pioder/uf2
1
0
Fork 0
Code Releases Activity

initial commit with snapshot 20140213

Browse Source
This commit is contained in:
Piotr Dergun
2015-02-14 12:01:53 +01:00
commit 12cd5888c5
93 changed files with 7038 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

605
inc/controllers/AdminController.class.php Normal file
View File

@@ -0,0 +1,605 @@
<?php
require ('./inc/controller.class.php');
class AdminController extends Controller
{
public function loadDefault()
{
$this->main();
}
private function loadDependencies() // zależności (sesje itp)
{
$this->loadModel('SessionModel'); //aktywacja sesji
$this->loadModel('ConfigModel'); //konfiguracja ogólna skryptu
$this->loadView('MainView');
$this->getView('MainView')->putExistingModel('SessionModel', $this->getModel('SessionModel'));
$this->getView('MainView')->putExistingModel('ConfigModel', $this->getModel('ConfigModel'));
if ($_SERVER['REQUEST_SCHEME'] == 'http')
$this->forward('https://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
if (!$this->getModel('SessionModel')->isLogged())
{
$this->getView('MainView')->forum_message('You are not logged.', 'index.php?mode=login', true);
$lockv = true;
}
if ($this->getModel('SessionModel')->getRank() == RANK_USER && !isset($lockv))
{
$this->getView('MainView')->forum_message('You are not admin', 'index.php');
$lockv = true;
}
if (!isset($lockv))
return true;
else
return false;
}
public function main()
{
if ($this->loadDependencies())
{
$this->getView('MainView')->admin_main();
}
}
public function eduser()
{
if ($this->loadDependencies())
{
$this->loadModel('UsersModel');
$user_info = $this->getModel('UsersModel')->getUserInformation($_GET['id'], true);
if ($user_info == null)
{
$this->getView('MainView')->forum_message('User does not exist!', 'index.php?mode=admin&amp;submode=users');
$lockv = true;
}
else
{
$msg = '';
if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email']))
{
//secure pools
$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
$_POST['passwd'] = trim(strip_tags($_POST['passwd']));
$_POST['passwd_confirm'] = trim(strip_tags($_POST['passwd_confirm']));
$_POST['email'] = trim(strip_tags($this->db->real_escape_string($_POST['email'])));
$_POST['location'] = trim(strip_tags($this->db->real_escape_string($_POST['location'])));
$_POST['signature'] = trim(strip_tags($this->db->real_escape_string($_POST['signature'])));
$_POST['user_rank'] = trim(strip_tags($this->db->real_escape_string($_POST['user_rank'])));
if ($_POST['passwd'] != '')
{
if (strlen($_POST['passwd']) < 8)
$msg .= 'Password is too short (min 8 characters)<br>';
if ($_POST['passwd'] != $_POST['passwd_confirm'])
$msg .= 'Password do not match!<br>';
}
if ($_GET['id'] == $this->getModel('SessionModel')->getID() && $_POST['user_rank'] != RANK_ADMIN)
{
$msg .= 'You cannot set rank for your profile<br>';
$_POST['user_rank'] = RANK_ADMIN;
}
if ($this->getModel('UsersModel')->nickExists($_POST['nick']) == true && $_POST['nick'] != $user_info['nick'])
$msg .= 'Nick is in use. Type another one.<br>';
if (strlen($_POST['nick']) < 3)
$msg .= 'Nick is too short (min 3 characters)<br>';
if ($_POST['user_rank'] > RANK_ADMIN || $_POST['user_rank'] < RANK_USER)
$msg .= 'Rank is not valid!<br>';
//check if avatar is uploaded
if ($_FILES['avatar']['tmp_name'] != null)
{
global $allowed_avatars;
$image_size = @getimagesize($_FILES['avatar']['tmp_name']);
if ($image_size == null)
$msg .= 'Type of uploaded file are not allowed.<br>';
else
if (!in_array($image_size['mime'], $allowed_avatars))
$msg .= 'Type of uploaded avatar is not supported.<br>';
else
if ($image_size[0] > 120 || $image_size[1] > 150)
$msg .= 'Uploaded avatar is too big (maximum 120x150 px).<br>';
}
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
$msg .= 'Email is incorrect<br>';
if ($msg == '')
{
if ($_FILES['avatar']['tmp_name'] != null && !isset($_POST['delete_avatar'])) //change an avatar
{
if ($user_info['avatar'] != '')
unlink('./'.$user_info['avatar']);
$ext = pathinfo($_FILES['avatar']['name'], PATHINFO_EXTENSION);
$av = 'images/avatars/'.$this->getModel('SessionModel')->getID().'.'.$ext;
move_uploaded_file($_FILES['avatar']['tmp_name'], './'.$av);
}
else
if (isset($_POST['delete_avatar']))
{
unlink('./'.$user_info['avatar']);
$av = '';
}
else
$av = $user_info['avatar']; //if new avatar is not set
if ($_POST['passwd'] != '')
$this->getModel('UsersModel')->changeUserPassword($_GET['id'], sha1($_POST['passwd']));
$this->getModel('UsersModel')->changeUserRank($_GET['id'], $_POST['user_rank']);
$this->getModel('UsersModel')->updateUserProfile($_GET['id'], $_POST['nick'], $_POST['email'], $_POST['location'], $_POST['signature'], $av);
