pioder
/
uf2
1
0
Fork 0
Code Releases 0 Activity
A new, object-oriented, better vesion of μForum
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
392 KiB
Tree: bf23339cfe
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'bf23339cfe'
${ noResults }
uf2/inc/controllers/MainController.class.php

732 lines
24 KiB
Raw Normal View History

initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved password generating method (salt + SHA-256)
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved password generating method (salt + SHA-256)
10 years ago
initial commit with snapshot 20140213
10 years ago
improved password generating method (salt + SHA-256)
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved password generating method (salt + SHA-256)
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved password generating method (salt + SHA-256)
10 years ago
initial commit with snapshot 20140213
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
improved password generating method (salt + SHA-256)
10 years ago
implemented buildURL() function (and fixed redirecting on https page) added comments block (file description) in each PHP file
10 years ago
initial commit with snapshot 20140213
10 years ago
 
  1. <?php
  2. /** 
  3. * @package		uForum2
  4. * @file		inc/controllers/MainController.class.php
  5. * @copyright	2007-2015 (c) PioDer <piotrek@pioder.pl>
  6. * @link    		http://www.pioder.pl/
  7. * @license		see LICENSE.txt
  8. **/
  9. 

  10. require ('./inc/controller.class.php');
  11. 

  12. class MainController extends Controller
  13. {
  14. 

  15. 	public function loadDefault()
  16. 	{
  17. 		$this->main();
  18. 	}
  19. 	
  20. 	private function loadDependencies() // zależności (sesje itp)

  21. 	{
  22. 		$this->loadModel('SessionModel'); //aktywacja sesji

  23. 		$this->loadModel('ConfigModel'); //konfiguracja ogólna skryptu

  24. 		$this->loadView('MainView');
  25. 		$this->getView('MainView')->putExistingModel('SessionModel', $this->getModel('SessionModel'));
  26. 		$this->getView('MainView')->putExistingModel('ConfigModel', $this->getModel('ConfigModel'));
  27. 		
  28. 		//przekierowanie!

