diff --git a/protected/BlogUser.php b/protected/BlogUser.php new file mode 100644 index 0000000..4cbadf6 --- /dev/null +++ b/protected/BlogUser.php @@ -0,0 +1,57 @@ +findByPk($username); + if($userRecord instanceof UserRecord) // if found + { + $user=new BlogUser($this->Manager); + $user->Name=$username; // set username + $user->Roles=($userRecord->role==1?'admin':'user'); // set role + $user->IsGuest=false; // the user is not a guest + return $user; + } + else + return null; + } + + /** + * Checks if the specified (username, password) is valid. + * This method is required by TDbUser. + * @param string username + * @param string password + * @return boolean whether the username and password are valid. + */ + public function validateUser($username,$password) + { + // use UserRecord Active Record to look for the (username, password) pair. + return UserRecord::finder()->findBy_username_AND_password($username,$password)!==null; + } + + /** + * @return boolean whether this user is an administrator. + */ + public function getIsAdmin() + { + return $this->isInRole('admin'); + } +} +?> \ No newline at end of file diff --git a/protected/application.xml b/protected/application.xml index 7fd5689..de87944 100644 --- a/protected/application.xml +++ b/protected/application.xml @@ -1,12 +1,10 @@ - @@ -23,11 +21,25 @@ --> + + + + + + + + + - + diff --git a/protected/data/blog.db b/protected/data/blog.db new file mode 100644 index 0000000..987fd73 Binary files /dev/null and b/protected/data/blog.db differ diff --git a/protected/database/PostRecord.php b/protected/database/PostRecord.php new file mode 100644 index 0000000..32d0ae6 --- /dev/null +++ b/protected/database/PostRecord.php @@ -0,0 +1,28 @@ + array(self::BELONGS_TO, 'UserRecord'), + ); +} +?> \ No newline at end of file diff --git a/protected/database/UserRecord.php b/protected/database/UserRecord.php new file mode 100644 index 0000000..0ca6c25 --- /dev/null +++ b/protected/database/UserRecord.php @@ -0,0 +1,28 @@ + array(self::HAS_MANY, 'PostRecord'), + ); +} +?> \ No newline at end of file diff --git a/protected/layouts/MainLayout.php b/protected/layouts/MainLayout.php index add9810..cc39a46 100644 --- a/protected/layouts/MainLayout.php +++ b/protected/layouts/MainLayout.php @@ -1,5 +1,17 @@ Application->getModule('auth')->logout(); + $url=$this->Service->constructUrl($this->Service->DefaultPage); + $this->Response->redirect($url); + } } ?> \ No newline at end of file diff --git a/protected/layouts/MainLayout.tpl b/protected/layouts/MainLayout.tpl index ed206f9..450dc79 100644 --- a/protected/layouts/MainLayout.tpl +++ b/protected/layouts/MainLayout.tpl @@ -13,6 +13,15 @@ diff --git a/protected/pages/posts/ListPost.page b/protected/pages/posts/ListPost.page new file mode 100644 index 0000000..b499243 --- /dev/null +++ b/protected/pages/posts/ListPost.page @@ -0,0 +1,10 @@ + + + + +Insert title here + + + + + \ No newline at end of file diff --git a/protected/pages/posts/ListPost.php b/protected/pages/posts/ListPost.php new file mode 100644 index 0000000..15c5adc --- /dev/null +++ b/protected/pages/posts/ListPost.php @@ -0,0 +1,3 @@ + \ No newline at end of file diff --git a/protected/pages/users/AdminUser.page b/protected/pages/users/AdminUser.page new file mode 100644 index 0000000..8dec25d --- /dev/null +++ b/protected/pages/users/AdminUser.page @@ -0,0 +1,40 @@ +<%@ Title="My Blog - Manage User Accounts" %> + + + +

