Exemplo n.º 1
0
 public function uploadDisplayPic($username)
 {
     $fileName = $this->uploadFile();
     if ($fileName != null) {
         $memberModel = new memberModel();
         $queryResult = $memberModel->updateDisplayPic($username, $fileName);
     }
 }
    public function exportAction($args)
    {
        header('Content-Type: text/csv;');
        header('Content-Disposition: attachment; filename="Export Concours.csv"');
        $verif = new memberModel();
        $verif->getAll(true);
        //var_dump($verif);
        ?>
"Nom";"Prenom";"Id Facebook";"Email"<?php 
        echo "\n";
        foreach ($verif as $data) {
            echo utf8_decode($data['lastname'] . ";" . $data['firstname'] . ";" . $data['id_member'] . ";" . $data['email'] . "\n");
        }
    }
 public function adduserAction()
 {
     $idUser = $_SESSION["idUser"];
     $lastName = $_SESSION['lastName'];
     $firstName = $_SESSION['firstName'];
     $picture = $_SESSION['photo'];
     $role = $_SESSION['role'];
     $email = $_SESSION['email'];
     //On teste si l'utilisateur n'existe pas dans la BDD avant de l'inserer
     $testObj = new memberModel();
     $testObj->getOneByIdmember($idUser);
     // Insertion d'un utilisateur seulement
     // A commenter pour que les admins puissent participer
     if ($testObj->getIdMember() == 0) {
         $member = new memberModel($lastName, $firstName, $picture, $idUser, $email);
         $member->save();
         header('Location: /contest');
     } else {
         header('Location: /contest');
     }
 }
 public function editAction()
 {
     $uid = (int) $_GET['uid'];
     $mMember = new memberModel();
     $mMember->debug = true;
     if (empty($_POST)) {
         $member = $mMember->findByPrk($uid);
         $formset = Form::formSet($member);
         $formerror = Form::formError($_SESSION['formerror']);
         unset($_SESSION['formset'], $_SESSION['formerror']);
         include $this->template();
     } else {
         $data = $_POST;
         $error = $mMember->validate($data, 'all_one');
         if (!$error) {
             $mMember->save($_POST);
             $this->redirect($_SERVER['HTTP_REFERER'], 1, '编辑成功');
         } else {
             $_SESSION['formerror'] = $error;
             $this->redirect($_SERVER['HTTP_REFERER']);
         }
     }
 }
Exemplo n.º 5
0
 public function view()
 {
     session_start();
     include 'models/memberModel.php';
     $username = $_SESSION['username'];
     $memberModel = new memberModel();
     // check for form submission
     if (isset($_POST["submit"])) {
         $uploadManager = new uploadController();
         $uploadManager->uploadDisplayPic($username);
         if (isset($_POST["email"])) {
             $memberModel->updateEmail($username, $_POST["email"]);
         }
         if (isset($_POST["user_info"])) {
             $memberModel->updateUserInfo($username, $_POST["user_info"]);
         }
     }
     // query database to retrieve user information
     $memberModel = new memberModel();
     $queryResult = $memberModel->getUserByUsername($username);
     $resultCount = pg_num_rows($queryResult);
     // check if user exists
     if ($resultCount == 1) {
         // initialize data for profile page
         $queryData = pg_fetch_row($queryResult);
         $data['profileName'] = $queryData[0];
         $data['email'] = $queryData[3];
         $data['user_info'] = $queryData[4];
         $data['display_pic'] = $queryData[5];
         // lastly, run the profile view
         include 'views/settings.php';
     } else {
         // no result, redirect to home
         $home = new homeController();
         $home->view();
     }
 }
Exemplo n.º 6
0
 function User_xe17($id = '')
 {
     global $Config;
     parent::WikiUser($id);
     $cookie_id = $this->id != 'Anonymous' ? $this->id : '';
     // set xe_root_dir config option
     $xe_root_dir = !empty($Config['xe_root_dir']) ? $Config['xe_root_dir'] : dirname(__FILE__) . '/../../../xe';
     // default xe_root_dir is 'xe' subdirectory of the parent dir of the moniwiki
     $sessid = session_name();
     // PHPSESSID
     // set the session_id() using saved cookie
     if (isset($_COOKIE[$sessid])) {
         session_id($_COOKIE[$sessid]);
     }
     // do not use cookies for varnish cache server
     ini_set("session.use_cookies", 0);
     session_cache_limiter('');
     // Cache-Control manually for varnish cache
     session_start();
     // is it a valid user ?
