Finish off article admin pages. Bit ugly but 🤷

mydnshost · Mar 10, 2019 · f2206c4 · f2206c4
1 parent 86686c1
commit f2206c4
Show file tree

Hide file tree

Showing 6 changed files with 145 additions and 27 deletions.
diff --git a/mydnshost-php-api b/mydnshost-php-api
diff --git a/public/index.php b/public/index.php
@@ -107,7 +107,7 @@
 
 		if (!array_key_exists('csrftoken', $_POST) || empty($_POST['csrftoken']) || $_POST['csrftoken'] != session::get('csrftoken')) {
 			header('HTTP/1.1 403 Forbidden');
-			die('Invalid CSRF Token');
+			die('Invalid CSRF Token.');
 		}
 	});
 

diff --git a/src/routes/AdminRoutes.php b/src/routes/AdminRoutes.php
@@ -208,33 +208,84 @@ public function addRoutes($router, $displayEngine, $api) {
 					$displayEngine->display('admin/articles.tpl');
 				});
 
-				$router->get('/admin/articles/(.*)', function($articleid) use ($displayEngine, $api) {
-					$displayEngine->setPageID('/admin/articles')->setTitle('Admin :: Articles :: ' . $articleid);
+				$router->get('/admin/articles/(create|[0-9]+)', function($articleid) use ($displayEngine, $api) {
+					$error = false;
+
+					if ($articleid == 'create') {
+						$displayEngine->setPageID('/admin/articles')->setTitle('Admin :: Articles :: Create');
+						$displayEngine->setVar('create', true);
+					} else {
+						$displayEngine->setPageID('/admin/articles')->setTitle('Admin :: Articles :: ' . $articleid);
+						$article = $api->getArticle($articleid);
+						if (isset($article['id'])) {
+							$displayEngine->setVar('article', $article);
+						} else {
+							$error = true;
+						}
+					}
 
-					$article = $api->getArticle($articleid);
-					$displayEngine->setVar('article', $article);
 					$displayEngine->setVar('time', time());
 
-					$displayEngine->display('admin/article.tpl');
+					if ($error) {
+						$displayEngine->flash('error', '', 'No such article ID: ' . $articleid);
+						header('Location: ' . $displayEngine->getURL('/admin/articles'));
+					} else {
+						$displayEngine->display('admin/article.tpl');
+					}
 				});
 
-				$router->post('/admin/articles/(.*)', function($articleid) use ($displayEngine, $api) {
+				$router->post('/admin/articles/(create|[0-9]+)', function($articleid) use ($displayEngine, $api) {
+					$fields = ['title' => 'You must specify a title.',
+					           'content' => 'You must specify content.',
+					           'visiblefrom' => 'You must specify visible from.',
+					           'visibleuntil' => 'You must specify visible until.',
+					          ];
 
-				});
+					$canUpdate = true;
 
-				$router->post('/admin/articles/(.*)/delete', function($articleid) use ($displayEngine, $api) {
+					$create = ($articleid == 'create');
 
-				});
+					foreach ($fields as $field => $error) {
+						if (!array_key_exists($field, $_POST) || ($_POST[$field] != "0" && empty($_POST[$field]))) {
+							$canUpdate = false;
+							$displayEngine->flash('error', '', 'There was an error updating the article: ' . $error);
+							break;
+						}
+					}
 
-				$router->get('/admin/articles/create', function() use ($displayEngine, $api) {
-					$displayEngine->setPageID('/admin/articles')->setTitle('Admin :: Articles :: Create');
-					$displayEngine->setVar('create', true);
-					$displayEngine->setVar('time', time());
-					$displayEngine->display('admin/article.tpl');
+					if ($canUpdate) {
+						$result = ($create ? $api->createArticle($_POST) : $api->updateArticle($articleid, $_POST));
+
+						if (array_key_exists('error', $result)) {
+							$errorData = $result['error'];
+							if (array_key_exists('errorData', $result)) {
+								$errorData .= ' => ' . is_array($result['errorData']) ? implode(' / ', $result['errorData']) : $result['errorData'];
+							}
+							if ($create) {
+								$displayEngine->flash('error', '', 'There was an error creating the article: ' . $errorData);
+							} else {
+								$displayEngine->flash('error', '', 'There was an error updating the article: ' . $errorData);
+							}
+						} else {
+							if ($create) {
+								$displayEngine->flash('success', '', 'New article has been created');
+							} else {
+								$displayEngine->flash('success', '', 'Article has been updated');
+							}
+							header('Location: ' . $displayEngine->getURL('/admin/articles'));
+							return;
+						}
+					}
+
+					header('Location: ' . $displayEngine->getURL('/admin/articles'));
+					return;
 				});
 
-				$router->post('/admin/articles/create', function() use ($displayEngine, $api) {
+				$router->post('/admin/articles/([0-9]+)/delete', function($articleid) use ($displayEngine, $api) {
+					$result = $api->deleteArticle($articleid);
 