$this->getView('MainView')->forum_message('User profile has changed.', 'index.php?mode=admin&amp;submode=users');
$lockv = true;
}
}
$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : $user_info['nick'];
$_POST['email'] = (isset($_POST['email'])) ? $_POST['email'] : $user_info['email'];
$_POST['location'] = (isset($_POST['location'])) ? $_POST['location'] : $user_info['location'];
$_POST['signature'] = (isset($_POST['signature'])) ? $_POST['signature'] : $user_info['signature'];
$_POST['user_rank'] = (isset($_POST['user_rank'])) ? $_POST['user_rank'] : $user_info['rank'];
$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
if (!isset($lockv))
$this->getView('MainView')->edprofile_form($msg, true);
}
}
}
public function users()
{
if ($this->loadDependencies())
{
if (isset($_GET['rank']))
{
switch ($_GET['rank'])
{
case 'admin':
$_GET['rank'] = RANK_ADMIN;
break;
case 'mod':
$_GET['rank'] = RANK_MOD;
break;
case 'user':
$_GET['rank'] = RANK_USER;
break;
default:
$_GET['rank'] = '';
break;
}
}
else
$_GET['rank'] = '';
$_POST['sort_type'] = (isset($_POST['sort_type'])) ? $this->db->real_escape_string($_POST['sort_type']) : 'regdate';
$allowed_sorting = array('regdate', 'lastvisit', 'nick', 'post_count');
if (!in_array($_POST['sort_type'], $allowed_sorting))
$_POST['sort_type'] = '';
$_POST['sort_desc'] = (isset($_POST['sort_desc'])) ? 'DESC' : 'ASC';
$this->getView('MainView')->admin_userlist();
}
}
public function deluser()
{
if ($this->loadDependencies())
{
$this->loadModel('UsersModel');
$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
$user_info = $this->getModel('UsersModel')->getUserInformation($_GET['id']);
if ($user_info == null)
{
$this->getView('MainView')->forum_message('User does not exist!', 'index.php?mode=admin&amp;submode=users');
$lockv = true;
}
else
{
if ($_GET['id'] == $this->getModel('SessionModel')->getID())
{
$this->getView('MainView')->forum_message('You cannot delete own profile!', 'index.php?mode=admin&amp;submode=users');
$lockv = true;
}
}
if (isset($_POST['confirmed']) && !isset($lockv))
{
if (!isset($_POST['rejected']))
{
$this->getModel('UsersModel')->deleteUser($_GET['id']);
$this->getView('MainView')->forum_message('Profile deleted. Redirecting to users list...', 'index.php?mode=admin&amp;submode=users');
$lockv = true;
}
else
{
$this->forward('index.php?mode=admin&submode=users');
}
}
if (!isset($lockv))
$this->getView('MainView')->confirm_action('Do you want delete user <span style="font-weight: bold">'.$user_info['nick'].'</span>? This operation cannot undone.');
}
}
public function config()
{
if ($this->loadDependencies())
{
$msg = '';
if (isset($_POST['forum_name'], $_POST['forum_desc']))
{
$_POST['forum_name'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['forum_name'])));
$_POST['forum_desc'] = trim(htmlspecialchars($_POST['forum_desc']));
if (strlen($_POST['forum_name']) < 3)
{
$msg .= 'Forum name is too short (min 3 characters)!<br>';
}
if (strlen($_POST['forum_name']) > 30)
{
$msg .= 'Forum name is too long (max 30 characters)!<br>';
}
if (strlen($_POST['forum_desc']) > 50)
{
$msg .= 'Forum description is too long (max 50 characters)!<br>';
}
if ($msg == '')
{
$what = '';
if ($_POST['forum_name'] != $this->getModel('ConfigModel')->getConf('forum_name'))
$this->getModel('ConfigModel')->updateConf('forum_name', $_POST['forum_name']);
if ($_POST['forum_desc'] != $this->getModel('ConfigModel')->getConf('forum_desc'))
$this->getModel('ConfigModel')->updateConf('forum_desc', $_POST['forum_desc']);
$this->getView('MainView')->forum_message('Forum configuration updated. Redirecting...', 'index.php?mode=admin&amp;submode=config');
$lockv = true;
}
}
$_POST['forum_name'] = (isset($_POST['forum_name'])) ? $_POST['forum_name'] : $this->getModel('ConfigModel')->getConf('forum_name');
$_POST['forum_desc'] = (isset($_POST['forum_desc'])) ? $_POST['forum_desc'] : $this->getModel('ConfigModel')->getConf('forum_desc');
if (!isset($lockv))
{
$this->getView('MainView')->admin_config($msg);
}
}
}
public function forums()
{
if ($this->loadDependencies())
{
$this->getView('MainView')->admin_forums();
}
}
public function addcat()
{
if ($this->loadDependencies())
{
$this->modify_cat('add');
}
}
public function edcat()
{
if ($this->loadDependencies())
{
$this->modify_cat('edit');
}
}
public function addforum()
{
if ($this->loadDependencies())
{
$this->modify_forum('add');
}
}
public function edforum()
{
if ($this->loadDependencies())
{
$this->modify_forum('edit');
}
}
public function delforum()
{
if ($this->loadDependencies())
{
$this->loadModel('ForumsModel');
