main(); } private function loadDependencies() // zależności (sesje itp) { $this->loadModel('SessionModel'); //aktywacja sesji $this->loadModel('ConfigModel'); //konfiguracja ogólna skryptu $this->loadView('MainView'); $this->getView('MainView')->putExistingModel('SessionModel', $this->getModel('SessionModel')); $this->getView('MainView')->putExistingModel('ConfigModel', $this->getModel('ConfigModel')); if ($_SERVER['REQUEST_SCHEME'] == 'http') $this->forward(buildURL($_SERVER['REQUEST_URI'], true)); if (!$this->getModel('SessionModel')->isLogged()) { $this->getView('MainView')->forum_message('You are not logged.', buildURL('index.php?mode=login'), true); $lockv = true; } if ($this->getModel('SessionModel')->getRank() == RANK_USER && !isset($lockv)) { $this->getView('MainView')->forum_message('You are not admin', buildURL('index.php')); $lockv = true; } if (!isset($lockv)) return true; else return false; } public function main() { if ($this->loadDependencies()) { $this->getView('MainView')->admin_main(); } } public function eduser() { if ($this->loadDependencies()) { $this->loadModel('UsersModel'); get_clean('id', $this->db); $user_info = $this->getModel('UsersModel')->getUserInformation($_GET['id'], true); if ($user_info == null) { $this->getView('MainView')->forum_message('User does not exist!', buildURL('index.php?mode=admin&submode=users', true)); $lockv = true; } else { $msg = ''; if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email'])) { //secure pools post_clean('nick', $this->db, array('spchars')); post_clean('passwd', $this->db, array()); post_clean('passwd_confirm', $this->db, array()); post_clean('email', $this->db); post_clean('location', $this->db, array('spchars')); post_clean('signature', $this->db, array('spchars')); post_clean('user_rank', $this->db); if ($_POST['passwd'] != '') { if (strlen($_POST['passwd']) < 8) $msg .= 'Password is too short (min 8 characters)
'; if ($_POST['passwd'] != $_POST['passwd_confirm']) $msg .= 'Password do not match!
'; } if ($_GET['id'] == $this->getModel('SessionModel')->getID() && $_POST['user_rank'] != RANK_ADMIN) { $msg .= 'You cannot set rank for your profile
'; $_POST['user_rank'] = RANK_ADMIN; } if ($this->getModel('UsersModel')->nickExists($_POST['nick']) == true && $_POST['nick'] != $user_info['nick']) $msg .= 'Nick is in use. Type another one.
'; if (strlen($_POST['nick']) < 3) $msg .= 'Nick is too short (min 3 characters)
'; if ($_POST['user_rank'] > RANK_ADMIN || $_POST['user_rank'] < RANK_USER) $msg .= 'Rank is not valid!
'; //check if avatar is uploaded if ($_FILES['avatar']['tmp_name'] != null) { global $allowed_avatars; $image_size = @getimagesize($_FILES['avatar']['tmp_name']); if ($image_size == null) $msg .= 'Type of uploaded file are not allowed.
'; else if (!in_array($image_size['mime'], $allowed_avatars)) $msg .= 'Type of uploaded avatar is not supported.
'; else if ($image_size[0] > 120 || $image_size[1] > 150) $msg .= 'Uploaded avatar is too big (maximum 120x150 px).
