summaryrefslogtreecommitdiff
path: root/includes/model
diff options
context:
space:
mode:
Diffstat (limited to 'includes/model')
-rw-r--r--includes/model/Category.php54
-rw-r--r--includes/model/Post.php174
-rw-r--r--includes/model/Thread.php101
-rw-r--r--includes/model/User.php71
4 files changed, 345 insertions, 55 deletions
diff --git a/includes/model/Category.php b/includes/model/Category.php
index ed53bdc..e8cbe60 100644
--- a/includes/model/Category.php
+++ b/includes/model/Category.php
@@ -4,19 +4,24 @@ include_once 'Thread.php';
class Category
{
- public $id = 0;
- public $name = 'Unknown';
- public $description = 'This category does not exist';
+ public $id;
+ public $name;
+ public $description;
public $thread_count = 0;
public $post_count = 0;
- function get_from_database($id): bool
+ // If an invalid id was passed into the constructor, the database will not have
+ // returned a result, but the object will not be null.
+ // We need to keep track of whether or not this object has a value.
+ private $has_value = false;
+
+ public function __construct($id)
{
$sql = "SELECT cat_name, cat_description, cat_thread_count, cat_post_count FROM categories WHERE cat_id = ?;";
$result = Database::get()->query($sql, "i", $id);
if (empty($result)) {
- return false;
+ return;
}
$this->id = $id;
@@ -25,32 +30,49 @@ class Category
$this->thread_count = $result[0]['cat_thread_count'];
$this->post_count = $result[0]['cat_post_count'];
- return true;
+ $this->has_value = true;
+ }
+
+ // Returns true if this object was successfully fetched from the database
+ public function has_value()
+ {
+ return $this->has_value;
+ }
+
+ public static function get_all_categories(): array
+ {
+ $sql = "SELECT cat_id FROM categories ORDER BY cat_id;";
+ $result = Database::get()->query($sql);
+
+ $categories = array();
+
+ foreach ($result as $row) {
+ $category = new Category($row['cat_id']);
+ array_push($categories, $category);
+ }
+
+ return $categories;
}
- function get_threads(): array
+ public function get_threads(): array
{
$sql = "SELECT thread_id FROM threads WHERE thread_category = ? ORDER BY thread_date_lastpost DESC";
$result = Database::get()->query($sql, "i", $this->id);
$threads = array();
foreach ($result as $row) {
- $thread = new Thread();
- $thread->get_from_database($row['thread_id']);
- array_push($threads, $thread);
+ $thread = new Thread($row['thread_id']);
+ if ($thread->has_value())
+ array_push($threads, $thread);
}
return $threads;
}
- function get_latest_thread(): Thread
+ public function get_latest_thread(): Thread
{
$sql = "SELECT thread_id FROM threads WHERE thread_category = ? ORDER BY thread_date_lastpost DESC LIMIT 1";
$result = Database::get()->query($sql, "i", $this->id);
-
- $thread = new Thread();
- $thread->get_from_database($result[0]['thread_id']);
-
- return $thread;
+ return new Thread($result[0]['thread_id']);
}
}
diff --git a/includes/model/Post.php b/includes/model/Post.php
index 67c7e4a..42add02 100644
--- a/includes/model/Post.php
+++ b/includes/model/Post.php
@@ -1,6 +1,52 @@
<?php
+include_once './includes/Session.php';
+include_once './includes/Database.php';
+include_once './includes/model/User.php';
+include_once './includes/model/Thread.php';
-include_once 'Thread.php';
+// Utility functions for building the post HTML
+
+function create_quote(int $id): string
+{
+ $sql = "SELECT post_content, post_author, post_thread, user_name FROM posts LEFT JOIN users ON post_author = user_id WHERE post_id = ?;";
+ $result = Database::get()->query($sql, "i", $id);
+
+ $reply = $result[0];
+
+ if (empty($reply)) {
+ return '<blockquote><span style="color:red;">This post has been deleted</span></blockquote>';
+ }
+
+ return '<blockquote><a href="/viewthread.php?id=' . $reply['post_thread'] . '#p' . $id . '">Quote from ' . $reply['user_name'] . '</a><br>' . $reply['post_content'] . '</blockquote>';
+}
+
+function format_post_content(string $post_content)
+{
+ $post_content = preg_replace_callback('/>#\d+/', function ($matches) {
+ $result = "";
+ foreach ($matches as $match) {
+ $id = (int) filter_var($match, FILTER_SANITIZE_NUMBER_INT);
+ $result .= create_quote($id);
+ }
+ return $result;
+ }, $post_content);
+
+ $result = $post_content;
+
+ // Replace newline characters with HTML <br> tags
+ $result = nl2br($result);
+
+ // Replace YouTube URLs with embedded YouTube videos.
