postModel = new PostModel(); $this->tagModel = new TagModel(); } // Control panel index page public function index() { if (!isAdmin()) { header('Location: ' . HOME_DIRECTORY . 'index.php?url=auth/login'); exit; } $postsPerPage = MAX_POSTS_PER_PAGE; if ($postsPerPage < 1) { $postsPerPage = 5; // fallback } // Get the current page $page = isset($_GET['page']) ? (int)$_GET['page'] : 1; if ($page < 1) { $page = 1; } $totalPosts = $this->postModel->countAll(); $totalPages = ceil($totalPosts / $postsPerPage); if ($totalPages < 1) { $totalPages = 1; } $offset = ($page - 1) * $postsPerPage; $posts = $this->postModel->getPaginated($offset, $postsPerPage); $this->view->render('admin/index.php', [ 'posts' => $posts, 'totalPages' => $totalPages, 'currentPage' => $page ]); } // Creating new post // controllers/AdminController.php public function create() { if (!isAdmin()) { die("Access denied"); } if ($_SERVER['REQUEST_METHOD'] === 'POST') { $title = $_POST['title'] ?? ''; $content = $_POST['content'] ?? ''; $tags = $_POST['tags'] ?? ''; // Date handling $created_at_input = $_POST['created_at'] ?? ''; // Если админ ничего не ввёл, мы передадим null => модель сама подставит текущую дату // Если ввёл, преобразуем к формату Y-m-d H:i:s $created_at = null; if (!empty($created_at_input)) { $created_at = date('Y-m-d H:i:s', strtotime($created_at_input)); } // TODO: move allowed tags to the config file $allowed_tags = '
'; $sanitizedContent = strip_tags($content, $allowed_tags); // Creating a post $postId = $this->postModel->create($title, $sanitizedContent, $created_at); // Handling tags $tagNames = array_map('trim', explode(',', $tags)); foreach ($tagNames as $tagName) { if ($tagName !== '') { $tagId = $this->tagModel->createIfNotExists($tagName); $this->tagModel->addTagToPost($postId, $tagId); } } header('Location: ' . HOME_DIRECTORY . 'index.php'); exit; } $this->view->render('admin/create.php', []); } // Post editing public function edit($id) { if (!isAdmin()) { die("Access denied"); } if ($_SERVER['REQUEST_METHOD'] === 'POST') { $title = $_POST['title'] ?? ''; $content = $_POST['content'] ?? ''; $created_at_input = $_POST['created_at'] ?? ''; $tags = $_POST['tags'] ?? ''; // Преобразуем или оставляем null $created_at = null; if (!empty($created_at_input)) { $created_at = date('Y-m-d H:i:s', strtotime($created_at_input)); } $contentWithPlaceholder = str_replace('', '[MORE_MARKER]', $content); $allowed_tags = ' '; $sanitizedContent = strip_tags($contentWithPlaceholder, $allowed_tags); $sanitizedContent = str_replace('[MORE_MARKER]', '', $sanitizedContent); $this->postModel->update($id, $title, $sanitizedContent, $created_at); $this->tagModel->removeAllTagsFromPost($id); $tagNames = array_map('trim', explode(',', $tags)); foreach ($tagNames as $tagName) { if (!empty($tagName)) { // если тег не пустой $tagId = $this->tagModel->createIfNotExists($tagName); $this->tagModel->addTagToPost($id, $tagId); } } header('Location: ' . HOME_DIRECTORY . 'index.php'); exit; } $post = $this->postModel->getById($id); if (!$post) { die("Пост не найден"); } $this->view->render('admin/edit.php', ['post' => $post]); } // Post deletion public function delete($id) { if (!isAdmin()) { die("Access denied"); } $this->postModel->delete($id); header('Location: ' . HOME_DIRECTORY . 'index.php?url=admin/index'); exit; } public function hide($id) { if (!isAdmin()) { die("Access denied"); } $this->postModel->hide($id); header('Location: ' . HOME_DIRECTORY . 'index.php?url=admin/index'); exit; } public function restore($id) { if (!isAdmin()) { die("Access denied"); } $this->postModel->restore($id); header('Location: ' . HOME_DIRECTORY . 'index.php?url=admin/hidden'); exit; } public function hidden() { if (!isAdmin()) { die("Access denied"); } // Fetch all hidden posts $posts = $this->postModel->getHidden(); // Render a special template, or reuse admin/index with a different set of posts $this->view->render('admin/hidden.php', [ 'posts' => $posts ]); } }