pioder
/
uf2
1
0
Fork 0
Code Releases 0 Activity
A new, object-oriented, better vesion of μForum
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12 Commits
1 Branch
392 KiB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
uf2/inc/controllers/MainController.class.php

744 lines
23 KiB
Raw Permalink Normal View History

initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
removed email address from PHP files
7 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
replaced strip_tags() by htmlspecialchars() in most of POST variables added stripslashes() to POST variables while form is not sent
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved password generating method (salt + SHA-256)
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
added feature: stick/unstick topic
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
added feature: stick/unstick topic
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
added feature: stick/unstick topic
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
added feature: stick/unstick topic
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
replaced strip_tags() by htmlspecialchars() in most of POST variables added stripslashes() to POST variables while form is not sent
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
replaced strip_tags() by htmlspecialchars() in most of POST variables added stripslashes() to POST variables while form is not sent
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
improved password generating method (salt + SHA-256)
10 years ago
initial commit with snapshot 20140213
10 years ago
improved password generating method (salt + SHA-256)
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved password generating method (salt + SHA-256)
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
replaced strip_tags() by htmlspecialchars() in most of POST variables added stripslashes() to POST variables while form is not sent
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
improved password generating method (salt + SHA-256)
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved data filtering in controllers
10 years ago
initial commit with snapshot 20140213
10 years ago
 
  1. <?php
  2. /** 
  3. * @package		uForum2
  4. * @file		inc/controllers/MainController.class.php
  5. * @copyright	2007-2015 (c) PioDer 
  6. * @link    		http://www.pioder.pl/
  7. * @license		see LICENSE.txt
  8. **/
  9. 

  10. require ('./inc/controller.class.php');
  11. 

  12. class MainController extends Controller
  13. {
  14. 

  15. 	public function loadDefault()
  16. 	{
  17. 		$this->main();
  18. 	}
  19. 	
  20. 	private function loadDependencies() // zależności (sesje itp)

  21. 	{
  22. 		$this->loadModel('SessionModel'); //initalizing session

  23. 		$this->loadModel('ConfigModel'); //overall forum configuration

  24. 		$this->loadView('MainView');
  25. 		$this->getView('MainView')->putExistingModel('SessionModel', $this->getModel('SessionModel'));
  26. 		$this->getView('MainView')->putExistingModel('ConfigModel', $this->getModel('ConfigModel'));
  27. 		
  28. 		//przekierowanie!

