diff options
| author | cflip <36554078+cflip@users.noreply.github.com> | 2021-05-08 17:30:08 -0600 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-05-08 17:30:08 -0600 |
| commit | 87b1dfd1f77b08915ee5e905da45e316ba2c0e7d (patch) | |
| tree | f6c0f8d09454b6e887df0f66ca37c1ce9efb30d0 /model/Post.php | |
| parent | 0b045d57b2164b5ce003955d79627ae506a153eb (diff) | |
| parent | a09d9f377f5c055e42e5f21b5cdea64c2e2ca896 (diff) | |
Merge pull request #14 from cflip/refactor
Huge refactor
Diffstat (limited to 'model/Post.php')
| -rw-r--r-- | model/Post.php | 121 |
1 files changed, 0 insertions, 121 deletions
diff --git a/model/Post.php b/model/Post.php deleted file mode 100644 index 34d6a79..0000000 --- a/model/Post.php +++ /dev/null @@ -1,121 +0,0 @@ -<?php - -include_once 'Thread.php'; - -function add_quote($dbc, $thread_id, $matches) { - foreach ($matches as $match) { - $id = (int) filter_var($match, FILTER_SANITIZE_NUMBER_INT); - $sql = "SELECT post_content, post_author, post_thread, user_name FROM posts LEFT JOIN users ON post_author = user_id WHERE post_id = " . $id; - $result = mysqli_query($dbc, $sql); - - if (!$result) { - return '<blockquote></blockquote>'; - } - - $reply = mysqli_fetch_assoc($result); - - if (empty($reply)) { - return '<blockquote><span style="color:red;">This post has been deleted</span></blockquote>'; - } - - return '<blockquote><a href="/viewthread.php?id=' . $reply['post_thread'] . '#p' . $id .'">Quote from ' . $reply['user_name'] . '</a><br>' . $reply['post_content'] . '</blockquote>'; - } -} - -class Post { - public $id; - public $content; - public $date_created; - public $date_edited; - public $thread; - public $author; - - function get_from_database($id, $dbc) { - // TODO: Potential SQL injection risk? - $sql = "SELECT post_content, post_date_created, post_date_edited, post_thread, post_author FROM posts WHERE post_id = " . mysqli_real_escape_string($dbc, $id); - $result = mysqli_query($dbc, $sql); - - if (!$result) { - echo 'Failed to get post: ' . mysqli_error($dbc); - } - - if (mysqli_num_rows($result) == 0) { - return 0; - } else { - while ($row = mysqli_fetch_assoc($result)) { - $this->id = $id; - $this->content = $row['post_content']; - $this->date_created = $row['post_date_created']; - $this->date_edited = $row['post_date_edited']; - - $this->thread = new Thread(); - $this->thread->get_from_database($row['post_thread'], $dbc); - - $this->author = new User(); - $this->author->get_by_id($row['post_author'], $dbc); - } - } - - mysqli_free_result($result); - return 1; - } - - function display_content($dbc) { - echo '<div class="header" id="p' . $this->id . '"><b>#' . $this->id . '</b>'; - echo ' Posted by <a href="viewuser.php?id='. $this->author->id . '">' . $this->author->name . '</a>'; - echo ' on ' . date('m/d/Y g:ia', strtotime($this->date_created)); - if (!is_null($this->date_edited)) { - echo ' <small>edited ' . date('m/d/Y g:ia', strtotime($this->date_edited)) . '</small>'; - } - if (isset($_SESSION['signed_in']) && $_SESSION['user_id'] == $this->author->id) { - echo '<span style="float:right;">'; - echo '[<a href="manage_post.php?id=' . $this->id . '">Edit/Delete</a>] '; - echo'</span>'; - } - echo '</div>'; - - $post_content = $this->content; - $thread_id = $this->id; - - $post_content = preg_replace_callback('/>#\d+/', function($matches) use($thread_id, $dbc) { - return add_quote($dbc, $thread_id, $matches); - }, $post_content); - - // Replace newline characters with HTML <br> tags - $post_content = nl2br($post_content); - - // Replace YouTube URLs with embedded YouTube videos. - $post_content = preg_replace( - "/\s*[a-zA-Z\/\/:\.]*youtu(be.com\/watch\?v=|.be\/)([a-zA-Z0-9\-_]+)([a-zA-Z0-9\/\*\-\_\?\&\;\%\=\.]*)/i", - '<br><iframe class="youtube-embed" src="//www.youtube.com/embed/$2" allowfullscreen></iframe>', $post_content); - // Replace Image URLs with embedded images. - $post_content = preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+(?:\.jpg|\.png|\.gif))(?![^<]*?(?:</\w+>|/?>))@i', '<img class="image-embed" src="http$2://$3" alt="http$2://$3" />', $post_content); - // Replace other URLs with links. - $post_content = preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+)(?![^<]*?(?:</\w+>|/?>))@i', '<a href="http$2://$3">$0</a>', $post_content); - - echo '<span class="post-content">' . $post_content . '</span>'; - } -} - -function get_all_posts($dbc) { - $sql = "SELECT post_id FROM posts"; - $result = mysqli_query($dbc, $sql); - - if (!$result) { - echo 'Failed to get posts: ' . mysqli_error($dbc); - } - - $posts = array(); - - if (mysqli_num_rows($result) == 0) { - } else { - while ($row = mysqli_fetch_assoc($result)) { - $post = new Post(); - $post->get_from_database($row['post_id'], $dbc); - array_push($posts, $post); - } - } - - mysqli_free_result($result); - return $posts; -} |