refactor helpers
33 files changed, 102 insertions(+), 452 deletions(-)

M activate.php
M activity.php
M admin.php
M changelog.php
M classes/Page.php
R delete.php => 
R home.php => 
M home_update.php
R image.php => 
M includes/app.php
M includes/csrf.php
M includes/page.php
M includes/site_header.php
M index.php
R latest.php => 
M login.php
M logout.php
R page.php => 
M page_create.php
M page_delete.php
M page_update.php
R pages.php => 
M pages_index.php
M password-update.php
R profile.php => 
M register.php
M role.php
M settings.php
M site.php
R update.php => 
M upload.php
R user-feed.php => 
M widget.php
M activate.php +5 -5
@@ 1,27 1,27 @@ 
 <?php
 require 'includes/app.php';
 
-is_admin($user) or redirect("login.php");
+is_admin($User) or redirect("login.php");
 
 $errors = [];
 
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     $id = filter_input(INPUT_POST, 'id', FILTER_VALIDATE_INT) or page_not_found();
 
-    $selected = $GLOBALS['app']->getUser()->get($id);
+    $selected = $GLOBALS['App']->getUser()->get($id);
 
     if (!$selected) {
         $errors[] = "Can't find user";
     } else {
-        if ($GLOBALS['app']->getUser()->setRole($id, 2)) {
+        if ($GLOBALS['App']->getUser()->setRole($id, 2)) {
             $subject = "piclog - Welcome!";
             $message = "Hello $selected[name]! Your account has been activated. You can now post messages on " . URL . ".\n\nTalk to you soon!";
-            $GLOBALS['app']->getEmail()->send($selected['email'], $subject, $message);
+            $GLOBALS['App']->getEmail()->send($selected['email'], $subject, $message);
         }
     }
 }
 
-$users = $GLOBALS['app']->getUser()->getAllInactive();
+$users = $GLOBALS['App']->getUser()->getAllInactive();
 ?>
 
 <?php include 'includes/header.php'; ?>

          
M activity.php +2 -2
@@ 1,6 1,6 @@ 
 <?php
 require 'includes/app.php';
-$pages = $app->getPage()->getActivity();
+$pages = $App->getPage()->getActivity();
 ?>
 
 <?php include 'includes/header.php'; ?>

          
@@ 11,7 11,7 @@ require 'includes/app.php';
     <ul>
         <?php foreach ($pages as $page): ?>
             <li>
-                <?=home_link($page['user_id'], $page['name'])?> <?=timeAgo($page['updated_at'])?> ago <?=get_link($page['user_id'], $page['slug'])?>
+                <?=site_link($page['name'])?> <?=timeAgo($page['updated_at'])?> ago <?=site_link($page['name'], $page['slug'])?>
             </li>
         <?php endforeach; ?>
     </ul>

          
M admin.php +1 -1
@@ 1,7 1,7 @@ 
 <?php
 require 'includes/app.php';
 
-is_admin($user) or redirect("login.php");
+is_admin($User) or redirect("login.php");
 ?>
 
 <?php include 'includes/header.php'; ?>

          
M changelog.php +5 -4
@@ 1,8 1,9 @@ 
 <?php
 require 'includes/app.php';
-$id = get_id();
-$pages = $app->getPage()->getChangelog($id);
-$site_user = $GLOBALS['app']->getUser()->get($id) or page_not_found();
+
+$u = get_param("u");
+$pages = $App->getPage()->getChangelog($u);
+$site_user = $App->getUser()->getFromUsername($u) or page_not_found();
 ?>
 
 <?php include 'includes/site_header.php'; ?>

          
@@ 12,7 13,7 @@ require 'includes/app.php';
 
     <ul>
         <?php foreach ($pages as $page): ?>
-            <li><time><?=to_date($page['updated_at'])?></time> <?= get_link($id, $page['slug']) ?></li>
+            <li><time><?=to_date($page['updated_at'])?></time> <?=site_link($page['name'], $page['slug'])?></li>
         <?php endforeach; ?>
     </ul>
 

          
M classes/Page.php +5 -4
@@ 29,14 29,15 @@ class Page
                  LIMIT 100";
         return $this->db->runSQL($sql)->fetchAll();
     }
-    public function getChangelog($id)
+    public function getChangelog($name)
     {
         $sql = "SELECT
-                 slug, content, updated_at
+                 slug, content, updated_at, name
                  FROM pages
-                 WHERE user_id=?
+                 LEFT JOIN users on pages.user_id = users.id
+                 WHERE name=?
                  ORDER BY updated_at desc";
-        return $this->db->runSQL($sql, [$id])->fetchAll();
+        return $this->db->runSQL($sql, [$name])->fetchAll();
     }
 
     public function get($id, $slug)