  29. 		if ($_GET['mode'] == 'editprofile' || $_GET['mode'] == 'register' || $_GET['mode'] == 'login')
  30. 		{
  31. 			if ($_SERVER['REQUEST_SCHEME'] != 'https' && USE_HTTPS)
  32. 				$this->forward(buildURL($_SERVER['REQUEST_URI'], true));
  33. 		}
  34. 		else
  35. 			if ($_SERVER['REQUEST_SCHEME'] != 'http')
  36. 				$this->forward(buildURL($_SERVER['REQUEST_URI']));
  37. 	} 
  38. 		
  39. 	public function main()
  40. 	{
  41. 		$this->loadDependencies();
  42. 		$this->loadModel('UsersModel');
  43. 		$this->getView('MainView')->main();
  44. 	}
  45. 	
  46. 	public function viewforum()
  47. 	{
  48. 		$this->loadDependencies();
  49. 		
  50. 		$this->loadModel('ForumsModel');
  51. 		
  52. 		get_clean('id', $this->db);
  53. 		
  54. 		$f = $this->getModel('ForumsModel')->getForum($_GET['id']);
  55. 		
  56. 		if ($f == null)
  57. 			$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php'));
  58. 		else
  59. 		{
  60. 			$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
  61. 			$this->getView('MainView')->viewforum();
  62. 		}
  63. 	}
  64. 	
  65. 	public function userlist()
  66. 	{
  67. 		$this->loadDependencies();
  68. 		
  69. 		if (isset($_GET['rank']))
  70. 		{
  71. 			switch ($_GET['rank'])
  72. 			{
  73. 				case 'admin':
  74. 					$_GET['rank'] = RANK_ADMIN;
  75. 					break;
  76. 				case 'mod':
  77. 					$_GET['rank'] = RANK_MOD;
  78. 					break;
  79. 				case 'user':
  80. 					$_GET['rank'] = RANK_USER;
  81. 					break;
  82. 				default:
  83. 					$_GET['rank'] = '';
  84. 					break;
  85. 			}
  86. 		}
  87. 		else
  88. 			$_GET['rank'] = '';	
  89. 				
  90. 		post_default('sort_type', 'regdate');
  91. 		$allowed_sorting = array('regdate', 'lastvisit', 'nick', 'post_count');
  92. 		if (!in_array($_POST['sort_type'], $allowed_sorting))
  93. 			$_POST['sort_type'] = 'regdate';
  94. 		$_POST['sort_desc'] = (isset($_POST['sort_desc'])) ? 'DESC' : 'ASC';
  95. 		
  96. 		$this->getView('MainView')->userlist();
  97. 	}
  98. 	
  99. 	public function viewtopic()
  100. 	{
  101. 		$this->loadDependencies();
  102. 		$this->loadModel('PostsModel');
  103. 		
  104. 		get_clean('id', $this->db);
  105. 		$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
  106. 		
  107. 		if ($t == null)
  108. 			$this->getView('MainView')->forum_message('Topic does not exist!', buildURL('index.php')); 
  109. 		else
  110. 		{
  111. 			$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
  112. 			$this->getView('MainView')->viewtopic();
  113. 		}
  114. 	}
  115. 	
  116. 	public function newtopic()
  117. 	{
  118. 		$this->posting(POSTING_NEWTOPIC);
  119. 	}
  120. 	
  121. 	public function reply()
  122. 	{
  123. 		$this->posting(POSTING_REPLY);
  124. 	}
  125. 	
  126. 	public function editpost()
  127. 	{
  128. 		$this->posting(POSTING_EDIT);
  129. 	}
  130. 	
  131. 	public function quote()
  132. 	{
  133. 		$this->posting(POSTING_QUOTE);
  134. 	}
  135. 	
  136. 	public function moderate()
  137. 	{
  138. 		$this->loadDependencies();
  139. 		$this->loadModel('PostsModel');
  140. 		$this->loadModel('ForumsModel');
  141. 		
  142. 		get_clean('id', $this->db);
  143. 		get_clean('submode', $this->db, false);
  144. 		
  145. 		if (!$this->getModel('SessionModel')->isLogged())
  146. 		{
  147. 			$this->getView('MainView')->forum_message('You are not logged.', buildURL('index.php?mode=login', true));
  148. 			$lockv = true;
  149. 		}
  150. 		
  151. 		if ($this->getModel('SessionModel')->getRank() == RANK_USER && !isset($lockv))
  152. 		{
  153. 			$this->getView('MainView')->forum_message('Only mods have access to this menu', buildURL('index.php'));
  154. 			$lockv = true;
  155. 		}
  156. 		
  157. 		//sprawdź czy wątek/post istnieje