+					header('Content-Type: application/json');
+					echo json_encode($result);
 				});
 			}
 

diff --git a/templates/default/admin/article.tpl b/templates/default/admin/article.tpl
@@ -1,6 +1,11 @@
+{% if create %}
+<H1>Article :: Create</H1>
+<form action="{{ url('/admin/articles/create') }}" method="POST" id="articleform">
+{% else %}
 <H1>Article :: {{ article.id }}</H1>
-
-<input type="hidden" id="csrftoken" value="{{csrftoken}}">
+<form action="{{ url('/admin/articles/' ~ article.id) }}" method="POST" id="articleform">
+{% endif %}
+<input type="hidden" name="csrftoken" value="{{csrftoken}}">
 
 <table id="article" class="table table-striped table-bordered">
 	<tbody>
@@ -14,19 +19,19 @@
 		{% endif %}
 		<tr>
 			<th>Title</th>
-			<td>
-				<input type="text" name="title" value="{{ article.title }}" class="form-control form-control-sm">
+			<td class="form-group">
+				<input type="text" id="title" name="title" value="{{ article.title }}" class="form-control form-control-sm">
 			</td>
 		</tr>
 		<tr>
 			<th>Content</th>
-			<td>
-				<textarea name="content" class="form-control form-control-sm">{{ article.content }}</textarea>
+			<td class="form-group">
+				<textarea id="content" name="content" class="form-control form-control-sm">{{ article.content }}</textarea>
 			</td>
 		</tr>
 		<tr>
 			<th>Full Content</th>
-			<td>
+			<td class="form-group">
 				<textarea name="contentfull" class="form-control form-control-sm">{{ article.contentfull }}</textarea>
 			</td>
 		</tr>
@@ -42,17 +47,25 @@
 		</tr>
 		<tr>
 			<th>Visible From</th>
-			<td>
-				<input type="text" name="visiblefrom" value="{{ article.visiblefrom }}" class="form-control form-control-sm">
+			<td class="form-group">
+				<input type="text" id="visiblefrom" name="visiblefrom" value="{{ article.visiblefrom }}" class="form-control form-control-sm">
 			</td>
 		</tr>
 		<tr>
 			<th>Visible Until</th>
+			<td class="form-group">
+				<input type="text" id="visibleuntil" name="visibleuntil" value="{{ article.visibleuntil }}" class="form-control form-control-sm">
+			</td>
+		</tr>
+		<tr>
+			<th>&nbsp;</th>
 			<td>
-				<input type="text" name="visibleuntil" value="{{ article.visibleuntil }}" class="form-control form-control-sm">
+				<a href="{{ url("/admin/articles") }}" class="btn btn-block btn-warning">Cancel</a>
+				<button type="submit" class="btn btn-block btn-success">{% if create %}Create{% else %}Edit{% endif %} Article</button>
 			</td>
 		</tr>
 	</tbody>
 </table>
+</form>
 
 <script src="{{ url('/assets/admin_article.js') }}"></script>
diff --git a/templates/default/assets/admin_article.js b/templates/default/assets/admin_article.js
@@ -0,0 +1,27 @@
+$(function() {
+	$("#articleform").validate({
+		highlight: function(element) {
+			$(element).closest('.form-group').addClass('has-danger');
+		},
+		unhighlight: function(element) {
+			$(element).closest('.form-group').removeClass('has-danger');
+		},
+		errorClass: 'form-control-feedback',
+		rules: {
+			title: {
+				required: true
+			},
+			content: {
+				required: true
+			},
+			visiblefrom: {
+				required: true,
+				number: true
+			},
+			visibleuntil: {
+				required: true,
+				number: true
+			}
+		},
+	});
+});
diff --git a/templates/default/assets/admin_articles.js b/templates/default/assets/admin_articles.js
@@ -0,0 +1,27 @@
+$(function() {
+	$('button[data-action="deletearticle"]').click(function () {
+		var article = $(this).data('id');
+		var row = $(this).closest('tr');
+
+		var okButton = $('#confirmDelete button[data-action="ok"]');
+		okButton.removeClass("btn-success").addClass("btn-danger").text("Delete Article");
+
+		okButton.off('click').click(function () {
+			$.ajax({
+				url: "{{ url('/admin/articles') }}/" + article + "/delete",
+				data: {'csrftoken': $('#csrftoken').val()},
+				method: "POST",
+			}).done(function(data) {
+				if (data['error'] !== undefined) {
+					alert('There was an error: ' + data['error']);
+				} else if (data['response'] !== undefined) {
+					row.fadeOut(500, function(){ $(this).remove(); });
+				}
+			}).fail(function(data) {
+				alert('There was an error: ' + data.responseText);
+			});
+		});
+
+		$('#confirmDelete').modal({'backdrop': 'static'});
+	});
+});