From 24efe49bc2b545e3a3e46d7d6f2bd1166163e52b Mon Sep 17 00:00:00 2001
From: cflip <36554078+cflip@users.noreply.github.com>
Date: Sat, 5 Jun 2021 11:18:10 -0600
Subject: Move object related functions into their classes.

Some of the pages are still broken from this commit, but I plan
to either rewrite or ignore them.
---
 create_thread.php               |  13 ++-
 includes/functions_category.php |  17 ----
 includes/functions_post.php     | 159 ------------------------------------
 includes/functions_thread.php   |  67 ----------------
 includes/functions_user.php     |  31 -------
 includes/model/Category.php     |  54 +++++++++----
 includes/model/Post.php         | 174 ++++++++++++++++++++++++++++++++++++++--
 includes/model/Thread.php       | 101 ++++++++++++++++++-----
 includes/model/User.php         |  71 +++++++++++++---
 index.php                       |   5 +-
 register.php                    |   4 +-
 signin.php                      |   5 +-
 viewcategory.php                |  17 ++--
 viewthread.php                  |  24 +++---
 viewuser.php                    |  23 ++++--
 15 files changed, 389 insertions(+), 376 deletions(-)
 delete mode 100644 includes/functions_category.php
 delete mode 100644 includes/functions_post.php
 delete mode 100644 includes/functions_thread.php
 delete mode 100644 includes/functions_user.php

diff --git a/create_thread.php b/create_thread.php
index 976bd9f..3d1c530 100644
--- a/create_thread.php
+++ b/create_thread.php
@@ -21,10 +21,9 @@ if (!Session::get()->is_signed_in()) {
     <input type="text" name="thread_subject"><br>
     <label for="thread_cat">Category: </label><br>
 	<?php
-	include_once './includes/functions_category.php';
 	include_once './includes/model/Category.php';
 
-	$categories = get_all_categories();
+	$categories = Category::get_all_categories();
 
 	if (count($categories) == 0) {
 		trigger_error('There are no categories to post to!');
@@ -43,9 +42,9 @@ if (!Session::get()->is_signed_in()) {
     <input type="submit" name="submit">
 </form>
 <?php
-include_once 'includes/functions_post.php';
-include_once 'includes/functions_thread.php';
-include_once 'includes/error.php';
+include_once './includes/model/Post.php';
+include_once './includes/model/Thread.php';
+include_once './includes/error.php';
 
 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
 	$post_content = filter_input(INPUT_POST, 'post_content', FILTER_SANITIZE_STRING);
@@ -68,8 +67,8 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
 		$errstr .= '</ul>';
 		trigger_error($errstr);
 	} else {
-		$thread_id = create_thread($thread_subject, $thread_cat);
-		create_post($post_content, $thread_id, $thread_cat);
+		$thread_id = Thread::create($thread_subject, $thread_cat);
+		Post::create($post_content, $thread_id, $thread_cat);
 