$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
$forum_info = $this->getModel('ForumsModel')->getForum($_GET['id']);
if ($forum_info == null)
{
$this->getView('MainView')->forum_message('Forum does not exist!', 'index.php?mode=admin&amp;submode=forums');
$lockv = true;
}
if (isset($_POST['confirmed']) && !isset($lockv))
{
if (!isset($_POST['rejected']))
{
$this->getModel('ForumsModel')->deleteForum($_GET['id']);
$this->getView('MainView')->forum_message('Forum deleted. Redirecting...', 'index.php?mode=admin&amp;submode=forums');
$lockv = true;
}
else
$this->forward('index.php?mode=admin&submode=forums');
}
if (!isset($lockv))
$this->getView('MainView')->confirm_action('Do you REALLY want delete forum <span style="font-weight: bold">'.$forum_info['name'].'</span> with ALL CONTENT? <span style="text-decoration: underline">This operation cannot undone!</span>');
}
}
public function delcat()
{
if ($this->loadDependencies())
{
$this->loadModel('ForumsModel');
$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
$cat_info = $this->getModel('ForumsModel')->getCat($_GET['id']);
if ($cat_info == null)
{
$this->getView('MainView')->forum_message('Category does not exist!', 'index.php?mode=admin&amp;submode=forums');
$lockv = true;
}
if (isset($_POST['confirmed']) && !isset($lockv))
{
if (!isset($_POST['rejected']))
{
$this->getModel('ForumsModel')->deleteCat($_GET['id']);
$this->getView('MainView')->forum_message('Category deleted. Redirecting...', 'index.php?mode=admin&amp;submode=forums');
$lockv = true;
}
else
$this->forward('index.php?mode=admin&submode=forums');
}
if (!isset($lockv))
$this->getView('MainView')->confirm_action('Do you REALLY want delete category <span style="font-weight: bold">'.$cat_info['name'].'</span> with ALL FORUMS AND CONTENT? <span style="text-decoration: underline">This operation cannot undone!</span>');
}
}
private function modify_cat($m)
{
$msg = '';
$this->loadModel('ForumsModel');
if ($m == 'edit')
{
$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
$cat_info = $this->getModel('ForumsModel')->getCat($_GET['id']);
if ($cat_info == null)
{
$this->getView('MainView')->forum_message('Category does not exist!', 'index.php?mode=admin&amp;submode=forums');
$lockv = true;
}
}
if (isset($_POST['name']) && !isset($lockv))
{
$_POST['name'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['name'])));
if (strlen($_POST['name']) < 3)
$msg .= 'Category name is too short (min 3 characters)!<br>';
if ($msg == '')
{
if ($m == 'add')
{
$this->getModel('ForumsModel')->addCat($_POST['name']);
$this->getView('MainView')->forum_message('Category added. Redirecting...', 'index.php?mode=admin&amp;submode=forums');
$lockv = true;
}
else
{
$this->getModel('ForumsModel')->changeCat($_GET['id'], $_POST['name']);
$this->getView('MainView')->forum_message('Category updated. Redirecting...', 'index.php?mode=admin&amp;submode=forums');
$lockv = true;
}
}
}
if (!isset($lockv))
{
if ($m == 'add')
$_POST['name'] = (isset($_POST['name'])) ? $_POST['name'] : '';
else
$_POST['name'] = (isset($_POST['name'])) ? $_POST['name'] : $cat_info['name'];
$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
$this->getView('MainView')->admin_cat_form($msg, $m);
}
}
private function modify_forum($m)
{
$msg = '';
$this->loadModel('ForumsModel');
if ($m == 'edit')
{
$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
$forum_info = $this->getModel('ForumsModel')->getForum($_GET['id']);
if ($forum_info == null)
{
$this->getView('MainView')->forum_message('Forum does not exist!', 'index.php?mode=admin&amp;submode=forums');
$lockv = true;
}
}
if (isset($_POST['name']) && !isset($lockv))
{
$_POST['name'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['name'])));
$_POST['desc'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['desc'])));
$_POST['category_id'] = trim(strip_tags($this->db->real_escape_string($_POST['category_id'])));
$_POST['locked'] = trim(strip_tags($this->db->real_escape_string($_POST['locked'])));
$_POST['locked'] = ($_POST['locked'] == true) ? true : false;
if (strlen($_POST['name']) < 3)
$msg .= 'Forum name is too short (min 3 characters)!<br>';
$c = $this->getModel('ForumsModel')->getCat($_POST['category_id']);
if ($c == null)
$msg .= 'Category does not exist!<br>';
if ($msg == '')
{
if ($m == 'add')
{
$this->getModel('ForumsModel')->addForum($_POST['name'], $_POST['desc'], $_POST['category_id'], $_POST['locked']);
$this->getView('MainView')->forum_message('Forum added. Redirecting...', 'index.php?mode=admin&amp;submode=forums');
$lockv = true;
}
else
{
$this->getModel('ForumsModel')->changeForum($_GET['id'], $_POST['name'], $_POST['desc'], $_POST['category_id'], $_POST['locked']);
