pioder
/
uf2
1
0
Fork 0
Code Releases 0 Activity
A new, object-oriented, better vesion of μForum
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12 Commits
1 Branch
392 KiB
Tree: 97993ee1c2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '97993ee1c2'
${ noResults }
uf2/inc/controllers/AdminController.class.php

600 lines
18 KiB
Raw Normal View History

initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
removed email address from PHP files
6 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
PHP 7.0 compatibility (short tags replaced by normal)
6 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved password generating method (salt + SHA-256)
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
deleted avatars fixed deleting avatars while user deleting
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
several updates in admin controller (buildURL) implemented two new functions (variable cleaning) to use in future
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
 
  1. <?php
  2. /** 
  3. * @package		uForum2
  4. * @file		inc/controllers/AdminController.class.php
  5. * @copyright	2007-2015 (c) PioDer 
  6. * @link    		http://www.pioder.pl/
  7. * @license		see LICENSE.txt
  8. **/
  9. 

  10. require ('./inc/controller.class.php');
  11. 

  12. class AdminController extends Controller
  13. {
  14. 

  15. 	public function loadDefault()
  16. 	{
  17. 		$this->main();
  18. 	}
  19. 	
  20. 	private function loadDependencies() // zależności (sesje itp)

  21. 	{
  22. 		$this->loadModel('SessionModel'); //aktywacja sesji

  23. 		$this->loadModel('ConfigModel'); //konfiguracja ogólna skryptu

  24. 		$this->loadView('MainView');
  25. 		$this->getView('MainView')->putExistingModel('SessionModel', $this->getModel('SessionModel'));
  26. 		$this->getView('MainView')->putExistingModel('ConfigModel', $this->getModel('ConfigModel'));
  27. 		
  28. 		if ($_SERVER['REQUEST_SCHEME'] == 'http')
  29. 			$this->forward(buildURL($_SERVER['REQUEST_URI'], true));
  30. 		
  31. 		if (!$this->getModel('SessionModel')->isLogged())
  32. 		{
  33. 			$this->getView('MainView')->forum_message('You are not logged.', buildURL('index.php?mode=login'), true);
  34. 			$lockv = true;
  35. 		}
  36. 		
  37. 		if ($this->getModel('SessionModel')->getRank() == RANK_USER && !isset($lockv))
  38. 		{
  39. 			$this->getView('MainView')->forum_message('You are not admin', buildURL('index.php'));
  40. 			$lockv = true;
  41. 		}
  42. 		
  43. 		if (!isset($lockv))
  44. 			return true;
  45. 		else
  46. 			return false;
  47. 	} 
  48. 		
  49. 	public function main()
  50. 	{
  51. 		if ($this->loadDependencies())
  52. 		{
  53. 			$this->getView('MainView')->admin_main();
  54. 		}
  55. 	}
  56. 	
  57. 	public function eduser()
  58. 	{
  59. 		if ($this->loadDependencies())
  60. 		{
  61. 			$this->loadModel('UsersModel');
  62. 			get_clean('id', $this->db);
  63. 			$user_info = $this->getModel('UsersModel')->getUserInformation($_GET['id'], true);
  64. 		
  65. 			if ($user_info == null)
  66. 			{
  67. 				$this->getView('MainView')->forum_message('User does not exist!', buildURL('index.php?mode=admin&amp;submode=users', true)); 
  68. 				$lockv = true;
  69. 			}
  70. 			else
  71. 			{
  72. 				$msg = '';
  73. 				if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email']))
  74. 				{
  75. 					//secure pools

