From f5e972c030675f46cda543e13da1b787457e070b Mon Sep 17 00:00:00 2001
From: cflip <36554078+cflip@users.noreply.github.com>
Date: Wed, 23 Jun 2021 15:21:12 -0600
Subject: Add the rest of the changes
---
change_passw.php | 132 +++++++--------
create_thread.php | 156 +++++++++---------
includes/Database.php | 162 +++++++++----------
includes/Session.php | 114 ++++++-------
includes/error.php | 50 +++---
includes/model/Category.php | 156 +++++++++---------
includes/model/Post.php | 369 +++++++++++++++++++++---------------------
includes/model/User.php | 189 ++++++++++++----------
includes/templates/404.php | 28 ++--
includes/templates/header.php | 41 ++---
moderate.php | 108 +++++++++----
register.php | 157 +++++++++---------
signin.php | 138 ++++++++--------
signout.php | 32 ++--
styles/style.css | 221 +++++++++++++------------
viewcategory.php | 113 +++++++------
viewthread.php | 156 +++++++++---------
viewuser.php | 86 ++++++----
18 files changed, 1243 insertions(+), 1165 deletions(-)
mode change 100644 => 100755 change_passw.php
mode change 100644 => 100755 create_thread.php
mode change 100644 => 100755 includes/Database.php
mode change 100644 => 100755 includes/Session.php
mode change 100644 => 100755 includes/error.php
mode change 100644 => 100755 includes/model/Category.php
mode change 100644 => 100755 includes/model/Post.php
mode change 100644 => 100755 includes/model/User.php
mode change 100644 => 100755 includes/templates/404.php
mode change 100644 => 100755 includes/templates/header.php
mode change 100644 => 100755 moderate.php
mode change 100644 => 100755 register.php
mode change 100644 => 100755 signin.php
mode change 100644 => 100755 signout.php
mode change 100644 => 100755 styles/style.css
mode change 100644 => 100755 viewcategory.php
mode change 100644 => 100755 viewthread.php
mode change 100644 => 100755 viewuser.php
diff --git a/change_passw.php b/change_passw.php
old mode 100644
new mode 100755
index 31e0e0d..82db6d3
--- a/change_passw.php
+++ b/change_passw.php
@@ -1,66 +1,66 @@
-is_signed_in()) {
- $errors = array();
- $user_pass = "";
-
- if (empty($_POST['user_pass'])) {
- $errors[] = "You must provide a password.";
- } else {
- $user_pass = $_POST['user_pass'];
- $pass_check = $_POST['user_pass_check'];
-
- if (preg_match("/^[a-zA-Z0-9\W]*$/", $user_pass) === false) {
- $errors[] = "Password contains invalid characters!";
- }
-
- if ($user_pass !== $pass_check) {
- $errors[] = "The two passwords do not match.";
- }
- }
-
- if (!empty($errors)) {
- echo 'Please check the following problems: ';
- foreach ($errors as $err) {
- echo '' . $err . ' ';
- }
- echo ' ';
- } else {
- $pass_hash = password_hash($user_pass, PASSWORD_DEFAULT);
- change_password(Session::get()->get_current_user(), $pass_hash);
- echo 'Password successfully changed!';
- }
-}
-?>
-
-
-
- Change your password - cflip.net forum
- You must be logged in to change your password. ';
-} else {
- echo '
- Change your password
-
- ';
+ foreach ($errors as $err) {
+ echo '' . $err . ' ';
+ }
+ echo ' ';
+ } else {
+ $pass_hash = password_hash($user_pass, PASSWORD_DEFAULT);
+ change_password(Session::get()->get_current_user(), $pass_hash);
+ echo 'Password successfully changed!';
+ }
+}
+?>
+
+
+
+ Change your password - cflip.net forum
+ You must be logged in to change your password. ';
+} else {
+ echo '
+ Change your password
+
+ Create a thread - cflip.net forum
- Create a new thread
-is_signed_in()) {
- trigger_error('You must be signed in to create a thread.');
- exit();
-}
-?>
-
-';
- foreach ($errors as $err) {
- $errstr .= '' . $err . ' ';
- }
- $errstr .= '';
- trigger_error($errstr);
- } else {
- $thread_id = Thread::create($thread_subject, $thread_cat);
- Post::create($post_content, $thread_id, $thread_cat);
-
- header("Location: viewthread.php?id=" . $thread_id);
- }
-}
-?>
-
-
+
+
+
+
+ Create a thread - cflip.net forum
+
+
+
+
+ Create a new thread
+is_signed_in()) {
+ trigger_error('You must be signed in to create a thread.');
+ exit();
+}
+?>
+
+';
+ foreach ($errors as $err) {
+ $errstr .= '' . $err . ' ';
+ }
+ $errstr .= '';
+ trigger_error($errstr);
+ } else {
+ $thread_id = Thread::create($thread_subject, $thread_cat);
+ Post::create($post_content, $thread_id, $thread_cat);
+
+ header("Location: viewthread.php?id=" . $thread_id);
+ }
+}
+?>
+
+
diff --git a/includes/Database.php b/includes/Database.php
old mode 100644
new mode 100755
index 0a79dfb..61fbbb1
--- a/includes/Database.php
+++ b/includes/Database.php
@@ -1,82 +1,82 @@
-sql_connection = mysqli_connect($db_server, $db_user, $db_pass, $db_database);
-
- if (!$this->sql_connection) {
- trigger_error("Database connection error: " . mysqli_connect_error());
- }
- }
-
- public static function get()
- {
- if (self::$instance == null) {
- self::$instance = new Database();
- }
-
- return self::$instance;
- }
-
- public function query(string $sql, string $types = "", ...$vars): array
- {
- $result = array();
-
- if ($types == "") {
- // No types were provided, preparing a statement is not necessary
- $db_result = mysqli_query($this->sql_connection, $sql);
- } else {
- $stmt = mysqli_stmt_init($this->sql_connection);
-
- if (!mysqli_stmt_prepare($stmt, $sql)) {
- trigger_error('Internal error: ' . mysqli_error($this->sql_connection));
- return $result;
- }
-
- mysqli_stmt_bind_param($stmt, $types, ...$vars);
- mysqli_stmt_execute($stmt);
-
- $db_result = mysqli_stmt_get_result($stmt);
-
- mysqli_stmt_close($stmt);
- }
-
- if (!$db_result) {
- return $result;
- }
-
- if (mysqli_num_rows($db_result) > 0) {
- while ($row = mysqli_fetch_assoc($db_result)) {
- array_push($result, $row);
- }
- }
-
- mysqli_free_result($db_result);
-
- return $result;
- }
-
- /**
- * Returns the auto generated ID of the last query.