  29. 		if ($_GET['mode'] == 'editprofile' || $_GET['mode'] == 'register' || $_GET['mode'] == 'login')
  30. 		{
  31. 			if ($_SERVER['REQUEST_SCHEME'] != 'https' && USE_HTTPS)
  32. 				$this->forward(buildURL($_SERVER['REQUEST_URI'], true));
  33. 		}
  34. 		else
  35. 			if ($_SERVER['REQUEST_SCHEME'] != 'http')
  36. 				$this->forward(buildURL($_SERVER['REQUEST_URI']));
  37. 	} 
  38. 		
  39. 	public function main()
  40. 	{
  41. 		$this->loadDependencies();
  42. 		$this->loadModel('UsersModel');
  43. 		$this->getView('MainView')->main();
  44. 	}
  45. 	
  46. 	public function viewforum()
  47. 	{
  48. 		$this->loadDependencies();
  49. 		
  50. 		$this->loadModel('ForumsModel');
  51. 		
  52. 		$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  53. 		
  54. 		$f = $this->getModel('ForumsModel')->getForum($_GET['id']);
  55. 		
  56. 		if ($f == null)
  57. 			$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php'));
  58. 		else
  59. 		{
  60. 			$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
  61. 			$this->getView('MainView')->viewforum();
  62. 		}
  63. 	}
  64. 	
  65. 	public function userlist()
  66. 	{
  67. 		$this->loadDependencies();
  68. 		
  69. 		if (isset($_GET['rank']))
  70. 		{
  71. 			switch ($_GET['rank'])
  72. 			{
  73. 				case 'admin':
  74. 					$_GET['rank'] = RANK_ADMIN;
  75. 					break;
  76. 				case 'mod':
  77. 					$_GET['rank'] = RANK_MOD;
  78. 					break;
  79. 				case 'user':
  80. 					$_GET['rank'] = RANK_USER;
  81. 					break;
  82. 				default:
  83. 					$_GET['rank'] = '';
  84. 					break;
  85. 			}
  86. 		}
  87. 		else
  88. 			$_GET['rank'] = '';	
  89. 				
  90. 		$_POST['sort_type'] = (isset($_POST['sort_type'])) ? $this->db->real_escape_string($_POST['sort_type']) : 'regdate';
  91. 		$allowed_sorting = array('regdate', 'lastvisit', 'nick', 'post_count');
  92. 		if (!in_array($_POST['sort_type'], $allowed_sorting))
  93. 			$_POST['sort_type'] = '';
  94. 		$_POST['sort_desc'] = (isset($_POST['sort_desc'])) ? 'DESC' : 'ASC';
  95. 		
  96. 		$this->getView('MainView')->userlist();
  97. 		
  98. 	}
  99. 	
  100. 	public function viewtopic()
  101. 	{
  102. 		$this->loadDependencies();
  103. 		
  104. 		$this->loadModel('PostsModel');
  105. 		
  106. 		$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  107. 		
  108. 		$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
  109. 		
  110. 		if ($t == null)
  111. 			$this->getView('MainView')->forum_message('Topic does not exist!', buildURL('index.php')); 
  112. 		else
  113. 		{
  114. 			$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
  115. 			$this->getView('MainView')->viewtopic();
  116. 		}
  117. 	}
  118. 	
  119. 	public function newtopic()
  120. 	{
  121. 		$this->posting(POSTING_NEWTOPIC);
  122. 	}
  123. 	
  124. 	public function reply()
  125. 	{
  126. 		$this->posting(POSTING_REPLY);
  127. 	}
  128. 	
  129. 	public function editpost()
  130. 	{
  131. 		$this->posting(POSTING_EDIT);
  132. 	}
  133. 	
  134. 	public function quote()
  135. 	{
  136. 		$this->posting(POSTING_QUOTE);
  137. 	}
  138. 	
  139. 	public function moderate()
  140. 	{
  141. 		$this->loadDependencies();
  142. 		$this->loadModel('PostsModel');
  143. 		$this->loadModel('ForumsModel');
  144. 		
  145. 		$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  146. 		$_GET['submode'] = (isset($_GET['submode'])) ? trim(strip_tags($this->db->real_escape_string($_GET['submode']))) : 0;
  147. 		
  148. 		if (!$this->getModel('SessionModel')->isLogged())
  149. 		{
  150. 			$this->getView('MainView')->forum_message('You are not logged.', buildURL('index.php?mode=login', true));
  151. 			$lockv = true;
  152. 		}
  153. 		
  154. 		if ($this->getModel('SessionModel')->getRank() == RANK_USER && !isset($lockv))
  155. 		{
  156. 			$this->getView('MainView')->forum_message('Only mods have access to this menu', buildURL('index.php'));
  157. 			$lockv = true;
  158. 		}
  159. 		
  160. 		//sprawdź czy wątek/post istnieje

  161. 		
  162. 		if (!isset($lockv))
  163. 		switch($_GET['submode'])
  164. 		{
  165. 			case 'deletetopic':
  166. 			case 'locktopic':
  167. 			case 'movetopic':
  168. 				$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
  169. 				
  170. 				if ($t == null)
  171. 				{
  172. 					$this->getView('MainView')->forum_message('Topic does not exist!', buildURL('index.php'));
  173. 					$lockv = true;
  174. 				}	
  175. 				break;
  176. 				
  177. 			case 'deletepost':
  178. 				$p = $this->getModel('PostsModel')->getPost($_GET['id']);
  179. 				if ($p == null)
  180. 				{
  181. 					$this->getView('MainView')->forum_message('Post does not exist!', buildURL('index.php'));
  182. 					$lockv = true;
  183. 				}
  184. 				else
  185. 				{
  186. 					$t = $this->getModel('PostsModel')->getTopic($p['topic_id']);
  187. 					
  188. 					if ($t['post_count'] == 1)
  189. 					{
  190. 						$this->getView('MainView')->forum_message('If topic has only one post, use <span style="font-weight: bold">delete topic</span> option.', buildURL('index.php?mode=viewtopic&amp;id='.$p['topic_id']), 3);
  191. 						$lockv = true;
  192. 					}
  193. 				}
  194. 				
  195. 				break;
  196. 			
  197. 			default:
  198. 				$this->getView('MainView')->forum_message('Invalid mode', buildURL('index.php'));
  199. 				$lockv = true;
  200. 				break;
  201. 		}
  202. 		
  203. 		//wysyłanie formularza

