From 6c9369ad85f2fb3dc61234b54db7e7079cdc0c4e Mon Sep 17 00:00:00 2001 From: cflip <36554078+cflip@users.noreply.github.com> Date: Fri, 23 Apr 2021 18:43:12 -0600 Subject: Refactoring part 1 --- includes/Database.php | 37 +++++++++++++ includes/Session.php | 52 ++++++++++++++++++ includes/functions_post.php | 57 ++++++++++++++++++++ includes/model/Category.php | 103 +++++++++++++++++++++++++++++++++++ includes/model/Post.php | 121 ++++++++++++++++++++++++++++++++++++++++++ includes/model/Thread.php | 111 ++++++++++++++++++++++++++++++++++++++ includes/model/User.php | 59 ++++++++++++++++++++ includes/templates/404.php | 12 +++++ includes/templates/header.php | 14 +++++ index.php | 85 +++++++++++++++-------------- manage_post.php | 26 ++------- model/Category.php | 103 ----------------------------------- model/Post.php | 121 ------------------------------------------ model/Thread.php | 111 -------------------------------------- model/User.php | 57 -------------------- register.php | 2 +- signin.php | 2 +- styles/style.css | 5 +- templates/404.php | 12 ----- templates/header.php | 14 ----- viewcategory.php | 68 ++++++++++++------------ viewthread.php | 60 ++++++++++----------- 22 files changed, 680 insertions(+), 552 deletions(-) create mode 100644 includes/Database.php create mode 100644 includes/Session.php create mode 100644 includes/functions_post.php create mode 100644 includes/model/Category.php create mode 100644 includes/model/Post.php create mode 100644 includes/model/Thread.php create mode 100644 includes/model/User.php create mode 100644 includes/templates/404.php create mode 100644 includes/templates/header.php delete mode 100644 model/Category.php delete mode 100644 model/Post.php delete mode 100644 model/Thread.php delete mode 100644 model/User.php delete mode 100644 templates/404.php delete mode 100644 templates/header.php diff --git a/includes/Database.php b/includes/Database.php new file mode 100644 index 0000000..3308e4c --- /dev/null +++ b/includes/Database.php @@ -0,0 +1,37 @@ +sql_connection = mysqli_connect($db_server, $db_user, $db_pass, $db_database); + + if (!$this->sql_connection) { + trigger_error("Database connection error: " . mysqli_connect_error()); + } + } + + public static function get(): ?Database + { + if (self::$instance == null) { + self::$instance = new Database(); + } + + return self::$instance; + } + + public function query(string $sql) + { + mysqli_query($this->sql_connection, $sql); + } +} \ No newline at end of file diff --git a/includes/Session.php b/includes/Session.php new file mode 100644 index 0000000..d97e7c5 --- /dev/null +++ b/includes/Session.php @@ -0,0 +1,52 @@ +is_signed_in()) { + return null; + } + + $result = new User(); + + if (isset($_SESSION['user_id'])) { + $result->get_by_id($_GET['id'], $dbc); + } else { + $result = null; + } + + return $result; + } +} \ No newline at end of file diff --git a/includes/functions_post.php b/includes/functions_post.php new file mode 100644 index 0000000..5bc8c2a --- /dev/null +++ b/includes/functions_post.php @@ -0,0 +1,57 @@ +is_signed_in()) { + trigger_error('You must be signed in to delete a post!'); + } + + // User must have permission to delete the post + $current_user = Session::get()->get_current_user(); + if ($current_user->id == $post->author->id || $current_user->level != USER_LEVEL_MODERATOR) { + trigger_error("You don't have sufficient permissions to delete this post."); + } + + // TODO: The post must not be locked + + // TODO: The post must have not been around for a certain amount of time + + // Delete the post from the database + Database::get()->query("DELETE FROM posts WHERE post_id = $post->id"); + + // Decrement the post count of the category + $sql = "UPDATE categories SET `cat_post_count` = `cat_post_count` - '1' WHERE cat_id = " . $post->thread->category->id . ";"; + mysqli_query($dbc, $sql); +} + +function edit_post($post, $post_content) +{ + // User must be signed in + if (!Session::get()->is_signed_in()) { + trigger_error('You must be signed in to edit this post!'); + } + + // User must have permission to edit the post + $current_user = Session::get()->get_current_user(); + if ($current_user->id == $post->author->id || $current_user->level != USER_LEVEL_MODERATOR) { + trigger_error("You don't have sufficient permissions to edit this post."); + } + + // Set the post content and the post edit date + $sql = "UPDATE posts SET post_content = ?, post_date_edited = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE post_id = ?;"; + $stmt = mysqli_stmt_init($dbc); + + if (!mysqli_stmt_prepare($stmt, $sql)) { + trigger_error('Could not create post due to internal error: ' . mysqli_error($dbc)); + } + + mysqli_stmt_bind_param($stmt, "si", $post_content, $id); + mysqli_stmt_execute($stmt); + mysqli_stmt_close($stmt); + + // Redirect to the post's thread page + header("Location: /viewthread.php?id=" . $post->thread->id); +} diff --git a/includes/model/Category.php b/includes/model/Category.php new file mode 100644 index 0000000..b7c46d9 --- /dev/null +++ b/includes/model/Category.php @@ -0,0 +1,103 @@ +id = $id; + $this->name = $row['cat_name']; + $this->description = $row['cat_description']; + $this->thread_count = $row['cat_thread_count']; + $this->post_count = $row['cat_post_count']; + } + } + + mysqli_free_result($result); + return 1; + } + + function get_threads($dbc) { + $sql = "SELECT thread_id FROM threads WHERE thread_category = " . $this->id . " ORDER BY thread_date_lastpost DESC"; + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'Could not get threads from category: ' . mysqli_error($dbc); + } + + $threads = array(); + + if (mysqli_num_rows($result) == 0) { + } else { + while ($row = mysqli_fetch_assoc($result)) { + $thread = new Thread(); + $thread->get_from_database($row['thread_id'], $dbc); + array_push($threads, $thread); + } + } + + mysqli_free_result($result); + return $threads; + } + + function get_latest_thread($dbc) { + $sql = "SELECT thread_id FROM threads WHERE thread_category = " . $this->id . " ORDER BY thread_date_lastpost DESC LIMIT 1"; + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'Could not get thread from category: ' . mysqli_error($dbc); + } + + $thread = null; + + if (mysqli_num_rows($result) == 0) { + } else { + while ($row = mysqli_fetch_assoc($result)) { + $thread = new Thread(); + $thread->get_from_database($row['thread_id'], $dbc); + } + } + + mysqli_free_result($result); + return $thread; + } +} + +function get_all_categories($dbc) { + $sql = "SELECT cat_id FROM categories ORDER BY cat_id ASC;"; + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'Failed to get categories: ' . mysqli_error($dbc); + } + + $categories = array(); + + if (mysqli_num_rows($result) == 0) { + } else { + while ($row = mysqli_fetch_assoc($result)) { + $category = new Category(); + $category->get_from_database($row['cat_id'], $dbc); + array_push($categories, $category); + } + } + + mysqli_free_result($result); + return $categories; +} \ No newline at end of file diff --git a/includes/model/Post.php b/includes/model/Post.php new file mode 100644 index 0000000..34d6a79 --- /dev/null +++ b/includes/model/Post.php @@ -0,0 +1,121 @@ +'; + } + + $reply = mysqli_fetch_assoc($result); + + if (empty($reply)) { + return '
This post has been deleted
'; + } + + return '
Quote from ' . $reply['user_name'] . '
' . $reply['post_content'] . '
'; + } +} + +class Post { + public $id; + public $content; + public $date_created; + public $date_edited; + public $thread; + public $author; + + function get_from_database($id, $dbc) { + // TODO: Potential SQL injection risk? + $sql = "SELECT post_content, post_date_created, post_date_edited, post_thread, post_author FROM posts WHERE post_id = " . mysqli_real_escape_string($dbc, $id); + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'Failed to get post: ' . mysqli_error($dbc); + } + + if (mysqli_num_rows($result) == 0) { + return 0; + } else { + while ($row = mysqli_fetch_assoc($result)) { + $this->id = $id; + $this->content = $row['post_content']; + $this->date_created = $row['post_date_created']; + $this->date_edited = $row['post_date_edited']; + + $this->thread = new Thread(); + $this->thread->get_from_database($row['post_thread'], $dbc); + + $this->author = new User(); + $this->author->get_by_id($row['post_author'], $dbc); + } + } + + mysqli_free_result($result); + return 1; + } + + function display_content($dbc) { + echo '
#' . $this->id . ''; + echo ' Posted by ' . $this->author->name . ''; + echo ' on ' . date('m/d/Y g:ia', strtotime($this->date_created)); + if (!is_null($this->date_edited)) { + echo ' edited ' . date('m/d/Y g:ia', strtotime($this->date_edited)) . ''; + } + if (isset($_SESSION['signed_in']) && $_SESSION['user_id'] == $this->author->id) { + echo ''; + echo '[Edit/Delete] '; + echo''; + } + echo '