'; } if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) $msg .= 'Email is incorrect
'; if ($msg == '') { if ($_FILES['avatar']['tmp_name'] != null && !isset($_POST['delete_avatar'])) //change an avatar { if ($user_info['avatar'] != '') unlink('./'.$user_info['avatar']); $ext = pathinfo($_FILES['avatar']['name'], PATHINFO_EXTENSION); $av = 'images/avatars/'.$this->getModel('SessionModel')->getID().'.'.$ext; move_uploaded_file($_FILES['avatar']['tmp_name'], './'.$av); } else if (isset($_POST['delete_avatar'])) { unlink('./'.$user_info['avatar']); $av = ''; } else $av = $user_info['avatar']; //if new avatar is not set if ($_POST['passwd'] != '') $this->getModel('UsersModel')->changeUserPassword($_GET['id'], $user_info['nick'], $_POST['passwd']); $this->getModel('UsersModel')->changeUserRank($_GET['id'], $_POST['user_rank']); $this->getModel('UsersModel')->updateUserProfile($_GET['id'], $_POST['nick'], $_POST['email'], $_POST['location'], $_POST['signature'], $av); $this->getView('MainView')->forum_message('User profile has changed.', buildURL('index.php?mode=admin&submode=users', true)); $lockv = true; } } post_default('nick', $user_info['nick']); post_default('email', $user_info['email']); post_default('location', $user_info['location']); post_default('signature', $user_info['signature']); post_default('user_rank', $user_info['rank']); $this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel')); if (!isset($lockv)) $this->getView('MainView')->edprofile_form($msg, true); } } } public function users() { if ($this->loadDependencies()) { if (isset($_GET['rank'])) { switch ($_GET['rank']) { case 'admin': $_GET['rank'] = RANK_ADMIN; break; case 'mod': $_GET['rank'] = RANK_MOD; break; case 'user': $_GET['rank'] = RANK_USER; break; default: $_GET['rank'] = ''; break; } } else $_GET['rank'] = ''; post_default('sort_type', 'regdate'); $allowed_sorting = array('regdate', 'lastvisit', 'nick', 'post_count'); if (!in_array($_POST['sort_type'], $allowed_sorting)) $_POST['sort_type'] = 'regdate'; $_POST['sort_desc'] = (isset($_POST['sort_desc'])) ? 'DESC' : 'ASC'; $this->getView('MainView')->admin_userlist(); } } public function deluser() { if ($this->loadDependencies()) { $this->loadModel('UsersModel'); $this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel')); get_clean('id', $this->db); $user_info = $this->getModel('UsersModel')->getUserInformation($_GET['id']); if ($user_info == null) { $this->getView('MainView')->forum_message('User does not exist!', buildURL('index.php?mode=admin&submode=users', true)); $lockv = true; } else { if ($_GET['id'] == $this->getModel('SessionModel')->getID()) { $this->getView('MainView')->forum_message('You cannot delete own profile!', buildURL('index.php?mode=admin&submode=users', true)); $lockv = true; } } if (isset($_POST['confirmed']) && !isset($lockv)) { if (!isset($_POST['rejected'])) { $this->getModel('UsersModel')->deleteUser($_GET['id']); if ($user_info['avatar'] != null) //delete user's avatar unlink('./'.$user_info['avatar']); $this->getView('MainView')->forum_message('Profile deleted. Redirecting to users list...', buildURL('index.php?mode=admin&submode=users', true)); $lockv = true; } else { $this->forward(buildURL('index.php?mode=admin&submode=users')); } } if (!isset($lockv)) $this->getView('MainView')->confirm_action('Do you want delete user '.$user_info['nick'].'? This operation cannot undone.'); } } public function config() { if ($this->loadDependencies()) { $msg = ''; if (isset($_POST['forum_name'], $_POST['forum_desc'])) { post_clean('forum_name', $this->db, array('spchars')); post_clean('forum_desc', $this->db, array('spchars')); if (strlen($_POST['forum_name']) < 3) { $msg .= 'Forum name is too short (min 3 characters)!
'; } if (strlen($_POST['forum_name']) > 30) { $msg .= 'Forum name is too long (max 30 characters)!
'; } if (strlen($_POST['forum_desc']) > 50) { $msg .= 'Forum description is too long (max 50 characters)!
