public static function sendMsg($data) { $database = new Database(); $token = $data['token']; $send_by = USER_ID; $send_to = $data['send_to']; $value = $data['value']; if (strlen($value) <= 0) { die("Message can't be empty"); } if (!Token::validateToken($token)) { die("Token value is invalid"); } $blocked = User::blocked_by_user($send_to); //printX($blocked); exit; if (in_array($send_by, $blocked)) { return "You can't send messages to this user"; } $data = array('user_id' => $send_to, 'sender_id' => $send_by, 'subject' => $value); $insertion = $database->insert_data(TABLE_MESSAGES, $data); if ($insertion === true) { die(json_encode(array('status' => '1', 'msg_id' => $database->lastId))); } else { die(json_encode($database->errors)); } }
/** * inserts a new comment * * @param $data array * * @return int(id)|string(error) */ public static function new_comment($data) { $database = new Database(); $post = new Post(); $PostID = $data['post_id']; $content = $data['content']; $token = $data['token']; if (empty(trim($content))) { die("Comment can't be empty"); } $qna = new QNA(); if (!is_object($qna->get_question($PostID)) && !is_array($post->get_post($PostID, true))) { die("Error! Post was not found."); } if (!Token::validateToken($token)) { die("Error! Please try again later"); } unset($data['token']); $data['uid'] = USER_ID; $insert = $database->insert_data(TABLE_COMMENTS, $data); if ($insert === true && $database->error === false) { // success return (int) $database->lastId; } else { return array_shift($database->errors); } }
public function upload_profile_pic() { global $connection; $file = $this->process_img(); if (!$file || $this->error) { return false; } $path = DEF_IMG_UP_DIR . DS . USER_ID . DS; $t_path = $path . DS . 'thumbnails'; // if file does not exist, create it if (!file_exists($path)) { if (mkdir($path)) { mkdir($t_path); // create an index file and redirect to 404 page $fp = fopen($path . "/index.php", "w"); fwrite($fp, "<?php header(\"Location: /404.php\"); ?>"); fclose($fp); } else { $this->error = true; $this->errMsg = "Could not create user folder."; return false; } } $extension = htmlentities($file['extension']); // the full path in the server for the to-be-uploaded file $upload_dir = $path . $this->name . "." . $extension; if (move_uploaded_file($file['tmp_name'], $upload_dir)) { //register in the database $path = DEF_PIC_PATH . USER_ID . "/" . $this->name . "." . $file['extension']; $this->resize(); $t_path = DEF_PIC_PATH . USER_ID . '/thumbnails/' . $this->name . '.' . $this->ext; $data = ['user_id' => $this->user_id, 'path' => $path, 'thumb_path' => $t_path, 'type' => $file['type'], 'size' => $file['size'], 'name' => $this->name, 'extension' => $this->ext, 'width' => $file['width'], 'height' => $file['height'], 'attr' => $file['attr'], 'type_constant' => $file['typeC']]; $database = new Database(); $insert = $database->insert_data(TABLE_PROFILE_PICS, $data); if ($insert === true) { $this->id = $database->lastId; $this->path = $path; return true; } else { $this->error = true; $this->errMsg = array_shift($database->errors); return false; } } else { $this->error = true; $this->errMsg = "Error moving the file."; return false; } }
/** * follow a user * * @param int $userID * * @return boolean|string */ public static function follow($userID) { $database = new Database(); // if user is blocked $blocked = self::blocked_by_user($userID); if (in_array(USER_ID, $blocked)) { return "You can't follow this user"; } if ($userID == USER_ID) { return "You can't follow yourself."; } $data = ['user_id' => $userID, 'follower_id' => USER_ID]; $insert = $database->insert_data(TABLE_FOLLOWING, $data); if ($insert !== true) { $errors = $database->errors; if ($errors[1] == 1062) { return "You're already following this user"; } else { return $errors[2]; } } return true; }
die(View::getFeedPost($id)); break; case 'feed': $data = $_POST; unset($data['action']); $user_id = $data['user_id'] ?? USER_ID; $content = $data['content']; $token = $data['token']; $now = getNow(); // check token validation if (!Token::validateToken($token)) { die(json_encode(['status' => false, 'err' => 'Token is not valid.'])); } $database = new Database(); $data = ['user_id' => $user_id, 'content' => $content, 'poster_id' => USER_ID, 'date' => $now]; $insert = $database->insert_data(TABLE_ACTIVITY, $data); if ($insert === true) { $id = $database->lastId; die(json_encode(['status' => true, 'id' => $id])); } case 'get_post': $id = sanitize_id($_GET['id']); $post = new Post(); $comment = $post->get_post($id); if (is_object($comment)) { die(json_encode($comment)); } else { die(json_encode(['status' => false, 'err' => $comment])); } break; default:
case 'upvote': $PostID = sanitize_id($data['id']); $post = new Post(); $QNA = new QNA(); // check if question exists if (!is_object($QNA->get_question($PostID)) && !is_array($post->get_post($PostID, true))) { die(json_encode(['status' => false, 'err' => 'Post was not found.'])); } // check if user has already upvoted the question $voted = QNA::has_voted($PostID, USER_ID); if ($voted) { die(json_encode(['status' => false, 'err' => 'You have already upvoted this post.'])); } $database = new Database(); $data = ['post_id' => $PostID, 'user_id' => USER_ID]; $insert = $database->insert_data(TABLE_POINTS, $data); if ($insert === true) { die(json_encode(['status' => true])); } else { die(json_encode(['status' => false, 'err' => $database->errors[2]])); } break; case 'downvote': $post = new Post(); $PostID = sanitize_id($data['id']); // check if question exists $QNA = new QNA($PostID); if (!is_object($QNA->get_question()) && !is_array($post->get_post($PostID, true))) { die(json_encode(['status' => false, 'err' => 'Question was not found.'])); } // check if user has not upvoted the question
/** * save a post/comment * * * @return mixed */ public function save_post() { $database = new Database(); $data = ['post_id' => $this->PostID, 'user_id' => USER_ID]; $insert = $database->insert_data(TABLE_SAVED, $data); if ($insert == true) { return true; } elseif ($database->errors[1] == 1062) { // duplicate return "You have already saved this post."; } else { return $database->errors[2]; } }
/** * send a default message to new users */ private function sendDefaultMessage() { $db = new Database(); $msg = "Thanks for signing up!"; $data = array('user_id' => $this->user->id, 'sender_id' => 1, 'subject' => $msg); $db->insert_data(TABLE_MESSAGES, $data); }