pioder
/
uf2
1
0
Fork 0
Code Releases 0 Activity
A new, object-oriented, better vesion of μForum
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12 Commits
1 Branch
392 KiB
Tree: 97993ee1c2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '97993ee1c2'
${ noResults }
uf2/inc/controllers/MainController.class.php

744 lines
23 KiB
Raw Normal View History

initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
removed email address from PHP files
6 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
replaced strip_tags() by htmlspecialchars() in most of POST variables added stripslashes() to POST variables while form is not sent
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
improved password generating method (salt + SHA-256)
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
added feature: stick/unstick topic
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
added feature: stick/unstick topic
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
added feature: stick/unstick topic
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
added feature: stick/unstick topic
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
replaced strip_tags() by htmlspecialchars() in most of POST variables added stripslashes() to POST variables while form is not sent
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
replaced strip_tags() by htmlspecialchars() in most of POST variables added stripslashes() to POST variables while form is not sent
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved password generating method (salt + SHA-256)
9 years ago
initial commit with snapshot 20140213
9 years ago
improved password generating method (salt + SHA-256)
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
improved password generating method (salt + SHA-256)
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
replaced strip_tags() by htmlspecialchars() in most of POST variables added stripslashes() to POST variables while form is not sent
9 years ago
initial commit with snapshot 20140213
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
improved password generating method (salt + SHA-256)
9 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
9 years ago
initial commit with snapshot 20140213
9 years ago
improved data filtering in controllers
9 years ago
initial commit with snapshot 20140213
9 years ago
 
  1. <?php
  2. /** 
  3. * @package		uForum2
  4. * @file		inc/controllers/MainController.class.php
  5. * @copyright	2007-2015 (c) PioDer 
  6. * @link    		http://www.pioder.pl/
  7. * @license		see LICENSE.txt
  8. **/
  9. 

  10. require ('./inc/controller.class.php');
  11. 

  12. class MainController extends Controller
  13. {
  14. 

  15. 	public function loadDefault()
  16. 	{
  17. 		$this->main();
  18. 	}
  19. 	
  20. 	private function loadDependencies() // zależności (sesje itp)

  21. 	{
  22. 		$this->loadModel('SessionModel'); //initalizing session

  23. 		$this->loadModel('ConfigModel'); //overall forum configuration

  24. 		$this->loadView('MainView');
  25. 		$this->getView('MainView')->putExistingModel('SessionModel', $this->getModel('SessionModel'));
  26. 		$this->getView('MainView')->putExistingModel('ConfigModel', $this->getModel('ConfigModel'));
  27. 		
  28. 		//przekierowanie!