  204. 		if (isset($_POST['confirmed']) && !isset($lockv))
  205. 		{
  206. 			if (!isset($_POST['rejected']))
  207. 			{
  208. 				switch($_GET['submode'])
  209. 				{
  210. 					case 'deletepost':
  211. 						$this->getModel('PostsModel')->deletePost($_GET['id']);
  212. 						$this->getView('MainView')->forum_message('Post deleted. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$p['topic_id']));
  213. 						$lockv = true;
  214. 						break;
  215. 						
  216. 					case 'deletetopic':
  217. 						$this->getModel('PostsModel')->deleteTopic($_GET['id']);
  218. 						$this->getView('MainView')->forum_message('Topic deleted. Redirecting...', buildURL('index.php?mode=viewforum&amp;id='.$t['forum_id']));
  219. 						$lockv = true;
  220. 						break;
  221. 						
  222. 					case 'locktopic':
  223. 						if ($t['topic_locked'] == false)
  224. 						{
  225. 							$this->getModel('PostsModel')->lockTopic($_GET['id']);
  226. 							$this->getView('MainView')->forum_message('Topic locked. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  227. 						}
  228. 						else
  229. 						{
  230. 							$this->getModel('PostsModel')->lockTopic($_GET['id'], false);
  231. 							$this->getView('MainView')->forum_message('Topic unlocked. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  232. 						}
  233. 						$lockv = true;
  234. 						break;
  235. 					case 'movetopic':
  236. 						if ($this->getModel('ForumsModel')->getForum($_POST['forum_id']) == null)
  237. 							$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  238. 						else
  239. 						{
  240. 							$this->getModel('PostsModel')->moveTopic($_GET['id'], $_POST['forum_id']);
  241. 							$this->getView('MainView')->forum_message('Topic moved. Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  242. 						}
  243. 						$lockv = true;
  244. 						break;
  245. 						
  246. 				}
  247. 			}
  248. 			else
  249. 			{
  250. 				switch ($_GET['submode'])
  251. 				{
  252. 					case 'deletetopic':
  253. 					case 'locktopic':
  254. 					case 'movetopic':
  255. 						$this->forward(buildURL('index.php?mode=viewtopic&id='.$_GET['id']));
  256. 						break;
  257. 					case 'deletepost':
  258. 						$this->forward(buildURL('index.php?mode=viewtopic&id='.$p['topic_id']));
  259. 				}
  260. 			}
  261. 		}
  262. 		
  263. 		if (!isset($lockv))
  264. 		switch($_GET['submode'])
  265. 		{
  266. 			case 'deletepost':
  267. 				$this->getView('MainView')->confirm_action('Do you really want delete post <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  268. 				break;
  269. 			case 'deletetopic':
  270. 				$this->getView('MainView')->confirm_action('Do you really want delete topic <span style="font-weight: bold">#'.$_GET['id'].'</span> with all posts? This operation cannot undone.');
  271. 				break;
  272. 				
  273. 			case 'locktopic':
  274. 				if ($t['topic_locked'] == false)
  275. 					$this->getView('MainView')->confirm_action('Do you want lock topic <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  276. 				else
  277. 					$this->getView('MainView')->confirm_action('Do you want unlock topic <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
  278. 				break;
  279. 			case 'movetopic':
  280. 				$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
  281. 				$this->getView('MainView')->move_topic();
  282. 				break;
  283. 		}
  284. 	}
  285. 	
  286. 	
  287. 	public function posting($type)
  288. 	{
  289. 		$this->loadDependencies();
  290. 		$msg = '';
  291. 		
  292. 		$this->loadModel('PostsModel');
  293. 		$this->loadModel('ForumsModel');
  294. 	
  295. 		$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  296. 		
  297. 		if (!$this->getModel('SessionModel')->isLogged())
  298. 		{
  299. 			$this->getView('MainView')->forum_message('You are not logged.', buildURL('index.php?mode=login', true));
  300. 			$lockv = true;
  301. 		}
  302. 		
  303. 		//CHECKING IF TOPIC/FORUM EXISTS AND IS NOT LOCKED

