diff options
Diffstat (limited to 'moderate.php')
| -rwxr-xr-x[-rw-r--r--] | moderate.php | 108 |
1 files changed, 79 insertions, 29 deletions
diff --git a/moderate.php b/moderate.php index 68bf1b9..5a181ac 100644..100755 --- a/moderate.php +++ b/moderate.php @@ -1,29 +1,79 @@ -<?php -include_once './includes/functions_thread.php'; -include_once './includes/Session.php'; -include_once './includes/model/User.php'; - -session_start(); - -if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $thread_id = filter_input(INPUT_POST, 'id', FILTER_SANITIZE_NUMBER_INT); - $delete = filter_input(INPUT_POST, "delete", FILTER_SANITIZE_STRING); - - $user = Session::get()->get_current_user(); - - if ($user->level == USER_LEVEL_MODERATOR) { - if (strcasecmp($delete, "on") == 0) { - $thread = new Thread(); - $thread->get_from_database($thread_id); - delete_thread($thread); - - header("Location: /"); - exit(); - } - } - - header("Location: viewthread.php?id=$thread_id"); - exit(); -} - -header("Location: /");
\ No newline at end of file +<?php
+include_once './includes/model/Thread.php';
+include_once './includes/Session.php';
+include_once './includes/model/User.php';
+
+$type = filter_input(INPUT_GET, "type", FILTER_SANITIZE_STRING);
+$id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
+
+$post = null;
+$thread = null;
+$is_post = strcasecmp($type, "post") == 0;
+$is_thread = strcasecmp($type, "thread") == 0;
+
+if ($is_post) $post = new Post($id);
+if ($is_thread) $thread = new Thread($id);
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+ $type = filter_input(INPUT_POST, "type", FILTER_SANITIZE_STRING);
+ $id = filter_input(INPUT_POST, 'id', FILTER_SANITIZE_NUMBER_INT);
+ $action = filter_input(INPUT_POST, 'action', FILTER_SANITIZE_STRING);
+
+ $user = Session::get()->get_current_user();
+
+ if (Session::get()->is_signed_in() and $user->level == USER_LEVEL_MODERATOR) {
+ // Set the value of these again with the variables from the POST request
+ $is_post = strcasecmp($type, "post") == 0;
+ $is_thread = strcasecmp($type, "thread") == 0;
+
+ if (strcasecmp($type, "thread") == 0) {
+ $thread = new Thread($id);
+ if (strcasecmp($action, "delete") == 0) Thread::delete($thread);
+ } else if (strcasecmp($type, "post") == 0) {
+ $post = new Post($id);
+ if (strcasecmp($action, "delete") == 0) $post->delete();
+ }
+ }
+} else {
+
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <title>cflip.net forum Moderation</title>
+<?php include_once 'includes/templates/head.php'; ?>
+</head>
+<body>
+<?php include_once 'includes/templates/header.php'; ?>
+<?php if (Session::get()->is_signed_in() and $user->level == USER_LEVEL_MODERATOR): ?>
+<?php if ($is_post): ?>
+ <h2>Moderate post</h2>
+<?php echo $post->get_content(); ?>
+ <form action="moderate.php" method="post">
+ <input type="hidden" name="id" value="<?= $post->id ?>">
+ <input type="hidden" name="type" value="post">
+ <select name="action">
+ <option value="delete">Delete</option>
+ </select>
+ <input type="submit">
+ </form>
+<?php elseif ($is_thread): ?>
+ <h2>Moderate thread</h2>
+ <p><?= $thread->subject ?></p>
+ <form action="moderate.php" method="post">
+ <input type="hidden" name="type" value="thread">
+ <label for="id">ID: </label>
+ <input type="number" name="id" value="<?= $thread->id ?>" readonly>
+ <label for="action">Action: </label>
+ <select name="action">
+ <option value="delete">Delete</option>
+ </select>
+ <input type="submit">
+ </form>
+<?php endif ?>
+<?php else: ?>
+ <section class="error">You must be signed in as a moderator to access this page.</section>
+<?php endif ?>
+</body>
+</html>
\ No newline at end of file |