  29. 		if ($_GET['mode'] == 'editprofile' || $_GET['mode'] == 'register' || $_GET['mode'] == 'login')
  30. 		{
  31. 			if ($_SERVER['REQUEST_SCHEME'] != 'https' && USE_HTTPS)
  32. 				$this->forward(buildURL($_SERVER['REQUEST_URI'], true));
  33. 		}
  34. 		else
  35. 			if ($_SERVER['REQUEST_SCHEME'] != 'http')
  36. 				$this->forward(buildURL($_SERVER['REQUEST_URI']));
  37. 	} 
  38. 		
  39. 	public function main()
  40. 	{
  41. 		$this->loadDependencies();
  42. 		$this->loadModel('UsersModel');
  43. 		$this->getView('MainView')->main();
  44. 	}
  45. 	
  46. 	public function viewforum()
  47. 	{
  48. 		$this->loadDependencies();
  49. 		
  50. 		$this->loadModel('ForumsModel');
  51. 		
  52. 		get_clean('id', $this->db);
  53. 		
  54. 		$f = $this->getModel('ForumsModel')->getForum($_GET['id']);
  55. 		
  56. 		if ($f == null)
  57. 			$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php'));
  58. 		else
  59. 		{
  60. 			$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
  61. 			$this->getView('MainView')->viewforum();
  62. 		}
  63. 	}
  64. 	
  65. 	public function userlist()
  66. 	{
  67. 		$this->loadDependencies();
  68. 		
  69. 		if (isset($_GET['rank']))
  70. 		{
  71. 			switch ($_GET['rank'])
  72. 			{
  73. 				case 'admin':
  74. 					$_GET['rank'] = RANK_ADMIN;
  75. 					break;
  76. 				case 'mod':
  77. 					$_GET['rank'] = RANK_MOD;
  78. 					break;
  79. 				case 'user':
  80. 					$_GET['rank'] = RANK_USER;
  81. 					break;
  82. 				default:
  83. 					$_GET['rank'] = '';
  84. 					break;
  85. 			}
  86. 		}
  87. 		else
  88. 			$_GET['rank'] = '';	
  89. 				
  90. 		post_default('sort_type', 'regdate');
  91. 		$allowed_sorting = array('regdate', 'lastvisit', 'nick', 'post_count');
  92. 		if (!in_array($_POST['sort_type'], $allowed_sorting))
  93. 			$_POST['sort_type'] = 'regdate';
  94. 		$_POST['sort_desc'] = (isset($_POST['sort_desc'])) ? 'DESC' : 'ASC';
  95. 		
  96. 		$this->getView('MainView')->userlist();
  97. 	}
  98. 	
  99. 	public function viewtopic()
  100. 	{
  101. 		$this->loadDependencies();
  102. 		$this->loadModel('PostsModel');
  103. 		
  104. 		get_clean('id', $this->db);
  105. 		$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
  106. 		
  107. 		if ($t == null)
  108. 			$this->getView('MainView')->forum_message('Topic does not exist!', buildURL('index.php')); 
  109. 		else
  110. 		{
  111. 			$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
  112. 			$this->getView('MainView')->viewtopic();
  113. 		}
  114. 	}
  115. 	
  116. 	public function newtopic()
  117. 	{
  118. 		$this->posting(POSTING_NEWTOPIC);
  119. 	}
  120. 	
  121. 	public function reply()
  122. 	{
  123. 		$this->posting(POSTING_REPLY);
  124. 	}
  125. 	
  126. 	public function editpost()
  127. 	{
  128. 		$this->posting(POSTING_EDIT);
  129. 	}
  130. 	
  131. 	public function quote()
  132. 	{
  133. 		$this->posting(POSTING_QUOTE);
  134. 	}
  135. 	
  136. 	public function moderate()
  137. 	{
  138. 		$this->loadDependencies();
  139. 		$this->loadModel('PostsModel');
  140. 		$this->loadModel('ForumsModel');
  141. 		
  142. 		get_clean('id', $this->db);
  143. 		get_clean('submode', $this->db, false);
  144. 		
  145. 		if (!$this->getModel('SessionModel')->isLogged())
  146. 		{
  147. 			$this->getView('MainView')->forum_message('You are not logged.', buildURL('index.php?mode=login', true));
  148. 			$lockv = true;
  149. 		}
  150. 		
  151. 		if ($this->getModel('SessionModel')->getRank() == RANK_USER && !isset($lockv))
  152. 		{
  153. 			$this->getView('MainView')->forum_message('Only mods have access to this menu', buildURL('index.php'));
  154. 			$lockv = true;
  155. 		}
  156. 		
  157. 		//sprawdź czy wątek/post istnieje