          
R delete.php =>  +0 -36
@@ 1,36 0,0 @@ 
-<?php
-require 'includes/app.php';
-
-is_member($user) or redirect("login.php");
-
-$errors = [];
-$form = $App->getImage()->get(get_id()) or page_not_found();
-
-if ($_SERVER['REQUEST_METHOD'] === 'POST') {
-    if ($form['user_id'] === $user['id'] || is_admin($user)) {
-        if ($App->getImage()->delete($form['id'], $form['user_id'])) {
-            $App->getSession()->setFlash("Image deleted");
-            redirect("index.php");
-        } else {
-            $errors[]="Can't delete image";
-        }
-    } else {
-        page_not_found();
-    }
-}
-?>
-
-<?php include 'includes/header.php'; ?>
-
-<h1>Delete image</h1>
-
-<?php form_errors($errors) ?>
-
-<p>Are you sure you want to delete "<?=htmlspecialchars($form['filename'])?>"?</p>
-
-<form action="<?= $_SERVER['REQUEST_URI'] ?>" method="post" class="editor">
-    <?php include 'includes/csrf.php' ?>
-    <p><input type="submit" value="Confirm"/></p>
-</form>
-
-<?php include 'includes/footer.php'; ?>

          
R home.php =>  +0 -25
@@ 1,25 0,0 @@ 
-<?php
-require 'includes/app.php';
-
-$site_user = $app->getUser()->getFromUsername(get_user()) or page_not_found();
-$content = content_to_html2($site_user['home'], $site_user);
-?>
-
-<?php include 'includes/site_header.php'; ?>
-
-<main>
-<?php if ($content): ?>
-    <?= $content ?>
-<?php else: ?>
-    <h1><?= $site_user['name'] ?>'s site</h1>
-    <p>Welcome to your site! Use the edit button to edit this page.</p>
-<?php endif; ?>
-</main>
-
-<?php if (is_site_admin($site_user)): ?>
-    <nav class="page-admin">
-        <a href="home_update.php">Edit</a>
-    </nav>
-<?php endif; ?>
-
-<?php include 'includes/site_footer.php'; ?>
  No newline at end of file

          
M home_update.php +7 -7
@@ 1,28 1,28 @@ 
 <?php
 require 'includes/app.php';
 
-is_member($GLOBALS['user']) or redirect("login.php");
-$site_user = $GLOBALS['user'];
-$pages = $GLOBALS['app']->getPage()->getAll($GLOBALS['user']['id']);
+is_member($GLOBALS['User']) or redirect("login.php");
+$site_user = $GLOBALS['User'];
+$pages = $GLOBALS['App']->getPage()->getAll($GLOBALS['User']['id']);
 $errors = [];
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
-    $GLOBALS['user']['home'] = $_POST['home'];
+    $GLOBALS['User']['home'] = $_POST['home'];
 
     // todo validation
 
-    $GLOBALS['app']->getUser()->update($GLOBALS['user'], $errors);
+    $GLOBALS['App']->getUser()->update($GLOBALS['User'], $errors);
 }
 ?>
 <?php include 'includes/site_header.php'; ?>
 
 <main>
-    <h1>Editing <a href="<?=get_url($site_user['name'])?>">home</a></h1>
+    <h1>Editing <?=site_link($site_user['name'], null, "home")?></h1>
     <?php form_errors($errors) ?>
 
     <form action="<?= $_SERVER['REQUEST_URI'] ?>" method="post" enctype="multipart/form-data">
         <?php include 'includes/csrf.php' ?>
 
-        <textarea id="home" name="home" class="form-control" required><?= $GLOBALS['user']['home'] ?></textarea>
+        <textarea id="home" name="home" class="form-control" required><?= $GLOBALS['User']['home'] ?></textarea>
 