$this->getView('MainView')->forum_message('Forum updated. Redirecting...', 'index.php?mode=admin&amp;submode=forums');
$lockv = true;
}
}
}
if (!isset($lockv))
{
if ($m == 'add')
{
$_POST['name'] = (isset($_POST['name'])) ? $_POST['name'] : '';
$_POST['desc'] = (isset($_POST['desc'])) ? $_POST['desc'] : '';
$_POST['category_id'] = (isset($_POST['category_id'])) ? $_POST['category_id'] : '';
$_POST['locked'] = (isset($_POST['locked'])) ? $_POST['locked'] : '';
}
else
{
$_POST['name'] = (isset($_POST['name'])) ? $_POST['name'] : $forum_info['name'];
$_POST['desc'] = (isset($_POST['desc'])) ? $_POST['desc'] : $forum_info['desc'];
$_POST['category_id'] = (isset($_POST['category_id'])) ? $_POST['category_id'] : $forum_info['category_id'];
$_POST['locked'] = (isset($_POST['locked'])) ? $_POST['locked'] : $forum_info['locked'];
}
$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
$this->getView('MainView')->admin_forum_form($msg, $m);
}
}
public function banlist()
{
if ($this->loadDependencies())
$this->getView('MainView')->admin_banlist();
}
public function delban()
{
if ($this->loadDependencies())
{
$this->loadModel('BansModel');
$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
$ban_info = $this->getModel('BansModel')->getBan($_GET['id']);
if ($ban_info == null)
{
$this->getView('MainView')->forum_message('Ban does not exist!', 'index.php?mode=admin&amp;submode=banlist');
$lockv = true;
}
if (isset($_POST['confirmed']) && !isset($lockv))
{
if (!isset($_POST['rejected']))
{
$this->getModel('BansModel')->deleteBan($_GET['id']);
$this->getView('MainView')->forum_message('Ban deleted. Redirecting...', 'index.php?mode=admin&amp;submode=banlist');
$lockv = true;
}
else
$this->forward('index.php?mode=admin&submode=banlist');
}
if (!isset($lockv))
$this->getView('MainView')->confirm_action('Do you want delete ban for user <span style="font-weight: bold">'.$ban_info['nick'].'</span>?');
}
}
public function addban()
{
if ($this->loadDependencies())
{
$msg = '';
$this->loadModel('BansModel');
$this->loadModel('UsersModel');
if (isset($_POST['user_id'], $_POST['reason']))
{
$_POST['user_id'] = trim(strip_tags($this->db->real_escape_string($_POST['user_id'])));
$_POST['reason'] = trim(strip_tags($this->db->real_escape_string($_POST['reason'])));
if ($_POST['user_id'] == $this->getModel('SessionModel')->getID())
$msg .= 'You cannot ban your profile!<br>';
if ($this->getModel('BansModel')->getUserBan($_POST['user_id']) != null)
$msg .= 'This user has already been banned!<br>';
if ($this->getModel('UsersModel')->getUserInformation($_POST['user_id']) == null)
$msg .= 'User does not exist!<br>';
if ($msg == '')
{
$this->getModel('BansModel')->addBan($_POST['user_id'], $_POST['reason']);
$this->getView('MainView')->forum_message('Ban added. Redirecting...', 'index.php?mode=admin&amp;submode=banlist');
$lockv = true;
}
}
if (!isset($lockv))
{
$_POST['user_id'] = (isset($_POST['user_id'])) ? $_POST['user_id'] : '';
$_POST['reason'] = (isset($_POST['reason'])) ? $_POST['reason'] : '';
$this->getView('MainView')->admin_ban_form($msg);
}
}
}
}
?>

724
inc/controllers/MainController.class.php Normal file
View File

@@ -0,0 +1,724 @@
<?php
require ('./inc/controller.class.php');
class MainController extends Controller
{
public function loadDefault()
{
$this->main();
}
private function loadDependencies() // zależności (sesje itp)
{
$this->loadModel('SessionModel'); //aktywacja sesji
$this->loadModel('ConfigModel'); //konfiguracja ogólna skryptu
$this->loadView('MainView');
$this->getView('MainView')->putExistingModel('SessionModel', $this->getModel('SessionModel'));
$this->getView('MainView')->putExistingModel('ConfigModel', $this->getModel('ConfigModel'));
}
public function main()
{
$this->loadDependencies();
$this->getView('MainView')->main();
}
public function viewforum()
{
$this->loadDependencies();
$this->loadModel('ForumsModel');
$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
$f = $this->getModel('ForumsModel')->getForum($_GET['id']);
if ($f == null)
$this->getView('MainView')->forum_message('Forum does not exist!', 'index.php');
else
{
$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
$this->getView('MainView')->viewforum();
}
}
public function userlist()
{
$this->loadDependencies();
if (isset($_GET['rank']))
{
switch ($_GET['rank'])
{
case 'admin':
$_GET['rank'] = RANK_ADMIN;
break;
case 'mod':
$_GET['rank'] = RANK_MOD;
break;
case 'user':
$_GET['rank'] = RANK_USER;
break;
default:
$_GET['rank'] = '';
break;
}
}
else
$_GET['rank'] = '';
$_POST['sort_type'] = (isset($_POST['sort_type'])) ? $this->db->real_escape_string($_POST['sort_type']) : 'regdate';