     $udb = new UserDB($Config);
     $user = $udb->getUser($cookie_id);
     $update = false;
     if (!empty($cookie_id)) {
         // not found
         if ($user->id == 'Anonymous') {
             $this->setID('Anonymous');
             $update = true;
             $cookie_id = '';
         } else {
             // check ticket
             $ticket = getTicket($user->id, $_SERVER['REMOTE_ADDR']);
             if ($this->ticket != $ticket) {
                 // not a valid user
                 $this->ticket = '';
                 $this->setID('Anonymous');
                 $update = true;
                 //$cookie_id = '';
             } else {
                 // OK good user
                 $this->setID($cookie_id);
                 $id = $cookie_id;
                 $this->nick = $user->info['nick'];
                 $this->tz_offset = $user->info['tz_offset'];
                 $this->info = $user->info;
                 $this->ticket = $ticket;
             }
         }
     } else {
         // empty cookie
         $update = true;
     }
     if ($update && !empty($_SESSION['is_logged'])) {
         // init XE17, XE18
         define('__XE__', true);
         require_once $xe_root_dir . "/config/config.inc.php";
         $context =& Context::getInstance();
         $this->xe_context_init($context);
         // simplified init context method
         // $context->init(); // slow slow
         $oMemberModel =& getModel('member');
         $oMemberController =& getController('member');
         $oMemberController->setSessionInfo();
         $member = new memberModel();
         $xeinfo = $member->getLoggedInfo();
         $id = $xeinfo->user_id;
         $user = $udb->getUser($id);
         // get user info again
         // not a registered user ?
         if ($user->id == 'Anonymous' || $update || empty($user->info['nick'])) {
             // check groups
             $groups = array_keys($xeinfo->group_list);
             $wikigroups = array();
             $group_ok = $xeinfo->is_admin == 'Y' ? true : false;
             if (!empty($Config['xe_allowed_groups'])) {
                 $allowed_groups = $Config['xe_allowed_groups'];
                 for ($i = 0; $i < sizeof($groups); $i++) {
                     if (isset($allowed_groups[$groups[$i]])) {
                         $group_ok = true;
                         $groupname = $allowed_groups[$groups[$i]];
                         if (!empty($groupname)) {
                             $wikigroups[] = $groupname;
                         }
                     }
                 }
             } else {
                 $group_ok = true;
             }
             if ($group_ok) {
                 if (!empty($wikigroups)) {
                     $this->groups = $wikigroups;
                     $user->info['groups'] = implode(',', $wikigroups);
                     $this->info['groups'] = $user->info['groups'];
                 } else {
                     if (!empty($this->info['groups'])) {
                         $user->info['groups'] = '@User';
                         $this->info['groups'] = $user->info['groups'];
                     }
                 }
                 $this->setID($id);
                 // not found case
                 $this->info = $user->info;
                 // already registered case
                 $ticket = getTicket($id, $_SERVER['REMOTE_ADDR']);
                 // get ticket
                 if ($this->nick != $xeinfo->nick_name) {
                     $this->nick = $xeinfo->nick_name;
                     $this->info['nick'] = $xeinfo->nick_name;
                 }
                 if ($this->info['email'] == '') {
                     $this->info['email'] = $xeinfo->email_address;
                 }
                 $this->info['tz_offset'] = $this->tz_offset;
                 $this->ticket = $ticket;
             } else {
                 if (!empty($cookie_id)) {
                     header($this->unsetCookie());
                 }
                 $this->setID('Anonymous');
                 $id = 'Anonymous';
             }
         }
     } else {
         // not logged in
         if (empty($_SESSION['is_logged'])) {
             if (!empty($cookie_id)) {
                 header($this->unsetCookie());
             }
             $this->setID('Anonymous');
