author_id AS author_id, |
|
323
|
|
|
b.name AS author_name, |
|
324
|
|
|
b.full_name AS author_full_name, |
|
325
|
|
|
a.create_time AS create_time, |
|
326
|
|
|
a.modify_time AS modify_time, |
|
327
|
|
|
a.title AS title, |
|
328
|
|
|
a.content AS content, |
|
329
|
|
|
a.status AS status, |
|
330
|
|
|
a.comment_count AS comment_count |
|
331
|
|
|
FROM tblPosts a, tblUsers b |
|
332
|
|
|
WHERE a.id=? AND a.author_id=b.id"; |
|
333
|
|
|
|
|
334
|
|
|
$command=$this->_db->createCommand($sql); |
|
335
|
|
|
$command->bindValue(1, $id); |
|
336
|
|
|
|
|
337
|
|
|
$result=$command->query(); |
|
338
|
|
|
|
|
339
|
|
|
if(($row=$result->read())!==false) |
|
340
|
|
|
return $this->populatePostRecord($row); |
|
341
|
|
|
else |
|
342
|
|
|
return null; |
|
343
|
|
|
} |
|
344
|
|
|
|
|
345
|
|
|
public function insertPost($post,$catIDs) |
|
346
|
|
|
{ |
|
347
|
|
|
$command=$this->_db->createCommand("INSERT INTO tblPosts |
|
348
|
|
|
(author_id,create_time,modify_time,title,content,status) |
|
349
|
|
|
VALUES (?,?,?,?,?,?)"); |
|
350
|
|
|
$command->bindValue(1, $post->AuthorID); |
|
351
|
|
|
$command->bindValue(2, $post->CreateTime); |
|
352
|
|
|
$command->bindValue(3, $post->ModifyTime); |
|
353
|
|
|
$command->bindValue(4, $post->Title); |
|
354
|
|
|
$command->bindValue(5, $post->Content); |
|
355
|
|
|
$command->bindValue(6, $post->Status); |
|
356
|
|
|
|
|
357
|
|
|
$command->execute(); |
|
358
|
|
|
$post->ID=$this->_db->getLastInsertID(); |
|
359
|
|
|
foreach($catIDs as $catID) |
|
360
|
|
|
$this->insertPostCategory($post->ID,$catID); |
|
361
|
|
|
} |
|
362
|
|
|
|
|
363
|
|
|
public function updatePost($post,$newCatIDs=null) |
|
364
|
|
|
{ |
|
365
|
|
|
if($newCatIDs!==null) |
|
366
|
|
|
{ |
|
367
|
|
|
$cats=$this->queryCategoriesByPostID($post->ID); |
|
368
|
|
|
$catIDs=array(); |
|
369
|
|
|
foreach($cats as $cat) |
|
370
|
|
|
$catIDs[]=$cat->ID; |
|
371
|
|
|
$deleteIDs=array_diff($catIDs,$newCatIDs); |
|
372
|
|
|
foreach($deleteIDs as $id) |
|
373
|
|
|
$this->deletePostCategory($post->ID,$id); |
|
374
|
|
|
$insertIDs=array_diff($newCatIDs,$catIDs); |
|
375
|
|
|
foreach($insertIDs as $id) |
|
376
|
|
|
$this->insertPostCategory($post->ID,$id); |
|
377
|
|
|
} |
|
378
|
|
|
|
|
379
|
|
|
$command=$this->_db->createCommand("UPDATE tblPosts SET |
|
380
|
|
|
modify_time=?, |
|
381
|
|
|
title=?, |
|
382
|
|
|
content=?, |
|
383
|
|
|
status=? |
|
384
|
|
|
WHERE id=?"); |
|
385
|
|
|
$command->bindValue(1, $post->ModifyTime); |
|
386
|
|
|
$command->bindValue(2, $post->Title); |
|
387
|
|
|
$command->bindValue(3, $post->Content); |
|
388
|
|
|
$command->bindValue(4, $post->Status); |
|
389
|
|
|
$command->bindValue(5, $post->ID); |
|
390
|
|
|
|
|
391
|
|
|
$command->execute(); |
|
392
|
|
|
} |
|
393
|
|
|
|
|
394
|
|
|
public function deletePost($id) |
|
395
|
|
|
{ |
|
396
|
|
|
$cats=$this->queryCategoriesByPostID($id); |
|
397
|
|
|
foreach($cats as $cat) |
|
398
|
|
|
$this->deletePostCategory($id,$cat->ID); |
|
399
|
|
|
|
|
400
|
|
|
$command=$this->_db->createCommand("DELETE FROM tblComments WHERE post_id=?"); |