  158. 		
  159. 		if (!isset($lockv))
  160. 		switch($_GET['submode'])
  161. 		{
  162. 			case 'deletetopic':
  163. 			case 'locktopic':
  164. 			case 'sticktopic':
  165. 			case 'movetopic':
  166. 				$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
  167. 				
  168. 				if ($t == null)
  169. 				{
  170. 					$this->getView('MainView')->forum_message('Topic does not exist!', buildURL('index.php'));
  171. 					$lockv = true;
  172. 				}	
  173. 				break;
  174. 				
  175. 			case 'deletepost':
  176. 				$p = $this->getModel('PostsModel')->getPost($_GET['id']);
  177. 				if ($p == null)
  178. 				{
  179. 					$this->getView('MainView')->forum_message('Post does not exist!', buildURL('index.php'));
  180. 					$lockv = true;
  181. 				}
  182. 				else
  183. 				{
  184. 					$t = $this->getModel('PostsModel')->getTopic($p['topic_id']);
  185. 					
  186. 					if ($t['post_count'] == 1)
  187. 					{
  188. 						$this->getView('MainView')->forum_message('If topic has only one post, use <span style="font-weight: bold">delete topic</span> option.', buildURL('index.php?mode=viewtopic&amp;id='.$p['topic_id']), 3);
  189. 						$lockv = true;
  190. 					}
  191. 				}
  192. 				
  193. 				break;
  194. 			
  195. 			default:
  196. 				$this->getView('MainView')->forum_message('Invalid mode', buildURL('index.php'));
  197. 				$lockv = true;
  198. 				break;
  199. 		}
  200. 		
  201. 		//wysyłanie formularza

  202. 		if (isset($_POST['confirmed']) && !isset($lockv))
  203. 		{
  204. 			if (!isset($_POST['rejected']))
  205. 			{
  206. 				switch($_GET['submode'])
  207. 				{
  208. 					case 'deletepost':
  209. 						$this->getModel('PostsModel')->deletePost($_GET['id']);
  210. 						$this->getView('MainView')->forum_message('Post deleted. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$p['topic_id']));
  211. 						break;
  212. 						
  213. 					case 'deletetopic':
  214. 						$this->getModel('PostsModel')->deleteTopic($_GET['id']);
  215. 						$this->getView('MainView')->forum_message('Topic deleted. Redirecting...', buildURL('index.php?mode=viewforum&amp;id='.$t['forum_id']));
  216. 						break;
  217. 						
  218. 					case 'locktopic':
  219. 						if ($t['topic_locked'] == false)
  220. 						{
  221. 							$this->getModel('PostsModel')->lockTopic($_GET['id']);
  222. 							$this->getView('MainView')->forum_message('Topic locked. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  223. 						}
  224. 						else
  225. 						{
  226. 							$this->getModel('PostsModel')->lockTopic($_GET['id'], false);
  227. 							$this->getView('MainView')->forum_message('Topic unlocked. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  228. 						}
  229. 						break;
  230. 						
  231. 					case 'sticktopic':
  232. 						if ($t['topic_sticky'] == false)
  233. 						{
  234. 							$this->getModel('PostsModel')->stickTopic($_GET['id']);
  235. 							$this->getView('MainView')->forum_message('Topic sticked. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  236. 						}
  237. 						else
  238. 						{
  239. 							$this->getModel('PostsModel')->stickTopic($_GET['id'], false);
