pioder
/
uf2
1
0
Fork 0
Code Releases 0 Activity
A new, object-oriented, better vesion of μForum
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
392 KiB
Tree: 79034dd314
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '79034dd314'
${ noResults }
uf2/inc/controllers/MainController.class.php

723 lines
23 KiB
Raw Normal View History

initial commit with snapshot 20140213
10 years ago
 
  1. <?php
  2. 

  3. require ('./inc/controller.class.php');
  4. 

  5. class MainController extends Controller
  6. {
  7. 

  8. 	public function loadDefault()
  9. 	{
  10. 		$this->main();
  11. 	}
  12. 	
  13. 	private function loadDependencies() // zależności (sesje itp)

  14. 	{
  15. 		$this->loadModel('SessionModel'); //aktywacja sesji

  16. 		$this->loadModel('ConfigModel'); //konfiguracja ogólna skryptu

  17. 		$this->loadView('MainView');
  18. 		$this->getView('MainView')->putExistingModel('SessionModel', $this->getModel('SessionModel'));
  19. 		$this->getView('MainView')->putExistingModel('ConfigModel', $this->getModel('ConfigModel'));
  20. 	} 
  21. 		
  22. 	public function main()
  23. 	{
  24. 		$this->loadDependencies();
  25. 		
  26. 		$this->getView('MainView')->main();
  27. 	}
  28. 	
  29. 	public function viewforum()
  30. 	{
  31. 		$this->loadDependencies();
  32. 		
  33. 		$this->loadModel('ForumsModel');
  34. 		
  35. 		$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  36. 		
  37. 		$f = $this->getModel('ForumsModel')->getForum($_GET['id']);
  38. 		
  39. 		if ($f == null)
  40. 			$this->getView('MainView')->forum_message('Forum does not exist!', 'index.php');
  41. 		else
  42. 		{
  43. 			$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
  44. 			$this->getView('MainView')->viewforum();
  45. 		}
  46. 	}
  47. 	
  48. 	public function userlist()
  49. 	{
  50. 		$this->loadDependencies();
  51. 		
  52. 		if (isset($_GET['rank']))
  53. 		{
  54. 			switch ($_GET['rank'])
  55. 			{
  56. 				case 'admin':
  57. 					$_GET['rank'] = RANK_ADMIN;
  58. 					break;
  59. 				case 'mod':
  60. 					$_GET['rank'] = RANK_MOD;
  61. 					break;
  62. 				case 'user':
  63. 					$_GET['rank'] = RANK_USER;
  64. 					break;
  65. 				default:
  66. 					$_GET['rank'] = '';
  67. 					break;
  68. 			}
  69. 		}
  70. 		else
  71. 			$_GET['rank'] = '';	
  72. 				
  73. 		$_POST['sort_type'] = (isset($_POST['sort_type'])) ? $this->db->real_escape_string($_POST['sort_type']) : 'regdate';
  74. 		$allowed_sorting = array('regdate', 'lastvisit', 'nick', 'post_count');
  75. 		if (!in_array($_POST['sort_type'], $allowed_sorting))
  76. 			$_POST['sort_type'] = '';
  77. 		$_POST['sort_desc'] = (isset($_POST['sort_desc'])) ? 'DESC' : 'ASC';
  78. 		
  79. 		$this->getView('MainView')->userlist();
  80. 		
  81. 	}
  82. 	
  83. 	public function viewtopic()
  84. 	{
  85. 		$this->loadDependencies();
  86. 		
  87. 		$this->loadModel('PostsModel');
  88. 		
  89. 		$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  90. 		
  91. 		$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
  92. 		
  93. 		if ($t == null)
  94. 			$this->getView('MainView')->forum_message('Topic does not exist!', 'index.php'); 
  95. 		else
  96. 		{
  97. 			$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
  98. 			$this->getView('MainView')->viewtopic();
  99. 		}
  100. 	}
  101. 	
  102. 	public function newtopic()
  103. 	{
  104. 		$this->posting(POSTING_NEWTOPIC);
  105. 	}
  106. 	
  107. 	public function reply()
  108. 	{
  109. 		$this->posting(POSTING_REPLY);
  110. 	}
  111. 	
  112. 	public function editpost()
  113. 	{
  114. 		$this->posting(POSTING_EDIT);
  115. 	}
  116. 	
  117. 	public function quote()
  118. 	{
  119. 		$this->posting(POSTING_QUOTE);
  120. 	}
  121. 	
  122. 	public function moderate()
  123. 	{
  124. 		$this->loadDependencies();
  125. 		$this->loadModel('PostsModel');
  126. 		$this->loadModel('ForumsModel');
  127. 		
  128. 		$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  129. 		$_GET['submode'] = (isset($_GET['submode'])) ? trim(strip_tags($this->db->real_escape_string($_GET['submode']))) : 0;
  130. 		
  131. 		if (!$this->getModel('SessionModel')->isLogged())
  132. 		{
  133. 			$this->getView('MainView')->forum_message('You are not logged.', 'index.php?mode=login');
  134. 			$lockv = true;
  135. 		}
  136. 		
  137. 		if ($this->getModel('SessionModel')->getRank() == RANK_USER && !isset($lockv))
  138. 		{
  139. 			$this->getView('MainView')->forum_message('Only mods have access to this menu', 'index.php');
  140. 			$lockv = true;
  141. 		}
  142. 		
  143. 		//sprawdź czy wątek/post istnieje