- * This function is just a wrapper for mysqli_insert_id.
- * In the future, it might be better to return different
- * values in the query function depending on the type of
- * SQL query.
- */
- public function get_last_id()
- {
- return mysqli_insert_id($this->sql_connection);
- }
+sql_connection = mysqli_connect($db_server, $db_user, $db_pass, $db_database);
+
+ if (!$this->sql_connection) {
+ trigger_error("Database connection error: " . mysqli_connect_error());
+ }
+ }
+
+ public static function get()
+ {
+ if (self::$instance == null) {
+ self::$instance = new Database();
+ }
+
+ return self::$instance;
+ }
+
+ public function query(string $sql, string $types = "", ...$vars): array
+ {
+ $result = array();
+
+ if ($types == "") {
+ // No types were provided, preparing a statement is not necessary
+ $db_result = mysqli_query($this->sql_connection, $sql);
+ } else {
+ $stmt = mysqli_stmt_init($this->sql_connection);
+
+ if (!mysqli_stmt_prepare($stmt, $sql)) {
+ trigger_error('Internal error: ' . mysqli_error($this->sql_connection));
+ return $result;
+ }
+
+ mysqli_stmt_bind_param($stmt, $types, ...$vars);
+ mysqli_stmt_execute($stmt);
+
+ $db_result = mysqli_stmt_get_result($stmt);
+
+ mysqli_stmt_close($stmt);
+ }
+
+ if (!$db_result) {
+ return $result;
+ }
+
+ if (mysqli_num_rows($db_result) > 0) {
+ while ($row = mysqli_fetch_assoc($db_result)) {
+ array_push($result, $row);
+ }
+ }
+
+ mysqli_free_result($db_result);
+
+ return $result;
+ }
+
+ /**
+ * Returns the auto generated ID of the last query.
+ * This function is just a wrapper for mysqli_insert_id.
+ * In the future, it might be better to return different
+ * values in the query function depending on the type of
+ * SQL query.
+ */
+ public function get_last_id()
+ {
+ return mysqli_insert_id($this->sql_connection);
+ }
}
\ No newline at end of file
diff --git a/includes/Session.php b/includes/Session.php
old mode 100644
new mode 100755
index ceaa765..0e08482
--- a/includes/Session.php
+++ b/includes/Session.php
@@ -1,57 +1,57 @@
-id;
- $_SESSION['user_name'] = $user->name;
- }
-
- public function sign_out()
- {
- session_unset();
- session_destroy();
- }
-
- public function is_signed_in(): bool
- {
- return isset($_SESSION['signed_in']);
- }
-
- public function get_current_user()
- {
- // There is no current user
- if (!$this->is_signed_in()) {
- return null;
- }
-
- $result = new User();
-
- if (isset($_SESSION['user_id'])) {
- $result->get_by_id($_SESSION['user_id']);
- } else {
- $result = null;
- }
-
- return $result;
- }
-}
+id;
+ $_SESSION['user_name'] = $user->name;
+ }
+
+ public function sign_out()
+ {
+ session_unset();
+ session_destroy();
+ }
+
+ public function is_signed_in(): bool
+ {
+ return isset($_SESSION['signed_in']);
+ }
+
+ public function get_current_user()
+ {
+ // There is no current user
+ if (!$this->is_signed_in()) {
+ return null;
+ }
+
+ $result = new User();
+
+ if (isset($_SESSION['user_id'])) {
+ $result->get_by_id($_SESSION['user_id']);
+ } else {
+ $result = null;
+ }
+
+ return $result;
+ }
+}
diff --git a/includes/error.php b/includes/error.php
old mode 100644
new mode 100755
index 5e33212..1450a28
--- a/includes/error.php
+++ b/includes/error.php
@@ -1,25 +1,25 @@
-'. $message .'';
-}
-
-function handle_error($errno, $errstr, $errfile, $errline) {
- if (!(error_reporting() & $errno)) {
- // This error code is not included in error_reporting, so let it fall
- // through to the standard PHP error handler
- return false;
- }
-
- switch ($errno) {
- // See https://www.php.net/manual/en/errorfunc.constants.php
- case E_USER_NOTICE:
- user_notice($errstr);
- break;
- default:
- return false;
- }
- return true;
-}
-
-$old_error_handler = set_error_handler('handle_error');
-?>
+'. $message .'';
+}
+
+function handle_error($errno, $errstr, $errfile, $errline) {
+ if (!(error_reporting() & $errno)) {
+ // This error code is not included in error_reporting, so let it fall
+ // through to the standard PHP error handler
+ return false;
+ }
+
+ switch ($errno) {
+ // See https://www.php.net/manual/en/errorfunc.constants.php
+ case E_USER_NOTICE:
+ user_notice($errstr);
+ break;
+ default:
+ return false;
+ }
+ return true;
+}
+
+$old_error_handler = set_error_handler('handle_error');
+?>
diff --git a/includes/model/Category.php b/includes/model/Category.php
old mode 100644
new mode 100755
index e8cbe60..37ad4f8
--- a/includes/model/Category.php
+++ b/includes/model/Category.php
@@ -1,78 +1,78 @@