  158. 		
  159. 		if (!isset($lockv))
  160. 		switch($_GET['submode'])
  161. 		{
  162. 			case 'deletetopic':
  163. 			case 'locktopic':
  164. 			case 'sticktopic':
  165. 			case 'movetopic':
  166. 				$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
  167. 				
  168. 				if ($t == null)
  169. 				{
  170. 					$this->getView('MainView')->forum_message('Topic does not exist!', buildURL('index.php'));
  171. 					$lockv = true;
  172. 				}	
  173. 				break;
  174. 				
  175. 			case 'deletepost':
  176. 				$p = $this->getModel('PostsModel')->getPost($_GET['id']);
  177. 				if ($p == null)
  178. 				{
  179. 					$this->getView('MainView')->forum_message('Post does not exist!', buildURL('index.php'));
  180. 					$lockv = true;
  181. 				}
  182. 				else
  183. 				{
  184. 					$t = $this->getModel('PostsModel')->getTopic($p['topic_id']);
  185. 					
  186. 					if ($t['post_count'] == 1)
  187. 					{
  188. 						$this->getView('MainView')->forum_message('If topic has only one post, use <span style="font-weight: bold">delete topic</span> option.', buildURL('index.php?mode=viewtopic&amp;id='.$p['topic_id']), 3);
  189. 						$lockv = true;
  190. 					}
  191. 				}
  192. 				
  193. 				break;
  194. 			
  195. 			default:
  196. 				$this->getView('MainView')->forum_message('Invalid mode', buildURL('index.php'));
  197. 				$lockv = true;
  198. 				break;
  199. 		}
  200. 		
  201. 		//wysyłanie formularza

  202. 		if (isset($_POST['confirmed']) && !isset($lockv))
  203. 		{
  204. 			if (!isset($_POST['rejected']))
  205. 			{
  206. 				switch($_GET['submode'])
  207. 				{
  208. 					case 'deletepost':
  209. 						$this->getModel('PostsModel')->deletePost($_GET['id']);
  210. 						$this->getView('MainView')->forum_message('Post deleted. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$p['topic_id']));
  211. 						break;
  212. 						
  213. 					case 'deletetopic':
  214. 						$this->getModel('PostsModel')->deleteTopic($_GET['id']);
  215. 						$this->getView('MainView')->forum_message('Topic deleted. Redirecting...', buildURL('index.php?mode=viewforum&amp;id='.$t['forum_id']));
  216. 						break;
  217. 						
  218. 					case 'locktopic':
  219. 						if ($t['topic_locked'] == false)
  220. 						{
  221. 							$this->getModel('PostsModel')->lockTopic($_GET['id']);
  222. 							$this->getView('MainView')->forum_message('Topic locked. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  223. 						}
  224. 						else
  225. 						{
  226. 							$this->getModel('PostsModel')->lockTopic($_GET['id'], false);
  227. 							$this->getView('MainView')->forum_message('Topic unlocked. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  228. 						}
  229. 						break;
  230. 						
  231. 					case 'sticktopic':
  232. 						if ($t['topic_sticky'] == false)
  233. 						{
  234. 							$this->getModel('PostsModel')->stickTopic($_GET['id']);
  235. 							$this->getView('MainView')->forum_message('Topic sticked. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  236. 						}
  237. 						else
  238. 						{
  239. 							$this->getModel('PostsModel')->stickTopic($_GET['id'], false);