  144. 		
  145. 		if (!isset($lockv))
  146. 		switch($_GET['submode'])
  147. 		{
  148. 			case 'deletetopic':
  149. 			case 'locktopic':
  150. 			case 'movetopic':
  151. 				$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
  152. 				
  153. 				if ($t == null)
  154. 				{
  155. 					$this->getView('MainView')->forum_message('Topic does not exist!', 'index.php');
  156. 					$lockv = true;
  157. 				}	
  158. 				break;
  159. 				
  160. 			case 'deletepost':
  161. 				$p = $this->getModel('PostsModel')->getPost($_GET['id']);
  162. 				if ($p == null)
  163. 				{
  164. 					$this->getView('MainView')->forum_message('Post does not exist!', 'index.php');
  165. 					$lockv = true;
  166. 				}
  167. 				else
  168. 				{
  169. 					$t = $this->getModel('PostsModel')->getTopic($p['topic_id']);
  170. 					
  171. 					if ($t['post_count'] == 1)
  172. 					{
  173. 						$this->getView('MainView')->forum_message('If topic has only one post, use <span style="font-weight: bold">delete topic</span> option.', 'index.php?mode=viewtopic&amp;id='.$p['topic_id'], 3);
  174. 						$lockv = true;
  175. 					}
  176. 				}
  177. 				
  178. 				break;
  179. 			
  180. 			default:
  181. 				$this->getView('MainView')->forum_message('Invalid mode', 'index.php');
  182. 				$lockv = true;
  183. 				break;
  184. 		}
  185. 		
  186. 		//wysyłanie formularza

