pioder
/
uf2
1
0
Fork 0
Code Releases 0 Activity
Browse Source

several updates in admin controller (buildURL) 

implemented two new functions (variable cleaning) to use in future
master
Piotr Dergun 10 years ago
parent
5899fffb29
commit
8354bd53a3
2 changed files with 50 additions and 25 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +25
    -25
      inc/controllers/AdminController.class.php
  2. +25
    -0
      inc/misc_functions.php

+ 25
- 25
inc/controllers/AdminController.class.php View File

@ -30,13 +30,13 @@ class AdminController extends Controller
if (!$this->getModel('SessionModel')->isLogged()) if (!$this->getModel('SessionModel')->isLogged())
{ {
$this->getView('MainView')->forum_message('You are not logged.', 'index.php?mode=login', true);
$this->getView('MainView')->forum_message('You are not logged.', buildURL('index.php?mode=login'), true);
$lockv = true; $lockv = true;
} }
if ($this->getModel('SessionModel')->getRank() == RANK_USER && !isset($lockv)) if ($this->getModel('SessionModel')->getRank() == RANK_USER && !isset($lockv))
{ {
$this->getView('MainView')->forum_message('You are not admin', 'index.php');
$this->getView('MainView')->forum_message('You are not admin', buildURL('index.php'));
$lockv = true; $lockv = true;
} }
@ -63,7 +63,7 @@ class AdminController extends Controller
if ($user_info == null) if ($user_info == null)
{ {
$this->getView('MainView')->forum_message('User does not exist!', 'index.php?mode=admin&submode=users');
$this->getView('MainView')->forum_message('User does not exist!', buildURL('index.php?mode=admin&submode=users', true));
$lockv = true; $lockv = true;
} }
else else
@ -148,7 +148,7 @@ class AdminController extends Controller
$this->getModel('UsersModel')->changeUserRank($_GET['id'], $_POST['user_rank']); $this->getModel('UsersModel')->changeUserRank($_GET['id'], $_POST['user_rank']);
$this->getModel('UsersModel')->updateUserProfile($_GET['id'], $_POST['nick'], $_POST['email'], $_POST['location'], $_POST['signature'], $av); $this->getModel('UsersModel')->updateUserProfile($_GET['id'], $_POST['nick'], $_POST['email'], $_POST['location'], $_POST['signature'], $av);
$this->getView('MainView')->forum_message('User profile has changed.', 'index.php?mode=admin&submode=users');
$this->getView('MainView')->forum_message('User profile has changed.', buildURL('index.php?mode=admin&submode=users', true));
$lockv = true; $lockv = true;
} }
@ -216,14 +216,14 @@ class AdminController extends Controller
$user_info = $this->getModel('UsersModel')->getUserInformation($_GET['id']); $user_info = $this->getModel('UsersModel')->getUserInformation($_GET['id']);
if ($user_info == null) if ($user_info == null)
{ {
$this->getView('MainView')->forum_message('User does not exist!', 'index.php?mode=admin&submode=users');
$this->getView('MainView')->forum_message('User does not exist!', buildURL('index.php?mode=admin&submode=users', true));
$lockv = true; $lockv = true;
} }
else else
{ {
if ($_GET['id'] == $this->getModel('SessionModel')->getID()) if ($_GET['id'] == $this->getModel('SessionModel')->getID())
{ {
$this->getView('MainView')->forum_message('You cannot delete own profile!', 'index.php?mode=admin&submode=users');
$this->getView('MainView')->forum_message('You cannot delete own profile!', buildURL('index.php?mode=admin&submode=users', true));
$lockv = true; $lockv = true;
} }
} }
@ -236,12 +236,12 @@ class AdminController extends Controller
$this->getModel('UsersModel')->deleteUser($_GET['id']); $this->getModel('UsersModel')->deleteUser($_GET['id']);
if ($user_info['avatar'] != null) //delete user's avatar if ($user_info['avatar'] != null) //delete user's avatar
unlink('./'.$user_info['avatar']); unlink('./'.$user_info['avatar']);
$this->getView('MainView')->forum_message('Profile deleted. Redirecting to users list...', 'index.php?mode=admin&submode=users');
