From 7c3f2e348c015ea93563d866f89ec8cea9159ea0 Mon Sep 17 00:00:00 2001
From: cflip <36554078+cflip@users.noreply.github.com>
Date: Sat, 24 Apr 2021 09:40:20 -0600
Subject: Refactoring part 2

Starting to move some functionality such as the session and database connection into singleton classes to manage them. Functions for modifying posts and threads are being put in one place as well.
---
 manage_post.php | 86 ++++++++++++++++++++++++---------------------------------
 1 file changed, 36 insertions(+), 50 deletions(-)

(limited to 'manage_post.php')

diff --git a/manage_post.php b/manage_post.php
index 3f9a9b3..9e04dd4 100644
--- a/manage_post.php
+++ b/manage_post.php
@@ -10,13 +10,13 @@ if ($_SERVER['REQUEST_METHOD'] == 'GET') {
 
 	if (!isset($_GET['id']) || !filter_var($_GET['id'], FILTER_VALIDATE_INT)) {
 		http_response_code(404);
-		include_once 'templates/404.php';
+		include_once './includes/templates/404.php';
 		die();
 	} else {
 		$result = $current->get_from_database($_GET['id'], $dbc);
 		if ($result == 0) {
 			http_response_code(404);
-			include_once 'templates/404.php';
+			include_once './includes/templates/404.php';
 			die();
 		}
 	}
@@ -28,68 +28,54 @@ if ($_SERVER['REQUEST_METHOD'] == 'GET') {
 	$post = new Post();
 	$post->get_from_database($id, $dbc);
 
-	if (!isset($_SESSION['signed_in'])) {
-		echo 'You must be <a href="signin.php">signed in</a> to manage a post.';
-		goto end;
-	}
-
-	if ($_SESSION['user_id'] != $post->author->id) {
-		echo "You can't manage another user's post!";
-		goto end;
-	}
-
 	if (strcasecmp($delete, "on") == 0) {
-		delete_post($dbc, $post);
+		delete_post($post);
 	} else {
-		edit_post();
+		edit_post($post, $post_content);
 	}
 
-	end:
 	header("Location: /viewthread.php?id=" . $post->thread->id);
 }
 ?>
 <!DOCTYPE html>
-<html>
+<html lang="en">
 <head>
-	<title>Manage a post - cflip.net forum</title>
-	<link rel="stylesheet" href="/styles/style.css">
+    <title>Manage a post - cflip.net forum</title>
+    <link rel="stylesheet" href="/styles/style.css">
 </head>
 <body>
-	<?php include_once 'templates/header.php' ?>
-	<h1>Manage a post</h1>
-	<?php
-	$current->display_content($dbc);
-	echo '<hr>';
+<?php include('includes/templates/header.php'); ?>
+<h1>Manage a post</h1>
+<?php
+$current->display_content($dbc);
+echo '<hr>';
 
-	$id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
+$id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
 
-	if (!isset($_SESSION['signed_in'])) {
-		echo 'You must be <a href="signin.php">signed in</a> to manage a post.';
-		return;
-	}
-
-	$current_user = new User();
-	$current_user->get_by_id($_SESSION['user_id'], $dbc);
+if (!Session::get()->is_signed_in()) {
+	echo '<p class="error">You must be <a href="signin.php">signed in</a> to manage a post.</p>';
+	return;
+}
 
-	// Admin users should be able to delete posts, but they should not be able to edit them
-	// Or should they??
-	if ($current_user->id != $current->author->id/* && $current_user->level < 1*/) {
-		echo "You can't manage another user's post!";
-		return;
-	}
+// Admin users should be able to delete posts, but they should not be able to edit them
+// Or should they??
+if (Session::get()->get_current_user()->id != $current->author->id) {
+	echo '<p class="error">You can\'t manage another user\'s post!</p>';
+	return;
+}
 
-	// TODO: Disallow editing/deleting posts if they have been around for a while
-	?>
-	<form action="manage_post.php" method="post">
-		<h3>Edit post</h3>
-		<input type="hidden" name="id" value="<?= $current->id ?>">
-		<textarea name="post_content" rows="10" cols="50"><?= $current->content; ?></textarea>
-		<p>Edited posts will show a timestamp above the post showing when the last edit was made.</p>
-		<p>
-			<input type="checkbox" id="delete" name="delete">
-			<label for="delete">Delete this post</label>
-		</p>
-		<input type="submit" value="Apply Changes">
-	</form>
+// TODO: Disallow editing/deleting posts if they have been around for a while
+?>
+<form action="manage_post.php" method="post">
+    <h3>Edit post</h3>
+    <input type="hidden" name="id" value="<?= $current->id ?>">
+    <textarea name="post_content" rows="10" cols="50"><?= $current->content; ?></textarea>
+    <p>Edited posts will show a timestamp above the post showing when the last edit was made.</p>
+    <p>
+        <input type="checkbox" id="delete" name="delete">
+        <label for="delete">Delete this post</label>
+    </p>
+    <input type="submit" value="Apply Changes">
+</form>
 </body>
 </html>
-- 
cgit v1.2.3