  187. 		if (isset($_POST['confirmed']) && !isset($lockv))
  188. 		{
  189. 			if (!isset($_POST['rejected']))
  190. 			{
  191. 				switch($_GET['submode'])
  192. 				{
  193. 					case 'deletepost':
  194. 						$this->getModel('PostsModel')->deletePost($_GET['id']);
  195. 						$this->getView('MainView')->forum_message('Post deleted. Redirecting...', 'index.php?mode=viewtopic&amp;id='.$p['topic_id']);
  196. 						$lockv = true;
  197. 						break;
  198. 						
  199. 					case 'deletetopic':
  200. 						$this->getModel('PostsModel')->deleteTopic($_GET['id']);
  201. 						$this->getView('MainView')->forum_message('Topic deleted. Redirecting...', 'index.php?mode=viewforum&amp;id='.$t['forum_id']);
  202. 						$lockv = true;
  203. 						break;
  204. 						
  205. 					case 'locktopic':
  206. 						if ($t['topic_locked'] == false)
  207. 						{
  208. 							$this->getModel('PostsModel')->lockTopic($_GET['id']);
  209. 							$this->getView('MainView')->forum_message('Topic locked. Redirecting...', 'index.php?mode=viewtopic&amp;id='.$_GET['id']);
  210. 						}
  211. 						else
  212. 						{
  213. 							$this->getModel('PostsModel')->lockTopic($_GET['id'], false);
  214. 							$this->getView('MainView')->forum_message('Topic unlocked. Redirecting...', 'index.php?mode=viewtopic&amp;id='.$_GET['id']);
  215. 						}
  216. 						$lockv = true;
  217. 						break;
  218. 					case 'movetopic':
  219. 						if ($this->getModel('ForumsModel')->getForum($_POST['forum_id']) == null)
  220. 							$this->getView('MainView')->forum_message('Forum does not exist!', 'index.php?mode=viewtopic&amp;id='.$_GET['id']);
  221. 						else
  222. 						{
  223. 							$this->getModel('PostsModel')->moveTopic($_GET['id'], $_POST['forum_id']);
  224. 							$this->getView('MainView')->forum_message('Topic moved. Redirecting...', 'index.php?mode=viewtopic&amp;id='.$_GET['id']);
  225. 						}
  226. 						$lockv = true;
  227. 						break;
  228. 						
  229. 				}
  230. 			}
  231. 			else
  232. 			{
  233. 				switch ($_GET['submode'])
  234. 				{
  235. 					case 'deletetopic':
  236. 					case 'locktopic':
  237. 					case 'movetopic':
  238. 						$this->forward('index.php?mode=viewtopic&id='.$_GET['id']);
  239. 						break;
  240. 					case 'deletepost':
  241. 						$this->forward('index.php?mode=viewtopic&id='.$p['topic_id']);
  242. 				}
  243. 			}
  244. 		}
  245. 		
  246. 		if (!isset($lockv))
  247. 		switch($_GET['submode'])
  248. 		{
  249. 			case 'deletepost':
  250. 				$this->getView('MainView')->confirm_action('Do you really want delete post <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  251. 				break;
  252. 			case 'deletetopic':
  253. 				$this->getView('MainView')->confirm_action('Do you really want delete topic <span style="font-weight: bold">#'.$_GET['id'].'</span> with all posts? This operation cannot undone.');
  254. 				break;
  255. 				
  256. 			case 'locktopic':
  257. 				if ($t['topic_locked'] == false)
  258. 					$this->getView('MainView')->confirm_action('Do you want lock topic <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  259. 				else
  260. 					$this->getView('MainView')->confirm_action('Do you want unlock topic <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  261. 				break;
  262. 			case 'movetopic':
  263. 				$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
  264. 				$this->getView('MainView')->move_topic();
  265. 				break;
  266. 		}
  267. 	}
  268. 	
  269. 	
  270. 	public function posting($type)
  271. 	{
  272. 		$this->loadDependencies();
  273. 		$msg = '';
  274. 		
  275. 		$this->loadModel('PostsModel');
  276. 		$this->loadModel('ForumsModel');
  277. 	
  278. 		$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  279. 		
  280. 		if (!$this->getModel('SessionModel')->isLogged())
  281. 		{
  282. 			$this->getView('MainView')->forum_message('You are not logged.', 'index.php?mode=login');
  283. 			$lockv = true;
  284. 		}
  285. 		
  286. 		//SPRAWDZANIE CZY TEMAT/FORUM ISTNIEJE I CZY NIE ZABLOKOWANE

  287. 		if (!isset($lockv))
  288. 		switch($type)
  289. 		{
  290. 			case POSTING_NEWTOPIC:	//sprawdzenie czy forum istnieje i czy nie zablokowane

  291. 				$f = $this->getModel('ForumsModel')->getForum($_GET['id']);
  292. 		
  293. 				if ($f == null)
  294. 				{
  295. 					$this->getView('MainView')->forum_message('Forum does not exist!', 'index.php');
  296. 					$lockv = true;
  297. 				}
  298. 				else
  299. 					if ($f['locked'] == true)
  300. 					{
  301. 						$this->getView('MainView')->forum_message('Forum is locked', 'index.php?mode=viewforum&amp;id='.$_GET['id']);
  302. 						$lockv = true;
  303. 					}
  304. 				break;
  305. 		
  306. 			case POSTING_REPLY:	//sprawdzenie czy temat istnieje

