function threadClosePost()
{
    //gets Post
    $thread = ModelFacade::getThread($_GET["id"]);
    //get Comment Count
    include_once '/Views/AdminCloseThread.html';
}
function ChangePassword()
{
    if (isset($_GET['id'])) {
        $currentUser = ModelFacade::getLoggedInUser();
        $userDetails = ModelFacade::getUserDetails($_GET['id']);
    }
    $oldPassword = htmlspecialchars($_POST['oldPassword']);
    $newPassword = htmlspecialchars($_POST['newPassword']);
    $confirmPassword = htmlspecialchars($_POST['confirmPassword']);
    //Confirm old password is correct:
    if (ModelFacade::confirmPassword($_GET['id'], $oldPassword)) {
        if (strlen($newPassword) < 6) {
            $error = "Password must be more then 6 characters";
        } else {
            if ($newPassword == "" || $newPassword == null) {
                $error = "password must not be empty";
            } else {
                if ($newPassword != $confirmPassword) {
                    $error = "passwords do not match";
                } else {
                    $errorCode = ModelFacade::updatePassword($_GET['id'], $newPassword);
                    if ($errorCode[0] == 0) {
                        $success = "Password successfully updated!";
                    } else {
                        $error = "There was an error updating your password: Code " . $errorCode[0];
                    }
                }
            }
        }
        include_once '/Views/UserChangePassword.html';
    } else {
        $error = "The password you entered was incorrect";
        include_once '/Views/UserChangePassword.html';
    }
}
function AdminEditSubcategory($id, $subCategoryName)
{
    $id = htmlspecialchars($id);
    $subCategoryName = htmlspecialchars($subCategoryName);
    if ($id != -1) {
        if (!empty($subCategoryName)) {
            $result = ModelFacade::AdminEditSubcategory($id, $subCategoryName);
            if ($result) {
                switch ($result[0]) {
                    case 0:
                        $success = "Board " . $subCategoryName . " successfully updated!";
                        break;
                    default:
                        $error = "There was an error editing " . $subCategoryName . ": code = " . $result[0];
                        break;
                }
            } else {
                $error = $subCategoryName . " already exists!";
            }
        } else {
            $error = "Error - Subcategory Name must not be empty!";
        }
    } else {
        $error = "Error - Subcategory to edit must be selected!";
    }
    $categories = ModelFacade::getAllCategoriesWithSubcategories();
    include_once '/Views/Admin/EditSubcategory.html';
}
function AdminAddSubcategory($categoryId, $subcategoryName)
{
    $categoryId = htmlspecialchars($categoryId);
    $subcategoryName = htmlspecialchars($subcategoryName);
    $result = ModelFacade::AdminAddSubcategory($categoryId, $subcategoryName);
    $category = ModelFacade::getCategory($categoryId);
    if ($categoryId != -1) {
        if (!empty($subcategoryName)) {
            if ($result) {
                switch ($result[0]) {
                    case 0:
                        $success = "Subcategory '" . $subcategoryName . "' successfully added to '" . $category['category'] . "'!";
                        break;
                    default:
                        $error = "There was an error adding '" . $subcategoryName . "' to '" . $category['category'] . "': code = " . $result[0];
                        break;
                }
            } else {
                $error = "'" . $subcategoryName . "' already exists in Category '" . $category['category'] . "'!";
            }
        } else {
            $error = "Error - Subcategory Name must not be empty!";
        }
    } else {
        $error = "Error - Parent Category must be selected!";
    }
    $categories = ModelFacade::getAllCategoriesWithSubcategories();
    include_once '/Views/Admin/AddSubcategory.html';
}
function OnRequest()
{
    if ($_SERVER['REQUEST_METHOD'] == "POST") {
        $isError = false;
        $categories = ModelFacade::getAllCategoriesWithSubcategories();
        foreach ($categories as $category) {
            foreach ($category->subcategories as $subcategory) {
                $isOffline = false;
                if (isset($_POST['boardState'])) {
                    foreach ($_POST['boardState'] as $offlineId) {
                        if ($subcategory->id === $offlineId) {
                            $isOffline = true;
                        }
                    }
                }
                $errorCode = ModelFacade::UpdateSubcategoryState($subcategory->id, $isOffline);
                if ($errorCode[0] != 0) {
                    $isError = true;
