exists('SESSION.user')){ // $f3->set('SESSION.error', 'You don\'t have permission for this ticket.'); $f3->reroute('/login'); } } public function index($f3){ $this->check_access($f3); $db = $f3->get('DB'); $search_term = $f3->get('GET.search'); $tag_param = $f3->get('GET.tag'); // base query $sql = 'SELECT a.* FROM kb a'; $args = []; if($tag_param){ $sql .= ' JOIN kb_tags AS at ON a.id = at.article_id JOIN tags t ON at.tag_id = t.id WHERE t.name = ? '; $args[] = $tag_param; if($search_term){ $sql .= ' AND LOWER(a.title) LIKE LOWER(?)'; $args[] = '%' . $search_term . '%'; } } else if ($search_term){ $sql .= ' WHERE LOWER(a.title) LIKE LOWER(?)'; $args[] = '%' . $search_term . '%'; } $sql .= ' ORDER BY a.created_at DESC'; $articles = $db->exec($sql, $args); // render $f3->set('articles', $articles); $f3->set('content', '../ui/views/kb/index.html'); echo \Template::instance()->render('../ui/templates/layout.html'); $f3->clear('SESSION.error'); } /** * Form to create new article */ public function createForm($f3){ $this->check_access($f3); $db = $f3->get('DB'); $all_tags = $db->exec('SELECT * FROM tags ORDER BY name ASC'); $f3->set('all_tags', $all_tags); // render $f3->set('content', '../ui/views/kb/create.html'); echo \Template::instance()->render('../ui/templates/layout.html'); $f3->clear('SESSION.error'); } // handle POST public function create($f3){ $this->check_access($f3); $title = $f3->get('POST.title'); $content = $f3->get('POST.content'); $created_by = $f3->get('SESSION.user.id'); $db = $f3->get('DB'); // insert $db->exec( 'INSERT INTO kb (title, content, created_by, updated_by, created_at, updated_at) VALUES (?,?,?,?, NOW(), NOW())', [$title, $content, $created_by, $created_by] ); $article_id = $db->lastInsertId(); // TODO: tags $f3->reroute('/kb'); } // protected function check_kb_exists($article_id, $db, $f3){ $articles = $db->exec( 'SELECT * FROM kb WHERE id = ? LIMIT 1', [$article_id] ); if(!$articles){ $f3->set('SESSION.error', 'Article not found'); $f3->reroute('/kb'); } return $articles; } // view a single public function view($f3){ $this->check_access($f3); $article_id = $f3->get('PARAMS.id'); $db = $f3->get('DB'); $articles = $this->check_kb_exists($article_id, $db, $f3); $article = $articles[0]; $f3->set('article', $article); // TODO: tags $tags = $db->exec( 'SELECT t.* FROM tags AS t JOIN kb_tags AS at ON t.id = at.tag_id WHERE at.kb_id = ?', [$article_id] ); // render $f3->set('content', '../ui/views/kb/view.html'); echo \Template::instance()->render('../ui/templates/layout.html'); $f3->clear('SESSION.error'); } /** * Form to edit existing kb article */ public function editForm($f3){ $this->check_access($f3); $article_id = $f3->get('PARAMS.id'); $db = $f3->get('DB'); $articles = $this->check_kb_exists($article_id, $db, $f3); $article = $articles[0]; $f3->set('article', $article); // fetch current tags $current_tag_ids = $db->exec( 'SELECT tag_id FROM kb_tags WHERE kb_id = ?', [$article_id] ); $article_tag_ids = array_column($current_tag_ids, 'tag_id'); $f3->set('article_tag_ids', $article_tag_ids); // render $f3->set('content', '../ui/views/kb/edit.html'); echo \Template::instance()->render('../ui/templates/layout.html'); $f3->clear('SESSION.error'); } /** * Handle POST to edit existing article */ public function update($f3){ $this->check_access($f3); $article_id = $f3->get('PARAMS.id'); $db = $f3->get('DB'); $articles = $this->check_kb_exists($article_id, $db, $f3); $article = $articles[0]; $title = $f3->get('POST.title'); $content = $f3->get('POST.content'); $updated_by = $f3->get('SESSION.user.id'); $db->exec( 'UPDATE kb SET title=?, content=?, updated_by =?, updated_at = NOW() WHERE id = ?', [$title, $content, $updated_by, $article_id] ); // update tags - first delete $db->exec('DELETE FROM kb_tags WHERE kb_id = ?', [$article_id]); $tags_id = $f3->get('POST.tags'); if(!empty($tags_id) && is_array($tags_id)){ foreach($tags_id as $tag_id){ $db->exec( 'INSERT IGNORE INTO kb_tags (article_id, tag_id) VALUES (?,?)', [$article_id, $tag_id] ); } } $f3->reroute('/kb/'.$article_id); } }