Skryptów jeszcze nie testowałem więc mogą być jakieś drobne błędy - chodzi tylko o założenie czy dobrze rozumuje MVC:
mo_admin.class.php
<?php // klasa obslugi administratorow class MoAdmin { private $DB; public function __construct() { $this->DB = $GLOBALS['db']; } // dodawanie / edytowanie danych admina oraz jego praw dostepu public function AddEditAdmin($login, $pass, $fname, $lname, $active, $mail, $gg, $skype, $tel, $right, $adminId = NULL) { try { $this->DB->beginTransaction(); // jezeli przy wywolaniu funkcji zmienna $adminId jest NULL to dodajemy, jezeli je
st liczba to update { $this->DB->exec('INSERT INTO core_admin VALUES ("default", "' . $login . '", "' . $pass . '", "' . $fname . '", "' . $lname . '", "' . $active . '", "' . $mail . '", ' . $gg . ', "' . $skype . '", "' . $tel . '", ' . $right[0] . ', ' . $right[1] . ', ' . $right[2] . ', ' . $right[3] . ', ' . $right[4] . ')'); } else { $this->DB->exec('UPDATE core_admin SET login = "' . $login . '", fname = "' . $fname . '", lname = "' . $lname . '", active = "' . $active . '", mail = "' . $mail . '", gg = ' . $gg . ', skype = "' . $skype . '", tel = "' . $tel . '", r_1 = ' . $right[0] . ', r_2 = ' . $right[1] . ', r_3 = ' . $right[2] . ', r_4 = ' . $right[3] . ', r_5 = ' . $right[4] . ' WHERE id = ' . $adminId); } $result = EDS_OK; } catch(PDOException $exception) { $result = EDS_ERROR; } endTransaction(EDS_OK == $result); return $result; } // ustawienie admin na aktywny / nieaktywny public function ActiveAdmin($adminId) { try { $this->DB->beginTransaction(); $this->DB->exec('UPDATE core_admin SET active = NOT active WHERE id = ' . $adminId); $result = EDS_OK; } catch(PDOException $exception) { $result = EDS_ERROR; } endTransaction(EDS_OK == $result); return $result; } // zmiana hasla admina public function ChangePassAdmin($adminId, $pass) { try { $this->DB->beginTransaction(); $this->DB->exec('UPDATE core_admin SET pass = "' . $pass . '" WHERE id = ' . $adminId); $result = EDS_OK; } catch(PDOException $exception) { $result = EDS_ERROR; } endTransaction(EDS_OK == $result); return $result; } // logowanie admina public function LoginAdmin($login, $pass) { $sqlRow = $this->DB->query('SELECT COUNT(id) FROM core_admin WHERE pass = "' . $pass . '" AND active = true AND login = "' . $login . '"'); // jezeli sql zwroci ze jest taki rekord i tylko jego wartosc wynosci 1 to sie log
ujemy if(1 == $sqlRow->rowCount()) { $result = EDS_OK; } else { $result = EDS_ERROR; } return $result; } // pobieramy dane oraz prawa admina public function GetAdmin($adminId) { $sqlRow = $this->DB->query('SELECT * FROM core_admin WHERE id = ' . $adminId); return $sqlRow->fetch(PDO::FETCH_ASSOC); } } ?>
co_admin.class.php
<?php require_once './model_object/mo_admin.class.php'; class CoAdmin { private $mMoAdmin; public function __construct() { $this->mMoAdmin = new MoAdmin(); } public function AddEditAdmin($login, $pass, $fname, $lname, $active, $mail, $gg, $skype, $tel, $right, $adminId = NULL) { if(!matchStr(RX_LOGIN, $login)) { } if(!matchStr(RX_PASS, $pass)) { } if(!matchStr(RX_NAME, $fname)) { } if(!matchStr(RX_NAME, $fname)) { } { } { } { } { } { $pass = passHash($pass); $result = $this->mMoAdmin->AddEditAdmin($login, $pass, $fname, $lname, $active, $mail, $gg, $skype, $tel, $right, $adminId); } else { $result = $error; } return $result; } public function ActiveAdmin($adminId) { { $result = $this->mMoAdmin->ActiveAdmin($adminId); } else { $result = ED_ERROR_NO_INT; } return $result; } public function ChangePassAdmin($adminId, $pass) { { if(matchStr(RX_PASS, $pass)) { $pass = passHash($pass); $result = $this->mMoAdmin->ChangeAdmin($adminId, $pass); } else { $result = ED_ERROR_RX_PASS; } } else { $result = ED_ERROR_NO_INT; } return $result; } public function LoginAdmin($login, $pass) { if(matchStr(RX_LOGIN, $login) && matchStr(RX_PASS, $pass)) { $pass = passHash($pass); $result = $this->mMoAdmin->LoginAdmin($login, $pass); } else { $result = ED_ERROR_RX_LOGIN_PASS; } return $result; } public function GetAdmin($adminId) { { $data = $this->mMoAdmin->GetAdmin($adminId); $result = array('data' => array('login' => $data['login'], 'fname' => $data['fname'], 'lname' => $data['lname'], 'active' => $data['active'], 'mail' => $data['mail'], 'gg' => $data['gg'], 'skype' => $data['skype'], 'tel' => $data['tel']), 'right' => array('r_0' => $data['r_0'], 'r_1' => $data['r_1'], 'r_2' => $data['r_2'], 'r_3' => $data['r_3'], 'r_4' => $data['r_4'])); } else { $result = ED_ERROR_NO_INT; } return $result; } } ?>
Jako WIDOK traktuje szablony smarty z indywidualnymi pluginami na nie...