/** * @param $userID * @param $commentID * @return bool */ public static function deleteComment($userID, $commentID) { global $db; $query = $db->prepare("SELECT c.commentID, c.postID FROM " . TABLE_COMMENTS . " AS c LEFT JOIN " . TABLE_POSTS . " AS p ON p.postID=c.postID WHERE c.commentID=%s AND (c.commenter=%s OR p.poster=%s)", $commentID, $userID, $userID); $row = $db->getRow($query); if (!$row) { return false; } else { $cID = $row['commentID']; $postID = $row['postID']; $db->query('DELETE FROM ' . TABLE_COMMENTS . " WHERE commentID=" . $cID); //Remove Activity $db->query('DELETE FROM ' . TABLE_MAIN_ACTIVITIES . " WHERE actionID=" . $cID); //Remove From Report $db->query('DELETE FROM ' . TABLE_REPORTS . " WHERE objectType='comment' AND objectID=" . $cID); //Update comments on the posts table $query = $db->prepare('UPDATE ' . TABLE_POSTS . ' SET `comments`=`comments` - 1 WHERE postID=%d', $postID); $db->query($query); $postData = BuckysPost::getPostById($postID); //Update User Stats BuckysUser::updateStats($postData['poster'], 'comments', -1); return true; } }
if (isset($_POST['action']) && $_POST['action'] == 'submit-post') { //Save Post BuckysPost::savePost($userID, $_POST); if (isset($_POST['pageID']) && is_numeric($_POST['pageID'])) { buckys_redirect('/page.php?pid=' . $_POST['pageID']); } else { buckys_redirect('/account.php'); } } else { if (isset($_GET['action']) && $_GET['action'] == 'delete-post') { //Delete Post if ($userID != $_GET['userID'] || !BuckysPost::deletePost($userID, $_GET['postID'])) { echo 'Invalid Request'; } else { echo 'success'; } exit; } else { if (isset($_GET['action']) && ($_GET['action'] == 'unlikePost' || $_GET['action'] == 'likePost')) { $post = BuckysPost::getPostById($_GET['postID']); if ($post['post_status'] != 1) { render_result_xml(array('status' => 'error', 'message' => MSG_INVALID_REQUEST)); exit; } $r = BuckysPost::likePost($userID, $_GET['postID'], $_GET['action']); $likes = BuckysPost::getPostLikesCount($_GET['postID']); render_result_xml(array('status' => $r ? 'success' : 'error', 'message' => buckys_get_messages(), 'likes' => $likes . " like" . ($likes >= 2 ? "s" : ""), 'postID' => $_GET['postID'])); exit; } } }
$albumPhotos = BuckysAlbum::getPhotos($albumID); //Getting Album Photos if (isset($_POST['action'])) { //Create New Album if ($_POST['action'] == 'save-album') { //If the album title is empty, throw error //If the album title is empty, throw error if (trim($_POST['album_name']) == '') { buckys_redirect('/photo_album_edit.php?albumID=' . $_POST['albumID'], MSG_ALBUM_TITLE_EMPTY, MSG_TYPE_ERROR); } BuckysAlbum::updateAlbum($_POST['albumID'], trim($_POST['album_name']), $_POST['visibility'], $_POST['photos']); buckys_redirect("/photo_album_edit.php?albumID=" . $_POST['albumID'], MSG_ALBUM_UPDATED); } else { if ($_POST['action'] == 'remove-from-album' || $_POST['action'] == 'add-to-album') { $photoID = $_POST['photoID']; $photo = BuckysPost::getPostById($photoID); //Check Photo Owner if ($photo['poster'] != $userID) { echo MSG_INVALID_REQUEST; exit; } if ($_POST['action'] == 'remove-from-album') { BuckysAlbum::removePhotoFromAlbum($albumID, $photoID); } else { BuckysAlbum::addPhotoToAlbum($albumID, $photoID); } //Add echo 'success'; exit; } }