             $id = 'Anonymous';
         }
     }
     if ($update || !empty($id) and $id != 'Anonymous') {
         if ($cookie_id != $id) {
             header($this->setCookie());
         }
     }
     if ($update || !$udb->_exists($id)) {
         if (!$udb->_exists($id)) {
             if (!empty($Config['use_agreement']) && empty($this->info['join_agreement'])) {
                 $this->info['join_agreement'] = 'disagree';
             }
         }
         // automatically save/register user
         $dummy = $udb->saveUser($this);
     }
 }
Exemplo n.º 7
0
 public function view()
 {
     session_start();
     $itemName = '';
     $itemOwner = '';
     $itemBorrower = '';
     $isValidBid = false;
     // Check that URL has required fields
     if (empty($_GET['item']) || empty($_GET['owner']) || empty($_GET['borrower'])) {
         header("Location:index.php");
         return;
     }
     $itemName = $_GET['item'];
     $itemOwner = $_GET['owner'];
     $itemBorrower = $_GET['borrower'];
     $currentUser = $_SESSION['username'];
     // Getting the item
     include 'models/itemModel.php';
     $itemModel = new itemModel();
     $queryResult = $itemModel->getByKey($itemOwner, $itemName);
     // Ensures that message session is for item that exist
     if ($queryResult == false) {
         $this->goToPreviousPage();
         return;
     }
     $item = pg_fetch_array($queryResult);
     $itemImage = $item['image_url'];
     $itemPrice = $item['price'];
     // Getting the members
     include 'models/memberModel.php';
     $memberModel = new memberModel();
     // Ensures that message session is for members that exist
     if (!$memberModel->memberExist($itemOwner) || !$memberModel->memberExist($itemBorrower)) {
         $this->goToPreviousPage();
         return;
     }
     // Ensures that current logged in user belongs to message session
     if ($currentUser != $itemOwner && $currentUser != $itemBorrower) {
         $this->goToPreviousPage();
         return;
     }
     // Ensures that user is not sending message to self
     if ($itemOwner == $itemBorrower) {
         $this->goToPreviousPage();
         return;
     }
     // Getting the loan request
     include 'models/loanRequestModel.php';
     $loanRequestModel = new loanRequestModel();
     $bidMade = $loanRequestModel->getLoanRequestByOwnerItemBorrower($itemOwner, $itemName, $itemBorrower);
     if ($bidMade != false) {
         $bid = pg_fetch_array($bidMade);
         $date_start = $bid['date_start'];
         $bidStatus = $bid['status'];
         $bidPrice = $bid['price_offer'];
         $isValidBid = $bid['is_valid'];
     }
     // Checks if is an accept or reject
     if (isset($_POST['accept'])) {
         $loanRequestModel->acceptLoanRequest($itemName, $itemOwner, $itemBorrower, $date_start);
         $bidStatus = 'accepted';
     }
     if (isset($_POST['reject'])) {
         $loanRequestModel->rejectLoanRequest($itemName, $itemOwner, $itemBorrower, $date_start);
         $bidStatus = 'declined';
     }
     // get all past messages
     include 'models/messageModel.php';
     $messageModel = new messageModel();
     // Check for new message sent
     if (isset($_POST['msg-content'])) {
         $content = $_POST['msg-content'];
         $sender = $itemBorrower;
         $receiver = $itemOwner;
         if ($currentUser == $itemOwner) {
             $sender = $itemOwner;
             $receiver = $itemBorrower;
         }
         $messageModel->addMessage($itemName, $itemOwner, $sender, $receiver, $content);
     }
     $chatHistory = $messageModel->getChatHistoryInOrder($itemName, $itemOwner, $itemBorrower);
     // get user profile images
     $ownerProfile = $memberModel->getUserByUsername($itemOwner);
     $ownerIcon = pg_fetch_row($ownerProfile)[5];
     $borrowerProfile = $memberModel->getUserByUsername($itemBorrower);
     $borrowerIcon = pg_fetch_row($borrowerProfile)[5];
     // put all messages into an array
     $messageArray = array();
     while ($row = pg_fetch_row($chatHistory)) {
         $msgSender = $row[2];
         if ($msgSender == $itemOwner) {
             $msgSenderIcon = $ownerIcon;
         } else {
             $msgSenderIcon = $borrowerIcon;
         }
         $msgContent = $row[4];
         $msgTimestamp = $row[5];
         $message = array($msgSender, $msgSenderIcon, $msgContent, $msgTimestamp);