  307. 			case POSTING_QUOTE:
  308. 				$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
  309. 			
  310. 				if ($t == null)
  311. 				{
  312. 					$this->getView('MainView')->forum_message('Topic does not exist!', 'index.php');
  313. 					$lockv = true;
  314. 				}
  315. 				else
  316. 				{
  317. 					if ($t['forum_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  318. 					{
  319. 						$this->getView('MainView')->forum_message('Forum is locked', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
  320. 						$lockv = true;
  321. 					}
  322. 					
  323. 					if ($t['topic_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  324. 					{
  325. 						$this->getView('MainView')->forum_message('Topic is locked', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
  326. 						$lockv = true;
  327. 					}
  328. 					
  329. 					if ($type == POSTING_QUOTE)
  330. 					{
  331. 						$_GET['q'] = (isset($_GET['q'])) ? trim(strip_tags($this->db->real_escape_string($_GET['q']))) : 0;
  332. 						$qp = $this->getModel('PostsModel')->getPost($_GET['q']);
  333. 						
  334. 						if ($qp == null)
  335. 						{
  336. 							$this->getView('MainView')->forum_message('Invalid quoted post', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
  337. 							$lockv = true;
  338. 						}
  339. 						else
  340. 						{
  341. 							if ($qp['topic_id'] != $_GET['id'])
  342. 							{
  343. 								$this->getView('MainView')->forum_message('Invalid quoted post', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
  344. 								$lockv = true;
  345. 							}
  346. 						}
  347. 					}
  348. 				}
  349. 				break;
  350. 				
  351. 			case POSTING_EDIT:
  352. 				$p = $this->getModel('PostsModel')->getPost($_GET['id']);
  353. 				
  354. 				if ($p == null)
  355. 				{
  356. 					$this->getView('MainView')->forum_message('Post does not exist!', 'index.php');
  357. 					$lockv = true;
  358. 				}
  359. 				else
  360. 				{
  361. 					$t = $this->getModel('PostsModel')->getTopic($p['topic_id']);
  362. 					if ($t['forum_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  363. 					{
  364. 						$this->getView('MainView')->forum_message('Forum is locked', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
  365. 						$lockv = true;
  366. 					}
  367. 					if ($t['topic_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  368. 					{
  369. 						$this->getView('MainView')->forum_message('Topic is locked', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
  370. 						$lockv = true;
  371. 					}
  372. 					
  373. 					//sprawdzić czy edycja tematu

  374. 					// i ustawić opdowiednie parametry $type = POSTING_EDITTOPIC

  375. 					$first = $this->getModel('PostsModel')->getFirstPost($t['topic_id']);
  376. 					
  377. 					if ($first['post_id'] == $_GET['id'])
  378. 						$type = POSTING_EDITTOPIC;
  379. 						
  380. 					if ($p['user_id'] != $this->getModel('SessionModel')->getID() && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  381. 					{
  382. 						$this->getView('MainView')->forum_message('You can edit only own posts', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
  383. 						$lockv = true;
  384. 					}	
  385. 				}
  386. 				
  387. 				break;
  388. 		}
  389. 

  390. 		//przesłanie formularza --------------------------------------------------------------------------------

  391. 		if (isset($_POST['post']) && !isset($_POST['preview']) && !isset($lockv))
  392. 		{
  393. 			$_POST['post'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['post'])));
  394. 			
  395. 			if ($type == POSTING_NEWTOPIC || $type == POSTING_EDITTOPIC) //walidacja tytułu tematu (add, edit)

  396. 			{
  397. 				$_POST['topic'] = trim(strip_tags($this->db->real_escape_string($_POST['topic'])));
  398. 

  399. 				if (strlen($_POST['topic']) < 3)
  400. 					$msg .= 'Topic title is too short (min 3 characters)<br>';
  401. 			}
  402. 						
  403. 			if (strlen($_POST['post']) < 3)
  404. 				$msg .= 'Post content is too short (min 3 characters)<br>';
  405. 			
  406. 			if ($msg == null)
  407. 			{
  408. 				switch ($type)
  409. 				{
  410. 					case POSTING_NEWTOPIC: //akcje dodania nowego tematu

