Пример #1
0
 /**
  * Function renders main page and implements user login behaviour.
  * If user is already logged in, he will be redirected to his twitter wall.
  * If user doesn't exist or entered data is wrong, warning message will show.
  */
 public function action()
 {
     if (isLoggedIn()) {
         redirect(\route\Route::get("twitterWall")->generate(array("id" => UserRepository::getIdByUsername($_SESSION['username']))));
     }
     $main = new Main();
     $main->setPageTitle("Twitter App");
     $body = new \templates\Index();
     $main->setBody($body);
     echo $main;
     if (UserRepository::isLoggedIn()) {
         redirect(\route\Route::get("twitterWall")->generate());
     }
     if (post('login')) {
         $username = htmlentities(trim(post('username')));
         $password = htmlentities(trim(post('password')));
         $hashedPassword = hash_password($password);
         if (UserRepository::login($username, $hashedPassword)) {
             redirect(\route\Route::get("twitterWall")->generate(array("id" => UserRepository::getIdByUsername($_SESSION['username']))));
             exit;
         } else {
             ?>
             <script src="assets/js/loginError.js"></script>
             <?php 
         }
     }
 }
Пример #2
0
 public function advancedSearch()
 {
     if (post('submitSearch')) {
         $str = post('searchInput');
         //            $str = preg_replace("#[^0-9a-z]#i","",$str);
         //parsiranje AND-ova i OR-ova
         $values = preg_split("/[\\s,]+/", $str);
         $photos = PhotoRepository::getAllPhotos();
         $tags = array();
         //svi tagovi od svih slika
         foreach ($photos as $photo) {
             array_push($tags, $photo['tags']);
         }
         //            $stack = new \SplStack();
         //
         //            foreach($values as $value) {
         //                if(strtolower($value) != "and" && strtolower($value) != "or") {
         //                    $stack->push($value);
         //                }
         //            }
         //showing results
         $main = new Main();
         $searchResults = new SearchResults();
         $searchResults->setPhotos($photos);
         echo "<div class='container'>";
         echo $main->setBody($searchResults);
     }
 }
Пример #3
0
 /**
  * Changes user's username.
  * User must enter security number to prevent robot attacks.
  */
 public function changeUsername()
 {
     checkUnauthorizedAccess();
     $main = new Main();
     $main->setPageTitle("Username settings");
     $changeUsername = new ChangeUsername();
     $main->setBody($changeUsername);
     echo $main;
     $oldUsername = getUsername();
     if (post('change-username')) {
         $newUsername = post('first');
         $confirmNewUsername = post('second');
         $userSecurityNumber = post('security');
         $error = false;
         if (!ctype_alnum($newUsername) || strlen($newUsername) < 4 || strlen($newUsername) > 25) {
             $error = true;
         }
         if (!ctype_alnum($confirmNewUsername) || strlen($confirmNewUsername) < 4 || strlen($confirmNewUsername) > 25) {
             $error = true;
         }
         if ($userSecurityNumber < 1113 || $userSecurityNumber > 1207) {
             $error = true;
         }
         if ($newUsername === $confirmNewUsername && !$error) {
             UserRepository::changeUsername($oldUsername, $newUsername);
             $_SESSION['username'] = $newUsername;
         }
     }
 }
Пример #4
0
 /**
  * Function is used for registering new users.
  * It checks entered data, register new user and redirects to user's twitter wall.
  * User must enter security number to prevent robot attacks.
  */
 public function action()
 {
     $main = new Main();
     $main->setPageTitle("Sign up for TwitterApp");
     $register = new \templates\Register();
     $main->setBody($register);
     echo $main;
     if (post('register')) {
         $firstName = htmlentities(trim(post('fname')));
         $lastName = htmlentities(trim(post('lname')));
         $username = htmlentities(trim(post('username')));
         $password = trim(post('password'));
         $hashedPassword = hash_password($password);
         $confirmedPassword = trim(post('cpassword'));
         $email = trim(post('email'));
         $userSecurityNumber = (int) trim(post('security'));
         //server-side validation
         $error = false;
         if (!ctype_alpha($firstName) || strlen($firstName) < 3 || strlen($firstName) > 25) {
             $error = true;
         }
         if (!ctype_alpha($lastName) || strlen($lastName) < 3 || strlen($lastName) > 25) {
             $error = true;
         }
         if (!ctype_alnum($username) || strlen($username) < 4 || strlen($lastName) > 25) {
             $error = true;
         }
         if (!ctype_alnum($password) || strlen($password) < 4 || strlen($password) > 25) {
             $error = true;
         }
         if (!ctype_alnum($confirmedPassword) || strlen($confirmedPassword) < 4 || strlen($confirmedPassword) > 25) {
             $error = true;
         }
         if ($userSecurityNumber < 1113 || $userSecurityNumber > 1207) {
             $error = true;
         }
         if ($password === $confirmedPassword && !$error) {
             $user = new User();
             $user->setFirstName($firstName);
             $user->setLastName($lastName);
             $user->setUsername($username);
             $user->setPassword($hashedPassword);
             $user->setEmail($email);
             try {
                 UserRepository::registerUser($user);
             } catch (\PDOException $e) {
                 $e->getMessage();
             }
         }
     }
 }
Пример #5
0
 /**
  * Function adds photo to gallery.