         array_push($messageArray, $message);
     }
     include 'views/message.php';
 }
Exemplo n.º 8
0
 /**
  * @brief Return member's configuration
  */
 function getMemberConfig()
 {
     static $member_config;
     if ($member_config) {
         return $member_config;
     }
     // Get member configuration stored in the DB
     $oModuleModel = getModel('module');
     $config = $oModuleModel->getModuleConfig('member');
     if (!$config->signupForm || !is_array($config->signupForm)) {
         $oMemberAdminController = getAdminController('member');
         $identifier = $config->identifier ? $config->identifier : 'email_address';
         $config->signupForm = $oMemberAdminController->createSignupForm($identifier);
     }
     //for multi language
     foreach ($config->signupForm as $key => $value) {
         $config->signupForm[$key]->title = $value->isDefaultForm ? Context::getLang($value->name) : $value->title;
         if ($config->signupForm[$key]->isPublic != 'N') {
             $config->signupForm[$key]->isPublic = 'Y';
         }
         if ($value->name == 'find_account_question') {
             $config->signupForm[$key]->isPublic = 'N';
         }
     }
     // Get terms of user
     $config->agreement = memberModel::_getAgreement();
     if (!$config->webmaster_name) {
         $config->webmaster_name = 'webmaster';
     }
     if (!$config->image_name_max_width) {
         $config->image_name_max_width = 90;
     }
     if (!$config->image_name_max_height) {
         $config->image_name_max_height = 20;
     }
     if (!$config->image_mark_max_width) {
         $config->image_mark_max_width = 20;
     }
     if (!$config->image_mark_max_height) {
         $config->image_mark_max_height = 20;
     }
     if (!$config->profile_image_max_width) {
         $config->profile_image_max_width = 90;
     }
     if (!$config->profile_image_max_height) {
         $config->profile_image_max_height = 90;
     }
     if (!$config->skin) {
         $config->skin = 'default';
     }
     if (!$config->colorset) {
         $config->colorset = 'white';
     }
     if (!$config->editor_skin || $config->editor_skin == 'default') {
         $config->editor_skin = 'ckeditor';
     }
     if (!$config->group_image_mark) {
         $config->group_image_mark = "N";
     }
     if (!$config->identifier) {
         $config->identifier = 'user_id';
     }
     if (!$config->max_error_count) {
         $config->max_error_count = 10;
     }
     if (!$config->max_error_count_time) {
         $config->max_error_count_time = 300;
     }
     if (!$config->signature_editor_skin || $config->signature_editor_skin == 'default') {
         $config->signature_editor_skin = 'ckeditor';
     }
     if (!$config->sel_editor_colorset) {
         $config->sel_editor_colorset = 'moono';
     }
     $member_config = $config;
     return $config;
 }
Exemplo n.º 9
0
<?php

var_dump($_POST);
if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['email'])) {
    // adding user entry
    include 'models/memberModel.php';
    $memberModel = new memberModel();
    $result = $memberModel->addUser($_POST['username'], $_POST['password'], $_POST['email'], "member");
    if ($result == true) {
        $result = "<p class='text-success'>Member Account Successfully Created!</p>";
    } else {
        $result = "<p class='text-danger'>Error Occured! Try checking your database constraint.</p>";
    }
} else {
    if (isset($_POST['item_name']) && isset($_POST['owner']) && isset($_POST['category']) && isset($_POST['price']) && isset($_POST['location']) && isset($_POST['description'])) {
        // adding item entry
        include 'models/itemModel.php';
        $itemModel = new itemModel();
        $result = $itemModel->addLoan($_POST['item_name'], $_POST['owner'], $_POST['category'], $_POST['price'], $_POST['description'], $_POST['location']);
        if ($result == true) {
            $result = "<p class='text-success'>Item Successfully Created!</p>";
        } else {
            $result = "<p class='text-danger'>Error Occured! Try checking your database constraint.</p>";
        }
    } else {
        if (isset($_POST['item_name']) && isset($_POST['owner']) && isset($_POST['image_url'])) {
            // adding image url entry
            include 'models/itemModel.php';