-query($sql, "i", $id);
-
- if (empty($result)) {
- return;
- }
-
- $this->id = $id;
- $this->name = $result[0]['cat_name'];
- $this->description = $result[0]['cat_description'];
- $this->thread_count = $result[0]['cat_thread_count'];
- $this->post_count = $result[0]['cat_post_count'];
-
- $this->has_value = true;
- }
-
- // Returns true if this object was successfully fetched from the database
- public function has_value()
- {
- return $this->has_value;
- }
-
- public static function get_all_categories(): array
- {
- $sql = "SELECT cat_id FROM categories ORDER BY cat_id;";
- $result = Database::get()->query($sql);
-
- $categories = array();
-
- foreach ($result as $row) {
- $category = new Category($row['cat_id']);
- array_push($categories, $category);
- }
-
- return $categories;
- }
-
- public function get_threads(): array
- {
- $sql = "SELECT thread_id FROM threads WHERE thread_category = ? ORDER BY thread_date_lastpost DESC";
- $result = Database::get()->query($sql, "i", $this->id);
- $threads = array();
-
- foreach ($result as $row) {
- $thread = new Thread($row['thread_id']);
- if ($thread->has_value())
- array_push($threads, $thread);
- }
-
- return $threads;
- }
-
- public function get_latest_thread(): Thread
- {
- $sql = "SELECT thread_id FROM threads WHERE thread_category = ? ORDER BY thread_date_lastpost DESC LIMIT 1";
- $result = Database::get()->query($sql, "i", $this->id);
- return new Thread($result[0]['thread_id']);
- }
-}
+query($sql, "i", $id);
+
+ if (empty($result)) {
+ return;
+ }
+
+ $this->id = $id;
+ $this->name = $result[0]['cat_name'];
+ $this->description = $result[0]['cat_description'];
+ $this->thread_count = $result[0]['cat_thread_count'];
+ $this->post_count = $result[0]['cat_post_count'];
+
+ $this->has_value = true;
+ }
+
+ // Returns true if this object was successfully fetched from the database
+ public function has_value()
+ {
+ return $this->has_value;
+ }
+
+ public static function get_all_categories(): array
+ {
+ $sql = "SELECT cat_id FROM categories ORDER BY cat_id;";
+ $result = Database::get()->query($sql);
+
+ $categories = array();
+
+ foreach ($result as $row) {
+ $category = new Category($row['cat_id']);
+ array_push($categories, $category);
+ }
+
+ return $categories;
+ }
+
+ public function get_threads(): array
+ {
+ $sql = "SELECT thread_id FROM threads WHERE thread_category = ? ORDER BY thread_date_lastpost DESC";
+ $result = Database::get()->query($sql, "i", $this->id);
+ $threads = array();
+
+ foreach ($result as $row) {
+ $thread = new Thread($row['thread_id']);
+ if ($thread->has_value())
+ array_push($threads, $thread);
+ }
+
+ return $threads;
+ }
+
+ public function get_latest_thread(): Thread
+ {
+ $sql = "SELECT thread_id FROM threads WHERE thread_category = ? ORDER BY thread_date_lastpost DESC LIMIT 1";
+ $result = Database::get()->query($sql, "i", $this->id);
+ return new Thread($result[0]['thread_id']);
+ }
+}
diff --git a/includes/model/Post.php b/includes/model/Post.php
old mode 100644
new mode 100755
index 49fd640..1b64490
--- a/includes/model/Post.php
+++ b/includes/model/Post.php
@@ -1,184 +1,185 @@
-query($sql, "i", $id);
-
- $reply = $result[0];
-
- if (empty($reply)) {
- return 'This post has been deleted Quote from ' . $reply['user_name'] . ' $0 ', $result);
-}
-
-class Post
-{
- public $id;
- public $content;
- public $date_created;
- public $date_edited;
- public $thread;
- public $author;
-
- private $has_value = false;
-
- public function __construct($id)
- {
- $sql = "SELECT post_content, post_date_created, post_date_edited, post_thread, post_author FROM posts WHERE post_id = ?;";
- $result = Database::get()->query($sql, "i", $id);
-
- if (empty($result)) {
- return;
- }
-
- $this->id = $id;
- $this->content = $result[0]['post_content'];
- $this->date_created = $result[0]['post_date_created'];
- $this->date_edited = $result[0]['post_date_edited'];
- $this->thread = new Thread($result[0]['post_thread']);
-
- $this->author = new User();
- $this->author->get_by_id($result[0]['post_author']);
-
- $this->has_value = true;
- }
-
- public function has_value()
- {
- return $this->has_value;
- }
-
- /**
- * Get the post content from the database and return it as a string ready for HTML display
- */
- function get_content(): string
- {
- // Build the header
- $result = '';
-
- // Append the formatted post content
- $result .= '' . format_post_content($this->content) . ' ';
-
- return $result;
- }
-
- function set_content(string $post_content)