         <input type="submit" value="Submit"/>
     </form>

          
R image.php =>  +0 -33
@@ 1,33 0,0 @@ 
-<?php
-require 'includes/app.php';
-
-function is_author($user, $image)
-{
-    return is_member($user) && $user['id'] == $image['user_id'];
-}
-
-$id = get_id();
-$image = $App->getImage()->get($id);
-?>
-
-<?php include 'includes/header.php'; ?>
-<header>
-    <h1 class="title"><?= $image["filename"] ?></h1>
-    <div class="meta">
-        <a href="profile.php?id=<?= $image['user_id'] ?>"><?= $image['name'] ?></a>
-        <time><?= timeAgo($image["published_at"]) ?></time>
-    </div>
-</header>
-
-<img src="<?= file_path($image["user_id"], $image["filename"]) ?>"/>
-
-<p class="description"><?= $image["description"] ?></p>
-
-<?php if (is_author($user, $image) || is_admin($user)): ?>
-    <nav>
-        <a href="update.php?id=<?= $image["id"] ?>">edit</a> <a href="delete.php?id=<?= $image["id"] ?>">delete</a>
-    </nav>
-<?php endif; ?>
-
-<?php include 'includes/footer.php'; ?>
-

          
M includes/app.php +20 -77
@@ 6,12 6,12 @@ spl_autoload_register(function ($class) 
     require "classes/$class.php";
 });
 
-$GLOBALS['app'] = new App();
-$sess_id = $GLOBALS['app']->getSession()->id;
-$GLOBALS['user'] = $sess_id ? $GLOBALS['app']->getUser()->get($sess_id) : null;
+$App = new App();
+$sess_id = $App->getSession()->id;
+$User = $sess_id ? $App->getUser()->get($sess_id) : null;
 
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
-    $GLOBALS['app']->getSession()->verifyCSRF($_POST['csrf']) or page_not_found();
+    $App->getSession()->verifyCSRF($_POST['csrf']) or page_not_found();
 }
 
 function is_visitor($user)

          
@@ 31,7 31,7 @@ function is_admin($user)
 
 function is_site_admin($admin)
 {
-    return is_member($GLOBALS['user']) && $admin['id'] === $GLOBALS['user']['id'];
+    return is_member($GLOBALS['User']) && $admin['id'] === $GLOBALS['User']['id'];
 }
 
 function redirect($page)

          
@@ 76,31 76,13 @@ function get_id()
     return $id;
 }
 
-function get_slug()
+function get_param($param)
 {
-    if (!($slug = filter_input(INPUT_GET, 'slug', FILTER_SANITIZE_SPECIAL_CHARS))) {
+    if (!($rv = filter_input(INPUT_GET, $param, FILTER_SANITIZE_SPECIAL_CHARS))) {
         page_not_found();
     }
 
-    return $slug;
-}
-
-function get_user()
-{
-    if (!($slug = filter_input(INPUT_GET, 'u', FILTER_SANITIZE_SPECIAL_CHARS))) {
-        page_not_found();
-    }
-
-    return $slug;
-}
-
-function get_page()
-{
-    if (!($page = filter_input(INPUT_GET, 'p', FILTER_VALIDATE_INT))) {
-        return 1;
-    }
-
-    return $page;
+    return $rv;
 }
 
 function timeAgo($dateString)

          
@@ 126,42 108,22 @@ function timeAgo($dateString)
     return $output;
 }
 
-function get_link($user_id, $slug)
+function site_link($name, $page = null, $value = null)
 {
-    return "<a href=\"page.php?id=$user_id&slug=$slug\">$slug</a>";
-}
-
-function get_link2($username, $slug = null)
-{
-    if (isset($slug)) {
-        return "<a href=\"site.php?u=$username&p=$slug\">$slug</a>";
-    } else {
-        return "<a href=\"site.php?u=$username\">$username</a>";
-    }
+    $qs = "u=$name";
+    $page && $qs .= "&p=$page";
+    $label = $value ?: ($page ?: $name);
+    return "<a href=\"site.php?$qs\">$label</a>";
 }
 
-function get_url($username, $page = null)
+function edit_link($page)
 {
-    if (isset($page)) {
-        return "site.php?u=$username&p=$page";
-    } else {
-        return "site.php?u=$username";
-    }
+    return "<a href=\"page_update.php?p=$page\">Edit</a>";
 }
 
-function home_link($user_id, $name)
-{
-    return "<a href=\"home.php?u=$name\">$name</a>";
-}
-
-function edit_link($slug)
+function delete_link($page)
 {
-    return "<a href=\"page_update.php?&slug=$slug\">Edit</a>";
-}
-
-function delete_link($slug)
-{
-    return "<a href=\"page_delete.php?&slug=$slug\">Delete</a>";
+    return "<a href=\"page_delete.php?p=$page\">Delete</a>";
 }
 
 function gmi($text)