 		header("Location: viewthread.php?id=" . $thread_id);
 	}
diff --git a/includes/functions_category.php b/includes/functions_category.php
deleted file mode 100644
index 808708c..0000000
--- a/includes/functions_category.php
+++ /dev/null
@@ -1,17 +0,0 @@
-<?php
-
-function get_all_categories(): array
-{
-	$sql = "SELECT cat_id FROM categories ORDER BY cat_id;";
-	$result = Database::get()->query($sql);
-
-	$categories = array();
-
-	foreach ($result as $row) {
-		$category = new Category();
-		$category->get_from_database($row['cat_id']);
-		array_push($categories, $category);
-	}
-
-	return $categories;
-}
\ No newline at end of file
diff --git a/includes/functions_post.php b/includes/functions_post.php
deleted file mode 100644
index 97fc622..0000000
--- a/includes/functions_post.php
+++ /dev/null
@@ -1,159 +0,0 @@
-<?php
-include_once './includes/Session.php';
-include_once './includes/Database.php';
-include_once './includes/model/User.php';
-
-function get_all_posts(): array
-{
-	$sql = "SELECT post_id FROM posts";
-	$result = Database::get()->query($sql);
-
-	$posts = array();
-
-	foreach ($result as $row) {
-		$post = new Post();
-		$post->get_from_database($row['post_id']);
-		array_push($posts, $post);
-	}
-
-	return $posts;
-}
-
-function create_post($post_content, $post_thread, $post_category)
-{
-	// User must be signed in
-	if (!Session::get()->is_signed_in()) {
-		trigger_error('You must be signed in to create a post');
-		return;
-	}
-
-	$user = Session::get()->get_current_user();
-
-	// Insert the post into the database
-	$sql = "INSERT INTO posts(post_content, post_date_created, post_thread, post_author) VALUES (?, CONVERT_TZ(NOW(), 'SYSTEM', '+00:00'), ?, ?);";
-	Database::get()->query($sql, "sii", $post_content, $post_thread, $user->id);
-
-	// Increment the category's post count
-	$sql = "UPDATE categories SET `cat_post_count` = `cat_post_count` + '1' WHERE cat_id = ?;";
-	Database::get()->query($sql, "i", $post_category);
-
-	// Set the last post date of the parent thread
-	$sql = "UPDATE threads SET thread_date_lastpost = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE thread_id = ?;";
-	Database::get()->query($sql, "i", $post_thread);
-}
-
-function create_quote(int $id): string
-{
-	$sql = "SELECT post_content, post_author, post_thread, user_name FROM posts LEFT JOIN users ON post_author = user_id WHERE post_id = ?;";
-	$result = Database::get()->query($sql, "i", $id);
-
-	$reply = $result[0];
-
-	if (empty($reply)) {
-		return '<blockquote><span style="color:red;">This post has been deleted</span></blockquote>';
-	}
-
-	return '<blockquote><a href="/viewthread.php?id=' . $reply['post_thread'] . '#p' . $id . '">Quote from ' . $reply['user_name'] . '</a><br>' . $reply['post_content'] . '</blockquote>';
-}
-
-function format_post_content(string $post_content)
-{
-	$post_content = preg_replace_callback('/>#\d+/', function ($matches) {
-		$result = "";
-		foreach ($matches as $match) {
-			$id = (int) filter_var($match, FILTER_SANITIZE_NUMBER_INT);
-			$result .= create_quote($id);
-		}
-		return $result;
-	}, $post_content);
-
-	$result = $post_content;
-
-	// Replace newline characters with HTML <br> tags
-	$result = nl2br($result);
-
-	// Replace YouTube URLs with embedded YouTube videos.
-	$result = preg_replace(
-		"/\s*[a-zA-Z\/:]*youtu(be.com\/watch\?v=|.be\/)([a-zA-Z0-9\-_]+)([a-zA-Z0-9\/*-_?&;%=.]*)/i",
-		'<br><iframe class="youtube-embed" src="//www.youtube.com/embed/$2" allowfullscreen></iframe>', $result);
-
-	// Replace Image URLs with embedded images.
-	$result = preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+(?:\.jpg|\.png|\.gif))(?![^<]*?(?:</\w+>|/?>))@i', '<img class="image-embed" src="http$2://$3" alt="http$2://$3" />', $result);
-
-	// Replace other URLs with links.
-	return preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+)(?![^<]*?(?:</\w+>|/?>))@i', '<a href="http$2://$3">$0</a>', $result);
-}
-
-/**
- * Get the post content from the database and return it as a string ready for HTML display
- */
-function get_post_content(Post $post): string
-{
-	// Build the header
-	$result = '<div class="header" id="p' . $post->id . '"><b>#' . $post->id . '</b>';
-	$result .= ' Posted by <a href="viewuser.php?id=' . $post->author->id . '">' . $post->author->name . '</a>';
-	$result .= ' on ' . date('m/d/Y g:ia', strtotime($post->date_created));
-
-	// If the post has a edit date, display it
-	if (!is_null($post->date_edited)) {
-		$result .= ' <small>edited ' . date('m/d/Y g:ia', strtotime($post->date_edited)) . '</small>';
-	}
-
-	// Append a manage post button if the user is signed in and is the post's creator
-	if (Session::get()->is_signed_in() && Session::get()->get_current_user()->id == $post->author->id) {
-		$result .= '<span style="float:right;">';
-		$result .= '[<a href="manage_post.php?id=' . $post->id . '">Edit/Delete</a>]';
-		$result .= '</span>';
-	}
-	$result .= '</div>';
-
-	// Append the formatted post content
-	$result .= '<span class="post-content">' . format_post_content($post->content) . '</span>';
-
-	return $result;
-}
-
-function edit_post(Post $post, string $post_content)
-{
-	// User must be signed in