  304. 		if (!isset($lockv))
  305. 		switch($type)
  306. 		{
  307. 			case POSTING_NEWTOPIC:	//checking if forum exists and is not locked

  308. 				$f = $this->getModel('ForumsModel')->getForum($_GET['id']);
  309. 		
  310. 				if ($f == null)
  311. 				{
  312. 					$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php'));
  313. 					$lockv = true;
  314. 				}
  315. 				else
  316. 					if ($f['locked'] == true)
  317. 					{
  318. 						$this->getView('MainView')->forum_message('Forum is locked', buildURL('index.php?mode=viewforum&amp;id='.$_GET['id']));
  319. 						$lockv = true;
  320. 					}
  321. 				break;
  322. 		
  323. 			case POSTING_REPLY:	//checking if topic exists

  324. 			case POSTING_QUOTE:
  325. 				$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
  326. 			
  327. 				if ($t == null)
  328. 				{
  329. 					$this->getView('MainView')->forum_message('Topic does not exist!', buildURL('index.php'));
  330. 					$lockv = true;
  331. 				}
  332. 				else
  333. 				{
  334. 					if ($t['forum_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  335. 					{
  336. 						$this->getView('MainView')->forum_message('Forum is locked', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  337. 						$lockv = true;
  338. 					}
  339. 					
  340. 					if ($t['topic_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  341. 					{
  342. 						$this->getView('MainView')->forum_message('Topic is locked', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  343. 						$lockv = true;
  344. 					}
  345. 					
  346. 					if ($type == POSTING_QUOTE)
  347. 					{
  348. 						$_GET['q'] = (isset($_GET['q'])) ? trim(strip_tags($this->db->real_escape_string($_GET['q']))) : 0;
  349. 						$qp = $this->getModel('PostsModel')->getPost($_GET['q']);
  350. 						
  351. 						if ($qp == null)
  352. 						{
  353. 							$this->getView('MainView')->forum_message('Invalid quoted post', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  354. 							$lockv = true;
  355. 						}
  356. 						else
  357. 						{
  358. 							if ($qp['topic_id'] != $_GET['id'])
  359. 							{
  360. 								$this->getView('MainView')->forum_message('Invalid quoted post', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  361. 								$lockv = true;
  362. 							}
  363. 						}
  364. 					}
  365. 				}
  366. 				break;
  367. 				
  368. 			case POSTING_EDIT:
  369. 				$p = $this->getModel('PostsModel')->getPost($_GET['id']);
  370. 				
  371. 				if ($p == null)
  372. 				{
  373. 					$this->getView('MainView')->forum_message('Post does not exist!', buildURL('index.php'));
  374. 					$lockv = true;
  375. 				}
  376. 				else
  377. 				{
  378. 					$t = $this->getModel('PostsModel')->getTopic($p['topic_id']);
  379. 					if ($t['forum_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  380. 					{
  381. 						$this->getView('MainView')->forum_message('Forum is locked', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  382. 						$lockv = true;
  383. 					}
  384. 					if ($t['topic_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  385. 					{
  386. 						$this->getView('MainView')->forum_message('Topic is locked', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  387. 						$lockv = true;
  388. 					}
  389. 					
  390. 					$first = $this->getModel('PostsModel')->getFirstPost($t['topic_id']);
  391. 					
  392. 					if ($first['post_id'] == $_GET['id'])
  393. 						$type = POSTING_EDITTOPIC;
  394. 						
  395. 					if ($p['user_id'] != $this->getModel('SessionModel')->getID() && $this->getModel('SessionModel')->getRank() < RANK_MOD)
  396. 					{
  397. 						$this->getView('MainView')->forum_message('You can edit only own posts', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  398. 						$lockv = true;
  399. 					}	
  400. 				}
  401. 				
  402. 				break;
  403. 		}
  404. 

