/
post.php
163 lines (150 loc) · 4.73 KB
/
post.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
<?php
include("dbconnect.php");
include("functions/commonfunctions.php");
include("DataModel.php");
/**
* Posts Class
* responsible for querying the posts database
*/
class Posts extends DataModel {
var $limit;
function __construct($r){
parent::__construct($r);
$this->tablename = 'posts';
$this->addProjection('*');
$this->limit = 20;
$this->more = "order by postid desc limit $this->limit";
}
function getPostFeed($id){
return $this->doQuery( "select p.*, IfNull(vote,0) as vote from ("
. "(" . $this->getQueryStr() . ") as p "
. "left join "
. "(select * from vts where id = $id) as v "
. "on v.postid = p.postid"
. ") order by weight desc" );
}
function getUserGroups(){ // TODO : Change group implementation
$q = "select groups from eyeds where id={$this->r['id']}";
$res = $this->doQuery($q);
$groups = $res->fetch_row()[0];
return $groups;
}
function getUserVote($id, $postid){
$res = $this->doQuery("select vote from vts where id={$id} and postid={$postid}");
if (mysqli_num_rows($res) > 0)
return mysqli_fetch_row($res)[0];
else
return 0;
}
}
/**
* Comments Class
* interacts with Comments table
*/
class Comments extends DataModel {
function __construct($r){
parent::__construct($r);
$this->tablename = 'cmnts';
$this->addProjection('*');
$this->more = "order by commentid desc";
}
}
$r = array();
foreach ($_POST as $key => $value) {
$r[$key] = mysqli_real_escape_string( $con, $value );
}
$rarr = array('status' => 0);
if ( $r['action'] == 'get' ){
// get a single post
// with all the fucking comments
$obj = new Posts($r);
$obj->checkInputHas(['postid']);
$obj->addSelection("postid = {$r['postid']}");
$result = $obj->query(ERR_NOPOST, true);
$postarr = mysqli_fetch_assoc($result);
$postarr['vote'] = $obj->getUserVote($r['id'], $r['postid']);
// get comments
$commentObj = new Comments($r);
$commentObj->addSelection("postid=" . $r['postid']);
$result = $commentObj->query();
$postarr['comments'] = array();
while ($row = mysqli_fetch_assoc($result)){
unset($row['postid']);
$postarr['comments'][] = $row;
}
$rarr = array_merge($postarr, $rarr);
die(json_encode($rarr));
} else if ( $r['action'] == 'set' ){
// create a new post
// send token, userid, content, [groupid, pollid]
$postObj = new Posts($r);
$postObj->checkTokenValid();
$postObj->checkInputHas(['content']);
$postObj->addInsertsFromArray($r, ['id', 'content']);
$postObj->addInsert('username', getUsername($r['id']));
$postObj->addInsert('doc', date('Y-m-d H:i:s'));
$result = $postObj->insert();
if ($result){
$result = $postObj->customUpdate("weight = postid", "id = {$r['id']}", "order by postid desc limit 1");
// add weight=posts to the last post
// id = r[id] is a safety belt in case of parallel requests
die(json_encode($rarr));
}
} else if ( $r['action'] == 'feed' ){
// get feed for a user or a group
// userid, groupid
$postObj = new Posts($r);
if ($postObj->inputHas(['gid'])){
$postObj->checkInputHas(['id']);
// limit by post id
if ($postObj->inputHas(['after']))
$postObj->addSelection("postid > {$r['after']}");
else if ($postObj->inputHas(['before']))
$postObj->addSelection("postid < {$r['before']}");
// get posts from group
$postObj->addSelection("gid={$r['gid']}");
$res = $postObj->getPostFeed($r['id']);
$rarr['posts'] = array();
while ($row = $res->fetch_assoc())
$rarr['posts'][] = $row;
die (json_encode($rarr));
} else {
// get posts for a user
$postObj->checkInputHas(['id']);
// get user groups
$groups = $postObj->getUserGroups();
if ($groups != '')
$gq = "gid in ({$groups}) or";
else
$gq = '';
// limit by post id
if ($postObj->inputHas(['after']))
$postObj->addSelection("postid > {$r['after']}");
else if ($postObj->inputHas(['before']))
$postObj->addSelection("postid < {$r['before']}");
// get posts for user
$postObj->addSelection("{$gq} gid=1");
$res = $postObj->getPostFeed($r['id']);
$rarr['posts'] = array();
while ($row = $res->fetch_assoc())
$rarr['posts'][] = $row;
die (json_encode($rarr));
}
} else if ( $r['action'] == 'comment' ){
// make a comment on a post
// content, postid
$comObj = new Comments($r);
$comObj->checkTokenValid();
$comObj->checkInputHas(['content', 'postid']);
$comObj->addInsertsFromArray($r, ['id', 'content', 'postid']);
$comObj->addInsert('username', getUsername($r['id']));
$comObj->addInsert('doc', date('Y-m-d H:i:s'));
$result = $comObj->insert();
if ($result){
execQuery("update posts set commentcount=commentcount+1 where postid={$r['postid']}");
die( json_encode($rarr) );
}
} else {
makeError(ERR_NOACTION);
}
?>