private function themes() { if (isset($_GET['theme']) && Validate::slug($_GET['theme']) && file_exists(PATH . '/themes/' . $_GET['theme'] . '/theme.json')) { $opt = Options::where('name', 'theme')->findOne(); $opt->value = $_GET['theme']; $opt->save(); Base::redirect('/admin/themes'); } /** * Get themes */ $dir = PATH . '/themes/'; if ($dh = opendir($dir)) { $themes = array(); while (($theme = readdir($dh)) !== false) { $file = $dir . $theme . '/theme.json'; if (file_exists($file)) { $file = file_get_contents($file); $file = (array) json_decode($file); $file['theme'] = $theme; $themes[] = $file; } } closedir($dh); } View::set('themes', $themes); View::show('admin/themes'); }
private function edit() { Base::requireAdmin(); if (!isset($_POST['page']) && !isset($_POST['draft'])) { // Preparations for View View::set('page', $this->page); View::show('page/edit'); } // Token $this->page->title = $_POST['title']; // Filter $this->page->slug = Base::slug($_POST['title']); $this->page->html = $_POST['html']; $this->page->published = isset($_POST['page']); $this->page->save(); // Successfully edited Base::redirect('/page/' . $this->page->slug, 'Page successfully edited'); }
/** * User registration page */ private function register() { Base::requireNotLogged(); if (!isset($_POST['register'])) { View::show('user/register'); } $username = $_POST['username']; $password = $_POST['password']; $password2 = $_POST['password2']; $email = $_POST['email']; // Password errors if (!Validate::len($password, 4, 128)) { $error = 'Password must have more than 4 characters'; } elseif ($password != $password2) { $error = 'Passwords don\'t match'; } elseif (!Validate::captcha($_POST['captcha'])) { $error = 'Invalid captcha'; } elseif (!Validate::len($username)) { $error = 'Username character count must be between 4 and 64'; } elseif (!Validate::username($username)) { $error = 'Please only use letters, digits, dots and underscores in username'; } elseif (method_exists($this, $username)) { $error = 'You cannot use that username'; } elseif (User::where('username', $username)->findOne()) { $error = 'You cannot use that username'; } elseif (!Validate::len($email)) { $error = 'Email character count must be between 4 and 64'; } elseif (!Validate::email($email)) { $error = 'Please enter a valid email'; } elseif (User::where('email', $email)->findOne()) { $error = 'You cannot use that email address'; } if ($error) { View::set('error', $error); View::show('user/register'); } $user = User::create(); $user->username = $username; $user->password = Base::hashPassword($password); $user->email = $email; $user->reg_date = time(); $user->avatar = Base::createIdenticon($username, 200); $user->admin = 0; $user->save(); // Logs user in Session::login($user->id()); Base::redirect('', "Welcome, {$user->username}! We're glad to know you"); }
/** * Edit a playlist */ private function edit() { Base::requireLogged(); if (LOGGED !== $this->playlist->user_id) { Base::requireAdmin(); } // Set page title View::set('page_title', 'Edit playlist'); // Set playlist $playlist = $this->playlist->asArray(); $playlist['tracks'] = $this->playlist->tracks(); $tags = $this->playlist->tags(); if ($tags) { $playlist['tags'] = implode(', ', $tags); } View::set('playlist', $playlist); // Not submitted if (!isset($_POST['playlist']) && !isset($_POST['draft'])) { View::show('playlist/edit'); } /** * Add playlist title and playlist description */ if (!Validate::len($_POST['title'], 2, 64)) { $error = 'Playlist title must be between 2 and 64 chars'; } elseif (!Validate::len($_POST['description'], 0, 512)) { $error = 'Playlist description must be lesser than 512 chars'; } if ($error) { View::error('playlist/edit', $error); } // Raw HTML may enter the db but it's automatically // encoded at output by Mustache $this->playlist->title = $_POST['title']; $this->playlist->description = $_POST['description']; /** * Uploads cover image */ if (!empty($_FILES['cover']) && $_FILES['cover']['size'] > 0) { Base::uploadImage($_FILES['cover'], $cover, $error); if ($error) { View::error('playlist/edit', $error); } $this->playlist->cover = $cover; } /** * Inserts tags into database */ if (!empty($_POST['tags'])) { // Separates tags by commas $tags = strtolower($_POST['tags']); $tags = explode(',', $tags, 6); // Tag limit $tags = array_slice($tags, 0, 5); // Filter tags foreach ($tags as $k => &$tag) { if (!ADMIN && $tag === 'staff') { continue; } $tag = preg_replace('/[^a-z]+/', ' ', $tag); $tag = trim($tag, ' '); // Tag must have at least 2 chars // And it must be lesser than 32 chars if (!Validate::len($tag, 1, 32)) { unset($tags[$k]); } } if (!empty($tags)) { // Remove tags from PlaylistTag PlaylistTag::where('playlist_id', $this->playlist->id)->deleteMany(); // Insert tags $sql = str_repeat(',(?)', count($tags)); $sql[0] = ' '; Tag::rawExecute("INSERT IGNORE INTO tag(name) VALUES {$sql}", $tags); // Get inserted tags ids and point them to the new playlist $tags = Tag::select('id')->whereIn('name', $tags)->findMany(); foreach ($tags as $tag) { $link = PlaylistTag::create(); $link->playlist_id = $this->playlist->id; $link->tag_id = $tag->id; $link->save(); } } } // Published status $this->playlist->published = isset($_POST['playlist']); /** * Add tracks into db */ if (!isset($_POST['tracks'])) { $error = 'You can\'t publish without any tracks'; $this->playlist->published = 0; } else { if (is_array($_POST['tracks'])) { $max = Base::$g['playlist_max_tracks']; $min = Base::$g['playlist_min_tracks']; $tracks = $_POST['tracks']; if (!isset($tracks[$min - 1])) { $error = "You can't publish without at least {$min} tracks"; $this->playlist->published = 0; } elseif (isset($track[$max])) { $error = "You can't have more than {$max} tracks in a playlist"; $tracks = array_slice($tracks, 0, $max); } /** * Check for haxing */ foreach ($tracks as $k => &$item) { $item = Validate::int($item); if ($item === false) { unset($tracks[$k]); } } // Also get duration $row = Track::whereIn('id', $tracks)->selectExpr('COUNT(id)', 'count')->selectExpr('SUM(duration)', 'duration')->findOne(); if ($row->count != count(array_unique($tracks))) { View::error('playlist/edit', 'Massive error 2. Contact the admin'); } // Store duration in minutes $this->playlist->tracks_count = $row->count; $this->playlist->duration = $row->duration / 60; // Delete the ones already in PlaylistTrack::where('playlist_id', $this->playlist->id)->deleteMany(); // Add new ones foreach ($tracks as $track) { $table = PlaylistTrack::create(); $table->playlist_id = $this->playlist->id; $table->track_id = $track; $table->save(); } } else { View::error('playlist/edit', 'Massive error. Contact the admin'); } } /** * Update playlist in database */ $this->playlist->save(); $msg = $error ?: 'Playlist succesfully edited'; Base::redirect('/' . $this->playlist->id, $msg); }
/** * User delete */ private function delete() { Base::requireAdmin(); $this->user->delete(); Base::redirect('/admin/manage_users', 'User successfully deleted'); }