            $itemModel = new itemModel();
            if (isset($_POST['is_cover'])) {
                $result = $itemModel->addCoverImage($_POST['item_name'], $_POST['owner'], $_POST['image_url']);
Exemplo n.º 10
0
<?php

include 'models/memberModel.php';
$memberModel = new memberModel();
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
if (!$_POST['username']) {
    $signupError = true;
    $signupUsernameErrorMessage = "<p class=\"text-danger\">Please enter an username</p>";
}
if (!$_POST['password']) {
    $signupError = true;
    $signupPasswordErrorMessage = "<p class=\"text-danger\">Please enter a password</p>";
}
if (!$_POST['email']) {
    $signupError = true;
    $signupEmailErrorMessage = "<p class=\"text-danger\">Please enter an email</p>";
}
if ($_POST['username'] && $_POST['password'] && $_POST['email']) {
    if ($memberModel->memberExist($username)) {
        // check if have existing username
        $signupError = true;
        $signupErrorMessage = "<p class=\"text-danger\">Existing username!</p>";
    } else {
        if ($memberModel->emailExist($email)) {
            $signupError = true;
            $signupErrorMessage = "<p class=\"text-danger\">Existing email!</p>";
        } else {
            // insert member
            $result = $memberModel->addUser($username, $password, $email, 'member');
Exemplo n.º 11
0
<?php

include 'models/tableModel.php';
include 'models/memberModel.php';
include 'models/loanRequestModel.php';
include 'models/itemModel.php';
include 'models/reviewModel.php';
include 'models/messageModel.php';
$loanRequestModel = new loanRequestModel();
$tableModel = new tableModel();
$memberModel = new memberModel();
$itemModel = new itemModel();
$reviewModel = new reviewModel();
$messageModel = new messageModel();
?>

<div class="wrapper">
	<div class="col-md-10">
            <h1>Statistics</h1>
            <div class="panel panel-info">
                <div class="panel-body">
                    <!-- Nav tabs -->
                    <ul class="nav nav-tabs" role="tablist">
                        <li role="presentation" class="active"><a href="#user" aria-controls="home" role="tab" data-toggle="tab">User</a></li>
                        <li role="presentation"><a href="#items" aria-controls="profile" role="tab" data-toggle="tab">Items</a></li>
                        <li role="presentation"><a href="#loans" aria-controls="home" role="tab" data-toggle="tab">Loans</a></li>
                        <li role="presentation"><a href="#messages" aria-controls="home" role="tab" data-toggle="tab">Messages</a></li>
                        <li role="presentation"><a href="#others" aria-controls="home" role="tab" data-toggle="tab">Others</a></li>
                    </ul>
                    <!-- Tab panes -->
                    <div class="tab-content">
Exemplo n.º 12
0
<?php

include "dashboardHead.php";
/* Count Member */
$memberCountObj = new memberModel();
$nbMember = $memberCountObj->countRow();
/* Count Picture */
$pictureCountObj = new pictureModel();
$nbPicture = $pictureCountObj->countRow();
/* Count Contest */
$contestCountObj = new contestModel();
$nbContest = $contestCountObj->countRow();
// Select user limit 8
$memberListObj = new memberModel();
$members = $memberListObj->getUserByLimit();
// Select contest limit 8
$contestListObj = new contestModel();
$contests = $contestListObj->getContestByLimit();
?>

<div id="wrapper">
    <div id="page-wrapper">
        <div class="container-fluid">
            <!-- Page Heading -->
            <div class="row">
                <div class="col-lg-12">
                    <h1 class="page-header">
                        Dashboard
                        <small>Statistics</small>
                    </h1>
                    <ol class="breadcrumb">
Exemplo n.º 13
0
// Store form input as variables to be queried
$username = $_POST['username'];
$password = $_POST['password'];
if (!$_POST['username']) {
    $loginError = true;
    $usernameErrorMessage = "<p class=\"text-danger\">Please enter your username</p>";
}
if (!$_POST['password']) {
    $loginError = true;
    $passwordErrorMessage = "<p class=\"text-danger\">Please enter your password</p>";
}
// Authenticate user credentials
if ($_POST['username'] && $_POST['password']) {
    include 'models/memberModel.php';
    $memberModel = new memberModel();