Manage User Accounts

+ +Create New User +
+ + + + + # + $this->Service->constructUrl('users.EditUser',array('username'=>{0})) + + + + + + + + + + + + \ No newline at end of file diff --git a/protected/pages/users/AdminUser.php b/protected/pages/users/AdminUser.php new file mode 100644 index 0000000..c78a00a --- /dev/null +++ b/protected/pages/users/AdminUser.php @@ -0,0 +1,34 @@ +UserGrid->DataSource=UserRecord::finder()->findAll(); + // binds the data to interface components + $this->UserGrid->dataBind(); + } + + /** + * Deletes a specified user record. + * This method responds to the datagrid's OnDeleteCommand event. + * @param TDataGrid the event sender + * @param TDataGridCommandEventParameter the event parameter + */ + public function deleteButtonClicked($sender,$param) + { + // obtains the datagrid item that contains the clicked delete button + $item=$param->Item; + // obtains the primary key corresponding to the datagrid item + $username=$this->UserGrid->DataKeys[$item->ItemIndex]; + // deletes the user record with the specified username primary key + UserRecord::finder()->deleteByPk($username); + } +} +?> \ No newline at end of file diff --git a/protected/pages/users/EditUser.page b/protected/pages/users/EditUser.page new file mode 100644 index 0000000..0fd71d1 --- /dev/null +++ b/protected/pages/users/EditUser.page @@ -0,0 +1,61 @@ +<%@ Title="My Blog - Edit User" %> + + + +

Edit User

+ +Username: + + +
+Password: +
+ + +
+Re-type Password: + +
+ + +
+Email Address: + + +
+ + + +
+Role: +
+ + + + + + +
+First Name: +
+ + +
+Last Name: +
+ + +
+ + + \ No newline at end of file diff --git a/protected/pages/users/EditUser.php b/protected/pages/users/EditUser.php new file mode 100644 index 0000000..d7a39c4 --- /dev/null +++ b/protected/pages/users/EditUser.php @@ -0,0 +1,81 @@ +IsPostBack) // if the page is initially requested + { + // Retrieves the existing user data. This is equivalent to: + // $userRecord=$this->getUserRecord(); + $userRecord=$this->UserRecord; + + // Populates the input controls with the existing user data + $this->Username->Text=$userRecord->username; + $this->Email->Text=$userRecord->email; + $this->Role->SelectedValue=$userRecord->role; + $this->FirstName->Text=$userRecord->first_name; + $this->LastName->Text=$userRecord->last_name; + } + } + + /** + * Saves the user account if all inputs are valid. + * This method responds to the OnClick event of the "save" button. + * @param mixed event sender + * @param mixed event parameter + */ + public function saveButtonClicked($sender,$param) + { + if($this->IsValid) // when all validations succeed + { + // Retrieves the existing user data. This is equivalent to: + $userRecord=$this->UserRecord; + + // Fetches the input data + $userRecord->username=$this->Username->Text; + // update password when the input is not empty + if(!empty($this->Password->Text)) + $userRecord->password=$this->Password->Text; + $userRecord->email=$this->Email->Text; + // update the role if the current user is an administrator + if($this->User->IsAdmin) + $userRecord->role=(int)$this->Role->SelectedValue; + $userRecord->first_name=$this->FirstName->Text; + $userRecord->last_name=$this->LastName->Text; + + // saves to the database via Active Record mechanism + $userRecord->save(); + + // redirects the browser to the homepage + $this->Response->redirect($this->Service->DefaultPageUrl); + } + } + + /** + * Returns the user data to be editted. + * @return UserRecord the user data to be editted. + * @throws THttpException if the user data is not found. + */ + protected function getUserRecord() + { + // the user to be editted is the currently logged-in user + $username=$this->User->Name; + // if the 'username' GET var is not empty and the current user + // is an administrator, we use the GET var value instead. + if($this->User->IsAdmin && $this->Request['username']!==null) + $username=$this->Request['username']; + + // use Active Record to look for the specified username + $userRecord=UserRecord::finder()->findByPk($username); + if(!($userRecord instanceof UserRecord)) + throw new THttpException(500,'Username is invalid.'); + return $userRecord; + } +} +?> \ No newline at end of file diff --git a/protected/pages/users/LoginUser.page b/protected/pages/users/LoginUser.page new file mode 100644 index 0000000..b668c41 --- /dev/null +++ b/protected/pages/users/LoginUser.page @@ -0,0 +1,28 @@ +<%@ Title="My Blog - Login" %> + + + +

