1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
<?php
include_once './includes/Session.php';
include_once './includes/Database.php';
include_once './includes/model/User.php';
function create_post($post_content, $post_thread, $post_category)
{
// User must be signed in
if (!Session::get()->is_signed_in()) {
trigger_error('You must be signed in to create a post');
return;
}
$user = Session::get()->get_current_user();
// Insert the post into the database
$sql = "INSERT INTO posts(post_content, post_date_created, post_thread, post_author) VALUES (?, CONVERT_TZ(NOW(), 'SYSTEM', '+00:00'), ?, ?);";
Database::get()->query($sql, "sii", $post_content, $post_thread, $user->id);
// Increment the category's post count
$sql = "UPDATE categories SET `cat_post_count` = `cat_post_count` + '1' WHERE cat_id = ?;";
Database::get()->query($sql, "i", $post_category);
// Set the last post date of the parent thread
$sql = "UPDATE threads SET thread_date_lastpost = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE thread_id = ?;";
Database::get()->query($sql, "i", $post_thread);
}
function edit_post(Post $post, string $post_content)
{
// User must be signed in
if (!Session::get()->is_signed_in()) {
trigger_error('You must be signed in to edit this post!');
return;
}
// User must have permission to edit the post
$current_user = Session::get()->get_current_user();
if ($current_user->id != $post->author->id) {
trigger_error("You don't have sufficient permissions to edit this post.");
return;
}
// Set the post content and the post edit date
$sql = "UPDATE posts SET post_content = ?, post_date_edited = CONVERT_TZ(NOW(), 'SYSTEM', '+00:00') WHERE post_id = ?;";
Database::get()->query($sql, "si", $post_content, $post->id);
}
function delete_post(Post $post)
{
// User must be signed in
if (!Session::get()->is_signed_in()) {
trigger_error('You must be signed in to delete a post!');
return;
}
// User must have permission to delete the post
$current_user = Session::get()->get_current_user();
if ($current_user->id != $post->author->id || $current_user->level != USER_LEVEL_MODERATOR) {
trigger_error("You don't have sufficient permissions to delete this post.");
return;
}
// TODO: The post must not be locked
// TODO: The post must have not been around for a certain amount of time
// Delete the post from the database
Database::get()->query("DELETE FROM posts WHERE post_id = ?", "i", $post->id);
// Decrement the post count of the category
Database::get()->query("UPDATE categories SET `cat_post_count` = `cat_post_count` - '1' WHERE cat_id = ?", "i", $post->thread->category->id);
}
|