          
@@ 224,30 186,11 @@ function gmi($text)
 }
 
 define('LINK_REGEXP', '/\[\[([a-z0-9_-]+)\]\]/');
-function content_to_html($content, $user_id)
-{
-    return preg_replace_callback(LINK_REGEXP, function ($match) use ($user_id) {
-        $slug = $match[1];
-        return get_link($user_id, $slug);
-    }, gmi($content));
-}
-function content_to_html2($content, $user)
+
+function content_to_html($content, $user)
 {
     return preg_replace_callback(LINK_REGEXP, function ($match) use ($user) {
         $slug = $match[1];
-        return get_link2($user['name'], $slug);
+        return site_link($user['name'], $slug);
     }, gmi($content));
 }
-
-function nav_admin()
-{
-    return join(" ", [
-        "<footer>",
-        "<nav>",
-        "<a href=\"page_create.php\">Add page</a>",
-        "<a href=\"settings.php\">Settings</a>",
-        "<a href=\"logout.php\">Logout</a>",
-        "</nav>",
-        "</footer>",
-    ]);
-}
  No newline at end of file

          
M includes/csrf.php +1 -1
@@ 1,1 1,1 @@ 
-<input type="hidden" name="csrf" value="<?= $GLOBALS['app']->getSession()->getCSRF() ?>" >
+<input type="hidden" name="csrf" value="<?= $GLOBALS['App']->getSession()->getCSRF() ?>" >

          
M includes/page.php +1 -1
@@ 22,7 22,7 @@ 
         <nav class="related">
             <span>Related:</span>
             <?php foreach ($related as $r): ?>
-                <?= get_link2($site_user['name'], $r['slug']) ?>
+                <?= site_link($site_user['name'], $r['slug']) ?>
             <?php endforeach; ?>
         </nav>
     <?php endif; ?>

          
M includes/site_header.php +2 -2
@@ 14,9 14,9 @@ 
 
 <header>
     <nav>
-        <a href="<?=get_url($site_user['name'])?>">Home</a>
+        <?=site_link($site_user['name'], null, "Home")?>
         <a href="pages_index.php?id=<?=$site_user['id']?>">Pages</a>
-        <a href="changelog.php?id=<?=$site_user['id']?>">Changelog</a>
+        <a href="changelog.php?u=<?=$site_user['name']?>">Changelog</a>
     </nav>
 </header>
 

          
M index.php +3 -3
@@ 1,8 1,8 @@ 
 <?php
 require 'includes/app.php';
 
-if (is_member($user)) {
-    redirect("site.php?u=$user[name]");
+if (is_member($User)) {
+    redirect("site.php?u=$User[name]");
 }
 ?>
 

          
@@ 10,7 10,7 @@ if (is_member($user)) {
 
 <h1>tomoni</h1>
 
-<?php if (is_visitor($GLOBALS['user'])): ?>
+<?php if (is_visitor($GLOBALS['User'])): ?>
     <p class="is-visitor">You account is pending activation. You will be notified by email when activated.</p>
 <?php endif ?>
 

          
R latest.php =>  +0 -17
@@ 1,17 0,0 @@ 
-<?php
-include 'includes/app.php';
-
-$id = get_id();
-$images = $App->getImage()->getFromUser($id, 1);
-if (!count($images)) {
-    http_response_code(404);
-    exit;
-}
-$filename = file_path($id, $images['rows'][0]['filename']);
-
-header("Content-Type: image/jpeg");
-header("Content-Length: " . filesize($filename));
-
-$fp = fopen($filename, 'rb');
-
-fpassthru($fp);

          
M login.php +2 -2
@@ 12,8 12,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
     Validate::isPassword($password) or $errors[] = "Wrong password";
 
     if (!count($errors)) {
-        if ($member = $GLOBALS['app']->getUser()->login($email, $password, $errors)) {
-            $GLOBALS['app']->getSession()->login($member['id']);
+        if ($member = $GLOBALS['App']->getUser()->login($email, $password, $errors)) {
+            $GLOBALS['App']->getSession()->login($member['id']);
             redirect('index.php');
         }
     }

          
M logout.php +1 -1
@@ 2,5 2,5 @@ 
 
 require 'includes/app.php';
 
-$GLOBALS['app']->getSession()->logout();
+$GLOBALS['App']->getSession()->logout();
 header('Location: .');