  240. 							$this->getView('MainView')->forum_message('Topic unsticked. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  241. 						}
  242. 						break;
  243. 						
  244. 					case 'movetopic':
  245. 						if ($this->getModel('ForumsModel')->getForum($_POST['forum_id']) == null)
  246. 							$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  247. 						else
  248. 						{
  249. 							$this->getModel('PostsModel')->moveTopic($_GET['id'], $_POST['forum_id']);
  250. 							$this->getView('MainView')->forum_message('Topic moved. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  251. 						}
  252. 						
  253. 						break;
  254. 				}
  255. 				$lockv = true;
  256. 			}
  257. 			else
  258. 			{
  259. 				switch ($_GET['submode'])
  260. 				{
  261. 					case 'deletetopic':
  262. 					case 'locktopic':
  263. 					case 'sticktopic':
  264. 					case 'movetopic':
  265. 						$this->forward(buildURL('index.php?mode=viewtopic&id='.$_GET['id']));
  266. 						break;
  267. 					case 'deletepost':
  268. 						$this->forward(buildURL('index.php?mode=viewtopic&id='.$p['topic_id']));
  269. 				}
  270. 			}
  271. 		}
  272. 		
  273. 		if (!isset($lockv))
  274. 		switch($_GET['submode'])
  275. 		{
  276. 			case 'deletepost':
  277. 				$this->getView('MainView')->confirm_action('Do you really want delete post <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  278. 				break;
  279. 			case 'deletetopic':
  280. 				$this->getView('MainView')->confirm_action('Do you really want delete topic <span style="font-weight: bold">#'.$_GET['id'].'</span> with all posts? This operation cannot undone.');
  281. 				break;
  282. 				
  283. 			case 'locktopic':
  284. 				if ($t['topic_locked'] == false)
  285. 					$this->getView('MainView')->confirm_action('Do you want lock topic <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  286. 				else
  287. 					$this->getView('MainView')->confirm_action('Do you want unlock topic <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  288. 				break;
  289. 			case 'sticktopic':
  290. 				if ($t['topic_sticky'] == false)
  291. 					$this->getView('MainView')->confirm_action('Do you want stick topic <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  292. 				else
  293. 					$this->getView('MainView')->confirm_action('Do you want unstick topic <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  294. 				break;
  295. 			case 'movetopic':
  296. 				$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
  297. 				$this->getView('MainView')->move_topic();
  298. 				break;
  299. 		}
  300. 	}
  301. 	
  302. 	
  303. 	public function posting($type)
  304. 	{
  305. 		$this->loadDependencies();
  306. 		$this->loadModel('PostsModel');
  307. 		$this->loadModel('ForumsModel');
  308. 		
  309. 		$msg = '';
  310. 		get_clean('id', $this->db);
  311. 		
  312. 		if (!$this->getModel('SessionModel')->isLogged())
  313. 		{
  314. 			$this->getView('MainView')->forum_message('You are not logged.', buildURL('index.php?mode=login', true));
  315. 			$lockv = true;
  316. 		}
  317. 		
  318. 		//CHECKING IF TOPIC/FORUM EXISTS AND IS NOT LOCKED