  411. 						
  412. 						$topic_id = $this->getModel('PostsModel')->addTopic($_POST['topic'], $_POST['post'], $_GET['id'], $this->getModel('SessionModel')->getID());
  413. 						if ($topic_id != null)
  414. 						{
  415. 							$this->getView('MainView')->forum_message('Topic created, Redirecting...', 'index.php?mode=viewtopic&amp;id='.$topic_id);
  416. 							$lockv = true; 
  417. 						}	
  418. 						else
  419. 							$msg .= 'Something went wrong, try again.';
  420. 						break;
  421. 					case POSTING_EDITTOPIC:
  422. 					case POSTING_EDIT:
  423. 						$this->getModel('PostsModel')->changePost($_GET['id'], $_POST['post']);
  424. 						
  425. 						if ($type == POSTING_EDITTOPIC)
  426. 							$this->getModel('PostsModel')->changeTopic($t['topic_id'], $_POST['topic']);
  427. 						
  428. 						$this->getView('MainView')->forum_message('Post edited. Redirecting to topic...', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
  429. 						$lockv = true;
  430. 						break;	
  431. 					
  432. 					case POSTING_QUOTE:
  433. 					case POSTING_REPLY:
  434. 						$this->getModel('PostsModel')->addPost($_GET['id'], $this->getModel('SessionModel')->getID(), $_POST['post']);
  435. 						
  436. 						$this->getView('MainView')->forum_message('Reply saved. Redirecting to topic...', 'index.php?mode=viewtopic&amp;id='.$_GET['id']);
  437. 						$lockv = true;
  438. 						break;
  439. 				}				
  440. 			}
  441. 		}
  442. 		
  443. 		if (!isset($lockv))
  444. 		{
  445. 			switch ($type)
  446. 			{
  447. 				case POSTING_NEWTOPIC:
  448. 				case POSTING_REPLY:
  449. 					$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : '';
  450. 					break;
  451. 				case POSTING_EDITTOPIC:
  452. 					$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : $p['content'];
  453. 					$_POST['topic'] = (isset($_POST['topic'])) ? $_POST['topic'] : $t['topic_title'];
  454. 					break;
  455. 				case POSTING_EDIT:
  456. 					$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : $p['content'];
  457. 					break;
  458. 					
  459. 				case POSTING_QUOTE:
  460. 					$quote = ($qp['nick'] != null) ? '='.$qp['nick'] : '';
  461. 					$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : '[quote'.$quote.']'.$qp['content'].'[/quote]';
  462. 					break;
  463. 				
  464. 			}
  465. 			if ($type == POSTING_NEWTOPIC)
  466. 				$_POST['topic'] = (isset($_POST['topic'])) ? $_POST['topic'] : ''; //tylko edycja/tworzenie tematu

  467. 			
  468. 			$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
  469. 			$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
  470. 			
  471. 			$this->getView('MainView')->posting_form($type, $msg);
  472. 		}
  473. 	}
  474. 	
  475. 	public function myprofile()
  476. 	{
  477. 		$this->loadDependencies();
  478. 		if (!$this->getModel('SessionModel')->isLogged())
  479. 			$this->forward('index.php');
  480. 		else
  481. 			$this->forward('index.php?mode=viewprofile&id='.$this->getModel('SessionModel')->getID());
  482. 	}
  483. 	
  484. 	public function viewprofile()
  485. 	{
  486. 		$this->loadDependencies();
  487. 		
  488. 		$this->loadModel('UsersModel');
  489. 		$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
  490. 		
  491. 		$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  492. 		
  493. 		if ($this->getModel('UsersModel')->getUserInformation($_GET['id']) == null)
  494. 			$this->getView('MainView')->forum_message('User does not exist!', 'index.php'); 
  495. 		else
  496. 		{
  497. 			//$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));

  498. 			$this->getView('MainView')->viewprofile();
  499. 		}
  500. 	}
  501. 	
  502. 	public function editprofile()
  503. 	{
  504. 		$this->loadDependencies();
  505. 		$this->loadModel('UsersModel');
  506. 		$user_info = $this->getModel('UsersModel')->getUserInformation($this->getModel('SessionModel')->getID(), true);
  507. 		
  508. 		if (!$this->getModel('SessionModel')->isLogged())
  509. 		{
  510. 			$this->getView('MainView')->forum_message('You are not logged.', 'index.php?mode=login');
  511. 		}
  512. 		else
  513. 		{
  514. 			$msg = '';
  515. 			if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email']))
  516. 			{
  517. 				//secure pools

  518. 				$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
  519. 				$_POST['passwd_old'] = trim(strip_tags($_POST['passwd_old']));
  520. 				$_POST['passwd'] = trim(strip_tags($_POST['passwd']));
  521. 				$_POST['passwd_confirm'] = trim(strip_tags($_POST['passwd_confirm']));
  522. 				$_POST['email'] = trim(strip_tags($this->db->real_escape_string($_POST['email'])));
  523. 				$_POST['location'] = trim(strip_tags($this->db->real_escape_string($_POST['location'])));
  524. 				$_POST['signature'] = trim(strip_tags($this->db->real_escape_string($_POST['signature'])));
  525. 		
  526. 				if ($_POST['email'] != $user_info['email'] || $_POST['passwd'] != '')
  527. 				{
  528. 					if (sha1($_POST['passwd_old']) != $user_info['password'])
  529. 						$msg .= 'Old password is incorrect!<br>';
  530. 				}
  531. 				if ($_POST['passwd'] != '')
  532. 				{
  533. 					if (strlen($_POST['passwd']) < 8)
  534. 						$msg .= 'Password is too short (min 8 characters)<br>';	
  535. 						
  536. 					if ($_POST['passwd'] != $_POST['passwd_confirm'])
  537. 						$msg .= 'Password do not match!<br>';
  538. 				}
  539. 				
  540. 				//check if avatar is uploaded