'; + + $post_content = $this->content; + $thread_id = $this->id; + + $post_content = preg_replace_callback('/>#\d+/', function($matches) use($thread_id, $dbc) { + return add_quote($dbc, $thread_id, $matches); + }, $post_content); + + // Replace newline characters with HTML
tags + $post_content = nl2br($post_content); + + // Replace YouTube URLs with embedded YouTube videos. + $post_content = preg_replace( + "/\s*[a-zA-Z\/\/:\.]*youtu(be.com\/watch\?v=|.be\/)([a-zA-Z0-9\-_]+)([a-zA-Z0-9\/\*\-\_\?\&\;\%\=\.]*)/i", + '
', $post_content); + // Replace Image URLs with embedded images. + $post_content = preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+(?:\.jpg|\.png|\.gif))(?![^<]*?(?:|/?>))@i', 'http$2://$3', $post_content); + // Replace other URLs with links. + $post_content = preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+)(?![^<]*?(?:|/?>))@i', '$0', $post_content); + + echo '' . $post_content . ''; + } +} + +function get_all_posts($dbc) { + $sql = "SELECT post_id FROM posts"; + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'Failed to get posts: ' . mysqli_error($dbc); + } + + $posts = array(); + + if (mysqli_num_rows($result) == 0) { + } else { + while ($row = mysqli_fetch_assoc($result)) { + $post = new Post(); + $post->get_from_database($row['post_id'], $dbc); + array_push($posts, $post); + } + } + + mysqli_free_result($result); + return $posts; +} diff --git a/includes/model/Thread.php b/includes/model/Thread.php new file mode 100644 index 0000000..a9dc690 --- /dev/null +++ b/includes/model/Thread.php @@ -0,0 +1,111 @@ +id = $id; + $this->subject = $row['thread_subject']; + $this->date_created = $row['thread_date_created']; + $this->date_lastpost = $row['thread_date_lastpost']; + + $this->category = new Category(); + $this->category->get_from_database($row['thread_category'], $dbc); + + $this->author = new User(); + $this->author->get_by_id($row['thread_author'], $dbc); + } + } + + mysqli_free_result($result); + return 1; + } + + function get_posts($dbc) { + $sql = "SELECT post_id FROM posts WHERE post_thread = " . $this->id; + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'Could not get posts from thread: ' . mysqli_error($dbc); + } + + $posts = array(); + + if (mysqli_num_rows($result) == 0) { + } else { + while ($row = mysqli_fetch_assoc($result)) { + $post = new Post(); + $post->get_from_database($row['post_id'], $dbc); + array_push($posts, $post); + } + } + + mysqli_free_result($result); + return $posts; + } + + function get_latest_post($dbc) { + $sql = "SELECT post_id FROM posts WHERE post_thread = " . $this->id . " ORDER BY post_date_created DESC LIMIT 1"; + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'Could not get post from category: ' . mysqli_error($dbc); + } + + $post = null; + + if (mysqli_num_rows($result) == 0) { + } else { + while ($row = mysqli_fetch_assoc($result)) { + $post = new Post(); + $post->get_from_database($row['post_id'], $dbc); + } + } + + mysqli_free_result($result); + return $post; + } +} + +function get_all_threads($dbc) { + $sql = "SELECT thread_id FROM threads"; + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'Failed to get threads: ' . mysqli_error($dbc); + } + + $threads = array(); + + if (mysqli_num_rows($result) == 0) { + } else { + while ($row = mysqli_fetch_assoc($result)) { + $thread = new Thread(); + $thread->get_from_database($row['thread_id'], $dbc); + array_push($threads, $thread); + } + } + + mysqli_free_result($result); + return $threads; +} diff --git a/includes/model/User.php b/includes/model/User.php new file mode 100644 index 0000000..1c48afb --- /dev/null +++ b/includes/model/User.php @@ -0,0 +1,59 @@ +id = $row['user_id']; + $this->name = $name; + $this->date = $row['user_date']; + $this->level = $row['user_level']; + } + } + + mysqli_free_result($result); + mysqli_stmt_close($stmt); + } + + function get_by_id($id, $dbc) { + $sql = "SELECT user_name, user_date, user_level FROM users WHERE user_id = " . mysqli_real_escape_string($dbc, $id); + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'Failed to get user: ' . mysqli_error($dbc); + } + + if (mysqli_num_rows($result) == 0) { + } else { + while ($row = mysqli_fetch_assoc($result)) { + $this->id = $id; + $this->name = $row['user_name']; + $this->date = $row['user_date']; + $this->level = $row['user_level']; + } + } + + mysqli_free_result($result); + } + +} \ No newline at end of file diff --git a/includes/templates/404.php b/includes/templates/404.php new file mode 100644 index 0000000..d4d5128 --- /dev/null +++ b/includes/templates/404.php @@ -0,0 +1,12 @@ + + + + cflip.net forum + + + + +

