public function __construct()
{
Base::requireAdmin();
$func = method_exists($this, SECOND_PARAMETER) ? SECOND_PARAMETER : 'admin';
// FILTER
$this->{$func}();
}
private function edit()
{
Base::requireAdmin();
if (!isset($_POST['page']) && !isset($_POST['draft'])) {
// Preparations for View
View::set('page', $this->page);
View::show('page/edit');
}
// Token
$this->page->title = $_POST['title'];
// Filter
$this->page->slug = Base::slug($_POST['title']);
$this->page->html = $_POST['html'];
$this->page->published = isset($_POST['page']);
$this->page->save();
// Successfully edited
Base::redirect('/page/' . $this->page->slug, 'Page successfully edited');
}
/**
* Edit a playlist
*/
private function edit()
{
Base::requireLogged();
if (LOGGED !== $this->playlist->user_id) {
Base::requireAdmin();
}
// Set page title
View::set('page_title', 'Edit playlist');
// Set playlist
$playlist = $this->playlist->asArray();
$playlist['tracks'] = $this->playlist->tracks();
$tags = $this->playlist->tags();
if ($tags) {
$playlist['tags'] = implode(', ', $tags);
}
View::set('playlist', $playlist);
// Not submitted
if (!isset($_POST['playlist']) && !isset($_POST['draft'])) {
View::show('playlist/edit');
}
/**
* Add playlist title and playlist description
*/
if (!Validate::len($_POST['title'], 2, 64)) {
$error = 'Playlist title must be between 2 and 64 chars';
} elseif (!Validate::len($_POST['description'], 0, 512)) {
$error = 'Playlist description must be lesser than 512 chars';
}
if ($error) {
View::error('playlist/edit', $error);
}
// Raw HTML may enter the db but it's automatically
// encoded at output by Mustache
$this->playlist->title = $_POST['title'];
$this->playlist->description = $_POST['description'];
/**
* Uploads cover image
*/
if (!empty($_FILES['cover']) && $_FILES['cover']['size'] > 0) {
Base::uploadImage($_FILES['cover'], $cover, $error);
if ($error) {
View::error('playlist/edit', $error);
}
$this->playlist->cover = $cover;
}
/**
* Inserts tags into database
*/
if (!empty($_POST['tags'])) {
// Separates tags by commas
$tags = strtolower($_POST['tags']);
$tags = explode(',', $tags, 6);
// Tag limit
$tags = array_slice($tags, 0, 5);
// Filter tags
foreach ($tags as $k => &$tag) {
if (!ADMIN && $tag === 'staff') {
continue;
}
$tag = preg_replace('/[^a-z]+/', ' ', $tag);
$tag = trim($tag, ' ');
// Tag must have at least 2 chars
// And it must be lesser than 32 chars
if (!Validate::len($tag, 1, 32)) {
unset($tags[$k]);
}
}
if (!empty($tags)) {
// Remove tags from PlaylistTag
PlaylistTag::where('playlist_id', $this->playlist->id)->deleteMany();
// Insert tags
$sql = str_repeat(',(?)', count($tags));
$sql[0] = ' ';
Tag::rawExecute("INSERT IGNORE INTO tag(name) VALUES {$sql}", $tags);
// Get inserted tags ids and point them to the new playlist
$tags = Tag::select('id')->whereIn('name', $tags)->findMany();
foreach ($tags as $tag) {
$link = PlaylistTag::create();
$link->playlist_id = $this->playlist->id;
$link->tag_id = $tag->id;
$link->save();
}
}
}
// Published status
$this->playlist->published = isset($_POST['playlist']);
/**
* Add tracks into db
*/
if (!isset($_POST['tracks'])) {
$error = 'You can\'t publish without any tracks';
$this->playlist->published = 0;
} else {
if (is_array($_POST['tracks'])) {
$max = Base::$g['playlist_max_tracks'];
$min = Base::$g['playlist_min_tracks'];
$tracks = $_POST['tracks'];
if (!isset($tracks[$min - 1])) {
$error = "You can't publish without at least {$min} tracks";
$this->playlist->published = 0;
} elseif (isset($track[$max])) {
$error = "You can't have more than {$max} tracks in a playlist";
$tracks = array_slice($tracks, 0, $max);
}
/**
* Check for haxing
*/
foreach ($tracks as $k => &$item) {
$item = Validate::int($item);
if ($item === false) {
unset($tracks[$k]);
}
}
// Also get duration
$row = Track::whereIn('id', $tracks)->selectExpr('COUNT(id)', 'count')->selectExpr('SUM(duration)', 'duration')->findOne();
if ($row->count != count(array_unique($tracks))) {
View::error('playlist/edit', 'Massive error 2. Contact the admin');
}
// Store duration in minutes
$this->playlist->tracks_count = $row->count;
$this->playlist->duration = $row->duration / 60;
// Delete the ones already in
PlaylistTrack::where('playlist_id', $this->playlist->id)->deleteMany();
// Add new ones
foreach ($tracks as $track) {
$table = PlaylistTrack::create();
$table->playlist_id = $this->playlist->id;
$table->track_id = $track;
$table->save();
}
} else {
View::error('playlist/edit', 'Massive error. Contact the admin');
}
}
/**
* Update playlist in database
*/
$this->playlist->save();
$msg = $error ?: 'Playlist succesfully edited';
Base::redirect('/' . $this->playlist->id, $msg);
}
/**
* User settings
*/
private function settings()
{
Base::requireLogged();
if (LOGGED !== $this->user->id) {
Base::requireAdmin();
}
if (!isset($_POST['usr']) && !isset($_POST['avatar']) && !isset($_POST['pwd'])) {
View::show('profile/settings');
}
// Username or email change
if (isset($_POST['usr'])) {
} elseif (isset($_POST['avatar'])) {
Base::uploadImage($_FILES['avatar'], $avatar, $error);
if ($error) {
View::error('profile/settings', $error);
}
$this->user->avatar = $avatar;
$this->user->save();
View::set('success', 'Avatar successfully changed');
View::set('user', $this->user->asArray());
// Actualized user
View::show('profile/settings');
} elseif (isset($_POST['password'])) {
$currentPwd = $_POST['current_pwd'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
if (!Base::checkPassword($currentPwd, $this->user->password)) {
$error = 'You misspelled your current password';
// Need help? Forgot pwd
} elseif (!Validate::len($password, 4, 128)) {
$error = 'Password must have more than 4 characters';
} elseif ($password != $password2) {
$error = 'Passwords don\'t match';
}
if ($error) {
View::error('profile/settings', $error);
}
$this->user->password = Base::hashPassword($password);
$this->user->save();
View::set('success', 'Password successfully changed');
View::show('profile/settings');
}
}