  240. 							$this->getView('MainView')->forum_message('Topic unsticked. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  241. 						}
  242. 						break;
  243. 						
  244. 					case 'movetopic':
  245. 						if ($this->getModel('ForumsModel')->getForum($_POST['forum_id']) == null)
  246. 							$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  247. 						else
  248. 						{
  249. 							$this->getModel('PostsModel')->moveTopic($_GET['id'], $_POST['forum_id']);
  250. 							$this->getView('MainView')->forum_message('Topic moved. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  251. 						}
  252. 						
  253. 						break;
  254. 				}
  255. 				$lockv = true;
  256. 			}
  257. 			else
  258. 			{
  259. 				switch ($_GET['submode'])
  260. 				{
  261. 					case 'deletetopic':
  262. 					case 'locktopic':
  263. 					case 'sticktopic':
  264. 					case 'movetopic':
  265. 						$this->forward(buildURL('index.php?mode=viewtopic&id='.$_GET['id']));
  266. 						break;
  267. 					case 'deletepost':
  268. 						$this->forward(buildURL('index.php?mode=viewtopic&id='.$p['topic_id']));
  269. 				}
  270. 			}
  271. 		}
  272. 		
  273. 		if (!isset($lockv))
  274. 		switch($_GET['submode'])
  275. 		{
  276. 			case 'deletepost':
  277. 				$this->getView('MainView')->confirm_action('Do you really want delete post <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  278. 				break;
  279. 			case 'deletetopic':
  280. 				$this->getView('MainView')->confirm_action('Do you really want delete topic <span style="font-weight: bold">#'.$_GET['id'].'</span> with all posts? This operation cannot undone.');
  281. 				break;
  282. 				
  283. 			case 'locktopic':
  284. 				if ($t['topic_locked'] == false)
  285. 					$this->getView('MainView')->confirm_action('Do you want lock topic <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  286. 				else
  287. 					$this->getView('MainView')->confirm_action('Do you want unlock topic <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  288. 				break;
  289. 			case 'sticktopic':
  290. 				if ($t['topic_sticky'] == false)
  291. 					$this->getView('MainView')->confirm_action('Do you want stick topic <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  292. 				else
  293. 					$this->getView('MainView')->confirm_action('Do you want unstick topic <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  294. 				break;
  295. 			case 'movetopic':
  296. 				$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
  297. 				$this->getView('MainView')->move_topic();
  298. 				break;
  299. 		}
  300. 	}
  301. 	
  302. 	
  303. 	public function posting($type)
  304. 	{
  305. 		$this->loadDependencies();
  306. 		$this->loadModel('PostsModel');
  307. 		$this->loadModel('ForumsModel');
  308. 		
  309. 		$msg = '';
  310. 		get_clean('id', $this->db);
  311. 		
  312. 		if (!$this->getModel('SessionModel')->isLogged())
  313. 		{
  314. 			$this->getView('MainView')->forum_message('You are not logged.', buildURL('index.php?mode=login', true));
  315. 			$lockv = true;
  316. 		}
  317. 		
  318. 		//CHECKING IF TOPIC/FORUM EXISTS AND IS NOT LOCKED