- {
- // User must be signed in
- if (!Session::get()->is_signed_in()) {
- trigger_error('You must be signed in to edit this post!');
- return;
- }
-
- // User must have permission to edit the post
- $current_user = Session::get()->get_current_user();
- if ($current_user->id != $this->author->id) {
- trigger_error("You don't have sufficient permissions to edit this post.");
- return;
- }
-
- // Set the post content and the post edit date
- $sql = "UPDATE posts SET post_content = ?, post_date_edited = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE post_id = ?;";
- Database::get()->query($sql, "si", $post_content, $this->id);
- }
-
- function delete()
- {
- // User must be signed in
- if (!Session::get()->is_signed_in()) {
- trigger_error('You must be signed in to delete a post!');
- return;
- }
-
- // User must have permission to delete the post
- if (Session::get()->get_current_user()->level != USER_LEVEL_MODERATOR) {
- trigger_error("You don't have sufficient permissions to delete this post.");
- return;
- }
-
- // Delete the post from the database
- Database::get()->query("DELETE FROM posts WHERE post_id = ?", "i", $this->id);
-
- // Decrement the post count of the category
- Database::get()->query("UPDATE categories SET `cat_post_count` = `cat_post_count` - '1' WHERE cat_id = ?", "i", $this->thread->category->id);
- }
-
- public static function create($post_content, $post_thread, $post_category)
- {
- // User must be signed in
- if (!Session::get()->is_signed_in()) {
- trigger_error('You must be signed in to create a post');
- return;
- }
-
- $user = Session::get()->get_current_user();
-
- // Insert the post into the database
- $sql = "INSERT INTO posts(post_content, post_date_created, post_thread, post_author) VALUES (?, CONVERT_TZ(NOW(), 'SYSTEM', '+00:00'), ?, ?);";
- Database::get()->query($sql, "sii", $post_content, $post_thread, $user->id);
-
- // Increment the category's post count
- $sql = "UPDATE categories SET `cat_post_count` = `cat_post_count` + '1' WHERE cat_id = ?;";
- Database::get()->query($sql, "i", $post_category);
-
- // Set the last post date of the parent thread
- $sql = "UPDATE threads SET thread_date_lastpost = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE thread_id = ?;";
- Database::get()->query($sql, "i", $post_thread);
- }
-
- public static function get_all_posts(): array
- {
- $sql = "SELECT post_id FROM posts";
- $result = Database::get()->query($sql);
-
- $posts = array();
-
- foreach ($result as $row) {
- $post = new Post();
- $post->get_from_database($row['post_id']);
- array_push($posts, $post);
- }
-
- return $posts;
- }
-}
+query($sql, "i", $id);
+
+ $reply = $result[0];
+
+ if (empty($reply)) {
+ return 'This post has been deleted Quote from ' . $reply['user_name'] . ' $0 ', $result);
+}
+
+class Post
+{
+ public $id;
+ public $content;
+ public $date_created;
+ public $thread;
+ public $author;
+
+ private $has_value = false;
+
+ public function __construct($id)
+ {
+ $sql = "SELECT post_content, post_date_created, post_thread, post_author FROM posts WHERE post_id = ?;";
+ $result = Database::get()->query($sql, "i", $id);
+
+ if (empty($result)) {
+ return;
+ }
+
+ $this->id = $id;
+ $this->content = $result[0]['post_content'];
+ $this->date_created = $result[0]['post_date_created'];
+ $this->thread = new Thread($result[0]['post_thread']);
+
+ $this->author = new User();
+ $this->author->get_by_id($result[0]['post_author']);
+
+ $this->has_value = true;
+ }
+
+ public function has_value()
+ {
+ return $this->has_value;
+ }
+
+ /**
+ * Get the post content from the database and return it as a string ready for HTML display
+ */
+ function get_content(): string
+ {
+ // Build the header
+ $result = '';
+
+ // Append the formatted post content
+ $result .= '' . format_post_content($this->content) . ' ';
+
+ return $result;
+ }
+
+ function set_content(string $post_content)
+ {
+ // User must be signed in
+ if (!Session::get()->is_signed_in()) {
+ trigger_error('You must be signed in to edit this post!');
+ return;
+ }
+
+ // User must have permission to edit the post
+ $current_user = Session::get()->get_current_user();
+ if ($current_user->id != $this->author->id) {
+ trigger_error("You don't have sufficient permissions to edit this post.");
+ return;
+ }
+
+ // Set the post content and the post edit date
+ $sql = "UPDATE posts SET post_content = ? WHERE post_id = ?;";
+ Database::get()->query($sql, "si", $post_content, $this->id);
+ }
+