/** * Like Post * * @param int $userID * @param int $postID * @param $action * @param bool $checkToken * @return bool|int|null|string */ public static function likePost($userID, $postID, $action, $checkToken = true) { global $db; $post = BuckysPost::getPostById($postID); if ($checkToken && !buckys_check_form_token('request')) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); return false; } if (!$post || $post['poster'] == $userID) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); return false; } if ($post['visibility'] == 0 && !BuckysFriend::isFriend($userID, $post['poster'])) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); return false; } if (!BuckysUsersDailyActivity::checkUserDailyLimit($userID, 'likes')) { buckys_add_message(sprintf(MSG_DAILY_LIKES_LIMIT_EXCEED_ERROR, USER_DAILY_LIMIT_LIKES), MSG_TYPE_ERROR); return false; } //Check already like it or not $query = $db->prepare("SELECT likeID FROM " . TABLE_POSTS_LIKES . " WHERE userID=%s AND postID=%s", $userID, $postID); $likeId = $db->getVar($query); if ($action == 'likePost') { if ($likeId) { buckys_add_message(MSG_ALREADY_LIKED_POST, MSG_TYPE_ERROR); return false; } BuckysUsersDailyActivity::addLikes($userID); //Like This post $rs = $db->insertFromArray(TABLE_POSTS_LIKES, ['userID' => $userID, 'postID' => $postID]); //Update likes on the posts table $query = $db->prepare('UPDATE ' . TABLE_POSTS . ' SET `likes`=`likes` + 1 WHERE postID=%d', $postID); $db->query($query); //Add Activity $activityId = BuckysActivity::addActivity($userID, $postID, 'post', 'like', $rs); //Add Notification BuckysActivity::addNotification($post['poster'], $activityId, BuckysActivity::NOTIFICATION_TYPE_LIKE_POST); //Increase Hits BuckysHit::addHit($postID, $userID); //Update User Stats BuckysUser::updateStats($post['poster'], 'likes', 1); return $rs; } else { if ($action == 'unlikePost') { if (!$likeId) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); return false; } BuckysUsersDailyActivity::addLikes($userID); $query = $db->prepare("DELETE FROM " . TABLE_POSTS_LIKES . " WHERE userID=%s AND postID=%s", $userID, $postID); $db->query($query); //Update likes on the posts table $query = $db->prepare('UPDATE ' . TABLE_POSTS . ' SET `likes`=`likes` - 1 WHERE postID=%d', $postID); $db->query($query); //Increase Hits BuckysHit::removeHit($postID, $userID); //Update User Stats BuckysUser::updateStats($post['poster'], 'likes', -1); return true; } } }
buckys_enqueue_javascript('add_post.js'); buckys_enqueue_javascript('page.js'); //Get Page Data $pageData = $pageIns->getPageByID($paramPageID, false); $view['pageData'] = $pageData; if (!isset($pageData) || $pageData['userID'] != $userID && $pageData['status'] == BuckysPage::STATUS_INACTIVE) { //This page doesn't exist or inactive buckys_redirect('/index.php', MSG_NO_SUCH_PAGE, MSG_TYPE_ERROR); } //Get Posts Belonged to this page $postIns = new BuckysPost(); if (!$paramPostID) { $view['posts'] = $postIns->getPostsByUserID($pageData['userID'], $userID, $pageData['pageID']); $view['show_only_post'] = false; } else { $onePostData = $postIns->getPostById($paramPostID, $paramPageID); if (!buckys_not_null($onePostData)) { buckys_redirect('/index.php'); } $view['posts'][] = $onePostData; $view['show_only_post'] = true; } //Get followers $pageFollowerIns = new BuckysPageFollower(); $view['followers'] = $pageFollowerIns->getFollowers($pageData['pageID'], 1, 18, true); //Is this my page? $view['isMyPage'] = $pageData['userID'] == $userID; $TNB_GLOBALS['title'] = $pageData['title'] . ' - ' . TNB_SITE_NAME; $TNB_GLOBALS['content'] = 'page'; require DIR_FS_TEMPLATE . $TNB_GLOBALS['template'] . "/" . $TNB_GLOBALS['layout'] . ".php"; } else {