$this->getView('MainView')->forum_message('Profile deleted. Redirecting to users list...', buildURL('index.php?mode=admin&submode=users', true));
$lockv = true; $lockv = true;
} }
else else
{ {
$this->forward('index.php?mode=admin&submode=users');
$this->forward(buildURL('index.php?mode=admin&submode=users'));
} }
} }
@ -284,7 +284,7 @@ class AdminController extends Controller
if ($_POST['forum_desc'] != $this->getModel('ConfigModel')->getConf('forum_desc')) if ($_POST['forum_desc'] != $this->getModel('ConfigModel')->getConf('forum_desc'))
$this->getModel('ConfigModel')->updateConf('forum_desc', $_POST['forum_desc']); $this->getModel('ConfigModel')->updateConf('forum_desc', $_POST['forum_desc']);
$this->getView('MainView')->forum_message('Forum configuration updated. Redirecting...', 'index.php?mode=admin&submode=config');
$this->getView('MainView')->forum_message('Forum configuration updated. Redirecting...', buildURL('index.php?mode=admin&submode=config', true));
$lockv = true; $lockv = true;
} }
} }
@ -348,7 +348,7 @@ class AdminController extends Controller
if ($forum_info == null) if ($forum_info == null)
{ {
$this->getView('MainView')->forum_message('Forum does not exist!', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true; $lockv = true;
} }
@ -357,11 +357,11 @@ class AdminController extends Controller
if (!isset($_POST['rejected'])) if (!isset($_POST['rejected']))
{ {
$this->getModel('ForumsModel')->deleteForum($_GET['id']); $this->getModel('ForumsModel')->deleteForum($_GET['id']);
$this->getView('MainView')->forum_message('Forum deleted. Redirecting...', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Forum deleted. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true; $lockv = true;
} }
else else
$this->forward('index.php?mode=admin&submode=forums');
$this->forward(buildURL('index.php?mode=admin&submode=forums', true));
} }
if (!isset($lockv)) if (!isset($lockv))
@ -380,7 +380,7 @@ class AdminController extends Controller
if ($cat_info == null) if ($cat_info == null)
{ {
$this->getView('MainView')->forum_message('Category does not exist!', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Category does not exist!', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true; $lockv = true;
} }
@ -389,11 +389,11 @@ class AdminController extends Controller
if (!isset($_POST['rejected'])) if (!isset($_POST['rejected']))
{ {
$this->getModel('ForumsModel')->deleteCat($_GET['id']); $this->getModel('ForumsModel')->deleteCat($_GET['id']);
$this->getView('MainView')->forum_message('Category deleted. Redirecting...', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Category deleted. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true; $lockv = true;
} }
else else
$this->forward('index.php?mode=admin&submode=forums');
$this->forward(buildURL('index.php?mode=admin&submode=forums', true));
} }
if (!isset($lockv)) if (!isset($lockv))
@ -415,7 +415,7 @@ class AdminController extends Controller
if ($cat_info == null) if ($cat_info == null)
{ {
$this->getView('MainView')->forum_message('Category does not exist!', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Category does not exist!', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true; $lockv = true;
} }
} }
@ -432,13 +432,13 @@ class AdminController extends Controller
if ($m == 'add') if ($m == 'add')
{ {
$this->getModel('ForumsModel')->addCat($_POST['name']); $this->getModel('ForumsModel')->addCat($_POST['name']);
$this->getView('MainView')->forum_message('Category added. Redirecting...', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Category added. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true; $lockv = true;
} }
else else
{ {
$this->getModel('ForumsModel')->changeCat($_GET['id'], $_POST['name']); $this->getModel('ForumsModel')->changeCat($_GET['id'], $_POST['name']);
