Advertisement Page Fix [Added Validation and File Deletion]

system/lib/message.xml

@@ -554,6 +554,9 @@
 	 <E_ERROR_UPLOAD_ADMIN_FAILED>
 		アップロード失敗。 もう一度お試しください。
 	 </E_ERROR_UPLOAD_ADMIN_FAILED>
+	 <E_ERROR_UPLOAD_ADMIN_INVALID>
+		無効なアップロードファイル
+	 </E_ERROR_UPLOAD_ADMIN_INVALID>
 	 <E_ERROR_NO_PAGE_ACCESS>
 		あなたは次のページにアクセスするための権限を持っていません。
 	 </E_ERROR_NO_PAGE_ACCESS>

system/lib/message_en.xml

@@ -556,6 +556,9 @@
         <E_ERROR_UPLOAD_ADMIN_FAILED>
             Failed to upload file. Please Try Again
         </E_ERROR_UPLOAD_ADMIN_FAILED>
+        <E_ERROR_UPLOAD_ADMIN_INVALID>
+            Uploaded file is invalid.
+        </E_ERROR_UPLOAD_ADMIN_INVALID>
         <E_ERROR_NAME_REQUIRED>
 				Name is a mandatory field.
 		</E_ERROR_NAME_REQUIRED>

system/logic/advertisements/logic.php

@@ -22,34 +22,34 @@ class LogicAdvertisements extends AdvertisementModelClass {
 	* @return		: TRUE:ロジック成功、FALSE:ロジック失敗
 	-------------------------------------------------------------------------*/
 	function logic() {
-
 		try {
-			// 初期データ処理
-			if($this -> init()){
-				$this -> lists();
+            $this -> init();
 			
-			}elseif($this -> getType() == TYPE_IMAGE_MANAGER_UPLOAD_COMPLETE){
-				if($this -> checkChiket()) {
-					$this -> popUpSessionMessage(INFO, 'I_COMPLATE_SAVE', array());
-				}
-				$this -> insertActivity();
-				$this -> loadImageAds();
+            switch($this -> getType()){
+                case TYPE_IMAGE_MANAGER_UPLOAD_COMPLETE:
+                    $this -> insertNewAd();
                     $this -> listsImages();
-			}elseif($this -> getType() == TYPE_IMAGE_MANAGER || $this -> getType()	== TYPE_SEARCH){
+                    break;
+                case TYPE_IMAGE_MANAGER:
+                case TYPE_SEARCH:
                     $this -> listsImages();
-			}elseif($this -> getType() == TYPE_IMAGE_MANAGER_DETAIL){
+                    break;
+                case TYPE_IMAGE_MANAGER_DETAIL:
                     $this -> selectAdDetails();
-			}elseif($this -> getType() == TYPE_UPDATE){
+                    break;
+                case TYPE_UPDATE:
                     $this -> insertActivity();
                     $this -> update();
-			}elseif($this -> getType() == TYPE_DELETE){
+                    break;
+                case TYPE_DELETE:
                     $this -> insertActivity();
                     $this -> deleteAd();
                     $this -> listsImages();
-			}else{
+                    break;
+                default:
                     $this -> lists();
+                    break;
             }
-			
 		} catch (Exception $e) {
 			throw $e;
 		}
@@ -61,15 +61,19 @@ class LogicAdvertisements extends AdvertisementModelClass {
 	* @return		: なし
 	-------------------------------------------------------------------------*/
 	function lists() {
-		//set variables
-		//$where = null;
-
 		$where = $this -> getWhere();
-		//$this -> getWhere();
 		$this -> setResult($this -> accessSelect('LIST_CLICKED_ADS', $where));
-
 	}
 	
+	function insertNewAd(){ 
+	    if($this -> loadImageAds()){
+	        $this -> insertActivity();
+	        $this -> accessModify('INSERT_ADS', $this -> getImageAdRegistData());
+	        $this -> popUpSessionMessage(INFO, 'I_COMPLATE_SAVE', array());
+	    }else{
+	        $this -> popUpSessionMessage(ERROR, 'E_ERROR_UPLOAD_ADMIN_INVALID', array());
+	    }
+	}
 
 	function listsImages() {
 		$this -> setImages($this -> accessSelect('LIST_IMAGES', $this -> getWhereAds()));
@@ -89,7 +93,15 @@ class LogicAdvertisements extends AdvertisementModelClass {
 	}
 