          
R page.php =>  +0 -49
@@ 1,49 0,0 @@ 
-<?php
-require 'includes/app.php';
-
-$slug = get_slug();
-$site_user = $app->getUser()->getFromUsername(get_user()) or page_not_found();
-$page = $GLOBALS['app']->getPage()->get($site_user['id'], $slug);
-$related = $GLOBALS['app']->getPage()->related($site_user['id'], $slug);
-?>
-
-<?php include 'includes/site_header.php'; ?>
-
-<main>
-    <?php if ($page): ?>
-        <?= content_to_html2($page['content'], $site_user) ?>
-    <?php else: ?>
-        <h1>Not found</h1>
-        <?php if (is_site_admin($site_user)): ?>
-            <p>Create page for <?= $slug ?>?</p>
-            <form action="page_create.php" method="post" enctype="multipart/form-data">
-                <?php include 'includes/csrf.php' ?>
-
-                <input id="title" type="hidden" name="name" autocomplete="off" value="<?= $slug ?>"
-                       class="form-control"/>
-
-                <input type="submit" value="Create"/>
-            </form>
-        <?php endif; ?>
-    <?php endif; ?>
-</main>
-
-<?php if (count($related)): ?>
-    <section class="related">
-        <nav>
-            <span>Related:</span>
-            <?php foreach ($related as $r): ?>
-                <?= get_link2($site_user['name'], $r['slug']) ?>
-            <?php endforeach; ?>
-        </nav>
-    </section>
-<?php endif; ?>
-
-<?php if ($page && is_site_admin($site_user)): ?>
-    <nav class="page-admin">
-        <?= edit_link($slug) ?>
-        <?= delete_link($slug) ?>
-    </nav>
-<?php endif; ?>
-
-<?php include 'includes/site_footer.php'; ?>

          
M page_create.php +4 -4
@@ 1,8 1,8 @@ 
 <?php
 require 'includes/app.php';
 
-is_member($GLOBALS['user']) or redirect("login.php");
-$site_user = $user;
+is_member($GLOBALS['User']) or redirect("login.php");
+$site_user = $User;
 $errors = [];
 $form = [
     "name" => '',

          
@@ 18,8 18,8 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST'
     Validate::isPage($name) or $errors[] = "Slug can only contain a-z0-9_-";
 
     if (!count($errors)) {
-        $id = $GLOBALS['app']->getPage()->create($GLOBALS['user']['id'], $name, '');
-        redirect("page_update.php?slug=$name");
+        $id = $App->getPage()->create($User['id'], $name, '');
+        redirect("page_update.php?p=$name");
     }
 }
 ?>

          
M page_delete.php +6 -6
@@ 1,15 1,15 @@ 
 <?php
 require 'includes/app.php';
 
-is_member($GLOBALS['user']) or redirect("login.php");
-$slug = get_slug();
-$site_user = $user;
+is_member($User) or redirect("login.php");
+$p = get_param("p");
+$site_user = $User;
 $errors = [];
-$form = $GLOBALS['app']->getPage()->get($GLOBALS['user']['id'], $slug) or page_not_found();
+$form = $App->getPage()->get($User['id'], $p) or page_not_found();
 
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
-    $GLOBALS['app']->getPage()->delete($GLOBALS['user']['id'], $slug);
-    $GLOBALS['app']->getSession()->setFlash("Page deleted");
+    $App->getPage()->delete($User['id'], $p);
+    $App->getSession()->setFlash("Page deleted");
     redirect("index.php");
 }
 ?>

          
M page_update.php +8 -7
@@ 1,11 1,11 @@ 
 <?php
 require 'includes/app.php';
 
-is_member($GLOBALS['user']) or redirect("login.php");
-$slug = get_slug();
+is_member($User) or redirect("login.php");
+$p = get_param("p");
 $errors = [];
-$site_user = $GLOBALS['user'];
-$form = $app->getPage()->get($GLOBALS['user']['id'], $slug) or page_not_found();
+$site_user = $User;
+$form = $App->getPage()->get($User['id'], $p) or page_not_found();
 
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     $form['content'] = $_POST['content'];

          
@@ 13,14 13,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
     // todo validation
 
     if (!count($errors)) {
-        $GLOBALS['app']->getPage()->update($GLOBALS['user']['id'], $slug, $form['content']);
+        $App->getPage()->update($User['id'], $p, $form['content']);
     }
 }
 ?>
+
 <?php include 'includes/site_header.php'; ?>
 
 <main>
-    <h1>Editing <?= get_link2($site_user['name'], $form['slug']) ?></h1>
+    <h1>Editing <?= site_link($site_user['name'], $form['slug']) ?></h1>
 