                }
            }
        }
        if ($isError) {
            $error = "There was an error updating the subcategory states";
        } else {
            $success = "Subcategory Online/Offline states successfully updated";
        }
        $categories = ModelFacade::getAllCategoriesWithSubcategories();
        include_once '/Views/Admin/EnableSubcategory.html';
    } else {
        $categories = ModelFacade::getAllCategoriesWithSubcategories();
        include_once '/Views/Admin/EnableSubcategory.html';
    }
}
function OnRequest()
{
    $selectedMsg = ModelFacade::getMsg($_GET["msgId"]);
    if (!$selectedMsg->isRead) {
        ModelFacade::markMsgRead($selectedMsg->id);
    }
    include_once '/Views/DirectMsg.html';
}
function OnRequest()
{
    $threads = null;
    if (isset($_GET['search'])) {
        $threads = ModelFacade::SearchThreads($_GET["search"]);
        include_once '/Views/Search.html';
    } else {
        header('Location: Index.php');
    }
}
function SignupPost()
{
    $username = htmlspecialchars($_POST["username"]);
    $email = htmlspecialchars($_POST['email']);
    $password = htmlspecialchars($_POST['password']);
    $passwordConfirm = htmlspecialchars($_POST['passwordconfirm']);
    //username validation
    if (!ModelFacade::checkUsernameAvaiable($username)) {
        $message = "Username: "******" is not available";
    } else {
        if (strlen($username) < 6) {
            $message = "username must be 6 or more characters";
        } else {
            if (!preg_match("/^[a-zA-Z0-9]*\$/", $username)) {
                $message = "username must be alphanumeric";
            } else {
                if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
                    $message = $email . " is not a valid email address";
                } else {
                    if ($_POST["email"] == "" || $_POST["email"] == null) {
                        $message = "email must not be empty";
                    } else {
                        if (!ModelFacade::checkEmailAvaiable($email)) {
                            $message = "Email: " . $email . " has already been used to create an account.";
                        } else {
                            if (strlen($password) < 6) {
                                $message = "password must be more then 6 characters";
                            } else {
                                if ($password == "" || $password == null) {
                                    $message = "password must not be empty";
                                } else {
                                    if ($password != $passwordConfirm) {
                                        $message = "passwords do not match";
                                    } else {
                                        //signup user
                                        ModelFacade::signup($_POST["username"], $_POST["password"], $_POST['email']);
                                        //log user in
                                        ModelFacade::login($_POST["username"], $_POST["password"]);
                                        //store that this is a new signup so user gets nice notification
                                        $_SESSION['newsignup'] = true;
                                        //redirect to index
                                        header('Location: Index.php');
                                        exit;
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
    }
    //
    include_once "/Views/Signup.html";
}
function deleteConfirmPost()
{
    $currentUserId = ModelFacade::getLoggedInUser()->id;
    if (isset($_POST['deleteAccount']) && $_POST['deleteAccount'] == "confirm") {
        ModelFacade::DeleteUser($currentUserId);
        ModelFacade::logout();
        header("location: /Signup.php?delAccount=success");
    } else {
        header("location: /Index.php");
    }
}
function newThreadPost()
{
    $subcategory = $_GET["subcategory"];
    $title = trim($_POST["title"]);
    $content = trim($_POST["content"]);
    if (empty($title) or empty($content)) {
        checkEmptyValues($title, $content);
    } else {
        $postId = ModelFacade::insertThread($title, $content, $subcategory, ModelFacade::getLoggedInUser()->id);
        header("location:Thread.php?id=" . $postId);
    }
}
function OnRequest()
{
    $user = ModelFacade::getLoggedInUser();
    $messages = DirectMessages::getUsersInbox($user->id);
    if (isset($_POST['delMsg'])) {
        foreach ($_POST['delMsg'] as $eachDelMsg) {
            ModelFacade::deleteMsg($eachDelMsg);
        }
        header('Location: /DirectMsgInbox.php');
    }
    include_once '/Views/DirectMsgInbox.html';
}
function newMessagePost()
{
    // sanitises data input from form.