  76. 					post_clean('nick', $this->db, array('spchars'));
  77. 					post_clean('passwd', $this->db, array());
  78. 					post_clean('passwd_confirm', $this->db, array());
  79. 					post_clean('email', $this->db);
  80. 					post_clean('location', $this->db, array('spchars'));
  81. 					post_clean('signature', $this->db, array('spchars'));
  82. 					post_clean('user_rank', $this->db);
  83. 		
  84. 					if ($_POST['passwd'] != '')
  85. 					{
  86. 						if (strlen($_POST['passwd']) < 8)
  87. 							$msg .= 'Password is too short (min 8 characters)<br>';	
  88. 						
  89. 						if ($_POST['passwd'] != $_POST['passwd_confirm'])
  90. 							$msg .= 'Password do not match!<br>';
  91. 					}
  92. 					
  93. 					if ($_GET['id'] == $this->getModel('SessionModel')->getID() && $_POST['user_rank'] != RANK_ADMIN)
  94. 					{
  95. 						$msg .= 'You cannot set rank for your profile<br>';
  96. 						$_POST['user_rank'] = RANK_ADMIN;
  97. 					}
  98. 					
  99. 					if ($this->getModel('UsersModel')->nickExists($_POST['nick']) == true && $_POST['nick'] != $user_info['nick'])
  100. 						$msg .= 'Nick is in use. Type another one.<br>';
  101. 						
  102. 					if (strlen($_POST['nick']) < 3)
  103. 						$msg .= 'Nick is too short (min 3 characters)<br>';	
  104. 					
  105. 					if ($_POST['user_rank'] > RANK_ADMIN || $_POST['user_rank'] < RANK_USER)
  106. 						$msg .= 'Rank is not valid!<br>';
  107. 					
  108. 					//check if avatar is uploaded

  109. 					if ($_FILES['avatar']['tmp_name'] != null)
  110. 					{
  111. 						global $allowed_avatars;
  112. 						$image_size = @getimagesize($_FILES['avatar']['tmp_name']);
  113. 

  114. 						if ($image_size == null)
  115. 							$msg .= 'Type of uploaded file are not allowed.<br>';
  116. 						else
  117. 							if (!in_array($image_size['mime'], $allowed_avatars))
  118. 								$msg .= 'Type of uploaded avatar is not supported.<br>';
  119. 							else
  120. 								if ($image_size[0] > 120 || $image_size[1] > 150)
  121. 									$msg .= 'Uploaded avatar is too big (maximum 120x150 px).<br>';
  122. 					}
  123. 				
  124. 					if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
  125. 						$msg .= 'Email is incorrect<br>';
  126. 				
  127. 					if ($msg == '')
  128. 					{
  129. 						if ($_FILES['avatar']['tmp_name'] != null && !isset($_POST['delete_avatar'])) //change an avatar

  130. 						{
  131. 							if ($user_info['avatar'] != '')
  132. 								unlink('./'.$user_info['avatar']);
  133. 							
  134. 							$ext = pathinfo($_FILES['avatar']['name'], PATHINFO_EXTENSION);
  135. 							$av = 'images/avatars/'.$this->getModel('SessionModel')->getID().'.'.$ext;
  136. 							move_uploaded_file($_FILES['avatar']['tmp_name'], './'.$av); 
  137. 						}
  138. 						else
  139. 							if (isset($_POST['delete_avatar']))
  140. 							{
  141. 								unlink('./'.$user_info['avatar']);
  142. 								$av = '';
  143. 							}
  144. 							else
  145. 								$av = $user_info['avatar']; //if new avatar is not set

  146. 					
  147. 						if ($_POST['passwd'] != '')
  148. 							$this->getModel('UsersModel')->changeUserPassword($_GET['id'], $user_info['nick'], $_POST['passwd']);
  149. 						
  150. 						$this->getModel('UsersModel')->changeUserRank($_GET['id'], $_POST['user_rank']);
  151. 						$this->getModel('UsersModel')->updateUserProfile($_GET['id'], $_POST['nick'], $_POST['email'], $_POST['location'], $_POST['signature'], $av);
  152. 						$this->getView('MainView')->forum_message('User profile has changed.', buildURL('index.php?mode=admin&amp;submode=users', true));
  153. 						$lockv = true;
  154. 