-	if (!Session::get()->is_signed_in()) {
-		trigger_error('You must be signed in to edit this post!');
-		return;
-	}
-
-	// User must have permission to edit the post
-	$current_user = Session::get()->get_current_user();
-	if ($current_user->id != $post->author->id) {
-		trigger_error("You don't have sufficient permissions to edit this post.");
-		return;
-	}
-
-	// Set the post content and the post edit date
-	$sql = "UPDATE posts SET post_content = ?, post_date_edited = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE post_id = ?;";
-	Database::get()->query($sql, "si", $post_content, $post->id);
-}
-
-function delete_post(Post $post)
-{
-	// User must be signed in
-	if (!Session::get()->is_signed_in()) {
-		trigger_error('You must be signed in to delete a post!');
-		return;
-	}
-
-	// User must have permission to delete the post
-	$current_user = Session::get()->get_current_user();
-	if ($current_user->id != $post->author->id || $current_user->level != USER_LEVEL_MODERATOR) {
-		trigger_error("You don't have sufficient permissions to delete this post.");
-		return;
-	}
-
-	// TODO: The post must not be locked
-	// TODO: The post must have not been around for a certain amount of time
-
-	// Delete the post from the database
-	Database::get()->query("DELETE FROM posts WHERE post_id = ?", "i", $post->id);
-
-	// Decrement the post count of the category
-	Database::get()->query("UPDATE categories SET `cat_post_count` = `cat_post_count` - '1' WHERE cat_id = ?", "i", $post->thread->category->id);
-}
diff --git a/includes/functions_thread.php b/includes/functions_thread.php
deleted file mode 100644
index 61b8e59..0000000
--- a/includes/functions_thread.php
+++ /dev/null
@@ -1,67 +0,0 @@
-<?php
-include_once './includes/Database.php';
-include_once './includes/Session.php';
-
-function get_all_threads(): array
-{
-	$sql = "SELECT thread_id FROM threads";
-	$result = Database::get()->query($sql);
-
-	$threads = array();
-
-	foreach ($result as $row) {
-		$thread = new Thread();
-		$thread->get_from_database($row['thread_id']);
-		array_push($threads, $thread);
-	}
-
-	return $threads;
-}
-
-function create_thread($subject, $category)
-{
-	if (!Session::get()->is_signed_in()) {
-		trigger_error('You must be signed in to create a thread');
-		return 0;
-	}
-
-	$user = Session::get()->get_current_user();
-
-	// Insert the new thread into the database
-	$sql = "INSERT INTO threads(thread_subject, thread_date_created, thread_date_lastpost, thread_category, thread_author) VALUES (?, CONVERT_TZ(NOW(), 'SYSTEM', '+00:00'), CONVERT_TZ(NOW(), 'SYSTEM', '+00:00'), ?, ?);";
-	Database::get()->query($sql, "sii", $subject, $category, $user->id);
-
-	// Get the ID of the thread we just created
-	$thread_id = Database::get()->get_last_id();
-
-	// Increment the category's thread count
-	$sql = "UPDATE categories SET `cat_thread_count` = `cat_thread_count` + '1' WHERE cat_id = ?;";
-	Database::get()->query($sql, "i", $category);
-
-	return $thread_id;
-}
-
-function delete_thread($thread)
-{
-	// User must be signed in
-	if (!Session::get()->is_signed_in()) {
-		trigger_error('You must be signed in to delete a thread.');
-		return;
-	}
-
-	// User must be a moderator to delete a thread
-	$current_user = Session::get()->get_current_user();
-	if ($current_user->level != USER_LEVEL_MODERATOR) {
-		trigger_error("You must be a moderator to delete this post.");
-		return;
-	}
-
-	// TODO: The post must not be locked
-	// TODO: The post must have not been around for a certain amount of time
-
-	// Delete the thread from the database
-	Database::get()->query("DELETE FROM threads WHERE thread_id = ?", "i", $thread->id);
-
-	// Decrement the thread count of the category
-	Database::get()->query("UPDATE categories SET `cat_thread_count` = `cat_thread_count` - '1' WHERE cat_id = ?", "i", $thread->category->id);
-}
\ No newline at end of file
diff --git a/includes/functions_user.php b/includes/functions_user.php
deleted file mode 100644
index 690350a..0000000
--- a/includes/functions_user.php
+++ /dev/null
@@ -1,31 +0,0 @@
-<?php
-
-function username_exists(string $username): bool
-{
-	$sql = "SELECT * FROM users WHERE user_name = ?;";
-	$result = Database::get()->query($sql, "s", $username);
-
-	return !empty($result);
-}
-
-function register_user(string $username, string $pass_hash)
-{
-	$sql = "INSERT INTO users(user_name, user_pass, user_date, user_level) VALUES(?, ?, NOW(), 0);";
-	Database::get()->query($sql, "ss", $username, $pass_hash);
-}
-
-function change_password(User $user, string $pass_hash)
-{
-	if (!Session::get()->is_signed_in()) {
-		trigger_error('You are not signed in.');
-		return;
-	}
-
-	if (Session::get()->get_current_user()->id != $user->id) {
-		trigger_error("You can't change another user's password.");
-		return;
-	}
-
-	$sql = "UPDATE users SET user_pass = ? WHERE user_id = ?;";
-	Database::get()->query($sql, "si", $pass_hash, $user->id);
-}
\ No newline at end of file
diff --git a/includes/model/Category.php b/includes/model/Category.php
index ed53bdc..e8cbe60 100644
--- a/includes/model/Category.php
+++ b/includes/model/Category.php
@@ -4,19 +4,24 @@ include_once 'Thread.php';
 
