From fe3e6194d33d63f149f2a362adf325019278d61e Mon Sep 17 00:00:00 2001
From: cflip <36554078+cflip@users.noreply.github.com>
Date: Sat, 24 Apr 2021 19:50:59 -0600
Subject: Use Session class instead of $_SESSION

---
 change_passw.php        |  2 +-
 includes/model/Post.php | 37 -------------------------------------
 includes/reply_inc.php  |  2 +-
 viewthread.php          |  3 +--
 4 files changed, 3 insertions(+), 41 deletions(-)

diff --git a/change_passw.php b/change_passw.php
index 9f39742..31e0e0d 100644
--- a/change_passw.php
+++ b/change_passw.php
@@ -5,7 +5,7 @@ include_once './includes/functions_user.php';
 
 session_start();
 
-if ($_SERVER['REQUEST_METHOD'] == 'POST' and $_SESSION['signed_in']) {
+if ($_SERVER['REQUEST_METHOD'] == 'POST' and Session::get()->is_signed_in()) {
 	$errors = array();
 	$user_pass = "";
 
diff --git a/includes/model/Post.php b/includes/model/Post.php
index 86373b6..67c7e4a 100644
--- a/includes/model/Post.php
+++ b/includes/model/Post.php
@@ -33,41 +33,4 @@ class Post
 
 		return true;
 	}
-
-	function display_content($dbc)
-	{
-		echo '<div class="header" id="p' . $this->id . '"><b>#' . $this->id . '</b>';
-		echo ' Posted by <a href="viewuser.php?id=' . $this->author->id . '">' . $this->author->name . '</a>';
-		echo ' on ' . date('m/d/Y g:ia', strtotime($this->date_created));
-		if (!is_null($this->date_edited)) {
-			echo ' <small>edited ' . date('m/d/Y g:ia', strtotime($this->date_edited)) . '</small>';
-		}
-		if (isset($_SESSION['signed_in']) && $_SESSION['user_id'] == $this->author->id) {
-			echo '<span style="float:right;">';
-			echo '[<a href="manage_post.php?id=' . $this->id . '">Edit/Delete</a>] ';
-			echo '</span>';
-		}
-		echo '</div>';
-
-		$post_content = $this->content;
-		$thread_id = $this->id;
-
-		$post_content = preg_replace_callback('/>#\d+/', function ($matches) use ($thread_id, $dbc) {
-			return create_quote($dbc, $thread_id, $matches);
-		}, $post_content);
-
-		// Replace newline characters with HTML <br> tags
-		$post_content = nl2br($post_content);
-
-		// Replace YouTube URLs with embedded YouTube videos.
-		$post_content = preg_replace(
-			"/\s*[a-zA-Z\/\/:\.]*youtu(be.com\/watch\?v=|.be\/)([a-zA-Z0-9\-_]+)([a-zA-Z0-9\/\*\-\_\?\&\;\%\=\.]*)/i",
-			'<br><iframe class="youtube-embed" src="//www.youtube.com/embed/$2" allowfullscreen></iframe>', $post_content);
-		// Replace Image URLs with embedded images.
-		$post_content = preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+(?:\.jpg|\.png|\.gif))(?![^<]*?(?:</\w+>|/?>))@i', '<img class="image-embed" src="http$2://$3" alt="http$2://$3" />', $post_content);
-		// Replace other URLs with links.
-		$post_content = preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+)(?![^<]*?(?:</\w+>|/?>))@i', '<a href="http$2://$3">$0</a>', $post_content);
-
-		echo '<span class="post-content">' . $post_content . '</span>';
-	}
 }
diff --git a/includes/reply_inc.php b/includes/reply_inc.php
index 588b59f..873d516 100644
--- a/includes/reply_inc.php
+++ b/includes/reply_inc.php
@@ -7,7 +7,7 @@ if ($_SERVER['REQUEST_METHOD'] != 'POST') {
 	die('This file cannot be called directly.');
 } 
 
-if (!isset($_SESSION['signed_in'])) {
+if (!Session::get()->is_signed_in()) {
 	die('You must be signed in to reply to a thread.');
 } 
 
diff --git a/viewthread.php b/viewthread.php
index 73a02ef..812db0a 100644
--- a/viewthread.php
+++ b/viewthread.php
@@ -79,13 +79,12 @@ foreach ($posts as $post) {
 include_once 'includes/functions_post.php';
 
 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
-	if (!isset($_SESSION['signed_in'])) {
+	if (!Session::get()->is_signed_in()) {
 		echo 'You must be <a href="signin.php">signed in</a> to reply to this thread.';
 		return;
 	}
 
 	$post_content = filter_input(INPUT_POST, 'post_content', FILTER_SANITIZE_STRING);
-	$user_id = filter_var($_SESSION['user_id'], FILTER_SANITIZE_NUMBER_INT);
 
 	if (empty($post_content) or !$post_content) {
 		echo 'Thread subject cannot be empty';
-- 
cgit v1.2.3