Page Not Found

+

The page you requested does not exist.

+ + diff --git a/includes/templates/header.php b/includes/templates/header.php new file mode 100644 index 0000000..4eb17e3 --- /dev/null +++ b/includes/templates/header.php @@ -0,0 +1,14 @@ +

cflip.net forumbeta

+[Home] +[All Threads] +[All Posts] +[Create a thread] + + ' . $_SESSION['user_name'] . '\'s Profile] [Log out]'; + } else { + echo '[Sign in] or [Register an account]'; + } + ?> + diff --git a/index.php b/index.php index bdbf770..7b92524 100644 --- a/index.php +++ b/index.php @@ -1,53 +1,56 @@ - + - + - cflip.net forum - + cflip.net forum + - -

Welcome to the cflip.net forum!

-

- This is the beta test of the forum website, so there are lots of features missing. Since there are no moderation features built into the website, - for the most part I don't care that much about what is posted here. Some links and buttons may not have any functionality either! -

-

- If you notice a problem or have an idea for a feature that is missing, reply to this thread! -

-

Categories

- - - - - - - + +

Welcome to the cflip.net forum!

+

+ This is the beta test of the forum website, so there are lots of features missing. Since there are no moderation + features built into the website, + for the most part I don't care that much about what is posted here. Some links and buttons may not have any + functionality either! +

+

+ If you notice a problem or have an idea for a feature that is missing, reply to this thread! +