 class Category
 {
-	public $id = 0;
-	public $name = 'Unknown';
-	public $description = 'This category does not exist';
+	public $id;
+	public $name;
+	public $description;
 	public $thread_count = 0;
 	public $post_count = 0;
 
-	function get_from_database($id): bool
+	// If an invalid id was passed into the constructor, the database will not have
+	// returned a result, but the object will not be null. 
+	// We need to keep track of whether or not this object has a value.
+	private $has_value = false;
+
+	public function __construct($id)
 	{
 		$sql = "SELECT cat_name, cat_description, cat_thread_count, cat_post_count FROM categories WHERE cat_id = ?;";
 		$result = Database::get()->query($sql, "i", $id);
 
 		if (empty($result)) {
-			return false;
+			return;
 		}
 
 		$this->id = $id;
@@ -25,32 +30,49 @@ class Category
 		$this->thread_count = $result[0]['cat_thread_count'];
 		$this->post_count = $result[0]['cat_post_count'];
 
-		return true;
+		$this->has_value = true;
+	}
+
+	// Returns true if this object was successfully fetched from the database
+	public function has_value()
+	{
+		return $this->has_value;
+	}
+
+	public static function get_all_categories(): array
+	{
+		$sql = "SELECT cat_id FROM categories ORDER BY cat_id;";
+		$result = Database::get()->query($sql);
+
+		$categories = array();
+
+		foreach ($result as $row) {
+			$category = new Category($row['cat_id']);
+			array_push($categories, $category);
+		}
+
+		return $categories;
 	}
 
-	function get_threads(): array
+	public function get_threads(): array
 	{
 		$sql = "SELECT thread_id FROM threads WHERE thread_category = ? ORDER BY thread_date_lastpost DESC";
 		$result = Database::get()->query($sql, "i", $this->id);
 		$threads = array();
 
 		foreach ($result as $row) {
-			$thread = new Thread();
-			$thread->get_from_database($row['thread_id']);
-			array_push($threads, $thread);
+			$thread = new Thread($row['thread_id']);
+			if ($thread->has_value())
+				array_push($threads, $thread);
 		}
 
 		return $threads;
 	}
 
-	function get_latest_thread(): Thread
+	public function get_latest_thread(): Thread
 	{
 		$sql = "SELECT thread_id FROM threads WHERE thread_category = ? ORDER BY thread_date_lastpost DESC LIMIT 1";
 		$result = Database::get()->query($sql, "i", $this->id);
-
-		$thread = new Thread();
-		$thread->get_from_database($result[0]['thread_id']);
-
-		return $thread;
+		return new Thread($result[0]['thread_id']);
 	}
 }
diff --git a/includes/model/Post.php b/includes/model/Post.php
index 67c7e4a..42add02 100644
--- a/includes/model/Post.php
+++ b/includes/model/Post.php
@@ -1,6 +1,52 @@
 <?php
+include_once './includes/Session.php';
+include_once './includes/Database.php';
+include_once './includes/model/User.php';
+include_once './includes/model/Thread.php';
 
-include_once 'Thread.php';
+// Utility functions for building the post HTML
+
+function create_quote(int $id): string
+{
+	$sql = "SELECT post_content, post_author, post_thread, user_name FROM posts LEFT JOIN users ON post_author = user_id WHERE post_id = ?;";
+	$result = Database::get()->query($sql, "i", $id);
+
+	$reply = $result[0];
+
+	if (empty($reply)) {
+		return '<blockquote><span style="color:red;">This post has been deleted</span></blockquote>';
+	}
+
+	return '<blockquote><a href="/viewthread.php?id=' . $reply['post_thread'] . '#p' . $id . '">Quote from ' . $reply['user_name'] . '</a><br>' . $reply['post_content'] . '</blockquote>';
+}
+
+function format_post_content(string $post_content)
+{
+	$post_content = preg_replace_callback('/>#\d+/', function ($matches) {
+		$result = "";
+		foreach ($matches as $match) {
+			$id = (int) filter_var($match, FILTER_SANITIZE_NUMBER_INT);
+			$result .= create_quote($id);
+		}
+		return $result;
+	}, $post_content);
+
+	$result = $post_content;
+
+	// Replace newline characters with HTML <br> tags
+	$result = nl2br($result);
+
+	// Replace YouTube URLs with embedded YouTube videos.
+	$result = preg_replace(
+		"/\s*[a-zA-Z\/:]*youtu(be.com\/watch\?v=|.be\/)([a-zA-Z0-9\-_]+)([a-zA-Z0-9\/*-_?&;%=.]*)/i",
+		'<br><iframe class="youtube-embed" src="//www.youtube.com/embed/$2" allowfullscreen></iframe>', $result);
+
+	// Replace Image URLs with embedded images.
+	$result = preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+(?:\.jpg|\.png|\.gif))(?![^<]*?(?:</\w+>|/?>))@i', '<img class="image-embed" src="http$2://$3" alt="http$2://$3" />', $result);
+
+	// Replace other URLs with links.
+	return preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+)(?![^<]*?(?:</\w+>|/?>))@i', '<a href="http$2://$3">$0</a>', $result);
+}
 
 class Post
 {
@@ -11,26 +57,140 @@ class Post
 	public $thread;
 	public $author;
 
-	function get_from_database($id): bool
+	private $has_value = false;
+
+	public function __construct($id)
 	{
 		$sql = "SELECT post_content, post_date_created, post_date_edited, post_thread, post_author FROM posts WHERE post_id = ?;";
 		$result = Database::get()->query($sql, "i", $id);
 
 		if (empty($result)) {
-			return false;
+			return;
 		}
 
 		$this->id = $id;
 		$this->content = $result[0]['post_content'];
 		$this->date_created = $result[0]['post_date_created'];
 		$this->date_edited = $result[0]['post_date_edited'];
-
-		$this->thread = new Thread();
-		$this->thread->get_from_database($result[0]['post_thread']);
+		$this->thread = new Thread($result[0]['post_thread']);
 