    $receiver = htmlspecialchars(trim($_POST["receiver"]));
    $subject = htmlspecialchars(trim($_POST["subject"]));
    $message = htmlspecialchars(trim($_POST["message"]));
    //if successful redirect to sentbox with confirmation message
    if (empty($receiver) or empty($subject) or empty($message)) {
        checkEmptyValues($receiver, $subject, $message);
    } else {
        if (ModelFacade::createMsg($receiver, $subject, $message)) {
            header("location:DirectMsgSent.php?newMsgSent=true");
        } else {
            header("location:DirectMsgSent.php?newMsgSent=false");
        }
    }
}
function OnRequest()
{
    if (isset($_GET['id'])) {
        $currentUser = ModelFacade::getLoggedInUser();
        $userDetails = ModelFacade::getUserDetails($_GET['id']);
        if ($userDetails == null) {
            $message = "Sorry a user with that id does not exist";
            include_once '/Views/ErrorPage.html';
        } else {
            $userThreads = ModelFacade::GetUsersThreads($_GET['id']);
            include_once '/Views/UserProfile.html';
        }
    } else {
        $message = "Sorry no user id was set";
        include_once '/Views/ErrorPage.html';
    }
}
function AdminAddBoard($categoryName)
{
    $categoryName = htmlspecialchars($categoryName);
    $result = ModelFacade::AdminAddBoard($categoryName);
    if ($result) {
        switch ($result[0]) {
            case 0:
                $success = "Board " . $categoryName . " successfully added!";
                break;
            default:
                $error = "There was an error adding " . $categoryName . ": code = " . $result[0];
                break;
        }
    } else {
        $error = $categoryName . " already exists!";
    }
    include_once '/Views/Admin/AddBoard.html';
}
function threadPost()
{
    ModelFacade::kickIfBannedOrDeleted();
    $thread = ModelFacade::getThread($_GET["id"]);
    //get Post Comments
    //check if comment has text
    $emptyComment = false;
    if (trim($_POST["newComment"]) == "") {
        $emptyComment = true;
    } elseif (ModelFacade::checkThreadClosed($_GET["id"])) {
        header("location:Thread.php?id=" . $_GET["id"]);
    } else {
        //add comment
        ModelFacade::addComment($_GET["id"], htmlspecialchars($_POST["newComment"]), ModelFacade::getLoggedInUser()->id);
    }
    unset($_POST);
    $comments = ModelFacade::getThreadComments($_GET["id"]);
    //include_once('/Views/Thread.html');
    header("location:Thread.php?id=" . $_GET["id"]);
}
function OnRequest()
{
    if (isset($_POST['delMsg'])) {
        foreach ($_POST['delMsg'] as $eachDelMsg) {
            ModelFacade::deleteMsg($eachDelMsg);
        }
        header('Location: /DirectMsgSent.php');
    }
    $user = ModelFacade::getLoggedInUser();
    $messages = ModelFacade::getUsersSentbox($user->id);
    //display confirmation if message was just sent
    if (isset($_GET['newMsgSent'])) {
        $newMsgSent = $_GET['newMsgSent'];
        if ($newMsgSent === 'true') {
            $newMsgSent = "MESSAGE SENT SUCCESSFULLY";
        } else {
            $newMsgSent = "MESSAGE SEND FAILED - NO SUCH USER EXISTS";
        }
    } else {
        $newMsgSent = "";
    }
    include_once '/Views/DirectMsgSent.html';
}
Exemple #17
0
function loginPost()
{
    if (isset($_POST["identify"]) && isset($_POST["password"])) {
        //Attemp to log user in
        ModelFacade::login($_POST["identify"], $_POST["password"]);
        if (ModelFacade::checkLoggedIn()) {
            //redirect
            header('Location: Index.php');
            exit;
        } else {
            if (ModelFacade::checkIfBanned($_POST["identify"])) {
                $message = "Your account has been banned!";
                include_once "/Views/Login.html";
            } else {
                $message = "Username or password does not exist";
                include_once "/Views/Login.html";
            }
        }
    } else {
        $message = "Please enter username and password";
        include_once "/Views/Login.html";
    }
}
Exemple #18
0
function OnRequest()
{
    //get all categories and subcategories
    $categories = ModelFacade::getAllCategoriesWithSubcategories();
    include_once '/Views/Index.html';
}
 public static function deleteMsg($msgId)
 {
     $userId = ModelFacade::getLoggedInUser()->id;
     $isDeleted = DirectMessages::deleteMsg($msgId, $userId);
     return $isDeleted;
 }
<?php

require "/Model/ModelFacade.php";
//redirect if user not logged in as admin
ModelFacade::redirectUnauthorisedNotAdmin();
//get all categories and subcategories
OnRequest();
function OnRequest()
{
    if (isset($_SESSION['deleteUser'])) {
        $message = $_SESSION['deleteUser'];
    }
    include_once '/Views/Admin/Users.html';
}
function GetUserById($id)
{
    $user = ModelFacade::GetUserById($id);
    return $user;
}
Exemple #22
0
function OnRequest()
{
    ModelFacade::kickIfBannedOrDeleted();
    include_once '/Views/Admin/Index.html';
}
function AdminDeleteComment($id)
{
    $result = ModelFacade::AdminDeleteComment($id);
    header("Location: " . $_SERVER['HTTP_REFERER']);
}
 public function AdminDeleteComment($id)
 {
     $comment = "[Comment removed by " . ModelFacade::getLoggedInUser()->username . "]";
     $connection = new DbConnect();
     $pdo = $connection->connect();
     $query = "UPDATE comments\n                    SET comment = :comment\n                    WHERE id = :id";
     $stmt = $pdo->prepare($query);
     $stmt->bindParam(":comment", $comment);
     $stmt->bindParam(":id", $id);
     $stmt->execute();
     return $stmt->errorInfo();
 }
<?php

/**
 * Created by PhpStorm.
 * User: sinisterdeath
 * Date: 8/2/2015
 * Time: 5:50 PM
 */
//Require Model
require "/Model/ModelFacade.php";
ModelFacade::logout();
ModelFacade::redirectUnauthorised();