diff options
| -rw-r--r-- | core/controllers/item.php | 45 | ||||
| -rw-r--r-- | core/helpers/photo.php | 29 | ||||
| -rw-r--r-- | core/tests/Photo_Test.php | 2 | ||||
| -rw-r--r-- | core/views/welcome.html.php | 9 |
4 files changed, 67 insertions, 18 deletions
diff --git a/core/controllers/item.php b/core/controllers/item.php index 013b00c6..8e9cc430 100644 --- a/core/controllers/item.php +++ b/core/controllers/item.php @@ -20,7 +20,7 @@ class Item_Controller extends Controller { public function dispatch($id) { - /** @todo this needs security checks */ + // @todo this needs security checks $item = ORM::factory("item")->where("id", $id)->find(); if (empty($item->id)) { return Kohana::show_404(); @@ -60,10 +60,31 @@ class Item_Controller extends Controller { } public function put($item) { + // @todo Productionize this code + // 1) Add security checks + // 2) Support owner_ids properly + + switch ($this->input->post('type')) { + case 'album': + $new_item = album::create( + $item->id, $this->input->post('name'), $this->input->post('title'), + $this->input->post('description')); + break; + + case 'photo': + $new_item = photo::create( + $item->id, $_FILES['file']['tmp_name'], $_FILES['file']['name'], + $this->input->post('title'), $this->input->post('description')); + break; + } + + print url::redirect("{$new_item->type}/{$new_item->id}"); + return; } public function delete($item) { - /** @todo: needs security checks */ + // @todo Production this code + // 1) Add security checks $parent = $item->parent(); if ($parent->id) { $item->delete(); @@ -72,7 +93,7 @@ class Item_Controller extends Controller { } public function post($item) { - /** @todo Productionize this. */ + // @todo Productionize this // 1) Figure out how to do the right validation here. Validate the form input and apply it to // the model as appropriate. // 2) Figure out how to dispatch according to the needs of the client. Ajax requests from @@ -82,13 +103,21 @@ class Item_Controller extends Controller { // that specifies which field it wants back from the item. Later on we can expand that to // include a data format, etc. - $post = $this->input->post(); - foreach (array("title", "description") as $field) { - if (array_key_exists($field, $post)) { - $value = $item->$field = $post[$field]; + // These fields are safe to change + foreach ($this->input->post() as $key => $value) { + switch ($key) { + case "title": + case "description": + $item->$key = $value; + break; } } + + // @todo Support additional fields + // These fields require additional work if you change them + // parent_id, owner_id + $item->save(); - print $item->{$post['__return']}; + print $item->{$this->input->post('__return')}; } } diff --git a/core/helpers/photo.php b/core/helpers/photo.php index 44350f2f..553ffe68 100644 --- a/core/helpers/photo.php +++ b/core/helpers/photo.php @@ -33,7 +33,22 @@ class Photo_Core { * @param string $description (optional) the longer description of this photo * @return Item_Model */ - static function create($parent_id, $filename, $name, $title, $description=null, $owner_id = null) { + static function create($parent_id, $filename, $name, $title, $description=null, $owner_id=null) { + if (!is_file($filename)) { + throw new Exception("@todo MISSING_IMAGE_FILE"); + } + + if (!($image_info = getimagesize($filename))) { + throw new Exception("@todo INVALID_IMAGE_FILE"); + } + + // Force an extension onto the name + $pi = pathinfo($name); + if (empty($pi["extension"])) { + $pi["extension"] = image_type_to_extension($image_info[2], false); + $name .= "." . $pi[extension]; + } + $photo = ORM::factory("item"); $photo->type = "photo"; $photo->title = $title; @@ -41,24 +56,20 @@ class Photo_Core { $photo->name = $name; $photo->owner_id = $owner_id; - $pi = pathinfo(basename($filename)); - if (empty($pi["extension"])) { - throw new Exception("@todo UNKNOWN_FILE_TYPE"); - } - + // Randomize the name if there's a conflict while (ORM::Factory("item") ->where("parent_id", $parent_id) ->where("name", $photo->name) ->find()->id) { + // @todo Improve this. Random numbers are not user friendly $photo->name = rand() . "." . $pi["extension"]; } - copy($filename, $photo->file_path()); - // This saves the photo $photo->add_to_parent($parent_id); + copy($filename, $photo->file_path()); - /** @todo: parameterize these dimensions */ + // @todo: parameterize these dimensions // This saves the photo a second time, which is unfortunate but difficult to avoid. return $photo->set_thumbnail($filename, 200, 140) ->set_resize($filename, 800, 600) diff --git a/core/tests/Photo_Test.php b/core/tests/Photo_Test.php index cc4921c0..248ebee6 100644 --- a/core/tests/Photo_Test.php +++ b/core/tests/Photo_Test.php @@ -48,7 +48,7 @@ class Photo_Test extends Unit_Test_Case { public function create_photo_with_no_extension_test() { try { - photo::create(1, "unknown_file", "name", "title", "description"); + photo::create(1, "/tmp", "name", "title", "description"); $this->assert_false("should fail with an exception"); } catch (Exception $e) { // pass diff --git a/core/views/welcome.html.php b/core/views/welcome.html.php index 73620269..19001db6 100644 --- a/core/views/welcome.html.php +++ b/core/views/welcome.html.php @@ -153,6 +153,14 @@ <? endforeach ?> ] photos and albums </p> + <form method="post" action="<?= url::site("album/1") ?>" enctype="multipart/form-data"> + <p> + Upload: <input name="file" type="file"/> + <input type="hidden" name="type" value="photo"/> + <input type="hidden" name="__action" value="put"/> + <input type="submit"/> + </p> + </form> </div> <div id="info" class="activity"> @@ -174,6 +182,7 @@ <? else: ?> <?= html::anchor("welcome/profiler?use_profiler=1", "on") ?> <b>off</b> <? endif ?> + </li> </ul> </div> |