  541. 				if ($_FILES['avatar']['tmp_name'] != null)
  542. 				{
  543. 					global $allowed_avatars;
  544. 					$image_size = @getimagesize($_FILES['avatar']['tmp_name']);
  545. 

  546. 					if ($image_size == null)
  547. 						$msg .= 'Type of uploaded file are not allowed.<br>';
  548. 					else
  549. 						if (!in_array($image_size['mime'], $allowed_avatars))
  550. 							$msg .= 'Type of uploaded avatar is not supported.<br>';
  551. 						else
  552. 							if ($image_size[0] > 120 || $image_size[1] > 150)
  553. 								$msg .= 'Uploaded avatar is too big (maximum 120x150 px).<br>';
  554. 				}
  555. 				
  556. 				if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
  557. 					$msg .= 'Email is incorrect<br>';
  558. 				
  559. 				if ($msg == '')
  560. 				{
  561. 					if ($_FILES['avatar']['tmp_name'] != null && !isset($_POST['delete_avatar'])) //change an avatar

  562. 					{
  563. 						if ($user_info['avatar'] != '')
  564. 							unlink('./'.$user_info['avatar']);
  565. 							
  566. 						$ext = pathinfo($_FILES['avatar']['name'], PATHINFO_EXTENSION);
  567. 						$av = 'images/avatars/'.$this->getModel('SessionModel')->getID().'.'.$ext;
  568. 						move_uploaded_file($_FILES['avatar']['tmp_name'], './'.$av); 
  569. 					}
  570. 					else
  571. 						if (isset($_POST['delete_avatar']))
  572. 						{
  573. 							unlink('./'.$user_info['avatar']);
  574. 							$av = '';
  575. 						}
  576. 						else
  577. 							$av = $user_info['avatar']; //if new avatar is not set

  578. 					
  579. 					if ($_POST['passwd'] != '')
  580. 						$this->getModel('UsersModel')->changeUserPassword($this->getModel('SessionModel')->getID(), sha1($_POST['passwd']));
  581. 					
  582. 					$this->getModel('UsersModel')->updateUserProfile($this->getModel('SessionModel')->getID(), '', $_POST['email'], $_POST['location'], $_POST['signature'], $av);
  583. 					$this->getView('MainView')->forum_message('Your profile has changed.', 'index.php?mode=viewprofile&amp;id='.$this->getModel('SessionModel')->getID());
  584. 					$lockv = true;
  585. 

  586. 				}
  587. 			}			
  588. 			
  589. 			$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : $user_info['nick'];
  590. 			$_POST['email'] = (isset($_POST['email'])) ? $_POST['email'] : $user_info['email'];
  591. 			$_POST['location'] = (isset($_POST['location'])) ? $_POST['location'] : $user_info['location'];
  592. 			$_POST['signature'] = (isset($_POST['signature'])) ? $_POST['signature'] : $user_info['signature'];
  593. 	
  594. 			$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
  595. 		
  596. 			if (!isset($lockv))
  597. 				$this->getView('MainView')->edprofile_form($msg);
  598. 		}
  599. 	}
  600. 	
  601. 	public function logout()
  602. 	{
  603. 		$this->loadDependencies();
  604. 	
  605. 		if (!$this->getModel('SessionModel')->isLogged())
  606. 			$this->forward('index.php');
  607. 			
  608. 		$this->getModel('SessionModel')->deleteSession();
  609. 		
  610. 		$this->getView('MainView')->forum_message('You are logged out.', 'index.php');
  611. 	}
  612. 	
  613. 	public function login()
  614. 	{
  615. 		$this->loadDependencies();
  616. 		$this->loadModel('BansModel');
  617. 		
  618. 		if ($_SERVER['REQUEST_SCHEME'] == 'http')
  619. 			$this->forward('https://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
  620. 		
  621. 		if ($this->getModel('SessionModel')->isLogged())
  622. 			$this->forward('index.php');
  623. 		
  624. 		$msg = '';
  625. 		if (isset($_POST['nick'], $_POST['passwd']))
  626. 		{
  627. 			//secure pools

