From 853e77c53fd6e51b6418168922649164cc30172d Mon Sep 17 00:00:00 2001
From: Marvin Borner
Date: Thu, 26 Apr 2018 19:15:47 +0200
Subject: Added basic upload feature - will be image upload feature soon
---
.../admin/src/Controller/AdminController.php | 14 ++-
.../admin/src/Controller/PostController.php | 118 +++++++++++++++++++++
2 files changed, 124 insertions(+), 8 deletions(-)
create mode 100644 main/app/sprinkles/admin/src/Controller/PostController.php
(limited to 'main/app/sprinkles/admin/src/Controller')
diff --git a/main/app/sprinkles/admin/src/Controller/AdminController.php b/main/app/sprinkles/admin/src/Controller/AdminController.php
index da4da8a..91342de 100644
--- a/main/app/sprinkles/admin/src/Controller/AdminController.php
+++ b/main/app/sprinkles/admin/src/Controller/AdminController.php
@@ -5,6 +5,7 @@
* @link https://github.com/userfrosting/UserFrosting
* @license https://github.com/userfrosting/UserFrosting/blob/master/licenses/UserFrosting.md (MIT License)
*/
+
namespace UserFrosting\Sprinkle\Admin\Controller;
use Carbon\Carbon;
@@ -30,8 +31,7 @@ class AdminController extends SimpleController
* Renders the admin panel dashboard
*
*/
- public function pageDashboard($request, $response, $args)
- {
+ public function pageDashboard($request, $response, $args) {
//** @var UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager */
$authorizer = $this->ci->authorizer;
@@ -48,8 +48,8 @@ class AdminController extends SimpleController
// Probably a better way to do this
$users = $classMapper->staticMethod('user', 'orderBy', 'created_at', 'desc')
- ->take(8)
- ->get();
+ ->take(8)
+ ->get();
// Transform the `create_at` date in "x days ago" type of string
$users->transform(function ($item, $key) {
@@ -97,8 +97,7 @@ class AdminController extends SimpleController
* This route requires authentication.
* Request type: POST
*/
- public function clearCache($request, $response, $args)
- {
+ public function clearCache($request, $response, $args) {
/** @var UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager */
$authorizer = $this->ci->authorizer;
@@ -128,8 +127,7 @@ class AdminController extends SimpleController
* This page requires authentication.
* Request type: GET
*/
- public function getModalConfirmClearCache($request, $response, $args)
- {
+ public function getModalConfirmClearCache($request, $response, $args) {
/** @var UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager */
$authorizer = $this->ci->authorizer;
diff --git a/main/app/sprinkles/admin/src/Controller/PostController.php b/main/app/sprinkles/admin/src/Controller/PostController.php
new file mode 100644
index 0000000..e191207
--- /dev/null
+++ b/main/app/sprinkles/admin/src/Controller/PostController.php
@@ -0,0 +1,118 @@
+getClientFilename(), PATHINFO_EXTENSION);
+ $basename = bin2hex(random_bytes(8)); // see http://php.net/manual/en/function.random-bytes.php
+ $filename = sprintf('%s.%0.8s', $basename, $extension);
+
+ $uploadedFile->moveTo($directory . DIRECTORY_SEPARATOR . $filename);
+
+ return $filename;
+ }
+
+ $authorizer = $this->ci->authorizer;
+ $currentUser = $this->ci->currentUser;
+ if (!$authorizer->checkAccess($currentUser, 'uri_dashboard')) {
+ throw new ForbiddenException();
+ }
+
+ $directory = $_SERVER['DOCUMENT_ROOT'] . '/beam/social/main/uploads/';
+ $uploadedFiles = $request->getUploadedFiles();
+ $uploadedFile = $uploadedFiles['example1'];
+ if ($uploadedFile->getError() === UPLOAD_ERR_OK) {
+ $filename = moveUploadedFile($directory, $uploadedFile);
+ $response->write('uploaded ' . $filename . '
');
+ }
+
+ foreach ($uploadedFiles['example2'] as $uploadedFile) {
+ if ($uploadedFile->getError() === UPLOAD_ERR_OK) {
+ $filename = moveUploadedFile($directory, $uploadedFile);
+ $response->write('uploaded ' . $filename . '
');
+ }
+ }
+
+ foreach ($uploadedFiles['example3'] as $uploadedFile) {
+ if ($uploadedFile->getError() === UPLOAD_ERR_OK) {
+ $filename = moveUploadedFile($directory, $uploadedFile);
+ $response->write('uploaded ' . $filename . '
');
+ }
+ }
+ }
+
+ /**
+ * Moves the uploaded file to the upload directory and assigns it a unique name
+ * to avoid overwriting an existing uploaded file.
+ *
+ * @param string $directory directory to which the file is moved
+ * @param UploadedFile $uploaded file uploaded file to move
+ * @return string filename of moved file
+ */
+ function moveUploadedFile($directory, UploadedFile $uploadedFile)
+ {
+ $extension = pathinfo($uploadedFile->getClientFilename(), PATHINFO_EXTENSION);
+ $basename = bin2hex(random_bytes(8)); // see http://php.net/manual/en/function.random-bytes.php
+ $filename = sprintf('%s.%0.8s', $basename, $extension);
+
+ $uploadedFile->moveTo($directory . DIRECTORY_SEPARATOR . $filename);
+
+ return $filename;
+ }
+
+ protected function getUserFromParams($params) {
+ // Load the request schema
+ $schema = new RequestSchema('schema://requests/user/get-by-username.yaml');
+
+ // Whitelist and set parameter defaults
+ $transformer = new RequestDataTransformer($schema);
+ $data = $transformer->transform($params);
+
+ // Validate, and throw exception on validation errors.
+ $validator = new ServerSideValidator($schema, $this->ci->translator);
+ if (!$validator->validate($data)) {
+ // TODO: encapsulate the communication of error messages from ServerSideValidator to the BadRequestException
+ $e = new BadRequestException();
+ foreach ($validator->errors() as $idx => $field) {
+ foreach ($field as $eidx => $error) {
+ $e->addUserMessage($error);
+ }
+ }
+ throw $e;
+ }
+
+ /** @var UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
+ $classMapper = $this->ci->classMapper;
+
+ // Get the user to delete
+ $user = $classMapper->staticMethod('user', 'where', 'user_name', $data['user_name'])
+ ->first();
+
+ return $user;
+ }
+}
--
cgit v1.2.3