  319. 		if (!isset($lockv))
  320. 		switch($type)
  321. 		{
  322. 			case POSTING_NEWTOPIC:	//checking if forum exists and is not locked

  323. 				$f = $this->getModel('ForumsModel')->getForum($_GET['id']);
  324. 		
  325. 				if ($f == null)
  326. 				{
  327. 					$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php'));
  328. 					$lockv = true;
  329. 				}
  330. 				else
  331. 					if ($f['locked'] == true)
  332. 					{
  333. 						$this->getView('MainView')->forum_message('Forum is locked', buildURL('index.php?mode=viewforum&amp;id='.$_GET['id']));
  334. 						$lockv = true;
  335. 					}
  336. 				break;
  337. 		
  338. 			case POSTING_REPLY:	//checking if topic exists

  339. 			case POSTING_QUOTE:
  340. 				$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
  341. 			
  342. 				if ($t == null)
  343. 				{
  344. 					$this->getView('MainView')->forum_message('Topic does not exist!', buildURL('index.php'));
  345. 					$lockv = true;
  346. 				}
  347. 				else
  348. 				{
  349. 					if ($t['forum_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  350. 					{
  351. 						$this->getView('MainView')->forum_message('Forum is locked', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  352. 						$lockv = true;
  353. 					}
  354. 					
  355. 					if ($t['topic_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  356. 					{
  357. 						$this->getView('MainView')->forum_message('Topic is locked', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  358. 						$lockv = true;
  359. 					}
  360. 					
  361. 					if ($type == POSTING_QUOTE)
  362. 					{
  363. 						get_clean('q', $this->db);
  364. 						$qp = $this->getModel('PostsModel')->getPost($_GET['q']);
  365. 						
  366. 						if ($qp == null)
  367. 						{
  368. 							$this->getView('MainView')->forum_message('Invalid quoted post', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  369. 							$lockv = true;
  370. 						}
  371. 						else
  372. 						{
  373. 							if ($qp['topic_id'] != $_GET['id'])
  374. 							{
  375. 								$this->getView('MainView')->forum_message('Invalid quoted post', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  376. 								$lockv = true;
  377. 							}
  378. 						}
  379. 					}
  380. 				}
  381. 				break;
  382. 				
  383. 			case POSTING_EDIT:
  384. 				$p = $this->getModel('PostsModel')->getPost($_GET['id']);
  385. 				
  386. 				if ($p == null)
  387. 				{
  388. 					$this->getView('MainView')->forum_message('Post does not exist!', buildURL('index.php'));
  389. 					$lockv = true;
  390. 				}
  391. 				else
  392. 				{
  393. 					$t = $this->getModel('PostsModel')->getTopic($p['topic_id']);
  394. 					if ($t['forum_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  395. 					{
  396. 						$this->getView('MainView')->forum_message('Forum is locked', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  397. 						$lockv = true;
  398. 					}
  399. 					if ($t['topic_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  400. 					{
  401. 						$this->getView('MainView')->forum_message('Topic is locked', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  402. 						$lockv = true;
  403. 					}
  404. 					
  405. 					$first = $this->getModel('PostsModel')->getFirstPost($t['topic_id']);
  406. 					
  407. 					if ($first['post_id'] == $_GET['id'])
  408. 						$type = POSTING_EDITTOPIC;
  409. 						
  410. 					if ($p['user_id'] != $this->getModel('SessionModel')->getID() && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  411. 					{
  412. 						$this->getView('MainView')->forum_message('You can edit only own posts', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  413. 						$lockv = true;
  414. 					}	
  415. 				}
  416. 				
  417. 				break;
  418. 		}
  419. 

  420. 		//posting a HTML form --------------------------------------------------------------------------------

  421. 		if (isset($_POST['post']) && !isset($_POST['preview']) && !isset($lockv))
  422. 		{
  423. 			post_clean('post', $this->db, array('spchars'));
  424. 			
  425. 			if ($type == POSTING_NEWTOPIC || $type == POSTING_EDITTOPIC) //walidacja tytułu tematu (add, edit)

  426. 			{
  427. 				post_clean('topic', $this->db, array('spchars'));
  428. 

  429. 				if (strlen($_POST['topic']) < 3)
  430. 					$msg .= 'Topic title is too short (min 3 characters)<br>';
  431. 			}
  432. 						
  433. 			if (strlen($_POST['post']) < 3)
  434. 				$msg .= 'Post content is too short (min 3 characters)<br>';
  435. 			
  436. 			if ($msg == null)
  437. 			{
  438. 				switch ($type)
  439. 				{
  440. 					case POSTING_NEWTOPIC: //akcje dodania nowego tematu