  628. 			$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
  629. 			$_POST['passwd'] = sha1(trim(strip_tags($this->db->real_escape_string($_POST['passwd']))));
  630. 			
  631. 			$userinfo = $this->getModel('SessionModel')->tryGetUser($_POST['nick'], $_POST['passwd']);
  632. 			
  633. 			if (count($userinfo) == 0)
  634. 				$msg = 'Invalid username or password.';
  635. 				
  636. 			if ($msg == '')
  637. 			{
  638. 				$ban_info = $this->getModel('BansModel')->getUserBan($userinfo['user_id']);
  639. 				
  640. 				if ($ban_info == null)
  641. 				{
  642. 					$this->getModel('SessionModel')->registerNewSession($userinfo['user_id']);
  643. 					$this->getView('MainView')->forum_message('You are logged as: <span style="font-weight: bold">'.$userinfo['nick'].'</span>', 'index.php');
  644. 				}
  645. 				else
  646. 				{
  647. 					$reason = ($ban_info['reason'] != '') ? '<br>Reason: <span style="font-style: italic">'.$ban_info['reason'].'</span>' : '';
  648. 					$this->getView('MainView')->forum_message('You are banned!'.$reason);
  649. 				}
  650. 				$lockv = true;
  651. 			}
  652. 		}
  653. 		
  654. 		$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : '';
  655. 		if (!isset($lockv))
  656. 			$this->getView('MainView')->login_form($msg);
  657. 	}
  658. 	
  659. 	public function register()
  660. 	{
  661. 		$this->loadDependencies();
  662. 		$this->loadModel('UsersModel');
  663. 		
  664. 		if ($this->getModel('SessionModel')->isLogged())
  665. 			$this->forward('index.php');
  666. 			
  667. 		if ($_SERVER['REQUEST_SCHEME'] == 'http')
  668. 			$this->forward('https://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
  669. 		
  670. 		$msg = '';
  671. 		if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email']))
  672. 		{
  673. 			//secure pools

  674. 			$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
  675. 			$_POST['passwd'] = trim(strip_tags($_POST['passwd']));
  676. 			$_POST['passwd_confirm'] = trim(strip_tags($_POST['passwd_confirm']));
  677. 			$_POST['email'] = trim(strip_tags($this->db->real_escape_string($_POST['email'])));
  678. 			
  679. 			if (strlen($_POST['nick']) < 3)
  680. 				$msg .= 'Nick is too short (min 3 characters)<br>';
  681. 				
  682. 			if (strlen($_POST['passwd']) < 8)
  683. 				$msg .= 'Password is too short (min 8 characters)<br>';
  684. 				
  685. 			if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
  686. 				$msg .= 'Email is incorrect<br>';
  687. 			
  688. 			if ($this->getModel('UsersModel')->nickExists($_POST['nick']) == true)
  689. 				$msg .= 'Nick is in use. Type another one.<br>';
  690. 			
  691. 			if ($_POST['passwd'] != $_POST['passwd_confirm'])
  692. 				$msg .= 'Password do not match';
  693. 				
  694. 			if ($msg == '')
  695. 			{
  696. 				$this->getModel('UsersModel')->createNewUser($_POST['nick'], sha1($_POST['passwd']), $_POST['email']);
  697. 				$this->getView('MainView')->forum_message('Your account has created. Log in to write new posts.', 'index.php');
  698. 				$lockv = true;
  699. 			}
  700. 		}
  701. 		
  702. 		$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : '';
  703. 		$_POST['email'] = (isset($_POST['email'])) ? $_POST['email'] : '';
  704. 		
  705. 		if (!isset($lockv))
  706. 			$this->getView('MainView')->register_form($msg);
  707. 	}
  708. 	
  709. 	public function checknick()
  710. 	{
  711. 		$this->loadModel('UsersModel');
  712. 		if (!isset($_GET['nick']))
  713. 			$_GET['nick'] = '';
  714. 			
  715. 		$_GET['nick'] = trim($this->db->real_escape_string(strip_tags($_GET['nick'])));
  716. 		
  717. 		if ($this->getModel('UsersModel')->nickExists($_GET['nick']) == true)
  718. 			echo 'true';
  719. 		else
  720. 			echo 'false';
  721. 	}
  722. }
  723. 

  724. ?>