+ $result = preg_replace(
+ "/\s*[a-zA-Z\/:]*youtu(be.com\/watch\?v=|.be\/)([a-zA-Z0-9\-_]+)([a-zA-Z0-9\/*-_?&;%=.]*)/i",
+ '<br><iframe class="youtube-embed" src="//www.youtube.com/embed/$2" allowfullscreen></iframe>', $result);
+
+ // Replace Image URLs with embedded images.
+ $result = preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+(?:\.jpg|\.png|\.gif))(?![^<]*?(?:</\w+>|/?>))@i', '<img class="image-embed" src="http$2://$3" alt="http$2://$3" />', $result);
+
+ // Replace other URLs with links.
+ return preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+)(?![^<]*?(?:</\w+>|/?>))@i', '<a href="http$2://$3">$0</a>', $result);
+}
class Post
{
@@ -11,26 +57,140 @@ class Post
public $thread;
public $author;
- function get_from_database($id): bool
+ private $has_value = false;
+
+ public function __construct($id)
{
$sql = "SELECT post_content, post_date_created, post_date_edited, post_thread, post_author FROM posts WHERE post_id = ?;";
$result = Database::get()->query($sql, "i", $id);
if (empty($result)) {
- return false;
+ return;
}
$this->id = $id;
$this->content = $result[0]['post_content'];
$this->date_created = $result[0]['post_date_created'];
$this->date_edited = $result[0]['post_date_edited'];
-
- $this->thread = new Thread();
- $this->thread->get_from_database($result[0]['post_thread']);
+ $this->thread = new Thread($result[0]['post_thread']);
$this->author = new User();
$this->author->get_by_id($result[0]['post_author']);
- return true;
+ $this->has_value = true;
+ }
+
+ public function has_value()
+ {
+ return $this->has_value;
+ }
+
+ /**
+ * Get the post content from the database and return it as a string ready for HTML display
+ */
+ function get_content(): string
+ {
+ // Build the header
+ $result = '<div class="header" id="p' . $this->id . '"><b>#' . $this->id . '</b>';
+ $result .= ' Posted by <a href="viewuser.php?id=' . $this->author->id . '">' . $this->author->name . '</a>';
+ $result .= ' on ' . date('m/d/Y g:ia', strtotime($this->date_created));
+
+ // If the post has a edit date, display it
+ if (!is_null($this->date_edited)) {
+ $result .= ' <small>edited ' . date('m/d/Y g:ia', strtotime($this->date_edited)) . '</small>';
+ }
+
+ // Append a manage post button if the user is signed in and is the post's creator
+ if (Session::get()->is_signed_in() && Session::get()->get_current_user()->id == $this->author->id) {
+ $result .= '<span style="float:right;">';
+ $result .= '[<a href="manage_post.php?id=' . $this->id . '">Edit/Delete</a>]';
+ $result .= '</span>';
+ }
+ $result .= '</div>';
+
+ // Append the formatted post content
+ $result .= '<span class="post-content">' . format_post_content($this->content) . '</span>';
+
+ return $result;
+ }
+
+ function set_content(string $post_content)
+ {
+ // User must be signed in
+ if (!Session::get()->is_signed_in()) {
+ trigger_error('You must be signed in to edit this post!');
+ return;
+ }
+
+ // User must have permission to edit the post
+ $current_user = Session::get()->get_current_user();
+ if ($current_user->id != $this->author->id) {
+ trigger_error("You don't have sufficient permissions to edit this post.");
+ return;
+ }
+
+ // Set the post content and the post edit date
+ $sql = "UPDATE posts SET post_content = ?, post_date_edited = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE post_id = ?;";
+ Database::get()->query($sql, "si", $post_content, $this->id);
+ }
+
+ function delete()
+ {
+ // User must be signed in
+ if (!Session::get()->is_signed_in()) {
+ trigger_error('You must be signed in to delete a post!');
+ return;
+ }
+
+ // User must have permission to delete the post
+ if (Session::get()->get_current_user()->level != USER_LEVEL_MODERATOR) {
+ trigger_error("You don't have sufficient permissions to delete this post.");
+ return;
+ }
+
+ // Delete the post from the database
+ Database::get()->query("DELETE FROM posts WHERE post_id = ?", "i", $this->id);
+
+ // Decrement the post count of the category
+ Database::get()->query("UPDATE categories SET `cat_post_count` = `cat_post_count` - '1' WHERE cat_id = ?", "i", $this->thread->category->id);
+ }
+
