Creating EditPost Page
The EditPost page is provided to authors and the administrator to edit existing blog posts. Like the NewPost page, it displays a form to collect the change to the title and content of a post.
We create two files protected/pages/posts/EditPost.page and protected/pages/posts/EditPost.php to save the page template and page class, respectively.
Creating Page Template
The EditPost page template is very similar to the NewPost template. Only the page title and the button caption are different.
<%@ Title="My Blog - Edit Post" %>
<com:TContent ID="Main">
<h1>Edit Post</h1>
<span>Title:</span>
<com:TRequiredFieldValidator
ControlToValidate="TitleEdit"
ErrorMessage="Please provide a title."
Display="Dynamic" />
<br/>
<com:TTextBox ID="TitleEdit" Columns="50" />
<br/>
<span>Content:</span>
<com:TRequiredFieldValidator
ControlToValidate="ContentEdit"
ErrorMessage="Please provide content."
Display="Dynamic" />
<br/>
<com:THtmlArea ID="ContentEdit" />
<br/>
<com:TButton Text="Save" OnClick="saveButtonClicked" />
</com:TContent>
Creating Page Class
The EditPage page class is slightly complex than NewPage because it needs to load the specified post data first. It also needs to perform additional authorization check. In particular, it needs to ensure that a post can only be editted by the author or the administrator. Such authorization check is not provided by PRADO itself.
class EditPost extends TPage
{
/**
* Initializes the inputs with existing post data.
* This method is invoked by the framework when the page is being initialized.
* @param mixed event parameter
*/
public function onInit($param)
{
parent::onInit($param);
// Retrieves the existing user data. This is equivalent to:
// $postRecord=$this->getPost();
$postRecord=$this->Post;
// Authorization check: only the author or the administrator can edit the post
if($postRecord->author_id!==$this->User->Name && !$this->User->IsAdmin)
throw new THttpException(500,'You are not allowed to edit this post.');
if(!$this->IsPostBack) // if the page is initially requested
{
// Populates the input controls with the existing post data
$this->TitleEdit->Text=$postRecord->title;
$this->ContentEdit->Text=$postRecord->content;
}
}
/**
* Saves the post if all inputs are valid.
* This method responds to the OnClick event of the "Save" button.
* @param mixed event sender
* @param mixed event parameter
*/
public function saveButtonClicked($sender,$param)
{
if($this->IsValid) // when all validations succeed
{
// Retrieves the existing user data. This is equivalent to:
// $postRecord=$this->getPost();
$postRecord=$this->Post;
// Fetches the input data
$postRecord->title=$this->TitleEdit->SafeText;
$postRecord->content=$this->ContentEdit->SafeText;
// saves to the database via Active Record mechanism
$postRecord->save();
// redirects the browser to the ReadPost page
$url=$this->Service->constructUrl('posts.ReadPost',array('id'=>$postRecord->post_id));
$this->Response->redirect($url);
}
}
/**
* Returns the post data to be editted.
* @return PostRecord the post data to be editted.
* @throws THttpException if the post data is not found.
*/
protected function getPost()
{
// the ID of the post to be editted is passed via GET parameter 'id'
$postID=(int)$this->Request['id'];
// use Active Record to look for the specified post ID
$postRecord=PostRecord::finder()->findByPk($postID);
if($postRecord===null)
throw new THttpException(500,'Post is not found.');
return $postRecord;
}
}
Testing
To test the EditPost page, login first and visit the following URL: http://hostname/blog/index.php?page=EditPost&id=1. This URL can also be reached by clicking on the Edit link on a post detail page.