  405. 		//przesłanie formularza --------------------------------------------------------------------------------

  406. 		if (isset($_POST['post']) && !isset($_POST['preview']) && !isset($lockv))
  407. 		{
  408. 			$_POST['post'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['post'])));
  409. 			
  410. 			if ($type == POSTING_NEWTOPIC || $type == POSTING_EDITTOPIC) //walidacja tytułu tematu (add, edit)

  411. 			{
  412. 				$_POST['topic'] = trim(strip_tags($this->db->real_escape_string($_POST['topic'])));
  413. 

  414. 				if (strlen($_POST['topic']) < 3)
  415. 					$msg .= 'Topic title is too short (min 3 characters)<br>';
  416. 			}
  417. 						
  418. 			if (strlen($_POST['post']) < 3)
  419. 				$msg .= 'Post content is too short (min 3 characters)<br>';
  420. 			
  421. 			if ($msg == null)
  422. 			{
  423. 				switch ($type)
  424. 				{
  425. 					case POSTING_NEWTOPIC: //akcje dodania nowego tematu

  426. 						
  427. 						$topic_id = $this->getModel('PostsModel')->addTopic($_POST['topic'], $_POST['post'], $_GET['id'], $this->getModel('SessionModel')->getID());
  428. 						if ($topic_id != null)
  429. 						{
  430. 							$this->getView('MainView')->forum_message('Topic created, Redirecting...', buildURL('index.php?mode=viewtopic&amp;id='.$topic_id));
  431. 							$lockv = true; 
  432. 						}	
  433. 						else
  434. 							$msg .= 'Something went wrong, try again.';
  435. 						break;
  436. 					case POSTING_EDITTOPIC:
  437. 					case POSTING_EDIT:
  438. 						$this->getModel('PostsModel')->changePost($_GET['id'], $_POST['post']);
  439. 						
  440. 						if ($type == POSTING_EDITTOPIC)
  441. 							$this->getModel('PostsModel')->changeTopic($t['topic_id'], $_POST['topic']);
  442. 						
  443. 						$this->getView('MainView')->forum_message('Post edited. Redirecting to topic...', buildURL('index.php?mode=viewtopic&amp;id='.$t['topic_id']));
  444. 						$lockv = true;
  445. 						break;	
  446. 					
  447. 					case POSTING_QUOTE:
  448. 					case POSTING_REPLY:
  449. 						$this->getModel('PostsModel')->addPost($_GET['id'], $this->getModel('SessionModel')->getID(), $_POST['post']);
  450. 						
  451. 						$this->getView('MainView')->forum_message('Reply saved. Redirecting to topic...', buildURL('index.php?mode=viewtopic&amp;id='.$_GET['id']));
  452. 						$lockv = true;
  453. 						break;
  454. 				}				
  455. 			}
  456. 		}
  457. 		
  458. 		if (!isset($lockv))
  459. 		{
  460. 			switch ($type)
  461. 			{
  462. 				case POSTING_NEWTOPIC:
  463. 				case POSTING_REPLY:
  464. 					$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : '';
  465. 					break;
  466. 				case POSTING_EDITTOPIC:
  467. 					$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : $p['content'];
  468. 					$_POST['topic'] = (isset($_POST['topic'])) ? $_POST['topic'] : $t['topic_title'];
  469. 					break;
  470. 				case POSTING_EDIT:
  471. 					$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : $p['content'];
  472. 					break;
  473. 					
  474. 				case POSTING_QUOTE:
  475. 					$quote = ($qp['nick'] != null) ? '='.$qp['nick'] : '';
  476. 					$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : '[quote'.$quote.']'.$qp['content'].'[/quote]';
  477. 					break;
  478. 				
  479. 			}
  480. 			if ($type == POSTING_NEWTOPIC)
  481. 				$_POST['topic'] = (isset($_POST['topic'])) ? $_POST['topic'] : ''; //tylko edycja/tworzenie tematu