  155. 					}
  156. 				}			
  157. 			
  158. 				post_default('nick', $user_info['nick']);
  159. 				post_default('email', $user_info['email']);
  160. 				post_default('location', $user_info['location']);
  161. 				post_default('signature', $user_info['signature']);
  162. 				post_default('user_rank', $user_info['rank']);
  163. 				$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
  164. 		
  165. 				if (!isset($lockv))
  166. 					$this->getView('MainView')->edprofile_form($msg, true);
  167. 			}
  168. 		}
  169. 	}
  170. 	
  171. 	public function users()
  172. 	{
  173. 		if ($this->loadDependencies())
  174. 		{
  175. 			if (isset($_GET['rank']))
  176. 			{
  177. 				switch ($_GET['rank'])
  178. 				{
  179. 					case 'admin':
  180. 						$_GET['rank'] = RANK_ADMIN;
  181. 						break;
  182. 					case 'mod':
  183. 						$_GET['rank'] = RANK_MOD;
  184. 						break;
  185. 					case 'user':
  186. 						$_GET['rank'] = RANK_USER;
  187. 						break;
  188. 					default:
  189. 						$_GET['rank'] = '';
  190. 						break;
  191. 				}
  192. 			}
  193. 			else
  194. 				$_GET['rank'] = '';	
  195. 				
  196. 			post_default('sort_type', 'regdate');
  197. 			$allowed_sorting = array('regdate', 'lastvisit', 'nick', 'post_count');
  198. 			if (!in_array($_POST['sort_type'], $allowed_sorting))
  199. 				$_POST['sort_type'] = 'regdate';
  200. 			$_POST['sort_desc'] = (isset($_POST['sort_desc'])) ? 'DESC' : 'ASC';
  201. 		
  202. 			$this->getView('MainView')->admin_userlist();
  203. 		}
  204. 		
  205. 	}
  206. 	
  207. 	public function deluser()
  208. 	{
  209. 		if ($this->loadDependencies())
  210. 		{
  211. 			$this->loadModel('UsersModel');
  212. 			$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
  213. 		
  214. 			get_clean('id', $this->db);
  215. 		
  216. 			$user_info = $this->getModel('UsersModel')->getUserInformation($_GET['id']);
  217. 			if ($user_info == null)
  218. 			{
  219. 				$this->getView('MainView')->forum_message('User does not exist!', buildURL('index.php?mode=admin&amp;submode=users', true)); 
  220. 				$lockv = true;
  221. 			}
  222. 			else
  223. 			{
  224. 				if ($_GET['id'] == $this->getModel('SessionModel')->getID())
  225. 				{
  226. 					$this->getView('MainView')->forum_message('You cannot delete own profile!', buildURL('index.php?mode=admin&amp;submode=users', true)); 
  227. 					$lockv = true;
  228. 				}
  229. 			}
  230. 			
  231. 			if (isset($_POST['confirmed']) && !isset($lockv))
  232. 			{
  233. 				if (!isset($_POST['rejected']))
  234. 				{ 
  235. 					$this->getModel('UsersModel')->deleteUser($_GET['id']);
  236. 					if ($user_info['avatar'] != null) //delete user's avatar