 	function deleteAd(){
-		$this -> accessModify('DELETE_AD_FILE', $this -> getDeleteData(), false);
+	    $deleteData = $this -> getDeleteData();
+	    $adDetails  = $this -> getRowData($this -> accessSelect('SELECT_AD_DETAILS', $deleteData));
+	    
+	    $toDelete = SYSTEM_DOCUMENT_ADS."/{$adDetails["file_name"]}";
+	    
+	    if(@file_exists($toDelete))
+	        unlink($toDelete);
+	    
+	    $this -> accessModify('DELETE_AD_FILE', $deleteData, false);
 	}
 
     function insertActivity(){

system/logic/advertisements/model.php

@@ -23,6 +23,7 @@ class AdvertisementModelClass extends ModelClassEx {
 	private $fileName 		= NO_STRING;	
 	private $adName 		= NO_STRING;	
 	private $sequence 		= NO_STRING;	
+	private $saveName       = NO_STRING;
 
 	/*-------------------------------------------------------------------------
 	* @function_name: コントロールパネルシステムindexモデルクラスコンストラクタ
@@ -48,7 +49,7 @@ class AdvertisementModelClass extends ModelClassEx {
 			$this -> setParameter();
 
 			// チェック
-			$this -> validate();
+			return $this -> validate();
 
 		} catch (Exception $e) {
 			throw new Exception(NO_STRING);
@@ -99,7 +100,6 @@ class AdvertisementModelClass extends ModelClassEx {
 	* @return		: TRUE:成功、FALSE:失敗
 	-------------------------------------------------------------------------*/
 	public function validate() {
-
 		// ログインチェック
 		if(!$this -> checkAdminUserLogin()) {
 			throw new Exception(NO_STRING);
@@ -124,13 +124,11 @@ class AdvertisementModelClass extends ModelClassEx {
 				$this -> setType(TYPE_IMAGE_MANAGER);
 			}
 		}elseif($this -> getType() == TYPE_UPDATE) {
-
-			if(!in_array($this -> location, array('menu', 'login'))){
+			if(!in_array($this -> location, ['menu', 'login'])){
 				$this -> setType(TYPE_IMAGE_MANAGER_DETAIL);
 			}
 
-			$lang = array('en', 'ja', 'sc', 'tc', 'id');
-			if(!in_array($this -> language, $lang)){
+			if(!in_array($this -> language, ['en', 'ja', 'sc', 'tc', 'id'])){
 				$this -> setType(TYPE_IMAGE_MANAGER_DETAIL);
 			}
 		}elseif($this -> getType() == TYPE_IMAGE_MANAGER_UPLOAD_COMPLETE) {
@@ -139,8 +137,11 @@ class AdvertisementModelClass extends ModelClassEx {
 				$this -> setType(TYPE_IMAGE_MANAGER);
 			}	
 			
+			if(!$this -> isUpload(PARAM_IMG1)) {
+			    $this -> popUpSessionMessage(ERROR, 'E_ERROR_UPLOAD_ADMIN_INVALID', array());
+			    $this -> setType(TYPE_IMAGE_MANAGER);
+			}
 		}
-
 	}
 
 	/*-------------------------------------------------------------------------
@@ -244,7 +245,7 @@ class AdvertisementModelClass extends ModelClassEx {
 	* @parameter	: 結果セット
 	* @return		: 検索条件配列
 	-------------------------------------------------------------------------*/
-	function getWhere() {
+	public function getWhere() {
 		// 変数宣言部
 		$where		= NO_STRING;
 		$rtn		= array();
@@ -274,7 +275,6 @@ class AdvertisementModelClass extends ModelClassEx {
 		}
 
 		$start	= ($this -> getTargetPage() - VAL_INT_1) * VAR_DEFAULT_PAGE_COUNT;
-		$end	= $this -> getTargetPage() * VAR_DEFAULT_PAGE_COUNT;
 
 		$page = ' LIMIT ' . $start . DELIMIT_COMMA . VAL_INT_50;
 
@@ -289,7 +289,7 @@ class AdvertisementModelClass extends ModelClassEx {
 	* @parameter	: 
 	* @return		: 
 	-------------------------------------------------------------------------*/
-	function echoFrom() {
+	public function echoFrom() {
 		echo $this -> from;
 	}
 
@@ -298,7 +298,7 @@ class AdvertisementModelClass extends ModelClassEx {
 	* @parameter	: 
 	* @return		: 
 	-------------------------------------------------------------------------*/
-	function echoTo() {
+	public function echoTo() {
 		echo $this -> to;
 	}
 
@@ -307,7 +307,7 @@ class AdvertisementModelClass extends ModelClassEx {
 	* @parameter	: 
 	* @return		: 
 	-------------------------------------------------------------------------*/
-	function echoMail() {
+	public function echoMail() {
 		echo $this -> mail;
 	}
 