+ function delete()
+ {
+ // User must be signed in
+ if (!Session::get()->is_signed_in()) {
+ trigger_error('You must be signed in to delete a post!');
+ return;
+ }
+
+ // User must have permission to delete the post
+ if (Session::get()->get_current_user()->level != USER_LEVEL_MODERATOR) {
+ trigger_error("You don't have sufficient permissions to delete this post.");
+ return;
+ }
+
+ // Delete the post from the database
+ Database::get()->query("DELETE FROM posts WHERE post_id = ?", "i", $this->id);
+
+ // Decrement the post count of the category
+ Database::get()->query("UPDATE categories SET `cat_post_count` = `cat_post_count` - '1' WHERE cat_id = ?", "i", $this->thread->category->id);
+ }
+
+ public static function create($post_content, $post_thread, $post_category)
+ {
+ // User must be signed in
+ if (!Session::get()->is_signed_in()) {
+ trigger_error('You must be signed in to create a post');
+ return;
+ }
+
+ $user = Session::get()->get_current_user();
+
+ // Insert the post into the database
+ $sql = "INSERT INTO posts(post_content, post_date_created, post_thread, post_author) VALUES (?, CONVERT_TZ(NOW(), 'SYSTEM', '+00:00'), ?, ?);";
+ Database::get()->query($sql, "sii", $post_content, $post_thread, $user->id);
+
+ // Increment the category's post count
+ $sql = "UPDATE categories SET `cat_post_count` = `cat_post_count` + '1' WHERE cat_id = ?;";
+ Database::get()->query($sql, "i", $post_category);
+
+ // Set the last post date of the parent thread
+ $sql = "UPDATE threads SET thread_date_lastpost = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE thread_id = ?;";
+ Database::get()->query($sql, "i", $post_thread);
+ }
+
+ public static function get_all_posts(): array
+ {
+ $sql = "SELECT post_id FROM posts";
+ $result = Database::get()->query($sql);
+
+ $posts = array();
+
+ foreach ($result as $row) {
+ $post = new Post();
+ $post->get_from_database($row['post_id']);
+ array_push($posts, $post);
+ }
+
+ return $posts;
+ }
+}
diff --git a/includes/model/User.php b/includes/model/User.php
old mode 100644
new mode 100755
index 13cbc03..7d3c1e4
--- a/includes/model/User.php
+++ b/includes/model/User.php
@@ -1,88 +1,103 @@
-query($sql, "i", $id);
-
- if (empty($result)) {
- return;
- }
-
- $this->id = $id;
- $this->name = $result[0]['user_name'];
- $this->password = $result[0]['user_pass'];
- $this->date = $result[0]['user_date'];
- $this->level = $result[0]['user_level'];
-
- $this->has_value = true;
- }
-
- public function get_by_name($name)
- {
- $sql = "SELECT user_id, user_date, user_level, user_pass FROM users WHERE user_name = ?";
- $result = Database::get()->query($sql, "s", $name);
-
- if (empty($result)) {
- return;
- }
-
- $this->id = $result[0]['user_id'];
- $this->name = $name;
- $this->password = $result[0]['user_pass'];
- $this->date = $result[0]['user_date'];
- $this->level = $result[0]['user_level'];
-
- $this->has_value = true;
- }
-
- public function has_value()
- {
- return $this->has_value;
- }
-
- public static function register(string $username, string $pass_hash)
- {
- $sql = "INSERT INTO users(user_name, user_pass, user_date, user_level) VALUES(?, ?, NOW(), 0);";
- Database::get()->query($sql, "ss", $username, $pass_hash);
- }
-
- public function change_password(string $pass_hash)
- {
- if (!Session::get()->is_signed_in()) {
- trigger_error('You are not signed in.');
- return;
- }
-
- if (Session::get()->get_current_user()->id != $this->id) {
- trigger_error("You can't change another user's password.");
- return;
- }
-
- $sql = "UPDATE users SET user_pass = ? WHERE user_id = ?;";
- Database::get()->query($sql, "si", $pass_hash, $this->id);
- }
-}
-
-function username_exists(string $username): bool
-{
- $sql = "SELECT * FROM users WHERE user_name = ?;";
- $result = Database::get()->query($sql, "s", $username);
-
- return !empty($result);
+query($sql, "i", $id);
+
+ if (empty($result)) {
+ return;
+ }
+
+ $this->id = $id;
+ $this->name = $result[0]['user_name'];
+ $this->password = $result[0]['user_pass'];
+ $this->date = $result[0]['user_date'];
+ $this->level = $result[0]['user_level'];
+
+ $this->has_value = true;
+ }
+
+ public function get_by_name($name)
+ {
+ $sql = "SELECT user_id, user_date, user_level, user_pass FROM users WHERE user_name = ?";
+ $result = Database::get()->query($sql, "s", $name);
+
+ if (empty($result)) {
+ return;
+ }
+
+ $this->id = $result[0]['user_id'];
+ $this->name = $name;
+ $this->password = $result[0]['user_pass'];
+ $this->date = $result[0]['user_date'];