'; } if ($msg == '') { if ($_POST['forum_name'] != $this->getModel('ConfigModel')->getConf('forum_name')) $this->getModel('ConfigModel')->updateConf('forum_name', $_POST['forum_name']); if ($_POST['forum_desc'] != $this->getModel('ConfigModel')->getConf('forum_desc')) $this->getModel('ConfigModel')->updateConf('forum_desc', $_POST['forum_desc']); $this->getView('MainView')->forum_message('Forum configuration updated. Redirecting...', buildURL('index.php?mode=admin&submode=config', true)); $lockv = true; } } post_default('forum_name', $this->getModel('ConfigModel')->getConf('forum_name')); post_default('forum_desc', $this->getModel('ConfigModel')->getConf('forum_desc')); if (!isset($lockv)) { $this->getView('MainView')->admin_config($msg); } } } public function forums() { if ($this->loadDependencies()) { $this->getView('MainView')->admin_forums(); } } public function addcat() { if ($this->loadDependencies()) { $this->modify_cat('add'); } } public function edcat() { if ($this->loadDependencies()) { $this->modify_cat('edit'); } } public function addforum() { if ($this->loadDependencies()) { $this->modify_forum('add'); } } public function edforum() { if ($this->loadDependencies()) { $this->modify_forum('edit'); } } public function delforum() { if ($this->loadDependencies()) { $this->loadModel('ForumsModel'); get_clean('id', $this->db); $forum_info = $this->getModel('ForumsModel')->getForum($_GET['id']); if ($forum_info == null) { $this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php?mode=admin&submode=forums', true)); $lockv = true; } if (isset($_POST['confirmed']) && !isset($lockv)) { if (!isset($_POST['rejected'])) { $this->getModel('ForumsModel')->deleteForum($_GET['id']); $this->getView('MainView')->forum_message('Forum deleted. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true)); $lockv = true; } else $this->forward(buildURL('index.php?mode=admin&submode=forums', true)); } if (!isset($lockv)) $this->getView('MainView')->confirm_action('Do you REALLY want delete forum '.$forum_info['name'].' with ALL CONTENT? This operation cannot undone!'); } } public function delcat() { if ($this->loadDependencies()) { $this->loadModel('ForumsModel'); get_clean('id', $this->db); $cat_info = $this->getModel('ForumsModel')->getCat($_GET['id']); if ($cat_info == null) { $this->getView('MainView')->forum_message('Category does not exist!', buildURL('index.php?mode=admin&submode=forums', true)); $lockv = true; } if (isset($_POST['confirmed']) && !isset($lockv)) { if (!isset($_POST['rejected'])) { $this->getModel('ForumsModel')->deleteCat($_GET['id']); $this->getView('MainView')->forum_message('Category deleted. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true)); $lockv = true; } else $this->forward(buildURL('index.php?mode=admin&submode=forums', true)); } if (!isset($lockv)) $this->getView('MainView')->confirm_action('Do you REALLY want delete category '.$cat_info['name'].' with ALL FORUMS AND CONTENT? This operation cannot undone!'); } } private function modify_cat($m) { $msg = ''; $this->loadModel('ForumsModel'); if ($m == 'edit') { get_clean('id', $this->db); $cat_info = $this->getModel('ForumsModel')->getCat($_GET['id']); if ($cat_info == null) { $this->getView('MainView')->forum_message('Category does not exist!', buildURL('index.php?mode=admin&submode=forums', true)); $lockv = true; } } if (isset($_POST['name']) && !isset($lockv)) { post_clean('name', $this->db, array('spchars')); if (strlen($_POST['name']) < 3) $msg .= 'Category name is too short (min 3 characters)!