+ public static function create($post_content, $post_thread, $post_category)
+ {
+ // User must be signed in
+ if (!Session::get()->is_signed_in()) {
+ trigger_error('You must be signed in to create a post');
+ return;
+ }
+
+ $user = Session::get()->get_current_user();
+
+ // Insert the post into the database
+ $sql = "INSERT INTO posts(post_content, post_date_created, post_thread, post_author) VALUES (?, CONVERT_TZ(NOW(), 'SYSTEM', '+00:00'), ?, ?);";
+ Database::get()->query($sql, "sii", $post_content, $post_thread, $user->id);
+
+ // Increment the category's post count
+ $sql = "UPDATE categories SET `cat_post_count` = `cat_post_count` + '1' WHERE cat_id = ?;";
+ Database::get()->query($sql, "i", $post_category);
+
+ // Set the last post date of the parent thread
+ $sql = "UPDATE threads SET thread_date_lastpost = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE thread_id = ?;";
+ Database::get()->query($sql, "i", $post_thread);
+ }
+
+ public static function get_all_posts(): array
+ {
+ $sql = "SELECT post_id FROM posts";
+ $result = Database::get()->query($sql);
+
+ $posts = array();
+
+ foreach ($result as $row) {
+ $post = new Post();
+ $post->get_from_database($row['post_id']);
+ array_push($posts, $post);
+ }
+
+ return $posts;
}
}
diff --git a/includes/model/Thread.php b/includes/model/Thread.php
index cfe10d6..95bd3d8 100644
--- a/includes/model/Thread.php
+++ b/includes/model/Thread.php
@@ -1,42 +1,109 @@
<?php
-
+include_once './includes/Database.php';
+include_once './includes/Session.php';
include_once 'Category.php';
include_once 'User.php';
include_once 'Post.php';
class Thread
{
- public $id = 0;
- public $subject = 'Unknown thread';
+ public $id;
+ public $subject;
public $date_created = 0;
public $date_lastpost = 0;
public $category;
public $author;
- function get_from_database($id): bool
+ private $has_value = false;
+
+ function __construct($id)
{
$sql = "SELECT thread_subject, thread_date_created, thread_date_lastpost, thread_category, thread_author FROM threads WHERE thread_id = ?;";
$result = Database::get()->query($sql, "i", $id);
if (empty($result)) {
- return false;
+ return;
}
$this->id = $id;
$this->subject = $result[0]['thread_subject'];
$this->date_created = $result[0]['thread_date_created'];
$this->date_lastpost = $result[0]['thread_date_lastpost'];
-
- $this->category = new Category();
- $this->category->get_from_database($result[0]['thread_category']);
+ $this->category = new Category($result[0]['thread_category']);
$this->author = new User();
$this->author->get_by_id($result[0]['thread_author']);
- return true;
+ $this->has_value = true;
}
- function get_posts(): array
+ public static function create($subject, $category): int
+ {
+ if (!Session::get()->is_signed_in()) {
+ trigger_error('You must be signed in to create a thread');
+ return 0;
+ }
+
+ $user = Session::get()->get_current_user();
+
+ // Insert the new thread into the database
+ $sql = "INSERT INTO threads(thread_subject, thread_date_created, thread_date_lastpost, thread_category, thread_author) VALUES (?, CONVERT_TZ(NOW(), 'SYSTEM', '+00:00'), CONVERT_TZ(NOW(), 'SYSTEM', '+00:00'), ?, ?);";
+ Database::get()->query($sql, "sii", $subject, $category, $user->id);
+
+ // Get the ID of the thread we just created
+ $thread_id = Database::get()->get_last_id();
+
+ // Increment the category's thread count
+ $sql = "UPDATE categories SET `cat_thread_count` = `cat_thread_count` + '1' WHERE cat_id = ?;";
+ Database::get()->query($sql, "i", $category);
+
+ return $thread_id;
+ }
+
+ public static function delete($thread)
+ {
+ // User must be signed in
+ if (!Session::get()->is_signed_in()) {
+ trigger_error('You must be signed in to delete a thread.');
+ return;
+ }
+
+ // User must be a moderator to delete a thread
+ $current_user = Session::get()->get_current_user();
+ if ($current_user->level != USER_LEVEL_MODERATOR) {
+ trigger_error("You must be a moderator to delete this post.");
+ return;
+ }
+
+ // Delete the thread from the database
+ Database::get()->query("DELETE FROM threads WHERE thread_id = ?", "i", $thread->id);
+
+ // Decrement the thread count of the category