  441. 						
  442. 						$topic_id = $this->getModel('PostsModel')->addTopic($_POST['topic'], $_POST['post'], $_GET['id'], $this->getModel('SessionModel')->getID());
  443. 						if ($topic_id != null)
  444. 						{
  445. 							$this->getView('MainView')->forum_message('Topic created, Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$topic_id));
  446. 							$lockv = true; 
  447. 						}	
  448. 						else
  449. 							$msg .= 'Something went wrong, try again.';
  450. 						break;
  451. 					case POSTING_EDITTOPIC:
  452. 					case POSTING_EDIT:
  453. 						$this->getModel('PostsModel')->changePost($_GET['id'], $_POST['post']);
  454. 						
  455. 						if ($type == POSTING_EDITTOPIC)
  456. 							$this->getModel('PostsModel')->changeTopic($t['topic_id'], $_POST['topic']);
  457. 						
  458. 						$this->getView('MainView')->forum_message('Post edited. Redirecting to topic...', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  459. 						$lockv = true;
  460. 						break;	
  461. 					
  462. 					case POSTING_QUOTE:
  463. 					case POSTING_REPLY:
  464. 						$this->getModel('PostsModel')->addPost($_GET['id'], $this->getModel('SessionModel')->getID(), $_POST['post']);
  465. 						
  466. 						$this->getView('MainView')->forum_message('Reply saved. Redirecting to topic...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  467. 						$lockv = true;
  468. 						break;
  469. 				}				
  470. 			}
  471. 		}
  472. 		
  473. 		if (!isset($lockv))
  474. 		{
  475. 			switch ($type)
  476. 			{
  477. 				case POSTING_NEWTOPIC:
  478. 				case POSTING_REPLY:
  479. 					post_default('post', '');
  480. 					break;
  481. 				case POSTING_EDITTOPIC:
  482. 					post_default('post', $p['content']);
  483. 					post_default('topic', $t['topic_title']);
  484. 					break;
  485. 				case POSTING_EDIT:
  486. 					post_default('post', $p['content']);
  487. 					break;
  488. 					
  489. 				case POSTING_QUOTE:
  490. 					$quote = ($qp['nick'] != null) ? '='.$qp['nick'] : '';
  491. 					post_default('post', '[quote'.$quote.']'.$qp['content'].'[/quote]');
  492. 					break;	
  493. 			}
  494. 			if ($type == POSTING_NEWTOPIC)
  495. 				post_default('topic', '');
  496. 			
  497. 			$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
  498. 			$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
  499. 			
  500. 			$this->getView('MainView')->posting_form($type, $msg);
  501. 		}
  502. 	}
  503. 	
  504. 	public function myprofile()
  505. 	{
  506. 		$this->loadDependencies();
  507. 		if (!$this->getModel('SessionModel')->isLogged())
  508. 			$this->forward('index.php');
  509. 		else
  510. 			$this->forward(buildURL('index.php?mode=viewprofile&id='.$this->getModel('SessionModel')->getID()));
  511. 	}
  512. 	
  513. 	public function viewprofile()
  514. 	{
  515. 		$this->loadDependencies();
  516. 		
  517. 		$this->loadModel('UsersModel');
  518. 		$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
  519. 		
  520. 		get_clean('id', $this->db);
  521. 		
  522. 		if ($this->getModel('UsersModel')->getUserInformation($_GET['id']) == null)
  523. 			$this->getView('MainView')->forum_message('User does not exist!', buildURL('index.php')); 
  524. 		else
  525. 		{
  526. 			$this->getView('MainView')->viewprofile();
  527. 		}
  528. 	}
  529. 	
  530. 	public function editprofile()
  531. 	{
  532. 		$this->loadDependencies();
  533. 		$this->loadModel('UsersModel');
  534. 		$user_info = $this->getModel('UsersModel')->getUserInformation($this->getModel('SessionModel')->getID(), true);
  535. 		
  536. 		if (!$this->getModel('SessionModel')->isLogged())
  537. 		{
  538. 			$this->getView('MainView')->forum_message('You are not logged.', buildURL('index.php?mode=login', true));
  539. 		}
  540. 		else
  541. 		{
  542. 			$msg = '';
  543. 			if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email']))
  544. 			{
  545. 				//secure pools

  546. 				post_clean('nick', $this->db, array('spchars'));
  547. 				post_clean('passwd_old', $this->db, array());
  548. 				post_clean('passwd', $this->db, array());
  549. 				post_clean('passwd_confirm', $this->db, array());
  550. 				post_clean('email', $this->db);
  551. 				post_clean('location', $this->db, array('spchars'));
  552. 				post_clean('signature', $this->db, array('spchars'));
  553. 		
  554. 				if ($_POST['email'] != $user_info['email'] || $_POST['passwd'] != '')
  555. 				{
  556. 					if ($this->getModel('UsersModel')->generatePasswordHash($user_info['nick'], $_POST['passwd_old']) != $user_info['password'])
  557. 						$msg .= 'Old password is incorrect!<br>';
  558. 				}
  559. 				if ($_POST['passwd'] != '')
  560. 				{
  561. 					if (strlen($_POST['passwd']) < 8)
  562. 						$msg .= 'Password is too short (min 8 characters)<br>';	
  563. 						
  564. 					if ($_POST['passwd'] != $_POST['passwd_confirm'])
  565. 						$msg .= 'Password do not match!<br>';
  566. 				}
  567. 				
  568. 				//check if avatar is uploaded

  569. 				if ($_FILES['avatar']['tmp_name'] != null)
  570. 				{
  571. 					global $allowed_avatars;
  572. 					$image_size = @getimagesize($_FILES['avatar']['tmp_name']);
  573. 