    //$result = $memberModel->getByUsernameAndPassword($username, $password); // will get password + salt
    $result = $memberModel->getPasswordSaltAccountType($username);
    $row = pg_fetch_row($result);
    // [0] contains password, [1] contains salt, [2] contains account type
    $desiredPassword = $row[0];
    $salt = $row[1];
    $accountType = $row[2];
    $userPassword = crypt($password, $salt);
    // hash given password with salt
    if ($userPassword == $desiredPassword) {
        $_SESSION['loggedin'] = true;
        $_SESSION['username'] = $username;
        $_SESSION['usertype'] = $accountType;
        //TODO remove magic number
    } else {
Exemplo n.º 14
0
<?php

include "dashboardHead.php";
$memberObj = new memberModel();
$memberObj->getAll(true);
?>

<div id="wrapper">
    <div id="page-wrapper">
        <div class="container-fluid">
            <!-- Page Heading -->
            <div class="row">
                <div class="col-lg-12">
                    <h1 class="page-header">Gestion des utilisateurs</h1>
                    <ol class="breadcrumb">
                        <li><i class="fa fa-dashboard"></i> <a href="/dashboard">Dashboard</a></li>
                        <li class="active"><i class="fa fa-edit"></i> Gestion des utilisateurs</li>
                    </ol>
                </div>
            </div><!-- /.row -->

            <div id="user-list" class="row">
                <div class="col-md-10 col-md-offset-1">
                    <table class="table">
                        <thead>
                        <tr>
                            <th>Nom</th>
                            <th>Prénom</th>
                            <th>Adresse Email</th>
                            <th>Profil Facebook</th>
                        </tr>
Exemplo n.º 15
0
 /**
  * @brief Return member's configuration
  **/
 function getMemberConfig()
 {
     static $member_config;
     if ($member_config) {
         return $member_config;
     }
     // Get member configuration stored in the DB
     $oModuleModel =& getModel('module');
     $config = $oModuleModel->getModuleConfig('member');
     //for multi language
     if (is_array($config->signupForm)) {
         foreach ($config->signupForm as $key => $value) {
             $config->signupForm[$key]->title = Context::getLang($value->title);
             if ($config->signupForm[$key]->isPublic != 'N') {
                 $config->signupForm[$key]->isPublic = 'Y';
             }
             if ($value->name == 'find_account_question') {
                 $config->signupForm[$key]->isPublic = 'N';
             }
         }
     }
     // Get terms of user
     $config->agreement = memberModel::_getAgreement();
     if (!$config->webmaster_name) {
         $config->webmaster_name = 'webmaster';
     }
     if (!$config->image_name_max_width) {
         $config->image_name_max_width = 90;
     }
     if (!$config->image_name_max_height) {
         $config->image_name_max_height = 20;
     }
     if (!$config->image_mark_max_width) {
         $config->image_mark_max_width = 20;
     }
     if (!$config->image_mark_max_height) {
         $config->image_mark_max_height = 20;
     }
     if (!$config->profile_image_max_width) {
         $config->profile_image_max_width = 80;
     }
     if (!$config->profile_image_max_height) {
         $config->profile_image_max_height = 80;
     }
     if (!$config->skin) {
         $config->skin = 'default';
     }
     if (!$config->colorset) {
         $config->colorset = 'white';
     }
     if (!$config->editor_skin || $config->editor_skin == 'default') {
         $config->editor_skin = 'xpresseditor';
     }
     if (!$config->group_image_mark) {
         $config->group_image_mark = "N";
     }
     if (!$config->identifier) {
         $config->identifier = 'user_id';
     }
     if (!$config->max_error_count) {
         $config->max_error_count = 10;
     }
     if (!$config->max_error_count_time) {
         $config->max_error_count_time = 300;
     }
     if (!$config->layout_srl) {
         $oModuleModel =& getModel('module');
         $defaultModuleInfo = $oModuleModel->getDefaultMid();
         $config->layout_srl = $defaultModuleInfo->layout_srl;
     }
     if (!$config->signature_editor_skin || $config->signature_editor_skin == 'default') {
         $config->signature_editor_skin = 'xpresseditor';