+ $this->level = $result[0]['user_level'];
+
+ $this->has_value = true;
+ }
+
+ public function has_value()
+ {
+ return $this->has_value;
+ }
+
+ public static function register(string $username, string $pass_hash)
+ {
+ $sql = "INSERT INTO users(user_name, user_pass, user_date, user_level) VALUES(?, ?, NOW(), 0);";
+ Database::get()->query($sql, "ss", $username, $pass_hash);
+ }
+
+ public function change_password(string $pass_hash)
+ {
+ if (!Session::get()->is_signed_in()) {
+ trigger_error('You are not signed in.');
+ return;
+ }
+
+ if (Session::get()->get_current_user()->id != $this->id) {
+ trigger_error("You can't change another user's password.");
+ return;
+ }
+
+ $sql = "UPDATE users SET user_pass = ? WHERE user_id = ?;";
+ Database::get()->query($sql, "si", $pass_hash, $this->id);
+ }
+
+ public function get_threads(): array
+ {
+ $sql = "SELECT thread_id FROM threads WHERE thread_author = ? ORDER BY thread_date_lastpost DESC";
+ $result = Database::get()->query($sql, "i", $this->id);
+ $threads = array();
+
+ foreach ($result as $row) {
+ $thread = new Thread($row['thread_id']);
+ if ($thread->has_value())
+ array_push($threads, $thread);
+ }
+
+ return $threads;
+ }
+}
+
+function username_exists(string $username): bool
+{
+ $sql = "SELECT * FROM users WHERE user_name = ?;";
+ $result = Database::get()->query($sql, "s", $username);
+
+ return !empty($result);
}
\ No newline at end of file
diff --git a/includes/templates/404.php b/includes/templates/404.php
old mode 100644
new mode 100755
index 74db2d6..8815b91
--- a/includes/templates/404.php
+++ b/includes/templates/404.php
@@ -1,14 +1,14 @@
-
-
-
- cflip.net forum
- Page Not Found
- The page you requested does not exist.
-
-
+
+
+
+ cflip.net forum
+ Page Not Found
+ The page you requested does not exist.
+
+
diff --git a/includes/templates/header.php b/includes/templates/header.php
old mode 100644
new mode 100755
index f1c2c94..45ec7e6
--- a/includes/templates/header.php
+++ b/includes/templates/header.php
@@ -1,20 +1,21 @@
-
+
+cflip.net forum Moderation
+
+
+
+
+is_signed_in() and $user->level == USER_LEVEL_MODERATOR): ?>
+
+ Moderate post
+get_content(); ?>
+
+
+ Moderate thread
+ subject ?>
+
+
+
+ You must be signed in as a moderator to access this page.
+
+
+
\ No newline at end of file
diff --git a/register.php b/register.php
old mode 100644
new mode 100755
index 9eb3347..5128f10
--- a/register.php
+++ b/register.php
@@ -1,79 +1,78 @@
-
-
-
-
- Register an account - cflip.net forum
- Register an account
-
-';
- foreach ($errors as $err) {
- $errstr .= '' . $err . ' ';
- }
- $errstr .= ' ';
- trigger_error($errstr);
- } else {
- $pass_hash = password_hash($user_pass, PASSWORD_DEFAULT);
- User::register($user_name, $pass_hash);
- echo 'Account successfully registered! You can now sign in
';
- }
-}
-?>
-
-
+
+
+
+
+ Register an account - cflip.net forum
+
+
+
+
+ Register an account
+
+ ';
+ foreach ($errors as $err) {
+ $errstr .= '' . $err . ' ';
+ }
+ $errstr .= ' ';
+ trigger_error($errstr);
+ } else {
+ $pass_hash = password_hash($user_pass, PASSWORD_DEFAULT);
+ User::register($user_name, $pass_hash);
+ echo 'Account successfully registered! You can now sign in
';
+ }
+}
+?>
+
+
diff --git a/signin.php b/signin.php
old mode 100644
new mode 100755
index ef60750..195895a
--- a/signin.php
+++ b/signin.php
@@ -1,69 +1,69 @@
-
-
-
-
- Sign in - cflip.net forum
- Sign in
-
-';
- foreach ($errors as $err) {
- $errstr .= '' . $err . ' ';
- }
- $errstr .= '';
- trigger_error($errstr);
- } else {
- $user = new User();
- $user->get_by_name($user_name);
-
- if (!$user->has_value()) {
- trigger_error('There is no user with that name. Did you mean to create a new account? ');
- } else {
- if (!password_verify($user_pass, $user->password)) {
- echo 'Password does not match!';
- } else {
- Session::get()->sign_in($user);
- header("Location: index.php");
- }
- }
- }
-}
-?>
-
-
+
+
+
+
+ Sign in - cflip.net forum
+
+
+
+
+ Sign in
+
+';
+ foreach ($errors as $err) {
+ $errstr .= '' . $err . ' ';
+ }
+ $errstr .= '';
+ trigger_error($errstr);
+ } else {
+ $user = new User();
+ $user->get_by_name($user_name);
+
+ if (!$user->has_value()) {
+ trigger_error('There is no user with that name. Did you mean to create a new account? ');
+ } else {
+ if (!password_verify($user_pass, $user->password)) {
+ echo 'Password does not match!';
+ } else {
+ Session::get()->sign_in($user);
+ header("Location: index.php");
+ }
+ }
+ }
+}
+?>
