case 'feed': $data = $_POST; unset($data['action']); $user_id = $data['user_id'] ?? USER_ID; $content = $data['content']; $token = $data['token']; $now = getNow(); // check token validation if (!Token::validateToken($token)) { die(json_encode(['status' => false, 'err' => 'Token is not valid.'])); } $database = new Database(); $data = ['user_id' => $user_id, 'content' => $content, 'poster_id' => USER_ID, 'date' => $now]; $insert = $database->insert_data(TABLE_ACTIVITY, $data); if ($insert === true) { $id = $database->lastId; die(json_encode(['status' => true, 'id' => $id])); } case 'get_post': $id = sanitize_id($_GET['id']); $post = new Post(); $comment = $post->get_post($id); if (is_object($comment)) { die(json_encode($comment)); } else { die(json_encode(['status' => false, 'err' => $comment])); } break; default: break; }
<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/src/init.php"; if (!$session->is_logged_in()) { Redirect::redirectTo("/signup.php"); } if (!isset($_GET['msg'])) { Redirect::redirectTo("../messages"); } $msgid = sanitize_id($_GET['msg']); $message = Messages::getMsg($msgid); if (!$message) { Redirect::redirectTo(''); } $pageTitle = "Messages"; if (!$message) { $session->message("Message was not found", "../messages", "warning"); } Messages::msgSeen(USER_ID, $msgid); $self = USER_ID == $message->u_id ? true : false; $arch = $message->deleted == 1 ? true : false; $staff = $message->ual == 1 ? true : false; $img_path = $message->img_path; $date = $message->date; $sec = "messages"; include ROOT_PATH . "inc/head.php"; ?> <div class="ui container section messages"> <?php echo msgs(); ?>
$PostID = sanitize_id($data['id']); $QNA = new QNA($PostID); // check if question exists $question = $QNA->get_question(); if (!is_object($question)) { die(json_encode(['status' => false, 'err' => 'Question was not found.'])); } $save = QNA::remove_saved($PostID); if ($save === true) { die(json_encode(['status' => true])); } else { die(json_encode(['status' => false, 'err' => $save])); } break; case 'post_delete': $PostID = sanitize_id($data['id']); $post = new Post(); // check if post exists $post = $post->get_post($PostID, true); if (!is_array($post)) { die(json_encode(['status' => false, 'err' => 'Post was not found.'])); } if (USER_ID !== $post['user_id'] && USER_ID !== $post['poster_id']) { die(json_encode(['status' => false, 'id' => $PostID, 'err' => 'Authentication error.'])); } $post = new Post(); $post->PostID = $PostID; $delete = $post->delete(); if ($delete === true) { die(json_encode(['status' => true])); }
<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/src/init.php"; //if (!isset($_GET['to'])) exit("404"); $user_id = isset($_GET['to']) ? sanitize_id($_GET['to']) : null; if (USER_ID == $user_id) { $session->message("You can't send a message to yourself.", "."); } if (isset($_POST['submit'])) { if (!empty(trim($_POST['subject']))) { $_POST['id'] = mt_rand(10000, 90000); Messages::sendMsg(); } else { echo "Subject cannot be empty."; } } ?> <div class="ui segment"> <form class="ui form" id="msg_compose" action="#"> <div class="field"> <label>Send to</label> <div class="ui search"> <div class="ui icon input" id="msg_sendto"> <input name="send_to" class="prompt" type="text" placeholder="Search by username or ID"> <i class="search icon"></i> </div> <div class="results"></div> </div>
<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/src/init.php"; $PostID = sanitize_id($_GET['post_id']); if (!$PostID) { Redirect::redirectTo(); } $post = new Post(); $post = $post->get_post($PostID); if (!is_object($post)) { Redirect::redirectTo(); } $self_p = $post->user_id === $post->poster_id ? true : false; $self = $post->user_id === USER_ID ? true : false; if (USER_ID) { $voted = QNA::has_voted($PostID, USER_ID); } $votes_count = QNA::get_votes($PostID) ?: "0"; $comments = Comment::get_comments($post->id); include ROOT_PATH . "inc/head.php"; ?> <body> <div class="user-feed post ui container section"> <div class="feed-post ui segment" id="post-page" post-id="<?php echo $post->id; ?> "> <?php if ($self || $post->poster_id === USER_ID) { ?>
<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/src/init.php"; $user_id = sanitize_id($_GET['pm']); $user = new User($user_id); $user = $user->user; if (!$user) { Redirect::redirectTo('404'); } $staff = $user->ual == 1 ? true : false; if (USER_ID == $user_id) { Redirect::redirectTo(); } $pageTitle = "Conversations"; $sec = "messages"; include_once ROOT_PATH . "inc/head.php"; $messages = Messages::getConvo(USER_ID, $user_id); ?> <div class="main"> <div class="ui container section message-list"> <?php if ($staff) { ?> <h3>Your messages with the admin.</h3> <?php } else { ?> <h3>Your messages with <?php echo View::user($user_id); ?>
<?php // The view for the users $pageTitle = "Stories"; $id = sanitize_id($_GET['id']) ?: null; $QNA = new QNA(); if (!($q = $QNA->get_question($id))) { // if the id is not in the questions database, try to find it in the comment database. if ($q = Comment::getComment($id)) { $q = $q['post_id']; if ($q == $id) { Redirect::redirectTo('404'); } Redirect::redirectTo(BASE_URL . "questions/question.php?id={$q}#{$id}"); } else { Redirect::redirectTo('404'); } } if ($q->status != 1 && !($session->adminCheck() || $session->userCheck($q->uid))) { Redirect::redirectTo('404'); } $user = new User($q->uid); $user = $user->user; $self = $q->uid === USER_ID; $voted = QNA::has_voted($id, USER_ID); $votes_count = QNA::get_votes($id) ?: "0"; $post_date = $q->created; $post_modified_date = $q->last_modified; if ($q->last_modified > $q->created) { $edited = " (edited <span class='datetime' title=\"{$post_modified_date}\">{$post_modified_date}</span>)"; } else {