/** * Function renders main page and implements user login behaviour. * If user is already logged in, he will be redirected to his twitter wall. * If user doesn't exist or entered data is wrong, warning message will show. */ public function action() { if (isLoggedIn()) { redirect(\route\Route::get("twitterWall")->generate(array("id" => UserRepository::getIdByUsername($_SESSION['username'])))); } $main = new Main(); $main->setPageTitle("Twitter App"); $body = new \templates\Index(); $main->setBody($body); echo $main; if (UserRepository::isLoggedIn()) { redirect(\route\Route::get("twitterWall")->generate()); } if (post('login')) { $username = htmlentities(trim(post('username'))); $password = htmlentities(trim(post('password'))); $hashedPassword = hash_password($password); if (UserRepository::login($username, $hashedPassword)) { redirect(\route\Route::get("twitterWall")->generate(array("id" => UserRepository::getIdByUsername($_SESSION['username'])))); exit; } else { ?> <script src="assets/js/loginError.js"></script> <?php } } }
public function action() { $main = new Main(); $body = new \templates\errors\UnauthorizedAccess(); $main->setPageTitle("UnauthorizedAccess")->setBody($body); echo $main; }
public function action() { $main = new Main(); $body = new \templates\errors\NotFriends(); $main->setPageTitle("Not Friends")->setBody($body); echo $main; }
/** * Changes user's username. * User must enter security number to prevent robot attacks. */ public function changeUsername() { checkUnauthorizedAccess(); $main = new Main(); $main->setPageTitle("Username settings"); $changeUsername = new ChangeUsername(); $main->setBody($changeUsername); echo $main; $oldUsername = getUsername(); if (post('change-username')) { $newUsername = post('first'); $confirmNewUsername = post('second'); $userSecurityNumber = post('security'); $error = false; if (!ctype_alnum($newUsername) || strlen($newUsername) < 4 || strlen($newUsername) > 25) { $error = true; } if (!ctype_alnum($confirmNewUsername) || strlen($confirmNewUsername) < 4 || strlen($confirmNewUsername) > 25) { $error = true; } if ($userSecurityNumber < 1113 || $userSecurityNumber > 1207) { $error = true; } if ($newUsername === $confirmNewUsername && !$error) { UserRepository::changeUsername($oldUsername, $newUsername); $_SESSION['username'] = $newUsername; } } }
/** * Function lists all galleries stored in database. */ public function action() { checkUnauthorizedAccess(); $main = new Main(); $body = new \templates\ListGalleries(); $galleries = GalleryRepository::listGalleries(); $body->setGalleries($galleries); $main->setPageTitle("Galleries")->setBody($body); echo $main; }
public function showFriends() { checkUnauthorizedAccess(); $users = UserRepository::getAllUsers(); $main = new Main(); $body = new ShowFriends(); $body->setUsers($users); $main->setPageTitle("Friends")->setBody($body); echo $main; }
public function action() { checkUnauthorizedAccess(); $tweetID = getIdFromURL(); $tweet = TweetRepository::getTweetById($tweetID); $comments = TweetCommentRepository::getTweetComments($tweetID); $main = new Main(); $body = new \templates\ViewTweet(); $body->setTweet($tweet)->setComments($comments); echo $main->setPageTitle("Tweet")->setBody($body); }
public function action() { $id = getIdFromURL(); $user = UserRepository::getUserByID($id); checkRequestURL($id, $user); $main = new Main(); $body = new \templates\UserProfile(); $user = UserRepository::getUserByID($id); $body->setUser($user); $main->setPageTitle("User Profile")->setBody($body); echo $main; }