$allowed_sorting = array('regdate', 'lastvisit', 'nick', 'post_count');
if (!in_array($_POST['sort_type'], $allowed_sorting))
$_POST['sort_type'] = '';
$_POST['sort_desc'] = (isset($_POST['sort_desc'])) ? 'DESC' : 'ASC';
$this->getView('MainView')->userlist();
}
public function viewtopic()
{
$this->loadDependencies();
$this->loadModel('PostsModel');
$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
if ($t == null)
$this->getView('MainView')->forum_message('Topic does not exist!', 'index.php');
else
{
$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
$this->getView('MainView')->viewtopic();
}
}
public function newtopic()
{
$this->posting(POSTING_NEWTOPIC);
}
public function reply()
{
$this->posting(POSTING_REPLY);
}
public function editpost()
{
$this->posting(POSTING_EDIT);
}
public function quote()
{
$this->posting(POSTING_QUOTE);
}
public function moderate()
{
$this->loadDependencies();
$this->loadModel('PostsModel');
$this->loadModel('ForumsModel');
$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
$_GET['submode'] = (isset($_GET['submode'])) ? trim(strip_tags($this->db->real_escape_string($_GET['submode']))) : 0;
if (!$this->getModel('SessionModel')->isLogged())
{
$this->getView('MainView')->forum_message('You are not logged.', 'index.php?mode=login');
$lockv = true;
}
if ($this->getModel('SessionModel')->getRank() == RANK_USER && !isset($lockv))
{
$this->getView('MainView')->forum_message('Only mods have access to this menu', 'index.php');
$lockv = true;
}
//sprawdź czy wątek/post istnieje
if (!isset($lockv))
switch($_GET['submode'])
{
case 'deletetopic':
case 'locktopic':
case 'movetopic':
$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
if ($t == null)
{
$this->getView('MainView')->forum_message('Topic does not exist!', 'index.php');
$lockv = true;
}
break;
case 'deletepost':
$p = $this->getModel('PostsModel')->getPost($_GET['id']);
if ($p == null)
{
$this->getView('MainView')->forum_message('Post does not exist!', 'index.php');
$lockv = true;
}
else
{
$t = $this->getModel('PostsModel')->getTopic($p['topic_id']);
if ($t['post_count'] == 1)
{
$this->getView('MainView')->forum_message('If topic has only one post, use <span style="font-weight: bold">delete topic</span> option.', 'index.php?mode=viewtopic&amp;id='.$p['topic_id'], 3);
$lockv = true;
}
}
break;
default:
$this->getView('MainView')->forum_message('Invalid mode', 'index.php');
$lockv = true;
break;
}
//wysyłanie formularza
if (isset($_POST['confirmed']) && !isset($lockv))
{
if (!isset($_POST['rejected']))
{
switch($_GET['submode'])
{
case 'deletepost':
$this->getModel('PostsModel')->deletePost($_GET['id']);
$this->getView('MainView')->forum_message('Post deleted. Redirecting...', 'index.php?mode=viewtopic&amp;id='.$p['topic_id']);
$lockv = true;
break;
case 'deletetopic':
$this->getModel('PostsModel')->deleteTopic($_GET['id']);
$this->getView('MainView')->forum_message('Topic deleted. Redirecting...', 'index.php?mode=viewforum&amp;id='.$t['forum_id']);
$lockv = true;
break;
case 'locktopic':
if ($t['topic_locked'] == false)
{
$this->getModel('PostsModel')->lockTopic($_GET['id']);
$this->getView('MainView')->forum_message('Topic locked. Redirecting...', 'index.php?mode=viewtopic&amp;id='.$_GET['id']);
}
else
{
$this->getModel('PostsModel')->lockTopic($_GET['id'], false);
$this->getView('MainView')->forum_message('Topic unlocked. Redirecting...', 'index.php?mode=viewtopic&amp;id='.$_GET['id']);
}
$lockv = true;
break;
case 'movetopic':
if ($this->getModel('ForumsModel')->getForum($_POST['forum_id']) == null)
$this->getView('MainView')->forum_message('Forum does not exist!', 'index.php?mode=viewtopic&amp;id='.$_GET['id']);
else
{
$this->getModel('PostsModel')->moveTopic($_GET['id'], $_POST['forum_id']);
$this->getView('MainView')->forum_message('Topic moved. Redirecting...', 'index.php?mode=viewtopic&amp;id='.$_GET['id']);
}
$lockv = true;
break;
}
}
else
{
switch ($_GET['submode'])
{
case 'deletetopic':
case 'locktopic':
case 'movetopic':
$this->forward('index.php?mode=viewtopic&id='.$_GET['id']);
break;
case 'deletepost':
$this->forward('index.php?mode=viewtopic&id='.$p['topic_id']);
}
}
}
if (!isset($lockv))
switch($_GET['submode'])
{
case 'deletepost':
$this->getView('MainView')->confirm_action('Do you really want delete post <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
break;
case 'deletetopic':
$this->getView('MainView')->confirm_action('Do you really want delete topic <span style="font-weight: bold">#'.$_GET['id'].'</span> with all posts? This operation cannot undone.');
break;
case 'locktopic':
if ($t['topic_locked'] == false)