|
401
|
|
|
$command->bindValue(1, $id); |
|
402
|
|
|
$command->execute(); |
|
403
|
|
|
|
|
404
|
|
|
$command=$this->_db->createCommand("DELETE FROM tblPosts WHERE id=?"); |
|
405
|
|
|
$command->bindValue(1, $id); |
|
406
|
|
|
$command->execute(); |
|
407
|
|
|
} |
|
408
|
|
|
|
|
409
|
|
|
protected function populateCommentRecord($row) |
|
410
|
|
|
{ |
|
411
|
|
|
$commentRecord=new CommentRecord; |
|
412
|
|
|
$commentRecord->ID=(integer)$row['id']; |
|
413
|
|
|
$commentRecord->PostID=(integer)$row['post_id']; |
|
414
|
|
|
$commentRecord->AuthorName=$row['author_name']; |
|
415
|
|
|
$commentRecord->AuthorEmail=$row['author_email']; |
|
416
|
|
|
$commentRecord->AuthorWebsite=$row['author_website']; |
|
417
|
|
|
$commentRecord->AuthorIP=$row['author_ip']; |
|
418
|
|
|
$commentRecord->CreateTime=(integer)$row['create_time']; |
|
419
|
|
|
$commentRecord->Content=$row['content']; |
|
420
|
|
|
$commentRecord->Status=(integer)$row['status']; |
|
421
|
|
|
return $commentRecord; |
|
422
|
|
|
} |
|
423
|
|
|
|
|
424
|
|
View Code Duplication |
public function queryComments($filter,$orderBy,$limit) |
|
|
|
|
|
|
425
|
|
|
{ |
|
426
|
|
|
//FIXME this is insecure by design since it misses proper escaping |
|
427
|
|
|
if($filter!=='') |
|
428
|
|
|
$filter='WHERE '.$filter; |
|
429
|
|
|
$sql="SELECT * FROM tblComments $filter $orderBy $limit"; |
|
430
|
|
|
$rows=$this->query($sql); |
|
431
|
|
|
$comments=array(); |
|
432
|
|
|
foreach($rows as $row) |
|
433
|
|
|
$comments[]=$this->populateCommentRecord($row); |
|
434
|
|
|
return $comments; |
|
435
|
|
|
} |
|
436
|
|
|
|
|
437
|
|
View Code Duplication |
public function queryCommentsByPostID($id) |
|
|
|
|
|
|
438
|
|
|
{ |
|
439
|
|
|
$sql="SELECT * FROM tblComments WHERE post_id=? ORDER BY create_time DESC"; |
|
440
|
|
|
$command=$this->_db->createCommand($sql); |
|
441
|
|
|
$command->bindValue(1, $id); |
|
442
|
|
|
|
|
443
|
|
|
$rows=$command->query(); |
|
444
|
|
|
|
|
445
|
|
|
$comments=array(); |
|
446
|
|
|
foreach($rows as $row) |
|
447
|
|
|
$comments[]=$this->populateCommentRecord($row); |
|
448
|
|
|
return $comments; |
|
449
|
|
|
} |
|
450
|
|
|
|
|
451
|
|
|
public function insertComment($comment) |
|
452
|
|
|
{ |
|
453
|
|
|
$sql="INSERT INTO tblComments |
|
454
|
|
|
(post_id,author_name,author_email,author_website,author_ip,create_time,status,content) |
|
455
|
|
|
VALUES (?,?,?,?,?,?,?,?)"; |
|
456
|
|
|
$command=$this->_db->createCommand($sql); |
|
457
|
|
|
$command->bindValue(1, $comment->PostID); |
|
458
|
|
|
$command->bindValue(2, $comment->AuthorName); |
|
459
|
|
|
$command->bindValue(3, $comment->AuthorEmail); |
|
460
|
|
|
$command->bindValue(4, $comment->AuthorWebsite); |
|
461
|
|
|
$command->bindValue(5, $comment->AuthorIP); |
|
462
|
|
|
$command->bindValue(6, $comment->CreateTime); |
|
463
|
|
|
$command->bindValue(7, $comment->Status); |
|
464
|
|
|
$command->bindValue(8, $comment->Content); |
|
465
|
|
|
|
|
466
|
|
|
$command->execute(); |
|
467
|
|
|
$comment->ID=$this->_db->getLastInsertID(); |
|
468
|
|
|