     }
     if (!$config->sel_editor_colorset) {
         $config->sel_editor_colorset = 'white';
     }
     $member_config = $config;
     return $config;
 }
Exemplo n.º 16
0
 public function view()
 {
     session_start();
     include 'models/memberModel.php';
     include 'models/reviewModel.php';
     include 'models/itemModel.php';
     include 'helpers/timestampParser.php';
     $timestampParser = new timestampParser();
     // get string of user to be viewed
     if (isset($_GET['profile']) && $_GET['profile'] != $_SESSION['username']) {
         $profileStringQuery = $_GET['profile'];
     } else {
         $profileStringQuery = $_SESSION['username'];
         $isViewingOwnProfile = true;
     }
     /* this part deals with the user attempting to submit a review */
     if (isset($_POST['submit-review'])) {
         // parse POST data
         $reviewer = $_SESSION['username'];
         $reviewee = $_GET['profile'];
         $content = str_replace("'", "''", $_POST['content']);
         if ($_POST['review'] == "positive") {
             $isPositive = 1;
         } else {
             $isPositive = 0;
         }
         // view will access the model directly to insert review into database
         $reviewModel = new reviewModel();
         $result = $reviewModel->addNewReview($reviewer, $reviewee, $content, $isPositive);
         // clear variables
         unset($_POST['submit-review']);
         unset($_POST['content']);
         unset($_POST['review']);
         if ($result) {
             $reviewSuccessMessage = '<p class="text-success">Review successfully added.</p>';
         } else {
             $reviewSuccessMessage = '<p class="text-danger">An error occured. Review not added.</p>';
         }
     }
     /* this part onwards deals with the rendering of the profile page */
     // query database to retrieve user information
     $memberModel = new memberModel();
     $queryResult = $memberModel->getUserByUsername($profileStringQuery);
     $resultCount = pg_num_rows($queryResult);
     // check if user exists
     if ($resultCount == 1) {
         // initialize data for profile page
         $data = pg_fetch_row($queryResult);
         $profileName = $data[0];
         $profileEmail = $data[3];
         $profileDescription = $data[4];
         $profileDisplayPictureURL = "img/display_pic/" . $data[5];
         $profileLastLoggedIn = $timestampParser->getFormattedTimestampFromTimestamp($data[7]);
         // parse both review and item results into 2 arrays
         $reviewArray = array();
         $itemArray = array();
         $counter = 0;
         $positiveReviews = 0;
         $negativeReviews = 0;
         // get all reviews of this user
         $reviewModel = new reviewModel();
         $reviewResult = $reviewModel->getAllReviewsOf($profileName);
         // create review array
         while ($row = pg_fetch_row($reviewResult)) {
             $row[3] == 1 ? $positiveReviews++ : $negativeReviews++;
             $review = array($row[0], $row[2], $row[3], $timestampParser->getFormattedTimestampFromTimestamp($row[4]));
             // row[0]: reviewer, row[2]: review content, row[3]: positive/negative, row[4]: time of review
             array_push($reviewArray, $review);
             $counter++;
         }
         $totalReviews = $positiveReviews + $negativeReviews;
         $counter = 0;
         // load items put up by user
         $itemModel = new itemModel();
         $itemResult = $itemModel->getAllItemsOfUser($profileName);
         // create item array
         while ($row = pg_fetch_row($itemResult)) {
             $itemImageResult = $itemModel->getCoverImageOfItem($row[0], $row[1]);
             // get cover photo for each item
             $imageURL = pg_fetch_row($itemImageResult)[0];
             // it should only have one row
             if ($imageURL == NULL) {
                 $imageURL = "img/tempLogo.jpg";
             } else {
                 $imageURL = "img/items/" . $imageURL;
             }
             $item = array($row[0], $imageURL);
             array_push($itemArray, $item);
             $counter++;
         }
         // lastly, run the profile view
         include 'views/profile.php';
     } else {
         // no result, redirect to home
         $home = new homeController();
         $home->view();
     }
 }