$unLikeComment = new feedActions();
$unLikeComment->unlikeComment($commID);
}
/*** SHARE **/
if ($operation === 'share') {
if (!isset($_POST['feed']) && empty($_POST['feed'])) {
$feed = "";
} else {
$feed = cleanPOST('feed');
}
if (!isset($_POST['f_id']) && empty($_POST['f_id'])) {
$_SESSION['isv_error'] = 'An error occurred. Please try again.';
header('location:' . ISVIPI_URL . 'home/');
exit;
}
$feed_id = cleanPOST('f_id');
/** share feed **/
$share = new feedActions();
$share->shareFeed($feed, $feed_id);
}
/*** DELETE FEED **/
if ($operation === 'delete') {
if (!isset($PAGE[3]) || empty($PAGE[3])) {
//do nothing
exit;
}
$feedID = cleanGET($PAGE[3]);
/** delete feed **/
$delete = new feedActions();
$delete->delFeed($feedID);
}
}
}
//check if new and repeat passwords match
if ($pwd['New Password'] !== $pwd['Repeat New Password']) {
$_SESSION['isv_error'] = 'New Password and Repeat New Password do not match.';
header('location:' . $from_url . '');
exit;
}
//change
$change_pwd = new member($_SESSION['isv_user_id']);
$change_pwd->change_pwd($pwd);
}
/*** PRIVACY SETTINGS **/
if ($operation === 'privacy') {
//capture fields
$privacySett = array('Feeds' => cleanPOST('feeds_privacy'), 'Phone' => cleanPOST('phone_privacy'));
//check if any has not been supplied
foreach ($privacySett as $field => $value) {
if (!isSupplied($value)) {
$_SESSION['isv_error'] = 'Please select a privacy setting for ' . $field . ' field.';
header('location:' . $from_url . '');
exit;
}
}
//check if they were not altered
if ($privacySett['Feeds'] !== "nobody" && $privacySett['Feeds'] !== "friends only" && $privacySett['Feeds'] !== "everyone") {
$_SESSION['isv_error'] = 'An error occured. It appears some values may have been changed illegally.';
header('location:' . $from_url . '');
exit;
}
if ($privacySett['Phone'] !== "nobody" && $privacySett['Phone'] !== "friends only" && $privacySett['Phone'] !== "everyone") {
if (!isLoggedIn()) {
$_SESSION['isv_error'] = "You must be logged in to complete this action.";
header('location:' . ISVIPI_URL . 'sign_in');
exit;
}
/** an extra layer of security => check if there is a session matching these details in the database **/
$currSession = session_id();
$currentUser = $_SESSION['isv_user_id'];
if (!isMemberSessionValid($currentUser, $currSession)) {
$_SESSION['isv_error'] = "Your session either changed or expired. Please sign in to continue.";
header('location:' . ISVIPI_URL . 'sign_in');
exit;
}
/** check if our hidden field is present */
if (isset($_POST['isv_op']) && !empty($_POST['isv_op'])) {
$operation = cleanPOST('isv_op');
} else {
if (isset($PAGE[2]) && !empty($PAGE[2])) {
$operation = cleanGET($PAGE[2]);
} else {
$array['err'] = true;
$array['message'] = 'Action not Allowed!';
echo json_encode($array);
exit;
}
}
if ($operation !== 'f_req' && $operation !== 'f_accept' && $operation !== 'f_ignore' && $operation !== 'f_remove' && $operation !== 'f_block' && $operation !== 'f_unblock') {
$array['err'] = true;
$array['message'] = 'Action not Allowed!';
echo json_encode($array);
exit;
exit;
}
/*** SIGN IN **/
if ($operation === 'signin') {
if (!isset($_POST['user']) || empty($_POST['user'])) {
$_SESSION['isv_error'] = 'Please enter your username or email.';
header('location:' . ISVIPI_URL . '');
exit;
}
if (!isset($_POST['pwd']) || empty($_POST['pwd'])) {
$_SESSION['isv_error'] = 'Please enter your password.';
header('location:' . ISVIPI_URL . '');
exit;
}
$user = cleanPOST('user');
$pwd = cleanPOST('pwd');
//check if it is email or username
if (emailOrUsername($user) == 'email') {
$userType = 'email';
} else {
$userType = 'username';
}
//instantiate our class
require_once ISVIPI_CLASSES_BASE . 'forms/signin_cls.php';
$signIn = new signIn($userType, $user, $pwd);
}
/*** RESEND ACTIVATION CODE **/
if ($operation === 'resend_activation') {
//check if our session exists
if (!isset($_SESSION['act_email']) && empty($_SESSION['act_email'])) {
$_SESSION['isv_error'] = 'An error occured. Please try to sign in again and click activate to retry.';