     <?php form_errors($errors) ?>
 

          
@@ 34,7 35,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
 </main>
 
 <nav class="page-admin">
-    <?= delete_link($slug) ?>
+    <?= delete_link($p) ?>
 </nav>
 
 <?php include 'includes/site_footer.php'; ?>

          
R pages.php =>  +0 -26
@@ 1,26 0,0 @@ 
-<?php
-require 'includes/app.php';
-
-is_member($GLOBALS['user']) or redirect("login.php");
-$pages = $GLOBALS['app']->getPage()->getAll($user['id']);
-?>
-
-<?php include 'includes/header.php'; ?>
-
-<h1>Pages</h1>
-<p><a href="page_create.php">create page</a></p>
-<table>
-    <tr>
-        <td><a href="home.php?id=<?=$user['id']?>">home</a></td>
-        <td><a href="home_update.php">edit</a></td>
-        <td></td>
-    </tr>
-    <?php foreach ($pages as $page): ?>
-        <tr>
-            <td><?= get_link($user['id'], $page['slug']) ?></td>
-            <td><?= "<a href=\"page_update.php?slug=$page[slug]\">edit</a>" ?></td>
-            <td><?= "<a href=\"page_delete.php?slug=$page[slug]\">delete</a>" ?></td>
-        </tr>
-    <?php endforeach ?>
-</table>
-<?php include 'includes/footer.php'; ?>

          
M pages_index.php +4 -3
@@ 1,8 1,9 @@ 
 <?php
 require 'includes/app.php';
+
 $id = get_id();
-$pages = $GLOBALS['app']->getPage()->getAll($id);
-$site_user = $GLOBALS['app']->getUser()->get($id) or page_not_found();
+$pages = $App->getPage()->getAll($id);
+$site_user = $App->getUser()->get($id) or page_not_found();
 ?>
 
 <?php include 'includes/site_header.php'; ?>

          
@@ 12,7 13,7 @@ require 'includes/app.php';
 
     <ul>
         <?php foreach ($pages as $page): ?>
-            <li><?= get_link2($site_user['name'], $page['slug']) ?></li>
+            <li><?= site_link($site_user['name'], $page['slug']) ?></li>
         <?php endforeach; ?>
     </ul>
 

          
M password-update.php +2 -2
@@ 1,7 1,7 @@ 
 <?php
 require 'includes/app.php';
 
-is_member($user) or redirect("login.php");
+is_member($User) or redirect("login.php");
 
 $errors = [];
 

          
@@ 16,7 16,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
     }
 
     if (!count($errors)) {
-        $App->getUser()->updatePassword($user['id'], $password);
+        $App->getUser()->updatePassword($User['id'], $password);
         $App->getSession()->setFlash("Password updated");
     }
 }

          
R profile.php =>  +0 -43
@@ 1,43 0,0 @@ 
-<?php
-require 'includes/app.php';
-
-$id = get_id();
-$page = get_page();
-$profile = $App->getUser()->get($id) or page_not_found();
-$res = $App->getImage()->getFromUser($id, $page);
-$images = $res['rows'];
-$next_page = $res['next_page'];
-?>
-
-<?php include 'includes/header.php'; ?>
-<h1><?= $profile['name'] ?></h1>
-
-<p class="about"><?= $profile['cover'] ?></p>
-<p class="rss"><a href="user-feed.php?id=<?= $profile['id'] ?>">Subscribe via RSS</a></p>
-
-<?php foreach ($images as $image): ?>
-    <article>
-        <header>
-            <h2 class="title"><a href="<?= image_path($image["id"]) ?>"><?= $image["filename"] ?></a></h2>
-            <div class="meta">
-                <time><?= timeAgo($image["published_at"]) ?></time>
-            </div>
-        </header>
-
-        <img src="<?= file_path($image["user_id"], $image["filename"]) ?>"/>
-        <p class=" description"><?= $image["description"] ?></p>
-    </article>
-<?php endforeach; ?>
-
-<div class="pagination">
-    <?php if ($next_page): ?>
-        <a href="profile.php?id=<?= $id ?>&p=<?= $page + 1 ?>">Next page</a>
-    <?php endif; ?>
-
-    <?php if ($page > 1): ?>
-        <a href="profile.php?id=<?= $id ?>&p=<?= $page - 1 ?>">Previous page</a>
-    <?php endif; ?>
-</div>
-
-<?php include 'includes/footer.php'; ?>
-

