public static function add_comment($adv_id, $user_id, $content) { DAL::addComment($user_id, $adv_id, Cleaning::cleanString($content)); }
public static function sign_up($username, $password, $role, $email, $country) { DAL::addUser(Cleaning::cleanString($username), Cleaning::cleanString($password), Cleaning::cleanEmail($email), $role, 0, $country); Model_user::sign_in($username, $password); }
function __construct() { global $rep, $views; //declare as global the variables needed that are in conf.php session_start(); $roles = array("administrator", "reader", "author"); //roles defined for the website $viewError = array(); //array to stock error messages $TmessagesConnection = array(); //error message specific to the connexion view /* * create a list of action for every type of users * actions correspond to the action field of a get/post method in the html */ $actionsAdministrator = array(NULL, "home", "down_vote", "up_vote", "display_adventure", "add_display", "add_adventure", "profile", "all_adventures", "comment", "remove_adv", "profilevisitor"); $actionsReader = array(NULL, "home", "down_vote", "up_vote", "display_adventure", "profile", "all_adventures", "comment", "profilevisitor"); $actionsVisitor = array(NULL, "home", "display_adventure", "display_sign_up", "sign_up", "all_adventures", "profilevisitor"); $actionsAuthor = array(Null, "home", "down_vote", "up_vote", "display_adventure", "add_display", "add_adventure", "profile", "all_adventures", "comment", "remove_adv", "profilevisitor"); //get the action $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : NULL; $action = Cleaning::cleanString($action); //cleanning the action try { if ($this->isConnected()) { //if we are connected if ($action == 'sign_out') { $this->sign_out(); } switch ($_SESSION['role']) { //check the role and call the good controller case "administrator": if (in_array($action, $actionsAdministrator)) { //if an admin is connected but trying to perform a visitor action if (in_array($action, $actionsVisitor)) { $cont = new Controller_visitor($action); } else { if (in_array($action, $actionsReader)) { $cont = new Controller_reader($action); } else { if (in_array($action, $actionsAuthor)) { $cont = new Controller_author($action); } else { $cont = new Controller_administrator($action); } } } } else { $dVueEreur[] = "action \"" . $action . "\" unknown"; require $rep . $views['error']; } break; case "reader": if (in_array($action, $actionsReader)) { if (in_array($action, $actionsVisitor)) { $cont = new Controller_visitor($action); } else { $cont = new Controller_reader($action); } } break; case "author": if (in_array($action, $actionsAuthor)) { if (in_array($action, $actionsVisitor)) { $cont = new Controller_visitor($action); } else { if (in_array($action, $actionsReader)) { $cont = new Controller_reader($action); } else { $cont = new Controller_author($action); } } } else { $dVueEreur[] = "action \"" . $action . "\" unknown"; require $rep . $views['error']; } break; } } else { // if we are not connected if ($action == 'sign_in') { $this->sign_in(); } elseif (in_array($action, $actionsVisitor)) { $cont = new Controller_visitor($action); } else { $viewError[] = "action \"" . $action . "\" unknown"; require $rep . $views['error']; } } } catch (Exception $e) { $viewError[] = "unexpected error"; require $rep . $views['error']; } exit(0); }