206 lines
6.0 KiB
PHP
Executable File
206 lines
6.0 KiB
PHP
Executable File
<?php
|
|
|
|
namespace Controllers;
|
|
|
|
use Core\Controller;
|
|
use Models\PostModel;
|
|
use Models\TagModel;
|
|
use function isAdmin;
|
|
|
|
class AdminController extends Controller
|
|
{
|
|
private $postModel;
|
|
private $tagModel;
|
|
|
|
public function __construct()
|
|
{
|
|
parent::__construct();
|
|
$this->postModel = new PostModel();
|
|
$this->tagModel = new TagModel();
|
|
}
|
|
|
|
// Control panel index page
|
|
public function index()
|
|
{
|
|
if (!isAdmin()) {
|
|
header('Location: ' . HOME_DIRECTORY . 'index.php?url=auth/login');
|
|
exit;
|
|
}
|
|
|
|
$postsPerPage = MAX_POSTS_PER_PAGE;
|
|
if ($postsPerPage < 1) {
|
|
$postsPerPage = 5; // fallback
|
|
}
|
|
|
|
// Get the current page
|
|
$page = isset($_GET['page']) ? (int)$_GET['page'] : 1;
|
|
if ($page < 1) {
|
|
$page = 1;
|
|
}
|
|
|
|
$totalPosts = $this->postModel->countAll();
|
|
|
|
$totalPages = ceil($totalPosts / $postsPerPage);
|
|
if ($totalPages < 1) {
|
|
$totalPages = 1;
|
|
}
|
|
|
|
$offset = ($page - 1) * $postsPerPage;
|
|
|
|
$posts = $this->postModel->getPaginated($offset, $postsPerPage);
|
|
|
|
$this->view->render('admin/index.php', [
|
|
'posts' => $posts,
|
|
'totalPages' => $totalPages,
|
|
'currentPage' => $page
|
|
]);
|
|
}
|
|
|
|
|
|
// Creating new post
|
|
// controllers/AdminController.php
|
|
|
|
public function create()
|
|
{
|
|
if (!isAdmin()) {
|
|
die("Access denied");
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$title = $_POST['title'] ?? '';
|
|
$content = $_POST['content'] ?? '';
|
|
$tags = $_POST['tags'] ?? '';
|
|
|
|
// Date handling
|
|
$created_at_input = $_POST['created_at'] ?? '';
|
|
|
|
// Если админ ничего не ввёл, мы передадим null => модель сама подставит текущую дату
|
|
// Если ввёл, преобразуем к формату Y-m-d H:i:s
|
|
$created_at = null;
|
|
if (!empty($created_at_input)) {
|
|
$created_at = date('Y-m-d H:i:s', strtotime($created_at_input));
|
|
}
|
|
|
|
// TODO: move allowed tags to the config file
|
|
$allowed_tags = '<b><i><u><strong><em><p><br><ul><ol><li><blockquote><code><pre><img><a>';
|
|
$sanitizedContent = strip_tags($content, $allowed_tags);
|
|
|
|
// Creating a post
|
|
$postId = $this->postModel->create($title, $sanitizedContent, $created_at);
|
|
|
|
// Handling tags
|
|
$tagNames = array_map('trim', explode(',', $tags));
|
|
foreach ($tagNames as $tagName) {
|
|
if ($tagName !== '') {
|
|
$tagId = $this->tagModel->createIfNotExists($tagName);
|
|
$this->tagModel->addTagToPost($postId, $tagId);
|
|
}
|
|
}
|
|
|
|
header('Location: ' . HOME_DIRECTORY . 'index.php');
|
|
exit;
|
|
}
|
|
|
|
$this->view->render('admin/create.php', []);
|
|
}
|
|
|
|
// Post editing
|
|
public function edit($id)
|
|
{
|
|
if (!isAdmin()) {
|
|
die("Access denied");
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$title = $_POST['title'] ?? '';
|
|
$content = $_POST['content'] ?? '';
|
|
$created_at_input = $_POST['created_at'] ?? '';
|
|
$tags = $_POST['tags'] ?? '';
|
|
|
|
// Преобразуем или оставляем null
|
|
$created_at = null;
|
|
if (!empty($created_at_input)) {
|
|
$created_at = date('Y-m-d H:i:s', strtotime($created_at_input));
|
|
}
|
|
|
|
$contentWithPlaceholder = str_replace('<!--more-->', '[MORE_MARKER]', $content);
|
|
$allowed_tags = '<b><i><u><strong><em><p><br><ul><ol><li><blockquote><code><pre><img><a>';
|
|
$sanitizedContent = strip_tags($contentWithPlaceholder, $allowed_tags);
|
|
$sanitizedContent = str_replace('[MORE_MARKER]', '<!--more-->', $sanitizedContent);
|
|
|
|
$this->postModel->update($id, $title, $sanitizedContent, $created_at);
|
|
|
|
$this->tagModel->removeAllTagsFromPost($id);
|
|
|
|
$tagNames = array_map('trim', explode(',', $tags));
|
|
foreach ($tagNames as $tagName) {
|
|
if (!empty($tagName)) {
|
|
// если тег не пустой
|
|
$tagId = $this->tagModel->createIfNotExists($tagName);
|
|
$this->tagModel->addTagToPost($id, $tagId);
|
|
}
|
|
}
|
|
|
|
header('Location: ' . HOME_DIRECTORY . 'index.php');
|
|
exit;
|
|
}
|
|
|
|
$post = $this->postModel->getById($id);
|
|
if (!$post) {
|
|
die("Пост не найден");
|
|
}
|
|
|
|
$this->view->render('admin/edit.php', ['post' => $post]);
|
|
}
|
|
|
|
// Post deletion
|
|
public function delete($id)
|
|
{
|
|
if (!isAdmin()) {
|
|
die("Access denied");
|
|
}
|
|
|
|
$this->postModel->delete($id);
|
|
header('Location: ' . HOME_DIRECTORY . 'index.php?url=admin/index');
|
|
exit;
|
|
}
|
|
|
|
public function hide($id)
|
|
{
|
|
if (!isAdmin()) {
|
|
die("Access denied");
|
|
}
|
|
|
|
$this->postModel->hide($id);
|
|
header('Location: ' . HOME_DIRECTORY . 'index.php?url=admin/index');
|
|
exit;
|
|
}
|
|
|
|
public function restore($id)
|
|
{
|
|
if (!isAdmin()) {
|
|
die("Access denied");
|
|
}
|
|
|
|
$this->postModel->restore($id);
|
|
header('Location: ' . HOME_DIRECTORY . 'index.php?url=admin/hidden');
|
|
exit;
|
|
}
|
|
|
|
public function hidden()
|
|
{
|
|
if (!isAdmin()) {
|
|
die("Access denied");
|
|
}
|
|
|
|
// Fetch all hidden posts
|
|
$posts = $this->postModel->getHidden();
|
|
|
|
// Render a special template, or reuse admin/index with a different set of posts
|
|
$this->view->render('admin/hidden.php', [
|
|
'posts' => $posts
|
|
]);
|
|
}
|
|
|
|
|
|
} |