          
M register.php +3 -3
@@ 25,15 25,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
     }
 
     if (!count($errors)) {
-        $id = $GLOBALS['app']->getUser()->create([
+        $id = $GLOBALS['App']->getUser()->create([
             "name" => $form['name'],
             "email" => $form['email'],
             "cover" => $form['cover'],
             "password" => $password,
         ], $errors);
         if ($id !== false) {
-            $GLOBALS['app']->getSession()->login($id);
-            $GLOBALS['app']->getSession()->setFlash("Thanks for registering! You will be able to start posting as soon as your account gets activated!");
+            $GLOBALS['App']->getSession()->login($id);
+            $GLOBALS['App']->getSession()->setFlash("Thanks for registering! You will be able to start posting as soon as your account gets activated!");
             redirect("index.php");
         }
     }

          
M role.php +3 -3
@@ 1,7 1,7 @@ 
 <?php
 require 'includes/app.php';
 
-is_admin($user) or redirect("login.php");
+is_admin($User) or redirect("login.php");
 
 $errors = [];
 

          
@@ 9,7 9,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
     $id = filter_input(INPUT_POST, 'id', FILTER_VALIDATE_INT) or page_not_found();
     $role = filter_input(INPUT_POST, 'role', FILTER_VALIDATE_INT);
 
-    $selected = $GLOBALS['app']->getUser()->get($id);
+    $selected = $GLOBALS['App']->getUser()->get($id);
 
     if (!$selected) {
         $errors[] = "Can't find user";

          
@@ 18,7 18,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
     }
 }
 
-$users = $GLOBALS['app']->getUser()->getAll();
+$users = $GLOBALS['App']->getUser()->getAll();
 ?>
 
 <?php include 'includes/header.php'; ?>

          
M settings.php +5 -5
@@ 1,10 1,10 @@ 
 <?php
 require 'includes/app.php';
 
-$user or redirect("login.php");
-$site_user = $user;
+$User or redirect("login.php");
+$site_user = $User;
 $errors = [];
-$form = $user;
+$form = $User;
 
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     $form['name'] = $_POST['name'];

          
@@ 17,8 17,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
     !empty($form['cover']) or $errors[] = "Tell us a few words about you";
 
     if (!count($errors)) {
-        if ($app->getUser()->update($form, $errors)) {
-            $app->getSession()->setFlash("Settings updated");
+        if ($App->getUser()->update($form, $errors)) {
+            $App->getSession()->setFlash("Settings updated");
             $site_user['style'] = $form['style'];
         }
     }

          
M site.php +6 -6
@@ 1,19 1,19 @@ 
 <?php
 require 'includes/app.php';
 
-$u = get_user();
+$u = get_param("u");
 $p = filter_input(INPUT_GET, 'p', FILTER_SANITIZE_SPECIAL_CHARS);
-$site_user = $app->getUser()->getFromUsername($u) or page_not_found();
+$site_user = $App->getUser()->getFromUsername($u) or page_not_found();
 $is_admin = is_site_admin($site_user);
 
 if ($p) {
-    $page = $app->getPage()->get($site_user['id'], $p);
-    $related = $app->getPage()->related($site_user['id'], $p);
+    $page = $App->getPage()->get($site_user['id'], $p);
+    $related = $App->getPage()->related($site_user['id'], $p);
     if ($page) {
-        $content = content_to_html2($page['content'], $site_user);
+        $content = content_to_html($page['content'], $site_user);
     }
     include 'includes/page.php';
 } else {
-    $content = content_to_html2($site_user['home'], $site_user);
+    $content = content_to_html($site_user['home'], $site_user);
     include 'includes/home.php';
 }
  No newline at end of file