$this->query("UPDATE tblPosts SET comment_count=comment_count+1 WHERE id={$comment->PostID}"); |
|
469
|
|
|
} |
|
470
|
|
|
|
|
471
|
|
View Code Duplication |
public function updateComment($comment) |
|
|
|
|
|
|
472
|
|
|
{ |
|
473
|
|
|
$sql="UPDATE tblComments SET status=? WHERE id=?"; |
|
474
|
|
|
$command=$this->_db->createCommand($sql); |
|
475
|
|
|
$command->bindValue(1, $comment->Status); |
|
476
|
|
|
$command->bindValue(2, $comment->ID); |
|
477
|
|
|
|
|
478
|
|
|
$command->execute(); |
|
479
|
|
|
} |
|
480
|
|
|
|
|
481
|
|
|
public function deleteComment($id) |
|
482
|
|
|
{ |
|
483
|
|
|
$sql="SELECT post_id FROM tblComments WHERE id=?"; |
|
484
|
|
|
$command=$this->_db->createCommand($sql); |
|
485
|
|
|
$command->bindValue(1, $id); |
|
486
|
|
|
$result=$command->query(); |
|
487
|
|
|
|
|
488
|
|
|
if(($row=$result->read())!==false) |
|
489
|
|
|
{ |
|
490
|
|
|
$command=$this->_db->createCommand("DELETE FROM tblComments WHERE id=?"); |
|
491
|
|
|
$command->bindValue(1, $id); |
|
492
|
|
|
$command->execute(); |
|
493
|
|
|
|
|
494
|
|
|
$command=$this->_db->createCommand("UPDATE tblPosts SET comment_count=comment_count-1 WHERE id=?"); |
|
495
|
|
|
$command->bindValue(1, $row['post_id']); |
|
496
|
|
|
$command->execute(); |
|
497
|
|
|
} |
|
498
|
|
|
} |
|
499
|
|
|
|
|
500
|
|
|
protected function populateCategoryRecord($row) |
|
501
|
|
|
{ |
|
502
|
|
|
$catRecord=new CategoryRecord; |
|
503
|
|
|
$catRecord->ID=(integer)$row['id']; |
|
504
|
|
|
$catRecord->Name=$row['name']; |
|
505
|
|
|
$catRecord->Description=$row['description']; |
|
506
|
|
|
$catRecord->PostCount=$row['post_count']; |
|
507
|
|
|
return $catRecord; |
|
508
|
|
|
} |
|
509
|
|
|
|
|
510
|
|
|
public function queryCategories() |
|
511
|
|
|
{ |
|
512
|
|
|
$sql="SELECT * FROM tblCategories ORDER BY name ASC"; |
|
513
|
|
|
$rows=$this->query($sql); |
|
514
|
|
|
$cats=array(); |
|
515
|
|
|
foreach($rows as $row) |
|
516
|
|
|
$cats[]=$this->populateCategoryRecord($row); |
|
517
|
|
|
return $cats; |
|
518
|
|
|
} |
|
519
|
|
|
|
|
520
|
|
View Code Duplication |
public function queryCategoriesByPostID($postID) |
|
|
|
|
|
|
521
|
|
|
{ |
|
522
|
|
|
$sql="SELECT a.id AS id, |
|
523
|
|
|
a.name AS name, |
|
524
|
|
|
a.description AS description, |
|
525
|
|
|
a.post_count AS post_count |
|
526
|
|
|
FROM tblCategories a, tblPost2Category b |
|
527
|
|
|
WHERE a.id=b.category_id AND b.post_id=? ORDER BY a.name"; |
|
528
|
|
|
|
|
529
|
|
|
$command=$this->_db->createCommand($sql); |
|
530
|
|
|
$command->bindValue(1, $postID); |
|
531
|
|
|
$rows=$command->query(); |
|
532
|
|
|
|
|
533
|
|
|
$cats=array(); |
|
534
|
|
|
foreach($rows as $row) |
|
535
|
|
|
$cats[]=$this->populateCategoryRecord($row); |
|
536
|
|
|
return $cats; |
|
537
|
|
|
} |
|
538
|
|
|
|
|
539
|
|
View Code Duplication |
public function queryCategoryByID($id) |
|
|
|
|
|
|
540
|
|
|
{ |
|
541
|
|
|
$sql="SELECT * FROM tblCategories WHERE id=?"; |
|
542
|
|
|
|
|
543
|
|
|
$command=$this->_db->createCommand($sql); |
|
544
|
|
|
$command->bindValue(1, $id); |