$this->getView('MainView')->confirm_action('Do you want lock topic <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
else
$this->getView('MainView')->confirm_action('Do you want unlock topic <span style="font-weight: bold">#'.$_GET['id'].'</span>?');
break;
case 'movetopic':
$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
$this->getView('MainView')->move_topic();
break;
}
}
public function posting($type)
{
$this->loadDependencies();
$msg = '';
$this->loadModel('PostsModel');
$this->loadModel('ForumsModel');
$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
if (!$this->getModel('SessionModel')->isLogged())
{
$this->getView('MainView')->forum_message('You are not logged.', 'index.php?mode=login');
$lockv = true;
}
//SPRAWDZANIE CZY TEMAT/FORUM ISTNIEJE I CZY NIE ZABLOKOWANE
if (!isset($lockv))
switch($type)
{
case POSTING_NEWTOPIC: //sprawdzenie czy forum istnieje i czy nie zablokowane
$f = $this->getModel('ForumsModel')->getForum($_GET['id']);
if ($f == null)
{
$this->getView('MainView')->forum_message('Forum does not exist!', 'index.php');
$lockv = true;
}
else
if ($f['locked'] == true)
{
$this->getView('MainView')->forum_message('Forum is locked', 'index.php?mode=viewforum&amp;id='.$_GET['id']);
$lockv = true;
}
break;
case POSTING_REPLY: //sprawdzenie czy temat istnieje
case POSTING_QUOTE:
$t = $this->getModel('PostsModel')->getTopic($_GET['id']);
if ($t == null)
{
$this->getView('MainView')->forum_message('Topic does not exist!', 'index.php');
$lockv = true;
}
else
{
if ($t['forum_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
{
$this->getView('MainView')->forum_message('Forum is locked', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
$lockv = true;
}
if ($t['topic_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
{
$this->getView('MainView')->forum_message('Topic is locked', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
$lockv = true;
}
if ($type == POSTING_QUOTE)
{
$_GET['q'] = (isset($_GET['q'])) ? trim(strip_tags($this->db->real_escape_string($_GET['q']))) : 0;
$qp = $this->getModel('PostsModel')->getPost($_GET['q']);
if ($qp == null)
{
$this->getView('MainView')->forum_message('Invalid quoted post', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
$lockv = true;
}
else
{
if ($qp['topic_id'] != $_GET['id'])
{
$this->getView('MainView')->forum_message('Invalid quoted post', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
$lockv = true;
}
}
}
}
break;
case POSTING_EDIT:
$p = $this->getModel('PostsModel')->getPost($_GET['id']);
if ($p == null)
{
$this->getView('MainView')->forum_message('Post does not exist!', 'index.php');
$lockv = true;
}
else
{
$t = $this->getModel('PostsModel')->getTopic($p['topic_id']);
if ($t['forum_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
{
$this->getView('MainView')->forum_message('Forum is locked', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
$lockv = true;
}
if ($t['topic_locked'] == true && $this->getModel('SessionModel')->getRank() < RANK_MOD)
{
$this->getView('MainView')->forum_message('Topic is locked', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
$lockv = true;
}
//sprawdzić czy edycja tematu
// i ustawić opdowiednie parametry $type = POSTING_EDITTOPIC
$first = $this->getModel('PostsModel')->getFirstPost($t['topic_id']);
if ($first['post_id'] == $_GET['id'])
$type = POSTING_EDITTOPIC;
if ($p['user_id'] != $this->getModel('SessionModel')->getID() && $this->getModel('SessionModel')->getRank() < RANK_MOD)
{
$this->getView('MainView')->forum_message('You can edit only own posts', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
$lockv = true;
}
}
break;
}
//przesłanie formularza --------------------------------------------------------------------------------
if (isset($_POST['post']) && !isset($_POST['preview']) && !isset($lockv))
{
$_POST['post'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['post'])));
if ($type == POSTING_NEWTOPIC || $type == POSTING_EDITTOPIC) //walidacja tytułu tematu (add, edit)
{
$_POST['topic'] = trim(strip_tags($this->db->real_escape_string($_POST['topic'])));
if (strlen($_POST['topic']) < 3)
$msg .= 'Topic title is too short (min 3 characters)<br>';
}
if (strlen($_POST['post']) < 3)
$msg .= 'Post content is too short (min 3 characters)<br>';
if ($msg == null)
{
switch ($type)
{
case POSTING_NEWTOPIC: //akcje dodania nowego tematu
$topic_id = $this->getModel('PostsModel')->addTopic($_POST['topic'], $_POST['post'], $_GET['id'], $this->getModel('SessionModel')->getID());
if ($topic_id != null)
{
$this->getView('MainView')->forum_message('Topic created, Redirecting...', 'index.php?mode=viewtopic&amp;id='.$topic_id);