  237. 						unlink('./'.$user_info['avatar']);
  238. 					$this->getView('MainView')->forum_message('Profile deleted. Redirecting to users list...', buildURL('index.php?mode=admin&amp;submode=users', true)); 
  239. 					$lockv = true;
  240. 				}
  241. 				else
  242. 				{
  243. 					$this->forward(buildURL('index.php?mode=admin&submode=users'));
  244. 				}
  245. 			}
  246. 			
  247. 			if (!isset($lockv))
  248. 				$this->getView('MainView')->confirm_action('Do you want delete user <span style="font-weight: bold">'.$user_info['nick'].'</span>? This operation cannot undone.');
  249. 		}
  250. 	}
  251. 	
  252. 	public function config()
  253. 	{
  254. 		if ($this->loadDependencies())
  255. 		{
  256. 			$msg = '';
  257. 			
  258. 			if (isset($_POST['forum_name'], $_POST['forum_desc']))
  259. 			{
  260. 				post_clean('forum_name', $this->db, array('spchars'));
  261. 				post_clean('forum_desc', $this->db, array('spchars'));
  262. 				
  263. 				if (strlen($_POST['forum_name']) < 3)
  264. 				{
  265. 					$msg .= 'Forum name is too short (min 3 characters)!<br>';
  266. 				}
  267. 				
  268. 				if (strlen($_POST['forum_name']) > 30)
  269. 				{
  270. 					$msg .= 'Forum name is too long (max 30 characters)!<br>';
  271. 				}
  272. 				
  273. 				if (strlen($_POST['forum_desc']) > 50)
  274. 				{
  275. 					$msg .= 'Forum description is too long (max 50 characters)!<br>';
  276. 				}
  277. 				
  278. 				if ($msg == '')
  279. 				{
  280. 					if ($_POST['forum_name'] !=  $this->getModel('ConfigModel')->getConf('forum_name'))
  281. 						$this->getModel('ConfigModel')->updateConf('forum_name', $_POST['forum_name']);
  282. 						
  283. 					if ($_POST['forum_desc'] !=  $this->getModel('ConfigModel')->getConf('forum_desc'))
  284. 						$this->getModel('ConfigModel')->updateConf('forum_desc', $_POST['forum_desc']);
  285. 					
  286. 					$this->getView('MainView')->forum_message('Forum configuration updated. Redirecting...', buildURL('index.php?mode=admin&amp;submode=config', true)); 
  287. 					$lockv = true;
  288. 				}
  289. 			}
  290. 			
  291. 			post_default('forum_name', $this->getModel('ConfigModel')->getConf('forum_name'));
  292. 			post_default('forum_desc', $this->getModel('ConfigModel')->getConf('forum_desc'));
  293. 			if (!isset($lockv))
  294. 			{
  295. 				$this->getView('MainView')->admin_config($msg);
  296. 			}
  297. 		}
  298. 	}
  299. 	
  300. 	public function forums()
  301. 	{
  302. 		if ($this->loadDependencies())
  303. 		{
  304. 			$this->getView('MainView')->admin_forums();
  305. 		}
  306. 	}
  307. 	
  308. 	public function addcat()
  309. 	{
  310. 		if ($this->loadDependencies())
  311. 		{
  312. 			$this->modify_cat('add');
  313. 		}
  314. 	}
  315. 	
  316. 	public function edcat()
  317. 	{
  318. 		if ($this->loadDependencies())
  319. 		{
  320. 			$this->modify_cat('edit');
  321. 		}
  322. 	}
  323. 	
  324. 	public function addforum()
  325. 	{
  326. 		if ($this->loadDependencies())
  327. 		{
  328. 			$this->modify_forum('add');
  329. 		}
  330. 	}
  331. 	
  332. 	public function edforum()
  333. 	{
  334. 		if ($this->loadDependencies())
  335. 		{
  336. 			$this->modify_forum('edit');
  337. 		}
  338. 	}
  339. 	
  340. 	public function delforum()
  341. 	{
  342. 		if ($this->loadDependencies())
  343. 		{
  344. 			$this->loadModel('ForumsModel');
  345. 			get_clean('id', $this->db);
  346. 			
  347. 			$forum_info = $this->getModel('ForumsModel')->getForum($_GET['id']);
  348. 			
  349. 			if ($forum_info == null)
  350. 			{
  351. 				$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php?mode=admin&amp;submode=forums', true)); 
  352. 				$lockv = true;
  353. 			}
  354. 

  355. 			if (isset($_POST['confirmed']) && !isset($lockv))
  356. 			{
  357. 				if (!isset($_POST['rejected']))
  358. 				{
  359. 					$this->getModel('ForumsModel')->deleteForum($_GET['id']);
  360. 					$this->getView('MainView')->forum_message('Forum deleted. Redirecting...', buildURL('index.php?mode=admin&amp;submode=forums', true));
  361. 					$lockv = true;		
  362. 				}
  363. 				else
  364. 					$this->forward(buildURL('index.php?mode=admin&submode=forums', true));
  365. 			}
  366. 			
  367. 			if (!isset($lockv))
  368. 				$this->getView('MainView')->confirm_action('Do you REALLY want delete forum <span style="font-weight: bold">'.$forum_info['name'].'</span> with ALL CONTENT? <span style="text-decoration: underline">This operation cannot undone!</span>');
  369. 		}
  370. 		
  371. 	}
  372. 	
  373. 	public function delcat()
  374. 	{
  375. 		if ($this->loadDependencies())
  376. 		{
  377. 			$this->loadModel('ForumsModel');
  378. 

  379. 			get_clean('id', $this->db);
  380. 			$cat_info = $this->getModel('ForumsModel')->getCat($_GET['id']);
  381. 			
  382. 			if ($cat_info == null)
  383. 			{
  384. 				$this->getView('MainView')->forum_message('Category does not exist!', buildURL('index.php?mode=admin&amp;submode=forums', true)); 
  385. 				$lockv = true;
  386. 			}
  387. 