|
545
|
|
|
$result=$command->query(); |
|
546
|
|
|
|
|
547
|
|
|
if(($row=$result->read())!==false) |
|
548
|
|
|
return $this->populateCategoryRecord($row); |
|
549
|
|
|
else |
|
550
|
|
|
return null; |
|
551
|
|
|
} |
|
552
|
|
|
|
|
553
|
|
View Code Duplication |
public function queryCategoryByName($name) |
|
|
|
|
|
|
554
|
|
|
{ |
|
555
|
|
|
$sql="SELECT * FROM tblCategories WHERE name=?"; |
|
556
|
|
|
|
|
557
|
|
|
$command=$this->_db->createCommand($sql); |
|
558
|
|
|
$command->bindValue(1, $name); |
|
559
|
|
|
$result=$command->query(); |
|
560
|
|
|
|
|
561
|
|
|
if(($row=$result->read())!==false) |
|
562
|
|
|
return $this->populateCategoryRecord($row); |
|
563
|
|
|
else |
|
564
|
|
|
return null; |
|
565
|
|
|
} |
|
566
|
|
|
|
|
567
|
|
View Code Duplication |
public function insertCategory($category) |
|
|
|
|
|
|
568
|
|
|
{ |
|
569
|
|
|
$sql="INSERT INTO tblCategories |
|
570
|
|
|
(name,description) |
|
571
|
|
|
VALUES (?,?)"; |
|
572
|
|
|
|
|
573
|
|
|
$command=$this->_db->createCommand($sql); |
|
574
|
|
|
$command->bindValue(1, $category->Name); |
|
575
|
|
|
$command->bindValue(2, $category->Description); |
|
576
|
|
|
$command->execute(); |
|
577
|
|
|
|
|
578
|
|
|
$category->ID=$this->_db->getLastInsertID(); |
|
579
|
|
|
} |
|
580
|
|
|
|
|
581
|
|
|
public function updateCategory($category) |
|
582
|
|
|
{ |
|
583
|
|
|
$sql="UPDATE tblCategories SET name=?, description=?, post_count=? WHERE id=?"; |
|
584
|
|
|
|
|
585
|
|
|
$command=$this->_db->createCommand($sql); |
|
586
|
|
|
$command->bindValue(1, $category->Name); |
|
587
|
|
|
$command->bindValue(2, $category->Description); |
|
588
|
|
|
$command->bindValue(3, $category->PostCount); |
|
589
|
|
|
$command->bindValue(4, $category->ID); |
|
590
|
|
|
|
|
591
|
|
|
$command->execute(); |
|
592
|
|
|
} |
|
593
|
|
|
|
|
594
|
|
|
public function deleteCategory($id) |
|
595
|
|
|
{ |
|
596
|
|
|
$sql="DELETE FROM tblPost2Category WHERE category_id=?"; |
|
597
|
|
|
$command=$this->_db->createCommand($sql); |
|
598
|
|
|
$command->bindValue(1, $id); |
|
599
|
|
|
$command->execute(); |
|
600
|
|
|
|
|
601
|
|
|
$sql="DELETE FROM tblCategories WHERE id=?"; |
|
602
|
|
|
$command=$this->_db->createCommand($sql); |
|
603
|
|
|
$command->bindValue(1, $id); |
|
604
|
|
|
$command->execute(); |
|
605
|
|
|
} |
|
606
|
|
|
|
|
607
|
|
View Code Duplication |
public function insertPostCategory($postID,$categoryID) |
|
|
|
|
|
|
608
|
|
|
{ |
|
609
|
|
|
$sql="INSERT INTO tblPost2Category (post_id, category_id) VALUES (?, ?)"; |
|
610
|
|
|
$command=$this->_db->createCommand($sql); |
|
611
|
|
|
$command->bindValue(1, $postID); |
|
612
|
|
|
$command->bindValue(2, $categoryID); |
|
613
|
|
|
$command->execute(); |
|
614
|
|
|
|
|
615
|
|
|
$sql="UPDATE tblCategories SET post_count=post_count+1 WHERE id=?"; |
|
616
|
|
|
$command=$this->_db->createCommand($sql); |
|
617
|
|
|
$command->bindValue(1, $categoryID); |
|
618
|
|
|
$command->execute(); |
|
619
|
|
|
|
|
620
|
|
|
} |
|
621
|
|
|
|
|
622
|
|
View Code Duplication |