$this->getView('MainView')->forum_message('Category updated. Redirecting...', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Category updated. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true; $lockv = true;
} }
} }
@ -469,7 +469,7 @@ class AdminController extends Controller
if ($forum_info == null) if ($forum_info == null)
{ {
$this->getView('MainView')->forum_message('Forum does not exist!', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true; $lockv = true;
} }
} }
@ -496,13 +496,13 @@ class AdminController extends Controller
if ($m == 'add') if ($m == 'add')
{ {
$this->getModel('ForumsModel')->addForum($_POST['name'], $_POST['desc'], $_POST['category_id'], $_POST['locked']); $this->getModel('ForumsModel')->addForum($_POST['name'], $_POST['desc'], $_POST['category_id'], $_POST['locked']);
$this->getView('MainView')->forum_message('Forum added. Redirecting...', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Forum added. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true; $lockv = true;
} }
else else
{ {
$this->getModel('ForumsModel')->changeForum($_GET['id'], $_POST['name'], $_POST['desc'], $_POST['category_id'], $_POST['locked']); $this->getModel('ForumsModel')->changeForum($_GET['id'], $_POST['name'], $_POST['desc'], $_POST['category_id'], $_POST['locked']);
$this->getView('MainView')->forum_message('Forum updated. Redirecting...', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Forum updated. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true; $lockv = true;
} }
} }
@ -546,7 +546,7 @@ class AdminController extends Controller
if ($ban_info == null) if ($ban_info == null)
{ {
$this->getView('MainView')->forum_message('Ban does not exist!', 'index.php?mode=admin&submode=banlist');
$this->getView('MainView')->forum_message('Ban does not exist!', buildURL('index.php?mode=admin&submode=banlist', true));
$lockv = true; $lockv = true;
} }
@ -555,11 +555,11 @@ class AdminController extends Controller
if (!isset($_POST['rejected'])) if (!isset($_POST['rejected']))
{ {
$this->getModel('BansModel')->deleteBan($_GET['id']); $this->getModel('BansModel')->deleteBan($_GET['id']);
$this->getView('MainView')->forum_message('Ban deleted. Redirecting...', 'index.php?mode=admin&submode=banlist');
$this->getView('MainView')->forum_message('Ban deleted. Redirecting...', buildURL('index.php?mode=admin&submode=banlist', true));
$lockv = true; $lockv = true;
} }
else else
$this->forward('index.php?mode=admin&submode=banlist');
$this->forward(buildURL('index.php?mode=admin&submode=banlist', true));
} }
if (!isset($lockv)) if (!isset($lockv))
@ -594,7 +594,7 @@ class AdminController extends Controller
if ($msg == '') if ($msg == '')
{ {
$this->getModel('BansModel')->addBan($_POST['user_id'], $_POST['reason']); $this->getModel('BansModel')->addBan($_POST['user_id'], $_POST['reason']);
$this->getView('MainView')->forum_message('Ban added. Redirecting...', 'index.php?mode=admin&submode=banlist');
$this->getView('MainView')->forum_message('Ban added. Redirecting...', buildURL('index.php?mode=admin&submode=banlist', true));
$lockv = true; $lockv = true;
} }
} }

+ 25
- 0
inc/misc_functions.php View File

@ -20,4 +20,29 @@ function buildURL($URI, $https = false)
return $url; return $url;
} }
function post_default($key, $default='')
{
$_POST[$key] = (isset($_POST[$key])) ? stripslashes($_POST[$key]) : $default;
}
function clean_input(&$input, $dbobj, $opts = null)
{
$input = trim($input);
$input = $dbobj->real_escape_string($input);
if ($opts != null)
{
if (in_array('spchars', $opts)) //special chars
$input = htmlspecialchars($input);
if (in_array('nnegint', $opts)) //non-negative integer
{
$int_options = array('options' => array('min_range' => 0));
$input = var_dump(filter_var($input, FILTER_VALIDATE_INT, $int_options));
}
}
else
$input = strip_tags($input);
}
?> ?>

Write Preview
Loading…
Cancel
Save