+

Categories

+
CategoryThreadsPostsLatest Thread
+ + + + + + get_latest_thread($dbc); + foreach ($categories as $category) { + $latest_thread = $category->get_latest_thread($dbc); - echo ''; - echo ''; - echo ''; - echo ''; - if (!is_null($latest_thread)) { - echo ''; - } else { - echo ''; - } - echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + if (!is_null($latest_thread)) { + echo ''; + } else { + echo ''; } + echo ''; + } ?> -
CategoryThreadsPostsLatest Thread
'; - echo '' . $category->name . ''; - echo '
' . $category->description . ''; - echo '		' . $category->thread_count . '' . $category->post_count . '' . $latest_thread->subject . '
'; - echo 'by ' . $latest_thread->author->name . ', ' . $latest_thread->date_created . '		No threads yet!
'; + echo '' . $category->name . ''; + echo '
' . $category->description . ''; + echo '		' . $category->thread_count . '' . $category->post_count . '' . $latest_thread->subject . '
'; + echo 'by ' . $latest_thread->author->name . ', ' . $latest_thread->date_created . '		No threads yet!
+ diff --git a/manage_post.php b/manage_post.php index 8c6129b..3f9a9b3 100644 --- a/manage_post.php +++ b/manage_post.php @@ -1,15 +1,7 @@ id"; - mysqli_query($dbc, $sql); - - $sql = "UPDATE categories SET `cat_post_count` = `cat_post_count` - '1' WHERE cat_id = " . $post->thread->category->id . ";"; - mysqli_query($dbc, $sql); -} +include('includes/db_inc.php'); +include('includes/functions_post.php'); +include('includes/model/Post.php'); session_start(); @@ -41,7 +33,6 @@ if ($_SERVER['REQUEST_METHOD'] == 'GET') { goto end; } - if ($_SESSION['user_id'] != $post->author->id) { echo "You can't manage another user's post!"; goto end; @@ -50,16 +41,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'GET') { if (strcasecmp($delete, "on") == 0) { delete_post($dbc, $post); } else { - $sql = "UPDATE posts SET post_content = ?, post_date_edited = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE post_id = ?;"; - $stmt = mysqli_stmt_init($dbc); - - if (!mysqli_stmt_prepare($stmt, $sql)) { - die('Could not create post due to internal error: ' . mysqli_error($dbc)); - } - - mysqli_stmt_bind_param($stmt, "si", $post_content, $id); - mysqli_stmt_execute($stmt); - mysqli_stmt_close($stmt); + edit_post(); } end: diff --git a/model/Category.php b/model/Category.php deleted file mode 100644 index b7c46d9..0000000 --- a/model/Category.php +++ /dev/null @@ -1,103 +0,0 @@ -id = $id; - $this->name = $row['cat_name']; - $this->description = $row['cat_description']; - $this->thread_count = $row['cat_thread_count']; - $this->post_count = $row['cat_post_count']; - } - } - - mysqli_free_result($result); - return 1; - } - - function get_threads($dbc) { - $sql = "SELECT thread_id FROM threads WHERE thread_category = " . $this->id . " ORDER BY thread_date_lastpost DESC"; - $result = mysqli_query($dbc, $sql); - - if (!$result) { - echo 'Could not get threads from category: ' . mysqli_error($dbc); - } - - $threads = array(); - - if (mysqli_num_rows($result) == 0) { - } else { - while ($row = mysqli_fetch_assoc($result)) { - $thread = new Thread(); - $thread->get_from_database($row['thread_id'], $dbc); - array_push($threads, $thread); - } - } - - mysqli_free_result($result); - return $threads; - } - - function get_latest_thread($dbc) { - $sql = "SELECT thread_id FROM threads WHERE thread_category = " . $this->id . " ORDER BY thread_date_lastpost DESC LIMIT 1"; - $result = mysqli_query($dbc, $sql); - - if (!