 		$this->author = new User();
 		$this->author->get_by_id($result[0]['post_author']);
 
-		return true;
+		$this->has_value = true;
+	}
+
+	public function has_value()
+	{
+		return $this->has_value;
+	}
+
+	/**
+	 * Get the post content from the database and return it as a string ready for HTML display
+	 */
+	function get_content(): string
+	{
+		// Build the header
+		$result = '<div class="header" id="p' . $this->id . '"><b>#' . $this->id . '</b>';
+		$result .= ' Posted by <a href="viewuser.php?id=' . $this->author->id . '">' . $this->author->name . '</a>';
+		$result .= ' on ' . date('m/d/Y g:ia', strtotime($this->date_created));
+
+		// If the post has a edit date, display it
+		if (!is_null($this->date_edited)) {
+			$result .= ' <small>edited ' . date('m/d/Y g:ia', strtotime($this->date_edited)) . '</small>';
+		}
+
+		// Append a manage post button if the user is signed in and is the post's creator
+		if (Session::get()->is_signed_in() && Session::get()->get_current_user()->id == $this->author->id) {
+			$result .= '<span style="float:right;">';
+			$result .= '[<a href="manage_post.php?id=' . $this->id . '">Edit/Delete</a>]';
+			$result .= '</span>';
+		}
+		$result .= '</div>';
+
+		// Append the formatted post content
+		$result .= '<span class="post-content">' . format_post_content($this->content) . '</span>';
+
+		return $result;
+	}
+
+	function set_content(string $post_content)
+	{
+		// User must be signed in
+		if (!Session::get()->is_signed_in()) {
+			trigger_error('You must be signed in to edit this post!');
+			return;
+		}
+
+		// User must have permission to edit the post
+		$current_user = Session::get()->get_current_user();
+		if ($current_user->id != $this->author->id) {
+			trigger_error("You don't have sufficient permissions to edit this post.");
+			return;
+		}
+
+		// Set the post content and the post edit date
+		$sql = "UPDATE posts SET post_content = ?, post_date_edited = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE post_id = ?;";
+		Database::get()->query($sql, "si", $post_content, $this->id);
+	}
+
+	function delete()
+	{
+		// User must be signed in
+		if (!Session::get()->is_signed_in()) {
+			trigger_error('You must be signed in to delete a post!');
+			return;
+		}
+
+		// User must have permission to delete the post
+		if (Session::get()->get_current_user()->level != USER_LEVEL_MODERATOR) {
+			trigger_error("You don't have sufficient permissions to delete this post.");
+			return;
+		}
+
+		// Delete the post from the database
+		Database::get()->query("DELETE FROM posts WHERE post_id = ?", "i", $this->id);
+
+		// Decrement the post count of the category
+		Database::get()->query("UPDATE categories SET `cat_post_count` = `cat_post_count` - '1' WHERE cat_id = ?", "i", $this->thread->category->id);
+	}
+
+	public static function create($post_content, $post_thread, $post_category)
+	{
+		// User must be signed in
+		if (!Session::get()->is_signed_in()) {
+			trigger_error('You must be signed in to create a post');
+			return;
+		}
+
+		$user = Session::get()->get_current_user();
+
+		// Insert the post into the database
+		$sql = "INSERT INTO posts(post_content, post_date_created, post_thread, post_author) VALUES (?, CONVERT_TZ(NOW(), 'SYSTEM', '+00:00'), ?, ?);";
+		Database::get()->query($sql, "sii", $post_content, $post_thread, $user->id);
+
+		// Increment the category's post count
+		$sql = "UPDATE categories SET `cat_post_count` = `cat_post_count` + '1' WHERE cat_id = ?;";
+		Database::get()->query($sql, "i", $post_category);
+
+		// Set the last post date of the parent thread
+		$sql = "UPDATE threads SET thread_date_lastpost = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE thread_id = ?;";
+		Database::get()->query($sql, "i", $post_thread);
+	}
+
+	public static function get_all_posts(): array
+	{
+		$sql = "SELECT post_id FROM posts";
+		$result = Database::get()->query($sql);
+
+		$posts = array();
+
+		foreach ($result as $row) {
+			$post = new Post();
+			$post->get_from_database($row['post_id']);
+			array_push($posts, $post);
+		}
+
+		return $posts;
 	}
 }
diff --git a/includes/model/Thread.php b/includes/model/Thread.php
index cfe10d6..95bd3d8 100644
--- a/includes/model/Thread.php
+++ b/includes/model/Thread.php
@@ -1,42 +1,109 @@
 <?php
-
+include_once './includes/Database.php';
+include_once './includes/Session.php';
 include_once 'Category.php';
 include_once 'User.php';
 include_once 'Post.php';
 
 class Thread
 {
-	public $id = 0;
-	public $subject = 'Unknown thread';
+	public $id;
+	public $subject;
 	public $date_created = 0;
 	public $date_lastpost = 0;
 	public $category;
 	public $author;
 
