Blame | Letzte Ă„nderung | Log anzeigen | RSS feed
<com:TContent ID="Main"><h1>Creating <tt>EditPost</tt> Page</h1><p>The <tt>EditPost</tt> page is provided to authors and the administrator to edit existing blog posts. Like the <a href="?page=Day4.CreateNewPost">NewPost</a> page, it displays a form to collect the change to the title and content of a post.</p><p>We create two files <tt>protected/pages/posts/EditPost.page</tt> and <tt>protected/pages/posts/EditPost.php</tt> to save the page template and page class, respectively.</p><h2>Creating Page Template</h2><p>The <tt>EditPost</tt> page template is very similar to the <tt>NewPost</tt> template. Only the page title and the button caption are different.</p><com:TTextHighlighter CssClass="source" Language="prado"><%@ Title="My Blog - Edit Post" %><com:TContent ID="Main"><h1>Edit Post</h1><span>Title:</span><com:TRequiredFieldValidatorControlToValidate="TitleEdit"ErrorMessage="Please provide a title."Display="Dynamic" /><br/><com:TTextBox ID="TitleEdit" Columns="50" /><br/><span>Content:</span><com:TRequiredFieldValidatorControlToValidate="ContentEdit"ErrorMessage="Please provide content."Display="Dynamic" /><br/><com:THtmlArea ID="ContentEdit" /><br/><com:TButton Text="Save" OnClick="saveButtonClicked" /></com:TContent></com:TTextHighlighter><h2>Creating Page Class</h2><p>The <tt>EditPage</tt> page class is slightly complex than <tt>NewPage</tt> because it needs to load the specified post data first. It also needs to perform additional authorization check. In particular, it needs to ensure that a post can only be editted by the author or the administrator. Such authorization check is not provided by PRADO itself.</p><com:TTextHighlighter CssClass="source" Language="php">class EditPost extends TPage{/*** Initializes the inputs with existing post data.* This method is invoked by the framework when the page is being initialized.* @param mixed event parameter*/public function onInit($param){parent::onInit($param);// Retrieves the existing user data. This is equivalent to:// $postRecord=$this->getPost();$postRecord=$this->Post;// Authorization check: only the author or the administrator can edit the postif($postRecord->author_id!==$this->User->Name && !$this->User->IsAdmin)throw new THttpException(500,'You are not allowed to edit this post.');if(!$this->IsPostBack) // if the page is initially requested{// Populates the input controls with the existing post data$this->TitleEdit->Text=$postRecord->title;$this->ContentEdit->Text=$postRecord->content;}}/*** Saves the post if all inputs are valid.* This method responds to the OnClick event of the "Save" button.* @param mixed event sender* @param mixed event parameter*/public function saveButtonClicked($sender,$param){if($this->IsValid) // when all validations succeed{// Retrieves the existing user data. This is equivalent to:// $postRecord=$this->getPost();$postRecord=$this->Post;// Fetches the input data$postRecord->title=$this->TitleEdit->SafeText;$postRecord->content=$this->ContentEdit->SafeText;// saves to the database via Active Record mechanism$postRecord->save();// redirects the browser to the ReadPost page$url=$this->Service->constructUrl('posts.ReadPost',array('id'=>$postRecord->post_id));$this->Response->redirect($url);}}/*** Returns the post data to be editted.* @return PostRecord the post data to be editted.* @throws THttpException if the post data is not found.*/protected function getPost(){// the ID of the post to be editted is passed via GET parameter 'id'$postID=(int)$this->Request['id'];// use Active Record to look for the specified post ID$postRecord=PostRecord::finder()->findByPk($postID);if($postRecord===null)throw new THttpException(500,'Post is not found.');return $postRecord;}}</com:TTextHighlighter><h2>Testing</h2><p>To test the <tt>EditPost</tt> page, login first and visit the following URL: <tt>http://hostname/blog/index.php?page=EditPost&id=1</tt>. This URL can also be reached by clicking on the <tt>Edit</tt> link on a post detail page.</p><img src="<%~ output4.gif %>" class="output" /></com:TContent>