+ Database::get()->query("UPDATE categories SET `cat_thread_count` = `cat_thread_count` - '1' WHERE cat_id = ?", "i", $thread->category->id);
+ }
+
+ public function has_value()
+ {
+ return $this->has_value;
+ }
+
+ public static function get_all(): array
+ {
+ $sql = "SELECT thread_id FROM threads";
+ $result = Database::get()->query($sql);
+
+ $threads = array();
+
+ foreach ($result as $row) {
+ $thread = new Thread($row['thread_id']);
+ if ($thread->has_value())
+ array_push($threads, $thread);
+ }
+
+ return $threads;
+ }
+
+ public function get_posts(): array
{
$sql = "SELECT post_id FROM posts WHERE post_thread = ?";
$result = Database::get()->query($sql, "i", $this->id);
@@ -44,22 +111,18 @@ class Thread
$posts = array();
foreach ($result as $row) {
- $post = new Post();
- $post->get_from_database($row['post_id']);
- array_push($posts, $post);
+ $post = new Post($row['post_id']);
+ if ($post->has_value())
+ array_push($posts, $post);
}
return $posts;
}
- function get_latest_post(): Post
+ public function get_latest_post(): Post
{
$sql = "SELECT post_id FROM posts WHERE post_thread = ? ORDER BY post_date_created DESC LIMIT 1";
$result = Database::get()->query($sql, "i", $this->id);
-
- $post = new Post();
- $post->get_from_database($result[0]['post_id']);
-
- return $post;
+ return new Post($result[0]['post_id']);
}
}
diff --git a/includes/model/User.php b/includes/model/User.php
index f2bd23d..13cbc03 100644
--- a/includes/model/User.php
+++ b/includes/model/User.php
@@ -6,18 +6,40 @@ const USER_LEVEL_MODERATOR = 1;
class User
{
public $id;
- public $name = 'Unknown';
+ public $name;
public $password;
- public $date = 0;
+ public $date;
public $level = 0;
- function get_by_name($name): bool
+ private $has_value = false;
+
+ // Can't use a constructor here because we have two possible ways to get the user from the database
+ // and PHP does not allow function overloading.
+ public function get_by_id($id)
+ {
+ $sql = "SELECT user_name, user_date, user_level, user_pass FROM users WHERE user_id = ?;";
+ $result = Database::get()->query($sql, "i", $id);
+
+ if (empty($result)) {
+ return;
+ }
+
+ $this->id = $id;
+ $this->name = $result[0]['user_name'];
+ $this->password = $result[0]['user_pass'];
+ $this->date = $result[0]['user_date'];
+ $this->level = $result[0]['user_level'];
+
+ $this->has_value = true;
+ }
+
+ public function get_by_name($name)
{
$sql = "SELECT user_id, user_date, user_level, user_pass FROM users WHERE user_name = ?";
$result = Database::get()->query($sql, "s", $name);
if (empty($result)) {
- return false;
+ return;
}
$this->id = $result[0]['user_id'];
@@ -26,18 +48,41 @@ class User
$this->date = $result[0]['user_date'];
$this->level = $result[0]['user_level'];
- return true;
+ $this->has_value = true;
}
- function get_by_id($id)
+ public function has_value()
{
- $sql = "SELECT user_name, user_date, user_level, user_pass FROM users WHERE user_id = ?;";
- $result = Database::get()->query($sql, "i", $id);
+ return $this->has_value;
+ }
- $this->id = $id;
- $this->name = $result[0]['user_name'];
- $this->password = $result[0]['user_pass'];
- $this->date = $result[0]['user_date'];
- $this->level = $result[0]['user_level'];
+ public static function register(string $username, string $pass_hash)
+ {
+ $sql = "INSERT INTO users(user_name, user_pass, user_date, user_level) VALUES(?, ?, NOW(), 0);";
+ Database::get()->query($sql, "ss", $username, $pass_hash);
}
+
+ public function change_password(string $pass_hash)
+ {
+ if (!Session::get()->is_signed_in()) {
+ trigger_error('You are not signed in.');
+ return;
+ }
+
+ if (Session::get()->get_current_user()->id != $this->id) {
+ trigger_error("You can't change another user's password.");
+ return;
+ }
+
+ $sql = "UPDATE users SET user_pass = ? WHERE user_id = ?;";
+ Database::get()->query($sql, "si", $pass_hash, $this->id);
+ }
+}
+
+function username_exists(string $username): bool
+{
+ $sql = "SELECT * FROM users WHERE user_name = ?;";
+ $result = Database::get()->query($sql, "s", $username);
+
+ return !empty($result);
} \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-25 23:28:50 +0000