$lockv = true;
}
else
$msg .= 'Something went wrong, try again.';
break;
case POSTING_EDITTOPIC:
case POSTING_EDIT:
$this->getModel('PostsModel')->changePost($_GET['id'], $_POST['post']);
if ($type == POSTING_EDITTOPIC)
$this->getModel('PostsModel')->changeTopic($t['topic_id'], $_POST['topic']);
$this->getView('MainView')->forum_message('Post edited. Redirecting to topic...', 'index.php?mode=viewtopic&amp;id='.$t['topic_id']);
$lockv = true;
break;
case POSTING_QUOTE:
case POSTING_REPLY:
$this->getModel('PostsModel')->addPost($_GET['id'], $this->getModel('SessionModel')->getID(), $_POST['post']);
$this->getView('MainView')->forum_message('Reply saved. Redirecting to topic...', 'index.php?mode=viewtopic&amp;id='.$_GET['id']);
$lockv = true;
break;
}
}
}
if (!isset($lockv))
{
switch ($type)
{
case POSTING_NEWTOPIC:
case POSTING_REPLY:
$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : '';
break;
case POSTING_EDITTOPIC:
$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : $p['content'];
$_POST['topic'] = (isset($_POST['topic'])) ? $_POST['topic'] : $t['topic_title'];
break;
case POSTING_EDIT:
$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : $p['content'];
break;
case POSTING_QUOTE:
$quote = ($qp['nick'] != null) ? '='.$qp['nick'] : '';
$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : '[quote'.$quote.']'.$qp['content'].'[/quote]';
break;
}
if ($type == POSTING_NEWTOPIC)
$_POST['topic'] = (isset($_POST['topic'])) ? $_POST['topic'] : ''; //tylko edycja/tworzenie tematu
$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
$this->getView('MainView')->posting_form($type, $msg);
}
}
public function myprofile()
{
$this->loadDependencies();
if (!$this->getModel('SessionModel')->isLogged())
$this->forward('index.php');
else
$this->forward('index.php?mode=viewprofile&id='.$this->getModel('SessionModel')->getID());
}
public function viewprofile()
{
$this->loadDependencies();
$this->loadModel('UsersModel');
$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
$_GET['id'] = (isset($_GET['id'])) ? trim(strip_tags($this->db->real_escape_string($_GET['id']))) : 0;
if ($this->getModel('UsersModel')->getUserInformation($_GET['id']) == null)
$this->getView('MainView')->forum_message('User does not exist!', 'index.php');
else
{
//$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
$this->getView('MainView')->viewprofile();
}
}
public function editprofile()
{
$this->loadDependencies();
$this->loadModel('UsersModel');
$user_info = $this->getModel('UsersModel')->getUserInformation($this->getModel('SessionModel')->getID(), true);
if (!$this->getModel('SessionModel')->isLogged())
{
$this->getView('MainView')->forum_message('You are not logged.', 'index.php?mode=login');
}
else
{
$msg = '';
if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email']))
{
//secure pools
$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
$_POST['passwd_old'] = trim(strip_tags($_POST['passwd_old']));
$_POST['passwd'] = trim(strip_tags($_POST['passwd']));
$_POST['passwd_confirm'] = trim(strip_tags($_POST['passwd_confirm']));
$_POST['email'] = trim(strip_tags($this->db->real_escape_string($_POST['email'])));
$_POST['location'] = trim(strip_tags($this->db->real_escape_string($_POST['location'])));
$_POST['signature'] = trim(strip_tags($this->db->real_escape_string($_POST['signature'])));
if ($_POST['email'] != $user_info['email'] || $_POST['passwd'] != '')
{
if (sha1($_POST['passwd_old']) != $user_info['password'])
$msg .= 'Old password is incorrect!<br>';
}
if ($_POST['passwd'] != '')
{
if (strlen($_POST['passwd']) < 8)
$msg .= 'Password is too short (min 8 characters)<br>';
if ($_POST['passwd'] != $_POST['passwd_confirm'])
$msg .= 'Password do not match!<br>';
}
//check if avatar is uploaded
if ($_FILES['avatar']['tmp_name'] != null)
{
global $allowed_avatars;
$image_size = @getimagesize($_FILES['avatar']['tmp_name']);
if ($image_size == null)
$msg .= 'Type of uploaded file are not allowed.<br>';
else
if (!in_array($image_size['mime'], $allowed_avatars))
$msg .= 'Type of uploaded avatar is not supported.<br>';
else
if ($image_size[0] > 120 || $image_size[1] > 150)
$msg .= 'Uploaded avatar is too big (maximum 120x150 px).<br>';
}
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
$msg .= 'Email is incorrect<br>';
if ($msg == '')
{
if ($_FILES['avatar']['tmp_name'] != null && !isset($_POST['delete_avatar'])) //change an avatar
{
if ($user_info['avatar'] != '')
unlink('./'.$user_info['avatar']);
$ext = pathinfo($_FILES['avatar']['name'], PATHINFO_EXTENSION);
$av = 'images/avatars/'.$this->getModel('SessionModel')->getID().'.'.$ext;