-	function get_from_database($id): bool
+	private $has_value = false;
+
+	function __construct($id)
 	{
 		$sql = "SELECT thread_subject, thread_date_created, thread_date_lastpost, thread_category, thread_author FROM threads WHERE thread_id = ?;";
 		$result = Database::get()->query($sql, "i", $id);
 
 		if (empty($result)) {
-			return false;
+			return;
 		}
 
 		$this->id = $id;
 		$this->subject = $result[0]['thread_subject'];
 		$this->date_created = $result[0]['thread_date_created'];
 		$this->date_lastpost = $result[0]['thread_date_lastpost'];
-
-		$this->category = new Category();
-		$this->category->get_from_database($result[0]['thread_category']);
+		$this->category = new Category($result[0]['thread_category']);
 
 		$this->author = new User();
 		$this->author->get_by_id($result[0]['thread_author']);
 
-		return true;
+		$this->has_value = true;
 	}
 
-	function get_posts(): array
+	public static function create($subject, $category): int
+	{
+		if (!Session::get()->is_signed_in()) {
+			trigger_error('You must be signed in to create a thread');
+			return 0;
+		}
+
+		$user = Session::get()->get_current_user();
+
+		// Insert the new thread into the database
+		$sql = "INSERT INTO threads(thread_subject, thread_date_created, thread_date_lastpost, thread_category, thread_author) VALUES (?, CONVERT_TZ(NOW(), 'SYSTEM', '+00:00'), CONVERT_TZ(NOW(), 'SYSTEM', '+00:00'), ?, ?);";
+		Database::get()->query($sql, "sii", $subject, $category, $user->id);
+
+		// Get the ID of the thread we just created
+		$thread_id = Database::get()->get_last_id();
+
+		// Increment the category's thread count
+		$sql = "UPDATE categories SET `cat_thread_count` = `cat_thread_count` + '1' WHERE cat_id = ?;";
+		Database::get()->query($sql, "i", $category);
+
+		return $thread_id;
+	}
+
+	public static function delete($thread)
+	{
+		// User must be signed in
+		if (!Session::get()->is_signed_in()) {
+			trigger_error('You must be signed in to delete a thread.');
+			return;
+		}
+
+		// User must be a moderator to delete a thread
+		$current_user = Session::get()->get_current_user();
+		if ($current_user->level != USER_LEVEL_MODERATOR) {
+			trigger_error("You must be a moderator to delete this post.");
+			return;
+		}
+
+		// Delete the thread from the database
+		Database::get()->query("DELETE FROM threads WHERE thread_id = ?", "i", $thread->id);
+
+		// Decrement the thread count of the category
+		Database::get()->query("UPDATE categories SET `cat_thread_count` = `cat_thread_count` - '1' WHERE cat_id = ?", "i", $thread->category->id);
+	}
+
+	public function has_value()
+	{
+		return $this->has_value;
+	}
+
+	public static function get_all(): array
+	{
+		$sql = "SELECT thread_id FROM threads";
+		$result = Database::get()->query($sql);
+
+		$threads = array();
+
+		foreach ($result as $row) {
+			$thread = new Thread($row['thread_id']);
+			if ($thread->has_value())
+				array_push($threads, $thread);
+		}
+
+		return $threads;
+	}
+
+	public function get_posts(): array
 	{
 		$sql = "SELECT post_id FROM posts WHERE post_thread = ?";
 		$result = Database::get()->query($sql, "i", $this->id);
@@ -44,22 +111,18 @@ class Thread
 		$posts = array();
 
 		foreach ($result as $row) {
-			$post = new Post();
-			$post->get_from_database($row['post_id']);
-			array_push($posts, $post);
+			$post = new Post($row['post_id']);
+			if ($post->has_value())
+				array_push($posts, $post);
 		}
 
 		return $posts;
 	}
 
-	function get_latest_post(): Post
+	public function get_latest_post(): Post
 	{
 		$sql = "SELECT post_id FROM posts WHERE post_thread = ? ORDER BY post_date_created DESC LIMIT 1";
 		$result = Database::get()->query($sql, "i", $this->id);
-
-		$post = new Post();
-		$post->get_from_database($result[0]['post_id']);
-
-		return $post;
+		return new Post($result[0]['post_id']);
 	}
 }
diff --git a/includes/model/User.php b/includes/model/User.php
index f2bd23d..13cbc03 100644
--- a/includes/model/User.php
+++ b/includes/model/User.php
@@ -6,18 +6,40 @@ const USER_LEVEL_MODERATOR = 1;
 class User
 {
 	public $id;
-	public $name = 'Unknown';
+	public $name;
 	public $password;
-	public $date = 0;
+	public $date;
 	public $level = 0;
 