+
+
diff --git a/signout.php b/signout.php
old mode 100644
new mode 100755
index bbaa47a..581617f
--- a/signout.php
+++ b/signout.php
@@ -1,16 +1,16 @@
-
-
-
- Sign out - cflip.net forums
- You have now been signed out
';
-?>
-
-
+
+
+
+ Sign out - cflip.net forums
+
+
+
+sign_out();
+
+include_once './includes/templates/header.php';
+echo 'You have now been signed out
';
+?>
+
+
diff --git a/styles/style.css b/styles/style.css
old mode 100644
new mode 100755
index 0758f59..f849fc2
--- a/styles/style.css
+++ b/styles/style.css
@@ -1,112 +1,111 @@
-body {
- font-family: Arial, sans-serif;
- font-size: 10pt;
- margin: 24px 5%;
- background-color: #ffe;
-}
-
-a {
- color: forestgreen;
-}
-
-
-a:hover {
- color: #333;
- text-decoration: none;
-}
-
-small {
- font-size: 8pt;
- color: #333;
-}
-
-table {
- width: 100%;
- border: none;
- border-collapse: collapse;
-}
-
-th, .header {
- background-color: forestgreen;
- color: white;
- padding: 4px;
-}
-
-th, .header a {
- color: #eee;
- font-weight: bold;
-}
-
-td {
- background-color: white;
- border: 1px solid forestgreen;
- margin: none;
- padding: 3px;
-}
-
-blockquote {
- background-color: #ffd;
- margin: 8px 40px 14px 18px;
- padding: 12px;
- border: 1px solid #aa6;
- overflow: hidden;
-}
-
-textarea {
- width: 100%;
- height: 200px;
- margin-right: 0px;
- overflow: scroll;
- resize: none;
-}
-
-.header > small {
- color: #dde;
-}
-
-.post-content {
- overflow: auto;
- background-color: white;
- padding: 12px 8px;
- border: 1px solid forestgreen;
- display: block;
-}
-
-.image-embed {
- max-height: 80vh;
-}
-
-@keyframes bgslide {
- from { background-position: 0 0px }
- to { background-position: -5402px 0px }
-}
-
-#banner {
- background-image: url("../img/banner.jpg");
- background-repeat: repeat;
-
- animation: bgslide 300s infinite linear;
- height: 60px;
-}
-
-.success {
- background-color: #efe;
- margin: 8px 40px 14px 18px;
- padding: 12px;
- border: 1px solid #aea;
- overflow: hidden;
- border-radius: 5px;
-}
-
-.error {
- background-color: #fee;
- margin: 8px 40px 14px 18px;
- padding: 12px;
- border: 1px solid #eaa;
- overflow: hidden;
- border-radius: 5px;
-}
-
-.info {
- color: #666;
+body {
+ font-family: Arial, sans-serif;
+ font-size: 10pt;
+ margin: 24px 10%;
+ background-image: linear-gradient(#eff, #fff);
+ background-repeat: no-repeat;
+}
+
+@media only screen and (max-width: 600px) {
+ body {
+ margin: 24px 6px;
+ }
+
+ .image-embed {
+ width: 100%;
+ }
+}
+
+a {
+ color: seagreen;
+}
+
+a:hover {
+ color: #333;
+ text-decoration: none;
+}
+
+small {
+ font-size: 8pt;
+ color: #333;
+}
+
+table {
+ width: 100%;
+ border-collapse: collapse;
+ border: 1px solid seagreen;
+}
+
+th, .header {
+ background-color: seagreen;
+ color: #eee;
+ padding: 4px;
+}
+
+th, .header a {
+ color: #eee;
+ font-weight: bold;
+}
+
+td {
+ border: 1px solid seagreen;
+ margin: none;
+ padding: 4px;
+}
+
+tr:nth-child(even) { background: #eee; }
+tr:nth-child(odd) { background: #fff; }
+
+blockquote {
+ background-color: #ffd;
+ margin: 8px 40px 14px 18px;
+ padding: 12px;
+ border: 1px solid #aa6;
+ overflow: hidden;
+}
+
+textarea {
+ width: 100%;
+ height: 200px;
+ margin-right: 0px;
+ overflow: scroll;
+ resize: none;
+}
+
+.header > small {
+ color: #dde;
+}
+
+.post-content {
+ overflow: auto;
+ background-color: white;
+ padding: 12px 8px;
+ border: 1px solid seagreen;
+ display: block;
+}
+
+.image-embed {
+ max-height: 80vh;
+}
+
+.success {
+ background-color: #efe;
+ margin: 8px 40px 14px 18px;
+ padding: 12px;
+ border: 1px solid #aea;
+ overflow: hidden;
+ border-radius: 5px;
+}
+
+.error {
+ background-color: #fee;
+ margin: 8px 40px 14px 18px;
+ padding: 12px;
+ border: 1px solid #eaa;
+ overflow: hidden;
+ border-radius: 5px;
+}
+
+.info {
+ color: #666;
}
\ No newline at end of file
diff --git a/viewcategory.php b/viewcategory.php
old mode 100644
new mode 100755
index 832d953..acca740
--- a/viewcategory.php
+++ b/viewcategory.php
@@ -1,57 +1,56 @@
-has_value()) {
- http_response_code(404);
- include('includes/templates/404.php');
- die();
-}
-?>
-
-
-
- <?= $current->name; ?> - cflip.net forum
- name; ?>
- description; ?>
- thread_count . ' threads, ' . $current->post_count . ' posts'; ?>
-
- Threads
-
-
- Thread
- Author
- Date
- Latest Post
-
-get_threads() as $thread): ?>
-
-
- subject ?>
- author->name ?>
- date_created ?>
-get_latest_post(); if ($latest_post->has_value()): ?>
- by author->name ?> on date_created ?>
-
- No posts yet!
