From 7c3f2e348c015ea93563d866f89ec8cea9159ea0 Mon Sep 17 00:00:00 2001 From: cflip <36554078+cflip@users.noreply.github.com> Date: Sat, 24 Apr 2021 09:40:20 -0600 Subject: Refactoring part 2 Starting to move some functionality such as the session and database connection into singleton classes to manage them. Functions for modifying posts and threads are being put in one place as well. --- manage_post.php | 86 ++++++++++++++++++++++++--------------------------------- 1 file changed, 36 insertions(+), 50 deletions(-) (limited to 'manage_post.php') diff --git a/manage_post.php b/manage_post.php index 3f9a9b3..9e04dd4 100644 --- a/manage_post.php +++ b/manage_post.php @@ -10,13 +10,13 @@ if ($_SERVER['REQUEST_METHOD'] == 'GET') { if (!isset($_GET['id']) || !filter_var($_GET['id'], FILTER_VALIDATE_INT)) { http_response_code(404); - include_once 'templates/404.php'; + include_once './includes/templates/404.php'; die(); } else { $result = $current->get_from_database($_GET['id'], $dbc); if ($result == 0) { http_response_code(404); - include_once 'templates/404.php'; + include_once './includes/templates/404.php'; die(); } } @@ -28,68 +28,54 @@ if ($_SERVER['REQUEST_METHOD'] == 'GET') { $post = new Post(); $post->get_from_database($id, $dbc); - if (!isset($_SESSION['signed_in'])) { - echo 'You must be signed in to manage a post.'; - goto end; - } - - if ($_SESSION['user_id'] != $post->author->id) { - echo "You can't manage another user's post!"; - goto end; - } - if (strcasecmp($delete, "on") == 0) { - delete_post($dbc, $post); + delete_post($post); } else { - edit_post(); + edit_post($post, $post_content); } - end: header("Location: /viewthread.php?id=" . $post->thread->id); } ?> - + - Manage a post - cflip.net forum - + Manage a post - cflip.net forum + - -

Manage a post

- display_content($dbc); - echo '
'; + +

Manage a post

+display_content($dbc); +echo '
'; - $id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT); +$id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT); - if (!isset($_SESSION['signed_in'])) { - echo 'You must be signed in to manage a post.'; - return; - } - - $current_user = new User(); - $current_user->get_by_id($_SESSION['user_id'], $dbc); +if (!Session::get()->is_signed_in()) { + echo '

You must be signed in to manage a post.

'; + return; +} - // Admin users should be able to delete posts, but they should not be able to edit them - // Or should they?? - if ($current_user->id != $current->author->id/* && $current_user->level < 1*/) { - echo "You can't manage another user's post!"; - return; - } +// Admin users should be able to delete posts, but they should not be able to edit them +// Or should they?? +if (Session::get()->get_current_user()->id != $current->author->id) { + echo '

You can\'t manage another user\'s post!

'; + return; +} - // TODO: Disallow editing/deleting posts if they have been around for a while - ?> -
-

Edit post

- - -

Edited posts will show a timestamp above the post showing when the last edit was made.

-

- - -

- -
+// TODO: Disallow editing/deleting posts if they have been around for a while +?> +
+

Edit post

+ + +

Edited posts will show a timestamp above the post showing when the last edit was made.

+

+ + +

+ +
-- cgit v1.2.3