  * Photo has user id, title, list of tags, date of creation and name of chosen picture.
  */
 public function action()
 {
     checkUnauthorizedAccess();
     $id = \dispatcher\DefaultDispatcher::instance()->getMatched()->getParam("galleryID");
     checkIntValueOfId($id);
     $gallery = GalleryRepository::getByID($id);
     if ($gallery == null) {
         redirect(\route\Route::get("errorPage")->generate());
     }
     $main = new Main();
     $body = new \templates\AddPhoto();
     $main->setBody($body)->setPageTitle("Upload photo");
     echo $main;
     if (post('submit')) {
         $title = trim(post('title'));
         $tags = trim(post('tags'));
         $error = false;
         if (strlen($title) < 4 || strlen($title) > 25) {
             $error = true;
         }
         if (strlen($tags) < 4 || strlen($tags) > 250) {
             $error = true;
         }
         if (!$error) {
             $dir = $gallery['title'];
             $path = 'assets/images/galleries/' . $dir;
             $localPath = $path . "/" . $_FILES['file']['name'];
             $completePath = "/TwitterApp/" . $path . "/" . $_FILES['file']['name'];
             $photo = new Photo();
             $photo->setGalleryid($id);
             $photo->setTitle($title);
             $photo->setTags($tags);
             $photo->setCreated(date('Y-m-d H:i:s'));
             $photo->setImageName($_FILES['file']['name']);
             $photo->setImagePath($completePath);
             try {
                 if (!file_exists($path)) {
                     mkdir($path);
                 }
                 move_uploaded_file($_FILES['file']['tmp_name'], $localPath);
                 PhotoRepository::addPhoto($photo);
                 redirect(\route\Route::get("viewGallery")->generate(array("id" => $id)));
             } catch (\PDOException $e) {
                 $e->getMessage();
             }
         }
     }
 }
Пример #6
0
 /**
  * Opens selected photo.
  */
 public function action()
 {
     $id = getIdFromURL();
     checkIntValueOfId($id);
     $photo = PhotoRepository::getPhotoByID($id);
     $comments = PhotoCommentRepository::getPhotoComments($id);
     if ($photo == null) {
         redirect(\route\Route::get("errorPage")->generate());
     }
     $galleryID = $photo['galleryid'];
     $gallery = GalleryRepository::getByID($galleryID);
     $galleryTitle = $gallery['title'];
     $main = new Main();
     $body = new \templates\ViewPhoto();
     $body->setPhoto($photo)->setTitle($galleryTitle)->setComments($comments);
     echo $main->setBody($body)->setPageTitle("View Photo");
 }
Пример #7
0
 /**
  * Opens selected gallery, shows gallery icon, title and date of creation.
  * Also provides option of adding a new photo to gallery.
  */
 public function action()
 {
     checkUnauthorizedAccess();
     $id = \dispatcher\DefaultDispatcher::instance()->getMatched()->getParam("id");
     if (null === $id) {
         redirect(\route\Route::get("errorPage")->generate());
     }
     if (intval($id) < 1) {
         redirect(\route\Route::get("errorPage")->generate());
     }
     $gallery = GalleryRepository::getByID($id);
     if ($gallery == null) {
         redirect(\route\Route::get("errorPage")->generate());
     }
     $main = new Main();
     $body = new \templates\ViewGallery();
     $photos = PhotoRepository::getPhotosByGalleryID($id);
     $gallery = GalleryRepository::getByID($id);
     $body->setGalleryID($id)->setPhotos($photos)->setGallery($gallery);
     $main->setBody($body)->setPageTitle("View gallery");
     echo $main;
 }
Пример #8
0
 /**
  * Function creates new gallery and saves it to database.
  * Gallery has user id, title, tag and date of creation.
  * Title and tag are entered by user.
  */
 public function action()
 {
     checkUnauthorizedAccess();
     $main = new Main();
     $main->setPageTitle("Create gallery");
     $body = new \templates\AddGallery();
     $main->setBody($body);
     echo $main;
     $username = $_SESSION['username'];
     if (post('addGallery')) {
         $userID = UserRepository::getIdByUsername($username);
         $title = trim(post('galleryTitle'));
         $tag = trim(post('galleryTag'));
         $dateOfCreation = date('Y-m-d H:i:s');
         //server side validation of data
         $error = false;
         if (strlen($title) < 4 || strlen($title) > 25) {
             $error = true;
         }
         if (strlen($tag) < 3 || strlen($tag) > 25) {
             $error = true;
         }
         if (!$error) {
             $gallery = new Gallery();
             $gallery->setUserID($userID);
             $gallery->setTitle($title);
             $gallery->setTag($tag);
             $gallery->setCreated($dateOfCreation);
             try {
                 GalleryRepository::addGallery($gallery);
                 redirect(\route\Route::get("listGalleries")->generate());
             } catch (\PDOException $e) {
                 $e->getMessage();
             }
         }
     }
 }