From 7c2c2e59d38e1c74b747d0dc309aa4fed1ba6783 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E3=83=86=E3=82=AF=E3=83=8B=E3=82=AB=E3=83=AB=E8=AB=8F?= =?UTF-8?q?=E8=A8=AA=E5=AD=90?= Date: Sun, 16 Dec 2018 14:29:57 +0900 Subject: [PATCH] =?UTF-8?q?=E6=8A=95=E7=A8=BF=E4=BD=9C=E6=88=90=E3=80=81?= =?UTF-8?q?=E7=B7=A8=E9=9B=86=E3=80=81=E5=89=8A=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/Http/Controllers/SiteController.php | 109 +++++++++++++++++------- 1 file changed, 77 insertions(+), 32 deletions(-) diff --git a/app/Http/Controllers/SiteController.php b/app/Http/Controllers/SiteController.php index 6bdd62e..66c7f11 100644 --- a/app/Http/Controllers/SiteController.php +++ b/app/Http/Controllers/SiteController.php @@ -302,47 +302,92 @@ class SiteController extends Controller { } public function newPost(Request $request) { // /api/rpc/site/post/new - $pubdate = 0; + $check = $this->objAuth->checkLegit($request->username, $request->password); - if ($request->public_status == 1) { - if ($request->publish_date <= time()) { - return \Response::json(array('error' => 'Publish date can\'t be older than post date.')); + if ($check == 0) { + return \Response::json(array('error' => 'ログインされませんでした。')); + } + else { + $valid = $this->objAuth->getPermissions($request->username, $request->password); + + if ($valid['blg_addpost'] == 1) { + $pubdate = 0; + + if ($request->public_status == 1) { + if ($request->publish_date <= time()) { + return \Response::json(array('error' => '投稿日より公開日の方がもっと古いだと不許可です。')); + } + else { + $pubdate = $request->publish_date; + } + } + else { + $pubdate = time(); + } + + $add = DB::table('blg_content') + ->insert([ + 'user_id' => $check, + 'isPost' => 1, + 'title' => $request->title, + 'slug' => $request->slug, + 'post_date' => time(), + 'publish_date' => $pubdate, + 'sortorder' => 0, + 'public_status' => $request->public_status, + 'isMenu' => 0, + 'message' => $request->message + ]); + + return \Response::json($add); + } + else { + return \Response::json(array('error' => '不許可。')); } } - - if ($request->public_status == 1) $pubdate = $request->publish_date; - else $pubdate = time(); - - $add = DB::table('blg_content') - ->insert([ - 'user_id' => $request->user_id, - 'isPost' => 1, - 'title' => $request->title, - 'slug' => $request->slug, - 'post_date' => time(), - 'publish_date' => $pubdate, - 'sortorder' => 0, - 'public_status' => $request->public_status, - 'isMenu' => 0, - 'message' => $request->message - ]); - - return \Response::json($add); } public function editPost(Request $request) { // /api/rpc/site/post/edit - return DB::table('blg_content') - ->where('id', $request->id) - ->update([ - 'title' => $request->title, - 'slug' => $request->slug, - 'public_status' => $request->public_status, - 'message' => $request->message - ]); + $check = $this->objAuth->checkLegit($request->username, $request->password); + + if ($check == 0) { + return \Response::json(array('error' => 'ログインされませんでした。')); + } + else { + $valid = $this->objAuth->getPermissions($request->username, $request->password); + + if ($valid['blg_editpost'] == 1) { + return DB::table('blg_content') + ->where('id', $request->id) + ->update([ + 'title' => $request->title, + 'slug' => $request->slug, + 'public_status' => $request->public_status, + 'message' => $request->message + ]); + } + else { + return \Response::json(array('error' => '不許可。')); + } + } } public function deletePost(Request $request) { // /api/rpc/site/post/delete - return DB::table('blg_content')->where('id', $request->id)->delete(); + $check = $this->objAuth->checkLegit($request->username, $request->password); + + if ($check == 0) { + return \Response::json(array('error' => 'ログインされませんでした。')); + } + else { + $valid = $this->objAuth->getPermissions($request->username, $request->password); + + if ($valid['blg_delpost'] == 1) { + return DB::table('blg_content')->where('id', $request->id)->delete(); + } + else { + return \Response::json(array('error' => '不許可。')); + } + } } // Comments