$result) { - echo 'Could not get thread from category: ' . mysqli_error($dbc); - } - - $thread = null; - - if (mysqli_num_rows($result) == 0) { - } else { - while ($row = mysqli_fetch_assoc($result)) { - $thread = new Thread(); - $thread->get_from_database($row['thread_id'], $dbc); - } - } - - mysqli_free_result($result); - return $thread; - } -} - -function get_all_categories($dbc) { - $sql = "SELECT cat_id FROM categories ORDER BY cat_id ASC;"; - $result = mysqli_query($dbc, $sql); - - if (!$result) { - echo 'Failed to get categories: ' . mysqli_error($dbc); - } - - $categories = array(); - - if (mysqli_num_rows($result) == 0) { - } else { - while ($row = mysqli_fetch_assoc($result)) { - $category = new Category(); - $category->get_from_database($row['cat_id'], $dbc); - array_push($categories, $category); - } - } - - mysqli_free_result($result); - return $categories; -} \ No newline at end of file diff --git a/model/Post.php b/model/Post.php deleted file mode 100644 index 34d6a79..0000000 --- a/model/Post.php +++ /dev/null @@ -1,121 +0,0 @@ -'; - } - - $reply = mysqli_fetch_assoc($result); - - if (empty($reply)) { - return '
This post has been deleted
'; - } - - return '
Quote from ' . $reply['user_name'] . '
' . $reply['post_content'] . '
'; - } -} - -class Post { - public $id; - public $content; - public $date_created; - public $date_edited; - public $thread; - public $author; - - function get_from_database($id, $dbc) { - // TODO: Potential SQL injection risk? - $sql = "SELECT post_content, post_date_created, post_date_edited, post_thread, post_author FROM posts WHERE post_id = " . mysqli_real_escape_string($dbc, $id); - $result = mysqli_query($dbc, $sql); - - if (!$result) { - echo 'Failed to get post: ' . mysqli_error($dbc); - } - - if (mysqli_num_rows($result) == 0) { - return 0; - } else { - while ($row = mysqli_fetch_assoc($result)) { - $this->id = $id; - $this->content = $row['post_content']; - $this->date_created = $row['post_date_created']; - $this->date_edited = $row['post_date_edited']; - - $this->thread = new Thread(); - $this->thread->get_from_database($row['post_thread'], $dbc); - - $this->author = new User(); - $this->author->get_by_id($row['post_author'], $dbc); - } - } - - mysqli_free_result($result); - return 1; - } - - function display_content($dbc) { - echo '
#' . $this->id . ''; - echo ' Posted by ' . $this->author->name . ''; - echo ' on ' . date('m/d/Y g:ia', strtotime($this->date_created)); - if (!is_null($this->date_edited)) { - echo ' edited ' . date('m/d/Y g:ia', strtotime($this->date_edited)) . ''; - } - if (isset($_SESSION['signed_in']) && $_SESSION['user_id'] == $this->author->id) { - echo ''; - echo '[Edit/Delete] '; - echo''; - } - echo '
'; - - $post_content = $this->content; - $thread_id = $this->id; - - $post_content = preg_replace_callback('/>#\d+/', function($matches) use($thread_id, $dbc) { - return add_quote($dbc, $thread_id, $matches); - }, $post_content); - - // Replace newline characters with HTML
tags - $post_content = nl2br($post_content); - - // Replace YouTube URLs with embedded YouTube videos. - $post_content = preg_replace( - "/\s*[a-zA-Z\/\/:\.]*youtu(be.com\/watch\?v=|.be\/)([a-zA-Z0-9\-_]+)([a-zA-Z0-9\/\*\-\_\?\&\;\%\=\.]*)/i", - '