  388. 			if (isset($_POST['confirmed']) && !isset($lockv))
  389. 			{
  390. 				if (!isset($_POST['rejected']))
  391. 				{
  392. 					$this->getModel('ForumsModel')->deleteCat($_GET['id']);
  393. 					$this->getView('MainView')->forum_message('Category deleted. Redirecting...', buildURL('index.php?mode=admin&amp;submode=forums', true));
  394. 					$lockv = true;		
  395. 				}
  396. 				else
  397. 					$this->forward(buildURL('index.php?mode=admin&submode=forums', true));
  398. 			}
  399. 			
  400. 			if (!isset($lockv))
  401. 				$this->getView('MainView')->confirm_action('Do you REALLY want delete category <span style="font-weight: bold">'.$cat_info['name'].'</span> with ALL FORUMS AND CONTENT? <span style="text-decoration: underline">This operation cannot undone!</span>');
  402. 		}
  403. 		
  404. 	}
  405. 	
  406. 	private function modify_cat($m)
  407. 	{
  408. 		$msg = '';
  409. 		
  410. 		$this->loadModel('ForumsModel');
  411. 		
  412. 		if ($m == 'edit')
  413. 		{
  414. 			get_clean('id', $this->db);
  415. 			$cat_info = $this->getModel('ForumsModel')->getCat($_GET['id']);
  416. 			
  417. 			if ($cat_info == null)
  418. 			{
  419. 				$this->getView('MainView')->forum_message('Category does not exist!', buildURL('index.php?mode=admin&amp;submode=forums', true)); 
  420. 				$lockv = true;
  421. 			}
  422. 		}
  423. 		
  424. 		
  425. 		if (isset($_POST['name']) && !isset($lockv))
  426. 		{
  427. 			post_clean('name', $this->db, array('spchars'));
  428. 			if (strlen($_POST['name']) < 3)
  429. 				$msg .= 'Category name is too short (min 3 characters)!<br>';
  430. 			
  431. 			if ($msg == '')
  432. 			{
  433. 				if ($m == 'add')
  434. 				{
  435. 					$this->getModel('ForumsModel')->addCat($_POST['name']);
  436. 					$this->getView('MainView')->forum_message('Category added. Redirecting...', buildURL('index.php?mode=admin&amp;submode=forums', true)); 
  437. 					$lockv = true;
  438. 				}	
  439. 				else
  440. 				{
  441. 					$this->getModel('ForumsModel')->changeCat($_GET['id'], $_POST['name']);
  442. 					$this->getView('MainView')->forum_message('Category updated. Redirecting...', buildURL('index.php?mode=admin&amp;submode=forums', true)); 
  443. 					$lockv = true;
  444. 				}
  445. 			}
  446. 		}
  447. 		
  448. 		if (!isset($lockv))
  449. 		{
  450. 			post_default('name', ($m == 'add') ? '' : $cat_info['name']);
  451. 				
  452. 			$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
  453. 			$this->getView('MainView')->admin_cat_form($msg, $m);
  454. 		}
  455. 	}
  456. 	
  457. 	private function modify_forum($m)
  458. 	{
  459. 		$msg = '';
  460. 		
  461. 		$this->loadModel('ForumsModel');
  462. 		
  463. 		if ($m == 'edit')
  464. 		{
  465. 			get_cat('id', $this->db);
  466. 			$forum_info = $this->getModel('ForumsModel')->getForum($_GET['id']);
  467. 			
  468. 			if ($forum_info == null)
  469. 			{
  470. 				$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php?mode=admin&amp;submode=forums', true));
  471. 				$lockv = true;
  472. 			}
  473. 		}
  474. 		
  475. 		
  476. 		if (isset($_POST['name']) && !isset($lockv))
  477. 		{
  478. 			post_clean('name', $this->db, array('spchars'));
  479. 			post_clean('desc', $this->db, array('spchars'));
  480. 			post_clean('category_id', $this->db);
  481. 			post_clean('locked', $this->db);
  482. 			$_POST['locked'] = ($_POST['locked'] == true) ? true : false;
  483. 			
  484. 			if (strlen($_POST['name']) < 3)
  485. 				$msg .= 'Forum name is too short (min 3 characters)!<br>';
  486. 			
  487. 			$c = $this->getModel('ForumsModel')->getCat($_POST['category_id']);
  488. 			
  489. 			if ($c == null)
  490. 				$msg .= 'Category does not exist!<br>';
  491. 			
  492. 			if ($msg == '')
  493. 			{
  494. 				if ($m == 'add')
  495. 				{
  496. 					$this->getModel('ForumsModel')->addForum($_POST['name'], $_POST['desc'], $_POST['category_id'], $_POST['locked']);
  497. 					$this->getView('MainView')->forum_message('Forum added. Redirecting...', buildURL('index.php?mode=admin&amp;submode=forums', true)); 
  498. 					$lockv = true;
  499. 				}	
  500. 				else
  501. 				{
  502. 					$this->getModel('ForumsModel')->changeForum($_GET['id'], $_POST['name'], $_POST['desc'], $_POST['category_id'], $_POST['locked']);
  503. 					$this->getView('MainView')->forum_message('Forum updated. Redirecting...', buildURL('index.php?mode=admin&amp;submode=forums', true)); 
  504. 					$lockv = true;
  505. 				}
  506. 			}
  507. 		}
  508. 		
  509. 		if (!isset($lockv))
  510. 		{
  511. 			post_default('name', ($m == 'add') ? '' : $forum_info['name']);
  512. 			post_default('desc', ($m == 'add') ? '' : $forum_info['desc']);
  513. 			post_default('category_id', ($m == 'add') ? '' : $forum_info['category_id']);
  514. 			post_default('locked', ($m == 'add') ? '' : $forum_info['locked']);
  515. 				
  516. 			$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
  517. 			$this->getView('MainView')->admin_forum_form($msg, $m);
  518. 		}
  519. 	}
  520. 	
  521. 	public function banlist()
  522. 	{
  523. 		if ($this->loadDependencies())
  524. 			$this->getView('MainView')->admin_banlist();
  525. 	}
  526. 	
  527. 	public function delban()
  528. 	{
  529. 		if ($this->loadDependencies())
  530. 		{
  531. 			$this->loadModel('BansModel');
  532. 