  319. 		if (!isset($lockv))
  320. 		switch($type)
  321. 		{
  322. 			case POSTING_NEWTOPIC:	//checking if forum exists and is not locked

  323. 				$f = $this->getModel('ForumsModel')->getForum($_GET['id']);
  324. 		
  325. 				if ($f == null)
  326. 				{
  327. 					$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php'));
  328. 					$lockv = true;
  329. 				}
  330. 				else
  331. 					if ($f['locked'] == true)
  332. 					{
  333. 						$this->getView('MainView')->forum_message('Forum is locked', buildURL('index.php?mode=viewforum&amp;id='.$_GET['id']));
  334. 						$lockv = true;
  335. 					}
  336. 				break;
  337. 		
  338. 			case POSTING_REPLY:	//checking if topic exists

  339. 			case POSTING_QUOTE:
  340. 				$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
  341. 			
  342. 				if ($t == null)
  343. 				{
  344. 					$this->getView('MainView')->forum_message('Topic does not exist!', buildURL('index.php'));
  345. 					$lockv = true;
  346. 				}
  347. 				else
  348. 				{
  349. 					if ($t['forum_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  350. 					{
  351. 						$this->getView('MainView')->forum_message('Forum is locked', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  352. 						$lockv = true;
  353. 					}
  354. 					
  355. 					if ($t['topic_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  356. 					{
  357. 						$this->getView('MainView')->forum_message('Topic is locked', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  358. 						$lockv = true;
  359. 					}
  360. 					
  361. 					if ($type == POSTING_QUOTE)
  362. 					{
  363. 						get_clean('q', $this->db);
  364. 						$qp = $this->getModel('PostsModel')->getPost($_GET['q']);
  365. 						
  366. 						if ($qp == null)
  367. 						{
  368. 							$this->getView('MainView')->forum_message('Invalid quoted post', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  369. 							$lockv = true;
  370. 						}
  371. 						else
  372. 						{
  373. 							if ($qp['topic_id'] != $_GET['id'])
  374. 							{
  375. 								$this->getView('MainView')->forum_message('Invalid quoted post', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  376. 								$lockv = true;
  377. 							}
  378. 						}
  379. 					}
  380. 				}
  381. 				break;
  382. 				
  383. 			case POSTING_EDIT:
  384. 				$p = $this->getModel('PostsModel')->getPost($_GET['id']);
  385. 				
  386. 				if ($p == null)
  387. 				{
  388. 					$this->getView('MainView')->forum_message('Post does not exist!', buildURL('index.php'));
  389. 					$lockv = true;
  390. 				}
  391. 				else
  392. 				{
  393. 					$t = $this->getModel('PostsModel')->getTopic($p['topic_id']);
  394. 					if ($t['forum_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  395. 					{
  396. 						$this->getView('MainView')->forum_message('Forum is locked', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  397. 						$lockv = true;
  398. 					}
  399. 					if ($t['topic_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  400. 					{
  401. 						$this->getView('MainView')->forum_message('Topic is locked', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  402. 						$lockv = true;
  403. 					}
  404. 					
  405. 					$first = $this->getModel('PostsModel')->getFirstPost($t['topic_id']);
  406. 					
  407. 					if ($first['post_id'] == $_GET['id'])
  408. 						$type = POSTING_EDITTOPIC;
  409. 						
  410. 					if ($p['user_id'] != $this->getModel('SessionModel')->getID() && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  411. 					{
  412. 						$this->getView('MainView')->forum_message('You can edit only own posts', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  413. 						$lockv = true;
  414. 					}	
  415. 				}
  416. 				
  417. 				break;
  418. 		}
  419. 

  420. 		//posting a HTML form --------------------------------------------------------------------------------

  421. 		if (isset($_POST['post']) && !isset($_POST['preview']) && !isset($lockv))
  422. 		{
  423. 			post_clean('post', $this->db, array('spchars'));
  424. 			
  425. 			if ($type == POSTING_NEWTOPIC || $type == POSTING_EDITTOPIC) //walidacja tytułu tematu (add, edit)

  426. 			{
  427. 				post_clean('topic', $this->db, array('spchars'));
  428. 

  429. 				if (strlen($_POST['topic']) < 3)
  430. 					$msg .= 'Topic title is too short (min 3 characters)<br>';
  431. 			}
  432. 						
  433. 			if (strlen($_POST['post']) < 3)
  434. 				$msg .= 'Post content is too short (min 3 characters)<br>';
  435. 			
  436. 			if ($msg == null)
  437. 			{
  438. 				switch ($type)
  439. 				{
  440. 					case POSTING_NEWTOPIC: //akcje dodania nowego tematu