-	function get_by_name($name): bool
+	private $has_value = false;
+
+	// Can't use a constructor here because we have two possible ways to get the user from the database
+	// and PHP does not allow function overloading. 
+	public function get_by_id($id)
+	{
+		$sql = "SELECT user_name, user_date, user_level, user_pass FROM users WHERE user_id = ?;";
+		$result = Database::get()->query($sql, "i", $id);
+
+		if (empty($result)) {
+			return;
+		}
+
+		$this->id = $id;
+		$this->name = $result[0]['user_name'];
+		$this->password = $result[0]['user_pass'];
+		$this->date = $result[0]['user_date'];
+		$this->level = $result[0]['user_level'];
+
+		$this->has_value = true;
+	}
+
+	public function get_by_name($name)
 	{
 		$sql = "SELECT user_id, user_date, user_level, user_pass FROM users WHERE user_name = ?";
 		$result = Database::get()->query($sql, "s", $name);
 
 		if (empty($result)) {
-			return false;
+			return;
 		}
 
 		$this->id = $result[0]['user_id'];
@@ -26,18 +48,41 @@ class User
 		$this->date = $result[0]['user_date'];
 		$this->level = $result[0]['user_level'];
 
-		return true;
+		$this->has_value = true;
 	}
 
-	function get_by_id($id)
+	public function has_value()
 	{
-		$sql = "SELECT user_name, user_date, user_level, user_pass FROM users WHERE user_id = ?;";
-		$result = Database::get()->query($sql, "i", $id);
+		return $this->has_value;
+	}
 
-		$this->id = $id;
-		$this->name = $result[0]['user_name'];
-		$this->password = $result[0]['user_pass'];
-		$this->date = $result[0]['user_date'];
-		$this->level = $result[0]['user_level'];
+	public static function register(string $username, string $pass_hash)
+	{
+		$sql = "INSERT INTO users(user_name, user_pass, user_date, user_level) VALUES(?, ?, NOW(), 0);";
+		Database::get()->query($sql, "ss", $username, $pass_hash);
 	}
+
+	public function change_password(string $pass_hash)
+	{
+		if (!Session::get()->is_signed_in()) {
+			trigger_error('You are not signed in.');
+			return;
+		}
+
+		if (Session::get()->get_current_user()->id != $this->id) {
+			trigger_error("You can't change another user's password.");
+			return;
+		}
+
+		$sql = "UPDATE users SET user_pass = ? WHERE user_id = ?;";
+		Database::get()->query($sql, "si", $pass_hash, $this->id);
+	}
+}
+
+function username_exists(string $username): bool
+{
+	$sql = "SELECT * FROM users WHERE user_name = ?;";
+	$result = Database::get()->query($sql, "s", $username);
+
+	return !empty($result);
 }
\ No newline at end of file
diff --git a/index.php b/index.php
index 9d62f52..dadef39 100644
--- a/index.php
+++ b/index.php
@@ -27,10 +27,9 @@
         <th>Latest Thread</th>
     </tr>
 	<?php
-    include_once './includes/functions_category.php';
     include_once './includes/model/Category.php';
 
-	$categories = get_all_categories();
+	$categories = Category::get_all_categories();
 
 	foreach ($categories as $category) {
 		$latest_thread = $category->get_latest_thread();
@@ -42,7 +41,7 @@
 		echo '</td>';
 		echo '<td>' . $category->thread_count . '</td>';
 		echo '<td>' . $category->post_count . '</td>';
-		if (!is_null($latest_thread)) {
+		if ($latest_thread->has_value()) {
 			echo '<td><b><a href="viewthread.php?id=' . $latest_thread->id . '">' . $latest_thread->subject . '</a></b><br>';
 			echo '<small>by <b><a href="viewuser.php?id=' . $latest_thread->author->id . '">' . $latest_thread->author->name . '</a></b>, ' . $latest_thread->date_created . '</small></td>';
 		} else {
diff --git a/register.php b/register.php
index 4c42610..9eb3347 100644
--- a/register.php
+++ b/register.php
@@ -20,7 +20,7 @@
 <br>
 
 <?php
-include_once './includes/functions_user.php';
+include_once './includes/model/User.php';
 include_once './includes/error.php';
 
 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
@@ -70,7 +70,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
 		trigger_error($errstr);
 	} else {
 		$pass_hash = password_hash($user_pass, PASSWORD_DEFAULT);
-        register_user($user_name, $pass_hash);
+        User::register($user_name, $pass_hash);
 		echo '<p class="success">Account successfully registered! You can now <a href="signin.php">sign in</a></p>';
 	}
 }
diff --git a/signin.php b/signin.php
index c38845d..0eb492d 100644
--- a/signin.php
+++ b/signin.php
@@ -15,7 +15,6 @@
     <input type="password" name="user_pass"><br>
     <input type="submit" name="submit">
 </form>
-
 <?php
 include_once 'includes/error.php';
 
@@ -51,9 +50,9 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
 		trigger_error($errstr);
 	} else {
 		$user = new User();
-		$result = $user->get_by_name($user_name);
+		$user->get_by_name($user_name);
 