  482. 			
  483. 			$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
  484. 			$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
  485. 			
  486. 			$this->getView('MainView')->posting_form($type, $msg);
  487. 		}
  488. 	}
  489. 	
  490. 	public function myprofile()
  491. 	{
  492. 		$this->loadDependencies();
  493. 		if (!$this->getModel('SessionModel')->isLogged())
  494. 			$this->forward('index.php');
  495. 		else
  496. 			$this->forward(buildURL('index.php?mode=viewprofile&id='.$this->getModel('SessionModel')->getID()));
  497. 	}
  498. 	
  499. 	public function viewprofile()
  500. 	{
  501. 		$this->loadDependencies();
  502. 		
  503. 		$this->loadModel('UsersModel');
  504. 		$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
  505. 		
  506. 		$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
  507. 		
  508. 		if ($this->getModel('UsersModel')->getUserInformation($_GET['id']) == null)
  509. 			$this->getView('MainView')->forum_message('User does not exist!', buildURL('index.php')); 
  510. 		else
  511. 		{
  512. 			$this->getView('MainView')->viewprofile();
  513. 		}
  514. 	}
  515. 	
  516. 	public function editprofile()
  517. 	{
  518. 		$this->loadDependencies();
  519. 		$this->loadModel('UsersModel');
  520. 		$user_info = $this->getModel('UsersModel')->getUserInformation($this->getModel('SessionModel')->getID(), true);
  521. 		
  522. 		if (!$this->getModel('SessionModel')->isLogged())
  523. 		{
  524. 			$this->getView('MainView')->forum_message('You are not logged.', buildURL('index.php?mode=login', true));
  525. 		}
  526. 		else
  527. 		{
  528. 			$msg = '';
  529. 			if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email']))
  530. 			{
  531. 				//secure pools

  532. 				$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
  533. 				$_POST['passwd_old'] = trim(strip_tags($_POST['passwd_old']));
  534. 				$_POST['passwd'] = trim(strip_tags($_POST['passwd']));
  535. 				$_POST['passwd_confirm'] = trim(strip_tags($_POST['passwd_confirm']));
  536. 				$_POST['email'] = trim(strip_tags($this->db->real_escape_string($_POST['email'])));
  537. 				$_POST['location'] = trim(strip_tags($this->db->real_escape_string($_POST['location'])));
  538. 				$_POST['signature'] = trim(strip_tags($this->db->real_escape_string($_POST['signature'])));
  539. 		
  540. 				if ($_POST['email'] != $user_info['email'] || $_POST['passwd'] != '')
  541. 				{
  542. 					if ($this->getModel('UsersModel')->generatePasswordHash($user_info['nick'], $_POST['passwd_old']) != $user_info['password'])
  543. 						$msg .= 'Old password is incorrect!<br>';
  544. 				}
  545. 				if ($_POST['passwd'] != '')
  546. 				{
  547. 					if (strlen($_POST['passwd']) < 8)
  548. 						$msg .= 'Password is too short (min 8 characters)<br>';	
  549. 						
  550. 					if ($_POST['passwd'] != $_POST['passwd_confirm'])
  551. 						$msg .= 'Password do not match!<br>';
  552. 				}
  553. 				
  554. 				//check if avatar is uploaded

  555. 				if ($_FILES['avatar']['tmp_name'] != null)
  556. 				{
  557. 					global $allowed_avatars;
  558. 					$image_size = @getimagesize($_FILES['avatar']['tmp_name']);
  559. 