  441. 						
  442. 						$topic_id = $this->getModel('PostsModel')->addTopic($_POST['topic'], $_POST['post'], $_GET['id'], $this->getModel('SessionModel')->getID());
  443. 						if ($topic_id != null)
  444. 						{
  445. 							$this->getView('MainView')->forum_message('Topic created, Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$topic_id));
  446. 							$lockv = true; 
  447. 						}	
  448. 						else
  449. 							$msg .= 'Something went wrong, try again.';
  450. 						break;
  451. 					case POSTING_EDITTOPIC:
  452. 					case POSTING_EDIT:
  453. 						$this->getModel('PostsModel')->changePost($_GET['id'], $_POST['post']);
  454. 						
  455. 						if ($type == POSTING_EDITTOPIC)
  456. 							$this->getModel('PostsModel')->changeTopic($t['topic_id'], $_POST['topic']);
  457. 						
  458. 						$this->getView('MainView')->forum_message('Post edited. Redirecting to topic...', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  459. 						$lockv = true;
  460. 						break;	
  461. 					
  462. 					case POSTING_QUOTE:
  463. 					case POSTING_REPLY:
  464. 						$this->getModel('PostsModel')->addPost($_GET['id'], $this->getModel('SessionModel')->getID(), $_POST['post']);
  465. 						
  466. 						$this->getView('MainView')->forum_message('Reply saved. Redirecting to topic...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  467. 						$lockv = true;
  468. 						break;
  469. 				}				
  470. 			}
  471. 		}
  472. 		
  473. 		if (!isset($lockv))
  474. 		{
  475. 			switch ($type)
  476. 			{
  477. 				case POSTING_NEWTOPIC:
  478. 				case POSTING_REPLY:
  479. 					post_default('post', '');
  480. 					break;
  481. 				case POSTING_EDITTOPIC:
  482. 					post_default('post', $p['content']);
  483. 					post_default('topic', $t['topic_title']);
  484. 					break;
  485. 				case POSTING_EDIT:
  486. 					post_default('post', $p['content']);
  487. 					break;
  488. 					
  489. 				case POSTING_QUOTE:
  490. 					$quote = ($qp['nick'] != null) ? '='.$qp['nick'] : '';
  491. 					post_default('post', '[quote'.$quote.']'.$qp['content'].'[/quote]');
  492. 					break;	
  493. 			}
  494. 			if ($type == POSTING_NEWTOPIC)
  495. 				post_default('topic', '');
  496. 			
  497. 			$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
  498. 			$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
  499. 			
  500. 			$this->getView('MainView')->posting_form($type, $msg);
  501. 		}
  502. 	}
  503. 	
  504. 	public function myprofile()
  505. 	{
  506. 		$this->loadDependencies();
  507. 		if (!$this->getModel('SessionModel')->isLogged())
  508. 			$this->forward('index.php');
  509. 		else
  510. 			$this->forward(buildURL('index.php?mode=viewprofile&id='.$this->getModel('SessionModel')->getID()));
  511. 	}
  512. 	
  513. 	public function viewprofile()
  514. 	{
  515. 		$this->loadDependencies();
  516. 		
  517. 		$this->loadModel('UsersModel');
  518. 		$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
  519. 		
  520. 		get_clean('id', $this->db);
  521. 		
  522. 		if ($this->getModel('UsersModel')->getUserInformation($_GET['id']) == null)
  523. 			$this->getView('MainView')->forum_message('User does not exist!', buildURL('index.php')); 
  524. 		else
  525. 		{
  526. 			$this->getView('MainView')->viewprofile();
  527. 		}
  528. 	}
  529. 	
  530. 	public function editprofile()
  531. 	{
  532. 		$this->loadDependencies();
  533. 		$this->loadModel('UsersModel');
  534. 		$user_info = $this->getModel('UsersModel')->getUserInformation($this->getModel('SessionModel')->getID(), true);
  535. 		
  536. 		if (!$this->getModel('SessionModel')->isLogged())
  537. 		{
  538. 			$this->getView('MainView')->forum_message('You are not logged.', buildURL('index.php?mode=login', true));
  539. 		}
  540. 		else
  541. 		{
  542. 			$msg = '';
  543. 			if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email']))
  544. 			{
  545. 				//secure pools

  546. 				post_clean('nick', $this->db, array('spchars'));
  547. 				post_clean('passwd_old', $this->db, array());
  548. 				post_clean('passwd', $this->db, array());
  549. 				post_clean('passwd_confirm', $this->db, array());
  550. 				post_clean('email', $this->db);
  551. 				post_clean('location', $this->db, array('spchars'));
  552. 				post_clean('signature', $this->db, array('spchars'));
  553. 		
  554. 				if ($_POST['email'] != $user_info['email'] || $_POST['passwd'] != '')
  555. 				{
  556. 					if ($this->getModel('UsersModel')->generatePasswordHash($user_info['nick'], $_POST['passwd_old']) != $user_info['password'])
  557. 						$msg .= 'Old password is incorrect!<br>';
  558. 				}
  559. 				if ($_POST['passwd'] != '')
  560. 				{
  561. 					if (strlen($_POST['passwd']) < 8)
  562. 						$msg .= 'Password is too short (min 8 characters)<br>';	
  563. 						
  564. 					if ($_POST['passwd'] != $_POST['passwd_confirm'])
  565. 						$msg .= 'Password do not match!<br>';
  566. 				}
  567. 				
  568. 				//check if avatar is uploaded

  569. 				if ($_FILES['avatar']['tmp_name'] != null)
  570. 				{
  571. 					global $allowed_avatars;
  572. 					$image_size = @getimagesize($_FILES['avatar']['tmp_name']);
  573. 