          
R update.php =>  +0 -44
@@ 1,44 0,0 @@ 
-<?php
-require 'includes/app.php';
-
-is_member($user) or redirect("login.php");
-
-$errors = [];
-$form = $App->getImage()->get(get_id()) or page_not_found();
-
-if ($_SERVER['REQUEST_METHOD'] === 'POST') {
-    if ($form['user_id'] === $user['id'] || is_admin($user)) {
-        $form['description'] = $_POST['description'];
-        Validate::isFilename($_POST['filename']) or $errors [] = 'Wrong file name';
-        if ($form['filename'] !== $_POST['filename']) {
-            Validate::isAvailableFilename($user['id'], $_POST['filename']) or $errors [] = 'File already exists';
-        }
-        Validate::isAcceptableHTML($form['description']) or $errors [] = "Description has a forbidden HTML tag";
-
-        if (!count($errors)) {
-            $App->getImage()->update($form['id'], $form['user_id'], $form['filename'], $_POST['filename'], $form['description']);
-            $App->getSession()->setFlash("Image updated");
-            redirect("index.php");
-        }
-    }
-}
-?>
-
-<?php include 'includes/header.php'; ?>
-
-    <h1>Update image</h1>
-<?= form_errors($errors) ?>
-    <form action="<?= $_SERVER['REQUEST_URI'] ?>" method="post" enctype="multipart/form-data">
-        <?php include 'includes/csrf.php' ?>
-        <label for="name">Filename:</label>
-        <input type="text" id="filename" name="filename" autocomplete="off" value="<?= $form['filename'] ?>"
-               class="form-control" required/>
-
-        <label for="description">Description:</label>
-        <textarea name="description" id="description" class="form-control"
-                  required"><?= $form['description'] ?></textarea>
-
-        <input type="submit" value="Submit"/>
-    </form>
-
-<?php include 'includes/footer.php'; ?>
  No newline at end of file

          
M upload.php +4 -4
@@ 1,7 1,7 @@ 
 <?php
 require 'includes/app.php';
 
-is_member($user) or redirect("login.php");
+is_member($User) or redirect("login.php");
 
 function resize_image_gd($orig_path, $new_path, $max_width, $max_height)
 {

          
@@ 60,11 60,11 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST'
         // check form
         $_FILES['image']['size'] <= $max_size or $errors [] = ' File too big (512kB max)';
         Validate::isFilename($_FILES['image']['name']) or $errors [] = 'Wrong file name';
-        Validate::isAvailableFilename($user['id'], $_FILES['image']['name']) or $errors [] = 'File already exists';
+        Validate::isAvailableFilename($User['id'], $_FILES['image']['name']) or $errors [] = 'File already exists';
 
         if (!count($errors)) {
             $temp = $_FILES['image']['tmp_name'];
-            $path = file_path($user['id'], $_FILES['image']['name']);
+            $path = file_path($User['id'], $_FILES['image']['name']);
             $resized = resize_image_gd($temp, $path, 400, 400);
         }
     }

          
@@ 75,7 75,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST'
         $id = $App->getImage()->create([
             "filename" => $_FILES['image']['name'],
             "description" => $_POST['description'],
-            "user_id" => $user['id']
+            "user_id" => $User['id']
         ]);
         redirect('image.php?id=' . $id);
     }

          
R user-feed.php =>  +0 -24
@@ 1,24 0,0 @@ 
-<?php
-require 'includes/app.php';
-
-header('Content-Type: application/xml');
-$id = get_id();
-$profile = $App->getUser()->get($id) or page_not_found();
-$images = $App->getImage()->getFromUser($id, 1);
-?>
-    <rss version="2.0">
-        <channel>
-            <title><?= $profile['name'] ?></title>
-            <description>piclog feed</description>
-            <link><?= URL . '/profile.php?id=' . $profile['id'] ?></link>
-            <?php foreach ($images as $image): ?>
-                <item>
-                    <title><?= $image['filename'] ?></title>
-                    <pubDate><?= date(DATE_RSS, strtotime($image['published_at'])) ?></pubDate>
-                    <guid><?= URL . '/image.php?id=' . $image['id'] ?></guid>
-                    <link><?= URL . '/image.php?id=' . $image['id'] ?></link>
-                </item>
-            <?php endforeach; ?>
-        </channel>
-    </rss>
-<?php

          
M widget.php +2 -2
@@ 6,8 6,8 @@ require 'includes/app.php';
 <h1>Widget</h1>
 <p>Add the following snippet to your site to show your latest picture. Feel free to customize how it looks like!</p>
 <textarea
-        style="width: 100%;"><a href="<?= URL ?>/profile.php?id=<?= $user['id']; ?>"><img src="<?= URL ?>/latest.php?id=<?= $user['id']; ?>"></a></textarea>
-<p><a href="<?= URL ?>/profile.php?id=<?= $user['id']; ?>"><img src="<?= URL ?>/latest.php?id=<?= $user['id']; ?>"></a>
+        style="width: 100%;"><a href="<?= URL ?>/profile.php?id=<?= $User['id']; ?>"><img src="<?= URL ?>/latest.php?id=<?= $User['id']; ?>"></a></textarea>
+<p><a href="<?= URL ?>/profile.php?id=<?= $User['id']; ?>"><img src="<?= URL ?>/latest.php?id=<?= $User['id']; ?>"></a>
 </p>
 
 <?php include 'includes/footer.php'; ?>