', $post_content); - // Replace Image URLs with embedded images. - $post_content = preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+(?:\.jpg|\.png|\.gif))(?![^<]*?(?:|/?>))@i', 'http$2://$3', $post_content); - // Replace other URLs with links. - $post_content = preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+)(?![^<]*?(?:|/?>))@i', '$0', $post_content); - - echo '' . $post_content . ''; - } -} - -function get_all_posts($dbc) { - $sql = "SELECT post_id FROM posts"; - $result = mysqli_query($dbc, $sql); - - if (!$result) { - echo 'Failed to get posts: ' . mysqli_error($dbc); - } - - $posts = array(); - - if (mysqli_num_rows($result) == 0) { - } else { - while ($row = mysqli_fetch_assoc($result)) { - $post = new Post(); - $post->get_from_database($row['post_id'], $dbc); - array_push($posts, $post); - } - } - - mysqli_free_result($result); - return $posts; -} diff --git a/model/Thread.php b/model/Thread.php deleted file mode 100644 index a9dc690..0000000 --- a/model/Thread.php +++ /dev/null @@ -1,111 +0,0 @@ -id = $id; - $this->subject = $row['thread_subject']; - $this->date_created = $row['thread_date_created']; - $this->date_lastpost = $row['thread_date_lastpost']; - - $this->category = new Category(); - $this->category->get_from_database($row['thread_category'], $dbc); - - $this->author = new User(); - $this->author->get_by_id($row['thread_author'], $dbc); - } - } - - mysqli_free_result($result); - return 1; - } - - function get_posts($dbc) { - $sql = "SELECT post_id FROM posts WHERE post_thread = " . $this->id; - $result = mysqli_query($dbc, $sql); - - if (!$result) { - echo 'Could not get posts from thread: ' . mysqli_error($dbc); - } - - $posts = array(); - - if (mysqli_num_rows($result) == 0) { - } else { - while ($row = mysqli_fetch_assoc($result)) { - $post = new Post(); - $post->get_from_database($row['post_id'], $dbc); - array_push($posts, $post); - } - } - - mysqli_free_result($result); - return $posts; - } - - function get_latest_post($dbc) { - $sql = "SELECT post_id FROM posts WHERE post_thread = " . $this->id . " ORDER BY post_date_created DESC LIMIT 1"; - $result = mysqli_query($dbc, $sql); - - if (!$result) { - echo 'Could not get post from category: ' . mysqli_error($dbc); - } - - $post = null; - - if (mysqli_num_rows($result) == 0) { - } else { - while ($row = mysqli_fetch_assoc($result)) { - $post = new Post(); - $post->get_from_database($row['post_id'], $dbc); - } - } - - mysqli_free_result($result); - return $post; - } -} - -function get_all_threads($dbc) { - $sql = "SELECT thread_id FROM threads"; - $result = mysqli_query($dbc, $sql); - - if (!$result) { - echo 'Failed to get threads: ' . mysqli_error($dbc); - } - - $threads = array(); - - if (mysqli_num_rows($result) == 0) { - } else { - while ($row = mysqli_fetch_assoc($result)) { - $thread = new Thread(); - $thread->get_from_database($row['thread_id'], $dbc); - array_push($threads, $thread); - } - } - - mysqli_free_result($result); - return $threads; -} diff --git a/model/User.php b/model/User.php deleted file mode 100644 index 469a9a1..0000000 --- a/model/User.php +++ /dev/null @@ -1,57 +0,0 @@ -id = $row['user_id']; - $this->name = $name; - $this->date = $row['user_date']; - $this->level = $row['user_level']; - } - } - - mysqli_free_result($result); - mysqli_stmt_close($stmt); - } - - function get_by_id($id, $dbc) { - $sql = "SELECT user_name, user_date, user_level FROM users WHERE user_id = " . mysqli_real_escape_string($dbc, $id); - $result = mysqli_query($dbc, $sql); - - if (!$result) { - echo 'Failed to get user: ' . mysqli_error($dbc); - } - - if (mysqli_num_rows($result) == 0) { - } else { - while ($row = mysqli_fetch_assoc($result)) { - $this->id = $id; - $this->name = $row['user_name']; - $this->date = $row['user_date']; - $this->level = $row['user_level']; - } - } - - mysqli_free_result($result); - } - -} \ No newline at end of file diff --git a/register.php b/register.php index cd72a37..03eac6b 100644 --- a/register.php +++ b/register.php @@ -5,7 +5,7 @@ - +