  533. 			get_clean('id', $this->db);
  534. 			$ban_info = $this->getModel('BansModel')->getBan($_GET['id']);
  535. 			
  536. 			if ($ban_info == null)
  537. 			{
  538. 				$this->getView('MainView')->forum_message('Ban does not exist!', buildURL('index.php?mode=admin&amp;submode=banlist', true)); 
  539. 				$lockv = true;
  540. 			}
  541. 

  542. 			if (isset($_POST['confirmed']) && !isset($lockv))
  543. 			{
  544. 				if (!isset($_POST['rejected']))
  545. 				{
  546. 					$this->getModel('BansModel')->deleteBan($_GET['id']);
  547. 					$this->getView('MainView')->forum_message('Ban deleted. Redirecting...', buildURL('index.php?mode=admin&amp;submode=banlist', true));
  548. 					$lockv = true;		
  549. 				}
  550. 				else
  551. 					$this->forward(buildURL('index.php?mode=admin&submode=banlist', true));
  552. 			}
  553. 			
  554. 			if (!isset($lockv))
  555. 				$this->getView('MainView')->confirm_action('Do you want delete ban for user <span style="font-weight: bold">'.$ban_info['nick'].'</span>?');
  556. 		}
  557. 		
  558. 	}
  559. 	
  560. 	public function addban()
  561. 	{
  562. 		if ($this->loadDependencies())
  563. 		{
  564. 			$msg = '';
  565. 		
  566. 			$this->loadModel('BansModel');
  567. 			$this->loadModel('UsersModel');
  568. 		
  569. 			if (isset($_POST['user_id'], $_POST['reason']))
  570. 			{
  571. 				post_clean('user_id', $this->db);
  572. 				post_clean('reason', $this->db, array('spchars'));
  573. 

  574. 				if ($_POST['user_id'] == $this->getModel('SessionModel')->getID())
  575. 					$msg .= 'You cannot ban your profile!<br>';
  576. 				
  577. 				if ($this->getModel('BansModel')->getUserBan($_POST['user_id']) != null)
  578. 					$msg .= 'This user has already been banned!<br>';
  579. 					
  580. 				if ($this->getModel('UsersModel')->getUserInformation($_POST['user_id']) == null)
  581. 					$msg .= 'User does not exist!<br>';
  582. 			
  583. 				if ($msg == '')
  584. 				{
  585. 					$this->getModel('BansModel')->addBan($_POST['user_id'], $_POST['reason']);
  586. 					$this->getView('MainView')->forum_message('Ban added. Redirecting...', buildURL('index.php?mode=admin&amp;submode=banlist', true)); 
  587. 					$lockv = true;
  588. 				}
  589. 			}
  590. 		
  591. 			if (!isset($lockv))
  592. 			{
  593. 				post_default('user_id', '');
  594. 				post_default('reason', '');
  595. 					
  596. 				$this->getView('MainView')->admin_ban_form($msg);
  597. 			}
  598. 		}
  599. 	}
  600. }
  601. ?>