  574. 					if ($image_size == null)
  575. 						$msg .= 'Type of uploaded file are not allowed.<br>';
  576. 					else
  577. 						if (!in_array($image_size['mime'], $allowed_avatars))
  578. 							$msg .= 'Type of uploaded avatar is not supported.<br>';
  579. 						else
  580. 							if ($image_size[0] > 120 || $image_size[1] > 150)
  581. 								$msg .= 'Uploaded avatar is too big (maximum 120x150 px).<br>';
  582. 				}
  583. 				
  584. 				if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
  585. 					$msg .= 'Email is incorrect<br>';
  586. 				
  587. 				if ($msg == '')
  588. 				{
  589. 					if ($_FILES['avatar']['tmp_name'] != null && !isset($_POST['delete_avatar'])) //change an avatar

  590. 					{
  591. 						if ($user_info['avatar'] != '')
  592. 							unlink('./'.$user_info['avatar']);
  593. 							
  594. 						$ext = pathinfo($_FILES['avatar']['name'], PATHINFO_EXTENSION);
  595. 						$av = 'images/avatars/'.$this->getModel('SessionModel')->getID().'.'.$ext;
  596. 						move_uploaded_file($_FILES['avatar']['tmp_name'], './'.$av); 
  597. 					}
  598. 					else
  599. 						if (isset($_POST['delete_avatar']))
  600. 						{
  601. 							unlink('./'.$user_info['avatar']);
  602. 							$av = '';
  603. 						}
  604. 						else
  605. 							$av = $user_info['avatar']; //if new avatar is not set

  606. 					
  607. 					if ($_POST['passwd'] != '')
  608. 						$this->getModel('UsersModel')->changeUserPassword($this->getModel('SessionModel')->getID(), $user_info['nick'], $_POST['passwd']);
  609. 					
  610. 					$this->getModel('UsersModel')->updateUserProfile($this->getModel('SessionModel')->getID(), '', $_POST['email'], $_POST['location'], $_POST['signature'], $av);
  611. 					$this->getView('MainView')->forum_message('Your profile has changed.', buildURL('index.php?mode=viewprofile&amp;id='.$this->getModel('SessionModel')->getID()));
  612. 					$lockv = true;
  613. 

  614. 				}
  615. 			}			
  616. 			
  617. 			post_default('nick', $user_info['nick']);
  618. 			post_default('email', $user_info['email']);
  619. 			post_default('location', $user_info['location']);
  620. 			post_default('signature', $user_info['signature']);
  621. 	
  622. 			$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
  623. 		
  624. 			if (!isset($lockv))
  625. 				$this->getView('MainView')->edprofile_form($msg);
  626. 		}
  627. 	}
  628. 	
  629. 	public function logout()
  630. 	{
  631. 		$this->loadDependencies();
  632. 	
  633. 		if (!$this->getModel('SessionModel')->isLogged())
  634. 			$this->forward('index.php');
  635. 			
  636. 		$this->getModel('SessionModel')->deleteSession();
  637. 		
  638. 		$this->getView('MainView')->forum_message('You are logged out.', buildURL('index.php'));
  639. 	}
  640. 	
  641. 	public function login()
  642. 	{
  643. 		$this->loadDependencies();
  644. 		$this->loadModel('BansModel');
  645. 		$this->loadModel('UsersModel');
  646. 		
  647. 		if ($this->getModel('SessionModel')->isLogged())
  648. 			$this->forward(buildURL('index.php'));
  649. 		
  650. 		$msg = '';
  651. 		if (isset($_POST['nick'], $_POST['passwd']))
  652. 		{
  653. 			//secure pools