-		if (!$result) {
+		if (!$user->has_value()) {
 			trigger_error('There is no user with that name. Did you mean to <a href="register.php">create a new account?</a>');
 		} else {
 			if (!password_verify($user_pass, $user->password)) {
diff --git a/viewcategory.php b/viewcategory.php
index 852148b..e68bab2 100644
--- a/viewcategory.php
+++ b/viewcategory.php
@@ -1,22 +1,19 @@
 <?php
-
 include_once 'includes/model/Category.php';
 
 session_start();
 
-$current = new Category();
+if (!isset($_GET['id']) or !filter_var($_GET['id'], FILTER_VALIDATE_INT)) {
+	http_response_code(404);
+	include('includes/templates/404.php');
+	die();
+}
 
-if (!isset($_GET['id']) || !filter_var($_GET['id'], FILTER_VALIDATE_INT)) {
+$current = new Category($_GET['id']);
+if (!$current->has_value()) {
 	http_response_code(404);
 	include('includes/templates/404.php');
 	die();
-} else {
-	$result = $current->get_from_database($_GET['id']);
-	if (!$result) {
-		http_response_code(404);
-		include('includes/templates/404.php');
-		die();
-	}
 }
 ?>
 <!DOCTYPE html>
diff --git a/viewthread.php b/viewthread.php
index fa1c81b..12b9429 100644
--- a/viewthread.php
+++ b/viewthread.php
@@ -3,20 +3,17 @@ include_once 'includes/model/Thread.php';
 
 session_start();
 
-$current = new Thread();
-
 if (!isset($_GET['id']) || !filter_var($_GET['id'], FILTER_VALIDATE_INT)) {
 	http_response_code(404);
 	include('includes/templates/404.php');
 	die();
-} else {
-	$result = $current->get_from_database($_GET['id']);
+} 
 
-	if (!$result) {
-		http_response_code(404);
-		include('includes/templates/404.php');
-		die();
-	}
+$current = new Thread($_GET['id']);
+if (!$current->has_value()) {
+	http_response_code(404);
+	include('includes/templates/404.php');
+	die();
 }
 ?>
 <!DOCTYPE html>
@@ -32,7 +29,7 @@ created by <b><?= $current->author->name; ?></b>
 in <b><?= $current->category->name; ?></b>
 <abbr title="<?= date('M d, Y g:ia', strtotime($current->date_created)); ?>">3 days ago</abbr>
 <?php
-include_once('includes/model/User.php');
+include_once './includes/model/User.php';
 
 if (Session::get()->is_signed_in()) {
 	$user = Session::get()->get_current_user();
@@ -58,18 +55,17 @@ if (Session::get()->is_signed_in()) {
 ?>
 <hr>
 <?php
-include './includes/functions_post.php';
+include_once './includes/model/Post.php';
 
 $posts = $current->get_posts();
 
 foreach ($posts as $post) {
-	echo get_post_content($post);
+	echo $post->get_content();
 }
 ?>
 <hr>
 <h2>Reply to this thread</h2>
 <?php
-include_once 'includes/functions_post.php';
 include_once 'includes/error.php';
 
 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
@@ -83,7 +79,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
 	if (empty($post_content) or !$post_content) {
 		trigger_error('Reply cannot be empty');
 	} else {
-		create_post($post_content, $current->id, $current->category->id);
+		Post::create($post_content, $current->id, $current->category->id);
 		header('Location: ' . $_SERVER['PHP_SELF'] . '?id=' . $current->id);
 	}
 }
diff --git a/viewuser.php b/viewuser.php
index 45f557a..de40d6f 100644
--- a/viewuser.php
+++ b/viewuser.php
@@ -3,22 +3,29 @@ include_once './includes/model/User.php';
 
 session_start();
 
-$current = new User();
+if (!isset($_GET['id']) or !filter_var($_GET['id'], FILTER_VALIDATE_INT)) {
+	http_response_code(404);
+	include('includes/templates/404.php');
+	die();
+}
 
-if (!isset($_GET['id'])) {
-} else {
-	$current->get_by_id($_GET['id']);
+$current = new User();
+$current->get_by_id($_GET['id']);
+if (!$current->has_value()) {
+	http_response_code(404);
+	include('includes/templates/404.php');
+	die();
 }
 ?>
 <!DOCTYPE html>
 <html lang="en">
 <head>
-    <title><?= $current->name; ?>'s Profile - cflip.net forum</title>
-    <link rel="stylesheet" href="styles/style.css">
+	<title><?= $current->name; ?>'s Profile - cflip.net forum</title>
+	<link rel="stylesheet" href="styles/style.css">
 </head>
 <body>
 <?php include_once "includes/templates/header.php" ?>
-<h1><?= $current->name; ?></h1>
-member since <?= date('M d, Y', strtotime($current->date)); ?>
+	<h1><?= $current->name; ?></h1>
+	member since <?= date('M d, Y', strtotime($current->date)); ?>
 </body>
 </html>
-- 
cgit v1.2.3