query($sql); $posts = array(); foreach ($result as $row) { $post = new Post(); $post->get_from_database($row['post_id']); array_push($posts, $post); } return $posts; } function create_post($post_content, $post_thread, $post_category) { // User must be signed in if (!Session::get()->is_signed_in()) { trigger_error('You must be signed in to create a post'); return; } $user = Session::get()->get_current_user(); // Insert the post into the database $sql = "INSERT INTO posts(post_content, post_date_created, post_thread, post_author) VALUES (?, CONVERT_TZ(NOW(), 'SYSTEM', '+00:00'), ?, ?);"; Database::get()->query($sql, "sii", $post_content, $post_thread, $user->id); // Increment the category's post count $sql = "UPDATE categories SET `cat_post_count` = `cat_post_count` + '1' WHERE cat_id = ?;"; Database::get()->query($sql, "i", $post_category); // Set the last post date of the parent thread $sql = "UPDATE threads SET thread_date_lastpost = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE thread_id = ?;"; Database::get()->query($sql, "i", $post_thread); } function create_quote(int $id): string { $sql = "SELECT post_content, post_author, post_thread, user_name FROM posts LEFT JOIN users ON post_author = user_id WHERE post_id = ?;"; $result = Database::get()->query($sql, "i", $id); $reply = $result[0]; if (empty($reply)) { return '

This post has been deleted

'; } return '

Quote from ' . $reply['user_name'] . '
' . $reply['post_content'] . '

'; } function format_post_content(string $post_content) { $post_content = preg_replace_callback('/>#\d+/', function ($matches) { $result = ""; foreach ($matches as $match) { $id = (int) filter_var($match, FILTER_SANITIZE_NUMBER_INT); $result .= create_quote($id); } return $result; }, $post_content); $result = $post_content; // Replace newline characters with HTML
tags $result = nl2br($result); // Replace YouTube URLs with embedded YouTube videos. $result = preg_replace( "/\s*[a-zA-Z\/:]*youtu(be.com\/watch\?v=|.be\/)([a-zA-Z0-9\-_]+)([a-zA-Z0-9\/*-_?&;%=.]*)/i", '
', $result); // Replace Image URLs with embedded images. $result = preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+(?:\.jpg|\.png|\.gif))(?![^<]*?(?:|/?>))@i', '

', $result); // Replace other URLs with links. return preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+)(?![^<]*?(?:|/?>))@i', '$0', $result); } /** * Get the post content from the database and return it as a string ready for HTML display */ function get_post_content(Post $post): string { // Build the header $result = '

#' . $post->id . ''; $result .= ' Posted by ' . $post->author->name . ''; $result .= ' on ' . date('m/d/Y g:ia', strtotime($post->date_created)); // If the post has a edit date, display it if (!is_null($post->date_edited)) { $result .= ' edited ' . date('m/d/Y g:ia', strtotime($post->date_edited)) . ''; } // Append a manage post button if the user is signed in and is the post's creator if (Session::get()->is_signed_in() && Session::get()->get_current_user()->id == $post->author->id) { $result .= ''; $result .= '[Edit/Delete]'; $result .= ''; } $result .= '

'; // Append the formatted post content $result .= '' . format_post_content($post->content) . ''; return $result; } function edit_post(Post $post, string $post_content) { // User must be signed in if (!Session::get()->is_signed_in()) { trigger_error('You must be signed in to edit this post!'); return; } // User must have permission to edit the post $current_user = Session::get()->get_current_user(); if ($current_user->id != $post->author->id) { trigger_error("You don't have sufficient permissions to edit this post."); return; } // Set the post content and the post edit date $sql = "UPDATE posts SET post_content = ?, post_date_edited = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE post_id = ?;"; Database::get()->query($sql, "si", $post_content, $post->id); } function delete_post(Post $post) { // User must be signed in if (!Session::get()->is_signed_in()) { trigger_error('You must be signed in to delete a post!'); return; } // User must have permission to delete the post $current_user = Session::get()->get_current_user(); if ($current_user->id != $post->author->id || $current_user->level != USER_LEVEL_MODERATOR) { trigger_error("You don't have sufficient permissions to delete this post."); return; } // TODO: The post must not be locked // TODO: The post must have not been around for a certain amount of time // Delete the post from the database Database::get()->query("DELETE FROM posts WHERE post_id = ?", "i", $post->id); // Decrement the post count of the category Database::get()->query("UPDATE categories SET `cat_post_count` = `cat_post_count` - '1' WHERE cat_id = ?", "i", $post->thread->category->id); }