  574. 					if ($image_size == null)
  575. 						$msg .= 'Type of uploaded file are not allowed.<br>';
  576. 					else
  577. 						if (!in_array($image_size['mime'], $allowed_avatars))
  578. 							$msg .= 'Type of uploaded avatar is not supported.<br>';
  579. 						else
  580. 							if ($image_size[0] > 120 || $image_size[1] > 150)
  581. 								$msg .= 'Uploaded avatar is too big (maximum 120x150 px).<br>';
  582. 				}
  583. 				
  584. 				if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
  585. 					$msg .= 'Email is incorrect<br>';
  586. 				
  587. 				if ($msg == '')
  588. 				{
  589. 					if ($_FILES['avatar']['tmp_name'] != null && !isset($_POST['delete_avatar'])) //change an avatar

  590. 					{
  591. 						if ($user_info['avatar'] != '')
  592. 							unlink('./'.$user_info['avatar']);
  593. 							
  594. 						$ext = pathinfo($_FILES['avatar']['name'], PATHINFO_EXTENSION);
  595. 						$av = 'images/avatars/'.$this->getModel('SessionModel')->getID().'.'.$ext;
  596. 						move_uploaded_file($_FILES['avatar']['tmp_name'], './'.$av); 
  597. 					}
  598. 					else
  599. 						if (isset($_POST['delete_avatar']))
  600. 						{
  601. 							unlink('./'.$user_info['avatar']);
  602. 							$av = '';
  603. 						}
  604. 						else
  605. 							$av = $user_info['avatar']; //if new avatar is not set

  606. 					
  607. 					if ($_POST['passwd'] != '')
  608. 						$this->getModel('UsersModel')->changeUserPassword($this->getModel('SessionModel')->getID(), $user_info['nick'], $_POST['passwd']);
  609. 					
  610. 					$this->getModel('UsersModel')->updateUserProfile($this->getModel('SessionModel')->getID(), '', $_POST['email'], $_POST['location'], $_POST['signature'], $av);
  611. 					$this->getView('MainView')->forum_message('Your profile has changed.', buildURL('index.php?mode=viewprofile&amp;id='.$this->getModel('SessionModel')->getID()));
  612. 					$lockv = true;
  613. 

  614. 				}
  615. 			}			
  616. 			
  617. 			post_default('nick', $user_info['nick']);
  618. 			post_default('email', $user_info['email']);
  619. 			post_default('location', $user_info['location']);
  620. 			post_default('signature', $user_info['signature']);
  621. 	
  622. 			$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
  623. 		
  624. 			if (!isset($lockv))
  625. 				$this->getView('MainView')->edprofile_form($msg);
  626. 		}
  627. 	}
  628. 	
  629. 	public function logout()
  630. 	{
  631. 		$this->loadDependencies();
  632. 	
  633. 		if (!$this->getModel('SessionModel')->isLogged())
  634. 			$this->forward('index.php');
  635. 			
  636. 		$this->getModel('SessionModel')->deleteSession();
  637. 		
  638. 		$this->getView('MainView')->forum_message('You are logged out.', buildURL('index.php'));
  639. 	}
  640. 	
  641. 	public function login()
  642. 	{
  643. 		$this->loadDependencies();
  644. 		$this->loadModel('BansModel');
  645. 		$this->loadModel('UsersModel');
  646. 		
  647. 		if ($this->getModel('SessionModel')->isLogged())
  648. 			$this->forward(buildURL('index.php'));
  649. 		
  650. 		$msg = '';
  651. 		if (isset($_POST['nick'], $_POST['passwd']))
  652. 		{
  653. 			//secure pools