move_uploaded_file($_FILES['avatar']['tmp_name'], './'.$av);
}
else
if (isset($_POST['delete_avatar']))
{
unlink('./'.$user_info['avatar']);
$av = '';
}
else
$av = $user_info['avatar']; //if new avatar is not set
if ($_POST['passwd'] != '')
$this->getModel('UsersModel')->changeUserPassword($this->getModel('SessionModel')->getID(), sha1($_POST['passwd']));
$this->getModel('UsersModel')->updateUserProfile($this->getModel('SessionModel')->getID(), '', $_POST['email'], $_POST['location'], $_POST['signature'], $av);
$this->getView('MainView')->forum_message('Your profile has changed.', 'index.php?mode=viewprofile&amp;id='.$this->getModel('SessionModel')->getID());
$lockv = true;
}
}
$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : $user_info['nick'];
$_POST['email'] = (isset($_POST['email'])) ? $_POST['email'] : $user_info['email'];
$_POST['location'] = (isset($_POST['location'])) ? $_POST['location'] : $user_info['location'];
$_POST['signature'] = (isset($_POST['signature'])) ? $_POST['signature'] : $user_info['signature'];
$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
if (!isset($lockv))
$this->getView('MainView')->edprofile_form($msg);
}
}
public function logout()
{
$this->loadDependencies();
if (!$this->getModel('SessionModel')->isLogged())
$this->forward('index.php');
$this->getModel('SessionModel')->deleteSession();
$this->getView('MainView')->forum_message('You are logged out.', 'index.php');
}
public function login()
{
$this->loadDependencies();
$this->loadModel('BansModel');
if ($_SERVER['REQUEST_SCHEME'] == 'http')
$this->forward('https://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
if ($this->getModel('SessionModel')->isLogged())
$this->forward('index.php');
$msg = '';
if (isset($_POST['nick'], $_POST['passwd']))
{
//secure pools
$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
$_POST['passwd'] = sha1(trim(strip_tags($this->db->real_escape_string($_POST['passwd']))));
$userinfo = $this->getModel('SessionModel')->tryGetUser($_POST['nick'], $_POST['passwd']);
if (count($userinfo) == 0)
$msg = 'Invalid username or password.';
if ($msg == '')
{
$ban_info = $this->getModel('BansModel')->getUserBan($userinfo['user_id']);
if ($ban_info == null)
{
$this->getModel('SessionModel')->registerNewSession($userinfo['user_id']);
$this->getView('MainView')->forum_message('You are logged as: <span style="font-weight: bold">'.$userinfo['nick'].'</span>', 'index.php');
}
else
{
$reason = ($ban_info['reason'] != '') ? '<br>Reason: <span style="font-style: italic">'.$ban_info['reason'].'</span>' : '';
$this->getView('MainView')->forum_message('You are banned!'.$reason);
}
$lockv = true;
}
}
$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : '';
if (!isset($lockv))
$this->getView('MainView')->login_form($msg);
}
public function register()
{
$this->loadDependencies();
$this->loadModel('UsersModel');
if ($this->getModel('SessionModel')->isLogged())
$this->forward('index.php');
if ($_SERVER['REQUEST_SCHEME'] == 'http')
$this->forward('https://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
$msg = '';
if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email']))
{
//secure pools
$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
$_POST['passwd'] = trim(strip_tags($_POST['passwd']));
$_POST['passwd_confirm'] = trim(strip_tags($_POST['passwd_confirm']));
$_POST['email'] = trim(strip_tags($this->db->real_escape_string($_POST['email'])));
if (strlen($_POST['nick']) < 3)
$msg .= 'Nick is too short (min 3 characters)<br>';
if (strlen($_POST['passwd']) < 8)
$msg .= 'Password is too short (min 8 characters)<br>';
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
$msg .= 'Email is incorrect<br>';
if ($this->getModel('UsersModel')->nickExists($_POST['nick']) == true)
$msg .= 'Nick is in use. Type another one.<br>';
if ($_POST['passwd'] != $_POST['passwd_confirm'])
$msg .= 'Password do not match';
if ($msg == '')
{
$this->getModel('UsersModel')->createNewUser($_POST['nick'], sha1($_POST['passwd']), $_POST['email']);
$this->getView('MainView')->forum_message('Your account has created. Log in to write new posts.', 'index.php');
$lockv = true;
}
}
$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : '';
$_POST['email'] = (isset($_POST['email'])) ? $_POST['email'] : '';
if (!isset($lockv))
$this->getView('MainView')->register_form($msg);
}
public function checknick()
{
$this->loadModel('UsersModel');
if (!isset($_GET['nick']))
$_GET['nick'] = '';
$_GET['nick'] = trim($this->db->real_escape_string(strip_tags($_GET['nick'])));
if ($this->getModel('UsersModel')->nickExists($_GET['nick']) == true)
echo 'true';
else
echo 'false';
}
}
?>