Login

+ +Username: + +
+ + +
+Password: + +
+ + +
+ + + \ No newline at end of file diff --git a/protected/pages/users/LoginUser.php b/protected/pages/users/LoginUser.php new file mode 100644 index 0000000..d4126a0 --- /dev/null +++ b/protected/pages/users/LoginUser.php @@ -0,0 +1,35 @@ +Application->getModule('auth'); + if(!$authManager->login($this->Username->Text,$this->Password->Text)) + $param->IsValid=false; // tell the validator that validation fails + } + + /** + * Redirects the user's browser to appropriate URL if login succeeds. + * This method responds to the login button's OnClick event. + * @param mixed event sender + * @param mixed event parameter + */ + public function loginButtonClicked($sender,$param) + { + if($this->Page->IsValid) // all validations succeed + { + // obtain the URL of the privileged page that the user wanted to visit originally + $url=$this->Application->getModule('auth')->ReturnUrl; + if(empty($url)) // the user accesses the login page directly + $url=$this->Service->DefaultPageUrl; + $this->Response->redirect($url); + } + } +} +?> \ No newline at end of file diff --git a/protected/pages/users/NewUser.page b/protected/pages/users/NewUser.page new file mode 100644 index 0000000..b4590b4 --- /dev/null +++ b/protected/pages/users/NewUser.page @@ -0,0 +1,73 @@ +<%@ Title="My Blog - New User" %> + + + +

Create New User

+ +Username: + + +
+ + +
+Password: + +
+ + +
+Re-type Password: + +
+ + +
+Email Address: + + +
+ + +
+Role: +
+ + + + + +
+First Name: +
+ + +
+Last Name: +
+ + +
+ + + \ No newline at end of file diff --git a/protected/pages/users/NewUser.php b/protected/pages/users/NewUser.php new file mode 100644 index 0000000..9e7d665 --- /dev/null +++ b/protected/pages/users/NewUser.php @@ -0,0 +1,43 @@ +IsValid=UserRecord::finder()->findByPk($this->Username->Text)===null; + } + + /** + * Creates a new user account if all inputs are valid. + * This method responds to the OnClick event of the "create" button. + * @param mixed event sender + * @param mixed event parameter + */ + public function createButtonClicked($sender,$param) + { + if($this->IsValid) // when all validations succeed + { + // populates a UserRecord object with user inputs + $userRecord=new UserRecord; + $userRecord->username=$this->Username->Text; + $userRecord->password=$this->Password->Text; + $userRecord->email=$this->Email->Text; + $userRecord->role=(int)$this->Role->SelectedValue; + $userRecord->first_name=$this->FirstName->Text; + $userRecord->last_name=$this->LastName->Text; + + // saves to the database via Active Record mechanism + $userRecord->save(); + + // redirects the browser to the homepage + $this->Response->redirect($this->Service->DefaultPageUrl); + } + } +} +?> \ No newline at end of file diff --git a/protected/pages/users/config.xml b/protected/pages/users/config.xml new file mode 100644 index 0000000..9fcfd3c --- /dev/null +++ b/protected/pages/users/config.xml @@ -0,0 +1,7 @@ + + + + + + + \ No newline at end of file diff --git a/protected/schema.sql b/protected/schema.sql new file mode 100644 index 0000000..463fab3 --- /dev/null +++ b/protected/schema.sql @@ -0,0 +1,25 @@ +/* create users table */ +CREATE TABLE users ( + username VARCHAR(128) NOT NULL PRIMARY KEY, + email VARCHAR(128) NOT NULL, + password VARCHAR(128) NOT NULL, /* in plain text */ + role INTEGER NOT NULL, /* 0: normal user, 1: administrator */ + first_name VARCHAR(128), + last_name VARCHAR(128) +); + +/* create posts table */ +CREATE TABLE posts ( + post_id INTEGER NOT NULL PRIMARY KEY, + author_id VARCHAR(128) NOT NULL + CONSTRAINT fk_author REFERENCES users(username), + create_time INTEGER NOT NULL, /* UNIX timestamp */ + title VARCHAR(256) NOT NULL, /* title of the post */ + content TEXT, /* post body */ + status INTEGER NOT NULL /* 0: published; 1: draft; 2: pending; 2: denied */ +); + +/* insert some initial data records for testing */ +INSERT INTO users VALUES ('admin', 'admin@example.com', 'demo', 1, 'Scott', 'Alfter'); +INSERT INTO users VALUES ('demo', 'demo@example.com', 'demo', 0, 'Foo', 'Bar'); +INSERT INTO posts VALUES (NULL, 'admin', 1175708482, 'first post', 'this is my first post', 0);