  654. 			post_clean('nick', $this->db);
  655. 			$_POST['passwd'] = $this->getModel('UsersModel')->generatePasswordHash($_POST['nick'], trim($this->db->real_escape_string($_POST['passwd'])));
  656. 			
  657. 			$userinfo = $this->getModel('SessionModel')->tryGetUser($_POST['nick'], $_POST['passwd']);
  658. 			
  659. 			if (count($userinfo) == 0)
  660. 				$msg = 'Invalid username or password.';
  661. 				
  662. 			if ($msg == '')
  663. 			{
  664. 				$ban_info = $this->getModel('BansModel')->getUserBan($userinfo['user_id']);
  665. 				
  666. 				if ($ban_info == null)
  667. 				{
  668. 					$this->getModel('SessionModel')->registerNewSession($userinfo['user_id']);
  669. 					$this->getView('MainView')->forum_message('You are logged as: <span style="font-weight: bold">'.$userinfo['nick'].'</span>', buildURL('index.php'));
  670. 				}
  671. 				else
  672. 				{
  673. 					$reason = ($ban_info['reason'] != '') ? '<br>Reason: <span style="font-style: italic">'.$ban_info['reason'].'</span>' : '';
  674. 					$this->getView('MainView')->forum_message('You are banned!'.$reason);
  675. 				}
  676. 				$lockv = true;
  677. 			}
  678. 		}
  679. 		
  680. 		post_default('nick', '');
  681. 		if (!isset($lockv))
  682. 			$this->getView('MainView')->login_form($msg);
  683. 	}
  684. 	
  685. 	public function register()
  686. 	{
  687. 		$this->loadDependencies();
  688. 		$this->loadModel('UsersModel');
  689. 		
  690. 		if ($this->getModel('SessionModel')->isLogged())
  691. 			$this->forward('index.php');
  692. 		
  693. 		$msg = '';
  694. 		if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email']))
  695. 		{
  696. 			//secure pools

  697. 			post_clean('nick', $this->db);
  698. 			post_clean('passwd', $this->db, array());
  699. 			post_clean('passwd_confirm', $this->db, array());
  700. 			post_clean('email', $this->db);
  701. 			
  702. 			if (strlen($_POST['nick']) < 3)
  703. 				$msg .= 'Nick is too short (min 3 characters)<br>';
  704. 				
  705. 			if (strlen($_POST['passwd']) < 8)
  706. 				$msg .= 'Password is too short (min 8 characters)<br>';
  707. 				
  708. 			if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
  709. 				$msg .= 'Email is incorrect<br>';
  710. 			
  711. 			if ($this->getModel('UsersModel')->nickExists($_POST['nick']) == true)
  712. 				$msg .= 'Nick is in use. Type another one.<br>';
  713. 			
  714. 			if ($_POST['passwd'] != $_POST['passwd_confirm'])
  715. 				$msg .= 'Password do not match';
  716. 				
  717. 			if ($msg == '')
  718. 			{
  719. 				$this->getModel('UsersModel')->createNewUser($_POST['nick'], $_POST['passwd'], $_POST['email']);
  720. 				$this->getView('MainView')->forum_message('Your account has created. Log in to write new posts.', buildURL('index.php'), 3);
  721. 				$lockv = true;
  722. 			}
  723. 		}
  724. 		
  725. 		post_default('nick', '');
  726. 		post_default('email', '');
  727. 		if (!isset($lockv))
  728. 			$this->getView('MainView')->register_form($msg);
  729. 	}
  730. 	
  731. 	public function checknick()
  732. 	{
  733. 		$this->loadModel('UsersModel');
  734. 		if (!isset($_GET['nick']))
  735. 			$_GET['nick'] = '';
  736. 			
  737. 		$_GET['nick'] = trim($this->db->real_escape_string(strip_tags($_GET['nick'])));
  738. 		
  739. 		if ($this->getModel('UsersModel')->nickExists($_GET['nick']) == true)
  740. 			echo 'true';
  741. 		else
  742. 			echo 'false';
  743. 	}
  744. }
  745. ?>