  560. 					if ($image_size == null)
  561. 						$msg .= 'Type of uploaded file are not allowed.<br>';
  562. 					else
  563. 						if (!in_array($image_size['mime'], $allowed_avatars))
  564. 							$msg .= 'Type of uploaded avatar is not supported.<br>';
  565. 						else
  566. 							if ($image_size[0] > 120 || $image_size[1] > 150)
  567. 								$msg .= 'Uploaded avatar is too big (maximum 120x150 px).<br>';
  568. 				}
  569. 				
  570. 				if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
  571. 					$msg .= 'Email is incorrect<br>';
  572. 				
  573. 				if ($msg == '')
  574. 				{
  575. 					if ($_FILES['avatar']['tmp_name'] != null && !isset($_POST['delete_avatar'])) //change an avatar

  576. 					{
  577. 						if ($user_info['avatar'] != '')
  578. 							unlink('./'.$user_info['avatar']);
  579. 							
  580. 						$ext = pathinfo($_FILES['avatar']['name'], PATHINFO_EXTENSION);
  581. 						$av = 'images/avatars/'.$this->getModel('SessionModel')->getID().'.'.$ext;
  582. 						move_uploaded_file($_FILES['avatar']['tmp_name'], './'.$av); 
  583. 					}
  584. 					else
  585. 						if (isset($_POST['delete_avatar']))
  586. 						{
  587. 							unlink('./'.$user_info['avatar']);
  588. 							$av = '';
  589. 						}
  590. 						else
  591. 							$av = $user_info['avatar']; //if new avatar is not set

  592. 					
  593. 					if ($_POST['passwd'] != '')
  594. 						$this->getModel('UsersModel')->changeUserPassword($this->getModel('SessionModel')->getID(), $user_info['nick'], $_POST['passwd']);
  595. 					
  596. 					$this->getModel('UsersModel')->updateUserProfile($this->getModel('SessionModel')->getID(), '', $_POST['email'], $_POST['location'], $_POST['signature'], $av);
  597. 					$this->getView('MainView')->forum_message('Your profile has changed.', buildURL('index.php?mode=viewprofile&amp;id='.$this->getModel('SessionModel')->getID()));
  598. 					$lockv = true;
  599. 

  600. 				}
  601. 			}			
  602. 			
  603. 			$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : $user_info['nick'];
  604. 			$_POST['email'] = (isset($_POST['email'])) ? $_POST['email'] : $user_info['email'];
  605. 			$_POST['location'] = (isset($_POST['location'])) ? $_POST['location'] : $user_info['location'];
  606. 			$_POST['signature'] = (isset($_POST['signature'])) ? $_POST['signature'] : $user_info['signature'];
  607. 	
  608. 			$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
  609. 		
  610. 			if (!isset($lockv))
  611. 				$this->getView('MainView')->edprofile_form($msg);
  612. 		}
  613. 	}
  614. 	
  615. 	public function logout()
  616. 	{
  617. 		$this->loadDependencies();
  618. 	
  619. 		if (!$this->getModel('SessionModel')->isLogged())
  620. 			$this->forward('index.php');
  621. 			
  622. 		$this->getModel('SessionModel')->deleteSession();
  623. 		
  624. 		$this->getView('MainView')->forum_message('You are logged out.', buildURL('index.php'));
  625. 	}
  626. 	
  627. 	public function login()
  628. 	{
  629. 		$this->loadDependencies();
  630. 		$this->loadModel('BansModel');
  631. 		$this->loadModel('UsersModel');
  632. 		
  633. 		if ($this->getModel('SessionModel')->isLogged())
  634. 			$this->forward(buildURL('index.php'));
  635. 		
  636. 		$msg = '';
  637. 		if (isset($_POST['nick'], $_POST['passwd']))
  638. 		{
  639. 			//secure pools