-
-
-
-
-
-
+has_value()) {
+ http_response_code(404);
+ include('includes/templates/404.php');
+ die();
+}
+?>
+
+
+
+ <?= $current->name; ?> - cflip.net forum
+
+
+
+
+ name; ?>
+ description; ?>
+ thread_count . ' threads, ' . $current->post_count . ' posts'; ?>
+ Threads
+
+
+ Thread
+ Author
+ Latest Post
+
+get_threads() as $thread): ?>
+
+
+ subject ?> on date_created)); ?>
+
+ author->name ?>
+ by author->name ?>
+
+
+ No posts yet!
+
+
+
+
+
+
diff --git a/viewthread.php b/viewthread.php
old mode 100644
new mode 100755
index 365e014..85f1813
--- a/viewthread.php
+++ b/viewthread.php
@@ -1,83 +1,73 @@
-has_value()) {
- http_response_code(404);
- include('includes/templates/404.php');
- die();
-}
-?>
-
-
-
- <?= $current->subject; ?> - cflip.net forum
-
- subject; ?>
- created by author->name; ?>
- in category->name; ?> , date_created)); ?>
-is_signed_in() and Session::get()->get_current_user()->level == USER_LEVEL_MODERATOR): ?>
-
-
- Reply to this thread
-is_signed_in()) {
- trigger_error('You must be signed in to reply to this thread.', E_USER_NOTICE);
- return;
- }
-
- $post_content = filter_input(INPUT_POST, 'post_content', FILTER_SANITIZE_STRING);
-
- if (empty($post_content) or !$post_content) {
- trigger_error('Reply cannot be empty');
- } else {
- Post::create($post_content, $current->id, $current->category->id);
- header('Location: ' . $_SERVER['PHP_SELF'] . '?id=' . $current->id);
- }
-}
-?>
-
-
-
+has_value()) {
+ http_response_code(404);
+ include('includes/templates/404.php');
+ die();
+}
+?>
+
+
+
+ <?= $current->subject; ?> - cflip.net forum
+
+ subject; ?>
+ created by author->name; ?>
+ in category->name; ?> , date_created)); ?>
+is_signed_in() and Session::get()->get_current_user()->level == USER_LEVEL_MODERATOR): ?>
+ Moderator Options
+
+ Reply to this thread
+is_signed_in()) {
+ trigger_error('You must be signed in to reply to this thread.', E_USER_NOTICE);
+ return;
+ }
+
+ $post_content = filter_input(INPUT_POST, 'post_content', FILTER_SANITIZE_STRING);
+
+ if (empty($post_content) or !$post_content) {
+ trigger_error('Reply cannot be empty');
+ } else {
+ Post::create($post_content, $current->id, $current->category->id);
+ header('Location: ' . $_SERVER['PHP_SELF'] . '?id=' . $current->id);
+ }
+}
+?>
+
+
+
diff --git a/viewuser.php b/viewuser.php
old mode 100644
new mode 100755
index de40d6f..20dc55f
--- a/viewuser.php
+++ b/viewuser.php
@@ -1,31 +1,55 @@
-get_by_id($_GET['id']);
-if (!$current->has_value()) {
- http_response_code(404);
- include('includes/templates/404.php');
- die();
-}
-?>
-
-
-
- <?= $current->name; ?>'s Profile - cflip.net forum
- name; ?>
- member since date)); ?>
-
-
+get_by_id($_GET['id']);
+if (!$current->has_value()) {
+ http_response_code(404);
+ include('includes/templates/404.php');
+ die();
+}
+?>
+
+
+
+ <?= $current->name; ?>'s Profile - cflip.net forum
+
+
+
+
+ name; ?>
+ member since date)); ?>
+ name; ?>'s Threads
+
+
+ Thread
+ Category
+ Latest Post
+
+get_threads() as $thread): ?>
+
+
+ subject ?> on date_created)); ?>
+
+ category->name ?>
+ by author->name ?>
+
+
+ No posts yet!
+
+
+
+
+
+
--
cgit v1.2.3