Example #1
0
 public static function create($thread_id, $title, $content, $date, $time, $author_id, $input_type)
 {
     $db = getDatabase();
     // (1) insert into post_22
     $dt = new DateTime();
     $current_timestamp = $dt->getTimestamp();
     $q = "INSERT INTO post_" . $thread_id . " (" . self::KEY_TITLE . "," . self::KEY_CONTENT . "," . self::KEY_DATE . "," . self::KEY_TIME . "," . self::KEY_AUTHOR . "," . self::KEY_INPUT_TYPE . "," . self::KEY_MODIFIED_TIME . "," . self::KEY_CREATED_TIME . " " . ")VALUES(" . ":title," . ":content," . ":date," . ":time," . ":author_id," . ":input_type," . $current_timestamp . "," . $current_timestamp . " " . ")";
     try {
         $stmt = $db->prepare($q);
         $stmt->bindParam(':title', $title);
         $stmt->bindParam(':content', $content);
         $stmt->bindParam(':date', $date);
         $stmt->bindParam(':time', $time);
         $stmt->bindParam(':author_id', $author_id);
         $stmt->bindParam(':input_type', $input_type);
         $stmt->execute();
         $lastInsertId = $db->lastInsertId(self::KEY_ID);
         // (2) update post_list update time & date
         $thread = new Thread();
         $thread->initWithId($thread_id);
         $thread->updateUpdateTime($time, $date, $current_timestamp);
         // (3) get the last insert post
         $post = new Post();
         $post->initWithId($thread_id, $lastInsertId);
         return $post;
     } catch (PDOException $ex) {
         Utils::HandlePDOException($ex);
     }
     return null;
 }
Example #2
0
 public static function delete($thread_id, $post_id)
 {
     // begin
     if ($_SESSION[KEY_SESSION][Account::KEY_USERNAME] == "guest") {
         Utils::showNoPermissionPage();
         die;
     }
     // end
     $thread = new Thread();
     $thread->initWithId($thread_id);
     $post = $thread->getPostById($post_id);
     if (!empty($_GET["confirm"]) && $_GET["confirm"] == "true") {
         // delete post, if current person is thread's host, delete thread as well
         if ($post->getAuthor()->getId() == $_SESSION[KEY_SESSION][Account::KEY_ID]) {
             $redirect_to = "/thread/";
             // it means host thread
             if ($post->isHost()) {
                 $thread->delete();
                 $post->delete();
             } else {
                 $post->delete();
                 $latest_update = Post::getLastModifiedPost($thread_id)->getModifiedTime();
                 $dt = new DateTime();
                 $dt->setTimestamp($latest_update);
                 $update_time = $dt->format("g:iA");
                 $update_date = $dt->format("Y/m/d");
                 $thread->updateUpdateTime($update_time, $update_date, $latest_update);
                 $redirect_to .= $thread_id;
             }
             header("Location: " . $redirect_to);
             die;
         } else {
             // you are not the owner of the post, you don't have the permission to alter
             Utils::showNoPermissionPage();
             include VIEWS_PATH . "private-nav.php";
             include VIEWS_PATH . "thread/thread.php";
             die;
         }
     } else {
         // get request
         $thread->initWithId($thread_id);
         $post = $thread->getPostById($post_id);
     }
     $permission = $thread->getPermission();
     if (!self::checkingPermission($thread_id, $post_id, $permission) || !($_SESSION[KEY_SESSION][Account::KEY_ID] == $post->getAuthor()->getId())) {
         Utils::showNoPermissionPage();
         return;
     }
     $content = "delete.php";
     include VIEWS_PATH . "private-nav.php";
     include VIEWS_PATH . "thread/thread.php";
 }