  640. 			$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
  641. 			$_POST['passwd'] = $this->getModel('UsersModel')->generatePasswordHash($_POST['nick'], trim(strip_tags($this->db->real_escape_string($_POST['passwd']))));
  642. 			
  643. 			$userinfo = $this->getModel('SessionModel')->tryGetUser($_POST['nick'], $_POST['passwd']);
  644. 			
  645. 			if (count($userinfo) == 0)
  646. 				$msg = 'Invalid username or password.';
  647. 				
  648. 			if ($msg == '')
  649. 			{
  650. 				$ban_info = $this->getModel('BansModel')->getUserBan($userinfo['user_id']);
  651. 				
  652. 				if ($ban_info == null)
  653. 				{
  654. 					$this->getModel('SessionModel')->registerNewSession($userinfo['user_id']);
  655. 					$this->getView('MainView')->forum_message('You are logged as: <span style="font-weight: bold">'.$userinfo['nick'].'</span>', buildURL('index.php'));
  656. 				}
  657. 				else
  658. 				{
  659. 					$reason = ($ban_info['reason'] != '') ? '<br>Reason: <span style="font-style: italic">'.$ban_info['reason'].'</span>' : '';
  660. 					$this->getView('MainView')->forum_message('You are banned!'.$reason);
  661. 				}
  662. 				$lockv = true;
  663. 			}
  664. 		}
  665. 		
  666. 		$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : '';
  667. 		if (!isset($lockv))
  668. 			$this->getView('MainView')->login_form($msg);
  669. 	}
  670. 	
  671. 	public function register()
  672. 	{
  673. 		$this->loadDependencies();
  674. 		$this->loadModel('UsersModel');
  675. 		
  676. 		if ($this->getModel('SessionModel')->isLogged())
  677. 			$this->forward('index.php');
  678. 		
  679. 		$msg = '';
  680. 		if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email']))
  681. 		{
  682. 			//secure pools

  683. 			$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
  684. 			$_POST['passwd'] = trim(strip_tags($_POST['passwd']));
  685. 			$_POST['passwd_confirm'] = trim(strip_tags($_POST['passwd_confirm']));
  686. 			$_POST['email'] = trim(strip_tags($this->db->real_escape_string($_POST['email'])));
  687. 			
  688. 			if (strlen($_POST['nick']) < 3)
  689. 				$msg .= 'Nick is too short (min 3 characters)<br>';
  690. 				
  691. 			if (strlen($_POST['passwd']) < 8)
  692. 				$msg .= 'Password is too short (min 8 characters)<br>';
  693. 				
  694. 			if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
  695. 				$msg .= 'Email is incorrect<br>';
  696. 			
  697. 			if ($this->getModel('UsersModel')->nickExists($_POST['nick']) == true)
  698. 				$msg .= 'Nick is in use. Type another one.<br>';
  699. 			
  700. 			if ($_POST['passwd'] != $_POST['passwd_confirm'])
  701. 				$msg .= 'Password do not match';
  702. 				
  703. 			if ($msg == '')
  704. 			{
  705. 				$this->getModel('UsersModel')->createNewUser($_POST['nick'], $_POST['passwd'], $_POST['email']);
  706. 				$this->getView('MainView')->forum_message('Your account has created. Log in to write new posts.', buildURL('index.php'), 3);
  707. 				$lockv = true;
  708. 			}
  709. 		}
  710. 		
  711. 		$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : '';
  712. 		$_POST['email'] = (isset($_POST['email'])) ? $_POST['email'] : '';
  713. 		
  714. 		if (!isset($lockv))
  715. 			$this->getView('MainView')->register_form($msg);
  716. 	}
  717. 	
  718. 	public function checknick()
  719. 	{
  720. 		$this->loadModel('UsersModel');
  721. 		if (!isset($_GET['nick']))
  722. 			$_GET['nick'] = '';
  723. 			
  724. 		$_GET['nick'] = trim($this->db->real_escape_string(strip_tags($_GET['nick'])));
  725. 		
  726. 		if ($this->getModel('UsersModel')->nickExists($_GET['nick']) == true)
  727. 			echo 'true';
  728. 		else
  729. 			echo 'false';
  730. 	}
  731. }
  732. 

  733. ?>