Register an account


diff --git a/signin.php b/signin.php index e559614..cf41645 100644 --- a/signin.php +++ b/signin.php @@ -6,7 +6,7 @@ - +

Sign in

" method="post">
diff --git a/styles/style.css b/styles/style.css index 92090c0..9e37f62 100644 --- a/styles/style.css +++ b/styles/style.css @@ -1,7 +1,8 @@ body { font-family: Arial, sans-serif; font-size: 10pt; - margin: 10px 40px; + margin: auto; + width: 980px; } a { @@ -14,7 +15,7 @@ small { } .header > small { - color: #bde; + color: #dde; } a:hover { diff --git a/templates/404.php b/templates/404.php deleted file mode 100644 index d4d5128..0000000 --- a/templates/404.php +++ /dev/null @@ -1,12 +0,0 @@ - - - - cflip.net forum - - - - -

Page Not Found

-

The page you requested does not exist.

- - diff --git a/templates/header.php b/templates/header.php deleted file mode 100644 index 4eb17e3..0000000 --- a/templates/header.php +++ /dev/null @@ -1,14 +0,0 @@ -

cflip.net forumbeta

-[Home] -[All Threads] -[All Posts] -[Create a thread] - - ' . $_SESSION['user_name'] . '\'s Profile] [Log out]'; - } else { - echo '[Sign in] or [Register an account]'; - } - ?> - diff --git a/viewcategory.php b/viewcategory.php index e10797a..70733da 100644 --- a/viewcategory.php +++ b/viewcategory.php @@ -1,6 +1,6 @@ get_from_database($_GET['id'], $dbc); if ($result == 0) { http_response_code(404); - include_once 'templates/404.php'; + include('includes/templates/404.php'); die(); } } ?> - + - <?= $current->name; ?> - cflip.net forum - + <?= $current->name; ?> - cflip.net forum + - -

name; ?>

-

description; ?>

- - thread_count . ' threads, ' . $current->post_count . ' posts'; ?> - -

Threads

- - - - - - get_threads($dbc); + +

name; ?>

+

description; ?>

+thread_count . ' threads, ' . $current->post_count . ' posts'; ?> +

Threads

+
Thread NameLatest Post
+ + + + + get_threads($dbc); - foreach ($threads as $thread) { - $latest_post = $thread->get_latest_post($dbc); + foreach ($threads as $thread) { + $latest_post = $thread->get_latest_post($dbc); - echo ''; - echo ''; + echo ''; + echo ''; - if (!is_null($latest_post)) { - echo ''; - } else { - echo ''; - } - - echo ''; + if (!is_null($latest_post)) { + echo ''; + } else { + echo ''; } - ?> -
Thread NameLatest Post
' . $thread->subject . ''; - echo ' by ' . $thread->author->name . ' on ' . date('M d, Y', strtotime($thread->date_created)) . '
' . $thread->subject . ''; + echo ' by ' . $thread->author->name . ' on ' . date('M d, Y', strtotime($thread->date_created)) . 'by ' . $latest_post->author->name . ' on ' . $latest_post->date_created . 'No posts yet!
by ' . $latest_post->author->name . ' on ' . $latest_post->date_created . 'No posts yet!
+ + echo ''; + } + ?> + diff --git a/viewthread.php b/viewthread.php index d41fb9b..ae08090 100644 --- a/viewthread.php +++ b/viewthread.php @@ -1,6 +1,6 @@ get_from_database($_GET['id'], $dbc); if ($result == 0) { http_response_code(404); - include_once 'templates/404.php'; + include('includes/templates/404.php'); die(); } } ?> - + - <?= $current->subject; ?> - cflip.net forum - + <?= $current->subject; ?> - cflip.net forum + - -

subject; ?>

- created by author->name; ?> - in category->name; ?> - 3 days ago + +

subject; ?>

+created by author->name; ?> +in category->name; ?> +3 days ago -
- get_posts($dbc); +
+get_posts($dbc); - foreach ($posts as $post) { - $post->display_content($dbc); - } - ?> -
-

Reply to this thread

- - -
- -
+foreach ($posts as $post) { + $post->display_content($dbc); +} +?> +
+

Reply to this thread

+
+ +
+ +
signed in to reply to this thread.'; return; - } + } $post_content = filter_input(INPUT_POST, 'post_content', FILTER_SANITIZE_STRING); $user_id = filter_var($_SESSION['user_id'], FILTER_SANITIZE_NUMBER_INT); @@ -93,5 +90,4 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { insert_post($dbc, $post_content, $current->id, $user_id, $current->category->id); } } - ?> -- cgit v1.2.3