@@ -316,7 +316,7 @@ class AdvertisementModelClass extends ModelClassEx {
 	* @parameter	: 
 	* @return		: 
 	-------------------------------------------------------------------------*/
-	function echoIP() {
+	public function echoIP() {
 		echo $this -> IP;
 	}
 
@@ -325,13 +325,12 @@ class AdvertisementModelClass extends ModelClassEx {
 	* @parameter	: 
 	* @return		: 
 	-------------------------------------------------------------------------*/
-	function echoAdsId() {
+	public function echoAdsId() {
 		echo $this -> adsID;
 	}
 
 
 	public function echoLanguageList() {
-
 		// 変数宣言部
 		$language[] = array(PARAM_DATA_KEY => 'en'
 						, PARAM_DATA_VALUE => 'EN');
@@ -344,13 +343,6 @@ class AdvertisementModelClass extends ModelClassEx {
 		$language[] = array(PARAM_DATA_KEY => 'id'
 						, PARAM_DATA_VALUE => 'ID');
 
-		
-			// foreach($language as $row) {
-			// 	$lists[] = array(PARAM_DATA_KEY			=> $this -> getColumnData($row, COLUMN_CURRENCY_NAME)
-			// 						, PARAM_DATA_VALUE	=> $this -> getColumnData($row, COLUMN_CURRENCY_NAME));
-			// }
-	
-
 		echo $this -> dispListOption($language, $this -> language);
 	}
 
@@ -359,51 +351,39 @@ class AdvertisementModelClass extends ModelClassEx {
 	* @parameter	: なし
 	* @return		: なし
 	-------------------------------------------------------------------------*/
-	function loadImageAds() {
-		// echo $this -> adsID;
-		// echo $this -> location;
-		// echo $this -> language;
-		// echo $this -> link;
-		// die();
-		// 変数宣言部
-		$path		= NO_STRING;
-		$saveName	= NO_STRING;
-		$flg		= false;
-		$oldName	= NO_STRING;
-		$imgFlg		= NO_STRING;
-		$uploads	= array();
-
+	public function loadImageAds() {
 		// ルートディレクトリを取得する
 		$path = SYSTEM_DOCUMENT_ADS;
 
 		// 該当ディレクトリの確認
-		if(!file_exists($path)) {
+		if(!file_exists($path))
 			mkdir($path, 0777);
-		} else {
+		else
 			chmod($path, 0777);
-		}
-
-		// 画像1の存在確認
-		if($this -> isUpload(PARAM_IMG1)) {
 		
-			// 保存ファイル名
-			$info		= new SplFileInfo($_FILES[PARAM_IMG1][PARAM_NAME]);
-			$saveName	= basename($_FILES[PARAM_IMG1][PARAM_NAME]);
+    	$this -> saveName = basename($_FILES[PARAM_IMG1][PARAM_NAME]);
     	
     	// 画像の移動
-			if(move_uploaded_file($_FILES[PARAM_IMG1][PARAM_TMP_NAME], $path . DELIMIT_SLASH . $saveName)) {
-
-				// アップロードファイル名
-				$oldName	= basename($_FILES[PARAM_IMG1][PARAM_NAME]);
-				$imgFlg		= $this -> getImg1Flg();
-
+    	if(move_uploaded_file($_FILES[PARAM_IMG1][PARAM_TMP_NAME], $path . DELIMIT_SLASH . $this -> saveName)) {
     	    // ファイルパーミッションの変更
-				chmod($path . DELIMIT_SLASH . $saveName, 0777);
+    	    chmod($path . DELIMIT_SLASH . $this -> saveName, 0777);
     	    
-				// データの登録
-				$this -> accessModify('INSERT_ADS', array(10, $saveName, $this -> adsID, $this -> location, $this -> link, $this -> language, $this -> getAdminUserData(PARAM_UID)));
+    	    return true;
     	}
+    	
+    	return false;    
 	}
+	
+	public function getImageAdRegistData(){
+	    return [
+	        VAL_INT_10, 
+	        $this -> saveName, 
+	        $this -> adsID, 
+	        $this -> location, 
+	        $this -> link, 
+	        $this -> language, 
+	        $this -> getAdminUserData(PARAM_UID)
+	    ];
 	}
 	
 	/*-------------------------------------------------------------------------
@@ -411,8 +391,7 @@ class AdvertisementModelClass extends ModelClassEx {
 	* @parameter	: パラメータ
 	* @return		: 存在する:true、存在しない:false
 	-------------------------------------------------------------------------*/
-	function isUpload($param) {
-
+	public function isUpload($param) {
 		// 変数宣言部
 		$rtn = false;
 