/** * Function is used for registering new users. * It checks entered data, register new user and redirects to user's twitter wall. * User must enter security number to prevent robot attacks. */ public function action() { $main = new Main(); $main->setPageTitle("Sign up for TwitterApp"); $register = new \templates\Register(); $main->setBody($register); echo $main; if (post('register')) { $firstName = htmlentities(trim(post('fname'))); $lastName = htmlentities(trim(post('lname'))); $username = htmlentities(trim(post('username'))); $password = trim(post('password')); $hashedPassword = hash_password($password); $confirmedPassword = trim(post('cpassword')); $email = trim(post('email')); $userSecurityNumber = (int) trim(post('security')); //server-side validation $error = false; if (!ctype_alpha($firstName) || strlen($firstName) < 3 || strlen($firstName) > 25) { $error = true; } if (!ctype_alpha($lastName) || strlen($lastName) < 3 || strlen($lastName) > 25) { $error = true; } if (!ctype_alnum($username) || strlen($username) < 4 || strlen($lastName) > 25) { $error = true; } if (!ctype_alnum($password) || strlen($password) < 4 || strlen($password) > 25) { $error = true; } if (!ctype_alnum($confirmedPassword) || strlen($confirmedPassword) < 4 || strlen($confirmedPassword) > 25) { $error = true; } if ($userSecurityNumber < 1113 || $userSecurityNumber > 1207) { $error = true; } if ($password === $confirmedPassword && !$error) { $user = new User(); $user->setFirstName($firstName); $user->setLastName($lastName); $user->setUsername($username); $user->setPassword($hashedPassword); $user->setEmail($email); try { UserRepository::registerUser($user); } catch (\PDOException $e) { $e->getMessage(); } } } }
public function readMessage() { checkUnauthorizedAccess(); $id = getIdFromURL(); if (null === $id) { redirect(\route\Route::get("errorPage")->generate()); } if (intval($id) < 1) { redirect(\route\Route::get("errorPage")->generate()); } //dohvati poruku preko id-a $message = MessageRepository::getMessageByID($id); //obavijesti da je poruka pročitana MessageRepository::setRead($id); $main = new Main(); $body = new ReadMessage(); $body->setMessage($message); echo $main->setPageTitle("Read Message")->setBody($body); }
public function action() { $id = getIdFromURL(); $user = UserRepository::getUserByID($id); checkRequestURL($id, $user); $tweets = TweetRepository::getMyTweets($id); $userGalleries = GalleryRepository::getUserGalleries($id); $userPhotos = array(); foreach ($userGalleries as $gallery) { $photos = PhotoRepository::getPhotosByGalleryID($gallery['galleryid']); foreach ($photos as $photo) { array_push($userPhotos, $photo); } } $main = new Main(); $body = new \templates\TwitterWall(); $body->setTweets($tweets)->setUserPhotos($userPhotos); echo $main->setPageTitle("TwitterApp")->setBody($body); }
/** * Sorts messages by id. Newer messages are listed first. * Bigger id means that message is sent later. */ public function action() { checkUnauthorizedAccess(); $order = getSortingOrderFromURL(); $myID = UserRepository::getIdByUsername($_SESSION['username']); $messages = MessageRepository::newestFirst($myID); if ($order == "oldest") { $messages = MessageRepository::oldestFirst($myID); } else { if ($order == "unread") { $messages = MessageRepository::unreadFirst($myID); } else { if ($order == "read") { $messages = MessageRepository::readFirst($myID); } } } $main = new Main(); $body = new ShowMessages(); $body->setMessages($messages); echo $main->setPageTitle("Messages")->setBody($body); }
/** * Function creates new gallery and saves it to database. * Gallery has user id, title, tag and date of creation. * Title and tag are entered by user. */ public function action() { checkUnauthorizedAccess(); $main = new Main(); $main->setPageTitle("Create gallery"); $body = new \templates\AddGallery(); $main->setBody($body); echo $main; $username = $_SESSION['username']; if (post('addGallery')) { $userID = UserRepository::getIdByUsername($username); $title = trim(post('galleryTitle')); $tag = trim(post('galleryTag')); $dateOfCreation = date('Y-m-d H:i:s'); //server side validation of data $error = false; if (strlen($title) < 4 || strlen($title) > 25) { $error = true; } if (strlen($tag) < 3 || strlen($tag) > 25) { $error = true; } if (!$error) { $gallery = new Gallery(); $gallery->setUserID($userID); $gallery->setTitle($title); $gallery->setTag($tag); $gallery->setCreated($dateOfCreation); try { GalleryRepository::addGallery($gallery); redirect(\route\Route::get("listGalleries")->generate()); } catch (\PDOException $e) { $e->getMessage(); } } } }