public function deletePostCategory($postID,$categoryID) |
|
|
|
|
|
|
623
|
|
|
{ |
|
624
|
|
|
$sql="DELETE FROM tblPost2Category WHERE post_id=? AND category_id=?"; |
|
625
|
|
|
$command=$this->_db->createCommand($sql); |
|
626
|
|
|
$command->bindValue(1, $postID); |
|
627
|
|
|
$command->bindValue(2, $categoryID); |
|
628
|
|
|
$result=$command->query(); |
|
629
|
|
|
|
|
630
|
|
|
if($result->getRowCount()>0) |
|
631
|
|
|
{ |
|
632
|
|
|
$sql="UPDATE tblCategories SET post_count=post_count-1 WHERE id=?"; |
|
633
|
|
|
$command=$this->_db->createCommand($sql); |
|
634
|
|
|
$command->bindValue(1, $categoryID); |
|
635
|
|
|
$command->execute(); |
|
636
|
|
|
} |
|
637
|
|
|
} |
|
638
|
|
|
|
|
639
|
|
|
public function queryEarliestPostTime() |
|
640
|
|
|
{ |
|
641
|
|
|
$sql="SELECT MIN(create_time) AS create_time FROM tblPosts"; |
|
642
|
|
|
$result=$this->query($sql); |
|
643
|
|
|
if(($row=$result->read())!==false) |
|
644
|
|
|
return $row['create_time']; |
|
645
|
|
|
else |
|
646
|
|
|
return time(); |
|
647
|
|
|
} |
|
648
|
|
|
} |
|
649
|
|
|
|
|
650
|
|
|
class UserRecord |
|
651
|
|
|
{ |
|
652
|
|
|
const ROLE_USER=0; |
|
653
|
|
|
const ROLE_ADMIN=1; |
|
654
|
|
|
const STATUS_NORMAL=0; |
|
655
|
|
|
const STATUS_DISABLED=1; |
|
656
|
|
|
const STATUS_PENDING=2; |
|
657
|
|
|
public $ID; |
|
658
|
|
|
public $Name; |
|
659
|
|
|
public $FullName; |
|
660
|
|
|
public $Role; |
|
661
|
|
|
public $Password; |
|
662
|
|
|
public $VerifyCode; |
|
663
|
|
|
public $Email; |
|
664
|
|
|
public $CreateTime; |
|
665
|
|
|
public $Status; |
|
666
|
|
|
public $Website; |
|
667
|
|
|
} |
|
668
|
|
|
|
|
669
|
|
|
class PostRecord |
|
670
|
|
|
{ |
|
671
|
|
|
const STATUS_PUBLISHED=0; |
|
672
|
|
|
const STATUS_DRAFT=1; |
|
673
|
|
|
const STATUS_PENDING=2; |
|
674
|
|
|
const STATUS_STICKY=3; |
|
675
|
|
|
public $ID; |
|
676
|
|
|
public $AuthorID; |
|
677
|
|
|
public $AuthorName; |
|
678
|
|
|
public $CreateTime; |
|
679
|
|
|
public $ModifyTime; |
|
680
|
|
|
public $Title; |
|
681
|
|
|
public $Content; |
|
682
|
|
|
public $Status; |
|
683
|
|
|
public $CommentCount; |
|
684
|
|
|
} |
|
685
|
|
|
|
|
686
|
|
|
class CommentRecord |
|
687
|
|
|
{ |
|
688
|
|
|
public $ID; |
|
689
|
|
|
public $PostID; |
|
690
|
|
|
public $AuthorName; |
|
691
|
|
|
public $AuthorEmail; |
|
692
|
|
|
public $AuthorWebsite; |
|
693
|
|
|
public $AuthorIP; |
|
694
|
|
|
public $CreateTime; |
|
695
|
|
|
public $Status; |
|
696
|
|
|
public $Content; |
|
697
|
|
|
} |
|
698
|
|
|
|
|
699
|
|
|
class CategoryRecord |
|
700
|
|
|
{ |
|
701
|
|
|
public $ID; |
|
702
|
|
|
public $Name; |
|
703
|
|
|
public $Description; |
|
704
|
|
|
public $PostCount; |
|
705
|
|
|
} |
|
706
|
|
|
|
|
707
|
|
|
|
pradosoft /
prado
Loading history...
An attempt at access to an undefined property has been detected. This may either be a typographical error or the property has been renamed but there are still references to its old name.
If you really want to allow access to undefined properties, you can define magic methods to allow access. See the php core documentation on Overloading.