//If comment is empty, show error if (trim($comment) == '') { echo MSG_COMMENT_EMPTY; exit; } //if Post Id was not set, show error if (!$postID) { echo MSG_INVALID_REQUEST; exit; } //Check the post id is correct if (!BuckysPost::checkPostID($postID)) { echo MSG_POST_NOT_EXIST; exit; } $post = BuckysPost::getPostById($postID); if ($post['visibility'] == 0 && $userID != $post['poster'] && !BuckysFriend::isFriend($userID, $post['poster'])) { //Only Friends can leave comments to private post echo MSG_INVALID_REQUEST; exit; } //If error, show it if (!($commentID = BuckysComment::saveComments($userID, $postID, $comment))) { echo $db->getLastError(); exit; } else { //Show Results header('Content-type: application/xml'); $newComment = BuckysComment::getComment($commentID); $newCount = BuckysComment::getPostCommentsCount($postID); render_result_xml(array('newcomment' => render_single_comment($newComment, $userID, true), 'count' => $newCount > 1 ? $newCount . " comments" : $newCount . " comment"));
public function likePostAction() { $data = $_POST; $token = isset($data['TOKEN']) ? trim($data['TOKEN']) : null; $postID = isset($data['postID']) ? $data['postID'] : null; $actionType = isset($data['actionType']) ? $data['actionType'] : null; if (!$token) { return ['STATUS_CODE' => STATUS_CODE_BAD_REQUEST, 'DATA' => buckys_api_get_error_result('Api token should not be blank')]; } if (!($userID = BuckysUsersToken::checkTokenValidity($token, "api"))) { return ['STATUS_CODE' => STATUS_CODE_UNAUTHORIZED, 'DATA' => buckys_api_get_error_result('Api token is not valid.')]; } if (!$postID || !$actionType) { return ['STATUS_CODE' => STATUS_CODE_BAD_REQUEST, 'DATA' => buckys_api_get_error_result(MSG_INVALID_REQUEST)]; } $post = BuckysPost::getPostById($postID); if (!$post || $post['post_status'] != 1) { return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => buckys_api_get_error_result(MSG_INVALID_REQUEST)]; exit; } $r = BuckysPost::likePost($userID, $postID, $actionType, false); $message = buckys_get_pure_messages(); if (!$r) { return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => buckys_api_get_error_result($message)]; exit; } else { $likes = BuckysPost::getPostLikesCount($postID); return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => ['STATUS' => 'SUCCESS', 'MESSAGE' => $message, 'LIKES' => $likes, 'isLiked' => $actionType == 'likePost' ? 'yes' : 'no']]; } }
/** * Like Post * * * @param int $userID * @param int $postID */ public function likePost($userID, $postID, $action) { global $db; $post = BuckysPost::getPostById($postID); if (!$post || $post['poster'] == $userID) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); return false; } if ($post['visibility'] == 0 && !BuckysFriend::isFriend($userID, $post['poster'])) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); return false; } //Check already like it or not $query = $db->prepare("SELECT likeID FROM " . TABLE_POSTS_LIKES . " WHERE userID=%s AND postID=%s", $userID, $postID); $likeId = $db->getVar($query); if ($action == 'likePost') { if ($likeId) { buckys_add_message(MSG_ALREADY_LIKED_POST, MSG_TYPE_ERROR); return false; } //Like This post $rs = $db->insertFromArray(TABLE_POSTS_LIKES, array('userID' => $userID, 'postID' => $postID)); //Update likes on the posts table $query = $db->prepare('UPDATE ' . TABLE_POSTS . ' SET `likes`=`likes` + 1 WHERE postID=%d', $postID); $db->query($query); //Add Activity BuckysActivity::addActivity($userID, $postID, 'post', 'like', $rs); //Increase Hits BuckysHit::addHit($postID, $userID); return $rs; } else { if ($action == 'unlikePost') { if (!$likeId) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); return false; } $query = $db->prepare("DELETE FROM " . TABLE_POSTS_LIKES . " WHERE userID=%s AND postID=%s", $userID, $postID); $db->query($query); //Update likes on the posts table $query = $db->prepare('UPDATE ' . TABLE_POSTS . ' SET `likes`=`likes` - 1 WHERE postID=%d', $postID); $db->query($query); //Increase Hits BuckysHit::removeHit($postID, $userID); return true; } } }