function ChangePassword()
{
if (isset($_GET['id'])) {
$currentUser = ModelFacade::getLoggedInUser();
$userDetails = ModelFacade::getUserDetails($_GET['id']);
}
$oldPassword = htmlspecialchars($_POST['oldPassword']);
$newPassword = htmlspecialchars($_POST['newPassword']);
$confirmPassword = htmlspecialchars($_POST['confirmPassword']);
//Confirm old password is correct:
if (ModelFacade::confirmPassword($_GET['id'], $oldPassword)) {
if (strlen($newPassword) < 6) {
$error = "Password must be more then 6 characters";
} else {
if ($newPassword == "" || $newPassword == null) {
$error = "password must not be empty";
} else {
if ($newPassword != $confirmPassword) {
$error = "passwords do not match";
} else {
$errorCode = ModelFacade::updatePassword($_GET['id'], $newPassword);
if ($errorCode[0] == 0) {
$success = "Password successfully updated!";
} else {
$error = "There was an error updating your password: Code " . $errorCode[0];
}
}
}
}
include_once '/Views/UserChangePassword.html';
} else {
$error = "The password you entered was incorrect";
include_once '/Views/UserChangePassword.html';
}
}
function deleteConfirmPost()
{
$currentUserId = ModelFacade::getLoggedInUser()->id;
if (isset($_POST['deleteAccount']) && $_POST['deleteAccount'] == "confirm") {
ModelFacade::DeleteUser($currentUserId);
ModelFacade::logout();
header("location: /Signup.php?delAccount=success");
} else {
header("location: /Index.php");
}
}
function OnRequest()
{
$requestMethod = $_SERVER['REQUEST_METHOD'];
if ($requestMethod == "GET") {
threadCloseGet();
} else {
//close Thread
ModelFacade::closeThread($_GET["id"], $_POST["CloseReason"], ModelFacade::getLoggedInUser()->id);
threadClosePost();
header("location:Thread.php?id=" . $_GET["id"]);
}
}
function newThreadPost()
{
$subcategory = $_GET["subcategory"];
$title = trim($_POST["title"]);
$content = trim($_POST["content"]);
if (empty($title) or empty($content)) {
checkEmptyValues($title, $content);
} else {
$postId = ModelFacade::insertThread($title, $content, $subcategory, ModelFacade::getLoggedInUser()->id);
header("location:Thread.php?id=" . $postId);
}
}
function OnRequest()
{
$user = ModelFacade::getLoggedInUser();
$messages = DirectMessages::getUsersInbox($user->id);
if (isset($_POST['delMsg'])) {
foreach ($_POST['delMsg'] as $eachDelMsg) {
ModelFacade::deleteMsg($eachDelMsg);
}
header('Location: /DirectMsgInbox.php');
}
include_once '/Views/DirectMsgInbox.html';
}
function OnRequest()
{
if (isset($_GET['id'])) {
$currentUser = ModelFacade::getLoggedInUser();
$userDetails = ModelFacade::getUserDetails($_GET['id']);
if ($userDetails == null) {
$message = "Sorry a user with that id does not exist";
include_once '/Views/ErrorPage.html';
} else {
$userThreads = ModelFacade::GetUsersThreads($_GET['id']);
include_once '/Views/UserProfile.html';
}
} else {
$message = "Sorry no user id was set";
include_once '/Views/ErrorPage.html';
}
}
function threadPost()
{
ModelFacade::kickIfBannedOrDeleted();
$thread = ModelFacade::getThread($_GET["id"]);
//get Post Comments
//check if comment has text
$emptyComment = false;
if (trim($_POST["newComment"]) == "") {
$emptyComment = true;
} elseif (ModelFacade::checkThreadClosed($_GET["id"])) {
header("location:Thread.php?id=" . $_GET["id"]);
} else {
//add comment
ModelFacade::addComment($_GET["id"], htmlspecialchars($_POST["newComment"]), ModelFacade::getLoggedInUser()->id);
}
unset($_POST);
$comments = ModelFacade::getThreadComments($_GET["id"]);
//include_once('/Views/Thread.html');
header("location:Thread.php?id=" . $_GET["id"]);
}
function OnRequest()
{
if (isset($_POST['delMsg'])) {
foreach ($_POST['delMsg'] as $eachDelMsg) {
ModelFacade::deleteMsg($eachDelMsg);
}
header('Location: /DirectMsgSent.php');
}
$user = ModelFacade::getLoggedInUser();
$messages = ModelFacade::getUsersSentbox($user->id);
//display confirmation if message was just sent
if (isset($_GET['newMsgSent'])) {
$newMsgSent = $_GET['newMsgSent'];
if ($newMsgSent === 'true') {
$newMsgSent = "MESSAGE SENT SUCCESSFULLY";
} else {
$newMsgSent = "MESSAGE SEND FAILED - NO SUCH USER EXISTS";
}
} else {
$newMsgSent = "";
}
include_once '/Views/DirectMsgSent.html';
}
public static function deleteMsg($msgId)
{
$userId = ModelFacade::getLoggedInUser()->id;
$isDeleted = DirectMessages::deleteMsg($msgId, $userId);
return $isDeleted;
}
public function AdminDeleteComment($id)
{
$comment = "[Comment removed by " . ModelFacade::getLoggedInUser()->username . "]";
$connection = new DbConnect();
$pdo = $connection->connect();
$query = "UPDATE comments\n SET comment = :comment\n WHERE id = :id";
$stmt = $pdo->prepare($query);
$stmt->bindParam(":comment", $comment);
$stmt->bindParam(":id", $id);
$stmt->execute();
return $stmt->errorInfo();
}