'; if ($msg == '') { if ($m == 'add') { $this->getModel('ForumsModel')->addCat($_POST['name']); $this->getView('MainView')->forum_message('Category added. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true)); $lockv = true; } else { $this->getModel('ForumsModel')->changeCat($_GET['id'], $_POST['name']); $this->getView('MainView')->forum_message('Category updated. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true)); $lockv = true; } } } if (!isset($lockv)) { post_default('name', ($m == 'add') ? '' : $cat_info['name']); $this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel')); $this->getView('MainView')->admin_cat_form($msg, $m); } } private function modify_forum($m) { $msg = ''; $this->loadModel('ForumsModel'); if ($m == 'edit') { get_cat('id', $this->db); $forum_info = $this->getModel('ForumsModel')->getForum($_GET['id']); if ($forum_info == null) { $this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php?mode=admin&submode=forums', true)); $lockv = true; } } if (isset($_POST['name']) && !isset($lockv)) { post_clean('name', $this->db, array('spchars')); post_clean('desc', $this->db, array('spchars')); post_clean('category_id', $this->db); post_clean('locked', $this->db); $_POST['locked'] = ($_POST['locked'] == true) ? true : false; if (strlen($_POST['name']) < 3) $msg .= 'Forum name is too short (min 3 characters)!
'; $c = $this->getModel('ForumsModel')->getCat($_POST['category_id']); if ($c == null) $msg .= 'Category does not exist!
'; if ($msg == '') { if ($m == 'add') { $this->getModel('ForumsModel')->addForum($_POST['name'], $_POST['desc'], $_POST['category_id'], $_POST['locked']); $this->getView('MainView')->forum_message('Forum added. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true)); $lockv = true; } else { $this->getModel('ForumsModel')->changeForum($_GET['id'], $_POST['name'], $_POST['desc'], $_POST['category_id'], $_POST['locked']); $this->getView('MainView')->forum_message('Forum updated. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true)); $lockv = true; } } } if (!isset($lockv)) { post_default('name', ($m == 'add') ? '' : $forum_info['name']); post_default('desc', ($m == 'add') ? '' : $forum_info['desc']); post_default('category_id', ($m == 'add') ? '' : $forum_info['category_id']); post_default('locked', ($m == 'add') ? '' : $forum_info['locked']); $this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel')); $this->getView('MainView')->admin_forum_form($msg, $m); } } public function banlist() { if ($this->loadDependencies()) $this->getView('MainView')->admin_banlist(); } public function delban() { if ($this->loadDependencies()) { $this->loadModel('BansModel'); get_clean('id', $this->db); $ban_info = $this->getModel('BansModel')->getBan($_GET['id']); if ($ban_info == null) { $this->getView('MainView')->forum_message('Ban does not exist!', buildURL('index.php?mode=admin&submode=banlist', true)); $lockv = true; } if (isset($_POST['confirmed']) && !isset($lockv)) { if (!isset($_POST['rejected'])) { $this->getModel('BansModel')->deleteBan($_GET['id']); $this->getView('MainView')->forum_message('Ban deleted. Redirecting...', buildURL('index.php?mode=admin&submode=banlist', true)); $lockv = true; } else $this->forward(buildURL('index.php?mode=admin&submode=banlist', true)); } if (!isset($lockv)) $this->getView('MainView')->confirm_action('Do you want delete ban for user '.$ban_info['nick'].'?'); } } public function addban() { if ($this->loadDependencies()) { $msg = ''; $this->loadModel('BansModel'); $this->loadModel('UsersModel'); if (isset($_POST['user_id'], $_POST['reason'])) { post_clean('user_id', $this->db); post_clean('reason', $this->db, array('spchars')); if ($_POST['user_id'] == $this->getModel('SessionModel')->getID()) $msg .= 'You cannot ban your profile!
'; if ($this->getModel('BansModel')->getUserBan($_POST['user_id']) != null) $msg .= 'This user has already been banned!
'; if ($this->getModel('UsersModel')->getUserInformation($_POST['user_id']) == null) $msg .= 'User does not exist!
'; if ($msg == '') { $this->getModel('BansModel')->addBan($_POST['user_id'], $_POST['reason']); $this->getView('MainView')->forum_message('Ban added. Redirecting...', buildURL('index.php?mode=admin&submode=banlist', true)); $lockv = true; } } if (!isset($lockv)) { post_default('user_id', ''); post_default('reason', ''); $this->getView('MainView')->admin_ban_form($msg); } } } } ?>