  654. 			post_clean('nick', $this->db);
  655. 			$_POST['passwd'] = $this->getModel('UsersModel')->generatePasswordHash($_POST['nick'], trim($this->db->real_escape_string($_POST['passwd'])));
  656. 			
  657. 			$userinfo = $this->getModel('SessionModel')->tryGetUser($_POST['nick'], $_POST['passwd']);
  658. 			
  659. 			if (count($userinfo) == 0)
  660. 				$msg = 'Invalid username or password.';
  661. 				
  662. 			if ($msg == '')
  663. 			{
  664. 				$ban_info = $this->getModel('BansModel')->getUserBan($userinfo['user_id']);
  665. 				
  666. 				if ($ban_info == null)
  667. 				{
  668. 					$this->getModel('SessionModel')->registerNewSession($userinfo['user_id']);
  669. 					$this->getView('MainView')->forum_message('You are logged as: <span style="font-weight: bold">'.$userinfo['nick'].'</span>', buildURL('index.php'));
  670. 				}
  671. 				else
  672. 				{
  673. 					$reason = ($ban_info['reason'] != '') ? '<br>Reason: <span style="font-style: italic">'.$ban_info['reason'].'</span>' : '';
  674. 					$this->getView('MainView')->forum_message('You are banned!'.$reason);
  675. 				}
  676. 				$lockv = true;
  677. 			}
  678. 		}
  679. 		
  680. 		post_default('nick', '');
  681. 		if (!isset($lockv))
  682. 			$this->getView('MainView')->login_form($msg);
  683. 	}
  684. 	
  685. 	public function register()
  686. 	{
  687. 		$this->loadDependencies();
  688. 		$this->loadModel('UsersModel');
  689. 		
  690. 		if ($this->getModel('SessionModel')->isLogged())
  691. 			$this->forward('index.php');
  692. 		
  693. 		$msg = '';
  694. 		if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email']))
  695. 		{
  696. 			//secure pools

  697. 			post_clean('nick', $this->db);
  698. 			post_clean('passwd', $this->db, array());
  699. 			post_clean('passwd_confirm', $this->db, array());
  700. 			post_clean('email', $this->db);
  701. 			
  702. 			if (strlen($_POST['nick']) < 3)
  703. 				$msg .= 'Nick is too short (min 3 characters)<br>';
  704. 				
  705. 			if (strlen($_POST['passwd']) < 8)
  706. 				$msg .= 'Password is too short (min 8 characters)<br>';
  707. 				
  708. 			if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
  709. 				$msg .= 'Email is incorrect<br>';
  710. 			
  711. 			if ($this->getModel('UsersModel')->nickExists($_POST['nick']) == true)
  712. 				$msg .= 'Nick is in use. Type another one.<br>';
  713. 			
  714. 			if ($_POST['passwd'] != $_POST['passwd_confirm'])
  715. 				$msg .= 'Password do not match';
  716. 				
  717. 			if ($msg == '')
  718. 			{
  719. 				$this->getModel('UsersModel')->createNewUser($_POST['nick'], $_POST['passwd'], $_POST['email']);
  720. 				$this->getView('MainView')->forum_message('Your account has created. Log in to write new posts.', buildURL('index.php'), 3);
  721. 				$lockv = true;
  722. 			}
  723. 		}
  724. 		
  725. 		post_default('nick', '');
  726. 		post_default('email', '');
  727. 		if (!isset($lockv))
  728. 			$this->getView('MainView')->register_form($msg);
  729. 	}
  730. 	
  731. 	public function checknick()
  732. 	{
  733. 		$this->loadModel('UsersModel');
  734. 		if (!isset($_GET['nick']))
  735. 			$_GET['nick'] = '';
  736. 			
  737. 		$_GET['nick'] = trim($this->db->real_escape_string(strip_tags($_GET['nick'])));
  738. 		
  739. 		if ($this->getModel('UsersModel')->nickExists($_GET['nick']) == true)
  740. 			echo 'true';
  741. 		else
  742. 			echo 'false';
  743. 	}
  744. }
  745. ?>