function getPage() { //Create instances $language = new Language(); $template = new Template(); $post = new Post(); $user = new User(); //getAvailableLanguages $availableLanguages = $language->getAvailableLanguages(); //getAvailableTemplates $availableTemplates = $template->getAvailableTemplates(); //Get requestedLanguage & requestedTemplate $urlParts = explode('/', $_GET['__cap']); //Set requestedLanguage if (!isset($urlParts[2]) || $urlParts[2] === 'index.php' || $urlParts[2] === '') { //Get browserLanguage $browserLanguage = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2); if (in_array($browserLanguage, $availableLanguages, true)) { header('Location: ' . PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . PATH_OFFSET . '/' . $browserLanguage); } else { header('Location: ' . PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . PATH_OFFSET . '/' . $availableLanguages[0]); } } else { if (in_array($urlParts[2], $availableLanguages, true)) { $requestedLanguage = $urlParts[2]; } else { header('Location: ' . PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . PATH_OFFSET . '/' . $availableLanguages[0]); } } //Set default site $defaultSite = 'Location: ' . PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . PATH_OFFSET . '/' . $requestedLanguage . '/' . $availableTemplates[0]; //Set requestedTemplate if (isset($urlParts[3])) { if (in_array($urlParts[3], $availableTemplates, true)) { $requestedTemplate = $urlParts[3]; } else { header($defaultSite); } } else { header($defaultSite); } //Set requestedParameter if (isset($urlParts[4])) { $requestedParameter = $urlParts[4]; } //getLanguageArray by requestedLanguage $languageArray = $language->getLanguageArray($requestedLanguage); //getTemplate by requestedTemplate $page = $template->getTemplate($requestedTemplate); switch ($requestedTemplate) { case 'Admin': Bloggy::checkSessionRedirect($defaultSite); Bloggy::checkAdminRedirect($defaultSite); $contentAccounts = null; $users = $user->getAll(); foreach ($users as $key => $value) { $entry = file_get_contents(DOCUMENT_ROOT . '/template/account_entry.html'); $entry = str_replace('{ACCOUNT_DELETE_HREF}', 'DoDeleteAccount/' . $value['id'], $entry); $entry = str_replace('{TXT_ACCOUNT_NAME}', $value['name'], $entry); $entry = str_replace('{TXT_ACCOUNT_ISADMIN}', $value['isAdmin'], $entry); $contentAccounts = $contentAccounts . $entry; } $page = str_replace('{ACCOUNT_ENTRIES}', $contentAccounts, $page); $contentPosts = null; $posts = $post->getAll(); foreach ($posts as $key => $value) { $entry = file_get_contents(DOCUMENT_ROOT . '/template/posts_entry.html'); $entry = str_replace('{POSTS_EDIT_HREF}', 'Edit/' . $value['id'], $entry); $entry = str_replace('{POSTS_LINK_HREF}', 'Detail/' . $value['id'], $entry); $entry = str_replace('{POSTS_DELETE_HREF}', 'DoDeletePost/' . $value['id'], $entry); $entry = str_replace('{TXT_POSTS_TITLE}', $value['title'], $entry); $entry = str_replace('{TXT_POSTS_SUBTITLE}', $value['subTitle'], $entry); $entry = str_replace('{TXT_POSTS_MODIFIED}', $value['modifiedDate'], $entry); $contentPosts = $contentPosts . $entry; } $page = str_replace('{POST_ENTRIES}', $contentPosts, $page); break; case 'Account': Bloggy::checkSessionRedirect($defaultSite); $content = null; $user = $user->getEntryById($_SESSION['userId']); $entry = file_get_contents(DOCUMENT_ROOT . '/template/account_entry.html'); $entry = str_replace('{ACCOUNT_DELETE_HREF}', 'DoDeleteAccount/' . $user['id'], $entry); $entry = str_replace('{TXT_ACCOUNT_NAME}', $user['name'], $entry); $entry = str_replace('{TXT_ACCOUNT_ISADMIN}', $user['isAdmin'], $entry); $content = $content . $entry; $page = str_replace('{ACCOUNT_ENTRIES}', $content, $page); break; case 'Create': Bloggy::checkSessionRedirect($defaultSite); break; case 'Detail': $entry = $post->getEntryById($requestedParameter); $page = str_replace('{TXT_POST_IMAGE}', $entry['imagePath'], $page); $page = str_replace('{TXT_POST_AUTHOR}', $post->getAuthorNameById($entry['author']), $page); $page = str_replace('{TXT_POST_DATE}', $entry['creationDate'], $page); $page = str_replace('{TXT_POST_TITLE}', $entry['title'], $page); $page = str_replace('{TXT_POST_SUBTITLE}', $entry['subTitle'], $page); $page = str_replace('{TXT_POST_CONTENT}', $entry['content'], $page); break; case 'DoCreatePost': Bloggy::checkSessionRedirect($defaultSite); if (isset($_POST)) { $request = []; $request['author'] = $_SESSION['userId']; $request['title'] = $_POST['title']; $request['subTitle'] = $_POST['subTitle']; $request['content'] = $_POST['content']; $request['creationDate'] = date('Y-m-d h:i:s'); $request['modifiedDate'] = date('Y-m-d h:i:s'); $_POST = []; if (isset($_FILES)) { $file = $_FILES['image']['name']; $fileExt = pathinfo($file, PATHINFO_EXTENSION); $tempFile = $_FILES['image']['tmp_name']; $storeFolder = '/data/media/'; $existingFiles = scandir($storeFolder, 1); do { $randomString = $post->generateRandomString(); } while (in_array($randomString, $existingFiles, false)); $targetFile = DOCUMENT_ROOT . $storeFolder . $randomString . '.' . $fileExt; move_uploaded_file($tempFile, $targetFile); $request['image'] = $storeFolder . $randomString . '.' . $fileExt; } $post->createPost($request); header('Location: ' . PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . PATH_OFFSET . '/' . $requestedLanguage . '/' . $availableTemplates[1]); } break; case 'DoDeleteAccount': Bloggy::checkSessionRedirect($defaultSite); $user->checkIfOwnAccountRedirect($_SESSION['userId'], $requestedParameter, $defaultSite); $user->deleteUserById($requestedParameter); header('Location: ' . $_SERVER['HTTP_REFERER']); break; case 'DoDeletePost': Bloggy::checkSessionRedirect($defaultSite); $post->checkIfOwnPostRedirect($_SESSION['userId'], $requestedParameter, $defaultSite); $post->deletePostById($requestedParameter); header('Location: ' . $_SERVER['HTTP_REFERER']); break; case 'DoEditPost': Bloggy::checkSessionRedirect($defaultSite); $post->checkIfOwnPostRedirect($_SESSION['userId'], $requestedParameter, $defaultSite); if (isset($_POST)) { $request = []; $request['id'] = $requestedParameter; $request['title'] = $_POST['title']; $request['subTitle'] = $_POST['subTitle']; $request['content'] = $_POST['content']; $request['modifiedDate'] = date('Y-m-d h:i:s'); $_POST = []; $entry = $post->getEntryById($requestedParameter); $file = $_FILES['image']['name']; $fileExt = pathinfo($file, PATHINFO_EXTENSION); $allowedFileExt = ['png', 'jpg', 'jpeg', 'gif']; if (in_array(strtolower($fileExt), $allowedFileExt, true)) { $tempFile = $_FILES['image']['tmp_name']; $storeFolder = '/data/media/'; $existingFiles = scandir($storeFolder, 1); do { $randomString = $post->generateRandomString(); } while (in_array($randomString, $existingFiles, false)); $targetFile = DOCUMENT_ROOT . $storeFolder . $randomString . '.' . $fileExt; move_uploaded_file($tempFile, $targetFile); $request['image'] = $storeFolder . $randomString . '.' . $fileExt; //Unlink (delete) outdated image $unlinkFile = $entry['imagePath']; unlink(DOCUMENT_ROOT . $unlinkFile); } else { $request['image'] = $entry['imagePath']; } $post->editPost($request); header('Location: ' . PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . PATH_OFFSET . '/' . $requestedLanguage . '/' . $availableTemplates[12]); } break; case 'DoLogin': if (isset($_POST)) { $id = $user->getIdByName('\'' . $_POST['Username'] . '\''); $hash = $user->getHashById($id); if (password_verify($_POST['Password'], $hash)) { $request = []; $request['username'] = $_POST['Username']; $request['password'] = $_POST['Password']; $_POST = []; $id = $user->getIdByName('\'' . $request['username'] . '\''); $_SESSION['userId'] = $id; $_SESSION['hash'] = $hash; header('Location: ' . PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . PATH_OFFSET . '/' . $requestedLanguage . '/' . $availableTemplates[0]); } else { header('Location: ' . PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . PATH_OFFSET . '/' . $requestedLanguage . '/' . $availableTemplates[3]); } } else { header('Location: ' . PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . PATH_OFFSET . '/' . $requestedLanguage . '/' . $availableTemplates[3]); } break; case 'DoSignup': if (isset($_POST)) { $id = $user->getIdByName('\'' . $_POST['Username'] . '\''); if ($id === null || $id === '') { $request = []; $request['username'] = $_POST['Username']; $request['password'] = $_POST['Password']; $request['passwordRepeat'] = $_POST['PasswordRepeat']; $_POST = []; $user->createUser($request); $id = $user->getIdByName('\'' . $request['username'] . '\''); $hash = $user->getHashById($id); $_SESSION['userId'] = $id; $_SESSION['hash'] = $hash; header('Location: ' . PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . PATH_OFFSET . '/' . $requestedLanguage . '/' . $availableTemplates[5]); } else { header('Location: ' . PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . PATH_OFFSET . '/' . $requestedLanguage . '/' . $availableTemplates[4]); } } else { header('Location: ' . PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . PATH_OFFSET . '/' . $requestedLanguage . '/' . $availableTemplates[3]); } break; case 'Edit': Bloggy::checkSessionRedirect($defaultSite); $post->checkIfOwnPostRedirect($_SESSION['userId'], $requestedParameter, $defaultSite); $entry = $post->getEntryById($requestedParameter); $page = str_replace('{TXT_EDIT_ID}', $entry['id'], $page); $page = str_replace('{TXT_EDIT_TITLE}', $entry['title'], $page); $page = str_replace('{TXT_EDIT_SUBTITLE}', $entry['subTitle'], $page); $page = str_replace('{TXT_EDIT_CONTENT}', $entry['content'], $page); break; case 'Home': $content = null; $posts = $post->getAll(); foreach ($posts as $key => $value) { $entry = file_get_contents(DOCUMENT_ROOT . '/template/home_entry.html'); $entry = str_replace('{POST_LINK_HREF}', 'Detail/' . $value['id'], $entry); $entry = str_replace('{TXT_POST_TITLE}', $value['title'], $entry); $entry = str_replace('{TXT_POST_SUBTITLE}', $value['subTitle'], $entry); $entry = str_replace('{TXT_POST_AUTHOR}', $post->getAuthorNameById($value['author']), $entry); $entry = str_replace('{TXT_POST_DATE}', $value['creationDate'], $entry); $content = $content . $entry; } $page = str_replace('{POST_ENTRIES}', $content, $page); break; case 'Logout': session_destroy(); header($defaultSite); break; case 'Posts': Bloggy::checkSessionRedirect($defaultSite); $content = null; $posts = $post->getAllByAuthor($_SESSION['userId']); foreach ($posts as $key => $value) { $entry = file_get_contents(DOCUMENT_ROOT . '/template/posts_entry.html'); $entry = str_replace('{POSTS_EDIT_HREF}', 'Edit/' . $value['id'], $entry); $entry = str_replace('{POSTS_LINK_HREF}', 'Detail/' . $value['id'], $entry); $entry = str_replace('{POSTS_DELETE_HREF}', 'DoDeletePost/' . $value['id'], $entry); $entry = str_replace('{TXT_POSTS_TITLE}', $value['title'], $entry); $entry = str_replace('{TXT_POSTS_SUBTITLE}', $value['subTitle'], $entry); $entry = str_replace('{TXT_POSTS_MODIFIED}', $value['modifiedDate'], $entry); $content = $content . $entry; } $page = str_replace('{POST_ENTRIES}', $content, $page); break; default: } $page = str_replace('{DEFAULT_SITE}', PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . PATH_OFFSET . '/' . $requestedLanguage . '/' . $availableTemplates[0], $page); $page = str_replace('{NAVIGATION}', $template->getNavigation(), $page); $page = str_replace('{PATH_OFFSET}', PATH_OFFSET, $page); $page = str_replace('{LANGUAGE}', $requestedLanguage, $page); //Replace placeholder through requestedLanguage foreach ($languageArray as $key => $value) { $page = str_replace('{' . $key . '}', $value, $page); } //return page echo $page; }