@@ -435,14 +414,12 @@ class AdvertisementModelClass extends ModelClassEx {
 		return $this -> img1Flg;
 	}
 
-	function echoImageList(){
+	public function echoImageList(){
 		// 変数宣言部
 		$rtn	= NO_STRING;
 		$row	= null;
 
 		if($this -> isLoopData($this -> rs2)) {
-			$listCount	= count($this -> rs2);
-
 			for($cnt = 0; $cnt < count($this -> rs2); $cnt++) {
 		
 				$row = $this -> getRowData($this -> rs2, $cnt);
@@ -481,23 +458,23 @@ class AdvertisementModelClass extends ModelClassEx {
 		echo $rtn;
 	}
 
-	function echoFileName(){
+	public function echoFileName(){
 		echo $this -> fileName;
 	}
 
-	function echoAdName(){
+	public function echoAdName(){
 		echo $this -> adName;
 	}
 
-	function echoLink(){
+	public function echoLink(){
 		echo $this -> link;
 	}
 
-	function echoID(){
+	public function echoID(){
 		echo $this -> adID;
 	}
 
-	function echoLocation(){
+	public function echoLocation(){
 		$location 		= array('login', 'menu');
 		$options 		= array();
 		$rtn 			= NO_STRING;
@@ -519,7 +496,7 @@ class AdvertisementModelClass extends ModelClassEx {
 		echo $rtn;
 	}
 
-	function echoLanguage(){
+	public function echoLanguage(){
 		$language 		= array('en', 'ja', 'sc', 'tc', 'id');
 		$options 		= array();
 		$rtn 			= NO_STRING;
@@ -541,15 +518,15 @@ class AdvertisementModelClass extends ModelClassEx {
 		echo $rtn;
 	}
 
-	function echoAdLanguage(){
+	public function echoAdLanguage(){
 		echo $this -> language;
 	}
 
-	function echoAdLocation(){
+	public function echoAdLocation(){
 		echo $this -> language;
 	}
 
-	function getUpdateData(){
+	public function getUpdateData(){
 		$rtn = array();
 
 		$rtn[] =  $this -> adName;
@@ -560,7 +537,7 @@ class AdvertisementModelClass extends ModelClassEx {
 		return $rtn;
 	}
 
-	function getUpdateSequence(){
+	public function getUpdateSequence(){
 		$rtn 		= array();
 		$adID 		= array();
 		$condition = array();
@@ -583,7 +560,7 @@ class AdvertisementModelClass extends ModelClassEx {
 		//return $rtn;
 	}
 
-	function getWhereAds(){
+	public function getWhereAds(){
 
 		$rtn = array();
 		$whereStr = NO_STRING;
@@ -609,16 +586,13 @@ class AdvertisementModelClass extends ModelClassEx {
 
 	}
 
-	function getDeleteData(){
-
-		$rtn 	= array();
-		$rtn[] 	= $this -> adID;
-
-		return $rtn;
-
+	public function getDeleteData(){
+		return [
+		    $this -> adID
+		];
 	}
 
-	function checkExistImage($fileName){
+	public function checkExistImage($fileName){
 		$rtn = true;
 		$file = $this -> accessSelect('CHECK_EXIST_AD', array($fileName));
 
@@ -629,16 +603,12 @@ class AdvertisementModelClass extends ModelClassEx {
 		return $rtn;
 	}
 
-	function sessionLocation(){
-
+	public function sessionLocation(){
 		return $_SESSION['location'];
-
 	}
 
-	function sessionLanguage(){
-
+	public function sessionLanguage(){
 		return $_SESSION['language'];
-
 	}
 
 	/*-------------------------------------------------------------------------
@@ -646,8 +616,7 @@ class AdvertisementModelClass extends ModelClassEx {
 	* @parameter	: none
 	* @return		: 表示用HTML文字列
 	-------------------------------------------------------------------------*/
-	function getActivity(){
-
+	public function getActivity(){
 		 $type 			= $this -> getType();
 		 $details 		= array();
 		
@@ -701,12 +670,10 @@ class AdvertisementModelClass extends ModelClassEx {
 		return $rtn;
 	}
 
-	function getFileDetailsByID($id, $column){
+	public function getFileDetailsByID($id, $column){
 		$row 		= $this -> accessSelect('SELECT_AD_DETAILS', array($id));
 		$details 	= $this -> getColumnData($row[0], $column);
 
 		return $details; 
 	}
 }
\ No newline at end of file
-
-?>
\ No newline at end of file